Protection on human rights grounds: Safeguards already in place
The legal instruments that underpin the AEOI agreements include safeguards. They state that a receiving jurisdiction may only use the information for the purposes of tax administration. Some instruments provide for the possibility that information can also be used for non-tax purposes, for example other law enforcement such as the investigation of terrorist financing, but such use always requires the prior agreement of the sending jurisdiction. HMRC will not authorise any use that is against UK public policy. The UK already exchanges information with other tax administrations under bilateral and multilateral agreements and, like with AEOI, this is only for use in tax administration, unless permission has been sought to use it for any other purpose. Permission to use information for another law enforcement purpose can only be given where the sending jurisdiction has an equivalent legal gateway allowing the transfer of data to a similar law enforcement body.
Most of the AEOI exchanges are made under the Multilateral Convention on Mutual Administrative Assistance in Tax Matters. Article 21 of this convention, which was ratified by the UK in 2011, sets out the limits in place to protect the persons whose information is exchanged. Other exchanges are made under the EU Directive on Administrative Cooperation in Tax which contains similar limits on the information exchanged.
Part of the process for each jurisdiction adopting the Common Reporting Standard (CRS) has been a confidentiality assessment, carried out by independent experts. This applies to all jurisdictions adopting the CRS and ensures that jurisdictions have the necessary processes, security and governance in place to hold the data received securely and ensure that only authorised persons are able to access it. The assessments consider both the policies and processes in place, and how effective they are in practice.