There is no ‘one-size-fits-all’ approach to the design and implementation of an operational indirect tax strategy. However, the objective should be to create an indirect tax function that is fit for purpose and fully aligned with the operational priorities and risk appetite of the business.
Failures in VAT-critical systems and processes can result in overpayments of VAT that represent a real cost to the business, or in under declarations that entail the threat of penalties and reputational risk.
Through the design and implementation of effective controls, the objective of the internal indirect tax function should be to assume overall strategic responsibility for the operational integrity of VAT-critical systems and processes.
Unless there are measures in place to capture and control the end-to-end VAT accounting process, the result will be an incomplete risk management strategy that is essentially unreliable. By contrast, an improved tax risk management model should involve periodic testing of controls to guarantee the effectiveness of VAT-critical processes.
From a big 4 survey, it follows that only 25 percent of companies say their company has specifics indirect tax metrics. Most of these measures relate to basic compliance, rather than activities that could improve the bottom line and drive cash flow improvement. From that outcome, I conclude that a strategic indirect tax plan with SMART individual objectives set has not been developed or properly rolled out.
How to realize objectives via best practice approaches, tools and methodology
Setting realistic objectives is the starting point for any successful change effort. To increase indirect tax function effectiveness, it is important to set S.M.A.R.T. objectives and define tasks: add to objective the word by ... as shown in the below example. Break down larger tasks into smaller ones.
For example, the objective is to create, protect and optimize value in the range of company's business objectives (see for other indirect tax objectives picture below). Simply add to this objective the word by .................. And fill in to define concrete and measurable actions].
- Specific – target a specific area for improvement
- Measurable – quantify or at least suggest an indicator of progress
- Assignable – specify who will do it
- Realistic – state what results can realistically be achieved, given available resources
- Time-related – specify when the result(s) can be achieved
Create, protect and prove value and write a business case for investment to realize business objectives such as improve cash flow, reduce costs, improve tax processes and manage tax related risks.
Demands on the tax function
The tax function should be able to understand business activities/objectives including R&D and get aligned with other functions like legal, HR and IT. Higher quality with fewer people could be a business objective to realize process improvements and is often represented by the following keywords: 'easier, faster, better, cheaper'.
Is fully VAT compliant realistic to achieve?
Effectiveness is the degree to which an organization achieves the objectives. When is effectiveness achieved? For the tax function, this is if all risks are managed and opportunities spotted and implemented.
Efficiency refers to the extent to which time, effort or cost is well-used for achieving the objectives. As indirect tax resources are normally scarce, it is important that the available time is used in the most efficient and effective way.
Beside the fact that managing all risks is cost inefficient, it will have negative impact on efficiency beyond indirect tax (e.g. time spent by the finance department on VAT matters).
It is about making the right choices.
To allocate resources to risk and cost-saving areas that matter, the level of risk appetite of the company has to be determined.
This facilitates prioritization in the deployment of resources. Having defined acceptable levels of risk leads to resources not having to spend time on further reducing risks that are already at an acceptable level.
The resources and budget are aligned with the outcome of a risk assessment. Most of our time in high-risk areas. The efficiency and effectiveness of the indirect tax function is periodically measured and compared with financial and operational KPI’s. This is discussed in review meetings and corrective actions are identified.
Sometimes percentages are used to prove the apparent level of control. The most famous is the 80-20 rule. Another example is statements like 95% of our transactions are compliant.
These numbers can cause misperception of senior management when the overall feeling within the business is that the company is in control. For the potential impact of such error rates, we refer to VAT throughput calculation.
What does the following statement say about risk management?
Tackling master data can contribute to getting over 80% of your invoices VAT compliant.
If 80% of these invoices qualify as a low risk and 20% exceed the risk appetite level of the company if it goes wrong, the solution supports efficient deployment of employees, but does not support the achievement of risk management objectives.
Note that currently I assumed that the 20% is a high risk. In practice, of course, this should be investigated first and measured to become useful from a management perspective.
Tax compliance definition (OECD)
“[the] degree to which a taxpayer complies (or fails to comply) with the tax rules of his country, for example by declaring income, filing a return, and paying the tax due in a timely manner.”
Strategic objective per role
Objectives |
Strategic objectives per role |
|
All corporate departments are well-informed and/or have the availability of a VAT work instruction, so it is clear when to consult the indirect tax department. |
|
|
Proactively anticipate on changes in the business and outside the business and successfully communicate these changes to the concerning departments. Furthermore, look after a correct implementation of these changes. |
|
|
Roles and responsibilities have been determined who deals with the tax authorities during an audit (announcement) and tax authorities questions and procedures “how to act” (e.g. never provide documents without first making copies) have been documented and rolled out. |
|
|
Identify, recommend and successfully implement indirect tax projects that assist in achieving the objectives of the indirect tax department part of the business objectives. |
|
|
Ensure identification, select and manage tax risks as a basis for indirect tax management and reporting, ascertain that unacceptable but existing tax risks are identified and that clear, timely communication on tax status, tax activities and tax risks takes place. |
|
|
The indirect tax department is staffed with the appropriate number of professionals, equipped with the necessary skills and capabilities to ensure success.
Performance Requirements for the Indirect Tax Function
To establish clear performance requirements for the indirect tax function, consider the following non-exhaustive overview as a guideline. This framework focuses on indirect tax planning and regulatory compliance, aimed at adding value to the company’s overarching business priorities.
Engaging Internal Audit for Support in Implementing Change
A key objective of the Internal Audit function is to use a risk-based approach to provide comprehensive assurance to the Board and senior management that the organization’s material risks are managed efficiently and effectively. Engaging Internal Audit is essential for establishing meaningful change and ensuring that risk management practices align with the organization’s strategic goals.
Couple of questions for internal audit to get started |
|
Is the indirect tax strategy defined and aligned with companies’ business objectives? |
|
Are material indirect tax risk areas defined? (e.g. indirect tax risk matrix) |
|
Are roles and responsibilities for managing these risks explicitly assigned? |
|
Are assessed risks documented in a risk register, monitored and communicated to senior management? |
|
Does the risk register contain the following labels: number, name of the risk, risk definition, cause for the risk to occur, risk category and the risk owner? |
|
Are the internal controls that mitigate these risks explicitly documented? |
|
Are the responsibilities for executing and monitoring the internal controls assigned? |
|
Are there regular meetings to discuss the status of risks and internal controls and define actions? |
|
Has a strategy been defined for managing the relationship with tax authorities? Have the responsibilities been assigned for the different geographic regions? |