Tax News Update    Email this document    Print this document  

In Enforcement Guidelines (Guidelines) released March 31, 2022, the Cayman Islands' Department for International Tax Cooperation (DITC) outlined the circumstances under which financial institutions could face penalties for failing to comply with the Common Reporting Standard (CRS). The DITC also discussed the process by which financial institutions would be notified of penalties, and the notice and appeals process by which they may contest penalty imposition.

Background

The DITC is a department in the Ministry of Financial Services and Commerce that administers the Cayman Islands' international cooperation in tax matters, including monitoring financial institutions' compliance with the Tax Information Authority Act (2021 Revision) (TIA Act) and the Tax Information (International Tax Compliance) (CRS) Regulations (2021 Revision). Under Regulation 24 of the CRS Regulations, the DITC may impose monetary penalties of up to $50,000 on financial institutions and their directors, managers and general partners. The CRS regulations do not, however, specify the circumstances under which penalties will apply or address how a financial institution would contest a penalty.

Penalties

The Guidelines provide a non-exhaustive list of circumstances under which the penalties may apply. Penalties may generally be imposed for:

• Failing to establish and maintain policies and procedures
• Failing to register on the DITC portal by the notification deadline
• Filing a CRS return based on a self-certification provided by a person not authorized to sign on behalf of the account holder
• Failing to submit a CRS return (or nil return for financial institutions with no reportable account holders)

The attached chart contains a complete list of the penalties in the Guidelines, organized by type.

To determine if a penalty is appropriate, the DITC may investigate. Under the Guidelines, these investigations may consist of a compliance questionnaire, desk audit or information notice. In other circumstances, such as failure to file, an investigation may not be required.

These investigations supplement the Cayman CRS Compliance Form, which must be completed annually by September 15. The Cayman CRS Compliance Form requests confirmation that, among other things, the Cayman financial institution has registered with the DITC, maintains written policies and procedures, and has collected self-certification forms.

The Guidelines briefly address criminal provisions that could apply under the Tax Information Authority Regulations. If a criminal offense has allegedly occurred, the case will be referred to the Office of the Director of Public Prosecutions, which will determine whether the available evidence merits criminal prosecution.

EY observes: Financial institutions in the Cayman Islands should review their procedures, processes and controls to mitigate the risk of penalties.

We recommend the following actions as part of your Cayman Islands compliance:

• Review legal entities at least annually to ensure timely classification and registration of entities via the DITC portal
• Maintain written policies and procedures and review those procedures annually to confirm they represent the current process
• Review processes and controls for obtaining and validating self-certifications
• Review current processes for collecting, digitizing and storing self-certification forms so that information is properly reflected on filings
• Review data-retention policies to confirm information, such as data collected on self-certification forms and transaction information, is maintained for six years

Because a false representation on the Cayman CRS Compliance Form could result in sanctions, the person signing the form should confirm that adequate records support the filing, to avoid the application of multiple penalties.

Notification

A Breach Notice will be issued before a Penalty Notice. The affected party has until the deadline set in that Breach Notice (a minimum of 60 days) to ask the DITC not to impose a penalty. Among other things, the Breach Notice will provide the factual basis for the proposed penalty, the proposed penalty amount and the deadline for responding. The Breach Notice may also contain the steps required to remedy the breach. For multiple violations of the CRS Regulations, a single Breach Notice may include each Primary Penalty. If the breach has been remedied before the DITC issues a Breach Notice, the subsequent notice will note the remedy.

In considering whether to issue a Penalty Notice, the DITC will consider the seriousness of the breach, whether the breach was intentional or negligent, the actions taken to remedy the breach once the affected party was aware of the breach, and that party's history of compliance. If the DITC determines that a penalty should apply, a Penalty Notice will be sent. Under the Guidelines, the DITC may impose a Primary Penalty (or initial penalty), whose amount will depend on the type of offense (see the attached chart for details). A Continuing Penalty of up to $100 per day will also apply if the offense is not remediated as specified in the Breach Notice.

EY observes: The Guidelines are designed to enhance compliance rather than generate revenue. Accordingly, the Guidelines suggest that the DITC will take all facts and circumstances into account, as well as a history of compliance, when reviewing penalty abatement requests. EY anticipates that a "written representation" responsive to the Breach Notice will be the most effective method of securing full or partial penalty relief.

The DITC has yet to comment on when the notification process will begin, other than to say the Guidelines are effective immediately. Until DITC clarifies this issue, financial institutions should verify that they are complying with the Guidelines to avoid triggering penalties. They should also verify that the Authorizing Person and Principal Point of Contact (PPOC) they have provided is correct. The PPOC is the only person authorized to represent the relevant entity. Thought the PPOC provided may be an institutional email, the regulations do not clarify who is authorized to respond to DITC notices when an institutional email is listed.

Appeals (abatement request)

The Guidelines include a brief discussion of the Appeals process. Any recipient of a Penalty Notice may appeal to a court the decision to impose the penalty, its amount, or both. The appeal must be made within 60 days after the recipient received the Penalty Notice, or any later period the court allows.

If a penalty is appealed, the DITC cannot, without the court's leave, enforce the penalty or levy interest until the appeal is decided. The court may affirm, dismiss, or vary the penalty imposition/decision, or may set the original penalty imposition aside and remit the matter to the DITC for reconsideration based on the court's directions.

EY observes: With no history of appeals to review, it is unclear whether the DITC and the Cayman Courts will follow an appeals process similar to that used by the IRS, with relief routinely granted for reasonable cause, de minimis errors and/or filings made only a day or two late. Moreover, costs could prove prohibitive if an appeal is required, given the need to retain Cayman counsel. Until the standard outcome of penalty notification and appeals processes can be reviewed, or the DITC issues further comment, financial institutions' best option is to comply fully so they can avoid the penalty notification and appeals process, especially given the scale of the penalties that may be imposed.

If you have any questions regarding how the Guidelines may affect your Cayman filings and compliance, please reach out to your EY engagement team for more detail, to confirm your current compliance with the regulations, or to discuss potential remediation.

———————————————

Published by NTD's Tax Knowledge Services Group, Washington, D.C.; Maureen P. Sanelli, legal editor

———————————————
ATTACHMENT

Cayman Islands TIA CRS Offences and Penalty Chart