«A report to the Assistant Treasurer Inspector-General of Taxation October 2013 Review into aspects of the Australian Taxation Office’s use of ...»
Review into aspects of
the Australian Taxation Office’s
use of compliance risk assessment tools
A report to the Assistant Treasurer
Inspector-General of Taxation
Review into aspects of the
Australian Taxation Office’s use of
compliance risk assessment tools
A report to the Assistant Treasurer
Inspector-General of Taxation
© Commonwealth of Australia 2013
This publication is available for your use under a Creative Commons Attribution 3.0 Australia licence, with the exception of the Commonwealth Coat of Arms, the IGT logo and ATO source material. The full licence terms are available from http://creativecommons.org/licenses/by/3.0/au/legalcode.
Use of IGT material under a Creative Commons Attribution 3.0 Australia licence requires you to attribute the work (but not in any way that suggests that the IGT endorses you or your use of the work).
IGT material used ‘as supplied’.
Provided you have not modified or transformed IGT material in any way including, for example, by changing the IGT text; calculating percentage changes; graphing or charting data; or deriving new statistics from published IGT statistics — then the IGT prefers the
Source: The Australian Government the IGT.
Derivative material If you have modified or transformed IGT material, or derived new material from those of the
IGT in any way, then the IGT prefers the following attribution:
Based on The Australian Government the IGT data.
Use of the Coat of Arms The terms under which the Coat of Arms can be used are set out on the It’s an Honour website (see www.itsanhonour.gov.au).
Inquiries regarding this licence and any other use of this document are welcome at:
Inspector-General of Taxation GPO Box 551 Sydney NSW 2001 Email: email@example.com Level 19, 50 Bridge Street Sydney NSW 2000 Telephone: (02) 8239 2111 GPO Box 551 Facsimile: (02) 8239 2100 Sydney NSW 2001 21 October 2013 Senator the Hon Arthur Sinodinos AO Assistant Treasurer Parliament House Canberra ACT 2600 Dear Minister Review into Aspects of the Australian Taxation Office’s Use of Compliance Risk Assessment Tools I am pleased to present you with my report of the above review. The ATO’s use of risk assessment tools has been a persistent concern across taxpayer segments over a number of reviews.
Stakeholders have generally supported the Australian Taxation Office’s (ATO) risk-based approach which informs its compliance activities. However, they believed an unnecessary but significant compliance burden has been imposed on them due to inaccuracies in risk assessments, ineffective communication and disproportionate compliance action to perceived risks.
I have reviewed a range of risk assessment tools and recommended the adoption of a set of guidelines to assist the ATO design more effective risk assessment tools for the future. In addition, I have made recommendations to improve existing risk assessment tools with which taxpayers have raised most concern.
Overall, I have made 16 recommendations to all of which the ATO has agreed. Once implemented appropriately, they should result in extensive and enduring improvements to the ATO’s risk assessment processes.
I am grateful for the support and contribution of taxpayers, tax practitioners and their representatives to this review. The willingness of many to provide their time, expertise and experience in preparing submissions and discussing issues with my office is greatly appreciated. I also thank ATO officers involved in this review for their professional cooperation and assistance.
