Know your risk: Third party data framework ratings to be applied to Funds from 1 July 2024
The ATO has announced that assurance reviews starting from 1 July 2024 will rate entities within the investment industry on their third-party data tax control frameworks. Large super funds, managed funds and insurance companies need to have adequate policies, procedures and controls in place to meet their tax risk management obligations.
Background
Investment entities, including managed investment trusts (“MITs”) and attributions MITs (“AMITs”) depend heavily on external data for income tax reporting, particularly when preparing to issue distribution statements to their investors. The Australian Taxation Office (“ATO”) has noted this dependency as a key factor in inaccuracies (‘unders and overs’) that require adjustments in subsequent tax years. To mitigate this, the ATO published a ‘Governance over third-party data supplementary guide’ in 2022 (“the Guide”), offering guidelines for improved management of such data by investment entities.
From 1 July this year, as part of its tax assurance reviews, the ATO will be assessing whether investment entities have appropriate third-party data controls in place to ensure information being reported to their investors and the ATO is correct.
What does the Guide say?
The Guide outlines the ATO’s expectations in terms of the design effectiveness of the fundamental controls relevant for the third-party data tax control frameworks. That is, whether the systems are capable of correctly calculating and reporting income tax obligations. A copy of the full guide can be found here.
In their approach to reviewing third-party data tax controls, the ATO considers that there are four main principles that an entity must address to manage and mitigate the risk of inaccuracies in the third-party data that feed into the income tax reporting or distribution statements:
- The entity needs to understand the roles and responsibilities of outsourced service providers.
- The entity needs to be satisfied that the tax policies of the outsourced service providers are prepared in accordance with the tax law and reflected in the tax reporting period relied upon by the entity.
- The entity needs to be satisfied that the returns and tax outcomes of investments are properly reflected in reporting obligations.
- The entity needs to seek assurance from independent parties in relation to the accuracy of the data received and processed by outsourced service providers.
What data is covered by the Guide?
The expectations for tax controls over third-party data in the Guide apply to third-party data received by the entity and used by the entity for the following reporting obligations:
- the entity’s income tax return and associated schedules; and
- the AMMA statement, SDS and distribution statement.
Examples of third-party data include: fund administration reports; custodian reports including CGT reports, income and expense reports and a 45-Day Rule report; AMMA statements provided by investment entities including classification of investments (e.g. CGT); AIIR statements lodged by the investment entities; reconciliation reports of distributions to AMMA to AIIR statements; reports and tax statements from foreign CLPs; tax opinions in relation to foreign CLP and other foreign investments.
How should funds apply the guide?
The Guide provides entities with an opportunity to contrast their existing third-party data tax governance frameworks against the ATO’s better practice examples.
The ATO states that it does not intend for Funds to focus on the form rather than substance of the Guide, nor to attempt to comply with every element. Rather, the ATO encourages entities to adopt the better practice examples throughout the Guide that are applicable to their circumstances, depending on their investment structure and profile.
The intention of applying the framework is to ensure that the relevant investing entity (i.e. the large super fund, managed fund or insurance company that invests in an investment entity) can demonstrate that where they are relying on outsourced service providers, they have taken steps to obtain a high level of confidence over the accuracy of the information provided and included in the preparation of their own reporting obligations.
There are many managed funds that do not rely significantly on outsourced service providers. For example, many property and debt funds hold and manage all relevant assets in-house. Accordingly, the third-party data control framework may be very different for these types of funds as compared to a managed fund that holds all assets through a custodian or outsources property management activities to a third-party property agent.
Furthermore, to the extent that Fund of Funds (“FOFs”) invest into the managed fund, they may also require assurance and control testing to confirm that the managed fund has suitable controls for accurate reporting (for their own third-party data control framework). Accordingly, the ATO’s guide is something that will need to be reviewed by all managed funds.
What does this mean for the current income year?
As of 1 July 2024, the ATO expects investment entities to have implemented controls which follow the principles in the Guide and will assess their compliance with such principles during assurance reviews.
If an entity’s third-party data tax controls are rated poorly by the ATO, then they should expect to come under closer scrutiny in future years and will likely have an increased compliance burden until they improve their third-party data controls to align with the Guide’s principles and better practice examples.
What are the next steps?
Clients should contact their Pitcher Partners representative to review their existing arrangements and determine what action is required in light of the changes.