Loading...

The procedure is being changed for gaining access to a company’s information systems in the event of tax monitoring

Pepeliaev Group advises that on 13 March 2023 the Russian Federal Tax Service (the “Federal Tax Service”) signed Order No. ED-7-23/163@[1], which regulates the procedure for information systems of companies applying tax monitoring (“TM”) to integrate with the Nalog-3 Automated Information System (abbreviated in Russia to “AIS Nalog-3”).

The Order is to replace the Federal Tax Service’s Order No. ED-7-23/1142@ dated 23 December 2021 with the same subject matter of regulation.

The new Order, similarly to Order No. ED-7-23/1142@, provides that:

  • a uniform approach should be applied to tax authorities gaining access to companies’ information systems;

  • tax authorities and companies should interact via a protected communication channel applying certified cryptographic information protection facilities (“CIPFs”);

  • information to be transferred should be protected from unauthorised access, destruction, copying and other unlawful actions from the time when it is transferred until it is received by AIS Nalog-3[2].

The Order also contains several new developments that are described below.

The deadline for information systems to be connected to AIS Nalog-3

It follows from the Order that participants of TM must prepare their information systems to which access has been granted to the tax authority for connection to AIS Nalog-3 before 1 January 2024. Therefore, as compared with Order No. ED-7-23/1142@, the integration deadline has been extended for 1 year.

A scheme to connect to AIS Nalog-3

The principle remains the same for connecting to companies’ information systems as was previously set out in Order No. ED-7-23/1142@. To prepare for integration with AIS Nalog-3, participants of TM still need to organise a protected communication channel using hardware certified CIPFs and to implement electronic services for information exchange with the tax authority.

Comment

However, at present a company needs to file two applications with the tax authority. The first application is for setting up a data transfer communication network and the second one is for connecting to the information system.

Setting up a communication network

The company files an “Application for setting up a data transfer communication network protected with cryptographic facilities” (annexes Nos. 1 and 2) within 1 month:

  • from the time when this becomes technically possible (for active participants of TM);

  • from the day when a decision is received to conduct tax monitoring (for new participants of TM).

The Application should contain information about the CIPFs that are being used and that an information security administrator has been appointed.

The tax authority, within 5 business days from the day when it receives the Application, sends a notice to the company following the examination of the Application (annex No. 3 “Notice following the examination of the application for setting up a data transfer communication network protected with cryptographic facilities”).

In the event of a positive decision, the tax authority sends, together with the notice, information about the procedure for obtaining cryptographic keys to hardware CIPFs and the IP address for connecting to the tax authority’s data transfer system. A negative decision implies that such connection is impossible (annex No. 6 “Notice that connection to the company’s information system is (im)possible”).

Comment

Within 20 business days from the day when the company receives a negative decision, it makes amendments (additions) to the application and resends it via telecommunications channels through the operator of electronic document management.

Connecting to the company’s information system

The company sends an “Application for connecting to the company’s information system” (annexes Nos. 4 and 5) within 10 business days from the day when it receives a positive decision under the previous application.

The tax authority within 10 business days from the date when it receives the Application sends a notice following the examination of the Application as to whether connection to the company’s information system via telecommunication channels is possible or impossible through the operator of electronic document management (annex No. 6 “Notice that connection to the company’s information system is (im)possible").

Comment

Within 20 business days from the day when the company receives a negative decision, it makes amendments (additions) to the application and resends it via telecommunications channels through the operator of electronic document management.

Grounds for connection to the information system to be denied:

  • the company applies CIPFs that are not included in the list posted on the website of the Federal Tax Service;

  • the Application for connecting to the company’s information system contains incorrect connection parameters.

What does this mean for participants of TM?    

According to the Order, starting from 1 January 2024, all participants of TM must switch to the new method of information cooperation with the tax authority by integrating their information systems with AIS Nalog-3.

Representatives of the Federal Tax Service forecast that such integration will result in:

  • an increase in formalised document management via information systems:

  • control measures during TM being automated;

  • documents being automatically requested from companies’ information systems;

  • a factor analysis of the tax base being performed;

  • tax revenues being foretasted more precisely;

  • a subsystem emerging of in-depth tax control taking into account specific aspects of a sector;

  • the accuracy being increased of an assessment being conducted of the efficiency of TM.

Help from your adviser

Pepeliaev Group's team is happy to offer assistance in advising on various issues related to entering tax monitoring and being subject to this form of control.

In particular, Pepeliaev Group offers services that involve: assessing the current internal control and risk management system and developing recommendations on how it can be updated taking into account the Federal Tax Service's current requirements; preparing documents to enter tax monitoring and providing support during this process; and analysing whether the documents already used by a monitored company need to be updated taking into account the changes in legal regulation. 


[1] Order No. ED-7-23/163@ dated 13 March 2023 “On approving the Procedure for tax authorities to gain access to a company’s information systems”

[2] The list of applicable SIPFs and information about the technology for cooperation via a company's information system are posted on the Federal Tax Service’s official website https://www.nalog.gov.ru/ (in the section “Activity/Supervisory work/Tax monitoring/Extended information cooperation”) not more frequently than once a year.

Отправить статью

04.12.2024
30 experts of Pepeliaev Group have received acclaim in 17 categories of the 2024 rankings by Rossiyskaya Gazeta
Read more
21.11.2024
Pepeliaev Group’s delegates went on a business mission to China in November 2024
Read more
10.10.2024
Pepeliaev Group's team has visited Ehrmann
Read more