Fatca final rules lead software firms to highlight solutions and data protection issues
Official publication of final Fatca rules today has been seen as the starting gun for software and IT services companies to roll out solutions that the industry will require in order to meet reporting and other obligations under the legislation.
The industry is working to a tight deadline. Although the US Treasury and Internal Revenue Service – responsible for implementing legislation in the US – have offered affected businesses an element of delay until the start of 2014, there is significant pressure on organisations to now put in place the systems that can, for example, allow them to identify US persons and ensure the proper witholding tax and reporting procedures are implemented.
Jon Asprey (pictured), vice president strategic consulting at Trillium Software and leader of the Trillium FATCA Compliance Data Assessment consulting team, said the final regulations brought clarity to financial institutions. However, he added that “our work with institutions suggests that while many firms are making progress towards Fatca compliance, a good number haven’t yet certified that their data capture processes and existing client information will support reliable account identification and classification”.
“We’d recommend that firms need to gain a comprehensive assessment of the completeness and accuracy of their client data, not continue to rely upon gut-feel and assumptions. Trillium proposes that institutions must now certify their existing account data and new client data capture processes, allowing time to plan, resource and deliver what could be complex remediation projects across multiple source systems.”
From the UK perspective, the need to ensure accurate FATCA reporting is re-enforced by the country’s Data Protection Act (DPA). This means that customers could potentially seek damages from firms for misreporting data about them to the US Internal Revenue Service. Similar laws could apply in other countries, Asprey said.
“HM Revenue & Customs [the UK government tax agency] has published guidelines clarifying that individuals have the right to claim compensation from an institution, as well as from HMRC, where they have suffered damage because of a breach of the DPA.”
“Under FATCA as it applies in the UK, while an institution must inform an individual that it intends to report information about them to HMRC for automatic exchange with the US, the institution cannot indefinitely hold those files awaiting account holder approval. This further emphasises the need for firms to ensure their data is right first time, every time.”
Data exchanges are being regulated at the national level by so-called Intergovernmental Agreements (IGAs). The US Treasury and IRS have publicly set an initial target of 50 IGAs to ensure that Fatca works, as without agreement with other governments the reuqired data on foreign accounts held by US persons cannot be accessed. As recently noted, there are outstanding concerns in this area too, specifically that the IRS and US Treasury could end up negotiating multiple models of IGAs, which would lead to uncertainty and possible regulatory arbitrage in respect of Fatca. (See: Model proliferation a key challenge to Fatca implementation, says State Street)
Asprey highlights further concerns at the level of reporting.
“Recently the Trillium compliance team highlighted for one institution that as many as 100,000 accounts appear to have data issues needing manual investigation before they can be confidently verified as either subject to, or not subject to FATCA. That’s potentially many thousands of hours of work, but at least that bank can now plan to put such resources in place and in good time for 2014 compliance.”