In this digital age, collecting and analysing valuable data is gold. When the extent of the Panama, Paradise and Pandora Papers — a series of leaks of financial documents — was revealed, tax administrators globally were bestowed with extensive data on the offshore activities of millions of taxpayers.
The Panama Papers, published from 3 April 2016, describes the release of 11.5 million leaked documents (2.6 terabytes of data) detailing the financial and attorney–client information for more than 214,488 offshore entities, connected to people in more than 200 countries and territories.
The Paradise Papers, published from 5 November 2017, describes the release of 13.4 million leaked documents (1.4 terabytes of data), that named more than 120,000 people and companies.
The Pandora Papers, published from 3 October 2021, describes the release of 11.9 million leaked documents (2.9 terabytes of data) from 14 offshore service providers. The leaked documents named more than 100 billionaires, 29,000 offshore accounts, and hundreds of political leaders and politicians.
In all cases, the documents were leaked to the German newspaper Süddeutsche Zeitung. The newspaper shared them with the International Consortium of Investigative Journalists, and a network of hundreds of global journalists.
The ATO's response to the data leaks
In a statement following the release of the Pandora Papers, ATO Deputy Commissioner and Serious Financial Crime Taskforce (SFCT) Chief, Will Day, said the ATO regularly receives information from a range of different sources in their efforts to fight tax evasion and crime. The ATO will be analysing the information in the papers to identify any possible Australian links.
It is irrefutable that the ATO finds the information in such data leaks interesting and valuable; however, the ATO doesn’t rely solely on data leaks to identify non-compliance with tax obligations. The ATO detects, investigates and deals with offshore tax evasion year-round.
Mr Day explains that the ATO has some of the best auditors, investigators, analysts and data scientists in the world who work together to sort the good from the bad, ensuring no stone is left unturned. His message is unequivocal:
The message is clear for those who try to cheat the system — your secrets are no longer safe, and you can expect to feel serious consequences for your actions. No complicated money trail is too difficult for us to unravel.
Importantly, holding an offshore bank account or foreign assets, setting up a foreign structure or being named in a data leak doesn’t of itself mean that the taxpayer is involved in tax evasion or crime. However, those who engage in illegal activities of this nature often have offshore interests and attempt to hide their ownership interests or financial misdoings through offshore arrangements.
While the ATO amnesty during 2014–2015 for disclosing unreported foreign income and assets, Project DO IT, has long ended, the ATO continues to encourage those who may have undeclared offshore income to contact them and make voluntary admissions of tax avoidance or evasion.
Australia now has 36 taxation information exchange agreements (TIEAs) with low-tax and no-tax jurisdictions around the world.
The key features of TIEAs are as follows:
- They allow the ATO to track money across borders and identify individuals who are not meeting their tax obligations.
- While TIEAs enable the exchange of correct tax information relevant to the administration and enforcement of their respective domestic tax laws, information may only be provided on request.
- They differ from tax treaties or double tax agreements in that TIEAs do not contain any provisions concerning the allocation of taxing rights over income.
Can the Commissioner use information from data leaks?
The High Court’s decision in Glencore International AG v Commissioner of Taxation [2019] HCA 26 settled the question of whether the Commissioner may use information obtained from data leaks. In finding in favour of the ATO, the High Court confirmed that the ATO can continue to use the Paradise Papers and other similar data leaks.
As Second Commissioner, Jeremy Hirschhorn, explained on the day of the High Court’s decision:
The information in question was already in the public domain. Once we have information we can’t just ignore it – we are obliged to use all relevant information we have.
It would be a perverse outcome if the ATO and the Courts were not allowed to take into account information that the public at large can access, or had to forget information that is known.
Even if information is illegally obtained by the person(s) who leaks the data — and I’m not suggesting that was necessarily the case for the Panama, Paradise and Pandora Papers — and is passed onto or made available to the ATO, the ATO is still compelled to use that information in enforcing the law.
ATO data matching projects
Recognising that the ATO cannot rely on audits (and data leaks) alone to maintain the integrity of the tax and superannuation system, the ever-increasing use of digital capability and data is fundamental to the design of their processes and systems.
Data matching is a powerful administrative and law enforcement tool utilised by the ATO for a range of education and compliance activities. Information from a variety of third-party sources is compiled electronically, validated and analysed.
Nearly one billion transactions are reported to the ATO annually. A list of current data-matching projects, that often cover multiple years, is published by the ATO.
The data is used by the ATO to:
- pre-fill tax returns, making it faster and easier for everyone to lodge their tax returns
- reassure the community that the ATO protects honest people and businesses from unfair competition
- ensure people and businesses lodge tax returns and activity statements when required to do so, correctly declare their income and claim offsets and other benefits, and comply with their obligations
- detect people and businesses operating outside the tax system
- detect fraud against the Commonwealth
- recover debt.
