In this week’s Enews, we look at the tax implications of side hustles. There are also warnings on the Windsor Framework and cyber-attacks on UK businesses to update you on.

• HMRC sends side hustle warning
• Windsor Framework starting to fracture the UK Internal Market, warns FSB
• More than 25% of UK businesses hit by cyber-attack in past year

HMRC is warning those earning extra income through a side hustle to check if they need to register for self assessment and file a tax return.

Side hustles can be any additional income stream, from online selling to content creation, from dog walking to property rental. It also includes gains or income received from cryptoassets.

Anyone who earns over the £1,000 threshold may need to register for self assessment and complete a tax return.

There is a checker tool on GOV.UK for those who aren’t sure if they meet the criteria. If they do and are new to self assessment they will need to register to receive their Unique Taxpayer Reference.

Guides for side hustlers can also be found at taxhelpforhustles.campaign.gov.uk.

Myrtle Lloyd, HMRC's Director General for Customer Services, said:

‘Whether you are selling handmade crafts online, creating digital content, or renting out property, understanding your tax obligations is essential. If you earn more than £1,000 from these activities, you may need to complete a self assessment tax return.

‘Filing early puts you in control – you will know exactly what you owe, can plan your payments, and avoid the stress of the January rush. You don't need to pay immediately when you file – you have until 31 January to settle your tax bill.’

Internet link: HMRC press release

The Windsor Framework is creating severe disruption for small businesses and fracturing the UK Internal Market, warns the Federation of Small Businesses (FSB).

The Framework was negotiated as part of the UK’s exit from the EU and is intended to unlock opportunities for Northern Ireland.

However, FSB research found that 58% of those trading between GB and NI report moderate to significant challenges operating across the UK Internal Market. Over a third have already ceased trade rather than deal with new compliance demands.

In addition, strategic confidence is plummeting with 56% of affected firms not confident in planning for the year ahead, citing uncertainty and red tape.

Alan Lowry, Chair of FSB Northern Ireland, said:

‘Small businesses have shown immense resilience, but they cannot be expected to navigate complex new systems alone. The Windsor Framework was meant to offer opportunity – but, for many, it has delivered confusion, constraint and cost.

‘This report is a clear call to action. Policymakers must simplify processes, improve communication, and ensure support is accessible. Only then can the Windsor Framework become an enabler of growth rather than a barrier to trade.

‘Without immediate action, the Windsor Framework risks becoming a policy defined by missed opportunities, lost trade and disproportionate impacts on the smallest firms. A proactive response, led by the government, and delivered in partnership with industry, is essential to unlocking its full potential and preserving trust in the UK Internal Market.’

Internet link: FSB website

More than one in four UK businesses have been the victim of a cyber-attack in the last year with many risking ‘sleepwalking’ into disruption, according to a new report.

The survey conducted by the Royal Institution of Chartered Surveyors (RICS) found that 27% of companies said their building had suffered a cyber-attack in the last 12 months, up from 16% a year ago.

Almost three-quarters of business leaders believe that a cybersecurity incident will disrupt their business in the next 12 to 24 months, the survey found.

The paper identifies operational technology such as building management systems, CCTV networks, Internet of Things (IoT) devices and access control systems as risk areas.

It also notes concerns that some buildings use outdated operating systems (OS). A building opened as recently as 2013 could conceivably use Windows 7; an OS that hasn’t received security updates from Microsoft in over five years.

Paul Bagust, Head of Property Practice at the RICS, said:

‘Buildings are no longer just bricks and mortar, they have evolved into smart, interconnected digital environments embracing increasingly sophisticated and ever-evolving technologies to enhance occupier experience.

‘It is inconceivable to imagine a world where technology will not continue to pose a growing risk to a building’s operation, and it is equally impossible to consider that the management of digital risks will not be needed as an imperative measure to safeguard the future of a building and prevent systems from being compromised.

‘Failure to identify these growing digital challenges and incorporate security countermeasures risks businesses sleepwalking into cyberattacks.’

Internet link: RICS website