Standard Terms of Business (Last Revised February 2026)

1. Definitions

For clarity, in these terms:

  • “We”, “our”, “the firm” refers to Andrew Thomas Accountancy Limited.
  • “You”, “the client” refers to the person, company, trust, or entity engaging the firm.
  • “Engagement letter” means the written agreement specifying the scope of services, including any variation, addendum, or extension agreed in writing. The engagement letter, together with these Terms of Business, forms the entire agreement between the parties.
  • “Services” means the professional services we provide under the engagement letter.
  • “Client monies” means money held by the firm on behalf of the client.
  • “Cloud Supplier / third party” means any external provider supplying hosted or cloud services on our behalf.
  • “Data Controller” means the party responsible for determining the purposes and means of processing personal data.
  • “Sub-processor” means any third party engaged by a Cloud Supplier or the firm to process data.
  • “Working days” means Monday to Friday, excluding public holidays in England, used for deadlines in these terms.
  • “Data Subject” means any individual whose personal data is processed by the firm on behalf of the client or for the firm’s own purposes, including employees, shareholders, and others as relevant.

2. Applicable law

2.1. This engagement letter shall be governed by, and construed in accordance with English law. The Courts of England shall have exclusive jurisdiction in relation to any claim, dispute or difference concerning the engagement letter (including the firm’s standard terms of business) and any matter arising from it. Each party irrevocably waives any right it may have to object to an action being brought in those Courts, to claim that the action has been brought in an inconvenient forum, or to claim that those Courts do not have jurisdiction.

2.2 Before commencing proceedings, the parties will attempt to resolve disputes through mediation or ACCA arbitration where appropriate. Nothing in this agreement shall exclude or limit liability for death or personal injury caused by negligence or fraud. In addition, nothing in this agreement shall limit liability for statutory regulatory penalties arising from the client’s actions or omissions.

2.3. Persons who are not party to this agreement shall have no rights under the Contracts (Rights of Third Parties) Act 1999 to enforce any term of this agreement. This clause does not affect any right or remedy of any person which exists or is available otherwise than pursuant to that Act.

2.4. The advice we give you is for your sole use and is confidential to you and will not constitute advice for any third party to whom you may communicate it. We will accept no responsibility to third parties for any aspect of our professional services or work that is made available to them.

3. Client identification

3.1. In common with all accountancy and legal practices, the firm is required by law to:

  • Maintain identification procedures for clients and beneficial owners of clients;
  • Maintain records of identification evidence and the work undertaken for the client; and
  • Report, in accordance with the relevant legislation and regulations.

We comply with the Money Laundering, Terrorist Financing and Transfer of Funds Regulations 2017 and associated legislation, including subsequent amendments (2020).

3.2. We may use electronic checks as part of our identification procedures. We confirm that these electronic checks are not credit checks.
By engaging us, you consent to the use of electronic identification checks, which are not credit checks.

3.3. We will carry out ongoing monitoring of your business relationship as required under money laundering legislation. Work may not commence or continue until satisfactory identification and verification procedures are completed.

4. Quality of service

4.1. We aim to provide you with a fully satisfactory service. Andrew Nicholaides or Tom Houldsworth will seek to ensure that this is so. If, however, you are unable to deal with any difficulty through them and their team, please contact our Practice Manager on 01724 626000. We undertake to look into any complaint carefully and promptly and to do all we can to explain the position to you. We will acknowledge your letter within five business days of its receipt and endeavour to deal with your complaint within eight weeks. If we do not answer your complaint to your satisfaction, you may take up the matter with the Association of Chartered Certified Accountants (ACCA).

4.2. We participate in ACCA quality reviews and monitoring to maintain professional standards. If you remain dissatisfied after ACCA review, legal remedies may still be pursued. Complaints escalation beyond ACCA review should be notified in writing within 3 months of the original issue.

4.3. We are not licensed or authorised for the reserved legal activity of non-contentious probate. Consequently, any work we do for you on closely aligned activities, such as estate administration or inheritance tax advice, will not be covered by the ACCA Probate Compensation Scheme, this service will not be covered by legal professional privilege, and you will not have access to the Legal Ombudsman.

4.4 Where services are provided to individual consumers, you may use alternative dispute resolution schemes as required by applicable regulations.

4.5. In dealings with HMRC, clients are entitled to the protections described in HMRC’s Charter, which we will endeavour to respect and facilitate.

