How does a Tax Control Framework in the semi-public sector differ
from a Tax Control Framework in the for-profit sector? An
investigation within the banking sector.
Course: MSc Organizational & Management Control (EBM859A20)
Author: Thijs de Wilde
Student number: s3534936
Supervisor: Prof. Dr. I.J.J. Burgers Second assessor: Dr. S. Girdhar
Date: 11 June 2019
2
Abstract
This research paper is about the Tax Control Framework (TCF) within commercial banks and development banks. The main research question is:
How does a TCF in the semi-public banking sector differ from a TCF in the for-profit banking sector? The data that is used for this research is both secondary data and primary data. The secondary data consists of a literature review and the investigation of organizational reports. The primary data consists of six semi-structured interviews with tax employees from commercial banks, development banks and relevant external organizations.
In order to determine potential differences within the Tax Control Framework of the various organizations, a framework has been used. The COSO-ERM Framework (2004) is widely used, seen from both a theoretical as well as practical view and therefore has been used as framework within this research. Besides the steps of the frameworks, literature has been investigated and questions have been asked to the interviewees about differences between the for-profit and the semi-public sector.
Differences between the commercial banks and development banks have been acknowledged within the results part of this thesis. The role of regulation within the banking sector is huge. However, the regulation and consequential reporting standards for commercial banks seem to be higher, as development banks perform different activities. One interesting control mechanism that the various banks have deployed is the three lines of defense mechanism. An important difference is that tax departments within commercial banks mostly perform second line activities, whereas tax
departments within development banks mostly perform first line activities.
Differences have also been found within the COSO steps. First of all, within the internal environment, it is notable that the commercial banks have identified tax risk appetites, whereas the development bank has no tax risk appetite. Furthermore, the tax department at the development bank is accountable to the director CLS (Credit, Legal & Special operations), who reports to the CFO, whereas the commercial bank’s tax departments are directly accountable to the CFO. Secondly, in respect of the event identification, the commercial banks have implemented analyses to identify events. The development bank on the other hand has not implemented time-to-time meetings for this matter. Thirdly, an interesting feature that commercial bank B has implemented is the
3
Introduction
Although corporate governance codes such as the Sarbanes-Oxley Act and the Code Tabaksblad were issued before 2008, the financial crisis ensured an increase in interest in internal control over
financial reporting (e.g. Mulligan & Oats, 2009; Cheng, Goh & Kim, 2018). One of the types of risks that enterprises can identify is the tax risk (Neubig & Sangha, 2004; Hartnett, 2008; OECD, 2016), resulting from uncertain and inadequate (international) tax legislation (Mulligan & Oats, 2009). Organizations and countries all over the world face various complex, multi-faceted obstacles within taxation (Erle, 2008). Guenther, Matsunaga & Williams found a significant positive relation between tax risk and overall firm risk (2013). Examples of (tax-related) risk include litigation risk (Kim & Skinner, 2012) and reputational risk (Power, 2004; Kim, Li & Zhang, 2011; Bol, 2016). Furthermore, organizations that opt to use aggressive tax strategies face uncertain future tax outcomes and this can consequently bring along significant costs (Rego & Wilson, 2012; Hutchens & Rego, 2013). Previous studies have indicated that for MNEs transfer pricing is the primary (specific) item of interest within tax risk management (Cools, Emmanuel & Jorissen, 2008; Cools & Slagmulder, 2009; Wunder, 2009). Rossing describes that this focus on transfer pricing for MNEs within Tax Control stems from reducing the risk of double taxation, reducing the risk of penalties and limiting the reputational risk (2013).
4
Furthermore, Dutch banks are tasked with a statutory role to act in an integer way, meaning – besides other aspects – that they are required to combat illegal acts that could harm the financial markets (Art. 3:10 of the Financial Supervision Act & Wwft). Recent times have shown that various banks are being closely monitored by the DNB to fulfill their role as gatekeepers in an adequate way. Recent examples that reached the mainstream media of such news include the ING being fined €775mln (NOS, 2018) and Triodos Bank being told to improve their internal systems (NOS, 2019) on this matter. Thus, banks are not supposed to only mitigate their own risks, they also should consider consumer’s actions as their own potential (tax) risks.
The relationship between organizations and the corresponding tax administrations is mainly described for Multinational Enterprises (MNE) (e.g., OECD, 2013a). The MNEs have made big steps in developing and implementing general and tax risk management policies during the past decade (Wunder, 2009; Rossing, 2013), and many MNEs consider tax risk management to be important (Mulligan & Oats, 2009). Where financial key performance indicators (i.e. low ETR) used to be most important in relation to tax risk management, the focus has shifted: tax risk management in general is considered to have material implications for generating socially responsible sustainable returns (Erle, 2008; Segal & Maroun, 2014) and calls for transparent tax risk management strategies and processes are enormous (Mulligan & Oats, 2009).
The Tax Control Framework (TCF) is used for this need. It is defined as a framework to identify, mitigate, control and report tax risks (Bakker & Kloosterhof, 2010). The OECD, in its function of governance organization, has drafted guidelines for such TCFs, especially aimed to MNEs, in which they relate the value of an MNEs TCF to the fact that it decreases the extent of reviews and audits of the firm significantly when the MNE participates in a cooperative compliance programme (OECD, 2016). By giving the tax authority insight in the organizations’ TCF, the organization gives the tax authority insight in what the management of the company perceives as its largest tax risks. Besides the OECD’s guidelines, other risk management frameworks exist that help organizations in
controlling their risks and environment. Some widespread examples are mentioned below, however the models are analyzed more thoroughly in the theoretical chapter of this research paper.
5
A more specific model, designed by the independent, nonprofit organization ISACA (formerly known also as Information Systems Audit and Control Association) is COBIT (Control Objectives for Information and related Technology), aiming at an increasement of good governance within the IT-structure of organizations through the use of identification of IT processes and control objectives (Bhattacharjya & Chang, 2009). With the increased digitalization and globalization in the recent decades, business control frameworks are often driven by IT governance objectives (Bernroider & Ivanov, 2011).
The Dutch tax authority requires a TCF from all enterprises participating in horizontal monitoring – a form of cooperative compliance - but diversifies between individual contracts and vertical compliance: services provided through the financial service providers (OECD, 2013a). Many MNEs currently have individual contracts to stimulate the co-operative compliance approach to tax compliance (Wunder, 2009; Colon, 2017). On the other hand, the starting point for many (usually smaller) other organizations is that the relationship between the tax authority and the tax payer are founded in the relation between tax authority and financial service provider (OECD, 2013a).
The research on tax risk management – within the broader enterprise risk management – has only recently gained increasing attention of researchers (Wunder, 2009). Focus has been on the MNEs (e.g., Rossing, 2013). However, how semi-public organizations handle their tax risk
management and whether or not this results in differences in an organizations tax control framework has to my best knowledge not been investigated.
