DAC6: Will a DAC6 report in the UK provide sufficient evidence for EU member states?

Register for our DAC6 email updates

In light of the amended UK DAC6 regulations as a result of the Brexit Free Trade Agreement, the Netherlands Tax and Customs Administration has confirmed to VinciWorks that a UK DAC6 report will not be accepted as sufficient evidence of a DAC6 report in the Netherlands.  

The Netherlands have confirmed that in line with the DAC6 Directive, they will send all DAC6 reports to the European database. However, the Dutch Mandatory Disclosure Team has made it clear that they have no obligation to share reports in any other way and the Netherlands will not actively do so. We will have to wait and see if and what the EU will decide on the exchange of information between EU countries and the UK. 

Because the DAC6 rules and the OECD rules are two different reporting obligations, the Netherlands cannot accept a reference number that belongs to an OECD-disclosure for DAC6. The fact that a report is filed in the UK under hallmark D of the OECD MDR does not exempt a Dutch intermediary to file a report under DAC6 in The Netherlands.

Ireland has confirmed the same and it is likely that other EU member states will adopt a similar approach.

What do these changes mean for our reporting solution?

We have already started updating our DAC6 reporting solution to reflect the Brexit changes and we will continue to work with HMRC to understand the full extent of these changes and we will send email updates on DAC6 and the new UK MDR.

To learn more about how we can help you with compliance, get in touch with us by completing the short form below.

How are you managing your GDPR compliance requirements?

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.

“In a world older and more complete than ours they move finished and complete, gifted with extensions of the senses we have lost or never attained, living by voices we shall never hear.”

Picture of James

James

VinciWorks CEO, VInciWorks

Spending time looking for your parcel around the neighbourhood is a thing of the past. That’s a promise.

How are you managing your GDPR compliance requirements?

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.

How are you managing your GDPR compliance requirements?

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.