Please refer to the editor’s commentary for the context to this article
Crawford Temple, CEO and founder of Professional Passport, on why Agencies Face Collective Liability from April 2026.
From April 2026, recruitment agencies and hirers will face one of the biggest compliance challenges the sector has ever witnessed. The new Joint and Several Liability (JSL) rules, as laid out in the Finance Bill, are part of the Government’s strategy to clamp down on non-compliance in the umbrella market. But Crawford Temple, CEO of Professional Passport, the UK’s largest independent assessor of payment intermediary compliance, argues that the label “joint and several” hides an uncomfortable truth, and what we are really dealing with is Collective Liability, where agencies and hirers risk being forced to underwrite not only their own workers’ tax liabilities, but also those of others in the supply chain.
This means that if an umbrella company or payroll provider fails to pay PAYE to HMRC, agencies may have to pay that money again – even if they already paid it to the umbrella in good faith. Put bluntly: without the ability to prove, beyond doubt, that PAYE for their own workers has been paid directly to HMRC under the correct reference, agencies are exposed.
Why current processes and accreditations fall short
For years, agencies have relied on industry accreditations, payslip checks, and RTI verifications to gain comfort around compliance. These tools, while useful for risk profiling, are no protection against liability. Once JSL takes effect, HMRC will not be interested in whether an agency performed checks; they will simply ask whether PAYE relating to that agency’s worker was paid. If it wasn’t, liability can be apportioned across all agencies using that umbrella, regardless of their own conduct. Accreditations and checks do not protect against PAYE liability.
This is where the current system unravels. Payslip checks can be faked, RTI confirmations can be manipulated, and portals can be fabricated to mimic HMRC systems. Fake bank statements and fake VAT submissions, payroll systems deliberately coded to conceal disguised remuneration schemes, payslips withheld from workers and only generated when requested by an agency and umbrellas offering credit terms to agencies, leading to insolvency and unpaid PAYE are just some of scams that have been identified.
All these scenarios expose agencies to risk far beyond their control. Worse, agencies are rarely notified when HMRC begins an investigation, leaving them in the dark until liabilities have escalated. By then, indemnities and contracts provide little to no defence.
In short: trust is not a compliance strategy. The only meaningful shield is a verifiable audit trail proving PAYE has been paid for each worker.
The four steps to true protection
The only workable route for agencies to protect themselves lies in creating and maintaining an indisputable audit trail that HMRC will accept as proof. This audit trail is built on four critical steps:
Step One: Confirm amounts sent to the umbrella
Every agency must input and confirm, by worker, the exact sums they remit to the umbrella. This is the foundation of the audit trail and ensures there is no ambiguity about what has been paid on behalf of each worker.
Step Two: Ensure payroll software accuracy
Manipulated payroll systems have been used to hide disguised remuneration and other non-compliant practices. Agencies must validate that the payroll software produces accurate results and has not been compromised by hidden codes or workarounds. If errors or manipulations exist in the audit trail, the agency remains liable.
Step Three: Demonstrate full payroll calculations and deductions
Agencies need to hold detailed records that break down gross pay, deductions, and resulting liabilities – by worker and by payroll run. This transparency is essential in showing that all calculations are correct and correspond directly with payments made.
Step Four: Pay PAYE directly to HMRC under the umbrella’s reference
The final, and most crucial, step is ensuring PAYE is paid directly to HMRC by the agency, quoting the umbrella’s PAYE reference. This closes the loop and proves beyond doubt that the agency has met its obligations in respect of its own workers.
By completing these steps, an agency removes itself from the Collective Liability chain.
Demonstrable compliance
The new legislation is designed to remove bad actors from the sector, but in doing so it places unprecedented responsibility on agencies, and unless you can prove that PAYE for your workers has been paid, you are working on a “trust me, it’s alright” basis. And trust is not a defence when HMRC comes calling.
The changes coming are not incremental adjustments but a decisive end to the long-running game of regulatory hide-and-seek that has undermined confidence in the temporary labour market. From April 2026, ignorance will offer no defence, and no excuses are allowed. Agencies must be able to demonstrate clear, end-to-end control of their supply chains, with verified engagement processes and active oversight of tax compliance at every level. The costs of getting this wrong could be catastrophic. Even a single shortfall – whether from an error, a disguised remuneration scheme, or another agency’s financial failure – could see HMRC spread liabilities across all relevant parties.
Those who prepare now will be best positioned to protect their business, reassure their clients, and build credibility in a market that is demanding stricter regulation and accountability. Protection lies not in accreditations or payslip checks but in the creation of a robust, demonstrable audit trail that proves every pound of PAYE has been paid.