Although some guidance on tax risk management exists, there is ambiguity on the applicability of this guidance for semi-public organizations. Therefore, in this research it will be investigated whether or not guidelines that are used within MNEs are used in the semi-public sector, and in which way they add value. The focus will be on banking enterprises. The main research question will be:
How does a TCF in the semi-public banking sector differ from a TCF in the for-profit banking sector? This main question is divided in five sub questions, namely:
1) Which models are used for (tax) risk management?
2) What are the differences between the for-profit and the semi-public sector that are of relevance for tax risk management and how could these influence a TCF?
3) How does regulation affect a TCF in the banking sector?
6
This study contributes to the literature stream on tax risk management by its aim to increase insight into the usability of current practices for MNEs when they are related to the semi-public sector. Furthermore, it might reveal new possibilities for research on discovered useful tax risk management practices for organizations in the semi-public sector. Since the research is on tax risk management for the semi-public sector is an emerging research theme, qualitative data is helpful to understand why certain relationships hold (Eisenhardt, 1989). In a managerial context, this study enables managers in semi-public organizations to improve their tax risk management. Since taxes are an important part within internal control (Neubig & Sangha, 2004), it will help these managers to improve their enterprise risk management frameworks and thereby acknowledge and mitigate future tax risks to acceptable levels.
This research is presented in the following way: Chapter two provides for a description of the
relevant theories and papers in order to draw on useful research and to be able to add to the stream of literature on (tax) risk management. It will be starting with a broad enterprise risk management framework, eventually going down to the level of tax risk management. Furthermore, the diversity between the semi-public sector and the for-profit sector will be discussed. In the third chapter, the methodology of the paper is explained. Here, a distinction will be made between field research and desk research. In the fourth chapter, the results of the field research and desk research are
presented and discussed. Chapter five contains the conclusion to the research question:
How does a TCF in the semi-public banking sector differ from a TCF in the for-profit banking sector?
7
Theory
In order to draw on useful previously conducted research, within this theory section various streams of theory is discussed. First, ERM models (COSO, CoBiT and ISO) will be analyzed. Following this general ERM information, specific guidelines for the banking sector that are relevant for a TCF will be discussed. After this, the step is made from generic risks to tax risks. In this part, the concept of co-compliance will be discussed and existing tax risks and tax guidelines will be specified. Lastly, literature on the semi-public sector that has relevance for the TCF will be analyzed.
COSO
Risk management is defined as any set of actions taken by actors (i.e. individuals or organizations) in order to manage events that could harm the organizational value or that could prevent the
organization from achieving its objectives (Cummins et al., 1998; Korac, 2014). Multiple models that help practitioners analyze and improve their internal organization exist. Perhaps one of the most used models is the model that is constructed by the Committee of Sponsoring Organizations of the Treadway Commission: the COSO-ERM Framework (2004, 2017). COSO helps managers to recognize, understand and monitor various risks within their organizations (COSO, 2013). The COSO model has long been known as a cube, which included three dimensions in order to give the managers
guidelines in enterprise risk management. Since 2017, the COSO-ERM Framework is depicted as a rainbow double helix. The COSO-ERM Framework (2004) is shown in figure 1, the COSO-ERM Framework (2017) and connected overarching and guiding principles are depicted in figure 2.
Within the COSO-ERM Framework, one step is that the organization must formulate its risk appetite in order to decide which risks it accepts, mitigates, or eliminates. This is relevant in order to
8 Figure 1: COSO ERM-Framework (2004)
9
Although this 2004 COSO-ERM Framework was widely used, critics grew over time. Power wrote ‘the risk management of nothing’, in which he critically assessed assumptions made by the model such as the risk appetite (2009). Furthermore, the technological turbulence and digitalization resulted in a broad set of opportunities – positive and negative – for organizations. The reaction of COSO was that in 2017 COSO created a new ERM framework, which is presented in the form of a rainbow double helix. By depicting the model as a rainbow double helix COSO tries to acknowledge that risk management is more than a checklist and that organizational managers should instead build a culture that is continuously being aligned and updated with the organizational risk, strategy and performance (COSO, 2017). The updated Dutch corporate governance code also mentions the importance of culture, starting at the top of the organization by a board who should address the issue of culture aligned with the organizational environment (Code, 2016).
CoBIT:
The obvious increased importance of IT governance is mentioned by the COSO 2004 and 2017 ERM model. The model of CoBIT, created by the ISACA (Information Systems Auditing and Control
Association) especially focusses on the IT governance and by doing so seems to be a model that is up to date in this digitalized global world. CoBIT connects the requirements of the business to the IT resources & IT processes, which results in information that can be used as input for the business, making the process a loop. By going through this loop, CoBIT tries to ensure that IT and business goals are aligned (Ridley, Young & Carroll, 2004). De Haes, Van Greambergen & Debreceny note that CoBIT takes into account two primary and four secondary IT goals that are related to risks on external compliance with laws and regulations (2013). These goals are in line with connecting business
environment and IT governance. The five CoBIT principles are depicted in figure 3. The CoBIT processes for Governance of Enterprise IT are depicted in figure 4.
10 Figure 4: CoBIT processes
ISO 31000:2009:
11 Figure 5: ISO 31000:2009 (Dias, 2017, p. 10)
Banking sector risk management: DNB and EU
DNB Risk Management Model
The DNB, in their role as Dutch central bank and prudential supervisor, has issued guidelines for the banking sector, helping banks to take action in order to mitigate integrity risks to an acceptable level (DNB, 2015). Their model is based on good practices and is to a great extent aligned with the earlier described COSO, CoBIT and ISO:31000, as it mentions risk identification, risk analysis, risk control and risk monitoring and review and draws it as an ongoing process. The DNB names this process
Systematic Integrity Risk Analysis (SIRA). This model is depicted in figure 6.
12
implications, starting the process all over again. Paape & Speklè found that firms in the financial sector have more sophisticated ERM systems (2012). However, providers of financial services nonetheless appear to be less satisfied with their risk management practices, possibly resulting from the idea that the value of an ERM system is usually high (Paape & Speklè, 2012).
Figure 6: DNB model (DNB, 2015) Role European Union
EU Directives 2015/849 (anti-money laundering) and 2018/822 (mandatory disclosure) have an impact on the enterprise risk management of banking enterprises. Directive (EU) 2015/849 mentions that streams of illicit money can damage the integrity, stability and reputation of the financial sector. Therefore, financial institutions have to take appropriate measures in order to prevent their risk of customers misusing the system for illegal activities such as money laundering and tax crimes, relating to direct and indirect taxes. This connects to the risk management model of the DNB, as they include compliance within their risk monitoring and review aspect.
