Complying with USA FATCA and UK/EU Data Protection Requirements
The US Foreign Account Tax Compliance Act (FATCA), passed by Congress in March 2010, was finally implemented in July 2014. The Act makes the US the only large economy to tax its nationals on all of their earnings anywhere in the world, although the Organisation for Economic Co-operation and Development (OECD) has developed a similar regime and the EU likely to follow suit. The anti-avoidance tax law requires financial institutions around the world to report on assets held by American clients. Initially this had raised serious privacy issues but with over 30 jurisdictions signed up to bilateral intergovernmental data sharing agreements with the US, financial institutions affected should make sure they are ready to comply with this extra-ordinary extra-territorial law.
A brief overview of FATCA
FATCA aims to stop US citizens (including those not resident in the US) avoiding paying tax by holding offshore investments. To this end, FATCA requires foreign financial institutions (FFIs), to provide information to the US Internal Revenue Service (IRS) on their US accountholders or accounts that are held by foreign entities in which a US tax payer holds a substantial ownership interest. The wide definition of FFIs includes not only banks, but also investment funds, hedge funds, private equity funds and other forms of financial intermediaries. Should a FFI fail to meet the disclosure obligations or refuse to produce the information, the IRS can sanction them by imposing a 30% tax on certain payments made to a FFI.
Implementing FATCA
FATCA's extra-territorial provisions require FFIs based outside the US to report client information to the IRS. However, due to data protection laws, the FFIs will instead provide this information to their national tax authorities, in the UK Her Majesty's Revenue and Customs (HMRC), which have individual agreements to share data with the IRS. Nearly 40 jurisdictions (including renowned tax havens such as the BVIs, Cayman Islands, Jersey and Luxembourg) have signed up to intergovernmental agreements (IGAs) that apply and enforce the provisions of FATCA locally, and almost the same number again have 'agreements in substance' with the US Treasury. The agreements mean that registered FFIs in these countries will not suffer the 30% withholding tax.
On 30 June 2014, the International Tax Compliance (United States of America) Regulations 2014 (UK Regulations) came into the force and implement the agreement between the UK and the US that enables UK FFIs to satisfy FATCA obligations without having to enter into an individual agreement with the IRS; and on 28 August, HMRC released updated guidance on the UK Regulations; however, these will need amendments due to changes to the US Treasury FATCA regulations. The next review of the guidance will be February 2015. The UK Regulations stipulate that UK financial services type-entities are obliged to register with the IRS and ascertain and submit returns on their US account holders to HMRC. In addition, certain UK entities that are technically outside the scope of FATCA are still required to register with the IRS, as well as comply with identification and HMRC reporting procedures.
All applicable FFIs should obtain a Global Intermediaries Identification Number (GIIN) from the IRS before 25 October 2014, which they will need to provide to US costomers to show that they do not need to withhold tax on payments they want to make. In the UK, FATCA-registered institutions will then need to register with HMRC before the first reports are due on 31 May 2015.
These deadlines are fast approaching, and while we all come to terms with the 181 page guidance released by HMRC at the end of August, here are some tips to facilitate compliance:
1. Appoint a person in-house who is responsible for FATCA-related issues
There are many different departments likely to be involved in complying with FATCA, for example IT and tax, and so having a central figure can aid in co-ordinating the different functions and raising awareness of their responsibilities. It is important that the appointed person is a senior figure in the company able to make information requests and demand a quick response.
Further, as well as grappling with FATCA, institutions may also need to comply with other 'FATCA like' legislation: this is under consideration in the EU, while the OECD has already produced the Common Reporting Standard, nicknamed the Global Account Tax Compliance Act (GATCA), which a total of 47 countries (all OECD members and countries such as Brazil, China and India) have agreed to implement, likely from 2017.
2. Extend the scope of know-your-customer (KYC) requirements
FATCA requires FFIs to know exactly who their customers are, to keep up-to-date and accurate information about them and to report this information to either directly to the IRS or to national tax authorities.
Current KYC requirements under anti-money laundering regulations worldwide accept a risk based approach to determine how much information is collected in the first instance and how often this information is reviewed.
FATCA rules go beyond current KYC requirements, requiring more information to be collected, reviewed and authenticated, specifically: it requires that all accounts (subject to de minimis thresholds) be reviewed for US indicia, not just those with certain risk factors; it requires the institution to know whether a 10% owner is a US person, lower than the usual threshold of 25% for low risk customers; and it means that monitoring for change in circumstance is also not risk based, any change for any customer must be monitored as it occurs.
3. Audit the management of client data
All client data should be kept in a centralised department to avoid repetition of work and duplication of document requests from the client. Often, use of client data differs across different departments within an institution. To facilitate efficient compliance, all departments should have an understanding of how FATCA will affect the use of client data and, if possible, an institution-wide approach should be developed which takes into account the differing requirements for each department.
Data should also be accurate, this requires a dedicated team with the knowledge of where such data can be sourced, verified and then efficiently stored.
Consequences of non-compliance
Although FATCA was only implemented a few months ago, US federal prosecutors in New York have already brought the first FATCA enforcement case before the courts. Many have seen this as a show of the readiness of the American tax authorities to enforce strict compliance with the new law.
The prosecutors claim that the alleged offenders in Belize and Panama conspired inter alia to submit false FATCA documents by setting up 5,000 shell companies to avoid FATCA reporting. The defendants are accused of laundering $500 million through this complex network of shell companies. Panama has an agreement with the US government to swap tax information between the two countries and so is considered to be a FATCA compliant financial jurisdiction; whereas Belize is not, although some 228 financial institutions there are listed on the FATCA database.
Arrests have already been made of defendants located in Miami and New York and the US Department of Justice has started extradition proceedings to bring others from Panama and Belize. A criminal action to seize the ill-gotten money is also underway. Allegedly, among the evidence are taped conversations where the defendants openly boast that they set up the network to avoid FATCA.
IRS-Criminal Investigation Acting Special Agent-in-Charge Shantelle Kitchen said: 'This inquiry shows offshore tax evasion and money laundering are top priorities for us. FATCA is an example of how it is becoming more and more risky for US taxpayers to hide their money offshore.'
Previously published - DataGuidance Guidance Note
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.
