Data Collaboration between Tax Authorities and Banks

Part
01
of one
Part
01

Data Collaboration between Tax Authorities and Banks

Key Takeaways

  • The Common Reporting Standard (CRS) allows the ATO to gain access to foreign bank information. The CRS impacts data collaboration between the ATO and banks internationally by providing specific requirements and mandates that should be followed. It was implemented by Australia and other OECD countries
  • The UK General Data Protection Regulation (UK GDPR) ensures that everyone using personal data follows strict rules (data protection principles). They have to ensure that the information is used transparently, lawfully, and fairly.
  • Through Currency Transaction Reports (CTRs), banks are mandated by federal law to report currency transactions of over $10,000 conducted in a single day to the IRS.

Introduction

Case studies for the UK Tax Authority (HMRC), the U.S. Tax Authority (IRS), and the Australian Tax Authority (ATO) concerning their data collaboration with banks have been provided below. Each case study details how the collaboration is established, the information that is shared between the Tax Authorities and the banks, the purpose of the collaboration, and how often the Tax Authority receives the data. Next, three laws/regulations for each of the countries (Australia, the UK, and the U.S.) that govern Tax Authorities' data collaboration with banks locally and internationally have been provided. Finally, two best practices for Tax Authorities' data collaboration have been provided.
An editable Google document has also been created with links to all the data sources that have been used in the research (as requested).

Case Studies for Tax Authorities' Data Collaboration with Banks

1. The US Tax Authority (Internal Revenue Service)

i) How the Collaboration is Established

There are several ways through which the IRS is able to get data and information from banks.
  • First, through Currency Transaction Reports (CTRs), banks are mandated by federal law to report currency transactions of over $10,000 conducted in a single day.
  • The IRS can then use "CTR information to identify cash activity that is not accurately reported on income tax returns." Bank deposits can also be used by the IRS to analyze potential taxable income.
  • Because of information statements such as Form W-2 and Form 1099 under citizens' Social Security Numbers, the IRS can access financial accounts because:
    • When one receives over 10% interest in the bank during the year, the bank is mandated to report this interest to the IRS using Form 1099-INT.
    • For those that get paid through merchant accounts like VISA or PayPal, with enough transactions, the IRS can see the amounts of these transactions on Form 1099-K.
  • In case of a revenue audit or back tax issue, the IRS revenue officer can request bank account information by summoning it directly from the bank. However, the IRS needs to prove that the summon is for a legitimate reason and that the information is relevant.
  • Banks are also required to report unusual or suspicious activity among depositors by filing a Suspicious Activity Report and the IRS can then access the account information.

ii) The purpose of the Collaboration

iii) The Information that is Shared

iv)How Often the IRS Receives the Data

  • There is no set or specific period for data sharing. The information is shared when the IRS determines that it is reasonably required. For instances like the Credit Transaction Report, banks share the data with IRS when they deem financial transactions suspicious.

2. The UK Tax Authority (HMRC)

i) How the Collaboration is Established

  • Her Majesty's Revenue and Customs (HMRC) has the power to obtain relevant information from third parties such as banks to check whether they are paying the correct amount on Capital Gains Tax, income tax, VAT, and Corporation Tax.
  • This information is obtained after HMRC issues a third-party notice.
  • However, HMRC cannot issue a third-party notice without the tax tribunal's or taxpayer's approval. Also, it has to prove that the information is reasonably required.
  • For data that is collected for exchange with tax authorities of other countries, the collaboration is established through the automatic exchange of information which is the "exchange of information between countries without having to request it." Through these agreements, HMRC is allowed to collect data from banks to share with other countries.

ii)The purpose of the Collaboration

Data collected through Automatic Exchange of Information Agreements:
  • Automatic Exchange of Information agreements that are made between the UK and other countries allow for the exchange of information between multiple countries. This helps identify information surrounding financial investments and accounts to tackle and deter non-compliance such as tax evasion.
  • Also, they allow for the exchange of information surrounding specific hallmarks that can be used to evade or avoid tax.
Data collected for use within the country:

iii) The Information that is Shared

iv) How Often the HMRC Receives the Data

  • For collaboration that is done under the Automatic Exchange of Information Agreements between the UK and other countries:
    • Data from UK banks is collected annually by 31st May and "information on reportable arrangements is provided to HMRC on an ongoing basis."
  • Data collected for use internally is received when HMRC determines that the information is reasonably required.