The mandatory disclosure directive 2018/822 for intermediators related to cross-border transactions is an amendment to Directive (EU) 2011/16 and deepens the common reporting
13
structures in an early stadium. DAC 6 follows up ideas suggested in Action 12 of the OECD Base Erosion and Profit Shifting (BEPS) projects final report (OECD, 2015), and can be seen as a
contribution towards creating an environment in which organizations pay their fair share through adequate taxation in the different jurisdiction. The Directive furthermore acknowledges that
aggressive tax-planning arrangements have become increasingly complex and should continuously be closely monitored. In order to define a list of such aggressive tax-planning arrangements, DAC 6 lists features and elements that “present a strong indication of tax avoidance or abuse” (Directive 2018/822, 2018), referred to as hallmarks. When these hallmarks are met, the DAC 6 requires mandatory disclosure from the intermediator. As the DNB has recently given multiple major fines and warnings towards banks for lacking other gatekeeping tasks, it could be possible that also for this regulation severe punishment can be expected for non-compliance or insufficient application. An interesting aspect is that the rules are focused on transactions within the EU, whereas the development banks usually invest outside of the EU.
Tax Control:
The main focus of this thesis relates to the Tax Control Framework, which is considered to be an important element within the broader risk framework of an organization (OECD, 2013a;
Belastingdienst, 2013a). The research of Neubig & Sangha indicated that tax risk is an important risk that requires specific attention from the board, because neglecting tax risks can lead to significant monetary and reputational consequences (2004).
A broadly accepted definition of the term tax risk is given by Arlinghaus, who defines tax risk as the likelihood that tax outcome differs from what is expected, due to a variety of reasons, for example, the judicial process, changes in the law, changes in business assumptions, an increased intensity of audits, and uncertainty in the interpretation of law; and any action emanating from the tax function that subjects the company to adverse publicity (1998). Management of tax risk between MNEs and tax authorities has received increasing attention by both researchers and practitioners, seen by the tax legislators and corporations which address tax risk management as an important element within risk management (Wunder, 2009; Freedman, Loomer & Vella, 2009). A reason for this attention is that various initiatives have been established to encourage MNEs toward desired
14
for the head of tax, such as Vice President, Director and Head of Tax, usually reporting to the CFO (2009).
Co-compliance:
The OECD noted a certain shift of tax commitments between MNEs and tax authorities; where the parties first had no confidence in one another, now many initiatives based on co-compliance have been enacted (2013). This co-compliance should result in mutual trust and transparency, but could also result in a change in so-called ceremonial, better documentation instead of real change (Meyer & Rowan, 1977; Carruthers, 1995; Mulligan & Oats, 2009). The OECD has issued guidelines for MNEs, stimulating member states to require from MNEs to reflect this commitment of co-compliance within risk management systems, structures and policies. They state that the benefit of this is that the MNE does not only manage the tax risks adequately, but that they also comply as a good corporate citizen (OECD, 2011, 2013a).
In the Netherlands, a form of co-operative compliance, referred to as horizontal monitoring, has been introduced in 2005, aiming at increasing mutual trust between tax authority and
organization (Belastingdienst, 2013a). In order to enable these parties to obtain mutual understanding, it is important that parties acknowledge and understand the possible contrary interests (Belastingdienst, 2010). When the tax authority assesses an organization, they use the TCF, which is seen as the fiscal part of an ICF (Belastingdienst, 2013a). From the side of the tax authority, an increased extent of trust will exist when the quality of internal control (specifically the tax control framework) within the organization is increased (Belastingdienst, 2013b). The tax authority in the Netherlands considers TCFs to be contingent to organizations, meaning no specific minimum requirements are given relating to the TCF for organizations falling under the concept of horizontal monitoring (de Vlugt, 2016).
OECD Guidelines:
15
all of the three above mentioned components (OECD, 2013a). However, it should be noted that integrating these aspects can be quite difficult. Therefore, it may be expected that some organizations pick one form for their TCF.
Constructing and maintaining a TCF within an organization is furthermore believed to have five effects. These effects are: (1) detection of tax related risks and opportunities, (2) disclosure of tax related risks and opportunities, (3) preventing tax related errors, (4) detection and correction of errors, and (5) the learning cycle (improvement on the TCF should follow after errors are
encountered) (OECD, 2013a).
The OECD furthermore described so-called building blocks in order to provide organizations with guidelines on creation and implementation of a Tax Control Framework (2016). By using building blocks, they acknowledge that there are no one-size-fits-all measures, but that tax risk management strategies depend on organizational and environmental context (Mulligan & Oats, 2009; OECD, 2016). The six building blocks for a TCF are the following: (1) tax strategy established, (2) tax strategy is applied comprehensively, (3) responsibilities are assigned, (4) governance process gets explicitly documented, (5) regular testing and maintenance performed, and (6) assurance provided to external stakeholders (OECD, 2016).
Other TCF guidelines:
An overview of tax risks for MNEs is given in the research of Wunder, who lists the following tax risk elements and specific tax issues as relevant to tax risk: (1) transactional risk (e.g. acquisitions, mergers), (2) operational risk (e.g. new business ventures, new operating models, new operating structure), (3) compliance risk (e.g. weak records and controls, legislative changes), (4) financial accounting risk (e.g. changes in systems and policies), (5) portfolio risk (e.g. combination of any of the risks), (6) management risk (e.g. changes in personnel, new/inexperience resources), (7) reputational risk (e.g. revenue authority investigation), (8) transfer pricing (Wunder, 2009). Moreover, she
16 Semi-public sector
Kok & Driessen state that for semi-public organizations risk aversion could be higher than in the for-profit sector, due to vague tasks (2012). Roszkowski & Grable tested whether or not public sector workers are more risk averse than private workers and found that public servants have a lower risk tolerance (2009). Risk aversion in the (semi-)public sector may result from a low extent of goal clarity in public organizations (e.g. maintaining public welfare instead of solely focusing on optimizing profits (Armstrong et al., 2005; Bozeman & Kingsley, 1998). Three ways in which this risk aversion of the (semi-)public sector may be maintained is by acculturation (Becker & Connor, 2005), selecting likeminded new employees (Schneider, Goldstein & Smith, 1995) and punishing unsuccessful
innovations more severe than awarding successful ones (Borins, 2001). This risk aversion may also be found back in tax planning of semi-public organizations. The OECD states that one of the harmed players in the system of tax evasion is the government (OECD, 2013b). Following this line of
reasoning, it is interesting to find out if the semi-public organization truly strives after a higher form of integrity when setting up their tax risk management.
