Foreign Account Tax Compliance Act (FATCA)¶
| Regulator | US IRS / Treasury |
| Jurisdiction | Global |
| Status | live |
| Applicability | Platform |
FATCA is US federal legislation enacted in 2010 (as part of the Hiring Incentives to Restore Employment Act) that requires foreign financial institutions (FFIs) to identify and report on financial accounts held by US persons to the US Internal Revenue Service (IRS). Non-compliant FFIs face a 30% withholding tax on US-source income.
New Zealand and Australia each have an Intergovernmental Agreement (IGA) with the United States that implements FATCA through a domestic reporting mechanism rather than direct reporting to the IRS. Under the Model 1 IGA structure used by both countries, reporting entities provide annual reports to their domestic tax authority (IRD in NZ, ATO in AU), which then automatically exchanges the data with the IRS. This means the bank's direct regulatory counterparty for FATCA is IRD and ATO, not the IRS.
Key obligations include: classifying financial accounts as reportable (held by US persons or US-owned passive NFFEs), collecting self-certification from account holders, and preparing and submitting annual FATCA reports containing account balance, gross income, and gross proceeds. FATCA interacts closely with the OECD Common Reporting Standard, which uses a parallel classification and reporting framework for non-US tax residents.
Compliance register¶
This register maps every material FATCA obligation to the platform control or institutional process that satisfies it. It is the static traceability layer for the Totara compliance report — dynamic data (module build status, test evidence, control test dates) is overlaid at runtime.
Scope legend¶
| Symbol | Meaning |
|---|---|
| 🤖 Automated | Platform enforces or performs the obligation. Primary control mode is GATE, AUTO, CALC, or ALERT. Human action is not required in the normal case. |
| 📊 Evidenced | Platform captures the evidence trail automatically. Human compliance decision sits on top. Primary control mode is LOG. |
| 🏛 Institutional | Obligation is met by a process entirely outside the platform — training programmes, board governance, HR, legal. Platform may generate evidence inputs but does not own the process. |
| N/A | Obligation does not apply to this deployment configuration. |
Build legend¶
| Symbol | Meaning |
|---|---|
| ✅ | Module built and deployed |
| 🔨 | Module planned — not yet built (build_status: Not started) |
| ❌ | Uncontrolled gap — no module attributed |
Account classification and due diligence obligations¶
| Obligation | Scope | Policy | Platform controls | Build |
|---|---|---|---|---|
| Classify all financial accounts as reportable or non-reportable — identify US persons (citizens, residents, indicia) and US-owned passive NFFEs | 🤖 Automated | PRI-004, REP-011 | MOD-060 (AUTO) — FATCA/CRS due diligence workflows automated; account classification based on CDD profile data from MOD-010; indicia-based classification applied at onboarding and on trigger events | 🔨 |
| Collect self-certification (IRS W-8/W-9 equivalent) from account holders who have US indicia | 🤖 Automated | PRI-004 | MOD-060 (AUTO) — self-certification workflow triggered automatically when indicia are detected; documentation stored and linked to account record | 🔨 |
| Periodic review — re-evaluate classification when account holder information changes or indicia are newly detected | 🤖 Automated | PRI-004 | MOD-060 (AUTO) — CDD profile changes trigger FATCA classification re-run automatically | 🔨 |
Reporting obligations¶
| Obligation | Scope | Policy | Platform controls | Build |
|---|---|---|---|---|
| Annual FATCA report to IRD (NZ) and ATO (AU) — reportable account data including account balance, gross income, and gross proceeds for all US reportable accounts | 🤖 Automated | REP-011 | MOD-060 (AUTO) — annual report assembled and submitted to IRD and ATO automatically; no manual data extraction or formatting | 🔨 |
| Nil reporting — submit a nil report when there are no reportable accounts in the period | 🤖 Automated | REP-011 | MOD-060 (AUTO) — report submission is automated regardless of whether reportable accounts exist | 🔨 |
| Cross-border data transmission logging — log all disclosures of customer financial data to overseas tax authorities | 📊 Evidenced | PRI-004 | MOD-060 (LOG) — every cross-border data transmission recorded with recipient, data scope, legal basis, and transmission timestamp; supports privacy obligations alongside FATCA reporting | 🔨 |
Institutional obligations (not platform scope)¶
The following FATCA obligations are the responsibility of the institution, not the platform. The platform may generate evidence inputs but does not own these processes.
| Obligation | Owner | Platform evidence input |
|---|---|---|
| GIIN registration — Global Intermediary Identification Number registration with IRS and maintenance of FFI agreement | Chief Financial Officer | Institutional registration; not platform scope |
| Withholding agent obligations — if acting as a withholding agent for US-source payments, apply 30% withholding on recalcitrant account holders | Head of Treasury | Platform does not currently process US-source income streams that trigger withholding; institutional assessment required |
| IGA counterparty relationship — maintain relationship with IRD/ATO under the IGA framework | Chief Financial Officer | MOD-060 submission records provide the evidence base for IGA compliance |
| Staff training on FATCA classification obligations | Chief Financial Officer / Chief People Officer | Institutional LMS; not platform scope |
Coverage summary¶
| Area | Total obligations | Platform automated 🤖 | Platform evidenced 📊 | Institutional 🏛 | N/A |
|---|---|---|---|---|---|
| Account classification and due diligence | 3 | 3 | 0 | 0 | 0 |
| Reporting | 3 | 2 | 1 | 0 | 0 |
| Total | 6 | 5 (83%) | 1 (17%) | 0 | 0 |
All platform obligations have attributed controls. All attributed modules are currently
build_status: Not started — the compliance position will update as modules are built and deployed.
Related policies¶
| Policy | Title |
|---|---|
| PRI-004 | FATCA & CRS Compliance Policy |
| REP-011 | Tax & information reporting (FATCA/CRS/AEOI) |
See CRS / AEOI for the parallel OECD Common Reporting Standard obligations.
Official documentation¶
- IRS FATCA guidance for financial institutions
- IRD New Zealand — FATCA and CRS
- ATO — FATCA
- NZ–US IGA (signed 2014)
Policies referencing this standard¶
Compiled 2026-05-22 from source/entities/regulations/industry-fatca.yaml