Critical Conditions for Success
The significance of indirect tax has escalated recently. While the rates for direct taxes, such as corporate income tax, are decreasing, indirect tax rates continue to rise. For multinational companies, this can mean managing indirect tax amounts exceeding 5 billion euros annually.
Surveys conducted by major consulting firms highlight that existing control mechanisms are frequently inadequate. Errors in accounting can lead to substantial tax assessments and considerable penalties. Given the scale of these amounts, such mistakes can also severely damage the reputation of a publicly traded company. Despite the magnitude of these risks, key performance indicators (KPIs) to monitor them have not been effectively developed, leaving financial executives unaware of the potential threats.
The Indirect Tax Function recognizes that it is often understaffed and operating with a budget that is insufficient for optimal performance. However, there is often a lack of clarity on how to advocate for these issues and elevate them on the CFO's agenda.
It is crucial for change to originate within the organization itself. Advisers can emphasize the need for action, but without the commitment of those who are directly involved in the processes, progress is unlikely. Therefore, it's imperative to break this cycle of inaction. What steps can be taken to facilitate this change?
Establishing Adequate Control Mechanisms
To effectively manage risks, a comprehensive VAT Control Framework must align with the organization’s Business Control Framework and overall Tax Control Framework. From a governance perspective, the indirect tax department needs a clearly defined position within the organization. It should be equipped with the necessary tools—such as adequate budget and resources—to achieve its strategic objectives, as outlined in the accompanying table.
Click picture to enlarge
Accountability and the Value of a Tax Policy
Accountability should always lie with the process owner responsible for specific business processes. The published tax policy must foster awareness of tax risks and clarify decision-making authority—specifically, "who can decide what and when" from a tax perspective. Consequently, it is the responsibility of the head of each corporate department to ensure that all team members read, understand, and effectively implement this tax policy.
The indirect tax department faces significant challenges in the absence of a formally documented tax policy, tax objectives, or planning processes. Without clear overall tax guidance, the company lacks essential "dos and don'ts." It is imperative for senior management to endorse and publish agreed-upon objectives and risk tolerance levels for tax planning and risk management—essentially establishing the company’s "tax rules of the house."
In practice, the initial step toward an effective tax function often involves drafting a tax policy that outlines these "tax rules of the house" and facilitates decision-making regarding new tax regulations. Execution of these rules should be seen as a realistic goal, with compliance monitored regularly, and performance assessed.
Without a tax policy in place, the impetus for change relies heavily on the initiative of VAT employees, which often leads to a fragmented approach. If not all stakeholders within the company are convinced of the need for amendments, this can hinder the establishment of standardized VAT controls and the implementation of "best practice" approaches. More critically, an organization becomes overly reliant on individuals, creating increased risks if key staff leave or are reassigned.
Such risks can be mitigated when the tax department’s strategy, objectives, and risk tolerance are well understood across the organization and enforced as mandatory rules. A robust tax policy can guide employee behavior towards achieving overall tax function objectives. This is illustrated in the following operational framework:
- Governance: How do we decide to introduce new rules?
- Design: How do we determine the necessary rules?
- Existence: How do we ensure the rules are embedded within the organization?
- Operation: How do we confirm that our rules are effectively executed?
Under these circumstances, employees are responsible for adhering to these internal tax rules. The tax department, internal audit, or risk management can more easily assess whether tax rules are being properly executed by posing a straightforward periodic control question: "Have you operated in accordance with the tax policy?"
This process transcends mere paperwork, as it ensures that tax policies (both overall and specific to VAT) are actively enforced, with designated individuals held accountable. This proactive framework significantly streamlines the remediation of VAT risks through preventive or detective testing of tax controls. Furthermore, the indirect tax department should receive immediate attention when a process owner fails to meet their obligations, with collective support from the tax department to close any identified gaps as quickly as possible.
Why?
Facilitating the Development of an In-House Tax Culture
Implementing a cohesive in-house tax culture should be straightforward. It primarily requires referencing the company's established tax rules and the expected tax behaviors endorsed by senior management. When executed successfully, this initiative can foster a robust and enhanced 'in-house tax culture.'
Designing and Implementing a Tax Policy
A well-structured tax policy should articulate the company's overall tax strategy and objectives while providing a framework to promote best practices and governance procedures. It must clearly delineate the roles and responsibilities of the tax function, other corporate departments, and various corporate entities.
To ensure a unified understanding of the company’s VAT risk appetite and acceptable VAT planning practices, the tax policy should be broadly disseminated across both the tax team and the wider business. This roll-out may involve hosting workshops, conference calls, and training sessions that engage stakeholders from tax, finance, legal, business operations, and other relevant areas.
Unlike the more centralized approach often associated with income taxes, the responsibilities and key drivers for managing indirect taxes can be distributed throughout the organization. This includes not only the tax department but also a variety of other departments, such as finance, information technology, supply chain management, logistics, and human resources. Promoting collaboration among these diverse functions is essential for effective tax risk management and the successful application of the new policy.
The tax policy is the highest in the tax hierarchy - signed off by senior management - and sets the internal tax rules and tax behavior: the dos-and-don'ts of employees regarding tax.
