Tax Governance is a key focus area for the Australian Taxation Office (ATO) when reviewing both privately held groups and large public and multinational businesses.
The ATO released an expanded Tax Risk Management and Governance Review Guide in January 2017, which was updated again in April 2018. This guide sets out their view on director’s duties and management responsibilities, along with a framework for controls and testing.
The guide clearly describes what the ATO considers to be best practice for tax risk management and governance.
The ATO expects the Board to oversee the implementation and ongoing monitoring of the tax risk management framework to ensure compliance with applicable laws and policies.
The expectation applies to Boards of both public and private companies and the Australian subsidiaries of multinational groups.
Public Officers (a company’s representative to the ATO) are also responsible for tax risk management, on the basis that they are responsible for the company’s obligations.
Managing day-to-day controls and processes to ensure compliance with tax obligations is not a matter for the Board but a responsibility of management.
The Board however, should oversee an internal control framework that provides guidance on how tax risks are identified and managed within the business.
In order to assess tax governance, the ATO looks for evidence that a tax control framework exists, focusing on the controls set out in the guide.
The ATO utilises the following staged rating system:
STAGE 1 – tax control framework exists
STAGE 2 – tax control framework is designed effectively
STAGE 3 – tax control framework is working in practice
RED FLAG – not evidenced or significant concerns
To achieve Stage 1 a company must be able to provide objective evidence that a tax control framework exists. This includes one or more of the following:
Board endorsed tax policy documentation describing how the organisation identifies and manages tax risk;
documented procedures for preparing returns; and
a testing program to validate the operating effectiveness of the tax control framework.
The ATO will not rely on slide presentations, draft policies or narrative descriptions of the tax control framework, as they do not represent source documentation. The ATO looks for evidence in the form of actual policies and procedures demonstrating the existence of a tax control framework.
In our experience, the best way to demonstrate that a tax control framework exists is to have a Tax Risk Management Charter that is endorsed by the Board.
Where an established tax control framework exists, the ATO then looks for objective evidence that the framework is designed effectively.
The ATO strongly recommends that a gap analysis is carried out, by self-assessing the design of your framework against the ATO Tax Risk Management and Governance Review Guide.
Where a gap exists, you should describe your compensating controls and document why particular aspects of the Guide may not be applicable to your circumstances. This may be due to a range of factors including size, complexity and history.
This stage is the highest rating for tax governance. The ATO encourages all large private and public companies to achieve this stage. Achieving Stage 3 “justified trust” provides the ATO with objective evidence that the tax control framework is operating effectively and supports less intense future reviews by the ATO.
To achieve this stage, you must be able to demonstrate that your tax control framework has not only been designed effectively, but is also operating as intended.
This stage can be evidenced by periodic testing of tax controls. Evidence of the testing program should include:
Reference to the tax internal controls testing program in the tax control framework.
An extract of the testing program for the next 3-5 years setting out the:
– scope of tax controls testing;
– details of who is conducting the review; and
– description of the testing methodology to be applied.
The ATO looks for the independent review and testing of tax controls that provide an independent level of assurance.
The ATO will assign a red flag to a company where you cannot provide evidence to demonstrate a tax control framework exists or if the ATO have significant concerns with your tax risk management and governance.
To minimise your risks in the event of an ATO audit and to achieve a “justified trust” status with them, as well as support less intense and less frequent reviews by the ATO, we can assist you with each stage of their tax governance assessment process.
The ATO recognises entities use different governance practices based on a range of factors including: size; complexity; industry; corporate culture and that you may have gaps in your tax governance controls.
However, where there is no documented Tax Risk Management Charter, the lack of any gap analysis or action plans to address these matters, the ATO will view this as a higher risk indicator and are more likely to proceed to a detailed review of the company’s tax affairs. In effect, you are Red Flagged.
As a starting point, companies should consider the following:
1. Is your Board aware of the ATO’s expectations of directors in the tax risk management process?
2. Are you familiar with the best practice framework outlined in the Tax Risk Management and Governance Review Guide and have they been implemented in your company?
3. Do you have a Tax Risk Management Charter that is documented and approved by the Board to provide the framework for identifying and managing tax risk?
4. Have you performed a gap analysis to identify weaknesses in your existing systems, controls and documentation compared to the ATO’s Tax Risk Management and Governance Review Guide?
5. Has your tax controls framework been periodically tested by an independent reviewer?
By investing in effective tax governance that supports appropriate tax outcomes, you can influence your tax profile and overall risk rating with the ATO, with the potential to save you time, money and effort in the event of an ATO review.