«A report to the Assistant Treasurer Inspector-General of Taxation October 2013 Review into aspects of the Australian Taxation Office’s use of ...»
Risk managers develop and implement strategies to mitigate their risks. The strategies outline how the risk will be deterred, and how it will be dealt with at an operational and tactical level.176
3.84 Risk managers consult with technical experts and officers from the ATO’s Risk Intelligence and Systems Support (RI&SS) team to develop risk filters to assist in detecting risks.177
3.85 Whilst any officer in LB&I can recommend a taxpayer to be subjected to a risk review, risk managers are responsible for considering the risk filter output and regularly making recommendations for case selection.
3.86 Where a taxpayer has not been brought to the attention of the risk manager (or anyone else in LB&I) via the risk filters, the taxpayer may nevertheless be the subject of a risk recommendation due to qualitative information, such as media coverage of a large transaction or intelligence from other sources.178 All recommendations are
considered by the CSSC, and must be signed-off by the LB&I Executive before commencement of a risk review.179
3.87 In the absence of qualitative information and risk filter output, it is possible for a segment of the lower consequence taxpayer population to have little contact with the ATO. Minutes from the December 2012 CSSC workshop indicate that possibly 500 lower risk taxpayers had not had any ATO contact for three years. As a result, it was indicated that the ATO (the Compliance Assurance & Governance and RI&SS teams) were examining a more robust profiling and risk assessment process for lower
consequence taxpayers.180 The minutes also indicate that:
The statistics above show a funnelling effect where initially a large number of risk recommendations were not considered due to low materiality or low risk rating in the output. The numbers that are then considered are whittled down via analysis and cross-referencing to previous cases until only a small number of the original population is left for new recommendations.
3.88 As a result, the ATO’s CSSC has identified a number of opportunities for improvement to the risk filter process.
3.89 The minutes also indicate that risk managers expressed a desire to work more closely with the LB&I Operations teams (compliance teams that undertake risk reviews etc) to assist them in identifying risks in taxpayer information and ‘asking the right questions’ of the taxpayer. By working more closely with them, risk managers may assist in improving the capability of the compliance teams.182
TAXPAYER NOTIFICATION OF RDF CATEGORISATION
3.90 Once a taxpayer’s risk categorisation has been determined by the moderation panel, the ATO begins a process to author and issue the RDF notification letter. The
letter advises taxpayers of their categorisation:
In 2011–12, for the first time we informed most large business in a single letter about our view of their relative risk of non‑compliance for GST, income tax and excise.183
3.91 For higher risk and key taxpayers, the letters are sent to the CEO, while letters for lower risk and medium risk taxpayers are sent to the public officer.184 Senior executive ATO officers also meet with their tax managers to explain the ATO’s views and discuss any concerns.185
3.92 Senior ATO management advised during this review that it expects compliance teams and officers to discuss the potential contents of the letter with the tax manager during the letter development process so that tax managers should not be surprised by the contents of the letter when it is issued.186
3.93 The RDF notification letters are the subject of a forty-step production process with several ATO staff involved.187 The process seeks to ensure adequate review of the compliance teams and moderation panel output and relevant Second Commissioner oversight and approval is obtained. This improved process was in response to Recommendation 4.1 of the IGT’s LB&I Review.
3.94 The ATO’s moderation panel documents indicate that the key taxpayer segment is further subdivided into: ‘key with no concerns, key with some concerns, key with significant concerns’.188 This subdivision is not apparent in the LBTC booklet discussion about the RDF quadrants, nor in the RDF fact sheet.189 However, the recent ATO publication Real-time compliance engagement approach for higher consequence taxpayers in the large market shows key taxpayers and higher risk taxpayers displayed as a spectrum, rather than two halves.190
3.95 This is consistent with the Second Commissioner’s speech in 2011 regarding
the categorisations and letters:
3.96 For higher consequence taxpayers, the RDF notification letters only describe whether a taxpayer has been categorised as a key taxpayer or a higher risk taxpayer.
The letter does not use sub-categories. Rather, moderation panel documents suggest that sub-categories are used to assist in developing the tone and content of the RDF notification letter. For example, where the ATO has some concerns about a key taxpayer, it will outline those concerns in the letter.
3.97 The ATO has advised that all higher consequence RDF notification letters should contain the details of a senior executive contact officer who is available to discuss the categorisation with the taxpayer.
ATO communication to IGT, 15 February 2013.
Australian Taxation Office, RDF Notification Letter Process.
Australian Taxation Office, RDF Moderation Panel Minutes 14 June 2012.
Australian Taxation Office, Risk differentiation framework fact sheet (28 March 2012). http://www.ato.gov.au.
Australian Taxation Office, Real-time compliance engagement approach for higher consequence taxpayers in the large market fact sheet (15 February 2013), http://www.ato.gov.au.
Quigley, above n 88.
ADDITIONAL HIGHER CONSEQUENCE REQUIREMENTS — TAXPAYER ASSURANCEPLANS (TAPS)
3.98 Compliance teams dealing with higher consequence taxpayers are expected to
develop taxpayer assurance plans (TAPs). These plans are:
Teams are required to have a three year taxpayer assurance plan for each higher consequence taxpayer using a whole of ATO/whole of taxpayer approach. Each plan should be endorsed by the relevant SES leader and periodically updated.192
3.99 The TAP is intended to document an understanding of the current state of the relationship between the taxpayer and the ATO, including the taxpayer’s compliance, their attitude towards compliance, the intended goal of the plan, the resources to achieve that goal and the approaches required to ‘turn the vision into reality’.193
3.100 As the TAP only caters for higher consequence taxpayers, it provides examples of intended outcomes for higher risk taxpayers and key taxpayers only. The examples generally focus on increasing or maintaining the taxpayer’s commitment to real time disclosure of tax risks to the ATO.
