Accountant & Agent Access: Identified Gap and Roadmap
Accountant & Agent Access: Identified Gap and Roadmap
Status: Gap identified — implementation planned
Severity: High
Category: Enterprise Infrastructure
Version identified: v1.0.275
Overview
UK tax law and HMRC's Making Tax Digital ITSA framework formally recognise the role of tax agents and accountants who act on behalf of taxpayers. Under HMRC's agent authorisation scheme, a registered agent may submit quarterly updates, annual summaries, and final declarations directly to HMRC on a client's behalf.
The current platform does not yet support this model. This page documents the gap, explains why it matters for MTD ITSA compliance, and outlines what will be built.
The Problem
Current RBAC Roles
The platform currently defines three roles:
| Role | Description |
|---|---|
owner | Full control over the account and all submissions |
admin | Administrative access, manages settings and users |
member | Standard access to transactions and submissions |
None of these roles is suitable for an external accountant or tax agent. Granting an accountant admin access gives them far more privilege than is appropriate; granting member access may give them insufficient visibility.
What Is Missing
1. Accountant / Agent Role
There is no accountant or agent role in the RBAC model. This role would need to:
- Have read access to transactions, categorisation, and submissions.
- Be able to review and flag issues without directly modifying the taxpayer's data without approval.
- Be scoped to one or more client accounts rather than having platform-wide access.
2. Read-Only Advisor Role
Some accountants only need to review what a client has prepared rather than actively manage it. A read-only advisor role would allow them to inspect submissions, income/expense categorisation, and HMRC correspondence without write access.
3. Agent Authorisation Workflow
HMRC's agent authorisation process requires:
- The taxpayer to formally authorise an agent via HMRC's systems.
- The agent to be linked to the taxpayer's HMRC account using an Agent Reference Number (ARN).
The platform has no workflow to record, manage, or validate this authorisation relationship.
4. Accountant Review and Approval Flow
Before a submission is sent to HMRC, many taxpayers want their accountant to review and approve it. There is currently no mechanism for:
- Drafting a submission and marking it as "pending accountant review."
- Notifying the accountant that a review is required.
- The accountant formally approving or returning the submission.
- Recording who approved the submission and when (audit trail).
5. Agent-Authorised Submissions to HMRC
MTD ITSA allows submissions to be made by an authorised agent using the agent's own HMRC API credentials. The platform currently only supports submissions made directly with the taxpayer's own credentials. There is no path for an agent to submit on the taxpayer's behalf through the platform.
Why This Matters for MTD ITSA
HMRC's MTD ITSA mandate is designed with agents as first-class participants. The HMRC API suite includes dedicated agent endpoints and an agent authorisation flow. Key implications:
- Agent-authorised submissions use a different OAuth token flow. The agent authenticates with their own HMRC credentials and presents their ARN; the taxpayer's UTR is referenced as the subject of the submission, not the submitter.
- Many landlords rely on accountants for compliance. A significant proportion of the target user base will expect to invite their accountant into the platform rather than manage MTD submissions themselves.
- Without agent support, the platform cannot serve business accounts where a firm files on behalf of multiple landlords.
Planned Resolution
The following capabilities are planned to close this gap:
| Capability | Description |
|---|---|
accountant RBAC role | A dedicated role scoped to client accounts with configurable read/write permissions |
advisor read-only role | View-only access to submissions, transactions, and reports |
| Agent authorisation workflow | In-app flow to record and validate HMRC agent authorisation, including ARN linkage |
| Submission review & approval | Draft-to-approved workflow with accountant sign-off and timestamped audit log |
| Agent-credentialed HMRC submissions | OAuth flow supporting agent tokens for MTD ITSA API calls made on a client's behalf |
| Multi-client dashboard | A view for accountants managing multiple landlord/self-employed clients in one place |
Workaround (Current Limitation)
Until agent access is implemented, there is no safe or appropriate workaround that maps to the HMRC agent authorisation model. Sharing owner or admin credentials with an accountant is not recommended and does not reflect the legal distinction between the taxpayer and their agent.
If you are an accountant or tax agent who needs access for a client, please monitor the platform release notes for the Accountant & Agent Access feature release.