You might think that a payroll audit is mostly about catching maths errors, and you'll be partially correct: it does plenty of that. However, it's also about surfacing classification inconsistencies, pay rate disparities across similar roles, and compliance gaps that quietly compound until someone (usually HMRC) comes knocking.
Most payroll audit guides are written for finance teams. This is a guide for HR leaders at mid-to-large companies who want a structured audit process they can own – one that goes beyond gross-to-net calculations into the compensation structure checks that carry the highest regulatory stakes. We'll cover what to check, what penalties look like if you don't, and exactly what to do when your audit finds problems.
What is a payroll audit, and why does HR need one?
A payroll audit is a systematic review of payroll records, processes, and systems to verify that employees are paid correctly, deductions are accurate, and the organisation complies with employment and tax law.
There are three types of payroll audit:
- Internal audit: run by your in-house HR, payroll, or finance team to catch errors proactively.
- External audit: commissioned by your company but carried out by independent auditors for objectivity.
- Government audit: initiated by HMRC in the UK, which can examine records going back six years (or twenty if fraud is suspected).
Most guides treat payroll audits as a single process. In practice, they have two distinct halves. The first is financial accuracy – gross-to-net calculations, tax deposits, pension deductions. Your payroll operations team typically owns that.
The second half is the compensation structure:
- Are employees classified consistently?
- Are people in comparable roles paid equitably?
- Do pay gaps correlate with department, tenure, or gender?
That second half sits firmly in HR's territory. It also carries the highest regulatory stakes – particularly with the EU Pay Transparency Directive taking effect in June 2026 – and has the least existing guidance.
This article covers the HR half, written for HR leaders at companies with 250+ employees.
Benefits of regular payroll audits for HR teams
Here's the uncomfortable truth about payroll errors: they don't announce themselves with glaring horns and bright red lights. They sit quietly in your systems, compounding month after month, until something forces them into the open.
ADP's 2024 global payroll survey of 1,735 senior leaders found that the average payroll accuracy rate across organisations is just 78% – meaning roughly one in five transactions contains an error. Worse, 29% of respondents said mistakes only come to light when a formal payroll audit is run. Without one, those errors can go undetected for years.
That's the financial case for regular audits. But there's a people case, too.
beqom's 2025 Compensation and Culture Report, surveying 1,878 employees, found that 46% cited a lack of pay transparency as a top workplace concern. Only 54% believe they're paid fairly – and that drops to 49% among women.
Those numbers matter at hiring time. Being able to tell candidates "we audit our pay practices and can demonstrate fairness" is a genuine recruiting advantage, especially as the EU Pay Transparency Directive deadline is approaching.
So, how often should you audit? An annual comprehensive audit is the baseline (and by baseline, we mean minimum). But quarterly spot-checks make sense if your company is growing quickly, has recently changed payroll systems, employs a mix of contractors and permanent staff, or has a history of errors. Certain events should trigger an unscheduled review regardless – mergers, system migrations, payroll team turnover, or employee pay complaints.
Think of it this way: you wouldn't wait for your MOT to check if your brakes work. The same logic applies to payroll.
Payroll audit checklist for HR teams
Work through it step by step, or jump to the category that matters most.
Download the payroll audit checklist and save for later!
Step 1: Gather data and define scope
Before you touch a single number, draw a clear boundary around what you're reviewing.
☑ Determine which pay periods, departments, and jurisdictions the audit covers. Trying to audit everything at once is a recipe for doing nothing well.
☑ Pull payroll registers, employee files, HRIS data exports, tax filings, and bank records into one place. If your data lives in five different systems, this step alone will tell you a lot about where errors creep in.
Step 2: Employee data verification
This is where ghost employees and leavers' overpayments hide.
☑ Confirm all employees are active and correctly classified. Check that leavers have been removed from payroll promptly.
☑ Reconcile HRIS termination dates against final payroll payments – ongoing payments to former employees are one of the most common sources of leakage at mid-to-large companies.
☑ Verify that employees on leave (maternity, sick, sabbatical) have modified pay applied correctly.
☑ Check that new hires were onboarded with the correct pay grades and benefit elections.
Step 3: Classification review
☑ Verify exempt vs. non-exempt status against actual job duties, not just titles. A "Manager" label doesn't automatically mean someone meets the exemption criteria.
☑ Review contractor status against IR35 criteria across all business units – not just the ones that hired them.
☑ Check consistency of classification decisions across hiring managers and departments. Different managers making different calls on identical roles is one of the most common patterns.
☑ Confirm the physical working jurisdiction of remote staff for local social security and tax compliance.
