The critical conditions for success
The importance of indirect tax has increased over the last couple of years. While the rates for direct tax, corporate income tax, are decreasing, the rates for indirect tax keep rising. At multinational companies we’re easily talking about amounts of over 5 billion euros of indirect tax flowing through the books.
According to big4 surveys, the related control mechanisms are still inadequate. Not only can an error in the accounts lead to major additional tax assessments and substantial penalties, with amounts like these, it can be devastating for the reputation of a listed company. We are talking about extremely large amounts of money that lack appropriate control, but because KPIs have never been developed for this particular purpose, the risks remain outside the CFO’s field of view.
The Indirect Tax Function is aware of the fact that it is understaffed and that budget is too limited to optimally execute its tasks, but they often don’t know how to change this and get it on the agenda of the CFO.
It’s essential that change comes from the organization itself. An advisor can repeat this over and over, but if it isn’t carried out within the organization, by the people who actually have to work with it, nothing will change. And that deadlock must be broken. What should be done to actually break it?
Adequate control mechanisms
A VAT Control Framework - when addressing proper risk management - should be in line with Business Control Framework and a company's overall Tax Control Framework. From a governance perspective the indirect tax department has to be positioned and should be given the tools - e.g., budget and resources - to realise its strategic objectives as highlighted below in a table.
Click picture to enlarge
Who is accountable and what is the added value of a tax policy
Accountability should always be set at the level of a process owner end responsible for a specific business process and the tax policy published should realise proper awareness with respect to tax risks and make clear to that process owner 'who can decide what and when' from a tax perspective. It should therefore be the responsibility of the head of each corporate department to ensure all team members read, understand and effectively implement that tax policy.
An indirect tax department will face challenges when no formal documented tax policy, tax objectives or tax planning exists as an overall tax instruction will be lacking about the 'do’s en don’ts' within the company. It is critical that senior management signs off and publishes agreed-upon objectives and risk tolerance levels for tax planning and tax risk management: 'the tax rules of the house'.
In practice the starting point for realizing tax function effectiveness is often beginning to draft such 'a tax policy' where those 'tax rules of the house' are set, decisions are made to introduce new tax rules and the execution of these rules are considered realistic objectives and that compliance to these rules is regularly assessed and performance is measured.
Without a tax policy it depends on VAT employee's personal influence within the company to kick-start change. Often that results in a fragmented approach as not all stakeholders within the company will be convinced that amendment is needed. The outcome is that this will negatively impact the existence of standardised VAT controls or the effective implementation of 'best practice' approaches. More important the company becomes dependent on people and the amount of risks will increase when that skill-set leaves the company or gets internally an other function.
That will be avoided and improved when the tax department’s strategy, objectives and risk tolerance is understood by everybody in the tax function and throughout the organisation and mandatory in force as a rule within the company. A tax policy steers than the behaviour of all employees aimed at achieving the overall tax function objectives. This is shown in Existence and Operation below:
- Governance - How do we decide to introduce new rules
- Design - How do we determine the rules we need
- Existence - How do we ensure the rules are embedded
- Operation - How do we establish that our rules are executed
Employees are under these circumstances end responsible and have an obligation to meet these in-house tax rules. The tax department, internal audit department or risk management can much easier assess whether or not tax rules are properly executed or not and a key periodical business control question has only to be raised: 'have you worked according to the tax policy'.
It is not just a paper trail like we normally see in practice during Sox controls with respect to tax.
That is because tax policies (overall tax and VAT) are in place and someone is actually made end responsible. That can make it much easier to remediate when VAT risks come up via preventive or detective test of tax controls. The indirect tax department should get immediate commitment when a process owner has apparently failed in that obligation. It also would be mandatory to provide support to the tax department to close that gap together as soon as possible.
Why?
It should be much easier to realize as only a reference has to be made to the company's own in-house tax rules and the expected tax behavior by senior management. When successful it will be the new and enhanced 'in-house tax culture'.