When connecting the former paragraph to the stakeholder theory, the term of accountability plays a strong role. Whereas for-profit sectors have the government as one of the stakeholders, within the semi-public sector the government may be seen as the most important stakeholder. Accountability is defined as the responsibility of one actor to another in a relationship where one actor entrusts another with the performance of certain duties or responsibilities (Mulgan, 1997; An, Davey & Eggleton, 2011). This could be linked to semi-public organizations being private entities that have a public task (responsibility) that is usually partly or strongly funded by the government (actor) (van Dijk & van der Voort, 2014). The research of An et al. (2011) connects the stakeholder theory to other well-known theories (i.e. agency theory, signaling theory and legitimacy theory), in order to define reasons for organizations to voluntarily disclose information that is related to their intellectual capital. This enables organizations to reduce information asymmetry, discharge accountability and helps signaling legitimacy and excellence (An et al., 2011). Linking these concepts to organizational tax risk management, it can be concluded that the co-operative compliance contracts make sense for the MNEs. When looking more specifically towards these concepts in relationship to the semi-public organization, co-operative compliance makes even more sense. The semi-public sector relies heavily on the government, and the government’s ultimate duty is to serve the people. Implementing a TCF may help reduce the information asymmetry between the semi-public organization and it’s
17
Furthermore, risk management, including tax risk management, is of great importance within the public sector, since inadequately assessing risks might lead to not reaching objectives and a negative public opinion about public organizations (Agyei-Mensah, 2016; Knechel & Salterio, 2016; Kong et al., 2018). Following this line, the public is an important stakeholder for semi-public
organizations. This may result in semi-public organizations being more inclined to pay their fair share in taxes, serving not only the government but also the public, mitigating the risk of scandals and loss of mandate. On the other hand, Paape & Speklè found a significant negative effect on ERM
effectiveness for organization in the public sector (2012). This may be because generic ERM concepts are less effective within the public sector (Paape & Speklè, 2012). In later research, extent of
18
Method
As mentioned before, although research has been conducted upon Tax Control Frameworks, little (if any) insight in Tax Control Frameworks for the semi-public sector and the diversification of TCFs with regard to the for-profit sector has been gained. Theory building helps to explain, predict and
understand new and uninvestigated phenomena and therefore is good choice for generating the results of this research (Abend, 2008; Van Aken, Berends & Van der Bij, 2012). In order to help the theory building, case studies will be conducted. Case studies can contribute to building theories (Dooley, 2002; Woodside & Wilson, 2003). On the other hand, research has been conducted on TCFs within the large MNEs within the for-profit sector. Reviewing the literature is a useful way to advance with new knowledge and is an essential part of every academic project (Webster & Watson, 2002). Therefore, in this research there is a use for both literature review and conducting interviews in multiple companies.
Data collection and analysis
The research has started by investigating the current literature streams on Tax Control for the for-profit sector. This secondary data can be used to analyze existing literature on the TCF and help as a guide for setting up interview questions relating to the first three sub questions. Furthermore, investigating the annual reports of organizations in the banking sector will answer the fourth sub question.
When this literature has been mapped, primary data will be obtained to answer the remaining sub question and the main question. This primary data consists of semi-structured
interviews. In order to obtain a solid view on how the different banks approach their tax control, one development bank and two commercial banks were analyzed. Within the development bank, two employees from different departments were interviewed, namely a tax employee and an
organizational risk employee. These interviews were held face-to-face. Additionally, two interviews were conducted with employees from organizations which have a close relationship to the taxes of organizations in the banking sector, namely a consultancy firm and the tax authority. These
19
By observing multiple organizations, it is taken into account that no one-size-fits-all approach can be used to analyze this complex and diverse phenomenon (Mulligan & Oats, 2009). Moreover, it ensures a higher quality result of the findings (Heale & Twycross, 2018). The main focus of the semi-structured interviews is to obtain information that relates to the tax risk strategy of the organization (e.g. risk appetite), and the relevant steps the organization follows for managing tax risks. Using interviews is in line with previous research in this stream of research (e.g. Arlinghaus, 1998; Mulligan & Oats, 2009; Wunder, 2009), increasing comparability between results.
20
Some measures have been taken to increase the quality of the obtained (primary) data. First of all, prior to conducting the regular interviews, an interview training has been held in which feedback on the interviewing technique was given. Furthermore, the first official interview has been held in company of two fellow students, whom are also investigating the Tax Control Framework within the semi-public sector. These measures have led to the interview guide that can be found in the appendices. Although the interview guide is dependent on the type of interview – not all the questions were equally relevant for the different companies – the basis has been set by the literature (e.g. looking at COSO’s steps), the interview training and the joint interview.
The important question then is how to get from the collected primary data to the conclusions in the analysis process of the research. When the data is collected, the next step is to analyze the data. Eisenhardt (1989) mentions that analyzing data is the heart of building theory from case studies. The first step in the data analysis of the interviews is to make transcriptions. Making these transcriptions increases validity of the results, since objectivity increases, meaning that other researchers could use the same data to reach similar results. Before conducting the interviews, the interviewees have been asked for permission to tape the interview. Multiple taping devices are used to ensure functionality and the interviews were held within quiet rooms. These are a few examples of the followed strategies for ensuring high-quality tape recording, as discussed by Poland (1995).
In order to transcribe the interviews, software is used, after which the transcript is edited manually to alter the mistakes and ensure that the essence is captured. By using software first and altering manually afterwards, multiple sources are used to ensure the validity of the transcriptions, leaving a lower chance for misinterpretation. The transcriptions are edited transcriptions, meaning that small noises, sounds and loose words have been removed as long as they are irrelevant for the answer. This does not mean, however, that transcription guidelines have not been taken into account: whenever such sounds, noises and words were relevant for the (understanding of) the answer, no omissions are made.
21
literature and documented data in annual reports of banking firms. The data is presented on such a way that essential quotes and statements can be presented in alignment with additional data (e.g. tables), followed by an analysis of the meaning and theoretical meaning of the quotes. When certain essential information is not captured within the quote but necessary to understand the answer of the interviewee, this information will be added within square brackets to clarify the message. The
interviews are conducted in Dutch. The statements are translated and quoted in English. Due to the sensitivity surrounding the topic and the voluntary disclosures the organizations make, the
22
Results
Within the introduction of this thesis the main question and sub questions have been defined as:
How does a TCF in the semi-public banking sector differ from a TCF in the for-profit banking sector? 1) Which models are used for (tax) risk management?
2) What are the differences between the for-profit and the semi-public sector that are of relevance for tax risk management and how could these influence a TCF?
3) How does regulation affect a TCF in the banking sector?
4) What do commercial banks and development banks disclose in their (annual) reports on tax risks? 5) What do tax risk managers in the for-profit sector and in the semi-public sector perceive as important tax risks?
