The Scope for Continuous Assurance In Tax Compliance Ray Butler, CISA ray.butler@hmce.gsi.gov.uk

The Scope for Continuous Assurance In Tax Compliance Agenda Potential Benefits / Pitfalls of continuous assurance for tax Exploring Theory / Issues NOT : Policy Statement Description of anything in “Real World” I’m going to discuss the potential uses, benefits and pitfalls of continuous assurance / reporting as it might be applied to monitor compliance with, Revenue authority rules, good practice in tax accounting and any individual conditions that are imposed on taxpayers under revenue law. This is an exploration of the theory and the legal, operational and marketing issues rather than a blueprint for or description of any specific implementation by a revenue authority. It takes as given that : ·        Commercial continuous assurance services and tools are available AND ·        Accounting software products are able to communicate effectively with those services and tools. The Scope for Continuous Assurance In Tax Compliance

The Goals of a Tax Authority Optimising Compliance Provide Services to assist compliance Ensuring fairness, equity and equality in the levying and collection of taxes. Optimising Compliance (including fostering voluntary compliance by taxpayers) Acting as a provider of Services in accordance with compliance goals Ensuring fairness, equity and equality in the levying and collection of taxes. Continuous Assurance techniques can contribute directly to the first two goals and support the last The Scope for Continuous Assurance In Tax Compliance

The Scope for Continuous Assurance In Tax Compliance Tax Assurance Scope Macro Level Returns on time / Liabilities Paid Micro Level - Transactions All Accurately Included ? Reported at Correct Time ? Belong to this business ? Correct Deductibility / Liability ? Tax returns are generally due at fixed points in time, and for most if not all taxes we know who should send them, and we notice if they haven’t paid us. At the transaction level, though, it’s a different story - liabilities of goods, complex rules on what can be deducted and what businesses may be supplied tax free place a considerable burden on the internal controls of businesses. These errors and queries can accumulate over time and, given that the span of control by revenue authorities can be very long, can quickly store up large amounts of unexpected liability for businesses. For example, an error in a VAT reporting program written by an end user was recently discovered to have caused a British company to underpay UK£22 Million (US$ 31 Million, €35 Million). Incorrect keying of tax amounts and even duplicate entries of purchases are also very common, as are liability errors and errors of propriety, etc in what can be claimed. By definition, taxpayers’ internal controls do not detect micro tax errors (if detected they would of course be corrected). The Scope for Continuous Assurance In Tax Compliance

Continuous assurance in Tax Checking Transactions for VAT Capturing Liability “on the Fly” Checking Customs Declarations From Manifests / Commercial Documentation Monitoring Duty-free Transactions Monitoring Payroll Transactions As a tax person, what would I – in broad terms – want to do with Continuous Assurance ? I’d want to know that transactions conformed to the rules and had been correctly keyed / processed. I might want to calculate a taxpayer’s liability on a rolling basis – It would enable us for example to determine liability more frequently than the current one – or three- month return for VAT in the UK – Maybe collecting a slice every time the liability got above a certain threshold, as some hotels do for long-stay guests. Assuming that they were standardised, I could calculate customs duties on imports from ship or aircraft manifests and commercial documentation rather than from separate systems or documentation I could monitor duty-free transactions – movements of goods between bonded warehouses or duty-free zones, or the use of components for re-export I could monitor payroll transactions for correctness and compliance with Pay as You Earn rules The Scope for Continuous Assurance In Tax Compliance

The Scope for Continuous Assurance In Tax Compliance Limitations Limited To Recorded Transactions Can’t Detect Unrecorded Income / Expenditure May Not Detect Posting to Wrong Accounts May Not Detect False Purchase Transactions May Not Give ANSWERS, Will Give QUESTIONS I would, however, have to recognise that continuous assurance is not a silver bullet to solve all my worries. There are serious limitations. The computer system doesn’t know what it doesn’t know. If a business failed to enter income (to hide it from the tax authorities) or expenditure (to hide the resulting value added from the authorities) Continuous assurance can’t tell me – Although it might give me some clues. If a transaction is posted to the wrong account, but otherwise complies with the rules, It probably can’t tell me about that. If a business falsifies purchases to reduce its profitability,and the transactions otherwise comply with the rules, it probably can’t tell me that either In brief, Continuous Assurance will certainly give me smart questions to ask, but may not give me all the answers. This is no different to other Computer-Assisted Audit tools. The Scope for Continuous Assurance In Tax Compliance

Benefits of Continuous Tax Assurance - Taxpayers Reduction in the Cost of Compliance With Tax Requirements. Facilitating Compliance Self-assessment Assurance on Mainstream Business Activities Peace of Mind Cash Flow Control OK, so why should any business want to participate in Continuous Assurance for their Taxes ? Firstly, automating all the necessary checking makes complying with tax requirements cheaper. It reduces both the likelihood and the cost of a tax audit. It will help businesses perform compliance self assessment, again, reducing the likelihood and the cost of a tax audit. If a tax Continuous Assurance service was properly configured and scoped, there would be great assurance about mainstream business activities and records, leading to… peace of mind for the business managers. If the tax liability was calculated on the fly, even if it was not paid more frequently than at present it would improve business’ control over their cash flows The Scope for Continuous Assurance In Tax Compliance

