Formulating Targeted Risk Control Measures Based on Differences in Tax-related Entities

1.Overview of Entity Specific Risk Management

2.Targeted Risk Control Measures for Different Entities

3. Typical Cases of Risk Management by Object

4. Outlook for Risk Management by Object

1.1 Concept of Risk Management by Object

Risk Management by Object refers to a management model employed by tax authorities that constructs targeted systems for risk identification, assessment, response, and monitoring based on the operational characteristics, behavioral patterns, risk preferences, and compliance capabilities of various tax-related entities (such as large enterprises, small and medium-sized enterprises [SMEs], individual taxpayers, withholding agents, and Tax-related professional service institutions). This approach achieves precise prevention and control of tax risks, efficient allocation of tax administration resources, and reasonable reduction of tax compliance costs by accurately matching management resources with risk levels.

1.2 Why Tax Authorities Should Formulate Targeted Risk Control Measures Based on Differences in Tax-related Entities

From the perspective of tax-related entities, the core value of formulating targeted risk control measures lies in reducing compliance costs and minimizing unfair supervision. Significant differences exist in the risk characteristics and response capabilities of various entities. Large enterprises have complex businesses but generally possess a strong compliance foundation, necessitating targeted resolution of professional risks associated with cross-border transactions and related party transactions. SMEs, with limited resources, may inadvertently violate regulations due to insufficient policy understanding and require simplified risk warnings and guidance. Individuals, being numerous and dispersed, rely more on convenient self-correction mechanisms. Risk Management by Object avoids additional burdens caused by a one-size-fits-all regulatory approach, such as providing SMEs with “risk warning lists” instead of complex self-examination requirements and offering individuals automatic prompts for abnormal filings through the Individual Tax App. This enables each entity to achieve compliance within a framework suited to its capabilities, enhancing compliance willingness. From the perspective of tax authorities, Risk Management by Object is crucial for enhancing tax administration efficiency and optimizing resource allocation. Different entities exhibit significantly varying distributions of tax risks. Large enterprises contribute significantly to tax revenue but may conceal substantial tax source attribution in their complex transactions. SMEs, numerous in quantity, primarily face risks related to basic policy execution deviations. Individuals often encounter risks stemming from information asymmetry, such as failing to consolidate and declare income from multiple sources. By implementing tailored strategies, the specialized teams of tax authorities can concentrate on high-risk areas of large enterprises, utilize intelligent tools for batch risk screening of SMEs, and allocate grassroots resources to basic risk counseling, avoiding resource wastage. Simultaneously, Risk Management by Object reduces interference with compliant entities from excessive regulation, enhancing the overall input-output ratio of tax risk prevention and control and promoting a transition in tax administration modes from “broad coverage” to “precision”.

2.1 Risk Control Measures for Large Enterprises

Large enterprises, characterized by their large business scales and complex transaction structures (such as cross-border investments, related party transactions, and hybrid investments), primarily face risks in professional areas like tax source attribution, profit calculation, and policy applicability. Risk control measures for large enterprises should emphasize professionalism, precision, and collaboration.

2.1.1 Establish Dedicated Risk Management Teams

Form specialized risk management teams for large enterprises, comprising experts in value-added tax, income tax, international taxation, anti-tax evasion, and financial management. These teams conduct risk assessments tailored for industry-specific characteristics (such as finance, energy, technology, and manufacturing) and focus on high-risk areas for penetrating verification.

2.1.2 Construct Dynamic Risk Profiles

Utilize big data technology to integrate corporate financial data, filing data, and third-party information (such as customs and foreign exchange data) to establish multi-dimensional risk indicator systems focusing on key areas like related party transactions, cross-border payment rationality, and tax incentive applicability. The systems could continuously update the risk levels in real-time.

2.1.3 Strengthen Cross-border Tax Source Monitoring

Connect with international tax information exchange mechanisms (such as the Common Reporting Standard [CRS]) to monitor the tax filing and tax payment of overseas investment income by enterprises. Establish cross-border transaction risk models to identify the tax evasion behaviors through transfer pricing and to determine permanent establishment.

2.1.4 Regular Risk Self-examinations and Disclosures

Require large enterprises to regularly submit “Related Party Transaction Risk Self-Examination Reports”, disclosing the tax implications of major transactions like reorganizations and mergers and acquisitions.

2.2 Risk Control Measures for SMEs

SMEs, being numerous and having weaker compliance capabilities, primarily face risks such as policy misunderstandings, filing data errors, tax incentive abuses, and inaccurate cost and expense reporting. Tax authorities should adopt a “supportive regulatory” approach, reducing risks through simplified processes and intelligent warnings.

2.2.1 Simplify Risk Identification Indicators

By focusing on basic filing data (such as value-added tax input-output matching and income tax cost and expense deductions), establish lightweight risk indicator systems to avoid “misjudgments” caused by complex indicators. For example, automatically verify basic risks like sudden increases in invoicing amounts or exceeding tax exemption item standards for small-scale taxpayers through the system.