International Banks

  • Data pertaining to UK tax residents from international banks is collected through the relevant tax authority in the other country.

3. The Australian Tax Authority (Australian Tax Office)

i) How the Collaboration is Established

  • The ATO has strong legal powers to access personal bank information. These powers allow it to get Australian bank statements directly from the bank.
  • Organizations like banks have a legal obligation to report information to the ATO. This means that the collaboration is through legislated data collection.

ii) The purpose of the Collaboration

  • The ATO collects personal information from third parties like banks to make sure that the information provided by taxpayers is accurate.
  • Collecting information from banks helps with identifying those that are not complying with their taxation obligations.
  • The data is used for data matching whereby it is validated and matched against the ATO's information to identify "where people and businesses may not be reporting all their income."
  • If required, the ATO can access bank records to audit tax affairs.

iii) The Information that is Shared

iv) How Often the ATO Receive the Data

  • Data collected for use internally is received when HMRC determines that the information is reasonably required

Regulations/laws Governing Data Collaboration between the Tax Authorities and Banks Internationally

The regulations/laws that govern data collaboration between tax authorities and banks internationally have been provided below. It is worth noting that laws/regulations like the Common Reporting Standard (CRS), the Standard for Automatic Exchange of Financial Account Information, the Model Competent Authority Agreement, Double Taxation Agreements, and the Foreign Account Tax Compliance Act (FATCA) are international, and therefore, apply to all three countries. However, to avoid an overlap of information, we did not duplicate any law/regulation for any of the countries.

Australia

1. The Common Reporting Standard

Instances that It has Been Applied

2. Standard for Automatic Exchange of Financial Account Information

  • The Standard for Automatic Exchange of Financial Account Information is an international consensus developed by the OECD with G20 countries, containing the international consensus on the "automatic exchange of financial account information for tax purposes, on a reciprocal basis"
  • Australia is part of the over 60 jurisdictions that have committed to the standard and the ATO relies on the standard's regulations when obtaining data/establishing data collaborations with banks in foreign jurisdictions.
  • The standard, therefore, impacts data collaboration between the ATO and banks internationally by ensuring that as the world becomes increasingly globalized, it is easy for all taxpayers to manage investments through banks outside Australia.
  • However, the focus is on ensuring that the vast amounts of money that are kept offshore do not go untaxed, meaning that the taxpayers fail to comply with the tax obligations in their jurisdictions.
  • Through the exchange of information financial standards, data collaboration is impacted.

Instances that it Has Been Applied

  • In March 2015, Australia was the "first jurisdiction to sign a joint declaration with Switzerland to exchange data based on the Standard for Automatic Exchange of Financial Account Information.
  • In 2020, Taiwan's Ministry of Finance completed its "first provision to and received from" Australia financial data concerning 2019.

3. Model Competent Authority Agreement

  • The Model Competent Authority Agreement (CAA) links the Common Reporting Standard (CRS) and the legal basis for the exchange of data between the ATO and foreign banks.
  • The legal basis could be a bilateral tax treaty or the Convention.
  • The Model CAA consists of clauses that provide modalities for the exchanges to make sure that the flow of information is appropriate. This impacts data collaboration between the ATO and international banks.
  • The clauses contain "representations on confidentiality, safeguards, and the necessary infrastructure for establishing and maintaining an effective exchange relationship."
  • There is also a section that deals with the type of information that should be exchanged, the manner and time of the exchange, and the data and confidentiality safeguards that should be respected.

Instances that it Has Been Applied

The UK

1. Requirement to Correct (RTC)

  • The RTC legal requirement creates an obligation for those with "undeclared UK tax liabilities that involve offshore matters to disclose the relevant information surrounding this non-compliance to HMRC.
  • For careless and innocent mistakes, the assessment deadline is April 5, 2026.
  • This requirement relates to liabilities to Inheritance Tax, Income Tax, and Capital Gains that involve offshore matters or transfers.
  • This means that any UK taxpayer with an overseas bank account should declare this income to HMRC, indicating that this has an impact on data collaboration with banks internationally. When citizens disclose account details such as deposits, transfers, and account balances to HMRC, it directly impacts the data collaboration.