5. Client monies

5.1. Money held on your behalf will be kept in a segregated client account and managed according to ACCA’s Clients’ Money Rules. Segregated client accounts
protect client funds against firm insolvency and separate records will be maintained to ensure traceability and prompt return.

5.2. Interest will be applied to balances above £25 per year using our bank’s prevailing rates, paid gross unless otherwise required by law.

5.3. Balances above £10,000 for more than 30 days will be held in a separate interest-bearing account, with all interest paid to you, gross of tax unless
otherwise required.

5.4. Funds will be returned promptly when no longer required. Unclaimed funds for five years or upon cessation of practice may be donated to charity.
Dormant or unclaimed client funds may be handled in accordance with statutory requirements and ACCA guidance. Clients are responsible for ensuring
that funds are collected or claimed within the statutory period.

5.5. Clients are reminded that changes to ACCA Client Money Rules or statutory law may affect handling, and the firm will comply with such changes.

6. Commissions or other benefits

6.1. Commissions or benefits arising from transactions arranged for you may be retained by us or our associates. Fees are not reduced unless otherwise
agreed, and VAT is calculated on the net fee. Details of any commission or benefit will be disclosed to you upon request.

6.2. If in the future, abnormally large commissions are received which were not envisaged, we will obtain specific consent to the retention of those commissions.

6.3. Typical commissions may arise from insurance referrals, advisory services, or other business introductions. Details will be disclosed upon request.

7. Investment advice

7.1. We are not authorised to provide investment business services. If required, we will refer you to a firm authorised by the FCA or licensed by a Designated
Professional Body. We are not authorised under the Financial Services and Markets Act 2000 and will not provide regulated investment advice. Referral to
FCA-authorised firms will be made where necessary.

7.2. We will not provide any investment products, investment recommendations, or investment management services.

7.3 We do not provide insurance distribution services, regulated investment business, or financial promotions. If required, referrals will be made to FCA-authorised firms.

8. Fees and payment terms

8.1. Fees depend on time, skill, responsibility, risk, and advice provided. Unless agreed otherwise, fees are billed periodically and payable on presentation.

8.2. Fixed or indicative fees may be agreed for specific services but are typically not set more than a year in advance. Estimates are not binding
unless stated.

8.3. Work outside the engagement scope incurs additional fees. Out-of-pocket expenses (plus VAT) are reimbursable.

8.4. Assistance through insurance policies may be available. You remain liable for fees regardless of insurance.

8.5. Invoices are payable before reports are signed or accounts filed.

8.6. Monthly standing orders may be requested to cover ongoing fees.

8.7. Payments not covered by standing orders are strictly 30 days net. Interest on overdue amounts may be charged under the Late Payment of Commercial
Debts (Interest) Act 1998.

8.8. Where a client entity cannot pay, we may require payment from the individual or parent entity giving instructions.

8.9. We may exercise a lien over all funds, documents, and records until outstanding fees are paid, subject to ACCA guidelines.

8.10. Fees, billing arrangements, and standing orders may be reviewed annually. Continued engagement constitutes acceptance of revised terms.

8.11 If you dispute any invoice, you must notify us in writing within 14 days. Fees not in dispute remain payable. All termination fees for work performed
but unpaid are immediately payable.

8.12. Late payments may incur interest at Bank of England base rate plus 8% per annum, calculated daily until payment is made. For international clients,
VAT will be applied in accordance with UK legislation and local tax rules.

8.13. Electronic invoicing may be used.

8.14. Fees do not override statutory deadlines or consumer rights; clients remain responsible for compliance with filing and reporting requirements.

9. Retention of and access to records

9.1. Original documents are returned after preparation of accounts and returns.

9.2. Records over seven years old may be destroyed unless of continuing significance or required by law. Clients may request retention in writing. Retention
periods comply with Companies Act 2006 and other statutory requirements.

9.3. Digital identity verification and electronic records are securely stored in compliance with regulations. Electronic copies may be provided where original
documents are archived, subject to security measures.

9.4. On termination, reasonable access to records and work in progress will be provided, subject to outstanding fees, and in accordance with regulatory obligations. 

9.5. Clients have the right to request access, correction, or deletion of personal data processed by the firm. Original documents may be retained for statutory
or regulatory reasons, and electronic copies will be provided where feasible.

9.6. Records relating to companies’ statutory filings will be retained and provided to clients for compliance with Companies Act 2006 requirements.

10. Electronic communication

10.1. We do not accept responsibility for data corruption or changes to emails after sending. Critical advice should be confirmed in writing. We cannot
guarantee confidentiality of emails or cloud communications.