2.2.2 Implement Pre-emptive Risk Warnings

Embed “risk warning functions” in e-filing to provide real-time prompts and modification suggestions when enterprises fill in data with logical errors. Enable intelligent pre-filing and verification empowerment, automatically generating core content of tax filing based on third-party data from business registration, banking, and social security sectors to reduce manual filing errors. Conduct “one-on-one” counseling sessions for enterprises with minor violations in multiple consecutive reporting periods to prevent risk accumulation.

2.2.3 Risk Grading and Precise Interventions

Construct a SME risk scoring model, classifying enterprises into “low / medium / high” risk levels based on indicators like business scale, industry risk, and historical compliance records. Simplify verification frequencies for low-risk enterprises; send “risk warning letters” to medium-risk enterprises, listing potential issues; and conduct specialized counseling for high-risk enterprises.

2.2.4 Precision Policy Counseling and Compliance Guidelines

To address the issue of SMEs’ unfamiliarity with tax incentives, proactively create a “List of Eligible Tax Incentives” to enterprises by matching enterprise qualifications with applicable policies through big data tagging, and relying on online platforms (such as mobile apps).

2.2.5 Optimize Mechanisms to Allow for Mistakes

Implement “no punishment for first offense” system and “toleration lists” for SMEs with non-intentional violations due to policy misunderstandings and minor circumstances, and guide them to supplement filing or make corrections to reduce the impact of administrative penalties on their operations.

2.3 Risk Control Measures for Individuals

Individuals, characterized by their dispersion and diversified income sources, primarily face risks such as concealed income (such as part-time jobs and royalties), inaccurate expense deductions, and undeclared cross-border income. Tax authorities should achieve full-cycle risk control through “data integration + convenient verification + credit association”.

2.3.1 Mobile-end Intelligent Filing Verification

Integrate diverse income data (such as wages, labor remuneration and business income) from withholding agents and third-party platforms for individuals and incorporate real-time verification rules in the Individual Tax App to instantly assess the reasonableness of filled information.

2.3.2 Third-party Data Penetrating Verification

Establish data interfaces with departments like banking, payment platforms, social security, and real estate registration to construct a panoramic view of individuals’ “income-assets-expenditures”. Automatically compare contract amounts and filing amounts for large transactions like real estate transactions and equity transfers, and trigger risk verification for significantly low amounts without justified reasons.

2.3.3 Collaborative Supervision of Cross-border Income

Rely on the CRS and bilateral tax treaties to achieve information sharing on individuals’ cross-border income.

2.3.4 Establish Credit Association Mechanisms

Incorporate individuals’ tax evasion into their personal credit records, depending on the tax law and regulation of the respective jurisdiction, and may restrict access to tax incentives or convenient tax services for those with multiple overdue filings or false filings to enhance tax compliance through credit constraints.

2.4 Risk Control Measures for Withholding Agents

Withholding agents (such as enterprises and government units) bear responsibilities for withholding and remitting taxes like individual income tax and value-added tax, with risk points including under-withholding, delayed remittance, and inaccurate data submission. Risk control measures for withholding agents should emphasize “process orientation, accountability, and linkage”.

2.4.1 Establish a Mechanism for Interfacing with Withholding and Remittance Systems

Promote direct connections between enterprise financial systems and tax withholding systems to achieve automatic synchronization and verification of wage and salary data and deduction information to reduce manual input errors. Conduct logical verification on bulk withholding data (such as abnormally high / low per capita income) and provide real-time warnings for abnormal situations.

2.4.2 Intelligent Reminder and Punitive Measures for Remittance Deadlines

Set up full-process timeline monitoring for “withholding-remittance”, and provide triple reminders (system pop-ups, short message service, and phone calls) for obligors nearing deadlines without remitting taxes.

2.4.3 Strengthen Withholding Responsibility Training

Regularly conduct policy training for withholding agents to emphasize the scope of deduction items (such as children’s education and critical illness medical expenses), filing deadlines, and violation responsibilities (such as fines for failing to withhold taxes). Provide “withholding guides” to clarify operational procedures and common questions and answers.

2.4.4 Improve Violation Punitive Systems

Legally recover taxes and impose late fees for withholding agents intentionally concealing withholding obligations or making false filings. Include severely violating agents in the tax evasion “blacklist” and implement joint punishments (such as restricting participation in government procurement).

2.5 Risk Control Measures for Tax-related Professional Service Institutions

Tax-related professional service institutions (such as tax agent firms and accounting firms) serve as vital bridges connecting tax authorities and taxpayers, with risks primarily manifesting as assisting taxpayers in illegal tax avoidance and providing false certification reports. Risk control measures for tax-related professional service institutions should focus on “qualification regulation + credit constraints”.

2.5.1 Strengthen Qualification and Practice Regulation

Establish a qualification review system for tax-related professional service institutions to implement “registration + continuing education” management for practitioners. Require full-process tracing of intermediary institutions’ practice behaviors (such as tax planning and certification) for future verification. Regularly conduct quality inspections on intermediary practices and focus on behaviors like “helping taxpayers conceal income” and “abusing tax incentives”. Collaborate with industry associations to establish information-sharing mechanisms and jointly conduct compliance training.

