The meeting of the finance ministers of the G20 countries in Sydney in February produced the usual and predictable homilies that so often are the product of such meetings. Most of the time what happens at such meetings can be safely ignored. But unfortunately there’s something that did happen at the G20 meeting that has far-ranging and quite detrimental consequences to the cause of tax competition between countries and to the cause of individuals’ right to privacy.
In Sydney the G20 finance ministers agreed to support a dramatic expansion of automatic data-sharing across national borders. This agreement has not received the attention it deserves, because it means that private and personal information about taxpayers will soon be swapped between countries, with little or no oversight from national governments. And what’s alarming is that this information will be handed over to regimes that often have only a minimal regard for human rights and for the security of private information. China, Saudi Arabia, and Ukraine for example are all countries with whom the personal details of taxpayers will be shared.
In the name of stopping tax evasion the OECD, the G20 countries, and the EU have developed a “common reporting standard” requiring financial institutions in signatory countries to automatically provide the financial details of non-residents to the home country of those non-residents. The point to remember about this is that the OECD has long argued against the right of countries to lower their tax rates to attract investment and financial holdings. This is not tax evasion. Instead of regarding the ability of a country to design its banking and corporations laws as it sees fit, the OECD has campaigned against tax competition as a “race to the bottom.” There is already some limited sharing of tax information between countries, but what’s been proposed would dramatically widen the scope of such sharing and make it automatic.
The Multilateral Convention on Mutual Administrative Assistance in Tax Matters establishes a global regime that has little regard for the rights of taxpayers. Under the convention and the regulations that surround it, signatory countries are required to provide to the home country, the name, address, and date of birth, and bank account details of non-residents.
The convention takes no account of the fact that there are many good reasons why non-residents might wish to locate some or all their financial assets outside their home country. The fear of extra-legal appropriation of those assets by the governing regime of the home country is one such reason.
Financial institutions are defined broadly to include not just banks but also insurance companies and stockbrokers. The red tape that is going to be imposed on such companies will be enormous. If a financial institution can’t provide electronic copies of specified information, it must undertake a manual search going back five years. This is regulatory overkill on an enormous scale. It’s ironic that while many governments around the world preach the merits of “deregulation” those same governments are pursuing a scheme of regulation that will impose huge burdens on financial companies.
Although these measures are aimed at non-residents, it is inevitable that information about residents will end up in the hands of foreign governments. A commercial transaction between a resident and a non-resident that produces a return as relatively small as $250,000 will be required to be reported to foreign governments.
At the G20 meeting the finance minister gave no guarantee that the personal information that they will hand over to foreign governments will be kept secure. And of course there’s no way that it can be kept secure, as the massive data breaches of recent times have proved. In Australia, just a few days before the G20 meeting, the personal details of 10,000 asylum seekers were inadvertently made public.
The OECD, the G20 countries, and the EU are relying on an OECD policy paper – ‘Keeping it safe: The OECD guide to the protection of confidentiality of information exchanged for tax purposes’ – as the means to keep personal information confidential. Unfortunately “Keeping it safe” provides only a set of vague guidelines and checklists for countries about how to maintain confidentiality and there is no certainty that countries will abide by even these vague guidelines. The paper correctly identifies that confidentiality of tax information is not just the product of legislation; it is also the result of a “culture of care” within a tax administration. Given the scant regard that tax administrations around the world have for taxpayers’ rights, there’s little evidence of any “culture of care” from tax departments.
The “illustrative examples” given by the OECD don’t inspire confidence that personal information will be kept confidential. For example the OECD states that in the U.K., employees in certain government departments “cannot travel outside the UK with their work related laptops without the permission of the data guardian.” The data guardian is a person designated to ensure that information is kept confidential. This leaves open the possibility that an employee of HM Revenue and Customs could travel the world with the personal details of thousands of foreign taxpayers in their laptop. There’s nothing in “Keeping it safe” that inspires confidence about the security of personal information.
It’s disappointing that there’s been so little scrutiny of what the G20 ministers have signed up to. The media and commentators around the world have not asked any of the basic questions that should be answered before such a scheme is put in place. As mentioned above, there are issues about whether tax information should be shared with authoritarian regimes in the first place. And there’s the issue of the confidentiality of personal information. And the issue of the bureaucratic burden imposed on financial companies. And the issue of whether any of the proposed measures are proportionate and reasonable.
These and many more questions should be answered before countries engage in what could potentially be an unprecedented assault on the privacy of personal information of individuals.