In the results section, these questions are answered. Obtained primary and secondary data is discussed. Six interviews have been conducted in order to obtain primary data. An overview of the interviews, including information on the interviewee, the organization of the interviewee and quality about the interview is presented in table 1.
Table 1. Information on the interviewees and the quality of conducted interviews.
Interview Tenure Function Organization Duration (Min)
1 3 Tax Employee A – Development bank 62*
2 1 Organizational Risk Employee A – Development bank** 42
3 19 Tax Accountant B – For-profit bank 95
4 15 Head of Tax Advise C – For-profit bank 52
5 24 Owner, Tax Advisor D – Consultancy firm 32
6 17 Accountant E – Tax authority 45
23 Which models are used for (tax) risk management?
Within the theory section of this thesis, multiple models have been discussed: The COSO-ERM Framework (2004 and 2017), CoBIT, ISO 31000:2009, and specific banking risk guidelines. It is of interest to see if and to which extent the theoretical expectations match the daily practice within the banking sector. These theoretical expectations are indeed partially met. When looking towards the sample, the external parties mention that COSO is the framework the organizations work with. As interviewee 6 mentions:
“If it is based on a generally accepted standard, it is COSO. I do not encounter anything else. When you zoom in to IT, I sometimes see CoBiT, but it is nearly always COSO. There it ends: either COSO, or
just the logic.”
When looking towards the interviewed banks, this statement is partially confirmed. Two out of three banks use their own logic or working activities to create a framework themselves. One bank on the other hand has embraced COSO as their standard in risk management as a whole and according to the interviewee therefore also within the tax department. An overview of the banks and their risk management framework is given in table 2.
Table 2. Sampled banks and their Tax Control Framework
Bank Framework Quote(s)
A Common Sense “I have created this in my mind and by talking to the tax authorities, which were happy with it. So apparently, it is something good.” B COSO “The organization has embraced COSO, so not just specifically for Tax,
but also more general. We give substance to the model.”
“The framework of the organization is very general, but every business unit has an own control framework, based on it.”
C Based on activities, Risk Control Self-Assessment
24
What are the differences between the for-profit and the semi-public sector that are of relevance for tax risk management and how could these influence a TCF?
The interviewees identified various factors that cause differences in the for-profit and the semi-public banking sector. Starting off at the top of an organization: whereas a commercial bank usually is owned by a variety of shareholders, development banks have the state as a major shareholder. An important aspect resulting from this ownership is found in the governance and objectives of the organization. The development bank’s mission and vision are more inclined towards reducing inequalities within the world, with no variable payment for employees (Rijksoverheid, 2015), whereas regular banks have commercial objectives. Interviewee 2 argues that these objectives not only are a difference in itself, but also lead to a difference in culture:
“I think that here the first line will take financial targets into consideration, but that they look beyond them. At a commercial bank, that might not be the case. This will certainly have impact on how first line employees use controls, implying that the TCF does not have to be as tight because there is less
incentive to misuse the system.”
In order to understand the first line role as mentioned in the quote, the three lines of defense should be explained. All interviewees working for banks mentioned the three lines of defense system as important, interviewee 4 even mentioned it again when asked if all relevant questions were asked:
“I hope that I have made clear about the two roles we have [as Tax Department]: first line and second line.”
The three lines of defense is a system that ensures that activities are performed correctly and that controls are adequately applied. The first line is the executer of the activities and controls. Within the commercial banks, the tax department only has a few first line activities as business units are
considered the first line. On the other hand, the activities performed by the tax department of the development bank are usually first line activities. The second line checks whether the first line adequately executes the activities and controls. The third line has the responsibility to look more broadly into the process, usually an internal audit committee. When looking towards the tax departments of the various banks, it is mentioned that first- and second line activities are being carried out. Interviewee 3 discusses the first line and second line activities of the tax department:
“The grouping is first line, second line, and third line. The business [unit] is first line, operational risk management is second line. However, we at tax have a second line role. We have to ensure that the business units meet their obligations to the tax authorities. Furthermore, we are partially first line,
25
One important distinction in the lines of defense has been identified between the commercial banks and the development bank. Where commercial banks have exhaustively implemented this three lines of defense way of working, the development bank has a second line that is far less developed. Interviewee 1 described this as follows:
“Actually, we are not really being qualitatively checked by someone else, although there are control points within the process … When I say it is a participation exemption, this is followed up. … There are
certain controls [within the process], but I check myself quite often.”
When looking towards the sample, it should be noted that the commercial banks are much larger in size than the development bank. Multiple interviewees have indicated that size of the organization has a positive relationship with the maturity of a control framework (interviewee 6), a positive relationship with the size and involvement of the tax department (interviewee 6) and a positive relationship to the intensity of the prudential supervision (interviewee 3). The intensity of the
prudential supervision is mentioned in relationship with other aspects as well. It has been mentioned to be of a higher intensity when the organization has to be compliant to more regulations
(interviewee 5). This indicates a higher extent of prudential supervision for commercial banks, as they have a larger set of rules to be compliant to. Interviewee 5 furthermore related the prudential supervision to the ownership of the firms: as development banks have governments as owners, the extent of prudential supervision could be lower. However, interviewee 1 indicated that this is not the case. It is – also in this regard – of interest to look at the activities and clientele of the banks. A major difference between the commercial banks and development banks is the products and services offered, which could have impact on the extent of prudential supervision. Commercial banks have a lot of retail clients – individuals and firms -, whereas development banks are investing (for example in projects) to reduce inequalities, usually outside of the EU. Interviewee 2 described this as follows:
“The special thing is, we don’t have bank account holders, no retail clients. So, from a prudential supervision perspective, DNB will not have as many worries about us as they have about commercial
banks that have many retail clients.”
26
the development banks. Interviewee 1 described the reputational risk for development banks as follows:
“I think that we are more sensible for reputational risk. I think there is nothing more interesting for newspapers than getting in the news that the organization uses public funding to avoid taxes.” Since there are differences between the activities and products of the commercial and development banks, there are implications for the fiscality of these products. Interviewee 4 states that before new products get on the market, the tax department has to check whether or not fiscal characteristics are applicable.
A major difference between commercial banks and development banks are exemptions that are applicable for some development bank. As interviewee 5 indicated:
“A government bank, such as the EBRD, does not pay corporate taxes. Hence their biggest risks are within the other costs and the investment side. On the other hand, for a commercial bank the
corporate tax is very important within the TCF. That is a major difference.”
However, it should be noted that the development bank which has been taken into the sample does not have these exemptions. Therefore, above exemptions will not be comprehensively discussed throughout the remainder of this paper. However, it should be noted that a decrease in taxes ensures a decrease in the tax risks that are applicable to the organization. A major difference that is in line with the lower tax-intensity of certain development banks are the reporting standards. When asked about the impact of formal and informal guidelines and regulations, interviewee 5 discussed this as follows:
“When looking to this as a commercial bank, the impact is enormous, without even talking about the disclosure rules. ... You can see that there is a major compliance for them, which is less important for
a development bank.”
