Due diligence as a key criterion of business tax security

Ukrainian tax reality has long moved beyond a purely formal approach to business transactions, and today the issue of counterparty verification has effectively ceased to be an internal company policy — it has transformed into an essential element of proving the taxpayer’s good faith, without which even a formally flawless transaction may be challenged by the tax authorities.

The problem lies in the fact that the law does not explicitly impose an obligation to verify a counterparty; however, a systematic interpretation of Article 112 of the Tax Code of Ukraine creates a much stricter framework of liability. In this framework, the key issue is not merely the existence of a violation, but the presence of fault in the form of bad faith, unreasonableness, or lack of due diligence. Moreover, it is the taxpayer who must prove that sufficient steps were taken to verify the partner.

This logic is actively supported by case law. In particular, in its decision of 7 July 2022 in case No. 160/3364/19, the Supreme Court established a fundamental position: responsibility for the accuracy of primary accounting documents lies with the person who prepared and signed them, and each party to a transaction is liable only for the information it has provided. At the same time, the court allows the tax authority to prove the absence of due diligence and, accordingly, the existence of fault on the part of the taxpayer, even where formal documentation is present.

Within this framework, a critical shift in emphasis occurs: primary documents are no longer an “immunity shield” against claims but merely one element of the evidentiary base that must confirm the reality of a transaction. This is where the key risk arises — cooperation with so-called “toxic” counterparties, i.e., companies exhibiting signs of fictitiousness, transit operations, or problematic tax status.

The practical consequences of such cooperation go far beyond additional tax assessments. They include the blocking of tax invoices, loss of input VAT credit, seizure of bank accounts within enforcement proceedings, financial monitoring by banks with suspension of payments, and in certain cases even criminal proceedings under Articles 212 or 205-1 of the Criminal Code of Ukraine. Importantly, this risk is not theoretical: if a counterparty enters bankruptcy proceedings or is classified as a “high-risk” VAT payer, all transactions with such an entity may be subject to retrospective review.

Particular attention should be paid to situations where a business has formally fulfilled all contractual obligations but has failed to verify key parameters of the counterparty — such as its status in the state register, licensing, tax history, or the authority of its director. In such cases, the tax authority’s argument is built not around a specific violation, but around the premise that the taxpayer “could and should have” identified the risks but failed to do so, thereby acting without due diligence.

This effectively raises the standard of conduct for businesses: it is no longer sufficient to conclude a contract and obtain an acceptance certificate. Companies must build an evidentiary model demonstrating that they verified their partner to the extent reasonably expected under the circumstances. It is precisely this model that becomes decisive in tax disputes.

In practice, this includes verifying the counterparty’s status in the state register, analyzing court decisions involving the entity, monitoring enforcement proceedings, checking tax status (including VAT registration), and assessing the corporate structure — directors, shareholders, authorized capital, and changes in management. Attention should also be paid to indirect risk indicators: inconsistencies between declared business activities and actual operations, mass registration addresses, unusually short periods of existence, or lack of a real operational footprint.

Importantly, verification is not limited to official registers. Modern practice increasingly involves the use of OSINT tools, analysis of a company’s digital presence, historical versions of its websites, and the public activity of its management. This approach is no longer an “additional option” but has become a standard of corporate risk management.

In conclusion, the concept of due diligence in Ukrainian law has evolved from a declarative notion into a полноценный legal standard that defines the boundaries of business liability in tax relations. Ignoring this standard is no longer perceived as neutral conduct — it is treated as a form of fault that opens the door to financial sanctions and procedural risks.

Therefore, counterparty verification is no longer a question of “whether to do it,” but rather “how to document it” in such a way that, in the event of a dispute, the business possesses not only formal documents but a coherent and comprehensive evidentiary framework capable of withstanding both tax audits and judicial scrutiny.