In the past two months, we have defined tax risk management (TaxRM), discussed the optimal structure of TaxRM processes and provided examples of tax risks. More specifically, TaxRM is an enterprisewide process that is effected by a company’s board of directors, management and/or other personnel, and is designed to minimize tax liabilities and maximize compliance, each within the guidelines of tax laws. TaxRM processes are most effective when they are treated as a component of the organization’s overall enterprise risk management (ERM) process. Typical risks mitigated by TaxRM processes might pertain to uncertainties in the application of tax law to numerous areas of the business, financial reporting decisions, acquisitions and divestitures, and asset purchases and sales.
In this month’s article, Smart Business sat down with Walter M. McGrail, JD, CPA, a senior manager at Cendrowski Corporate Advisors LLC, to discuss how risks can be identified and prioritized in TaxRM processes.
“Prioritization of tax risks is an essential component of TaxRM processes. It may directly impact the effectiveness of a business’s tax function,” says McGrail.
What are some prevalent tax risks?
Many tax risks exist for any organization; however, one of the largest risks an organization faces is the risk of proper tax compliance. IRS audits are costly, time consuming events. The risk of an IRS audit should be mitigated by an organization’s TaxRM process. While TaxRM processes are seemingly the domain of the tax department, tax professionals are dependent on data from outside the tax department. For instance, tax managers must understand the basis of information presented in a business’s financial statements, including the derivation of GAAP-based accounting estimates. Without such an understanding, a tax professional may improperly prepare tax-basis financial statements, increasing the likelihood of an IRS audit. Furthermore, tax professionals should bear in mind that there exists no standard of materiality in the event of a tax audit. Unlike audits of GAAP-basis financial statements, where a threshold of materiality governs the audit, every item in a tax-basis financial statement is material. This is a significant, often overlooked tax risk that organizations must assess and mitigate.
How should tax risks be identified?
One way to promote tax risk identification is through risk workshops. In these workshops, participants from various levels of the organization jointly voice their concerns regarding prevalent tax risks. Workshop participants must possess a personality that affords them the ability to freely voice their concerns. If participants do not possess this personality, the workshop will not optimally identify risks.
Additionally, risk identification in workshops requires participants to identify foundational risks rather than superficial risks or effects of risks. For example, workshop participants might enumerate ‘poor tax compliance’ as a risk. However, poor tax compliance is a consequence of risk realization, not a foundational risk itself.
Poor tax compliance might be caused by the receipt of inaccurate information from a business’s operations. Going a step further, a lack of accurate information might be caused by an outdated IT system, a lack of an appropriate data entry policy, or a poorly executed but well-intentioned data entry policy, among other things.
In any event, it is essential for participants to identify foundational risks in order to properly analyze and mitigate them and the exposure associated with these risks.