As an example, that has more impact on commercial banks than on development banks, anti-abuse rules, such as DAC 6, can be mentioned. Whereas both commercial banks indicated anti-abuse rules as important projects, the development bank has fewer reporting requirements. Interviewee 1 describes this as follows:
“Generally, the organization is not affected by anti-abuse rules, because we generally only have a small stake in our investees and have (almost) no related parties.”
27
on base erosion and profit shifting, looking at the impact of the taxes paid as a whole. Lastly, interviewee 6 indicated that differences might exist in reason for profit- and non-profit organization to participate in commercial compliance programs. Although all banks want to have certainty about their fiscal position, compliance tends to be an important additional motive for non-profit
organizations. On the other hand, interviewee 6 states that this difference is reduced by the desire of commercial banks to decrease the reputational risk:
“I can see a difference between for-profit and non-profit, but [commercial] banks are comparable to the non-profit [sector]. They want complete compliance of the reputational risk, since these banks are
28 How does regulation affect a TCF in the banking sector?
As discussed above, the banking sector is a sector closely watched upon. The consequences are that various stakeholders have (often legal) demands regarding the processes and capital constructions of banks. Many regulatory aspects (e.g. Basel, Anti-money laundering) could be discussed, but only those will be discussed that are identified as relevant by the interviewees for the tax processes, as discussing all (compliance) regulations is not within the scope of this paper.
The interviewees identified the following taxes as important for banks: corporate income tax, value added tax and wage tax. Taxes that are identified by (some of) the interviewees as of importance are dividend withholding tax, insurance tax and banking tax. During the interviews, there was a tendency to combine the tax department with other departments, such as compliance, front-office and
finance. An important aspect that explains these combinations is the necessity of specific knowledge. Interviewee 3 describes this tax-specific knowledge requirements as follows:
“Look to the compliance of FATCA, it is part of the compliance department, but compliance cannot do it without the help of Tax. Hence, the execution is at compliance, but we are the second line. We have
to check whether they implement regulations.”
The regulations that are applicable to the banking sector ensure that banks create systems that help them to control their processes and decrease the chance of errors. The three lines of defense has been mentioned multiple times as an important aspect to increase the extent of control over
29
What do commercial banks and development banks disclose in their (annual) reports on tax risks?
Both commercial banks and development banks publish annual reports, which have been analyzed on their tax (risk) disclosures made. Interviewee 3 indicated that there might be a difference between system banks and smaller banks. Therefore, for answering this question, Dutch banks that differ in size (based on total assets) are analyzed.
“Maybe you have to make a distinction between system banks and banks that are not indicated as system bank. Do you think the government allows a system bank to fall? No. … A supervisor will
monitor more closely.” Dutch commercial banks:
ABN Amro:
“We publish our Tax Principles online; our tax policy rejects any involvement in tax evasion, tax avoidance or aggressive tax planning. In these cases, we respect both the spirit and the letter of the law. Responsible tax is also built directly into our product approval processes.” (ABN Amro, 2018, pp. 34).
ING:
“Tax policies, procedures and a tax control framework have been implemented to support
management in mitigating potential tax risks in a prudent manner. Internal monitoring, control and reporting of tax-related risks take place on a continuous basis with regular reporting to various stakeholders. Tax risk management is subject to Corporate Audit testing and evaluation. In the Netherlands, ING has opted for cooperative tax compliance (‘horizontaal toezicht’), which implies overall transparency and disclosure of relevant tax risks to the Dutch tax authorities.” (ING, 2018, pp. 65).
Triodos Bank:
30 Dutch development banks
SNV
Taxes are not explicitly discussed within the annual report of SNV.
FMO
“FMO is statutorily bound to contribute to the development of the private sector and the nations where the private sector is active. FMO takes issues around tax on board in its due diligence and in its decision making on each transaction, client and investment. FMO complies with both national and international tax regulations. FMO believes that, before any decision to invest is made, each project and each financing has to be analyzed and is subject to tailored tax analysis and due diligence. FMO is among the first development banks to implement an assessment by tax experts of our clients’
international tax practices as part of our due diligence process. FMO asks of its clients to explain their corporate structures, including taxes, tax base erosion and profit shifting (BEPS). FMO has developed an assessment methodology to systematically appraise whether its clients show responsible tax behavior. This has a focus on international intercompany transactions within multinational clients. The ultimate aim is to identify possible tax base erosion activities.” (FMO, 2016, pp. 1-2)
Both commercial banks and development banks tend to have an interest in complying to regulations. Commercial banks seem to be mainly concerned about their tax position and the tax compliance of their clients. When looking to Triodos Bank – a commercial bank with high ambitions on
sustainability – the message is also focused on the positive side of paying the fair share. It is
31
What do tax risk managers in the for-profit and in the semi-public sector perceive as important tax risks?
A major risk identified by multiple interviewees from both a commercial bank as well as the development bank is the risk of not being involved in the process. When talking about the involvement of the tax departments, interviewees have drawn an image that tax requires highly specific knowledge, which results in the danger of tax departments being forgotten. Interviewee 4 notes that – although not being involved has been mitigated through the years – involvement of the tax department is still considered a major tax risk:
“We have put a lot of effort in being an integrated part within the organization. An important part is that we are part of business risk committees … It is vital that we are part of those [committees], because that is where the important matters are being discussed. This means we get a chance to
mention which tax issues have to be taken into account.”
An interviewee of the development bank considered involvement to be highly important as well. However, the tax department within the development bank is already integrated within
organizational processes. This is something the tax department within the development bank values in order to be able to add value on tax matters. Interviewee 1 discusses this as follows:
“We have got a template in which the deal is explained, what they are going to do. Within this template, there is a box called tax issues. Next, there is a final version, the final proposal, in which is
explained what they are going to do. We have to give input at the tax issues header. They cannot submit the final proposal before we have given input.”
32
“I write down whether or not there is a risk, from a responsible and reputational point of view. It comes down to this: do we think that the client handles their taxes on a good way? … The basic question: are there streams of money flowing from the development countries, the client, to other entities where no taxation takes place. So mainly intragroup transactions, cross-border … The main
goal is that tax is being paid on the profits made in the specific country and that the profits are not being transferred away by artificial constructions.”
An interviewee of a commercial bank mentions an analysis in which tax is taken into account is held as well. Interviewee 4 describes the necessity of the involvement of the tax department within the process:
“When a new client wants to become a client, this client has to go through a process. Also, as an existing client you could be assessed, based on risk-indicators. This process has existed for a long time, but a new aspect is that we [as being the tax department] have become part of the process.