Instances that it Has Been Applied

  • In 2018, before the Common Reporting Standard was introduced among OECD countries, a requirement to correct deadline was introduced whereby for anyone that had offshore affairs, the deadline allowed them to correct non-compliance voluntarily.
  • The RTC requirement is still being enforced by HMRC with ongoing assessments.

2. Double Taxation Agreements (DTA)

  • Double Taxation Agreements are treaties between countries to avoid international double taxation of income.
  • The primary purposes of DTAs are to divide the taxation rights between the countries in the contracts, avoid differences, and prevent tax evasion.
  • Individuals with permanent residence and tax liability in either of the contracting countries are entitled to reductions or exemptions from taxation of income based on the provisions of the agreements. Without these agreements, the income would be subject to double taxation.
  • Such agreements require that the governments (in this case, the UK and the other government in the contract) obtain information on the income through bank accounts to determine that there is a need to prevent double taxation. Anyone applying for reduction or exemption has to provide supporting details like the foreign income.

Instances it Has Been Applied

  • The UK has concluded a DTA with the U.S. and "companies can apply for relief at source from UK Income Tax under the United Kingdom/United States Double Taxation Convention (SI 2002 Number 2848)."
  • The UK has concluded a DTA with Japan and "companies can apply for relief at source from UK Income Tax under the United Kingdom/Japan Double Taxation Convention (SI 2002 Number 2848)."

3. Tax Information Exchange Agreements (TIEAs)

  • Under such agreements, the UK requires the other parties to provide information related to taxation such as foreign bank accounts so long as this is not conflicting with the domestic laws.

Instances where it Has Been Applied

  • The UK has signed several bilateral TIEAs based on the Organization for Economic Co-operation and Development (OECD) Model on the exchange of information on tax matters.

The U.S.

1. Foreign Account Tax Compliance Act (FATCA)

Instances that it has Been Applied

  • In 2014, the U.S. government entered into an agreement with the Australian government to implement FATCA and improve international tax compliance.
  • The Intergovernmental Agreement between the U.S. and the UK for the implementation of FACTA was signed in September 2012.

2. Hiring Incentives to Restore Employment Act (HIRE Act)

Instances that it Has Been Applied

3. Report of Foreign Bank and Financial Accounts (FBAR) through the Bank Secrecy Act (BSA)

  • Each year, individuals are mandated to file a Report of Foreign Bank and Financial Accounts (FBAR).
  • This applies to foreign accounts such as bank accounts. Any account in a bank located outside the U.S. is deemed a foreign financial account even though there are FBAR exceptions for some accounts such as those that are maintained on a U.S. military banking facility and others.
  • Any U.S. person (citizen, corporation, resident, partnership, trust, or estate) must file an FBAR to report a financial interest/signature/other authority over a bank account located outside the U.S. if:
    • The value of the foreign bank account exceeds $10,000 at any time during the calendar year.
  • This reporting of foreign bank accounts indicates data collaboration with banks internationally and the rules provided by the IRS, BSA, and FBAR impact this data collaboration.
  • Data and information that is shared in the FBAR include:
  • The IRS is directly involved and can access these bank details. Also, those that are exempted from e-filing mail their paper FBAR form to an IRS address.

Instances that it Has Been Applied

  • 1,163,229 Reports of Foreign Bank and Financial Accounts (FBARs) were filed in 2015.
  • By 2016, FBAR filings had grown average by 17% per annum during the previous five years.

Regulations/Laws for Data Collaboration between the Tax Authorities and Banks Locally

The regulations/laws that govern data collaboration between tax authorities and banks locally (within the countries) have been provided below.

Australia

Two regulations provided by the Australian Transaction Reports and Analysis Centre (reporting of suspicious cash transactions and reporting of cash transactions over $10,000) have been provided below as they impact the data collaboration of the ATO with banks locally.

1. Australian Transaction Reports and Analysis Centre (AUSTRAC)- Reporting of Suspicious Cash Transactions

  • The Australian Transaction Reports and Analysis Centre is a government agency that monitors "financial transactions to identify money laundering, organized crime, tax evasion, welfare fraud, and terrorism."
  • According to AUSTRAC'S regulations, banks should report suspicious transactions to the authority.
  • For example, when an individual makes suspicious cash deposits that can be deemed to be for tax evasion or other crimes, the bank has to report the suspicions and transactions to AUSTRAC within three days.
  • This regulation directly impacts the data collaboration between the ATO and banks since through the AUSTRAC, banks are obligated to share information surrounding suspicious cash deposits to the ATO.