Benefits of Continuous Tax Assurance - Tax Authorities Reduction in Cost of Assurance Services Improvement in Level of Assurance Reduction in Errors – Improvement in Tax Yield Improved / Quicker Trend Analysis Cross-matching Transactions Improved Monitoring of Case-specific Conditions Running Liability Calculation The benefits to a tax authority from widespread use of continuous assurance would be immense. The running (maybe not the capital) cost of tax assurance could be materially reduced,.. but because of the automated 100% checking of records, the level of assurance would be greater. the tax yield would improve, not because of more tax but because the right tax was collected at the right time. - Taxpayers would fix mistakes before they got to the tax return. Knowledge is power - continuous assurance data could be turned into information and strategic and tactical decision making could be improved, Trends in business could be identified quickly, and tax authorities could become much quicker on their feet. It would, subject to privacy legislation, be possible to match sales from one businesses to the corresponding purchases, and ensure that they matched We could monitor compliance with conditions attached to time-to-pay and similar one-to-one agreements between taxpayers and tax authorities, and maintain a running liability calculation The Scope for Continuous Assurance In Tax Compliance

Risks involved - Taxpayers Privacy Over-Audit Trading Partner Resistance Any continuous auditing service handles potentially sensitive information. It has to address concerns about maintaining the privacy and security of this information – Not easy to do and not easy to convince the client that it has been done. Continuous Assurance for revenue purposes is no exception. Taxpayers may feel that tax authorities would use a Continuous Assurance facility to audit to a much finer level of detail compared “traditional” means – because we can rather than because we ought to. Rules must give no greater burden on business than “traditional audit”. Tests must be set to reflect materiality for the taxpayer involved. This would have to be reflected in tax authorities’ charters and agreements with taxpayers, and possibly audited. Finally, especially if there is a perception that tax authorities are matching purchases to sales, trading partners of businesses who participate in continuous assurance for tax may pressure them to withdraw. In certain countries, anything that threatens to improve the efficiency and effectiveness of the tax authorities is regarded with deep suspicion. The Scope for Continuous Assurance In Tax Compliance

Risks involved – Tax Authorities Over-reliance on recorded transactions Privacy / security vulnerability Legal Powers Privacy legislation Non-Repudiation / Authentication We have already mentioned the limitations of Continuous Assurance – Tax authorities must continue to assess the credibility of a business (for instance by comparing proprietors’ lifestyles to their declared income) and not simply depend on its records. Privacy too has already been mentioned – There is a real risk that a continuous tax auditing facility would be a magnet for hackers. Tax authorities’ legal powers may need to be revised to allow them to use Continuous assurance, and there could well be tensions between national and international privacy legislation and the need to police a country’s tax base. Finally, data used for continuous assurance will have to be authenticated to avoid claims of interference or forgery. The Scope for Continuous Assurance In Tax Compliance

How can Continuous Assurance for Taxes be Delivered ? Built Into Applications By Commercial Continuous Auditing Providers By Application Service Providers as part of their services By Revenue Authorities as part of their service to Business Continuous or semi continuous assurance On-demand data downloads Given that the risks identified are all satisfactorily managed, how can the service be delivered ? We could build the function into business software – But this would take a lot of maintenance of the rules bases by third parties, security of the rules would be an issue (taxpayers might be able to get at them) and the data transmitted to tax authorities would be limited. We could provide commercial Continuous Audit providers with the tax rules base – they could then add tax auditing to the other services. This would give a lower rules maintenance overhead, but depends on the existence and success of and co-operation from,continuous assurance providers in the marketplace. Similarly, Application Service Providers offering business applications might be enrolled – but the same issues apply. Revenue authorities could provide the service themselves BUT If we provided business as well as tax assurance this might “poison the well” for commercial services. Finally, tax authorities could simply ask for periodic data downloads from business’ systems, in an extension of the current practice. This is the least novel and radical possibility, and does not really fit the definition of Continuous Audit – However, it might be the “least worst “ option. The Scope for Continuous Assurance In Tax Compliance

Potential Vehicles for Data Transmission Common Elements Header – Identification & Control data Detail records Encryption / Signature Flat File Special XML schema XBRL GL etc However a tax authority gets data for continuous (or periodic) assurance, a number of common requirements must be met. The taxpayer must be identified, and control totals to detect corruption / interference in transit must be present. This header area could also provide information about specific tax practices at the taxpayer – whether they are a retailer, what accounting software they use, etc. Obviously, details of the transactions must be provided, And the whole must be signed and encrypted to deal with confidentiality, security and non-repudiation issues. Data could then be transmitted as a flat file – Avoiding the overhead of XML / XBRL tags, but requiring special programming, An XML or XBRL schema would fit the bill, especially if one of the schemas used in business met all the needs of a tax audit. This would in fact be the preferred solution, as simplifying tax practice by using industry standard material is always preferable – and more acceptable – than doing something specifically for tax.. The Scope for Continuous Assurance In Tax Compliance

Conclusions & Way Forward Issues to be addressed Acknowledge Limitations Resolve Legal Powers issues Resolve Privacy issues If Revenue Authorities provide CA Will this poison the well for commercial providers ? More than just a national issue… In five years…… Before a tax authority considers adopting Continuous Assurance, we have to recognize that while the technical issues are manageable, the cultural and legal ones may be less tractable. We would need to work with and around the limitations of the approach, be sure that we worked within our legal powers and privacy legislation, and consider whether our providing a continuous assurance service could ruin the market for commercial operators. Accounting Software providers will be reluctant to facilitate Continuous Assurance for tax unless data and audit requirements are consistent across national jurisdictions. For this reason, tax authorities would have to collaborate with each other and with taxpayer and business groups to a much greater extent than at present if they want to pursue continuous assurance successfully. Some halting first steps are being made – specifying tax validation / reporting rules in the UK, and with a standard data download in the Netherlands. Pure Continuous assurance will, in my personal view, be a holy grail for tax auditors for at least the next five years, although some of the other techniques and approaches I’ve discussed will be widespread well within that time. The Scope for Continuous Assurance In Tax Compliance

The Scope for Continuous Assurance In Tax Compliance Any Questions........ The Scope for Continuous Assurance In Tax Compliance