Why tax technology is essential to tax risk management

6th November 2011

National tax authorities worldwide are looking for ways to administer their tax regimes more efficiently, driving down costs of collection while reducing scope for avoidance and evasion.  This quest is encouraging them to make greater use of risk assessment techniques in determining which taxpayers’ affairs they should audit, says Donald Drysdale, FSN contributing author.

Through the OECD and other forums, tax authorities are co-operating in the development of online tax audit methodology.  Technology is being used increasingly, not only by taxpayer businesses to maintain their accounting records, but also by tax authorities to access those records online and evaluate their reliability.  For Tax Directors, managing tax risk has come to the fore as a key strategic priority.  Ensuring their organisation is perceived as ‘low risk’ is important in many jurisdictions – since avoiding in-depth tax enquiries and having the information available to manage tax audits (which are routine in many jurisdictions) ought to minimise overall compliance costs. 

“As XBRL use increases,” says Iain Stewart, Head of Tax at Damco, “authorities will use it to profile taxpayers, selecting those most likely to produce tax yield from enquiries.  Understanding this and being able to respond proactively to any inquiry on departure from trend or industry average is key to managing tax risk, as was seen in the win by the taxpayer in the SNF case in Australia.” 

Each country imposes its own tax laws and compliance practices, so the procedures involved vary.  Tax authorities in a number of countries now employ risk assessment techniques, but the UK takes this a step further by imposing a personal liability for failure to maintain adequate tax accounting systems.  Within each of the largest UK companies, a Senior Accounting Officer (SAO) carries statutory responsibility for ensuring – and certifying – that appropriate tax accounting arrangements have been established and are maintained.  This is enforced by the sanction that the SAO can be held personally liable to financial penalties.  While these might be met in some cases by the company, the potential reputational damage to the company and the individual should be sufficient to make the sanction effective.  Reputational damage is a tool used increasingly by tax authorities, and tax fines and penalties are published in some countries. 

Typically, in-house finance and tax departments rely heavily on technology in many of their tax reporting and tax compliance activities.  The quality of the systems they use is crucial in determining whether suitable internal controls are imposed and audit trails created.  These are necessary to demonstrate to both SAO and HMRC that appropriate tax accounting arrangements are in place.

Tax affairs of the largest UK businesses are handled by HMRC’s Large Business Service, where a Customer Relationship Manager (CRM) looks after each one.  The CRM is responsible for the preparation, management and sharing of a ‘business risk review’ with the taxpayer business.  An objective of this is to work with the business to ensure that its governance and systems minimise tax risk and that the tax compliance relationship can be regarded as ‘low risk’ and managed as such.  A low risk rating reduces the need for interventions by HMRC, but might suggest that the company is not doing enough to control its tax costs. 

Paul Morton, Head of Group Tax at Reed Elsevier Group plc, explains:  “There is some debate among companies whether ‘low risk’ is an ideal status or whether ‘non-low risk but respected taxpayer’ might not be better.  The latter might be applied to a company with a very open and professional relationship but which had executed some fully disclosed planning.”

The choice of technology systems used for tax compliance – and indeed for tax planning – can have a fundamental impact on the tax authority’s view of tax risk within the taxpayer organisation.  The CRM’s business risk review generally looks at the financial systems in place throughout the organisation and at related tax reporting and compliance systems, and seeks to identify any perceived weaknesses.  Iain Stewart forecasts that, increasingly, CRMs will give credit to companies which automate their data collection systems.  This allows HMRC to audit the systems and assess whether or not the output can be relied upon. 

HMRC’s business risk review should concentrate on the adequacy of internal controls.  It will expect audit trails supporting the numbers that are relevant for tax.  Where internal controls or audit trails are inadequate, the CRM should work with the business to seek improvements in systems and procedures that will make good the deficiencies.  For example, some CRMs will raise concerns about the use of spreadsheets in situations where other software applications could provide more effective internal controls. 

The UK’s mandatory iXBRL-based corporation tax online filing, fundamental to HMRC’s strategy, is designed to facilitate the automated assessment of tax risk.  In the past the tax authority used a blend of taxpayer data and local knowledge to compare the results reported by businesses in similar circumstances and to detect unexpected variances that warranted investigation.  Now, with fewer staff and more centralised operations, they try to achieve the same effect by analysing the iXBRL-enabled taxpayer data from the whole country. 

“Low risk doesn’t necessarily reduce the call on tax authority resources,” says Jim Robertson, Vice President Tax East at Shell International, “because such customers are usually given more help, but the type of resource will be different from the high-powered investigative type reserved for high risk taxpayers.” 

In theory, effective risk assessment by the tax authority means that its enforcement efforts are directed more accurately at businesses where irregularities are most likely to arise, leaving tax compliant businesses relatively undisturbed.  In the UK it remains to be seen whether HMRC is achieving this successfully, or whether (as some believe) the computerised analysis may prove a poor substitute for human-based local knowledge and judgement. 

Most large businesses engage in tax planning – some more actively than others – seeing tax as a cost that should be managed and minimised.  Tax authorities have different attitudes, and some have sought to blur the dividing line between legal tax avoidance and illegal tax evasion.  In the UK, for example, HMRC have clouded this issue further by talking of ‘acceptable’ and ‘unacceptable’ tax avoidance. 

The attitude of a business to tax planning can impact on the way it is risk assessed by the tax authority.  Businesses that indulge in controversial or questionable schemes to reduce their exposure to tax can expect to be regarded as high risk, with the result that subsequent monitoring by the tax authority is likely to be more active.  Typically such a business will take great care to ensure that it has complete documentation of each relevant transaction, including emails. 

Collecting all email traffic in a dedicated mailbox or intranet site together with the documentation for a transaction or structure allows the material to be reviewed and burned to disc.  Having this available in the form of a contemporaneous record should save enormous cost for the taxpayer and assist in efficient settlement in the event of dispute on the effectiveness of the planning undertaken. 

Whether businesses outsource their tax reporting or tax compliance work or decide to perform these functions in-house, their responsibilities and therefore their exposure to risk remain the same.  Some businesses outsource their tax reporting or tax compliance work in the mistaken belief that this reduces their responsibilities and therefore their exposure to risk.  This is not so – indeed, the reverse will often be true, since their risks may be greater if they fail to have appropriate systems in place to check that the outsourced work meets all relevant regulatory and legal requirements. 

Lesley Greenlees, Head of Tax at Aggreko, echoes this concern.  “If you outsource work,” she urges, “check, double check and then check again.” 

Paul Morton suggests also that it can be beneficial for those involved in tax planning to have some responsibility for the routine compliance work to enhance their understanding of all aspects of tax within the organisation.

At this time of economic turmoil, tax authorities are trying hard to increase their national revenues by reducing tax avoidance and evasion.  Against this background, there is widespread agreement among Tax Directors that technology has a vital role to play in helping them manage the complex risks involved in complying with a multiplicity of tax regimes, and choosing the right IT solution can be crucial.  At the same time, the tax authorities are employing their own IT-based risk assessment techniques in an attempt to focus their enquiries where they will reap most benefit in terms of tax collected.