HM Revenue and Customs has confirmed that almost three-quarters of people who had their Child Benefit payments stopped in a botched crackdown on fraud last year have now had them reinstated.
More than 23,000 Child Benefit recipients had payments frozen after a new checks regime went live in August, following an earlier pilot. While the 2024 pilot scheme was judged to have been a success at identifying people who had left the UK for more than eight weeks – normally enough to invalidate their entitlement – the rolled-out version of the scheme removed a crucial check of Pay As You Earn data from the early stages of the process.
As a result, thousands of people had their Child Benefit wrongly stopped because of Home Office data suggesting they had left the UK but not returned. Residents of Northern Ireland who left the country and returned via airports in the Republic of Ireland were among the problem cases encountered.
In an update to members of parliament’s Treasury Select Committee last week, HMRC permanent secretary John-Paul Marks said that of 23,794 claimants who had a “compliance enquiry” opened against them as part of the drive, 17,048 had seen their payments resumed as of the end of December.
Marks said the figure represented 71% of the “cohort” who had been flagged by the new checks regime. He said 1,109 of those whose payments were stopped – just under 5% – had been deemed to be non-compliant.
Enquiries are still open in relation to 5,600 of the cases. Marks said that in those situations, customers had not responded to letters, phone calls or other contacts from HMRC and were deemed to have left the country.
The latest figures for Child Benefit payments being reinstated are significantly higher than those Marks gave to the Treasury Committee in November, when the number of cases of payments being restored was framed as “more than 3,600”.
At that time, Marks told the committee that changes had already been implemented to the Child Benefit checks regime that restored an early-stage look at PAYE records to see whether Child Benefit recipients were working and paying tax in the UK, as a counterbalance to what travel data indicated.
Further changes to "strengthen the process" for the crackdown involve customers being “given at least one month to evidence their entitlement” when a query is raised, and a further month to respond before a decision to terminate payments is considered.
Northern Ireland residents have also been exempted from some elements of the international travel checks because of the problems witnessed last summer.
Marks told MPs last week that part of the learning from last year’s problems was “about strengthening the governance from pilot to business-as-usual”.
“The important thing now is making all the changes to the customer journey,” he said. “We will take it very slowly this New Year to get it right because we do have a fraud-and-error exposure that is a quarter of a billion pounds a year.”
Treasury Committee chair Dame Meg Hillier asked how HMRC had failed to recognise the possibility that Northern Ireland residents may leave the country by a UK port monitored by the Home Office but return home via the Republic of Ireland when it rolled out the checks regime.
Jonathan Athow, director general for customer strategy and tax design at HMRC, said he believed the size of the original pilot for the Child Benefit checks regime may have been the reason.
He said that while the pilot had involved 200,000 recipients of Child Benefit, and identified 5,000 cases where “non-compliance” was suspected, it was probable that only 140 cases in Northern Ireland had been looked at.
Athow said that number of cases may not have been enough to reveal an issue in relation to the common travel area that includes the United Kingdom and the Republic of Ireland.
He acknowledged that HMRC had not picked up on the issue of people travelling from Northern Ireland to Dublin Airport.
“More generally, we know that the data we get from the Home Office on entries and exits is imperfect, and we were very clear on that all the way through,” he said. “It should only be the start of an enquiry, not determining whether someone is eligible or not.”
Cost of phishing scam hits £56.7m
Last week’s Treasury Committee session also got an update on the cost of a phishing scam that targeted around 100,000 PAYE customer accounts.
In June last year Marks told MPs that compromised accounts had been locked down and in some cases deleted because of an “historic” organised-crime drive to obtain customer data and use it to fraudulently request tax repayments.
At the time, the cost of the attack was estimated at £47m. HMRC’s annual report and accounts for 2024-25, published the following month, gave a cost of £48.8m.
On Tuesday, Marks told MPs that the cost of the attack had now increased by nearly £8m.
“On that PAYE organised attack, we wrote to all 100,00 affected customers,” he said. “The loss when we last saw you was just under £49m. We disclosed that in our accounts.
“We remediated all the cases and the final outturn was £56.7m. So it was marginally higher than what we knew at the time. And arrests were made and we worked through the Romanian authorities and with authorities in the UK.”
Marks told MPs he believes that HMRC’s “underlying resilience” in relation to phishing and cyberattacks continues to improve, and that a programme of work is planned for the current Spending Review period.
He said the department had now established a dedicated fraud-prevention centre and recruited a new “disaster recovery” director as part of the work.