10.2. Virus checks are the responsibility of the recipient.

10.3. Clients must maintain secure systems, passwords, and access controls for electronic communications or cloud services. Clients must notify us
immediately of any suspected breach of electronic communications or cloud services. Clients are responsible for maintaining backups of electronic records.

11. Data protection

11.1. To enable us to deliver the services set out in this engagement letter, comply with our legal and regulatory obligations (including those arising from
our ACCA membership), and manage our client relationships effectively, we may obtain, use, process and disclose personal data relating to you, your
business, company, partnership, shareholders, members, officers and employees, as described in our Privacy Notice. When acting as a data controller, we
will comply with the UK GDPR and the Data Protection Act 2018.

11.2. You are also an independent data controller in respect of the personal data you process. Where you disclose personal data to us, you confirm that such disclosure is fair, lawful and compliant with all applicable data protection legislation. Nothing within this engagement letter relieves you of your own responsibilities and liabilities as a data controller.

11.3. Our Privacy Notice, available on our website at https://www.andrew-thomas.org/privacy explains how we collect, use and protect personal data
in relation to the services we provide and the rights of individuals under data protection law.

11.4. As part of our ongoing commitment to quality, our client files may periodically be reviewed by an independent regulatory or quality-control body (for example, the ACCA). These reviewers are bound by the same duties of confidentiality as we are.

11.5. Data protection legislation and regulation places obligations on you as a data controller where we act as a data processor to undertake the processing of personal data on your behalf, for instance where we operate a payroll service for you. We therefore confirm that we will at all times take appropriate measures to comply with relevant requirements when processing data on your behalf. In particular we confirm that we have adequate security measures in place and that we will comply with any obligations equivalent to those placed on you as a data controller. Terms relating to our responsibilities as a data processor are set out in paragraphs 11.6 to 11.9 below.

Processing of Client Personal Data (where we act as Data Processor)

11.6. Where we process personal data on your behalf — for example, in providing payroll or bookkeeping services — we act as your data processor and
will:

  • Process the client personal data only in accordance with your lawful written instructions, in order to provide you with the services pursuant to our engagement with you and in accordance with applicable data protection legislation; 
  • Disclose and transfer the client personal data to our regulatory bodies or other third parties (for example, our professional advisors or service providers) as and to the extent necessary in order to provide you with the services pursuant to our engagement with you in relation to those services;
  • Disclose the client personal data to courts, government agencies and other third parties as and to the extent required by law; 
  • Maintain commercially reasonable and appropriate security measures, including administrative, physical and technical safeguards, to protect against unauthorised or unlawful processing of any client personal data and against accidental loss or destruction of, or damage to, such client personal data.
  • Maintain written records of our processing activities performed on your behalf which shall include:
  • the categories of processing activities performed;
  • details of any cross-border data transfers outside of the United Kingdom; and  
  • a general description of security measures implemented in respect of the client personal data;
  • Return or delete all the client personal data upon the termination of the engagement with you pursuant to which we agreed to provide the services;
  • Ensure that only those personnel who need to have access to the client personal data are granted access to it and that all of the personnel authorised to process the client personal data are bound by a duty of confidentiality; 
  • Notify you if we appoint a sub-processor (but only if you have given us your prior written consent, such consent not to be reasonably withheld or delayed) and ensure any agreement entered into with the relevant sub-processor includes similar terms as the terms set out in this section; 
  • Notify you promptly if:
  • We receive a request, complaint or any adverse correspondence from or on behalf of a relevant data subject, to exercise their data subject rights under the data protection legislation or in respect of the client personal data; or
  • We are served with an information or assessment notice, or receive any other material communication in respect of our processing of the client personal data from a supervisory body (for example, the Information Commissioner’s Office);
  • Notify you, without undue delay, in the event that we reasonably believe that there has been a personal data breach in respect of the client personal data; and
  • At your cost and upon receipt of your prior written notice, allow you, on an annual basis and/or in the event that we notify you of personal data breach in respect of the client personal data, reasonable access to the relevant records, files, computer or other communication systems, for the purposes of reviewing our compliance with the data protection laws.

11.7. Where personal data is transferred outside the UK or the EEA, we will ensure that appropriate safeguards are in place in accordance with the UK
GDPR.

11.8. You confirm that you have obtained all necessary consents and provided suitable privacy notices to enable the lawful transfer of personal data to us.

11.9.  Should you require any further details regarding our treatment of personal data, please contact our data controller.

