What does the spreading net mean for businesses?
The challenge for businesses is transforming their tax operating model to cope with the increasing reporting demands placed upon them – not only those financial institutions who are already chasing their tails to adapt their legacy processes and technologies to the ever-intensifying regimes, but also those organizations whose innovative, disruptive business models are driving them into the CTR net for the first time.
In this dynamic environment to stand still is to fall behind. It is essential that operating models evolve to keep pace with these changes because the cost of non-compliance is many fold. It involves tax risk, reputational risk, client risk and brand risk, to name but a few.
A case in point is the ongoing program of peer reviews currently being conducted in each geography by the OECD to ensure CRS compliance. Anish Benara, EY Asia-Pacific Financial Services Partner at Ernst & Young Tax Services Limited, explains that this review alone will lead to a dramatic intensification in CTR activity.
“These reviews include establishing whether jurisdictions are conducting audits of financial institutions, or if they have compliance monitoring programs in operation,” he explains. Penalties for non-compliance include fines and even jail terms for individuals found to be complicit in tax evasion. There is also a very real reputational risk for jurisdictions and organizations seen as being soft on tax evasion.
However, compliance needs to be finely balanced so that it does not negatively impact customer experience, says Benara, as this could also cause reputational damage, with customers looking elsewhere if data collection and form filling becomes too onerous. In a nutshell, customers want an easy onboarding experience . A customer onboarding experience that fails to deliver simplicity – even if a tax authority wants detail – will endanger customer experience from the outset.
How are non-financial organizations being impacted?
While most financial institutions are aware of their CTR obligations, other companies outside of financial services may find themselves in the CTR net without even realizing it. Such organizations often have a group structure with multiple entities, and one or more of those entities often end up fitting the broad definition of a financial institution, meaning it is subject to CTR regulation. Organizations with a group structure with multiple entities should not brush aside the possibility of having such financial institutions in their group, however small that entity may be.
Digital disruptor companies in sectors as diverse as ride-hailing services, video-sharing platforms and homestay brokers are already covered by FATCA if there is a US source income attached to a user transaction. However, James Guthrie, EY EMEIA CTORS Leader, says it is easy to imagine governments going one step further and creating CRS-style regulations to specifically target non-financial sector companies, if a significant uplift in tax compliance can be achieved.
“In practical terms, this could mean a homestay broker sharing its transaction data to ensure revenue from holiday homes is declared, or analyzing data from a ride-hailing service to ensure drivers are paying tax on all of their earnings,” he explains.
Legacy systems prove cumbersome to evolve
While digital services companies are typically unencumbered by legacy IT systems, most financial services companies are not so lucky. Generally speaking, financial institutions’ systems were built at a time when granular customer tax reporting simply wasn’t on the table. For these organizations the cost of in-house proprietary solutions has become increasingly uneconomical.
One approach used by financial institutions to overcome the limitations of their legacy systems is to pull together customer data and collate it in spreadsheets and databases. However, the increasing volume of data required by FATCA and CRS can make this process expensive, time-consuming and error-prone.
In contrast, market-leading CTR solutions address customer reporting as an end-to-end process, and tackle it using automated solutions reliant on technology. Building an automated end-to-end CTR governance model in-house is far from easy, however, with major challenges on three levels — people, processes and technology.
The “people” challenges include training, expertise and a very real skills gap. Part of the problem here is that the CTR landscape is constantly evolving as the US, OECD and other jurisdictions adjust their regulations to close newly discovered tax loopholes. To remain compliant in this fluid environment, companies must continually train their people and so that their knowledge is up to date.
This people challenge is also exacerbated by the fact that CRS and FATCA expertise is in short supply right across the industry, and the natural turnover of employees results in a loss of institutional knowledge, making it difficult for organizations to maintain high-quality CTR programs.
The process challenge is about implementation and visibility – while processes may exist on paper, great care should be taken to put them into action in a seamless fashion across the organization, and the Responsible Officer needs to have full visibility of the challenges encountered before he or she signs on the dotted line.
Meanwhile, the technology challenge centers on the fact that CTR compliance is primarily a data issue, and CTR data is all-pervasive. Data capture begins with onboarding and must continue the full length of the customer journey. This includes document collection and validation, monitoring for change of circumstance, withholding and reporting, and every stage in between.
Taking an organization-wide approach to CTR compliance
To achieve an effective, seamless, end-to-end flow of customer data between functions, organizations should have a technology solution that is flexible, scalable, and future-proofed, so it can overcome both internal silos and disconnected legacy systems and also cope with the ever-spreading CTR net.
Paul Ho, EY Asia-Pacific CTORS Leader, believes that teams must be interdependent if an organization is to overcome these challenges and achieve an end-to-end CTR model.
“There’s not a single function within an organization that isn’t impacted by customer tax reporting,” he explains. “HR is impacted because teams must be trained. IT is impacted because systems need to be built. Finance is involved because they provide financial information for the purpose of reporting. Compliance is key because they need to ensure there are robust controls. Last, but not least, operations is impacted because they need to ensure customers are correctly onboarded and their data collected accurately from the outset.”
But who owns responsibility for this complex end-to-end process? Most companies place Operations in charge, but some organizations give the responsibility to Compliance or Tax. Ultimately, however, everyone has a role to play. If one function fails to play its part, every stage in the process can fall like dominoes.
Large, complex organizations know the challenges associated with facilitating end-to-end data quality and CTR compliance better than most. A large multinational corporation can spend millions of dollars trying to build a company-wide CTR solution, but if that solution is siloed, different departments are likely to have contradictory data and that can cause real problems.
Justin O’Brien, EY Americas Tax Technology and Transformation CTORS Leader, says that FATCA and CRS demand that data points from different documents — for example tax reports and KYC forms — are aligned. “This involves different databases, using different technology, talking to each other — and that continues to be a major challenge for financial institutions,” he says.