Is your recruitment agency truly protected against compliance risk? Are you sure? Legal teams may not be aware of several recent developments and hidden dangers set to impact the hiring process.
With the chronic skills shortage set to worsen, employers are turning further towards the lower-cost higher-ROI option of contract hiring, with more than 90% of jobs set to be project-based or involve flexible work arrangements in the coming years. Temporary staffing agencies are in prime position to capitalise on this opportunity – but must avoid £million fines and reputational damage during the journey.
Generate’s payroll and contractor management specialists reveal how agency leaders can both remain on the right side of the law and maximise opportunity for new business growth.
5 Risks Recruitment Agency Owners Will Face In 2024 & 2025
- AI Breaching Equality Legislation & Harming Talent Acquisition
Although tech can never replace the value of strong relationships in the hiring journey, Artificial Intelligence is increasingly harnessed in recruitment processes across the globe to complement consultancy services. Hiring managers and consultants are saving time by automating responses to hundreds of applications per job advert, parsing CVs and standardising the longlist and shortlist process, and screening out applications from unsuitable candidates. The compliance risks of recruitment AI are often neglected in favour of the benefits – but present major potential impact to consultancies if unaddressed.
Whilst most companies across sectors are now aware of the financial benefits to be gained by embracing Diversity & Inclusion – and the brand damage caused by non-inclusive discriminatory behaviour – failing to operate diverse and inclusive practices could also constitute breaking the law.
The Equality Act 2010 protects individuals from discrimination in the workplace and in wider society. Any business operating in the UK or Europe must comply with this legislation to remain on the right side of the law. The very nature of business means staffing agencies are under the Act’s obligations with almost every process, action and conversation every day – and must safeguard accordingly to guarantee compliance across their organisations. AI adoption in the recruitment process has delivered countless examples of non-compliance with the Equality Act and similar D&I legislation across the globe, including:
- Bloomberg reported in 2024 that OpenAI’s Chat GPT 3.5 displayed preferences for candidates of specific racial backgrounds. When asked to rank CVs 1,000 times, GPT 3.5 favoured names from specific demographics, to an extent that would fail official benchmarks used to assess job discrimination against minority groups. At least one diverse demographic was negatively impacted for every single job listing tested.
- Amazon shut down its experimental AI recruiting tool after discovering the technology discriminated against female applicants. The tool was created to scour the internet for potential Amazon candidates and rank them on their suitability for roles, however the algorithm began to automatically downgrade the CVs of female applicants when assessing for technical jobs such as software developer.
- iTutor Group used AI-powered application software that automatically rejected female job applicants aged over 55 and male applicants over 60, regardless of their qualifications or experience. The case of AI-driven age discrimination cost the company $356,000.
Employers who do not comply with equality legislation could be liable for criminal charges, face legal battles or receive financial penalties. The long-term impact of non-compliance on business growth is also mammoth. Breach of equality legislation could see unrecoverable brand damage for the recruitment agency in question, not just amongst diverse groups but potentially amongst all candidate bases. Hiring agencies could lose both existing relationships and new business opportunities with clients and candidates who prefer to partner recruitment agencies with truly inclusive and equitable reputations.
- Direct Financial Liability Due to New Legislation
Three years after off-payroll legislation updates placed responsibility for IR35 status determination onto businesses rather than self-employed workers themselves, recruiters are contending with new challenges on behalf of their clients and contractors both. Recent legislation changes appear to provide relief for a major compliance frustration – but the new updates open up recruitment agencies to an alarming level of legal threat if not managed correctly.
Inaccurate status determination can result in lengthy legal battles and business-damaging fines, with clients owing up to 100% of unpaid tax, National Insurance and Apprenticeship Levy contributions per contractor plus additional financial penalties depending on the case in question. Employers who can prove that they took ‘reasonable care’ over status determination despite producing the wrong result can leave their staffing agency at risk of liability.
