EY refers to the global organization, and may refer to one or more, of the member firms of Ernst & Young Global Limited, each of which is a separate legal entity. Ernst & Young Global Limited, a UK company limited by guarantee, does not provide services to clients.
In some countries, there is still an element of debate over what constitutes an in-scope entity. Canada, for example, has used domestic legislation to exempt a product considered low risk and institutions which they consider to be passive entities, versus financial institutions, and the OECD reviewers have disputed these decisions, according to Jillian Nicolson, partner at Ernst & Young LLP.
Businesses there need to adhere to domestic legislation until the issue is resolved, but the eventual resolution will be in the government’s interest. Impacted entities, such as holding companies and certain private trusts, should monitor legislative developments, as a reversal would cause a significant change in responsibilities. Linked to this, in some jurisdictions, including Australia, Ireland and Singapore, there has been an increase in notices for institutions that have filed a nil-return.
Just two years ago, the Singapore authority was focused mainly on institutions that were submitting a standard report for data quality, but recently have seen their focus shift to those who have filed nil reports to verify the veracity of those reports and existence of appropriate processes and controls. While deliberate fraud attempts have been uncovered by the authorities in some jurisdictions, erroneous nil-returns are more likely to be the result of misunderstanding what constitutes an in-scope entity.
Resourced for rigor
To handle the increased scrutiny, some tax authorities have hired additional inspectors and invested in enhanced data analysis capabilities. In fact, the latest OECD peer review indicated that tax authorities have employed more than 450 full-time equivalent personnel to support and review compliance with CRS. In Ireland, according to Amanda Murphy, Business Tax Advisory, Financial Services Partner, at EY Ireland the revenue authority is taking a strict approach, having set up a new division with dedicated personnel who are building data analytics tools and issuing 70-question tailored surveys that need to be responded to in a tight deadline.
In Canada, the tax authority is conducting onsite as well as desk audits of a broad sample of institutions to assess compliance with Foreign Account Tax Compliance Act (FATCA) and CRS requirements, said Nicolson.
Having recently run a series of educational workshops between the Australian Taxation Office (ATO) and impacted institutions, the ATO is shifting the focus of its personnel from guidance to enforcement and is investing heavily in data analytics capability, according to Robert Davies, Director , Business Tax advirosy, Financial Services Group at Ernst & Young in Australia.
Penalties for non-compliance vary by jurisdiction. Although, in the majority of situations, authorities appear to be taking a benevolent approach, with frequent reminders and extensions for institutions that need further time to prepare a correct filing, there is nonetheless an arsenal of penalties at their disposal.
Things can go wrong
CRS presents many operational and compliance challenges; it impacts customers, requires vast amounts of data processing, and contains many technical and nuanced terms which are difficult to interpret. Mistakes occur when third parties or multiple teams across an organization are responsible for compliance. If a bank, for example, uncovers a significant backlog of customers that had been incorrectly reported, they will need to make a voluntary disclosure to the revenue authority, propose a remediation plan and then re-file the relevant data.
Likewise, when a key member of the team leaves the organization, knowledge can be lost and processes can break down. For example, a large private equity client failed to comply with some of its key obligations because they had assumed that their US headquarters would do it, while the headquarters was focusing only on the main fund and not the special purpose vehicles in another region. In a context where many fund houses have multiple fund administrators, it is easy for elements of the process to slip through the cracks, with the quality of reports varying according to the strength of the fund administrator. People given responsibility for key CRS compliance controls may not be sufficiently knowledgeable in CRS requirements, with key controls often falling to customer relations, front office or other operations teams. Operating model considerations are still high on the agenda, with many tax or compliance teams coming under pressure to “do more with less” and without the bandwidth to take a comprehensive overview of governance, data quality and overall compliance.
The steps that financial institutions can take to stay compliant are:
- Make sure that all entities are correctly classified and registered, and all in-scope products are identified.
- Review your governance and implement controls on a yearly basis. Check that all policies and procedures are clearly documented and be prepared to talk an inspector through your procedures if needed.
- Stay abreast of filing deadlines and updates to reporting requirements and schemas.
- Analyze and clean up your own data, ideally throughout the year but at a minimum before filing.
- Be prepared to respond speedily and comprehensively to surveys and other requests for information.
- Consider asking an independent external reviewer to assess your governance, your compliance and due diligence processes, and your data.
- If you spot an issue, engage with the tax authority early to agree on remediation and to mitigate penalties.