PAST EVENTS:
SINGAPORE, THURSDAY 28 NOVEMBER 2019, 9.00-17.10
What the IRAS will look at in priority: what you can do about it immediately and in the next 6 months. Review of the 23 hallmarks: what is often done incorrectly? What internal control must be put in place?
AGENDA
Overview CRS Audit and Reporting Lifecycle
CRS Audit in Context - Global Forum CRS Peer Review Process
CRS Audit Overview: Entity, Process and Reporting
Reportable Account Lifecycle - Audit Risk Implications, at each of the following stages:
(a) Identification;
(b) Classification;
(c) Monitoring;
(d) Reporting;
(e) Closure
Audit Failure: Top 5 areas of potential failure and how to avoid:
Insufficient CRS specific internal controls (CRS Manual vs. AML Manual);
Insufficient separation of CRS client base into CRS relevant categories;
Insufficient “change of circumstance” training, escalation procedures, internal controls and communication protocols;
Insufficient “anti-avoidance” training, detection or deterrent processes and controls;
Insufficient application of “reasonable- ness” test to self certificate claims
Immediate steps:
internal audit, which areas to concentrate on?
reporting outcome assurance testing - sample reports vs. entire CRS client base?
staff competency testing, what to test, how to interpret results?
CRS/AML Manual review - key drafting provisions
General best practice steps:
Anti-avoidance training, explaining the requirements of the Mandatory Disclosure Rules for CRS Avoidance Arrangements;
Steps to reform CRS data management to ensure integrity of data;
Managing third party providers of CRS compliance services
How to prepare to and deal with an IRAS CRS compliance review – practical aspects
IRAS’ expectations
Internal controls, testing
Documentation
Periodic reviews – internal or external?
Outsourcing – what is required?
Desk audits
On-site audits
CRS controls at entity level
Control environment
Control activities
System controls
Change management
Information and communication
Monitoring and review
CRS controls at process level: account identification
New accounts
New individual account identification and treatment
New entity account identification and treatment
Review of account opening documents – what is required?
Opening of accounts
What to do in the case of a breach of account open- ing procedures?
Preexisting accounts
Determination of preexisting accounts
Optional treatments in Due Diligence procedures of pre-existing accounts
Review procedures for individual accounts
Review procedures for entity accounts
Identification and treatment of undocumented accounts
CRS controls at process level: Account monitoring procedures
Monitoring of account details
Documentation and follow-up of CIC and other changes
Review of undocumented accounts, dormant accounts and excluded accounts
CRS controls at process level: Account closure procedures
Identification of closed accounts
Finalising closed accounts
Recording closure of accounts
CRS controls at reporting level
Managing errors and amendments for CRS Reports/Returns
Common operational risks at a reporting level
Aligning reporting software solutions with data solutions
CRS FATCA "logic"at a reporting information data mart level
Datamart vs transaction processing systems : which data is the "Golden Source of Truth"
The "baton passing" problem
The "reverse baton passing" conundrum
CRS desktop audit: how to be prepared
A response tailored for different businesses. A Bank’s response is not efficient for a Fund, etc
Certain risks are more real in certain businesses. What are they?
You know your business, the tax authorities may not
"They don’t understand my business" is a complaint. What’s an effective solution instead?
A strategic response to the desktop audit
After receiving an inquiry from the authorities, how to come out smelling good
Finalisation of an IRAS CRS compliance review
What are the next steps and expectations by the IRAS
Ensuring operationalized compliance
Comments