Skip to main content Skip to Footer


Automatic exchange of information regime: An emerging compliance challenge

Accenture's report on strategies to meet compliance with Common Reporting Standard (CRS), the new global standard for Automatic Exchange of Information.


While financial institutions globally struggle to meet the full Foreign Account Tax Compliance Act (FATCA) compliance requirements, they must also deal with a wider global tax transparency initiative—the Common Reporting Standard (CRS).

Like FATCA, CRS requires financial institutions around the world to play a central role in providing tax authorities with greater access and insight into taxpayer financial account data.

In this report, we explore the effect of CRS on financial institutions, and suggest possible strategies to help meet compliance in a cost-effective manner, while driving wider business strategy both from a business and a technology perspective.


CRS is modeled on FATCA principles and follows the same staggered approach in terms of obligations however CRS has a much wider scope than FATCA. To prevent taxpayers from circumventing the CRS, it is specifically designed with a broad scope across four dimensions:

  • Financial institutions—CRS has a broad definition of “financial institution,” which includes custodial institutions, depository institutions, investment entities and specified insurance companies. Some low risk financial institutions carved out of FATCA are also included under CRS.

  • Products—Products in scope include depository accounts, custodial accounts, cash value insurance contracts, annuity contracts and certain equity or debt interests. Certain insurance products excluded from pre-existing remediation under FATCA may come into scope for CRS.

  • Due diligence—Due diligence requirements increased considerably due to additional jurisdictions, a reduction of the de minimis carve-outs and a requirement to look through passive entities to report on the ultimate beneficial owners.

  • Information reporting—The financial information to be reported includes all types of investment income, but also account balances and sales proceeds from financial assets.

What does this mean for financial institutions now?


Financial institutions will need to assess if the processes and solutions defined for US FATCA are able to accommodate the additional requirements of CRS. They will also need to determine if there are more efficient ways to organize and consolidate specific capabilities to minimize operational costs and generate benefits for the business.

From a capability perspective, the CRS compliance requirements can be summarized in four areas:

  • Know your customer—Financial institutions may have to update the existing Know Your Client (KYC) and client onboarding systems and procedures to be able to capture and record additional data. Institutions should consider the effect on the overall customer experience and try to keep requests for information to a minimum.

  • Compliance data store—Data gathering, integration and alignment between the client data and the product data is perhaps the biggest challenge for financial institutions. Firms will also be challenged with providing evidence that they are compliant, with a clear audit trail.

  • Compliance rules engine—CRS compliance requires the implementation of a complex regulatory rule engine, which can analyze the customer data and classify the customer as either reportable or non-reportable for each participating jurisdiction.

  • Management information and reporting—Differences between FATCA and CRS means financial institutions may not be able to use the same reporting procedures for both standards.


A conscious effort is required to develop a strategic response to the wider Automatic Exchange of Information regime, both to avoid enormous compliance bills and to minimize the effect on customers and operations.

Key considerations for a successful CRS program include:

  • Future proofing and scalability—institutions need to ensure that their IT solutions are scalable and the focus is on the "intent of the law."

  • Managing overlapping and conflicting regulatory obligations and timelines—by seeking to identify synergies between other regulatory programs across key capabilities to establish a single change portfolio to overcome challenges.

  • Dealing with tight timetables with a delivery strategy—allows for individual obligation timelines to be met rather than packaging delivery into one drop with now subsequent flexibility to phase in as required.

  • Consistency of interpretation and application—firms should consider a centralized program team driving interpretation, rule book creation and a standardized operating model.

  • Data remediation and quality control—conduct a strategic review to assess the benefits of establishing or broadening the single customer view across the organization and weigh it against the effort required to develop localized solutions.

  • Establishing a robust control environment with ownership, lines of control and responsibility determined.

  • Considering custom versus packaged solution options—the key factor driving the decision will be the solutions’ ability to leverage and extend the existing KYC/AML/FATCA platforms.

  • Considering the wider benefits of the CRS program—this approach can enhance the business case.

  • Establishing and maintaining operational expertise—a successful implementation will require subject matter expertise in CRS legislation, tax, legal and risk, as well as a strong, centralized delivery team.