When certain indicators are applicable … we have to give our opinion: do we think the client is acceptable or not.”
Although this thesis is about tax risk management, many interviewees have discussed the effect of their department within the totality of the bank. The processes the tax department is part of, should not be considered stand-alone processes, but End-to-End processes. Interviewee 2 argues that coming together with various department ensures mutual understanding and increases the quality of information between the departments throughout the process as a whole:
“We look to End-to-End cases, where we see that departments are looking only to themselves, whilst being part of a chain. Especially in those hand-over moments are many risks, for example incorrect information from an earlier department or giving incorrect information to the department after them.
… Departments do not realize that if they deliver incorrect information, this has implications for the tax returns. When they know it, they are startled.”
An important risk within taxation appears to be the reputational risk. Multiple interviewees identified the reputation risk as the most important risk related to tax. Interviewee 4 made a connection between the tax policy of the organization and the reputational risk for the organization:
“That is all-determining. It is the thing we worry about most. Reputation towards the tax authority, and towards the society. In everything we do, we are thinking whether we could end up negatively in
33
How does a TCF in the semi-public banking sector differ from a TCF in the for-profit banking sector?
The three lines of defense can be seen as important measures to increase the quality of the internal processes. It is an important control measure to reduce mistakes and fraud. However, as seen before, the organizational culture varies between commercial and development banks. Whereas commercial banks see corporate social responsibility as something important, development banks are based on it. This can be returned to the culture of the bank and also in the defense mechanisms implemented. Commercial banks tend to have adequately implemented three lines of defense mechanisms – partly resulting from legal necessity – whereas the three lines of defense within the development bank is less mature. Importance for the implementation of decent defense mechanisms include reducing errors and reducing fraud. When connecting this to the organizational mission and vision of development banks, an important defense mechanism that reduces the chance on fraud is the mission, vision and overarching organizational culture itself. Interviewee 2 – former commercial bank employee, current development bank employee – discussed this as follows:
“There is no driver to do something without the tax department. … I am quite new here, but I find it funny to see that the organizational culture is completely different. Every now and then I ask questions about internal fraud and similar issues. And then my colleagues look to me… … It really
ensures soft control, which is more present than I had realized beforehand.”
On the other hand, implementing adequate defense mechanisms is not only about reducing fraud. Reducing human mistakes / errors is an important goal as well. This is an aspect which the
commercial banks have emphasized more explicit within their processes. Interviewee 2 discusses this as follows:
“At the moment the tax department probably acts to honor and conscience to get things done, and they probably have identified and mitigated the major risks. But if I would look with the standards
34 Internal Environment
Aspects of the internal environment include the organizational risk appetite, the organizational culture, the tone at the top, mission and vision. Within the development bank, the head of tax reports to the director CLS, whereas the head of tax within the commercial banks report to the CFO. Furthermore, the interviewees working for commercial banks mentioned the tax policy and risk appetite as approved by the board more specifically than those working for the development bank. However, the development bank also has an approved tax policy. When looking to the organizational culture, as mentioned, this is a part that is strongly developed at the development bank. Table 3 shows the core characteristics of the various aspects related to internal environment within the banks.
Table 3. Characteristics of the banks related to internal environment
Element A [Development Bank] B [Commercial Bank] C [Commercial Bank] Tax Risk Policy Published online Published online Published online
Accountability Tax Director CLS CFO CFO
Size Tax Department 2 24 18
Tax Risk Appetite Not identified Qualified and quantified, ‘high’ is unacceptable
Qualified, ‘red’ is unacceptable
Objective setting
In order to be able to define potential threats or opportunities to the organizational goals, these goals have to be specified. Table 4 shows the approaches the banks take in order to define the objectives.
Table 4. Characteristics of the banks related to objective setting
Aspect A [Development Bank] B [Commercial Bank] C [Commercial Bank]
Process step Described Described Described
Proces description Described Described Described
Proces owner Described Described Described
35 Event identification
The next step is the identification of events that could alter the outcomes of the objectives set at the previous step. The organizations use various internal processes to identify risks from both an internal and external perspective. Table 5 shows the activities related to event identification.
Table 5. Characteristics of the banks related to event identification
Aspect A [Development Bank] B [Commercial Bank] C [Commercial Bank] Event identification
activities
No formal activities; personal insights used
Business Environment Assessment
Risk Committees, Risk Control Self-Assessment
Tax Risk Described Described Described
Tax Risk description Described Described Described
Tax Risk owner Implicated by process owner
Described Implicated by process owner
Risk assessment
The next COSO-step is the risk assessment. The identified events get a classification, which could be quantified (usually through a multiplication of chance and impact) or qualified (based on professional judgment). Table 6 shows the activities related to the risk assessment.
Table 6. Characteristics of the banks related to the risk assessment
Aspect A [Development Bank] B [Commercial Bank] C [Commercial Bank] Inherent risk level Not described Described Described
Assessment Qualified Qualified and
quantified
Qualified
36 Risk response
An organization has multiple response possibilities to assessed risks: accepting, mitigating,
transferring and eliminating. The various interviewees that work for a bank mentioned mitigating as the most important response important for the risks. Eliminating is also mentioned, in such a way that individual clients or projects could be eliminated (i.e. not started or discontinued) based on tax indicators. It should be noted that accepting risks might not be mentioned within all organizations. This may be because the possibility exists that only the larger tax risks are identified by these organizations. Table 7 discusses the aspects relevant to the risk response of the various banks as based on the interviewees responses.
Table 7. Characteristics of the banks related to the risk response
Aspect A [Development Bank] B [Commercial Bank] C [Commercial Bank] Applicable policy Not defined ‘High’ is unacceptable ‘Red’ is unacceptable Risk responses Mitigating, eliminating Accepting, mitigating,
eliminating
Mitigating, eliminating
Control activities
One risk response that has been identified is mitigating. In order to mitigate the risks, certain control activities need to be implemented within the process. Table 8 discusses the description and
implementation of the steps related to the control activities.
Table 8. Characteristics of the banks related to the control activities
Aspect A [Development Bank] B [Commercial Bank] C [Commercial Bank] Control activities 1st control
2nd control
Controls Controls
Control description Described Described Described
Control type & quality Not described Automatic / manual control
37 Information & communication
When the controls have been implemented, it is important to have adequate information and communication. This information can be internal, to ensure that employees have the right
information to their disposal. This information can also be external, so that third parties are aware of risk policies, culture and performance. The relevant aspects of information & communication are dicussed in table 9.
Table 9. Characteristics of the banks related to the information & communication
Aspect A [Development Bank] B [Commercial Bank] C [Commercial Bank] Internal
communication
Tax Indicator within proposals Tax department integrated in business Tax Departments issuing guidelines to business units Tax department integrated in business External communication Disclosures through reporting Cooperative Compliance Disclosures through reporting Cooperative Compliance Disclosures through reporting Vertical Compliance*
* The bank does work according to cooperative compliance, even though there is no individual contract yet. This individual contract will follow after former years have been closed.