Design and roll out of a tax policy
Such a tax policy should define the company's overall tax strategy and tax objectives and establish a framework to promote best practices and governance procedures. The policy should outline the roles and responsibilities of the tax function, other corporate departments, and corporate entities.
The tax policy written should be rolled out to entire tax and the wider business to ensure a shared understanding of company's VAT risk appetite and acceptable VAT planning. The roll-out may include workshops and conference calls with tax, finance, legal, the business, etc. Unlike the more contained structure for handling income-based taxes, responsibilities and key drivers for indirect taxes may be spread throughout the enterprise, residing not just in the tax department but in any of such diverse departments as finance, information technology, supply chain management and logistics, human resources, and beyond.
The tax policy is the highest in tax hierarchy - signed off by senior management - and sets the internal tax rules and tax behaviour: the do's-and-don'ts of employees with respect to tax.
Building blocks of a tax policy
The following taxes fall normally under the scope of such a tax policy - all taxes the Head of Tax is end responsible for:
- Corporate income tax
- Wage taxes, payroll, and social security
- Withholding taxes
- Capital taxes (including stamp duties and transfer taxes);
- Local taxes (e.g local business tax, packaging tax, sur tax, gift tax)
- Indirect tax and customs duties
- Etc.
Some key building blocks of a tax policy:
- Tax function objectives
- Risk profile and VAT risk tolerance parameters
- Approach to tax risk
- Relationship with tax authorities
- Scope of taxes covered
- Entities in scope
- Roles and responsibilities
- Tax resources (internal / external)
- The tax strategy detailed per role and / or applicable tax
- Situations when mandatory upfront involvement should take place
It should include detailed guidelines around the type of VAT planning and whether this is allowed according the company’s tax policy. These guidelines should be approved by senior management and may include issues such as the likelihood of tax administration to challenge and litigate the potential change to the group’s VAT risk profile and key reputational risk issues. This may also cover documented planning evaluation and acceptance criteria, planning implementation review processes and an ongoing planning review and monitoring processes.
Mandatory involvement upfront
From a Tax Control Framework perspective, for setting up risk based controls, the more unusual the transactions, the greater the tax risks.
The tax policy should contain as well a description of situations when it will be mandatory to involve indirect tax department upfront (e.g., stakeholders such as Legal, IT, HR, Internal Audit, Procurement, Business, Finance).
The following transactions will always exceed a company's VAT risk appetite:
- Significant business transactions
- Non routine transactions:
- Share issues or sales
- Reorganisations
- Acquisition or disposal of any business or part of a business
- Acquisition or disposal of real estate
- Financial transformation
- Part of the business is outsourced (e.g. a Shared Service Centre or accounts payable/receivable to a third party service provider)
- Other financial transactions
Recommended is to describe in detail the requirements for other process owner/stakeholders to seek VAT input early in the process. It should cover non-routine or significant business transactions and the requirement for review & approval by indirect tax department prior to execution of the transactions. The indirect tax department should always be a mandatory work-streams in for example technology and finance projects.
Operational changes have a tax consequence due to the change in transactional flows and the change in a company’s assets, functions and risks profile. Important is to ensure that the new operating model is not only implemented correctly from a direct tax perspective, but also ensures that business processes are overall tax aligned realising support of the business in the areas of compliance, finance & accounting, legal, IT systems, VAT and regulatory matters.
To move the tax policy from paper into practice the roll-out may also include organisational changes, and improvements to processes and systems.
Efficient and effective use of VAT resources
As VAT resources are normally scarce within a company it is important that their available time is used in the most efficient and effective way. It is about making the right choices and that resources and budget needed is in line with the outcome of the tax risk assessment. Due to limited VAT resources available time should be spent first on high-risk areas.
Click picture to enlarge
In order to allocate resources to risk and cost saving areas that matter, the level of risk appetite of the company has to be determined.
