2. Peer reviews of the AEOI Standard’s implementation

Peer reviews in relation to Core Requirement 1

Core Requirement 1 in the AEOI Terms of Reference refer to the detailed due diligence and reporting procedures that Financial Institutions must follow. These are standardised procedures to ensure that Financial Institutions report the correct information on Financial Accounts and their Account Holders to the tax authority in a uniform manner. It is therefore crucial that each jurisdiction properly reflects these requirements in its domestic legislative framework. The specific elements reviewed are as follows:

• The due diligence and reporting rules: This involves a review of how each jurisdiction has: (i) defined the scope of Reporting Financial Institutions, (ii) defined the scope of the Financial Accounts that must be reviewed, (iii) implemented the detailed due diligence procedures that must be applied to identify Reportable Accounts, and (iv) defined the information that must be reported. If a jurisdiction relies on non-AEOI legislation that defines “beneficial owners” in order to identify Controlling Persons with respect to the AEOI Standard, this is also reviewed.

• Jurisdiction-specific Non-Reporting Financial Institutions and Excluded Accounts: This consists of a specific review of each entry to ensure that the Non-Reporting Financial Institutions and Excluded Accounts provided for by each jurisdiction meet the requirements of the AEOI Standard and pose a low-risk of use for tax evasion purposes.

• The framework to enforce the requirements: This includes, amongst other aspects, a review of the provisions that jurisdictions have in place to: (i) prevent the circumvention of the AEOI Standard, (ii) to require Reporting Financial Institutions to maintain appropriate records; and (iii) to enforce the requirements and address non-compliance. Where the provisions relied upon are included in non-AEOI legal frameworks, these are also reviewed to the extent they are relevant for the implementation of the requirements of the AEOI Standard.

Where gaps are identified, recommendations are made.

Peer reviews in relation to Core Requirement 2

Core Requirement 2 in the AEOI Terms of Reference contains requirements with respect to both the contents of the international agreements used to exchange the information and the scope of the networks of exchange relationships. These requirements are therefore also essential to ensure the effective operation of the AEOI Standard, based on a level playing field. The particular processes conducted are as follows:

• The contents of the exchange agreements: The contents of the exchange agreements put in place are reviewed to ensure their provisions are in accordance with the requirements.

• Ensuring exchange networks are complete: It is ensured that each jurisdiction’s exchange network includes all of its Interested Appropriate Partners (i.e. the jurisdictions interested in receiving information from a jurisdiction and that meet the expected standards in relation to confidentiality and data safeguards). The process includes facilitating jurisdictions in putting agreements in place, which can be escalated into a peer review mechanism that jurisdictions can trigger if they become concerned about delays with respect to the putting in place of a particular agreement.

Again where gaps are identified, recommendations are made.

Peer reviews in relation to Core Requirement 1

The AEOI Terms of Reference refer to jurisdictions ensuring that, in practice, Reporting Financial Institutions are effectively implementing the detailed due diligence and reporting procedures specified in the AEOI Standard. Various specific elements in relation to the required framework are set out, such as various components of the administrative compliance framework that must be put in place, some of which are referred to below.

• Having an effective administrative framework to ensure compliance: Various components of each jurisdiction’s compliance framework are assessed in detail. Each jurisdiction is therefore asked for details of, amongst other things: (i) the compliance strategy it has in place, including whether it is based on a risk assessment specific to their jurisdiction and that takes into account a range of relevant and information sources, (ii) the procedures the jurisdiction has to ensure that Reporting Financial Institutions are reporting information as required, including to identify incorrect non-reporting and to follow-up to ensure compliance, (iii) the verification procedures implemented to ensure that the information being reported is complete and accurate, including analysis of the information reported, detail of the desk-based and onsite reviews conducted, and (iv) the enforcement activities carried out, including the application of penalties as appropriate. A jurisdiction’s exchange partners are also asked for any issues with respect to compliance by Financial Institutions that they might have identified when using the data received.

• International collaboration to ensure effectiveness: There are provisions in the AEOI Standard for collaboration between exchange partners to address errors or non-compliance by Reporting Financial Institutions identified by exchange partners. Feedback is therefore also obtained from each jurisdiction’s exchange partners on how effective the cooperation has been in practice.

Where deficiencies or areas for improvement are identified, recommendations are made.

Peer reviews in relation to Core Requirement 2

The AEOI Terms of Reference also contain requirements in relation to the processing of the information reported by Reporting Financial Institutions and its subsequent transmission to exchange partners. Some of the key elements are below.

• Preparing and validating the information: Once reported by Reporting Financial Institutions, the information must be sorted, prepared and validated in accordance with the technical requirements set out in the AEOI Standard (e.g. the Common Reporting Standard User Guide and XML Schema). Each jurisdiction’s exchange partners are therefore asked about any errors that might have been experienced when trying to utilise the information received. The causes of the issues are identified, including to establish whether there are deficiencies in the sending jurisdiction’s systems to process the information reported.

