CONFIDENTIALITY AND DATA SAFEGUARDING AS PILLARS OF TAX INFORMATION EXCHANGE
Taxpayers value the systemic fairness that transparency and exchange of information (EOI) for tax purposes deliver. At the same time, they expect governments exchanging their personal information to treat it with the highest standards of care. The Standard for Automatic Exchange of Financial Account Information in Tax Matters (AEOI Standard), building on the Standard for Exchange of Information on Request (EOIR Standard), therefore requires jurisdictions to have appropriate confidentiality and data safeguards in place. This should translate into a legal framework ensuring the confidentiality and appropriate use of exchanged information, and an information security management (ISM) framework that adheres to internationally recognised standards or best practices.
Soon after the AEOI Standard was developed in 2014, the Global Forum endorsed it and put in place a process to deliver its global application, through collective political commitments to implement it within agreed timelines. All Global Forum members, except developing countries that do not host a financial centre, were asked to commit to implement the Standard and commence exchanges with all interested appropriate partners in 2017 or 2018 (defined as those jurisdictions interested in receiving information and that meet the expected confidentiality and data safeguarding requirements). The Global Forum also developed an AEOI peer review mechanism to support, monitor and review implementation of the AEOI Standard.
In this context, the Global Forum put in place a specific process to assess whether jurisdictions committed to AEOI meet the confidentiality and data safeguarding requirements, as a condition to receive data. The assessments are conducted by an expert panel of experienced ISM officials, drawn from peers tax administrations (coordinated by the Global Forum Secretariat). The confidentiality assessments include:
- A pre exchange assessment before data is received for the first time (commenced in 2015).
- A post exchange assessment that gauges the security arrangements for AEOI data after they have been received and are being used (commenced in 2019); and
- A dedicated pre‑ and post‑exchange assessment process with respect to non‑reciprocal jurisdictions, reflecting the fact that they send but do not receive data.
Views: 4