3.101 The ATO’s compliance teams document their understanding of the taxpayer’s business using an adaptation of the ATO BISEP model explained in Chapter 2. This is essentially a taxpayer profile that documents the taxpayer’s past compliance behaviour, including past interactions with the ATO. This profile section also contains a section for the ‘rationale for the risk category rating’. This ensures that compliance teams outline the reasons why the taxpayer received the RDF categorisation that it did.
3.102 The profile section of the TAP also contains a section to record the compliance team’s observations about the taxpayer’s risk management and governance function.
This is considered important because:
Reviewing a taxpayer’s risk management and governance function is critical to understanding its business and behaviours. Aside from its importance in assisting teams to better understand the business, taxpayers must be able to demonstrate sound tax risk management processes and a willingness to work with us in order to be considered for an ACA (providing the taxpayer meet our other ACA criteria).194 3.103 The TAP also expects compliance teams to establish protocols with taxpayers to facilitate relationship management at both the strategic and operational levels. The protocols are designed to assist where differences of opinion or disputes arise.
Australian Taxation Office, Taxpayer assurance planning guide for higher consequence taxpayers July 2011.
3.105 The TAP is to include the manner in which the ATO-taxpayer relationship is to be managed and resourced within the ATO, with compliance teams documenting the internal resourcing and governance arrangements to implement the strategy.
3.106 The section of the TAP entitled ‘what needs to be done?’ provides guidance to compliance teams about their approach to information gathering and risk assessment in light of what the ATO knows about the taxpayer (captured earlier in the TAP) and their RDF risk categorisation. For example, it provides examples of kinds of ‘monitoring’ and information gathering approaches that do not involve taxpayer contact as well as approaches that do.196
ATO REVIEW OF THE RISK CATEGORISATION TEMPLATE
3.107 In October 2012, the ATO completed a review of the template, with a business analyst seeking feedback from the main users of the template, the LB&I compliance teams. The review noted that there was a degree of overlap between the information entered in the template and that already documented in the TAP.197
3.108 Feedback also indicated that compliance teams would like to receive feedback from the RDF moderation panel about the compliance teams’ work, as well as information about how the moderation panel uses the information in the template.198
3.109 The review also noted an opportunity to streamline the notification letter process by using technology to reduce the amount of manual re-working of content from the template through to the eventual letter issuance.199
3.110 The ATO advised the IGT during this review that it was undertaking a review to better integrate the TAP, the template, and PCR related documentation and to reduce overlap and manual data entry.200
3.111 A summary of the process for higher consequence taxpayers can be shown diagrammatically in Figure 11: Simplified higher consequence taxpayer risk
categorisation process below:
Australian Taxation Office, Higher Consequence Taxpayer Risk Categorisation Revision: Revision of the 2012 Higher Consequence Taxpayer Risk categorisation template and related processes with the purpose of improving annual taxpayer categorisation. Revised 2/10/2012.
Ibid Requirement R14 and R4.
Ibid Requirement R11.
ATO communication to IGT, 19 April 2013.
3.112 This report now considers the specific concerns stakeholders raised in submissions. The IGT will discuss these and related materials, making observations and, where appropriate, recommendations.
STAKEHOLDER CONCERN — TRANSPARENCY OF THE RISK CATEGORISATION
3.113 Stakeholders raised concerns about certain aspects of the ATO’s RDF as used by LB&I. Of particular concern was the underlying process that the ATO used to categorise taxpayers. The LBTC booklet notes the use of a moderation process, but no further detail is given about it.201
3.114 Stakeholders generally supported the appropriate use of qualitative inputs for the RDF process, recognising that a purely quantitative approach in this market segment will often be impractical. They were concerned, however, to ensure that there was adequate oversight of any process requiring professional judgement or use of subjective measures by ATO officers. The underlying concern was that ATO LB&I audit staff involved in risk rating taxpayers would be heavily influenced by their perceptions of interactions and their own organisational or personal behavioural biases.
3.115 Stakeholder concerns were also directed at the ATO categorisation process for higher consequence taxpayers regarding the key taxpayer or higher risk taxpayer delineation.
3.116 The process for deciding a higher consequence taxpayer’s risk categorisation is based on the template as noted. This contains the compliance team’s consideration of both the consequence and likelihood factors, concluding with their risk categorisation recommendation.
• a preliminary judgment by the compliance team;
• providing a starting point for the moderation panel to assess the appropriateness of the recommendation; and
• setting out how that taxpayer sits in the RDF relative to other taxpayers.202
3.118 The template and recommendation are then considered by the ATO’s moderation panel. The moderation panel considers all the higher consequence taxpayer templates to assist in determining relativity. The moderation panel documents their decisions, which may be a confirmation or variation of the categorisation proposed by the compliance team. This decision is then escalated to the LB&I Executive whereby the categorisation is ratified.
3.119 The ATO’s Internal Audit examined a sample of completed templates and found that ‘comparable evaluation and evidencing methods were used for all sampled taxpayers despite different business contexts’.203 IGT observations
3.120 The moderation panel is an important control measure implemented by the ATO to ensure that risk categorisations of higher consequence taxpayers are not adopted or changed by the action of a single ATO officer or compliance team. As noted in paragraph 3.67 above, similar control measures are in place for lower consequence taxpayers, whose risk categorisations must be approved by the CSSC.
3.121 The IGT also acknowledges that the use of the template is an important
measure to facilitate: