«A report to the Assistant Treasurer Inspector-General of Taxation October 2013 Review into aspects of the Australian Taxation Office’s use of ...»
Stakeholders in the SME market segment expressed uncertainty with the RDF given the infancy of its application to this market segment. Drawing on the issues that have arisen with the RDF’s application to the LB&I market segment, the IGT has recommended that the ATO bolster its process of refining the risk inputs used and make more information publicly available about these inputs, amongst other things.
In relation to the application of the RDF to tax practitioners, the IGT had already raised a number of issues in his Review into Improving the Self Assessment System. In this review, the IGT has called for the ATO to consult with tax practitioners with a view to developing a guide on the operation of the RDF for them.
Overall, the IGT has made 16 recommendations to the ATO. The ATO has agreed with all of the recommendations.
Page | x CHAPTER 1 — OVERVIEW
CONDUCT OF THE REVIEW
1.1 This is the report of the Inspector-General of Taxation’s (IGT) review into aspects of the Australian Taxation Office’s (ATO) use of compliance risk assessment tools. The report is produced pursuant to section 10 of the Inspector-General of Taxation Act 2003 (the IGT Act 2003).
1.2 During public consultation for the IGT’s 2012–13 work program, submissions were received from a range of taxpayers, tax practitioners and their representative bodies raising concerns about how the ATO selects taxpayers for compliance activities, that is, the ATO’s compliance risk assessment tools. The IGT commenced this review in response to those concerns and pursuant to section 8(1) of the IGT Act 2003. The IGT undertook further community consultation to better understand these stakeholders’ concerns which are reflected in the terms of reference issued on 31 October 2012 and reproduced in Appendix 1.
1.3 The IGT received a number of submissions in response to the issuance of the terms of reference. The IGT also met with interested taxpayers, their representatives, selected professional bodies and industry associations to understand their experiences and to discuss their submissions.
1.4 To further assist the review, the IGT established a working group comprising key tax practitioners and representatives: Craig Jackson (Ernst & Young), David Drummond (KPMG), Andrew Noolan (The Tax Institute/SBN Lawyers), Michael Fenner (Chevron), John Avery (Australand), Michelle de Neise (Corporate Tax Association), Jeremy Child (Australian Financial Markets Association/Royal Bank of Scotland), Michael Johnson (Consolidated Press Holdings), Steven Green (ANZ Bank), Jane Michie (Macquarie Bank), John Condon (BP Australia) and senior ATO officials.
1.5 The IGT greatly appreciates the generosity of the members of this working group in giving of their time and expertise. Their involvement has significantly enhanced the outcomes of this review.
1.6 The working group met to discuss concerns and to consider potential solutions. It should be noted, however, that the views and recommendations expressed in this report are not necessarily those of individual members of the working group.
1.7 The IGT worked progressively with ATO senior management to identify the areas for improvement and to distil specific action items.
1.8 During the conduct of the IGT’s review, the ATO completed an internal audit which covered aspects of the ATO’s ‘Risk Differentiation Framework’ (RDF). The ATO kept the IGT informed of the progress and the findings of the internal audit. Some of these findings are referred to in Chapter 3.
1.9 During the final stages of this review, the ATO’s organisational structure also changed with a corresponding name change for some of the business lines. It should be noted that their former names are used below.
1.10 In accordance with section 25 of the IGT Act 2003, the Commissioner of Taxation was provided with an opportunity to make submissions on any implied or actual criticisms contained in this report. The Commissioner’s response is included in Appendix 13, whilst the detailed responses are reproduced under each recommendation as they appear in the report.
SUMMARY OF STAKEHOLDER CONCERNS
1.11 Stakeholders from the large business sector focussed on a key ATO risk assessment tool used for this market segment, the RDF. Their concerns with the RDF
risk categorisation process included:
• the governance and transparency of the process;
• whether taxpayers were afforded due process during various aspects of the process;
• whether the categorisation resulted in a proportionate compliance response from the ATO.
1.12 Stakeholders from the small to medium enterprises (SME) sector also focussed on the rollout of the RDF to this market, pursuant to the ATO guide Tax compliance for small to medium enterprises and wealthy individuals.4 Stakeholders held particular
• how the ATO would communicate taxpayer risk categorisations; and
• the nature of the opportunities to test the underlying evidence before categorisation is finalised.
1.13 In a previous IGT review,5 concerns were also raised with the impact of applying the RDF to tax practitioners. In the first instance, it was questioned whether they would be compromised in their duty to their clients by being subjected to such a risk assessment system. Amongst other issues, transparency, governance and communication were again raised if the RDF were to be applied in this context.
1.14 Stakeholders from the micro businesses sector6 expressed concerns regarding the ATO’s cash economy risk assessment tool (the small business benchmarks) in
another IGT review.7 Their concerns included:
Australian Taxation Office, Tax compliance for small-to-medium enterprises and wealthy individuals (26 October 2012) http://www.ato.gov.au.
Inspector-General of Taxation, Review into improving the self assessment system (2013).
In this case, small businesses with a turnover below $15 million.
• the accuracy of the data used as inputs into the benchmarks;
• aspects of how the ATO communicated benchmark comparisons to taxpayers;
• whether the benchmarks were an effective compliance risk identification tool; and
• the proportionality of the ATO compliance approach to taxpayers who were outside the benchmarks.