Instances that it has Been Applied

  • AUSTRAC provides case studies of how reporting suspicious cash transactions has helped with tax issues in collaboration with the ATO.
  • In one example, a suspicious matter report (SMR) submitted by a bank triggered an investigation into an individual that has deposited more than "A$1 million in cash and a personal cheque for A$570,000 into his term deposit account." The investigation revealed that the offender was attempting to avoid transaction reporting requirements and evade tax.
  • Other instances in the case studies are about various situations whereby bank employees were suspicious of their customers' cash transactions and reported this to AUSTRAC.

2. Australian Transaction Reports and Analysis Centre (AUSTRAC)- Reporting of Cash Transactions of Over $10,000

Instances that it has been Applied

  • AUSTRAC, in collaboration with the ATO, investigated a suspect who had been evading tax for approximately nine years, with an unpaid tax bill of over A$2 million. The individual was structuring cash withdrawal from his bank accounts to evade the $10,000 threshold. He made "20 cash withdrawals that were just below the A$10,000 threshold from two bank accounts within 30 days." The suspect was found guilty after reports were filed by the banks and he was sentenced to five months in jail.
  • A drug syndicate was found guilty of different crimes, including tax evasion after "two threshold transaction reports (TTRs) submitted to AUSTRAC" alerted law enforcement about the syndicate's financial activity. This is because members of the syndicate were making cash deposits that were just below the $10,000 threshold into their accounts.

3. Data-matching Program (Assistance and Tax) Act

Instances that it has been Applied

  • Through the pre-filing service that is attached to the data matching program, taxpayers access bank data and other data to review their tax returns and avoid follow-up activities.
  • When a person makes an error due to poor record-keeping, the data matching program is used to combine bank and other data to correct tax returns.

The UK

1. Commissioners for Revenue and Customs Act 2005

Instances where it Has Been Applied

2. UK General Data Protection Regulation (UK GDPR)

  • The UK General Data Protection Regulation (UK GDPR) ensures that everyone using personal data follows strict rules (data protection principles). They have to ensure that the information is used transparently, lawfully, and fairly.
  • HMRC is not exempt from this regulation and when collecting personal data about people from banks, it complies with the UK GDPR.
  • This impacts data sharing with banks since this has to be done in accordance with the Act.
Some provisions that impact data collaboration with banks include:

Instances that it Has Been Applied

  • Both HMRC and Companies House (CH) collect accounts from businesses annually. These accounts contain key bank account information about companies. Some companies take advantage of this to file different accounts for the two organizations. By inflating accounts at CH and lowering figures at HMRC, they reduce their tax liabilities. The UK GDPR, in a way, aided them because HMRC could not share the companies' accounts with CH for comparison purposes.
  • However, after the Digital Economy Act was introduced, HMRC can now disclose some company account information to CH even though this is still regulated by the UK DGPR. This helps identify fraudulent activity and false account filing.

3. The Data Protection Act (DPA) 2018

  • The Data Protection Act (DPA) of 2018 ensures that everyone using personal data follows strict rules (data protection principles). They have to ensure that the information is used transparently, lawfully, and fairly.
  • HMRC is governed by this Act when sharing information with banks.
  • This, therefore, impacts data collaboration between the HMRC and banks.
  • Data protection laws state that any personal information that is collected from banks:
    • Must be used fairly, lawfully, and in a transparent way.
    • Should be collected only for valid reasons that are clearly explained to the user and not leveraged in a way that is not compatible with those purposes.
    • Needs to be relevant, adequate, and limited to only what is necessary based on the purposes for which it is processed.
    • Should be kept in a form that only identifies the user for as long as necessary based on the identified purposes.
    • Must be kept securely.

Instances that it Has Been Applied

  • The Data Protection Act has guided HMRC during investigations into individuals and companies by ensuring that their privacy is upheld. For example, whenever HMRC is sharing data collected from banks, it ensures that all the provisions of the Act are followed.

The U.S.