Building Blocks of a Tax Policy
A comprehensive tax policy should encompass various taxes for which the Head of Tax is responsible, including:
- Corporate income tax
- Wage taxes, payroll taxes, and social security contributions
- Withholding taxes
- Capital taxes (including stamp duties and transfer taxes)
- Local taxes (e.g., local business tax, packaging tax, surcharges, gift tax)
- Indirect taxes and customs duties
- And other relevant taxes
Key Components of a Tax Policy
The following are essential building blocks for an effective tax policy:
- Tax Function Objectives: Clearly defined goals for the tax function.
- Risk Profile and VAT Risk Tolerance Parameters: An assessment of the company’s willingness to accept certain tax risks.
- Approach to Tax Risk: Guidelines on how the company manages and mitigates tax risks.
- Relationship with Tax Authorities: Establishing a framework for engagement and communication.
- Scope of Taxes Covered: A list of taxes that fall under the policy’s purview.
- Entities in Scope: Identification of the entities to which the policy applies.
- Roles and Responsibilities: Clear delineation of duties for those involved in tax-related matters.
- Tax Resources (Internal/External): Identification of available resources and their allocation.
- Tax Strategies by Role and Tax Type: Specific strategies tied to different roles or types of taxation.
- Mandatory Pre-Engagement Situations: Instances where prior consultation with tax departments is required.
Guidelines for VAT Planning
The tax policy must include detailed guidelines regarding VAT planning and clarify whether such planning aligns with the company’s tax strategy. These guidelines should receive approval from senior management and address considerations such as the likelihood of challenges from tax authorities and potential reputational risks. The policy should also outline documented evaluation and acceptance criteria for planning, implementation review processes, and ongoing monitoring mechanisms.
Mandatory Early Involvement of Tax Departments
From a Tax Control Framework perspective, risk-based controls become increasingly vital with the complexity of transactions. The tax policy should specify circumstances that necessitate the early involvement of indirect tax departments, including stakeholders such as Legal, IT, HR, Internal Audit, Procurement, Business, and Finance.
Certain transactions consistently exceed a company's VAT risk appetite and thus require immediate attention:
- Significant business transactions
- Non-routine transactions:
- Share issuances or sales
- Reorganizations
- Acquisition or disposal of any business or part of a business
- Acquisition or disposal of real estate
- Financial transformations
- Outsourcing of business functions (e.g., Shared Service Centers or third-party accounts payable/receivable)
- Other significant financial transactions
To ensure compliance and mitigate risk, it is advisable to provide clear guidance for process owners and stakeholders regarding the necessity of seeking VAT input early in significant transaction processes. Approval from the indirect tax department should be mandatory before executing any non-routine or significant transactions. Additionally, the indirect tax department should be an integral part of workstreams for technology and finance projects.
Considering Tax Implications in Operational Changes
Operational changes can have significant tax implications due to shifts in transactional flows and a company’s assets, functions, and risk profile. It is essential to ensure that any new operating model is not only compliant with direct tax regulations but also aligns overall business processes with tax requirements. This alignment should involve collaboration across various functions such as compliance, finance, accounting, legal, IT systems, VAT, and regulatory affairs.
To transition the tax policy from theory to practice, the implementation phase may also involve organizational changes and enhancements to existing processes and systems.
Optimizing the Use of VAT Resources
Given the typically limited availability of VAT resources within a company, it is crucial to utilize these resources efficiently and effectively. This entails making informed choices and ensuring that the necessary resources and budgets align with the outcomes of the tax risk assessment. Due to the constraints on VAT resources, prioritizing high-risk areas should take precedence to maximize impact and minimize potential exposure.
Click picture to enlarge
To effectively allocate resources to areas that optimize risk management and cost savings, it is essential to first establish the company’s risk appetite.
Defining acceptable levels of risk allows for prioritization in resource deployment, ensuring that efforts are focused on areas that truly require attention. This approach prevents unnecessary expenditure of resources on mitigating risks that are already deemed satisfactory. Furthermore, the efficiency and effectiveness of the indirect tax department should be regularly assessed and compared against financial and operational KPIs. Review meetings should be held to discuss these evaluations, and any necessary corrective actions must be identified and implemented.
Benchmarking Risks and Controls
In the absence of a formal tax policy, a crucial initial step is to collaborate with senior management to design one that articulates the company’s overall VAT risk tolerance. This policy should be benchmarked against a normative VAT Industry Risk and Control Matrix to assess the potential "impact" and "likelihood" of various risks. To facilitate mutual understanding and set clear expectations, a foundational question could be posed:
"What numerical outcome from a worst-case scenario would you still consider acceptable if the tax authorities conducted a VAT audit and issued an assessment?"
By addressing this question, the company can align risk tolerance parameters and enhance its approach to managing VAT risks effectively.
Risks: 'impact' and 'likelihood'
Click picture to enlarge
Normative 'VAT Risks", "Controls" could be used as "Test of Controls"
- Tax Governance
- Strategy
- Risk Management and Cash flow optimization
- People
- Change management
The critical building blocks mentioned above are often not incorporated into a Tax Control Framework. Implementing these components will enhance visibility and awareness of the current state of tax compliance, allowing for a swift assessment of areas that require further improvement. This normative scan serves not only as a tool for performing a GAP analysis but also as a foundational step in designing a Tax Control Framework that establishes clear tax objectives.
