The European Data Protection Board (EDPB) asked EU Member States to re-assess their tax information exchange agreements (TIEA) with third countries in order to evaluate their compliance with taxpayers’ privacy rights and the General Data Protection Regulation (GDPR).
This request follows concerns raised in Austria, France, Luxembourg and the UK, that certain transparency requirements such as the OECD Common Reporting Standard (CRS) and the US Foreign Account Compliance Act (FATCA) are incompatible with GDPR. The EDPB therefore deems that “in order to ensure that the level of protection of natural persons guaranteed by the GDPR and the LED is not undermined when personal data is transferred outside the EU, consideration should be given to the aim of bringing these agreements in line with the GDPR and LED requirements for data transfers where this is not yet the case”.
Such attempts to introduce safeguards to ensure the right to privacy under GDPR could have a substantial impact on CRS and FATCA.
SOURCE: edpb.europa.eu