Although the coronavirus pandemic is far from over, tax administrations can act now to help support taxpayers during the recovery phase and mitigate security and fraud risks arising from the crisis, an OECD body said.
The OECD Forum on Tax Administration (FTA) on May 26 published two reports aimed at tax administrations. The first report, co-written with the Intra-European Organisation of Tax Administrations and the Inter-American Center of Tax Administrations, outlines suggestions that tax administrations can consider in their business restoration plans. The second report comprises measures to address privacy, disclosure, and fraud risks that have increased as tax administrations shift their operations and working methods in response to the pandemic.
The first report covers several areas that tax administrations should consider during the recovery period, including business restoration governance, analysis and monitoring of the pandemic’s effects on tax revenues and taxpayers, reputation management, and business restoration planning.
Just as tax administrations’ business continuity plans have had to change given the unprecedented nature of the COVID-19 pandemic, so too should their business restoration plans, the FTA said.
“While some countries may be slowly emerging from the crisis phase of the pandemic, major challenges remain for resuming normal operations in what will be a difficult, uncertain, and prolonged period of recovery,” said Hans Christian Holte, director general of the Norwegian Tax Administration and chair of the FTA, in a May 26 release.
“None of us has faced such a situation before and continued close cooperation between tax administrations will remain critical both in supporting the recovery and in considering how we can emerge stronger and better able to serve our customers,” Holte added.
Recovery planning could include creating a business restoration committee, a group comprising senior officials from the main tax administration functions, such as communications, risk management, and IT. The committee could be responsible for tasks like commissioning analyses of the pandemic’s effects on tax revenues, executing plans for employees to safely return to their offices, and approving a communications and taxpayer engagement plan for the recovery period, the report says.
The FTA notes that analyzing and monitoring the crisis’s effect on tax revenues will be especially important to make informed tax administration and government policy decisions. The report underscores the importance for tax administrations to strike a balance between maintaining positive reputational gains during the crisis and mitigating potentially negative taxpayer perceptions as they shift to revenue collection.
The report also examines working methods that tax administrations may have to adopt during the recovery period. Tax agencies could consider increasing remote working options, implementing more flexible hours, and introducing digital identification and verification systems.
The FTA’s second report highlights security, privacy, and fraud risk concerns related to tax administrations’ new ways of working in response to the coronavirus crisis.
Risks arising from office closures and remote working arrangements include increased potential for office break-ins and theft; accidental privacy breaches caused by call center agents, who may be under pressure because of increased taxpayer demand; and greater risk of remote workers exposing confidential tax data to household members or visitors.
Tax administrations can curb those risks by beefing up their security presence in their reception areas, screening calls to route more complicated cases to more experienced call center agents, and training remote workers on privacy and security risks arising from their current work arrangements.
IT risks include staff using personal devices to carry out office tasks and transmit taxpayer data through unsecured channels, phishing attempts aimed at tax agency staff and taxpayers, and staff use of unsecured home networks that lack the same level of security that tax administration offices have.
Tax agencies could respond to those risks by installing software that detects and prevents unauthorized IT equipment from connecting to their main computer systems, communicating to the public ways to identify phishing attempts, and providing staff a list of applications to use to protect their home networks.
The FTA also identified risks linked to identity fraud, such as impersonation scams; tax fraud, such as the schemes involving fake companies and staff to access relief payments or tax refunds; and internal fraud, such as staff intentionally misappropriating funds or assets.
Tax administrations can crack down on those types of fraud by informing the public about common signs of potential identify fraud and about the kind of information that tax authorities wouldn’t request, creating new risk assessment flags for companies that have been recently formed, and instituting a “four eyes” policy that requires at least two people to approve taxpayer payouts above a prescribed threshold.
The FTA, established in 2002 and hosted at the OECD, comprises tax commissioners from 53 OECD and non-OECD countries. The group has published several reports in response to the COVID-19 pandemic, including guidance on measures tax administrations can take to support taxpayers and a reference document outlining ways tax administration can keep business operations going during the crisis.