The Business Risk Review (BRR): Business Risk Review Assessment indicators: Delivery: assessing tax accounting arrangements: Stage 1: Evaluating governance
As part of their work to understand their customer’s business and to make an informed judgment on how the customer manages inherent tax compliance risk through their behaviour, CRMs need to understand the customer’s overall governance framework. Once the CRM has gained this understanding they will only need to repeat this stage to the extent that there have been significant changes in the business which might have an impact on the governance framework, for example, a major acquisition or merger.
There is no single definition of governance although the Organisation for Economic Co-operation and Development (OECD) provides a widely recognised definition of corporate governance: “Corporate governance is the system by which business corporations are directed and controlled.” As tax is an integral part of any business we have extended the OECD definition of corporate governance into tax so that tax governance is not considered in isolation but as part of the wider approach to governance applicable across the business as a whole.
There is no single way in which customers should develop or document governance. However, as an indicator, the Evaluating governance diagram shows the three components which would generally provide evidence that the customer has a systematic approach to governance.
Looking at a customer’s governance will enable us to understand how tax fits into the wider business and the framework within which the tax function is operating. This will help ensure a better understanding of potential risk areas, where further work is needed and how best to discuss these matters with our customers.
Understanding the customer’s approach to governance is normally best achieved initially through discussion. As the theory and practice around governance are often quite different, CRMs should seek to understand how the customer actually implements their governance framework, particularly in relation to tax. They should do this by identifying with the customer some recent or real-time key business events through which the customer can demonstrate the practical application of their theoretical governance framework as it relates to tax. Examples of events that could be used in such a discussion include:
- A business process re-engineering exercise;
- Migration to an accounting shared service centre;
- Implementation of a new ERP system;
- The adoption of a management accounting system that follows divisional rather than legal entities; or
- A significant merger or acquisition.
In each case we will be looking for evidence that possible tax risks were considered and that appropriate measures were put in place to mitigate these tax risks. We do not expect our customers to create new documentation or processes to do this, so CRMs should make every effort to rely on documentation and processes which are already in place, such as the work of the Internal Audit function or work done to meet SAO requirements.
In more complex cases or if it the first time they have applied the approach CRMs may need to work with an Audit Specialist who has specific experience in assessing corporate/tax governance and in applying this approach to help them with this stage.
At the conclusion of these discussions, CRMs should have a better understanding of how tax fits into the wider business and the framework within which the tax function is operating. This will help ensure a better understanding of potential risk areas, where further work is needed and how best to discuss these matters with our customers.