April 2024 saw the introduction of a new policy aiming to to prevent double taxation in cases where HMRC disagrees with an outside IR35 decision. HMRC now has the power to offset the amounts of tax and NI contributions already made by the contractor and their intermediary, which on the surface appears to reduce financial liability. However, these employer benefits pass greater risk onto recruitment agencies. Chancellor Rachel Rees states, ‘The impact this new policy will have is that tax liabilities will be more fairly shared through the supply chain. What this means is that clients, or other deemed employers, will no longer bear an unfair tax burden in cases where the determination is challenged.’
Recruitment agencies will be increasingly involved in the determination process – and increasingly open to liability on behalf of client operations. IR35 status determination is particularly risky given the UK Government’s ready acceptance of its own inability to accurately judge status. HMRC reports that the Check Employment Status for Tax (CEST) tool, developed by the Government itself in 2017, has an 85% accuracy rating. One in 7 cases on average is delivering an incorrect or inconclusive assessment, resulting in increased and escalated disputes.
TV presenter Adrian Chiles is now for the third time heading to tribunal with HMRC over £1.7 million in tax claims, after previous judgement was found to have misinterpreted the confusing law. The judges in Chiles’ case describe the correct application of IR35 law as a ‘moving target,’ stating that, ‘The case law in relation to both employment status and IR35 has not only developed considerably over time but continues to be in a state of flux.’ Although the new Labour Government recently expressed interest in simplifying contractor classifications, the limitations and proven inaccuracies of CEST have still not been updated, potentially exposing recruitment agencies to hundreds of IR35 cases out of the thousands of contract assignments they manage every year.
- Responsibility For & Impact of Client Tax Empowerment
In September 2024 the HMRC Board announced the appointment of a new Chair in James Murray, Exchequer Secretary to the Treasury and MP for Ealing North, to provide ministerial oversight of the department for the first time. Murray will oversee three key priorities – ‘closing the tax gap, modernising and reforming, and improving customer service’ – with the aim of bettering tax management for self-employed work.
HMRC’s new ‘Digital Transformation Roadmap’ will be published in Spring 2025. The shift to improving customer service will direct contractors to ‘self-serve online where they can’ with additional help provided by 5,000 new HMRC compliance staff to manage tax in accordance with legal requirements. However, IR35 admin will increasingly rely on automated technologies and the proactivity and interaction of client businesses. Representing recruiters must work ever more closely with contractors and employers to minimise the amount of inaccurate information sent via self-service tax management, and therefore minimise negative impact to all parties.
Clients with the legal background to successfully navigate a confusing and consistently inaccurate tool are rare. Staffing agencies face heightened risks from IR35 legislation depending on client processes over which they have little control, not only in the form of financial liability but in damaging the client relationship and future revenue from this client, particularly if the recruiter opts to fight the case and pass liability back to the client.
- Leaving Clients & Candidates Vulnerable Through Data Breaches
2023 saw almost 3,000 data breaches that exposed over 8.2billion records globally, with affected organisations including AT&T, Sony, SAP, the U.S. Government, and tech giant IBM itself. Verizon’s 2023 Data Breach Investigations Report revealed that the most common causes were human error – a factor in 74% of cases – and financially motivated external actors were responsible for 83%.
Data breaches are particularly damaging for the staffing industry. IBM reports that the average cost of a data breach in the UK in 2024 is £3.58 million: a 5% increase from the previous year. The cost of a data breach varies by industry, with professional services firms including recruitment agencies experiencing the second highest costs of all sectors, with the average data breach costing £5.51 million per staffing company.
Recruitment agencies are especially negatively impacted by data compliance issues due to the nature of the data stored in their systems:
- Personal Details – CRMs will usually contain candidate addresses, dates of birth, passport numbers, national insurance numbers and other details that can be used to personally identify and potentially impersonate individuals
- Payroll – Dealing with invoices and paying candidates directly involves the storage of bank details, insurance and take-home pay/salary information that could be seized to commit fraud
- Business Goals & Challenges – The personal relationships built between clients and their consultants means the sharing of information around business finances, investment, technology innovation and product development, which may be subject to non-disclosure agreements or otherwise unintended for public knowledge, and that if in the wrong hands could be used by competitors to gain market advantage
- Sensitive Data – Notes from phone calls, performance reviews and extension management can reveal healthcare issues, mental wellbeing, relationship and family status that could be used against individuals personally and professionally.