Monitoring
When all choices have been made it is important to keep monitoring the process. Table 10 describes the relevant monitoring items.
Table 10. Characteristics of the banks related to monitoring
Aspect A [Development Bank] B [Commercial Bank] C [Commercial Bank] Monitoring activities Not defined Quarterly calls
Business Environment Assessment
Overall control status
38
Conclusion
This research paper is about the Tax Control Frameworks within commercial banks and development banks. The main research question is:
How does a TCF in the semi-public banking sector differ from a TCF in the for-profit banking sector? Six interviews with employees from development banks, commercial banks and external advisors and additional secondary data have been the foundation of the results. Since from both a theoretical and practical point of view COSO has been observed to be the leading framework for enterprise risk management, COSO has been used to be able to compare the different steps within the TCFs of the organization. Additionally, differences between the for-profit and semi-profit sector have been analyzed to give meaning to the steps identified in the TCFs. Although the organizations are subject to different foundations for their TCFs (e.g. COSO, common sense), the COSO steps are mostly identifiable within the TCFs of the banks. Within the steps differences have been identified.
First, within the internal environment, it is notable that the commercial banks have identified tax risk appetites, whereas the development bank has no tax risk appetite. Furthermore, the tax department at the development bank is accountable to the director CLS (Credit, Legal & Special operations), who reports to the CFO, whereas the commercial bank’s tax departments are directly accountable to the CFO. Secondly, in respect of the event identification, the commercial banks perform time-to-time activities to identify events. The development bank on the other hand has not implemented time-to-time meetings for this matter. Thirdly, an interesting feature that commercial bank B has implemented is the quantification: both the risk appetite and risk assessment are not solely based on professional judgment, but substantiated with numbers. It is noteworthy that commercial bank C and the development bank do not have a quantification within the risk appetite and risk assessment.
The banking sector is characterized by having to fulfill many legal obligations. The three lines of defense system is an important control mechanism for the continuous quality of the internal processes within banks. The commercial banks have thoroughly implemented this system, whereas the three lines of defense system within the development bank is not yet completely mature. All tax interviewees valuated their involvement within the greater of the organization as extremely
39
Discussion
Within this research, interview guides have been used to conduct the six semi-structured interviews. These guides have been built upon former research – including risk frameworks – and the research questions. The interviews have been held face-to-face in case a bank employee was interviewed, or over the phone in case an external advisor was interviewed. After the interviews, transcripts were made with the help of software and revised based on the interviewees feedback. A thorough process has been followed for the coding and analysis of the transcripts. Based upon these measures it can be sufficiently guaranteed that the results and conclusions of this research would remain the same if the study was to be reproduced.
From the results of the interviews it appeared that the tax control framework is more mature at the commercial banks than at the development bank. This result is in line with the expectation that the extensive regulation which is especially applicable within the commercial banking sector has a positive impact on the maturity of an organizations TCF (Paape & Speklè, 2012). Differences within the models of the organizations have especially been found at the COSO-steps internal environment and event identification. An important distinction between the commercial banks and development banks is the organizational culture. This part of the internal environment, the soft controls, seem to be stronger at the development bank, which is in line with former research stating that risk aversion plays a role within the semi-public sector (Kok & Driessen, 2012). It appears that the organizational vision and mission have a strong influence on the soft control that the culture is for the organization. This soft control at a development bank – with the government as major shareholder – may be explained through the line of reasoning that the government is harmed through tax evasion (OECD, 2013b). However, it should be noted that although the extent of incentives for internal fraud are lower at the development bank, implementing (tax) risk management framework is not solely focused on decreasing internal fraud.
40
research (OECD, 2013a). Adding to current literature, this research paper has compared a semi-public organization that has an individual cooperative compliance contract with commercial banks. This helps to gain insight in the creation and implementation of the tax control framework within various organizational settings.
The individual cooperative compliance contract of the development bank offers interesting
perspectives in the tax control framework from commercial and semi-public organizations. However, the reader has to keep in mind that many (smaller) semi-public organizations have no individual contract with the Dutch tax authority, which could potentially have severe consequences for the results of this research. As mentioned within the results section, tax exemptions fluctuate heavily, whose effects are unidentified. The focus of this article is limited to the tax risk management of organizations, without elaborating deeply to the underlying tax issues or the place of the tax control framework into the broader enterprise risk management framework. These limitations offer
41
Bibliography
Abend, G. (2008). The meaning of Theory. Sociological Theory 26(2), 173-199
ABN AMRO Group N.V. (2018). Banking for better, for generations to come. Integrated Annual Review 2018. Retrieved from https://www.abnamro.com/nl/over-abnamro/jaarverslag/index.html
Acharya, V. V. & Merrouche, O. (2013). Precautionary Hoarding of Liquidity and Interbank Markets: Evidence from the Subprime Crisis. Review of Finance, 17(1), 107-160
Agyei-Mensah, B. K. (2016). Impact of adopting IFRS in Ghana: Empirical Evidence. In Economics and Political Implications of International Financial Reporting Standards (pp. 191-230). IGI Global
An, Y., Davey, H., & Eggleton, I. R. (2011). Towards a comprehensive theoretical framework for voluntary IC disclosure. Journal of Intellectual Capital, 12(4), 571-585.
Arlinghaus, B. P. (1998). Goal setting and performance measures. Tax Executive, 50, 434-440.
Armstrong, A., Jia, X., & Totikidis, V. (2005). Parallels in private and public sector governance. In: GovNet Annual Conference, Contemporary Issues in Governance.
Avdjiev, S., Kartasheva, A. V., & Bogdanova, B. (2013). CoCos: a primer. Available at SSRN 2326334.
Bakker, A. & Kloosterhof, S. (Eds.). (2010). Tax management: from risk to opportunity. IBFD.
Basel Committee. (2010). Group of Governors and Heads of supervision announces higher global minimum capital standards.
Beasley, M. S., Clune, R., & Hermanson, D. R. (2005). Enterprise risk management: An empirical analysis of factors associated with the extent of implementation. Journal of accounting and public policy, 24(6), 521-531.
Becker, B. W., & Connor, P. E. (2005). Self-selection or socialization of public-and private-sector managers?: A cross-cultural values analysis. Journal of Business Research, 58(1), 111-113.
Belastingdienst (2010). Leidraad Horizontaal Toezicht binnen de Individuele Klantbehandeling.
Belastingdienst (2013a). Leidraad Toezicht Grote Ondernemingen.
Belastingdienst (2013b). Controleaanpak Belastingdienst (CAB).