This facilitates prioritisation in the deployment of resources. Having defined acceptable levels of risk leads to resources not having to spend time on further reducing risks that are already at an acceptable level. The efficiency and effectiveness of indirect tax department should be periodically measured and compared with financial and operational KPIs. This should subsequently be discussed in review meetings and corrective actions have to be identified and executed.
Benchmaking risks and controls
When a tax policy is not yet written, a first action item could be for designing such a tax policy to agree with senior management the company’s overall VAT risk tolerance parameters and benchmarked that against a normative VAT Industry Risk and Control Matrix and determine the 'impact and likelihood'. To manage mutual expectations the opening question could be:
What do you consider still an acceptable outcome in numbers from a worse case perspective when the tax authorities have performed a VAT audit and raised an assessment.
Risks: 'impact' and 'likelihood'
Click picture to enlarge
Normative 'VAT Risks", "Controls" and "Test of Controls" are provided in next chapters:
- Tax Governance
- Strategy
- Risk Management and Cash flow optimization
- People
- Change management
Above critical building blocks are most of the time not yet included in a Tax Control Framework. Benchmarking results therefore in better visibility and awareness of the current state and can quickly assess where (further) improvements can be made. Those normatives can be used not only for such a GAP analysis but as well from a design as a first starting point to set clear tax objectives.
Click picture to enlarge
Tax Governance
Key element is to agree who can decide what and when, establish the right level of control, inform responsible employees and conclude and report the level of ‘in control’:
- Analyse and evaluate weaknesses
- Review status of remediation
- Consider changes in control environment
- Draw conclusion about the level of ‘in control’
'Who can decide what and when' relates to the tax function objectives, the processes in scope and the required levels of control and inform those responsible for achieving these objectives, the process owners, about the tax policies signed off by senior management:
- assign tasks and responsibilities
- set procedures for implementing (new) rules
- set risk appetite, risk tolerances and cost-benefit guidance
- prioritize and escalate
- desired versus required level of formalization
- determine and report on the actual level of ‘in control’
Click picture to enlarge
Strategy
A relevant VAT strategy—correctly implemented—will allow the business to function effectively from any go-live, from both a tax and commercial perspective, so that it can generate sales and invoices, face fewer disputes with non-paying customers, remain tax compliant, and integrate the business on time and on budget.
Normative Risks, Controls and Test of Controls have been defined to benchmark against.
Click picture to enlarge
Risk Management and Cashflow Optimization
Tax risk management strategy should differentiate in strategic, reputational, operational, and financial and compliance risks and contains detailed action plans for managing these risks.
Sox and similar business control framework initiatives are focussing currently primarily on financial and compliance risks. Those risks relate directly to the reliability of the annual report resulting that a much higher 'acceptable' materiality treshold is used. The consequence is that many VAT risks that matter from a VAT Control Framework perspective will most likely not be scoped in.
Besides risks and cash savings the reward could also improve operationally efficiency. The hidden factory is defined as the amount of rework and cover ups, the hours and days of wasted time in a company of people who constantly correct mistakes. Savings but also more effectiveness from a tax control framework can be realized when that rework would be avoided.
The objective is to make the hidden factory visible (measure/calculate ROI) and as a result return precious time and money back to the business.
Example: how much rework is required before numbers received from finance systems can be used?
VAT risk categories
Click picture to enlarge
Normative VAT Risk Management
Click picture to enlarge
Cash impact
Click picture to enlarge
Normative Cash Flow Optimization
Click picture to enlarge
People
The tax department needs to consist of the right number of tax personnel and the right level of skills and capabilities to execute all its tax objectives. The indirect tax function is aware of the fact that it is understaffed and that budget is too limited to execute its current tasks. It follows also from Big4 benchmark studies as referred to below. The weakspot is that knowledge is lacking how to change this and get it on the agenda of the CFO. The deployment of expensive fiscal knowledge nowadays often usually remains limited to control of direct tax.