The vast amount of data gathered by recruiters, in addition to the general lack of oversight of CRM training and usage and the industry’s high turnover rates, makes recruitment agencies much more likely to experience data breaches and cyber attacks. Factors influencing the likelihood of data security problems include:
- How and where your agency stores data such as candidate qualifications, passport copies and right to work documentation
- Who is authorised to access this data and whether they are properly trained to manage and protect it
- The processes in place to protect sensitive information
- Use of personal devices and the apps, settings, encryptions and firewalls on those devices
- Policies in place instructing each department of their responsibilities for data storage, usage, management and protection.
Although guarding against data breaches and cyber security attacks is a significant undertaking, staffing founders can identify urgent areas for improvement to make quick adjustments with an initial review. Put together a cross-departmental team who have oversight across your whole business and work with fully compliant recruitment suppliers to start protecting your agency, your clients and your candidates.
5. Risking Contractor Relationships By Working With Non-Compliant Suppliers
Paul Newsham, CEO of the Payroll Compliance Authority, believes that in addition to IR35 reform, the new Government should crack down on non-compliant umbrella companies. Newsham criticises many major market players and riskier new entrants for tax evasion and general lack of adherence to regulation.
Newsham told HR magazine: ‘Labour’s employment priorities should include a thorough review of the progress by the previous Government into regulation of the umbrella company market. Tax evasion is a monumental issue in the UK, with thousands of contract workers put at risk daily because of the lack of regulation in the umbrella company sector. A due diligence regime needs to be put in place within the umbrella company market to shut down the myriad of tax avoidance schemes run by fraudulent umbrella companies.’
Put your existing umbrella supplier to the test to check whether their ways of working are fully compliant:
- Officially Recognised – Fully compliant payroll and umbrella providers are recognised by a Freelancer & Contractor Services Association (FCSA) accreditation. FCSA-accredited members are audited by independent legal and accountancy professionals, and checked by HMRC itself, to ensure the highest standards of compliance in the recruitment and employment industry. The FCSA requires all members to follow a rigorous compliance code that protects all recruiters, employers and contractors from tax and employment risk, and regularly audits and checks that this code is being upheld.
- Transparent Processes – Honest partnerships founded on clear communication between contractors, recruiters and their suppliers are the best way to protect all parties from risk. A fully compliant umbrella company will also be fully transparent with your agency and with your contractors. Recruitment agencies working with transparent umbrellas will receive proactive communication as soon as a problem has been identified, and collaborate with their supplier to find the best solution. Transparent suppliers will be happy to take you through their processes, provide evidence of their licences and legal certifications, and share references from other customers who can back up their claims. Contractors should receive a full breakdown of all fees and deductions before any contracts are signed, and once on assignment, detailed reports around how their earnings are calculated and how their tax is managed.
- Ethical Ways of Working – Your supplier should display ethics and compliance-related policies on their website, covering Human and Worker Rights, Compliance and Diversity & Inclusion, and/or be readily able to provide them when asked. Overseas operators should be able to prove how they protect workers abroad, including providing contracts in workers’ first languages, ensuring workers are paid directly without risk of employer exploitation, and collaborating with recruitment companies and other suppliers to identify and mitigate risks throughout the supply chain.
Eliminate Recruitment Compliance Risks
By outsourcing payroll and contractor management to a fully compliant partner, staffing agencies can permanently reduce their levels of business risk. The right partner can reduce admin burdens, save valuable time and resources, prevent fines and protect your brand image and business relationships. The support and guidance provided by tax and financial compliance experts is imperative in driving sustainable business growth.
Generate support thousands of recruitment agencies and contractors across the globe. Get in touch to find out how we could help you.