UK financial institutions may face compensation claims if they send inaccurate data under FATCA regime
In its document, which sets out answers to ‘frequently asked questions’ on the issue of data protection and FATCA, HMRC said that financial institutions could face claims for compensation from US nationals if they provide inaccurate information to the US authorities.
“In addition to any rights you may have to claim compensation from the US authorities, the DPA (Data Protection Act) gives individuals the right to claim compensation from a data controller where they have suffered damage because of a breach of the DPA,” HMRC said in its guidance. “As both HMRC and the financial institutions are data controllers for the FATCA information, you can make a claim for compensation to either (or both).”
For those who think the FATCA $50K threshold is somehow a safe harbor for them as “low risk” account holders who will somehow evade detection, well think again…
*I hate to say ” I told you so.” but I remember saying in a different comment here at IBS that a database programmer will always try to keep his database as simple as possible. So if I had the option to report all accounts or try to write a complex script which has to keep track of the balance of accounts over the year, then it’s pretty much a no-brainer! Back in my early days I worked on a few SQL database projects and the data normalization process involved in implementing them, and believe me I would take the simple route.
I remember that point, and it was well taken! Other countries will take note, I am sure.
On the broader issue of DATA Protection for the UK, it just reminds one of a question you could reasonably ask:
What about the other ~193 Countries upon which FATCA is being imposed?
DATA Protection from Identity theft and security concerns remains one of FATCAs FATAL Flaws. http://bit.ly/X1J8ES
Given US track record in dealing with massive fraud in the US homeland, this is an issue and an item to be taken lightly. http://bit.ly/W75dEP
Here is the IRS instructing hundreds of mid-east accountants how to accumulate banking and private data of US citizens, with no data protection controls. Does the IRS believe that Qatar will protect the security of those people? How? The one-day event will discuss a number of themes including: Foreign Account Tax Compliance Act (FATCA): Overview; International Governments’ Responses; and What financial institutions should do to get ready for FATCA?
Representatives from U.S. Treasury will address the purpose and scope of FATCA, the implementation timetable, the model of international agreements, and an assessment of international responses to the new law.
The International Governments’ Responses panel discussion comprises treasury and tax officials from US, Europe and the GCC. Discussion, who will focus on managing the implementation of FATCA and progress on Intergovernmental Agreements (IGAs) to be entered into by the U.S. with other Governments to facilitate compliance with FATCA.——http://www.qatarisbooming.com/2013/01/10/doha-hosts-fatca-us-tax-legislation-symposium/
So. Banks are lobbying to their gubbermints, to make agreements that significantly raise their risk exposure. No doubt they are explaining this fully to their stockholders.
Right, like the TD Bank, whose public silence on FATCA eclipses even that of our own government. Could it have anything to do with the fact that this “Canadian” bank has over 1300 branches in the U.S. and only 1100 in Canada?
…..”In addition to any rights you may have to claim compensation from
the US authorities, the DPA (Data Protection Act) gives individuals the
right to claim compensation from a data controller where they have
suffered damage because of a breach of the DPA,” HMRC said in its
guidance. “As both HMRC and the financial institutions are data
controllers for the FATCA information, you can make a claim for
compensation to either (or both).”
Under section 13 of the DPA a person is generally entitled to
compensation if they suffer damage as a result of violations of a
section of the DPA by organisations that hold their personal data.
Individuals are also generally entitled to compensation from those data
controllers if they suffer distress that causes damage.”……..
….”Organisations do have a defence to this right to compensation if they
can “prove that [they] had taken such care as in all the circumstances
was reasonably required to comply with the requirement [that it is
alleged to have breached]…..”
Yeah right, what are the odds that the ordinary person with an ordinary bank accounts can get anywhere at all up against a lawyered up US government, and lawyered up banks and investment entities? Have you ever even tried to argue with your bank about minor account charges, or any other issue? The legal fees just to talk with a lawyer on this issue might exceed the amounts in question. Where would you even find one who had mastered all the complexities of FATCA requirements, privacy laws, and any associated issues to prove damages etc.? And trying to get information from the US gov? If the ACA and others can’t get figures for those in OVDI who just had local accounts, or a true set of figures for renunciants/relinquishers, fat chance you’d be able to pry other information out of them to prepare for any attempt at a claim.
The banks will default to looking at who poses the more troublesome risks – satisfying the US, or erring on the side of mishandling the individual client’s data.
You don’t have to be a legal expert to realize that the banks and the US government would win.
This section below I think is a foreshadowing of how a FATCA IGA and deprivation of our privacy and other rights might be rationalized to us by the Canadian government if they were so misguided as to think they were getting any advantage by signing one with the US:
“HMRC also clarified that financial institutions would not need to
obtain individuals’ consent in order to send on personal data to the US
tax authorities under their FATCA obligations.
“To meet the fairness requirements of the DPA, [individuals] should
be made aware that [their] account details have been (or may be)
transferred to the US authorities,” HMRC said. “However, as the transfer
is being made to comply with a legal obligation (created by a Statutory
Instrument (currently published in draft form on 18 December 2012) the
consent of account holders is not required.””… from http://www.out-law.com/en/articles/2013/january/uk-financial-institutions-may-face-compensation-claims-if-they-send-inaccurate-data-under-fatca-regime/
badgerJanuary 28, 2013 at 3:35 pm
So will those IGAs really save money in compliance and other costs for the banks who pressed so hard for them?
Get FATCA Right Or Pay Up, Warns HMRC
by Lisa Smith : January 28, 2013
firms may face compensation claims for breaking data protection laws if
they send the wrong information to HM Revenue and Customs under new FATCAlaws.
HMRC flagged the issue in recently published guidance notes.
The tax man warns that under section 13 of the Data Protection Act, a
person can claim compensation if they suffer damage because wrong data
was passed to a third party about them. They can also claim for any
‘distress’ that is caused by erroneous data and sue the US authorities.
The UK was one of the first countries to sign up to the Foreign
Account Tax Compliance Act (FATCA) which is aimed at finding those US
taxpayers who have undeclared assets abroad.”………….