Step 4: Pay equity checks
This is where your audit moves beyond financial accuracy and into territory that is often wrongfully ignored – pay equity.
☑ Define comparable work groups by role, level, and location.
☑ Calculate unadjusted pay gaps by worker category.
☑ Flag gaps exceeding 5% for joint assessment under the EU Pay Transparency Directive. That 5% threshold is the trigger for mandatory action – not a suggestion.
☑ Document your remediation planning. Figures' pay equity solution automates gap detection and remediation modelling, so you can see exactly what closing each gap would cost.
Want a more detailed explanation on how this is done? Take a look at our pay equity checklist!
Step 5: Compliance verification
The nitty-gritty. None of this is glamorous, but all of it is expensive to get wrong.
☑ Tax withholding rates match current codes, and NIC contributions are calculated correctly.
☑ Pension auto-enrolment has been applied to all eligible employees.
☑ Statutory payments (SSP, SMP) match entitlements.
☑ Current tax year regulatory changes are reflected in your payroll configuration.
☑ Confirm that benefit deductions – salary sacrifice pensions, cycle-to-work, childcare vouchers – do not push any employee's effective hourly rate below the National Minimum Wage.
Step 6: Process and documentation
☑ Payroll change authorisation requires dual sign-off. Single-approver systems are how fraudulent changes slip through.
☑ HRIS-to-payroll data flows are reconciled – flag any discrepancies between what HR records and what payroll actually processes.
☑ Duplicate payments across entities or pay periods are flagged automatically.
☑ Audit all manual and off-cycle payments. These commonly bypass standard HRIS-to-payroll syncs and are a frequent source of undetected errors.
☑ Record all findings and update procedures accordingly. An audit that doesn't change anything is just expensive box-ticking.
Why employee classification is the highest-stakes audit check
At a company with 50 employees, a classification error is an isolated problem. At a company with 500, it's almost certainly a pattern.
That's because classification decisions aren't made by one person in one place. Different hiring managers apply IR35 determinations inconsistently. Job levels don't map cleanly to exempt vs. non-exempt because the levelling framework was built for compensation planning, not compliance. Contractor-vs-employee decisions made three years ago haven't been revisited, even though the roles have changed significantly since.
The result is that groups of workers doing comparable work end up classified differently, and those classification differences drive pay disparities that correlate with department, tenure, or gender. Not because anyone planned it that way, but because nobody stepped back to look at the whole picture.
According to FinSolution's analysis of HMRC enforcement data, 62% of wage underpayment cases investigated in 2024 were attributable to errors in recording working hours – not deliberate fraud. Even well-resourced companies with dedicated payroll teams get this wrong.
These systemic classification inconsistencies create pay equity risks under the EU Pay Transparency Directive. When workers in equivalent roles are classified differently – one as exempt, another as non-exempt; one as a contractor, another as permanent staff – the resulting pay gaps show up in mandatory reporting. And those gaps demand an explanation.
The question then becomes: are the pay differences justified by legitimate factors like seniority, tenure, or role complexity? Or are they unjustified disparities that need correcting? You can't answer that based on vibes: you need a statistical decomposition across your entire workforce.
This is exactly what Figures' pay equity solution does. Using the Oaxaca-Blinder decomposition, the platform automatically separates justified pay differences from unjustified ones, so HR teams see precisely how much of a gap is defensible and how much needs correcting.
Perform your payroll audits with confidence!
Penalties for payroll non-compliance in the UK and EU
This section isn't meant to scare you. It's meant to give you the numbers you need for a board conversation about why proactive auditing is worth the investment.
HMRC enforcement is already hitting hard
In 2025, 518 UK employers were publicly named for underpaying more than 60,000 employees a combined £7.4 million. Penalties reached up to 200% of the wages underpaid – and that's before the reputational damage of appearing on a public list alongside household names like Lidl, British Airways, and PizzaExpress.
The named employers have since repaid what they owed. But for many, the financial penalty was the smaller cost. The public naming is what stings.
The enforcement picture is about to change significantly
The UK's new Fair Work Agency (FWA), established under the Employment Rights Act 2025, is expected to be fully operational from April 2026. Its powers go well beyond what HMRC currently does:
- Proactive workplace inspections – no employee complaint required to trigger one.
- The authority to require employers to produce documents and evidence of compliance.
- Civil penalties for underpayment, plus the power to bring proceedings in employment tribunals on a worker's behalf.
- Cost recovery provisions, meaning employers can be charged for the enforcement costs of their own non-compliance.