1. The Bank Secrecy Act (BSA)

  • The Bank Secrecy Act is also known as the Currency and Foreign Transactions Reporting Act.
  • This is a U.S. legislation that was enacted in 1970.
  • By preventing financial institutions from being leveraged as tools by criminals to launder or hide money, it impacts data collaboration between the IRS and banks locally.
  • U.S. banks are required to file reports of transactions greater than $10,000 (the daily aggregate amount) and report suspicious activity that could signify tax evasion, money laundering, and other criminal activity.
  • This is done by filing a Currency Transaction Report (CTR). Once such as report is filed, the IRS can access it for investigation (tax-related).
  • This is in line with the general rule by the IRS that any person in a business or trade should file Form 8300 when they receive more than $10,000 in cash from a buyer.

Instances that it has Been Applied

  • According to the FDIC, since the FBAR was introduced, it has helped uncover money laundering and criminal activities that had previously gone undetected. With the reporting of suspicious transactions, the IRS is able to follow up.

2. Privacy Act of 1974

  • The Privacy Act impacts data collaboration between the IRS and banks through the matching provisions.
  • The Act states that any data matches that are performed by a government agency as its principal function in relation to the enforcement of criminal laws are subject to its provisions.
  • This means that any "civil law enforcement investigation" of a person done by the IRS for the purpose of gathering evidence against them that leverages bank account information has to abide by the Privacy Act.
  • For example, the IRS cannot disclose bank records obtained during the investigation to any person or other agency without written consent of the individual to whom the information belongs.
  • There are, however, exceptions such as if the disclosure is:
    • To a recipient who provides the agency with written assurance that the record will be used for statistical research.
    • To the Census Bureau for planning or survey purposes.

Instances where it Has Been Applied

3. Consumer Financial Protection Act of 2010

  • The Consumer Financial Protection (CFA) Act has rules and regulations surrounding the way banks should deal with their customers' information.
  • Essentially, it contains provisions that mandate banks to protect consumer's data.
  • This directly affects any instances of data collaboration with the IRS since banks have to consider the provisions in the Consumer Financial Protection Act before sharing any data.

Instances where it Has Been Applied

  • While there are not specific available instances for the application of the CFA, it has been instrumental for the protection of consumers since it was enacted.

Best Practices for Tax Authorities' Data Collaboration with Banks

BP#1: Ensuring that there is a Clear Legal Basis for the Collaboration

  • For tax authorities to gain the full benefits of data sharing and collaboration with banks, they have to follow the existing legal framework. On the other hand, banks have to follow the legislation for them when sharing this data with tax authorities.
  • The established legal frameworks such as the Common Reporting Standard and the Foreign Account Tax Compliance Act have been developed to guide any practices surrounding data sharing.
  • These frameworks should be strictly followed by tax authorities, including all the provisions that prevent sharing of confidential information.
  • This is a best practice because all the tax authorities that have been discussed above (HMRC, the IRS, and the ATO) emphasize the importance of following regulations and legislation in all their data-sharing activities with banks and other third-party institutions. Most importantly, they all emphasize the importance of ensuring that there is a legal basis or (reasonable purpose) for the collection or sharing of data.
  • For example, the HMRC states that it only obtains data from third parties (including banks) only in circumstances when it deems reasonable. Reasonability can be proved if there is a legal basis for the data collection.

BP#2: Safeguarding the Appropriate Use and Confidentiality of the Exchanged Data

  • Taxpayers worldwide value the fairness that transparency and the exchange of information for tax purposes offer.
  • Tax authorities should treat taxpayers' personal information exchanged automatically and on request in the "pursuit of tax fairness with the highest standards of care."
  • Tax authorities handling the information that is shared under frameworks like the Common Reporting Standard (CRS) and other exchanged data should establish and implement information security arrangements in adherence to the internationally recognized standards.
  • The Global Forum on transparency and exchange of information for tax purposes states that proper use of information and confidentiality are necessary practices for all tax authorities participating in the exchange of financial data with banks.
  • In line with appropriate use, tax authorities participating in the exchange of information should have "security information arrangements aligned with international standards before they receive information.
  • HMRC has established standards of its own that enable it to adhere to the exchange of information/data with banks, use the information appropriately, and uphold confidentiality.

Research Strategy

For this research on data collaboration between tax authorities and banks, we leveraged the most reputable sources of information that were available in the public domain, including the websites of HMRC, the IRS, and the ATO. Where available, recent sources from the last two years were consulted. However, due to limited recent publications that detail the laws/legislation/regulations and instances where they have been applied, some sources older than 24 months were also included.

Research proposal:

Only the project owner can select the next research path.
Need related research? Let's launch your next project!
Sources
Sources