With the introduction of the behavioral indicator for ‘Internal Governance’, demonstrating accurate filing, notification, due diligence, reporting and/or notification obligations regarding Automatic Exchange of Information under the CRS or FATCA becomes an important factor in securing a ‘low risk’ rating.
In order to help not only demonstrate the effectiveness of the architecture but also the outcome, PwC have developed an approach that includes implementing a three-level framework for assessing AEoI compliance.
- At the strategy level, a governance framework is agreed and documented as the basis for all decision making.
- At the management level, the RACI matrix is used to identify those responsible, accountable, consulted and informed for each process, and
- At the final level, i.e. the day to day operations, processes for developing, documenting and maintaining processes and controls is kept under review and IT infrastructure is integrated with a variety of inbuilt controls.
Based on this, we can work with business using a compliance review method to assess the adequacy of existing policies and procedures through reviewing documentation and conducting interviews with key personnel. The objective of the review is to determine whether reporting is accurate by identifying any gaps, inconsistencies, deviations or non-compliance of processes or activities that require remediation.
The results of the review can be documented in a written report and ultimately can be shared with HMRC to be used as supporting evidence of an organisation fulfilling its obligations in relation to AEoI under the CRS or FATCA. This will contribute to the case for a business to be considered in the ‘low risk’ category in a BRR+ review.
If you would like to know more, please get in touch with me, Daniel Dzenkowski or your usual PwC contact.