• Using secure channels to exchange the information: It is of vital importance that the information is kept safe while it is being transmitted. This is ensured through the use of the CTS which utilises industry leading security standards and which is used by all jurisdictions. This requirement has therefore always been found to be met in practice.

• Timeliness in the exchanges and follow-up: The timeliness of the exchanges is also reviewed, including the timeliness of any response to follow-up from a jurisdictions’ partners and the provision of additional or amended information as necessary. Again, feedback on these issues is obtained from each jurisdiction’s exchange partners.

Where deficiencies or areas for improvement are identified, recommendations are made.

The results

The AEOI legal frameworks are generally complete, with a high level of compliance identified. Furthermore, any remaining issues continue to be addressed. Since the publication of last year’s AEOI peer review report, 15 jurisdictions have requested a reassessment of their legal framework to reflect the actions that they have taken to address the recommendations made. Consequently a further 85 recommendations have been addressed. This means that, to date, 74 jurisdictions have brought amendments into effect to address the recommendations made, resulting in 584 recommendations being addressed in total. This includes 105 jurisdiction-specific exclusions being removed as they were found to insufficiently meet the requirements.

As a result of the reassessments conducted during 2022, one jurisdiction (Sint Maarten) achieved an upgrade of its determinations in relation to CR1 and its overall determination from “Not In Place” to “In Place But Needs Improvement”. Its determination in relation to CR2 was upgraded from “Not In Place” to “In Place”. Furthermore, six jurisdictions (the British Virgin Islands, the Faroe Islands, Germany, Mexico, Monaco and the Netherlands) achieved an upgrade both to their determination in relation to CR1 and their overall determination, from “In Place But Needs Improvement” to “In Place”. Finally, three jurisdictions (Grenada, Macau (China) and Romania) achieved an upgrade in their determinations, in relation to CR1 and their overall determination, from “Not In Place” to “In Place”. These amendments are reflected in this report. The remaining jurisdictions successfully addressed some recommendations, although the determinations remained unchanged (Argentina, Barbados, Costa Rica, Hungary and Uruguay).

This report also includes new reviews in relation to four jurisdictions that committed to commence exchanges from 2020 (New Caledonia, Nigeria, Oman and Peru), all of which received a determination of “In Place” for CR2 and three of which received a determination of “In Place But Needs Improvement” for CR1 (Nigeria, Oman and Peru) and one of which received a determination of “In Place” for CR1 (New Caledonia). Their determinations for CR1 were also mirrored in their overall determinations.

Overall, therefore, there continues to be a very high level of compliance in relation to the legal frameworks put in place to implement the AEOI Standard. Of the over 100 jurisdictions committed to commencing exchanges by 2020, virtually all of them (105, or 99% have an international legal framework that is fully in accordance with the AEOI Terms of Reference. The Global Forum has therefore issued them with a determination of “In Place” for CR2. Furthermore, the majority of jurisdictions (69, or 65%) have domestic legislative frameworks that are also fully in accordance with the AEOI Terms of Reference. The Global Forum has therefore issued these jurisdictions with a determination of “In Place” for CR1. 69, or 65% jurisdictions therefore received an overall determination of “In Place”.

By far the next largest group of jurisdictions 30 (or 28%) are those for which the Global Forum issued a determination of “In Place” for CR2 and “In Place But Needs Improvement” for CR1. Their peer review reports include one or more recommendations to amend their domestic legislative framework in order for it to be fully consistent with the AEOI Terms of Reference. Consequently, 30 (or 28%) jurisdictions received an overall determination of “In Place But Needs Improvement”. In total, 99 (or 93%) of the jurisdictions now have domestic and international legal frameworks that are fully or substantially in place, up from 89% in 2021. This demonstrates a generally high level of compliance with the Terms of Reference.

Following the actions taken, 93% of the jurisdictions have now been determined to have domestic and international legal frameworks that are fully or substantially in accordance with the AEOI Terms of Reference  

        

Of the remaining jurisdictions, six have implemented a domestic legislative framework which contains many of the requirements, but that includes significant deficiencies. The remaining one jurisdiction (Trinidad and Tobago) has not yet implemented a domestic legal framework. Seven jurisdictions have therefore received an overall determination of “Not In Place”. Figure 2.1 summarises the distribution of the peer review results.

Figure 2.1. Overall determinations at a glance (total number of jurisdictions assessed so far 106)

Common issues identified

While there remains a generally high level of compliance with the requirements, there are some commonalities in relation to the issues where recommendations remain. They most commonly relate to the following:

• The largest category of remaining recommendations are jurisdiction-specific Non-Reporting Financial Institutions and Excluded Accounts that are not in accordance with to the requirements of the AEOI Standard.

