Why setup matters before the CT600 deadline
Corporation Tax filing is not only a CT600 preparation task. The practice also needs authority to act, the right Government Gateway route, the correct company service access, and a defensible record of what was filed.
GOV.UK guidance on agent authorisation explains that how a client authorises an agent depends on the tax and may involve an online service or form 64-8. Separate GOV.UK guidance for certain taxes says clients and agents must not share sign-in credentials. Even where the exact route varies by service, that boundary is important for CT600 practice workflow.
The rule of thumb for practices
Do not design a CT600 workflow around asking clients for their private Government Gateway sign-in details. Build the file around proper authorisation, practice-controlled access, client approval, and submission evidence.
That protects the client, the firm, and the audit trail. It also makes rejected submissions easier to diagnose because the practice can separate filing-authority issues from return-data issues.
Client setup checklist
- Confirm the company legal name, company number, Corporation Tax reference, accounting period, and filing deadline.
- Confirm whether the company has Corporation Tax services added to its business tax account where relevant.
- Confirm the practice's authority to act for Corporation Tax before filing.
- Keep the client engagement, approval, and filing-authority evidence in the job file.
- Do not store or request the client's private Government Gateway password as a workaround.
Practice setup checklist
- Check the firm has the right HMRC online services route for Corporation Tax filing.
- Keep agent identifiers and authorisation evidence private and out of public content, tickets, screenshots, and marketing material.
- Limit submission access to appropriate staff and use role-based internal controls where possible.
- Confirm who can approve, who can submit, and who can handle rejected returns.
- Record the filing route used without exposing sensitive operational identifiers.
Before filing through Government Gateway
The filing team should review both the tax package and the access position. A technically correct CT600 can still fail if the authorisation, service enrolment, accounting period, or attachment package does not line up.
- Review the CT600, computation, accounts, iXBRL attachments, and supplementary pages.
- Check client or director approval covers the final package, not an earlier draft.
- Confirm the correct company and accounting period are being filed.
- Check the practice has authority to submit for that company.
- Keep the HMRC acknowledgement or rejection response after submission.
If authorisation causes a rejection
Government Gateway rejection handling should preserve the original response. Do not overwrite it with only the final successful submission. Keep the timestamp, error context, diagnosis, and fix so the practice can show what happened if the client asks later.
If the problem is authority or service setup, avoid changing unrelated CT600 numbers while diagnosing the access issue. If the problem is return validation or iXBRL attachment format, keep that separate from the authorisation trail.
Security and privacy for public content
Agent identifiers, client names, tax references, Government Gateway details, submission references, account identifiers, and screenshots containing private operational data should not appear in public marketing copy or public support material.
Public pages can describe the workflow. They should not disclose the private identifiers used to operate that workflow.
How Robocount helps
Robocount is built for Corporation Tax filing workflows where practices need preparation, review, approval, submission, and evidence in one place. The aim is to make the authority and evidence trail part of the CT600 process rather than a separate scramble at the deadline.
- Supports practice review before CT600 submission.
- Keeps approval, supplementary-page review, and filing evidence close to the return package.
- Preserves clearer evidence around acknowledgements and rejected returns.
- Supports API and MCP-native workflows where AI or automation prepares structured data for human review.
- Encourages private operational identifiers to stay private rather than appearing in public output.
FAQ
Can an accountant use a client's Government Gateway login?
GOV.UK guidance for certain tax authorisation routes says clients must not give sign-in credentials to their agent and agents must not use client credentials. Practices should use the appropriate authorisation route instead of borrowed credentials.
Does agent authorisation replace client approval of the CT600?
No. Authority to act and approval of the specific return package are different controls. The practice should retain both where it files for the client.
What should be kept after submission?
Keep the final approved CT600 package, filing timestamp, HMRC acknowledgement or rejection response, and any follow-up evidence. Do not publish private identifiers from that evidence.
Why is this relevant for AI-assisted CT600 filing?
AI can help prepare structured Corporation Tax data, but the practice still needs authority, human review, client approval, secure credentials handling, and a clean Government Gateway evidence trail.
Useful official references
- GOV.UK: authorising an agent to deal with your tax affairs
- GOV.UK: authorise an agent through your business tax account
- GOV.UK: how agents get authorised for clients
- GOV.UK: add Corporation Tax services to a business tax account
- GOV.UK: Company Tax Return obligations
This guide is general product and filing workflow information, not tax advice. Check current HMRC guidance and the company's authorisation position before filing.