I. Revenue Administration: Information Technology Strategy

Information Technology is central to the effective administration of taxation systems. Where investment in IT was once seen as a “luxury” by administrations, evolving business practices across the globe now demand an efficient, comprehensive, accurate and interactive capability to deal with administration of the whole revenue system within a country, and, in a rapidly increasing number of cases, across borders as well.

Administrations need to be able to deal with increasing numbers of taxpayers and the increasing amount of information required to manage the complexity of their interactions. They also need better transparency of their operations, greater efficiency, and greater responsiveness to the needs of both taxpayers and the government.

These needs simply cannot be met by traditional manual means—they can only be met by the effective use of IT. Investment in IT capability now forms a significant part of the budget of administrations, and needs to be carefully managed.

The extent of use of IT within tax administrations varies markedly across the world. This series of notes is focused on the needs of administrations which have very little or rudimentary IT support for their operations (Category 1); or those which have IT systems which have not kept up with their needs (Category 2). Appendix 1 provides a summary of the typical stages a tax administration will go through as it introduces technology into the tax system.

This note describes initial steps which should be taken prior to going to the market for solutions or seeking donor support for IT initiatives.

II. What Questions Should Be Asked and What Issues Should Be Taken into Account When Developing an IT Strategy?

First and most importantly, an administration must be clear on what it expects from implementing technology. A “future state” vision of how the administration sees itself operating at a time towards the end of its planning horizon or even beyond is needed to identify the gap between where they currently sit and where they want to be, and to identify opportunities to meet those requirements.

Once an administration understands what it wants to achieve, the answers to questions such as those below can provide a path to future steps:

• What does the administration want from new technology? There can be a glittering array of possibilities available for all sorts of automation and data gathering. It is common for administrations to imagine an almost instantaneous complete transformation of their operations incorporating every facet of this array. These myriad choices may be quite different from what the administration actually needs, and it is common for an administration faced with these options to over-specify functions (both in terms of range and complexity), which results in complicated and inefficient outcomes that adversely affect the user experience.

• What does the tax administration actually need? A more dispassionate assessment should be made of an administration’s actual needs. An administration’s objectives may be as simple as to establish a basic set of systems to perform the core of their responsibilities—registration, processing, payment and accounting along with some associated functions like audit targeting, debt collection, etc. Understanding these basic needs and the environment within which the administration operates helps determine how sophisticated a system is required, something which has a major impact on its cost.

  The tax administration might want to include numerous electronic interface services (e.g., e-filing, e-payments, data sharing and data matching, and taxpayer self-help portals) but the wider business and government environment may not be ready to use these features. Understanding the level of IT skills and infrastructure in the community will help determine how sophisticated the tax administration system should be and the preferred timing and sequencing of the IT strategy. Is the business community already automated? Are government agencies automated? Are their systems up-to-date? Is there wide-ranging and continuous electricity supply? How broad is internet and mobile phone coverage? What plans do larger businesses and government have to increase use of and exposure to technology?

• Can the IT system be afforded, and who will pay? There is no limit as to how much can be spent on technology, but provision of a basic core set of systems along with needed hardware and communications networks will start at more than USD$10 million, even for a small administration.

• Who will provide the IT system? In the past, it was common for tax IT systems to be custom-built, either by in-house experts or by consulting firms. That is no longer the case—there is a number of tax-specific systems available in the marketplace, able to be configured to meet individual administration’s laws and other needs. These are known as Commercial-Off-The-Shelf (COTS) systems. In most cases they can be implemented progressively—a set of core functions can be used as a starting point, and expanded functions added at a later date without substantial modification of the core.

• How long will procurement and implementation take? Excluding the procurement process, a target of three years is reasonable. In ideal situations, a two-year timespan can be achieved, but is not typical.

• If a new system is delivered, can the administration use it effectively? Technology is not the only issue to be considered. As it is introduced, impacts will be felt by stakeholders—staff, taxpayers, tax professionals, and government. As well, the way the administration conducts its business—its processes, will be profoundly affected.

  All these impacts will need to be foreseen and managed as part of the process. A change management strategy should be developed early in the design phase.

• What else is involved? New technology has its own set of requirements—it will require a suitable physical environment in which to be installed, it will need support to run it in the day-to-day environment, it will have ongoing maintenance and license costs, it will introduce new security requirements, it will need some sort of IT organization whose job is managing these activities as well as monitoring and planning for future enhancements, etc. All of these requirements need to be identified when developing the IT strategy.