• Perhaps of even greater significance is the next largest category of recommendations, which relate to issues found with respect to the legislative provisions to enforce the requirements. This includes gaps in the powers to address avoidance of the due diligence and reporting requirements, the ability to impose sanctions on Account Holders and Controlling Persons for submitting false self-certifications and having record-keeping obligations that cover the full scope of the records required to be kept under the AEOI Standard. Their significance is reflected by the fact that all of the jurisdictions with legal frameworks that have been determined to be “Not In Place” have multiple recommendations with respect to their enforcement frameworks.

• Several more specific recommendations have also been made in cases where jurisdictions have summarised the detailed definitions in the AEOI Standard with the omission of relevant details that are needed to ensure their full and proper operation.

The Global Forum continues to work with the jurisdictions concerned to assist them in addressing the issues where recommendations have been made. It is also developing processes to continue to monitor the implementation of the AEOI Standard in relation to these issues, as well as to obtain a deeper level of assurance with respect to the implementation of the AEOI Standard in practice (see Next steps below).

The results

As mentioned previously, the results in this report are from the initial reviews, conducted in parallel to the implementation of the AEOI Standard by jurisdictions. Significant advancements therefore continue to be made. Overall, the picture is a positive one with a large majority of jurisdictions being found to be on track with their implementation. Furthermore, where issues have been identified (including during the review process, which included draft assessments in 2021, that were finalised in 2022), in the majority of cases they have been promptly addressed.

As a consequence, at the present time almost two thirds (65 or, 66%) of the jurisdictions that committed to commence exchanges in 2017 or 2018 have been rated as “On Track” with respect to their frameworks and activities to ensure the effectiveness of the AEOI Standard in practice. They have therefore been found to have developed complete administrative compliance frameworks to ensure that Financial Institutions effectively implement their due diligence and reporting obligations, which they are also implementing, and they are successfully conducting the exchanges in practice, addressing any issues as they emerge. A further 15 of jurisdictions have been found to have credible frameworks and plans in place and are generally successfully exchanging the information in accordance with the technical requirements but need to further implement their plans. These jurisdictions have therefore been rated as “Partially Compliant”. It is expected that the implementation in many of these jurisdictions will generally become much more mature in the near future, based on the plans they have in place. Finally, 19 jurisdictions have been found to have fundamental deficiencies in their frameworks (i.e. they are not yet fully developed) and have therefore been found to be “Non-Compliant”, five of which are constrained due to their lack of enforcement powers in their legislative frameworks. So, while the exchanges are taking place each year, they do not yet have complete operational frameworks to verify that Financial Institutions are effectively complying with all of the due diligence and reporting requirements.

More generally, the rate of improvement and the increasing maturity in implementation continues at pace. Over the last two years around three-quarters of jurisdictions have seen improvements in their ability to match the information received based on the increase in quality of the information being sent, a similar number have seen improvements in the collection of Tax Identification Numbers, as well as reductions in the numbers of undocumented accounts reported. Furthermore, the rate of the collection and exchange of dates of birth is close to 100%. As regards the exchanges themselves, delays in the exchanges are relatively rare and two-thirds of jurisdiction showed improvements in the preparation of the files, resulting in fewer rejections being experienced.

Figure 2.2 summarises the distribution of the peer review results.

Figure 2.2. Overall ratings at a glance (total number of jurisdictions assessed so far 99)

Common issues identified

While around two thirds of jurisdictions were found to be “On Track” with their implementation, amongst the other jurisdictions, several common issues were identified.

The most significant issues identified relate to jurisdictions that have been delayed in putting in place a complete and credible operational plan to ensure compliance with the requirements by Financial Institutions. In many cases some activities had been conducted to ensure all Financial Institutions are reporting information (e.g. by cross checking relevant lists of regulated entities), but there has been limited activities to ensure that the information being reported is complete and accurate. In general, these jurisdictions understood the deficiencies identified and seemed intent on addressing them. In general, it is therefore not expected that these issues will persist, although jurisdictions with constraints in their legal frameworks to enforce the requirements will generally take longer.

In terms of less severe issues, there is another group of jurisdictions that have credible plans in place but that have only very recently started implementing them. For example, the level of checks to ensure that the information being reported is complete and accurate might not yet be very mature, such as being limited to analysing the information but not yet carrying out compliance activities in relation to specific Financial Institutions. For these jurisdictions, as they already have credible plans in place, it is expected they will often quickly show improvements.

With respect to the exchanges in practice, the level of implementation has been very high and improving. The issues identified often related to the transition to the new version of the Common Reporting Standard Schema that occurred during 2021. Jurisdictions have nevertheless generally been proactive in looking to resolve issues where they emerge.