Security of tax data is now a top priority amid a digitalization drive

Due to increased government scrutiny, tax directors have urged businesses to strengthen data security as they produce ever-increasing amounts of information.

According to tax experts, as governments push for greater digitisation, businesses run the risk of failing tax audits if they do not adequately protect their data on external platforms.

The calls come in response to an increase in data production by businesses as a result of greater tax automation and requirements for live invoicing by tax authorities.

While using technology has been a positive development for tax departments, Sabine Studer, head of group tax at metal processing company Bystronic in Zürich, says it has increased security risks around data.

"Hosting data for tax purposes must first and foremost be secure and companies may want to choose cautiously where they host their data," according to Studer.

She claims that because data privacy laws differ from nation to nation, different IT solutions may be needed to handle them and guarantee the security of corporate data.

The protection of data by outside suppliers presents another difficulty for businesses.

"You can choose your outsourcing provider, but can you determine where they store your data? Not exactly," responds Studer.

She claims that when businesses change their business models, data security risks also arise from third-party vendors and tax engines, or tax compliance software. This frequently results in the transfer of data between external entities, raising concerns about the oversight of corporate data.

"The question is, when your data travels [between outsourced entities], will these providers still fit your data security expectations?" inquires Studer.

The impact of businesses leaving Russia as a result of the conflict in the Ukraine has increased among tax director data and audits.

"TWe recently sold an entity in a country where nobody wants to do business, but the new owner took the ERP system with the data and we no longer have access to that information," Studer said.

She claims that the problem is a lack of access to tax information from sold businesses. In the event that tax authorities decide to conduct their upcoming audits, it is anticipated that this data gap could cause problems for businesses.

"We now have no hard copies, no scanned documents or filed tax returns at the time [when we owned the business]," says Studer.

This incident highlights the significance of carrying out thorough due diligence when disposing of entities, especially when it comes to the transfer of data.

It also emphasizes the necessity of having solid procedures in place for multinational corporations, including guidelines on data ownership and workflows or accountability.

Data risks include practical concerns with the storage, handling, and transfer of business information in addition to those related to mergers and acquisitions.

Companies now face the additional challenge of either updating or maintaining their current data processes as a result of the introduction of new technologies like ERP systems. This choice is typically based on how complicated and expensive such processes are.

Instead of completely overhauling processes, businesses might be compelled to keep paying for outdated ERP systems long after they are no longer necessary in order to support audits by tax authorities.

The risks to business data go beyond platform-specific issues and take into account issues with national data security as well.

For businesses, determining who has control over data in various jurisdictions can frequently be a costly and time-consuming process.

It also raises concerns about the inconsistency of e-invoicing regulations across nations, particularly those in the EU.

Companies are under a lot of pressure to comply with various regulations as a result of the lack of e-invoicing regulation harmonisation. This includes the management, storage, and transmission of data by businesses to tax authorities.

A tax expert at a multinational cosmetics company in Europe claims that due to increased dig