9 minute read 11 Jun 2021
fisherman in traditional rowboat

How businesses are responding to the wider customer tax reporting net

By Ian Bradley

Partner, Financial Services, Business Tax Consulting, Ernst & Young LLP; EY Global Director of Customer Tax Operations and Reporting Services (CTORS)

Helping our clients transform their businesses. Passionate about inspirational leadership, continuous learning, and living the best life.

9 minute read 11 Jun 2021

Organizations need to transform their people, processes and technology to meet fast-changing obligations and mitigate risk.

In brief
  • Organizations are under increased pressure to share customers’ information with tax authorities to close the tax gap and make tax collection more effective.
  • While financial services companies struggle to evolve their existing processes fast enough, other organizations are falling into the CTR net for the first time.
  • Organizations that fall under the tightening reporting regulations must take steps so that they have a robust and future-proofed end-to-end process in place.

The customer tax reporting (CTR) net – which obliges organizations that make customer payments to collect and share customer information with tax authorities and often withhold tax – is spreading wider, and becoming more complex. This net is also starting to encompass many non-financial sector companies for the first time, including those from the digital economy. This proliferation of CTR requirements is unlikely to slow any time soon, so it is important that organizations understand why this is happening and the steps they should take to thrive in this dynamic environment.

There are two fundamental reasons for CTR growth. The first is demand side; CTR is increasingly being used by tax authorities to help bridge the tax gap – to raise taxes without raising the tax rate. Just like the aftermath of the global financial crisis (GFC), governments burdened with COVID-19 related debt have an even greater incentive to plug gaps in their tax-collecting capabilities.

Many of the regimes that compel financial institutions to share their customers’ information with tax authorities at home and overseas were established post-GFC. These include the US’s Foreign Account Tax Compliance Act (FATCA), the OECD-approved Common Reporting Standard (CRS) and the digital information sharing system known as Automatic Exchange of Information (AEOI).

The second reason for the growth of CTR can be found supply side; technological advances make big data gathering, analysis and transfer easier and cheaper. The art of the possible has changed dramatically, and tax authorities are starting to use the new digital tools at their disposal.

Tax authorities in more than 100 jurisdictions are now using CTR to drive the transparency agenda. Increasingly the net is extending beyond financial services – for example the UK’s Non-Resident Landlord Scheme and the EU’s DAC7 tax transparency rules for digital platforms. Likewise, CTR isn’t just expanding into existing data pools or platforms, it is evolving to capture new entrant asset classes for example with proposals to extend CRS to cover crypto-currencies.

What does the spreading net mean for businesses?

The challenge for businesses is transforming their tax operating model to cope with the increasing reporting demands placed upon them – not only those financial institutions who are already chasing their tails to adapt their legacy processes and technologies to the ever-intensifying regimes, but also those organizations whose innovative, disruptive business models are driving them into the CTR net for the first time.

In this dynamic environment to stand still is to fall behind. It is essential that operating models evolve to keep pace with these changes because the cost of non-compliance is many fold. It involves tax risk, reputational risk, client risk and brand risk, to name but a few.

A case in point is the ongoing program of peer reviews currently being conducted in each geography by the OECD to ensure CRS compliance. Anish Benara, EY Asia-Pacific Financial Services Partner at Ernst & Young Tax Services Limited, explains that this review alone will lead to a dramatic intensification in CTR activity.

“These reviews include establishing whether jurisdictions are conducting audits of financial institutions, or if they have compliance monitoring programs in operation,” he explains. Penalties for non-compliance include fines and even jail terms for individuals found to be complicit in tax evasion. There is also a very real reputational risk for jurisdictions and organizations seen as being soft on tax evasion.

However, compliance needs to be finely balanced so that it does not negatively impact customer experience, says Benara, as this could also cause reputational damage, with customers looking elsewhere if data collection and form filling becomes too onerous. In a nutshell, customers want an easy onboarding experience . A customer onboarding experience that fails to deliver simplicity – even if a tax authority wants detail – will endanger customer experience from the outset.

How are non-financial organizations being impacted?

While most financial institutions are aware of their CTR obligations, other companies outside of financial services may find themselves in the CTR net without even realizing it. Such organizations often have a group structure with multiple entities, and one or more of those entities often end up fitting the broad definition of a financial institution, meaning it is subject to CTR regulation. Organizations with a group structure with multiple entities should not brush aside the possibility of having such financial institutions in their group, however small that entity may be.

Digital disruptor companies in sectors as diverse as ride-hailing services, video-sharing platforms and homestay brokers are already covered by FATCA if there is a US source income attached to a user transaction. However, James Guthrie, EY EMEIA CTORS Leader, says it is easy to imagine governments going one step further and creating CRS-style regulations to specifically target non-financial sector companies, if a significant uplift in tax compliance can be achieved.

“In practical terms, this could mean a homestay broker sharing its transaction data to ensure revenue from holiday homes is declared, or analyzing data from a ride-hailing service to ensure drivers are paying tax on all of their earnings,” he explains.

Legacy systems prove cumbersome to evolve

While digital services companies are typically unencumbered by legacy IT systems, most financial services companies are not so lucky. Generally speaking, financial institutions’ systems were built at a time when granular customer tax reporting simply wasn’t on the table. For these organizations the cost of in-house proprietary solutions has become increasingly uneconomical.