Yours faithfully, Ali Noroozi Inspector-General of Taxation Page | iii Contents EXECUTIVE SUMMARY
CHAPTER 1 — OVERVIEW
Conduct of the review
Summary of stakeholder concerns
Structure of this report
CHAPTER 2 — ATO RISK MANAGEMENT
The ATO’s enterprise risk management framework (ERMF)
Types of taxpayer compliance risks
ATO risk management approach to taxpayer compliance
How the ATO assesses risk
Inputs into ATO risk assessment tools
Outputs of risk assessment tools
Health of the system assessments — HOTSA
CHAPTER 3 — LARGE BUSINESS AND INTERNATIONAL
The Risk Differentiation Framework (RDF)
ATO governance and moderation panel
ATO risk filters, risk managers and risk owners
Taxpayer notification of RDF categorisation
Additional higher consequence requirements — taxpayer assurance plans (TAPs)
ATO review of the risk categorisation template
Stakeholder concern — transparency of the risk categorisation process
Stakeholder concern — accuracy and relevance of inputs
Stakeholder concern — formal notification of risk categorisation
Stakeholder concern — proportionality of ATO compliance approach........... 92 CHAPTER 4 — SMALL TO MEDIUM ENTERPRISES
Stakeholder concern — inputs into the risk categorisation process.............. 108 Stakeholder concern — communication of the risk categorisation............... 111 Proportionality of ATO compliance approach
CHAPTER 5 — MICRO BUSINESSES
Risk assessment tools used in the micro business segment
CHAPTER 6 — INDIVIDUALS
ATO risk assessment tools used in the individuals segment
CHAPTER 7 — TAX PRACTITIONERS AND ADVISORS
Page | v Review into aspects of the ATO’s use of compliance risk assessment tools Background
ATO approaches to tax practitioner risk identification
CHAPTER 8 — TEMPLATE FOR FUTURE DESIGN
Effective use of inputs
Transparency and communication
Proportionality of ATO compliance approach
Project management — balancing risk, resources and time
APPENDIX 1 — TERMS OF REFERENCE
APPENDIX 2 — ATO LEVEL 0 ENTERPRISE RISKS
APPENDIX 3 — LEVEL 0 AND LEVEL 1 RISK OWNERS AND DESCRIPTIONS
APPENDIX 4 — CONFIDENCE LEVELS USED IN RISK ASSESSMENT
APPENDIX 5 — PREVIOUS IGT RECOMMENDATIONS RELATED TO COMPLIANCE COSTS............. 183 APPENDIX 6 — OVERVIEW OF ATO RISK ASSESSMENT TOOLS
APPENDIX 7 — ATO ENTERPRISE LEVEL RISK MATRIX
APPENDIX 8 — RDF CHART FROM LARGE BUSINESS AND TAX COMPLIANCE 2010BOOKLET
APPENDIX 9 — LARGE MARKET INCOME TAX RISK FILTERS
APPENDIX 10 — SME MARKET RISK FACTORS
APPENDIX 11 — TAX PRACTITIONER RDF
APPENDIX 12 — QUALITY ASSURANCE CHECKLIST FOR COMPLIANCE RISK ASSESSMENTTOOL DESIGN
APPENDIX 13 — ATO RESPONSE
Page | vi
LIST OF TABLESTable 1: ATO levels of risk
Table 2: ATO operational risk matrix
Table 3: The ATO Enterprise level risk likelihood rating table
Table 4: ‘Confusion matrix’
Table 5: Sample of ATO information gathering approaches
Table 6: Triple constraint applied to ITRIP
Table 7: ATO enterprise level risk matrix
LIST OF FIGURES
Figure 1: Structure of this report
Figure 2: ATO ‘Wheel of Risk’
Figure 3: ATO Compliance Model
Figure 4: Risk bow-tie for large business
Figure 5: Differentiation in intensity and visibility of ATO verification activities
Figure 6: Element status ratings for HOTSA reporting
Figure 7: Data integrity status ratings for HOTSA reporting
Figure 8: Risk and information confidence and cost
Figure 9: Large business RDF ‘quadrants’
Figure 10: Sample ATO risk filter description
Figure 11: Simplified higher consequence taxpayer risk categorisation process
Figure 12: Large taxpayers and uncertain positions
Figure 13: Risk and information confidence and cost
Figure 14: Potential integrated PCR process
Figure 15: ATO example of a kind of private group
Figure 16: RDF for small-to-medium enterprises and wealthy individuals
Figure 17: How RAPT fits into the suite of corporate risk tools
Figure 18: Risk bow-tie for promoter penalty laws
Figure 19: RDF for intermediaries — promoter penalty laws
Figure 20: ATO RDF for Tax Practitioners
Figure 21: Risk and information confidence and cost
Figure 22: SME business line compliance ‘funnel’
Figure 23: Indirect taxes business line compliance funnel
Figure 24: The triple constraints of project management
Figure 25: Applying the triple constraint to risk treatment projects
Figure 26: Overview of ATO compliance risk assessment tools
Figure 27: RDF chart from 2010 Large business and tax compliance booklet
Figure 28: Tax practitioner risk differentiation framework
Stakeholders have acknowledged that it is appropriate for the ATO to adopt a risk-based approach in its compliance strategy. In fact, most comparable revenue authorities take such an approach to make the best use of their resources in protecting government revenue.