11.10. The following details are also required by Article 28(3) of the GDPR, for payroll and similar services provided:

  • The subject matter and duration is described in our engagement letter and continues for the duration of the payroll engagement;
  • The nature and purpose of the processing of client personal data is in order to calculate payroll, deductions and payments to HMRC and employees;
  • The types of personal data processed includes, but is not limited to; full name, date of birth, home address, National Insurance number, tax code and salary information;
  • The categories of data subject to whom the client personal data relates to your employees.

Our Role as Data Controller

11.11. For our own internal business purposes — including client management, compliance monitoring and record-keeping — we act as a data controller.
Clients may exercise their rights of access, rectification, erasure, restriction, and portability under the UK GDPR by contacting our Data Controller via our office contact details.

11.12. Article 28(3) & supervisory authority references:

  • Where we act as a data processor, we comply with Article 28(3) UK GDPR requirements, including maintaining records of processing, sub-processor approval, and security measures.
  • We will promptly notify clients of any data breach or supervisory authority communications (ICO or equivalent).
  • Subject matter, nature, purpose, types of personal data, categories of data subjects, and retention periods will be documented and provided upon request.

12. Professional rules and practice guidelines

12.1. We comply with ACCA’s bye-laws, regulations, and Code of Ethics and accept instructions to act for you on this basis. We may correct HMRC errors
where we become aware of them. We will not be liable for any loss, damage or cost arising from our compliance with statutory or regulatory obligations.

12.2. We maintain professional competence through continuous CPD in line with ACCA requirements.

12.3. We exercise professional scepticism in accordance with ACCA guidance when providing assurance, payroll, or advisory services.

12.4. Where conflicts arise between owners or management within the client’s business, we will act only with consent from all owners and document all
actions.

13. Confidentiality

13.1. Confidential information provided by you is kept confidential except as required by law, regulatory bodies, insurers, or external review. Confidentiality
exceptions include obligations to HMRC, courts, regulatory bodies, and professional indemnity insurers.

13.2. To comply with our duty of confidentiality it will be sufficient for us to take such steps as we think appropriate to preserve the confidentiality of information given to us by you, both during and after this engagement, should we act for other clients who are or become your competitors. These steps may include taking the same or similar approach as we take in respect of the confidentiality of our own information.

13.3. If we act for other clients whose interests are or may be adverse to yours, the conflict will be managed by implementing additional safeguards to protect confidentiality. Safeguards may include measures such as separate or physical separation of teams and separate arrangements for storage of, and access to, information. You therefore, agree that the implementation of such safeguards will provide adequate measures to avoid any real risk of confidentiality being impaired.

13.4. We may, on occasion, subcontract work however, should we propose to use the work of a subcontractor for your affairs we will inform you before they commence any work, except where your data will not be transferred out of our systems and the contractor is bound by confidentiality terms equivalent to an employee. In addition to this, the subcontractor will also be bound by our client confidentiality terms.

13.5. This applies in addition to our obligations on data protection in section 11.

14. Conflicts of interest

14.1. We may provide services to clients with competing or adverse interests. Any conflicts affecting you will be notified.

14.2. Conflicts between clients or multiple services will be managed per ACCA’s Code of Ethics. Where a conflict arises that cannot be managed, we may
withdraw from providing services to one or both parties.

14.3. The client is the business; we do not provide information to one owner without consent from all owners.

14.4. Conflicts will be documented, and client consent will be obtained where appropriate. Periodic reviews of potential conflicts will be undertaken for ongoing engagements.

15. Professional indemnity

15.1. We maintain professional indemnity insurance with Allianz Insurance Plc. Territorial coverage is worldwide excluding professional business carried out from an office in the United States of America or Canada and excludes any action for a claim brought in any court in the United States or Canada.

15.2. Coverage is reviewed annually to ensure compliance with ACCA requirements. Clients must notify us promptly of circumstances which may give rise
to a claim under our insurance policy. Policy limits and excesses are as per our current Allianz Insurance Plc cover. Coverage limits, excesses, and renewal
dates are reviewed annually to ensure adequacy for the scope of services. Details about the insurer and coverage are available on request.

16. Timing of services

16.1. Work will be carried out within a reasonable period if information is provided promptly. We are not liable for penalties due to delayed or incomplete
information from the client. Any dates provided for delivery are estimates only and are not binding unless agreed in writing.

16.2 We are not liable for delays caused by strikes, natural disasters, pandemics, cyber incidents, or other force majeure events. We are not liable for delays
or failures caused by third-party suppliers beyond our reasonable control.

