Facing FATCA: Unravelling the IT solution confusion

Colin Camp, Managing Director of Products & Strategy at Dion
Colin-CampFinancial institutions are finally coming to terms with the reality of FATCA, recognising that the new regulatory regime is more than simple KYC-plus. They must now decide how to address the demand placed upon them.

Despite initial beliefs that FATCA requires just enhanced data checking and storage capabilities, it is clear that the regulations touch multiple areas of the business. As such, FATCA demands a four-stage response, which can be summarised as follows:

  • Identification of relevant clients by checking data against specific indicia for both existing and new accounts
  • Remedial case management for identified accounts and/or missing data, including document storage
  • Calculating withholding tax as required
  • Amalgamated reporting on transactions and balances to the IRS and other tax bodies and clients

This requirement places significant pressure on processes and workflows throughout the business. Institutions have a number of options available to them and must decide which will offer them the best route to meeting the new and complex demands of FATCA.

The first option is to continue with manual search, identification and remediation processes. For smaller institutions with a relatively homogenous client base, this appears attractive at first look but even for these institutions, the manual effort will be extensive. FATCA requires that every new and existing client be checked against every indicia on an iterative basis and all findings must be confirmed, proved and recorded in an auditable fashion. When performed manually, there is a real risk that large amounts of confidential information could be shared improperly. Furthermore, recording auditable data is expensive, thus the costs and risks outweigh any perceived cost-benefit associated with manual processing.

The second option is to update existing client systems. As with manual processing, there appear to be cost benefits – in terms of capital outlay and operational expenditure – to this approach. However, given that FATCA touches numerous aspects of the workflow, multiple systems will need to be updated to support FATCA compliance. As the regulation will inevitably be adjusted over time, this will attract significant maintenance overhead in the longer term. It will also be difficult to support regulatory audits with data spread throughout multiple legacy systems.

The third option is to use current anti-money laundering infrastructure. However, although AML systems may be capable of meeting the identification stage of FATCA compliance, they offer little support for remediation and ongoing case management. They will therefore require significant development and integration with additional systems supporting the withholding and reporting requirements. FACTA’s reporting demands alone mean that this is a sub-optimal arrangement. To be effective, institutions will need to have all relevant data in a single system able to manage the various report formats, reporting media and reporting parties mandated by FATCA, and be able to handle incoming queries from regulatory bodies on reported data.

The fourth option is to outsource FATCA certification. Again, this looks like an attractive option for institutions that have embraced outsourcing in other areas of their business. But outsourcing still comes with management responsibility and institutions will still need to provide support for withholding and reporting in the future. In addition, investment interfaces will still be required. Outsourcing certification also runs the risk of duplication of data. In particular, institutions with global clients will need to address their data-security concerns and ensure providers are able to address data protection issues across multiple jurisdictions. Indeed, FATCA certification is almost certainly too close to core business to be outsourced fully with confidence.

The reality is that FATCA presents one of the biggest challenges to established systems, processes and workflows that most institutions have ever faced. It touches almost every aspect of their business, demands iterative processes, and has extensive reporting and auditing requirements. It is emphatically not KYC-plus or enhanced AML – although these are nonetheless an important aspect of the regulations.

For the majority of institutions affected by FATCA, a cost-benefit analysis will show that a packaged, specialist solution delivers the best outcomes over the long term. FATCA isn’t going away. Moreover, with the international community’s move towards a collaborative approach to taxation and the trend for additional supra-national legislation, FATCA can be viewed as the harbinger of a future in which financial institutions are subject to ever-more stringent demands for data.

In this light, deploying the right systems now represents a wise investment in the future.