The FWA brings together HMRC's minimum wage unit, the Employment Agency Standards Inspectorate, and the Gangmaster and Labour Abuse Authority under a single body. For HR leaders, this means one agency with a broader remit and more teeth.
Then there's the EU dimension
Under the EU Pay Transparency Directive, taking effect in June 2026, companies with an unadjusted gender pay gap exceeding 5% within any worker category must conduct a non-optional joint pay assessment with employee representatives.
How common is a gap above 5%? Well, 82% of companies joining Figures exceed that threshold when they first run their analysis. The gaps are there. The question is whether you find them proactively or wait for a regulator to find them for you.
Become compliance-ready with Figures. Book a demo!
What to do when your audit finds problems
Finding an error is the easy part. What happens next is where most companies stall. Here's the workflow, step by step.
Step 1: Quantify the error fully
Don't just calculate the surface-level underpayment or overpayment. Trace the knock-on effects across all affected pay periods: tax withholdings, pension contributions, NIC calculations, and benefit deductions. A £500 salary error can easily become a £2,000 problem once you account for everything it touches.
Step 2: Correct your tax filings
In the UK, submit adjusted Full Payment Submissions (FPS) or Employer Payment Summaries (EPS) through HMRC's Real-Time Information system. If you've uncovered the error yourself – rather than waiting for HMRC to find it – voluntary disclosure before an inspection typically results in lower penalties.
Step 3: Pay underpaid employees promptly
Back pay should come with a clear, honest explanation of what went wrong and what you've done to prevent it from happening again. Speed matters here. The longer you sit on a known underpayment, the worse it looks – both to the employee and to any regulator who reviews the timeline later.
Step 4: Handle overpayment recovery carefully
Yes, employers can legally recover overpayments. But deducting large sums from future pay packets is risky territory – if the deduction pushes an employee's effective pay below the National Minimum Wage, you've created a new compliance problem while trying to fix the old one. Negotiate a reasonable repayment plan instead.
Step 5: Close pay equity gaps
If your audit surfaced pay disparities across comparable roles – and at most companies, it will – you need a structured remediation plan, not a vague commitment to "look into it." Figures' remediation scenario modelling lets HR teams simulate different correction approaches tied to specific budgets and individual employees.
Step 6: Document everything and update your procedures
Record what was found, what was corrected, and what process changes you've made to prevent recurrence. This documentation is both good practice and your evidence of good faith if a regulator comes knocking later.
What next? Run your pay equity audit
Everything above – the data verification, the classification checks, the compliance reviews – is the foundation. It's necessary, but it's not where the highest stakes sit for HR leaders at mid-to-large companies. The pay equity audit is.
Without it, companies won't know whether their pay gaps are explainable or indefensible – and they need that answer before regulators ask the question.
Figures automates the heavy analytical lifting. The platform uses Oaxaca-Blinder decomposition to separate legitimate pay differences from unjustified disparities, auto-generates EU-compliant reports, and lets you model the cost of closing gaps before committing budget.
For the full step-by-step process, read Figures' pay equity compliance guide. Or, if you'd rather see the platform in action: book a free demo.
FAQs about payroll audits
How does HR and payroll software help with auditing?
Integrated HRIS/payroll systems reduce data transfer errors and maintain a single source of truth for employee records. Automated exception reporting flags discrepancies as they happen, rather than waiting for a scheduled review to catch them months later. Figures integrates with 30+ HRIS systems for the compensation data layer.
What triggers an HMRC payroll investigation?
Employee complaints are the most common trigger, but HMRC also uses Real-Time Information (RTI) data from your payroll submissions to spot inconsistencies between declared hours and pay levels. Late tax deposits, unusual filing patterns, and operating in high-risk sectors like hospitality or care can also flag your business for review.
How far back can HMRC check payroll records?
HMRC can examine up to six years of records during a standard investigation. If fraud is suspected, that lookback period extends to twenty years. This is why maintaining accurate, well-organised records for at least six years isn't just good practice – it's your insurance policy.
How should back pay and one-off payments be handled during an audit?
Signing bonuses, back pay, and off-cycle payments often bypass standard HRIS-to-payroll syncs, which makes them a frequent source of undetected errors. During your audit, pull a separate report of all manual and off-cycle payments and reconcile each one against the authorising documentation and tax treatment.
What's the difference between a payroll audit and a pay equity audit?
A payroll audit checks whether employees are paid correctly – right amounts, right deductions, right tax codes. A pay equity audit checks whether employees in comparable roles are paid fairly relative to each other. The first is a financial accuracy exercise. The second is a compensation structure review with direct regulatory implications under the EU Pay Transparency Directive.