III. What Is the Link Between the IT Strategy and the Organization Strategic Plan?

The organizational strategic plan sets out the outcomes sought by the administration over a fixed period, usually 3-5 years. It describes how these outcomes will be met and can then be used to create subordinate plans. For each of these lower level plans, a clear “line of sight” to particular corporate outcomes or aspirations needs to be established. In this way, a complete set of strategies and plans are evolved to describe the means to be used to achieve corporate outcomes. The IT strategy should have direct links to the strategic plan and will also have links to other operational plans within an organization, such as the compliance plan or operations plan which will highlight particular IT needs for their purposes. Figure 1 shows the hierarchy of planning documents.

Hierarchy of Planning Documents

Citation: Technical Notes and Manuals 2017, 001; 10.5089/9781475583601.005.A001

• Download Figure
• Download figure as PowerPoint slide

View Full Size

Hierarchy of Planning Documents

Citation: Technical Notes and Manuals 2017, 001; 10.5089/9781475583601.005.A001

• Download Figure
• Download figure as PowerPoint slide

Hierarchy of Planning Documents

Citation: Technical Notes and Manuals 2017, 001; 10.5089/9781475583601.005.A001

• Download Figure
• Download figure as PowerPoint slide

IV. What Functionality Should the IT Strategy Aim For?

Many of the answers are dependent on the relative maturity of the systems suite currently in place in the administration. As noted, the “heart” of any administration is a set of core systems which enable the basics of any tax system—an administration needs to know who its clients are, what obligations they have and when they are due, and who owes money to whom. This is enabled by an integrated suite of IT programs which provide support for: Taxpayer Registration, Returns Processing, Taxpayer and Revenue Accounting, and Payment Processing. These programs work together to provide what is commonly termed “the core system.” This core system can then be supported by additional systems (also referred to as sub-systems or modules) which use the information to provide particular outcomes—e.g., electronic filing, case management and workflow for debt collection and audit, and an analytical capability to automatically detect and select audit cases, provide individualized taxpayer service, forecast revenue, etc.³

Once those systems are in place, future enhancements can incrementally build on that base. Unless an administration is ready to use a particular enhancement, it should not be contemplated. For instance, unless processing and analytical capability is present, it would make no sense to introduce mandatory cash register reporting by businesses. Similarly, if internet access is not available across the country, mandating electronic filing would not make sense. Initiatives also need to be assessed on the basis of cost/benefit, where the benefit may be to the taxpayer, the administration, or in the best case, both.

To guide how IT is sourced, implemented and used in an administration, common practice is to construct an overarching document called an Information Technology Strategic Plan (ITSP). The answers to the above questions help to frame the document—the aims, objectives and scope of the strategy. The existence of an ITSP is a starting point for IT use in an administration, and is usually a pre-requisite for any donor participation.

It is common at this stage to engage an experienced IT executive to assist in the construction of the more detailed ITSP. From this point on, although the business desire frames the requirements, IT technical capability is an essential part of the equation.

V. What Is an ITSP, Why Is It Important, and When Should It Be Developed?

The ITSP is a document which sets out how IT will be used to achieve corporate outcomes. Although it has a technical name, it is not a technical document—it is intended for use by the organization as a whole and by the external stakeholders. It is not only about technology, it is also about process modernisation and organisational change. An ITSP sets out the IT needs of an administration in “from – to” terms, e.g., from: manually prepared paper returns to electronically prepared and processed returns; from separate systems by tax-type to a single integrated suite of systems; from use of internally-held information to use of third-party information, etc.

It typically covers all facets of how technology is to be used by the administration, including: management and governance arrangements; hardware; software; the technical platform and environment;⁴ cost projections for both capital and expense items; human capital management; vendor/supplier management;⁵ risk management; change management; stakeholder management and communications; information management;⁶ security provision and management; and, any other considerations in the enterprise IT environment⁷ such as distribution of capability, accommodation, etc. The IT strategy might also cover the policies or guiding principles that will guide the tax administration as it makes decisions about its IT program. These principles assist in providing stability, discipline, and consistency for IT decision making and help ensure alignment to business needs and goals. Appendix 2 provides an example of some high level guiding principles.

The level of detail present in an ITSP will vary according to the level of IT sophistication of an administration and the purpose for which it is being used:

• Tax administrations inexperienced in IT are likely to have a very high-level statement of objectives, e.g., to establish a core set of systems to perform the basics tax administration functions—registration, processing, and accounting. They may also focus on describing the formation of an IT organization within the administration—governance and management arrangements. They may further explore physical barriers to IT adoption such as connectivity or internet availability, etc. These high-level statements can be used for communication purposes and to obtain funding approvals. A more detailed plan can be developed for procurement purposes and to guide development of the preferred system.

