Facing a fixed regulatory compliance timeline, higher client data volumes and continuous changes to already complex requirements; it is time to migrate your tactical FATCA reporting solution to something more agile and automated to handle AEOI/CRS
2018 will see the second tranche of countries reporting under the OECD’s Automatic Exchange of Information (AEOI) program. This includes many APAC countries such as Hong Kong, Singapore, Australia, New Zealand, Malaysia, Indonesia, Japan, and China. Under AEOI, financial institutions (FI) provide specific information on their clients’ assets and incomes to their local tax authority through the Common Reporting Standard (CRS) scheme. This information is then shared with other tax authorities where the client may have a tax obligation. CRS follows on from existing Foreign Account Tax Compliant Act FATCA regulations, whereby FIs are required to undertake similar reporting on US clients.
To meet aggressive timeframes and to collate the mass of required data, most FIs should already have embarked on their compliance project with a clear Target Operating Model in mind. This is crucial to the success of the FATCA/CRS implementation as early movers have uncovered a host of functional, technical and operational challenges which were either not properly foreseen or were given insufficient focus. Based on the experiences of early adopters, there are some key takeaways that would be beneficial to FIs who have yet to gear up or are preparing to gear up for the impending CRS regulations.
With FATCA, FIs could comply with reporting requirements using ‘tactical’ solutions made up of internally built software, spreadsheets and manual coordination. The same approach is unlikely to work for CRS. With the increased complexity and coverage of CRS, firms need to seek out a strategic long-term reporting solution.
Although the base OECD regulation mainly focuses on information relating to reportable accounts, some national regulators have requested for additional information. Most of this may either already be available or in the processes of acquisition. However, many FIs are lacking a common data management and governance process that would allow for efficient extraction of this information.
A practical challenge of CRS implementation is that regulations are still constantly evolving despite fixed compliance deadlines. For example: authorities in Hong Kong and Singapore have released draft guidelines and schemas, however there is a chance that the regulatory body may still mandate changes in the final guideline and reports. Indonesia on the other hand, has yet to lay the practical groundwork needed for CRS compliance such as the Indonesian Privacy Law. It is no wonder that many project teams within FIs are wondering how, and if it is even possible, to implement these last-minute changes within such tight and often uncertain timelines.
Despite facing a fixed compliance timeline and business justifications for automation, it is concerning to see that many FIs are still opting for a “wait and see” approach. A possible reason could be the hopes of reaping the late-mover technology advantage, or that the FI is based in a jurisdiction where the local regulator has yet to publish final guidelines or even in a country where local legislation is still in the process of being passed. There are branches and subsidiaries of international FIs who seem to be waiting for head office mandates on how to approach and address the AEOI requirements. Having to account for both group and branch reporting, these larger multi-national FIs will therefore face an increased set of challenges in terms of varying data sources, differences in calculation methodologies and submission formats across multiple jurisdictions.
So what does this mean for FIs?
The phenomenon of a static regulatory timeline in a dynamic environment for data management, classification and reporting requirements requires an overall technology solution approach that brings flexibility to the entire process. This allows FIs to achieve compliance objectives in a much shorter timeframe.
Similarly, the changes that regulators are likely to introduce after initial adoption require an agile and transparent change management mechanism. Faced with ad-hoc regulator requests, advanced versioning and data lineage capabilities play a crucial role in the audit and justification of classification decisions. This enables the timely, efficient tracking of different sets of data and business rules which ultimately provides traceability of the activities in individual client accounts over time.
Emerging best practice from early adopters is to prioritize technology that can be deployed on a centralised basis that is able to handle reporting and ongoing client monitoring across multiple jurisdictions, entities and business units. This consolidates all client information from different sources across locations in a composite repository for handling the input and output data related to multiple jurisdictions. With a continued focus on efficiency, FIs are also prioritising solutions that can be utilised for other regulatory reporting requirements.
Given the uncertainty and under preparedness of regulators and FIs alike, the CRS implementation window is likely to be quite short for many FIs. Holding back on the implementation of the compliance program now is likely to result in greater complications and challenges down the track. FIs need to act now to deploy a comprehensive, proven and readily implementable technology solution to effectively navigate this meandering and often unpredictable compliance journey.