Using more third-party data for tax – ICAS responds to the call for evidence
Susan Cattell outlines the ICAS response to the Office of Tax Simplification call for evidence on the potential for more third-party data about individuals’ income and gains to be supplied to HMRC.
Office of Tax Simplification review of Third-Party Data Reporting
Which sources of data are the OTS considering?
The sources of data under consideration by the OTS are:
- Bank and building society interest (building on the information already available)
- Dividends of UK companies and distributions from authorised unit trusts
- Distributions from UK and overseas open-ended investment companies
- Pension contributions
- Gift aid payments to charities
- Data from investment and wealth managers, including information about chargeable gains, excess reportable income, interest, dividends and equalisation payments
- Insurance bond chargeable events
ICAS response to the call for evidence
The ICAS response to the call for evidence broadly agreed with the premise that where HMRC already receives information from third parties it would be useful for taxpayers not to have to report that information again and that it should be prepopulated in tax returns or in a digital tax account. To some extent HMRC already prepopulates some data received from employers and banks, and details of some pension receipts.
However, before prepopulation is extended to other third-party data already received by HMRC or to additional data which third parties may be required to provide in future, there are some fundamental issues that need to be addressed.
Agents are vital in supporting tax compliance. However, to date, and in spite of the commitment in the HMRC Charter that HMRC will work with properly appointed agents, HMRC has consistently failed to ensure proper agent access to its systems. Agents cannot see and do what their clients can see and do and new HMRC systems are designed without agent access being built in from the beginning (meaning that either agents never get access, or agent access is not optimal because it is added as an afterthought).
Before any expansion of prepopulation HMRC needs to ensure that agents have proper access to their clients’ existing prepopulated data. Agents cannot currently see clients’ Personal Tax Accounts because the PTA cannot be segregated so that agents could be authorised only to see data relevant to the services they are providing. It is essential that this is addressed when the Personal and Business Tax Accounts are replaced by the single digital tax account for each taxpayer – it is also important that this happens before any expansion of prepopulation.
Responsibility for tax ‘returns’ – and the right to correct third-party data
We agree with the statement in the earlier 2016 HMRC consultation (Making Tax Digital: Transforming the tax system through better use of information) that taxpayers should still have a statutory obligation to make sure that the information is correct and complete.
However, it will be important to remind taxpayers that they retain this responsibility and that they should not assume that employers, banks, building societies (or others) will necessarily get it right. Many individuals already assume that HMRC and their employer will get things right – and do not check coding notices etc. Extensive prepopulation of data is likely to reinforce this view, which could be problematic, particularly for taxpayers with more complex affairs.
It is also essential that where there are errors in prepopulated third-party information taxpayers (or their agents) should be able to correct these themselves, where they have the information to do so. We do not believe that taxpayers should have to request that the third party should correct the data – it is the taxpayer’s return (or account), they retain a statutory obligation to ensure it is correct and complete and they should have an absolute right to override data they believe is incorrect. Forcing taxpayers to contact third parties to request a correction is likely to increase rather than reduce burdens on taxpayers and to undermine trust and confidence in the system.
Security and GDPR
It is essential that third-party data is allocated to the right taxpayers: there are obvious issues arising from individuals with similar names (including family members in the same household) and problems with house names and croft addresses. This means that third-party data providers (other than some of those who already report data to HMRC, such as ISA providers) would have to collect additional data from customers, including national insurance numbers.
It is not clear whether NINOs would ensure accurate matching to taxpayers in all cases – or whether additional taxpayer identification information would need to be collected. The more items of confidential identifying data are collected and stored about taxpayers, the greater the risk arising from any breaches of security – either in the databases of third-party data providers or in the process of transmission to HMRC.
If it is made mandatory for taxpayers to provide additional identifying information, such as NINOs to a range of third parties to meet their tax obligations and permit third-party reporting to HMRC, it needs to be made clear how HMRC and the government will ensure that data is kept secure at all stages of the process.
Large financial institutions will have procedures and systems in place to deal with security and GDPR, but others are likely to have problems with compliance and inadequate resources to deal with any problems. Any reports of breaches of security and resulting problems for taxpayers arising from identity theft, fraud, or inappropriate access to data have the potential to seriously undermine trust in, and acceptance of, the system.
Types of third-party data which could be reported
The ICAS response includes detailed comments on the sources listed in the call for evidence. Some of those under consideration would be likely to be more useful than others – and potentially easier to implement.
The inclusion of any aspects of the tax regime where significant reform is planned or under active consideration should be deferred, to avoid third-party data providers (and HMRC) having to build systems twice over which would be costly, burdensome and could cause issues with accuracy of data.
There would be significant challenges for charities if they were required to obtain and store national insurance numbers securely and report all gift aid payments electronically to HMRC. A decline in gift aided donations would be likely, partly because some individuals will be reluctant to provide NINOs to charities, but also because most donors will not remember their NINO and will therefore be unable to complete gift aid declarations when invited to make donations.
There are some types of third-party data which it will not be feasible to include in the short term, or in some cases ever – and there will be other taxable income and gains where no third party will have the data. A user-friendly mechanism to deal with the interaction between a pre-populated digital account and an additional return or update supplying missing information will be required.
Third-party data providers
Our response also gives feedback from the perspective of third-party data providers who are likely to be affected. Some of the key points raised included:
- Implementation will need to be spread over a number of years, with a clear timetable for different types of data and providers set out in advance. Detailed engagement with third parties in affected sectors will be needed at each stage to minimise the burden of implementation and compliance.
- Adequate lead time needs to be built into the timetable. Large organisations typically need agreed data requirements 18 to 24 months in advance of implementation, to enable them to make the necessary amendments to complex online platforms and systems. It is not acceptable for requirements only to be finalised at the last minute, as happened with MTD for VAT.
- An effective process for correction should be put in place between HMRC and taxpayers. A requirement for taxpayers to contact third-party data providers to correct data, before HMRC will accept that correction is required, would be too burdensome for the taxpayer and the third-party data provider. It would not be realistic for data providers to investigate problems and deal with corrections in a timeframe likely to be acceptable to taxpayers and HMRC.
ICAS would like your feedback
We welcome input from Members about any tax consultations or calls for evidence. We are also currently looking for input on your experiences of dealing with HMRC – particularly in the light of HMRC’s commitments in the HMRC Powers evaluation report and the standards set out in the new HMRC Charter. ICAS belongs to the Charter Stakeholder group which will be giving input in April on how HMRC is performing against the standards, for inclusion in the Charter Annual Report. Please send us your feedback by emailing email@example.com.