• More advanced administrations will have greater definition of their ambitions and may identify more detailed issues e.g. they may have disparate systems which do not work well together, so the ITSP may be primarily focused on implementing an integrated suite of systems support for its operations or issues such as the introduction of wider self-service options.

A common contents list for an ITSP is in Box 1. A sample template for a simple ITSP is provided in Appendix 3. Anonymized examples of actual ITSP tables of content are provided in Appendix 4.

The strategy may also include descriptions of the type(s) of tools, technologies, equipment, etc., intended to be used by the organization.

Inventories and descriptions of software, hardware, communications standards, etc., are commonly found in a separate document or in an appendix to the document rather than the document itself.

If the ITSP identifies a need for a significant change to existing operations, e.g., replacement or establishment of the core processing system(s)⁸, the document will also further describe the initiative, and separately address issues relating to it including a transition approach and plan.

According to the level of maturity of IT within an administration, different facets of the strategy will require more or less examination. For instance, inexperienced administrations may need to focus on the availability of skilled IT staff in their country, and whether it is possible to create an IT organization within the administration due to issues such as pay disparities between the public and private sectors. This discussion could then be further expanded to sourcing strategies—in these countries there may be little option but to outsource IT development and maintenance.

More advanced administrations may want to focus more on IT sourcing strategies, how to move their systems to the next level, or whether to build or buy an integrated system.

Just as the organizational strategy informs the ITSP, lower level operational plans are then prepared from the information the ITSP contains. These plans can include detailed plans for individual programs or projects identified in the ITSP.

The contents of the ITSP are therefore framed in a way which is relevant to the particular issues an administration faces, rather than being a “one size fits all” document. It will be used not only as a reference point for operational plans, etc., but as the centerpiece for raising funds for its implementation (through a capital investment plan where present). It provides the rationale for any proposed investment.

The ITSP is intended to be a public document. All stakeholders should have ready access to the ITSP and it should be “pitched” accordingly. It is common practice to promote a summary-style document as the first level of interaction, from which the detailed document can be accessed if desired. The summary ITSP may be used for communications seeking funding and general stakeholder engagement.⁹ The more detailed ITSP is used for procurement and to guide development of the preferred system.

The ITSP is not a static document. It looks forward for a period of three to five years, but is refreshed annually in line with the organizational strategy, so an administration always has a three to five year horizon for decision-making. This annual refresh ensures continual alignment with the business strategy, business environment, and technology trends. It also takes into account unforeseen changes (e.g., government policies, delays in IT implementation), and new IT developments. For major projects such as replacement of core systems, an even longer planning horizon may be needed.

VI. Who Should Be Involved in Developing the Strategy and in What Roles?

Creating an IT strategy requires strong leadership; where existing, the Chief Information Officer (CIO)¹⁰ and Chief Technology Officer (CTO)¹¹ (alternatively the IT Director) need to work closely with the administration executive bodies, information managers, business owners, budget and legal sections as well as with other user groups such as staff associations within the organization. Infrastructure providers¹² also need to be part of the consultation process to ensure that technical proposals can actually be met. Closely associated external organizations such as the Ministry of Finance or Treasury will need to be included in consultations as will the wider network of agencies/ information exchangers.¹³ Participation of external bodies such as accounting professionals, chambers of commerce, as well as taxpayer groups can also lead to a greater understanding of future needs requiring IT solutions or support and the impacts of proposed automation solutions on their own internal systems—e.g., e-filing systems, information exchange, and payroll tax.

VII. Should an ITSP Address Risk Management Issues?

It is important that an ITSP addresses risks to the organization relating to technology. These can include threats to physical infrastructure, to business continuity, to data holdings, etc. and could be summarized as pertaining to: availability, integrity, and confidentiality. Issues such as security, disaster recovery, backup, and restore policies can all be covered by instituting a risk management policy, and regime such as that described in the International Organization for Standardization (ISO)27000 series. Essentially, the process follows these five steps:

• 1. identify risks;

• 2. assess risks;

• 3. mitigate risks;

• 4. develop response plans; and

• 5. review risk management procedures.

Due to its extremely confidential nature, detailed identification, assessment, and treatment program of risks should be compiled in a document separate from the ITSP.