Click picture to enlarge
Tax Governance
The key element is to agree on who can decide what and when, establish the right level of control, inform responsible employees, and conclude and report the level of ‘in control’:
- Analyze and evaluate weaknesses
- Review the status of remediation
- Consider changes in the control environment
- Conclude the level of ‘in control.’
'Who can decide what and when' relates to the tax function objectives, the processes in scope, and the required levels of control and informs those responsible for achieving these objectives, the process owners, about the tax policies signed off by senior management:
- assign tasks and responsibilities
- set procedures for implementing (new) rules
- set risk appetite, risk tolerances, and cost-benefit guidance
- prioritize and escalate
- desired versus required level of formalization
- determine and report on the actual level of ‘in control.’
Click picture to enlarge
Strategy
A well-defined VAT strategy, when implemented correctly, enables the business to operate efficiently from the moment of launch, addressing both tax and commercial needs. This strategy facilitates the generation of sales and invoices, minimizes disputes with non-paying customers, ensures tax compliance, and supports timely and budget-conscious integration of business operations. To support this framework, normative risks, controls, and tests of controls have been established as benchmarks for evaluation.
Click picture to enlarge
Risk Management and Cash Flow Optimization
A comprehensive tax risk management strategy must distinguish among strategic, reputational, operational, and financial compliance risks, encompassing detailed action plans for effectively addressing each category.
While initiatives like Sarbanes-Oxley (SOX) and similar business control frameworks primarily focus on financial and compliance risks, which relate directly to the reliability of annual reports, they often operate with much higher acceptable materiality thresholds. Consequently, many VAT risks critical to a robust VAT Control Framework may be overlooked in the scoping process.
In addition to mitigating risks and generating cash savings, an effective tax control framework can also enhance operational efficiency. The concept of the "hidden factory" refers to the time and resources lost to rework and error correction—essentially, the hours spent by employees continuously correcting mistakes. By reducing the need for this rework, organizations can unlock significant savings and improve overall effectiveness.
The objective is to illuminate the hidden factory and quantify the return on investment (ROI) associated with these improvements, thereby redirecting valuable time and financial resources back to the business.
For example, how much rework is necessary before the data obtained from finance systems can be effectively utilized?
VAT risk categories
Click picture to enlarge
Normative VAT Risk Management
Click picture to enlarge
Cash impact
Click picture to enlarge
Normative Cash Flow Optimization
Click picture to enlarge
People
The tax department requires an adequate number of personnel with the necessary skills and expertise to effectively achieve all its tax objectives. The indirect tax function recognizes that it is currently understaffed and operating within a constrained budget, which hampers its ability to manage existing tasks. Insights from Big Four benchmarking studies, referenced below, support this concern.
However, a significant barrier is the lack of knowledge on how to address these issues and advocate for them effectively with the CFO. Unfortunately, the deployment of costly fiscal expertise is often restricted primarily to the management of direct tax, leaving indirect tax functions underserved.
Currently, the Indirect Tax Department employs X amount FTE; X amount Indirect Tax advice and X amount FTE VAT Compliance.
Click picture to enlarge
The overall VAT "community" extends beyond the formal tax function to include employees who work part-time on VAT-related matters. Although they are not officially part of the tax department, these individuals play crucial roles in managing various tax affairs, such as making VAT decisions related to accounts payable/accounts receivable, providing essential information, and supporting VAT reporting. Together, they form what can be described as the "shadow tax function."
When new responsibilities or additional tasks are assigned to the indirect tax department or the shadow tax function as a result of an updated tax policy, this will inevitably impact the current VAT workload. As a result, it is vital to establish new priorities that focus on key issues. If the workload remains excessive, it may be necessary to delegate tasks to additional internal or external resources.
To implement such changes effectively, it is essential to provide the necessary resources, budget, and innovative tools, especially in a situation where gaining senior management buy-in can often be challenging. Without this support, achieving meaningful change may turn out to be nearly impossible.
Click picture to enlarge
Change Management
A VAT Control Framework typically emphasizes managing inherent risks while placing less focus on proactively avoiding future risks. This is largely because the primary focus, shaped by the company's business control framework, tends to be on ensuring that VAT reporting is accurate and submitted on time. This retrospective approach mainly addresses financial and compliance risks.
However, proactively avoiding future risks is crucial within a VAT Control Framework, as it minimizes the need for reactive responses, such as rework, and helps prevent unforeseen exposures. By shifting the focus to anticipating and mitigating future risks, organizations can strengthen their VAT processes and enhance overall compliance. The following items will be discussed from a change management perspective:
- VAT Policy
- Change in VAT legislation
- Changes in the business
- Advice to the business and other reporting requirements
- Changes in the business and maintaining relationships with tax authority
- Configuration of accounting systems
- Changes to VAT rates and VAT condition tables or logic
- The VAT element of material master data and IT controls
VAT Policy
Change in regulation
Change in the business