1.15 In the current work program, the IGT also conducted a review into the Income Tax Refund Integrity Program (ITRIP) and ATO data matching activities, being specific risk assessment tools used in the general individuals area. The stakeholder concerns
with respect to the ITRIP include whether the ITRIP:
• uses relevant and accurate information for detecting potentially incorrect or fraudulent claims;
• has adequate resources available to promptly verify and release refunds;
• has a proportionate impact on compliant taxpayers and their representatives; and
• provides adequate explanation to taxpayers and their agents as to why their refund was withheld for checking.
1.16 Stakeholder concerns regarding ATO data matching activities include:
• the quality of the data being used in these activities;
• the low accuracy at predicting non-compliance for certain projects; and
• the inadequate information or opportunity given to taxpayers to address the ATO’s concerns before assessments were amended.
1.17 The above concerns of stakeholders across all market segments can be distilled
into four broad categories:
• the governance and transparency of the risk assessment process;
• the accuracy or relevance of inputs used in the risk assessment process;
• the resultant risk rating or categorisation, and the quality of communication and due process afforded to taxpayers in relation to it; and
• the proportionality of subsequent ATO compliance activity to the purported or actual risk level.
1.18 Besides the small business benchmarks, ITRIP and data-matching, this current review provides information on other ATO risk assessment tools used in the micro business and individuals market segments. Significant concerns were not raised by Inspector-General of Taxation, Review into the Australian Taxation Office’s Use of Benchmarking to Target the Cash Economy (2012).
stakeholders in relation to these other tools. This may be partly due to a lack of awareness by affected parties. The information provided in this report should place them in a better position to provide feedback in the future at which time consideration could be given to a separate review of these areas.
STRUCTURE OF THIS REPORT
1.19 This report is comprised of three main parts. The first part, Chapter 2, provides background on the ATO’s risk management systems and corporate expectations in relation to compliance risk management.
1.20 The second part, Chapters 3 to 7, focuses on each market segment covered by this review and the compliance risk assessment tools the ATO uses within them. The
market segments explored are:
• large business and international;
• small to medium enterprises, wealthy Australians and high wealth individuals;
• micro enterprises;
• tax practitioners.
1.21 As depicted in Figure 1 below, the final part of this review, Chapter 8, draws on the observations made in part 2 of this report as well the observations made in separate IGT reviews for small business benchmarks, ITRIP and data-matching and makes recommendations of broader application to the ATO’s use of compliance risk assessment tools.
Page | 4
CHAPTER 2 — ATO RISK MANAGEMENT
2.1 The activities of any organisation involve some level of risk.8 Risk can be defined as the effect of uncertainty on objectives.9 All organisations must effectively manage the impacts of this uncertainty to ensure they can deliver on their objectives.
Risk management, therefore, is commonly considered to be a key governance and management tool within the private and public sectors.10
2.2 Internationally, risk management is also recognised as a key part of organisational management. As such, the International Organization for Standardization (ISO) issued International Standard ISO 31000 Risk management — Principles and guidelines. In Australia, this standard has been adopted as AS/NZS ISO 31000:2009. The ATO’s enterprise risk management framework refers to this standard as one of the reasons for the framework’s current form.11
2.3 Risk management has also been the focus of research and public discussion as both a management discipline and as a profession in various industries.12 For example, other approaches have suggested a greater focus on identifying vulnerabilities beyond those currently identified through intelligence sources.13 Other research indicates the need for paradigm shifts in risk prevention strategies as the return on investment of current risk detection methods begins to decline.14 Such approaches are also applicable to revenue authorities.
2.4 Guidance from the Organisation for Economic Co-operation and Development (OECD) Committee on Fiscal Affairs15 has also advocated that revenue authorities
adopt a risk management approach:
Revenue authorities have turned to risk management in order to allocate better scarce resources to achieve an optimum compliance strategy — one aimed at achieving the best long-term compliance for the resources employed. Without a systematic methodology to do this, resource allocation decisions are open to question and criticism and, for a revenue authority, potential tax revenue may be lost.16 International Organization for Standardization, ISO 31000 Risk management – principles and guidelines (2009),
Comcover, Better Practice Guide - Risk Management (June 2008).
Australian Taxation Office, ‘Enterprise Risk Management Framework’ intranet document.
For example, the Risk Management Association of Australia; Risk Management Institution of Australasia;
Australian Risk Policy Institute.
Australian Risk Policy Institute, The Risk Policy Model (2012) p 25.
IGT stakeholder consultation 21 May 2013.
Centre for Tax Policy and Administration, Organisation for Economic Co-operation and Development, General Administrative Principles - GAP003 Risk Management (2001).
Ibid para .
The ATO’s organisational objectives
2.5 As risk is defined as the effect of uncertainty on objectives, it is important to articulate the ATO’s actual objectives. The ATO’s objectives, on one view, may be described in terms of their stated outcomes and vision. Both are articulated in their 2011-12 Annual Report:
… that Australians value their tax and superannuation systems as community assets, where willing participation is recognised as good citizenship.17
Confidence in the administration of aspects of Australia’s tax and superannuation systems through helping people understand their rights and obligations, improving ease of compliance and access to benefits, and managing non‑compliance with the law.18
2.8 In order to achieve the above vision and outcome with the resources at their disposal, the ATO adopts a risk-based approach.
2.9 In addition to taxpayer non-compliance risks, the ATO, like any other organisation, faces a variety of risks which can impact on its ability to deliver on its objectives. These may relate to areas such as technology, people or finances. For example, the ATO needs to manage the risk of skilled, knowledgeable or experienced employees leaving the ATO. As a human capital risk adequate succession management plans need to be considered for the management of knowledge transfer.