17. Use of our name and copyright

17.1. Our name cannot be used in statements or documents without written consent, except as required by law. Clients may use our materials internally
under a restricted licence; external use requires written consent.

17.2. Copyright in our documents belongs to the firm unless law provides otherwise.

18. Interpretation and limitation of liability

18.1. If there is a conflict between an engagement letter schedule and these terms of business then the engagement letter takes precedence.

18.2. We will provide services as outlined in this letter with reasonable care and skill. Our liability to you is limited to losses, damages, costs and expenses directly caused by our negligence, fraud or wilful default. However, to the fullest extent permitted by law, we will not be responsible for any losses, penalties, surcharges, interest or additional tax liabilities where you or others supply incorrect or incomplete information, or fail to supply any appropriate information or where you fail to act on our advice or respond promptly to communications from us or the tax authorities.

18.3. You will not hold us, the owners of this firm and any staff employed by the firm, responsible, to the fullest extent permitted by law, for any loss suffered by you arising from any misrepresentation (intentional or unintentional) supplied to us orally or in writing in connection with this agreement. You have agreed that you will not bring any claim in connection with services we provide to you against any of the principals or employees personally.

18.4. Our work is not, unless there is a legal or regulatory requirement, to be made available to third parties without our written permission and we will accept no responsibility to third parties for any aspect of our professional services or work that is made available to them.

18.5. If any provision of this engagement letter or terms of business or its application is held to be invalid, illegal or unenforceable in any respect, the validity, legality or enforceability of any other provision and its application shall not in any way be affected or impaired.

18.6. Advice we give you orally should not be relied upon unless we confirm it in writing. We endeavour to record all advice on important matters in writing. However, if you particularly wish to rely upon oral advice we give you during a telephone conversation or a meeting, you must ask for the advice to be confirmed in writing.

18.7. We will not accept responsibility if you act on advice previously given by us without first confirming with us that the advice is still valid in the light of any change in the law or your circumstances.  We will accept no liability for losses arising from changes in the law or the interpretation thereof that occur after the date on which the advice is given.

18.8. Unless specifically instructed and agreed in advance we will not assist with the implementation of our advice.

19. Cloud-based services

19.1. Cloud accounting services are provided by a third-party supplier under confidentiality and data processing agreements compliant with UK GDPR.
Cloud services will be protected using industry-standard security measures, including encryption of data in transit and at rest.

19.2. Access is provided to both the client and the firm.

19.3. We are not liable for service interruptions but will liaise with the supplier to restore service promptly. Clients retain ownership of all data stored in
cloud services. We are not liable for data loss from cloud supplier failure, but will assist with recovery where possible.

19.4. Clients remain responsible for their own backups where reasonably practicable.

20. Use of artificial intelligence

20.1. To assist us in providing an efficient and valuable service, the firm may make use of artificial intelligence (AI). This will only be for purposes that align with our organisational values and ethical principles and where the engagement principal has authorised its use.

20.2. The AI tools available to the firm have been carefully selected to ensure they are both capable of providing efficiencies and that any information is securely stored in line with data protection laws, such as the Data Protection Act 2018 and the GDPR. Where necessary, data will be anonymised or pseudonymised before being input into any AI tool and no confidential information will be put into the public domain.

20.3. No decisions will be made solely by AI, with individuals within the firm maintaining oversight and responsibility at all times.

20.4. If you request us to do so, we will provide an explanation of the way in which the AI tools we use operate.

20.5. If you would like to opt-out of your data being used in an AI tool, please contact our Practice Manager in the first instance.

21. Termination of our agreement

21.1. Either party to these terms of engagement may terminate the agreement by giving notice in writing to the other party.  We may, however, terminate our agreement immediately where you fail to cooperate with us, or we have reason to believe that you have provided us or HMRC with misleading information.  Termination will be without prejudice to any rights that may have accrued to either of us prior to termination.

21.2 Should our contract be terminated; we will endeavour to agree with you the arrangements for the completion of work in progress at that time.  We may, however, be required for legal or regulatory reasons to cease work immediately. In that event, we shall not be required to carry out further work and shall not be responsible or liable for any consequences arising from termination.


Contact

82 Oswald Road, Scunthorpe, DN15 7PA, T: 01724 626000 | E: info@andrew-thomas.org | W: www.andrew-thomas.org

Andrew Thomas Accountancy Limited, Registered in England No. 6312617. Directors: Andrew Nicholaides FCCA & Thomas Houldsworth FCCA.

ACCA Registration Number: 1553641.