Sources of data collected by the ATO
The ATO regularly sources the following information from a wide range of organisations and electronic platforms:
- Banks, financial institutions and investment bodies — investment income
- Employers — payments to employees and contractors
- State and territory motor vehicle registering bodies — motor vehicles sold, transferred or newly registered
- State and territory title offices and revenue agencies — sales and other transfers of real property
- Government bodies — pensions, benefits, rebates, taxable grants and other payments
- Australian Transaction Reports and Analysis Centre (AUSTRAC) and our international treaty partners — foreign source income
- Online selling platforms — quantity and value of online sales
- Sharing economy facilitators — payments to participants
- Financial institutions providing merchant facilities and administrators of specialised payment systems — electronic payments processed for business including total credit and debit card payments received
- Stock exchanges and share registries — share transactions
- Businesses in the building and construction industry — payments made for building and construction services
- Health insurers — confirmation of health insurance cover and premiums paid
- Cryptocurrency designated service providers — purchase and sale information.
Some examples of clever data-matching
Over the years, the ATO has cleverly used data-matching projects to identify non-compliance by taxpayers. Here are a few examples:
- The ATO obtained details of bonds paid by residential tenants to the Residential Tenancies Bond Authority (Victoria) or equivalent in other states and territories — this enabled the ATO to identify where a property was being rented to ensure that the landlord was correctly declaring rent, claiming deductions and reporting capital gains.
- The ATO obtained details of insurance policies taken out for expensive lifestyle assets such as boats, luxury cars, thoroughbred horses, fine art and aircraft — this enabled the ATO to identify undeclared income and capital gains, incorrect claiming of deductions and GST input tax credits where there is personal use of an asset, failure to comply with FBT obligations, failure to report and pay GST, incorrectly making SMSF assets available for the benefit of the trustee or members and potential Division 7A issues for company assets being used by a shareholder of their associate.
- The ATO obtained details of online selling — this enabled the ATO to educate online sellers who may be transitioning from hobby status to being in business and identify discrepancies between online sales and information declared in the sellers' tax returns.
- The ATO uses metadata from mobile phones, e-tags and passport records — this enables the ATO to place a taxpayer in a particular location at a particular time and determine whether, for example, they truly used their motor vehicle for the purported taxable purpose or were in fact at a vineyard on the other side of town or even overseas at the time.
Access and information gathering powers
The ATO has formal powers to access and gather information. These access powers are contained in a series of provisions in Schedule 1 to the Taxation Administration Act 1953 (Cth) and are used only if the documents or information the ATO requires cannot be obtained under a cooperative approach.
In particular, the ATO can compel you to:
- give information
- attend and give evidence
- produce documents.
When using the access powers, the ATO are authorised to enter and remain on any land, premises or place and have full and free access to books, documents, goods or other property. They can make copies of documents for their records but cannot seize or remove documents without consent.
Failure to comply with these directions is an offence which can attract substantial penalties.
Data security
The huge reliance on data and digital technology brings equally huge challenges for the administrator. The ATO has one of the largest and most comprehensive data stores in Australia, which must be safeguarded from ever-evolving cyber security threats and data breaches. Protecting this data and digital systems is a massive undertaking and a responsibility the ATO takes very seriously. The ATO is entrusted with protecting the community’s personal information and this trust underpins the whole tax system.
Remarkably, the ATO defends against more than two million attempted cyber intrusions each month; in peak months (such as Tax Time) this rises to over 3.5 million intrusion attempts. In a recent address to the 14th International ATAX Conference on Tax Administration (ATAX Conference) in Sydney on 23 November 2021, the Commissioner of Taxation, Chris Jordan AO, summarised the ATO’s challenge in these terms:
In an increasingly volatile global technology environment, we know that the odds are stacked in favour of potential attackers: while they only need to find one weakness to gain access, we have to defend against them on all fronts.
Closing comments
At the recent ATAX Conference, tax administrators from jurisdictions around the world shared their common experience of the challenges they face in keeping abreast of digital technologies such as cryptocurrencies, collecting and analysing data to identify non-compliance and safeguarding this data so it cannot be used by hackers and scammers for financial misdoings, or worse.
All this serves as a timely reminder to ensure that your clients:
- Declare all foreign income, pensions and annuities, and capital gains on foreign assets as required
- Disclose all assets and investments valued at $50,000 or more
- Correctly calculate any foreign income tax offsets to which they are entitled to claim
- Are aware of the Commissioner’s access and information gathering powers
- Better understand the extent of the ATO’s use of data that is collected to ensure the integrity of the tax and superannuation system is maintained.
Robyn Jacobson is the Senior Advocate at The Tax Institute.
You are not authorised to post comments.
Comments will undergo moderation before they get published.