Currently, the Indirect Tax Department employs X amount FTE; X amount Indirect Tax advice and X amount FTE VAT Compliance.
Click picture to enlarge
The overall VAT ‘community’ is larger. For example employees that work part-time on VAT matters, but are formally not in the tax function but have a role in managing certain tax affairs (e.g make VAT decisions (AP/AR), provide critical information, supportive to VAT reporting, etc.). They are the 'shadow tax function'.
Assigning new responsibilities or extra tasks to the indirect tax department or 'shadow tax function' due to the new 'tax policy' in place will have impact on current VAT workload. That means new priorities have to be set - focus only on key issues - and when still an overload of work exists, work should be delegated to extra resources either internal or external. Providing resources, budget and/or innovative tooling is important when a company wants to realise change. Without senior management buy-in that will often be a mission impossible.
Click picture to enlarge
Change Management
The focus is often in a VAT Control Framework on managing inherent risks and less on avoiding future risks. The root cause is that the primarily focus is often still on - due to the company's business control framework - whether correct and in time VAT reporting has been filed. That is a look back exercise and only financial and compliance risks are often considered.
Avoiding future risks is important from a VAT Control Framework perspective as it reduces future firefighting (e.g. rework) and any unforeseen exposures.
The following items will be discussed from a change management perspective:
- VAT Policy
- Change in VAT legislation
- Changes in the business
- Advice to the business and other reporting requirements
- Changes in the business and maintaining relationship with tax authority
- Configuration of accounting systems
- Changes to VAT rates and VAT condition tables or logic
- VAT element of material master data and IT controls
VAT Policy
Click picture to enlarge
Change in regulation
Click picture to enlarge
Change in the business
Click picture to enlarge
Maintaining relationship with tax authority
Click picture to enlarge
Advice to the business
Click picture to enlarge
Other reporting requirements
Click picture to enlarge
Configuration of accounting systems
Click picture to enlarge
Changes to VAT rates
Click picture to enlarge
Changes to VAT condition tables or logic
Click picture to enlarge
VAT element of material master data
Click picture to enlarge
This email address is being protected from spambots. You need JavaScript enabled to view it.
Written by Richard Cornelisse
Richard advises multinational businesses in improving the efficiency and effectiveness of their Indirect Tax Function and Tax Control Framework.
He started his career as a manager at Arthur Andersen and then became an EY partner where he led the indirect tax performance team for Netherlands and Belgium. Currently, he is a managing director of SAP Tax Consultancy Firm.
Richard has over 20 years of experience advising clients on international VAT issues. He is specialized in the tax aspects of financial transformations, shared service center migration, and post-merger integration work.
Richard has over 20 years’ experience advising clients on international VAT issues. He is specialized in the tax aspects of financial transformations, shared service centre migration, and post merger integration work. Richard is also somewhat of a mentor, giving back to the profession. If you are interested in conversation and discussion, please feel free to contact him.
Relevant chapters for further detail
- VAT Control Framework
- OECD - Co-operative Tax Compliance - Building Better Tax Control Frameworks
- Elements of GST Control Framework - Singapore
- 'Governance', 'operation' and 'infrastructure'
- Tax position exceeds external auditor's materiality
- Spreadsheets and VAT Compliance
- Tax Authorities peeking at your data
- VAT throughput calculation
- Statistical sampling: quantification of tax risks
- Statistical sampling: ‘single audit’
- Data analysis
- Check EU and local invoicing rules
- SAP review
- Gain awareness and acceptance of senior management
- An indirect tax strategic plan: approach and scope
- Company's 'governance', 'operation' and 'infrastructure'
- Strategies, approaches and models
- Setting the objectives of the tax function
- Structure the tax function
- Audit defense strategy
- Migration to new jurisdictions
- Change of business models
- The Intersection of VAT and shared service centers
- M&A integration: managing the moving parts before, during, and after a transaction