2.5.2 Construct Credit Evaluation Systems

Rate registered tax-related professional service institutions based on dimensions like practice compliance, service quality, and client complaints, and use indicators like practice quality and violation records (such as A, B, and C levels). Provide green channels (such as priority participation in policy pilot consultations) for A-level institutions and restrict C-level institutions from engaging in high-risk businesses (such as cross-border tax planning).

2.5.3 Implement “Blacklists” and Information Publicity

Include intermediaries and practitioners with severe violations (such as issuing false certification reports and assisting in tax evasion) in the tax service dishonesty list and publicly announce them on the tax authority’s official website, depending on the tax law and regulation of the respective jurisdiction. Collaborate with industry associations to impose industry punishments (such as canceling membership) on dishonest entities.

2.5.4 Establish Two-way Feedback Mechanisms

Encourage tax-related professional service institutions to report ambiguous areas in policy execution, with tax authorities promptly responding and clarifying interpretations. Simultaneously, require intermediary institutions to remind taxpayers of risks (such as legal uncertainties in planning schemes) when providing services and retain written confirmation records.

 

  
3.1 China “Headquarters-to-Headquarters” Risk Management Mode for Large Enterprises
The Chinese tax authority has established a “STA-Provincial Tax Service-Municipal Tax Service” three-tier linked management mechanism for large enterprises with annual tax payments exceeding a certain threshold. By forming industry expert teams, it has developed “Risk Guidelines for Large Enterprises in Specific Industry” for key industries like finance and energy, focusing on high-risk items such as related party transactions and cross-border dividend distributions. It integrates corporate financial, filing, and third-party data (such as customs import and export data) to automatically generate risk profiles, continuously improving the accuracy rate of risk responses for large enterprises in specific industry.
3.2 Cameroon Construction of Small Enterprise Certification Management Centers
Cameroon has deployed AMC networks to provide technical assistance in tax filing, accounting, and management compliance for small taxpayers. These centers act as intermediaries between tax administration agencies and small enterprises, effectively promoting standardized operations and enhancing tax compliance among micro and small market entities.
3.3 Georgia Large Enterprise Tax Management
A large enterprise tax management division has been established within the inspection department.
3.4 Gambia The Compliance Risk Management (CRM) Framework
The Authority developed a Compliance Risk Management Framework and Policy, Manual and Strategy for the Domestic Taxes Department. The compliance risk management (CRM) framework is a structured process for enhancing compliance processes in tax administration and promoting voluntary compliance. This CRM supports comprehensive tax compliance risk management processes based on international best practices. A section is created, headed by a manager, and given the responsibility of identifying, assessing, mitigating and monitoring taxpayer compliance risks. The section works closely with the Authority’s enterprise risk management unit and the operational units under the domestic tax department. The Authority is also working on a Compliance Improvement Plan (CIP) that would categorize different risks and come up with targeted risk control measures.
In the future, Risk Management by Object will evolve towards being “more intelligent, more collaborative, and more inclusive”, with technological empowerment and ecological collaboration serving as the core drivers. From a technological application perspective, the deep integration of artificial intelligence and big data will achieve “precision” in risk identification. By constructing a “holographic risk map” for large enterprises, integrating cross-border transaction chains and capital chain data, it will automatically identify “invisible pricing” risks in related party transactions. For SMEs, a “Risk Prediction Model” will be developed to predict potential policy misunderstandings based on historical data and proactively push counseling content. For individuals, a “Behavioral Characteristic Database” will be established to predict potential tax source risks based on consumption data and asset changes. 
From the perspective of collaborative governance, cross-departmental data integration and global cooperation will break down the boundaries of risk prevention and control. At the domestic level, the tax authorities will establish a “data middle platform” in collaboration with market regulation, banking, social security, and other departments to enable real-time sharing of information such as corporate equity changes, capital flows, and social security contributions, depending on the tax law and regulation of the respective jurisdiction. This will provide multi-dimensional bases for conducting risk assessments by object. At the international level, joint risk assessments of cross-border transactions by large enterprises will be promoted, and a credit mutual recognition system for the cross-border practice of tax-related intermediaries will be established to address challenges in monitoring cross-border tax sources. From the perspective of service optimization, a more refined balance of “regulation and service” will be achieved. Differentiated response measures will be implemented based on the risk levels of different entities: reducing interventions for low-risk entities and conducting precise regulation for high-risk ones. Meanwhile, intelligent tools will be employed to lower compliance costs. For instance, a “Compliance Self-check System” will be provided for tax-related intermediaries, and a “risk self-assessment mini-program” will be developed for individuals, enabling risk prevention and control to shift from “post-event punishment” to “pre-event prevention”. Ultimately, Risk Management by Object will achieve the multiple objectives of “controllable risks, precise services, and enhanced tax compliance”. While safeguarding tax security, it will create a fairer and more efficient tax environment for different tax-related entities.
 

cases