In the post-BEPS era, tax authorities are increasingly reliant upon international cooperation as a means to carry out their enforcement activities in tax and transfer pricing audits. Requests for information between tax authorities and requests for taxpayers to supply the information (when the tax authorities do not have the information being requested) have become an integral part of the controversy landscape.
Whether the tax authorities or the taxpayers receive a request to supply information, there are legal limits that must be respected when responding to these requests. These limits are relevant even when tax authorities already have the information in their possession as exchanges that do not respect the limits may be challenged subsequently. Tax authorities also have to respect these limits when they request that taxpayers provide information, even when they have a far-reaching power to request information under their domestic law.
Here are some of the things that we have learnt about responding to exchange of information requests.
Identify the legal instrument involved.
This is a fundamental step as the applicable legal instrument sets out the limits that must be respected when responding to information requests. Furthermore, there are a variety of legal instruments either in the form of tax information exchange agreements, bilateral tax treaties or the convention on mutual assistance in tax matters. Although these legal instruments share the basic principles in facilitating exchange of information, there are some significant differences in their scope and the way they are likely to operate in practice. Understanding these differences will ensure that the requests are responded to appropriately in the context of the applicable legal instrument.
Assess whether the request is foreseeably relevant.
The “foreseeable relevance” requirement prescribes a general limitation that tax authorities must meet when requesting information. There is generally no obligation to supply the requested information unless the foreseeable relevance standard is met. While foreseeable relevance is left undefined, international standards based on the OECD Commentary suggest that, in essence, tax administrations should not go on “fishing expeditions” and request information on taxpayers that strays from the ambit of the defined scope of the investigation taking place. Speculative requests that have no apparent connection to an open enquiry or investigation can be declined.
In transfer pricing controversy, this limitation may be relevant as transfer pricing audits on a tested party are likely to limit the scope of information request that may be considered to meet the “foreseeable relevance” requirement. For example, tax authorities requesting information about a non-tested party would likely be required to explain how such information is foreseeably relevant. When these requests are passed along without regard to the foreseeable relevance standard, taxpayers should question whether the government requesting the information has met the standard.
Once furnished with an explanation for the request, however, the other party may not decline a request or withhold requested information because it believes that the information lacks relevance to the underlying investigation or examination. Further, foreseeable relevance requires that there is a reasonable possibility that the requested information will be relevant when the request is made; and whether the information actually proves to be relevant is “immaterial.”
Not everything is a business, commercial or trade secret.
As a general rule, there is no obligation to supply information which would disclose any business, commercial or trade process secret under all the legal instruments that facilitate exchange of information requests. However, this exclusion is not as broad as it would first appear. The international standards based on the OECD Commentary suggest that the exclusion only applies to secrets that are of considerable economic importance to the taxpayer, where any unauthorised use would lead to serious damage and financial hardship for the taxpayer. Nevertheless, requests for information concerning suppliers and customers may fall within the scope that justifies non-disclosure, especially if the scope of such requests is very broad (e.g. all suppliers or all customers of a business).
Supply of information concerning personal data requires careful consideration.
Information concerning personal data (such as names, passport details, phone numbers, email addresses, etc.) are subject to stringent national, regional, and international standards for the protection of privacy. Although this is not always clearly provided for in exchange of information instruments, the preamble to the Convention on Mutual Assistance in Tax Matters explicitly recognises that “States should carry out measures or supply information, having regard to the necessity of protecting the confidentiality of information, and taking account of international instruments for the protection of privacy and flows of personal data.” Furthermore, when supplying information, it is important to ensure that the recipient state has in place an appropriate level of protection for the personal data. A request to supply any requested information concerning personal data could be declined if there are concerns over the level of personal data protection in the recipient state.
In the era of the General Data Protection Regulation (GDPR), countries in the European Economic Area (EEA) must comply with GDPR. These rules provide extensive data protection rights over personal data: such data may be gathered and exchanged only for a lawful purpose that must be clearly identified in specific terms so that any misuse of the data can be challenged, and it must not be retained longer than necessary for the identified purpose. When requests for personal data are made to a person that has to observe these rules, it cannot be presumed that the person has any information on personal data, or is able to keep the personal data. Furthermore, even when the information is available, it cannot be freely available to share without regard to the level of protection of personal data that is applicable in the recipient state, especially if the state is not a white-listed country for GDPR purposes.
Please contact the authors or your usual DLA Piper advisors for further information about responding to exchange of information requests from tax authorities.