There are many risk assessment tools within the ATO’s enterprise risk management framework. These tools are used to gauge risks posed by taxpayers in each market segment.
The IGT has observed that, ultimately, the effectiveness of these risk assessment tools could only be reliably evaluated if evidence-based metrics, such as random audits, were used. Such metrics could also be used to refine the associated risk assessment tools.
In the absence of evaluation metrics, the IGT has drawn on the examination of the ATO’s main risk assessment tools in this review as well as those investigated in previous IGT reviews, to create guidelines for developing effective risk assessment tools. These IGT recommended guidelines address key stakeholder concerns, such as the governance, inputs and transparency of the ATO’s risk assessment processes as well as related communication with taxpayers and the proportionality of resulting ATO compliance action to detected risks.
Furthermore, these guidelines emphasise the importance of effective project management to minimise adverse impacts on taxpayers whilst making best use of ATO resources.
The appropriate implementation of the IGT recommended guidelines should result in extensive and enduring improvements to the ATO’s risk assessment processes. In addition to these guidelines, specific recommendations have also been made to enhance aspects of those risk assessment tools with which taxpayers have raised the most concerns.
In a recent review1, the IGT examined the ATO’s small business benchmarks, one of its main risk assessment tools in the micro and small business market segments, and made recommendations aimed at increasing the robustness and transparency of inputs and methodology used amongst other things.
The IGT has also, more recently, reviewed the key risk assessment tools used by the ATO in the individual market segment.2 These tools benefit from large amounts of relatively lowcost third-party information available to the ATO. Indeed, an estimated 1.4 million individuals with simple tax affairs may not need to lodge tax returns in the near future.3 The IGT’s recommendations for improvement in this regard will be made available upon the public release of the reports of these reviews.
Review into the ATO’s use of benchmarking to target the cash economy, publicly released in October 2012.
Review into the ATO’s compliance approach to individual taxpayers – income tax refund integrity program; and Review into the ATO’s compliance approach to individual taxpayers – use of data matching.
3 Neil Olesen, ‘Reinventing the ATO – ready, willing and underway’, (Speech to CPA Congress, 17 October 2013)
In other market segments, the ATO does not have access to the same level or quality of thirdparty information. The quality of information at the ATO’s disposal and the cost of gathering more information to gain sufficient confidence (information confidence and cost) have a major impact on the way the risk assessment tools are used and the compliance activities that follow.
The ATO’s main risk model, which is examined closely in this review, is the risk differentiation framework (RDF). It is used in a number of market segments including small to medium enterprises (SMEs) and large business and international (LB&I) as well as tax practitioners.
The IGT has recommended that the RDF be refined to reflect recent administrative developments and related taxpayer compliance patterns. A number of opportunities have been identified to reduce overall taxpayer compliance costs and improve ATO-taxpayer interactions by distinguishing between those risk factors that can be addressed by taxpayers (behavioural risks), those factors that cannot (inherent risks) and information confidence and cost.
The most mature application of the RDF is in the LB&I market segment. Stakeholders in this segment had raised concerns with the ATO’s use of judgement-based inputs, communication of taxpayers’ risk categorisations and the costs of resulting compliance activities. In this
respect, the IGT has made a number of recommendations including:
ATO risk assessment processes, related communication and subsequent compliance • action should reflect the differing levels and mixes of inherent and behavioural risks as well as information confidence and cost;
‘willing participation’ and ‘transparency’ should be objectively considered in terms of • information confidence and cost alongside, but separate from, the RDF;
discrete transactions or presence of a number of contestable positions should not of • themselves be determinative of a taxpayer’s overall risk rating; and greater detail should be provided to taxpayers about how particular risks are assessed • and there should be an open dialogue between the ATO and taxpayers before risk ratings are finalised.