One approach used by financial institutions to overcome the limitations of their legacy systems is to pull together customer data and collate it in spreadsheets and databases. However, the increasing volume of data required by FATCA and CRS can make this process expensive, time-consuming and error-prone.

In contrast, market-leading CTR solutions address customer reporting as an end-to-end process, and tackle it using automated solutions reliant on technology. Building an automated end-to-end CTR governance model in-house is far from easy, however, with major challenges on three levels — people, processes and technology.

The “people” challenges include training, expertise and a very real skills gap. Part of the problem here is that the CTR landscape is constantly evolving as the US, OECD and other jurisdictions adjust their regulations to close newly discovered tax loopholes. To remain compliant in this fluid environment, companies must continually train their people and so that their knowledge is up to date.

This people challenge is also exacerbated by the fact that CRS and FATCA expertise is in short supply right across the industry, and the natural turnover of employees results in a loss of institutional knowledge, making it difficult for organizations to maintain high-quality CTR programs.

The process challenge is about implementation and visibility – while processes may exist on paper, great care should be taken to put them into action in a seamless fashion across the organization, and the Responsible Officer needs to have full visibility of the challenges encountered before he or she signs on the dotted line.

Meanwhile, the technology challenge centers on the fact that CTR compliance is primarily a data issue, and CTR data is all-pervasive. Data capture begins with onboarding and must continue the full length of the customer journey. This includes document collection and validation, monitoring for change of circumstance, withholding and reporting, and every stage in between.

Taking an organization-wide approach to CTR compliance

To achieve an effective, seamless, end-to-end flow of customer data between functions, organizations should have a technology solution that is flexible, scalable, and future-proofed, so it can overcome both internal silos and disconnected legacy systems and also cope with the ever-spreading CTR net.

Paul Ho, EY Asia-Pacific CTORS Leader, believes that teams must be interdependent if an organization is to overcome these challenges and achieve an end-to-end CTR model.

“There’s not a single function within an organization that isn’t impacted by customer tax reporting,” he explains. “HR is impacted because teams must be trained. IT is impacted because systems need to be built. Finance is involved because they provide financial information for the purpose of reporting. Compliance is key because they need to ensure there are robust controls. Last, but not least, operations is impacted because they need to ensure customers are correctly onboarded and their data collected accurately from the outset.”

But who owns responsibility for this complex end-to-end process? Most companies place Operations in charge, but some organizations give the responsibility to Compliance or Tax. Ultimately, however, everyone has a role to play. If one function fails to play its part, every stage in the process can fall like dominoes.

Large, complex organizations know the challenges associated with facilitating end-to-end data quality and CTR compliance better than most. A large multinational corporation can spend millions of dollars trying to build a company-wide CTR solution, but if that solution is siloed, different departments are likely to have contradictory data and that can cause real problems.

Justin O’Brien, EY Americas Tax Technology and Transformation CTORS Leader, says that FATCA and CRS demand that data points from different documents — for example tax reports and KYC forms — are aligned. “This involves different databases, using different technology, talking to each other — and that continues to be a major challenge for financial institutions,” he says.

A flexible adviser can reduce the pain points

When problems arise it is still common for companies to hire large numbers of staff to manually review and fix data. A more effective approach, however, is to dissect this data, find exceptions, and automate solutions. Only when the remaining exceptions can’t be automated should businesses move to a manual solution.

There is a real appetite among some organizations to address CTR pain points in this way. They may be happy with their in-house talent and processes, but they also want to increase speed and accuracy.

Some organizations achieve this by cherry-picking specific processes and streamlining them using third-party solutions– for example automating form validation. Other organizations start by automating/ outsourcing one business unit, with a view to expanding to other units in future. While other organizations are looking to outsource the entire end-to-end CTR process as a managed service — from onboarding to reporting — using external tools, processes and people. All of these organizations, however, appreciate the benefits of joining forces with an international adviser that can manage the CTR process globally. 

This kind of outsourcing can reduce risk and limit customer disruption, while economies of scale and an abundance of expertise mean compliance can be achieved faster, more accurately and in a more cost-effective manner. Market-leading solutions also give managers and responsible officers the process and data oversight they are required to have by law.


While there is no need to panic, organizations that find themselves covered by the growing CTR net should closely consider whether their operating model is fit for purpose and futureproofed.

Failure to explore the cost-saving opportunities of collaborating with an external provider, which offers a suite of solutions, could lead to compliance functions becoming more expensive and increasingly less agile.

Handled correctly, however, organizations can not only achieve compliance and survive the proliferation of customer CTR demands, they can transform the  challenge into an opportunity to thrive by delivering market-leading customer experience that differentiates them from their competitors.


CTR requirements are growing as tax authorities look to bridge the tax gap and the “digital art of the possible” has increased. Tax authorities across the globe have powerful new data tools at their disposal, and the need to balance the books post-pandemic is a compelling reason to use them. In this fast-evolving environment, it’s critical that all organizations, including non-financial sector digital disruptors, that fall under the CTR net can access future-proofed solutions that manage the increased demand, and ensure compliance is complete, accurate and cost-effective.

About this article

By Ian Bradley

Partner, Financial Services, Business Tax Consulting, Ernst & Young LLP; EY Global Director of Customer Tax Operations and Reporting Services (CTORS)

Helping our clients transform their businesses. Passionate about inspirational leadership, continuous learning, and living the best life.