November 4, 2022

OECD Prepares URA for Regular Exchange of Information

By Irene Kabakama

Uganda Revenue Authority hosted the OECD global forum on transparency and exchange of information for tax priorities in a two-day virtual engagement that discussed information security management. This engagement also facilitated mock assessments that will prepare URA for the final exchange of information assessments in January next year.

The OECD delegates included Lloyd Garrochinho – ISM program coordinator as well head of delegation, Ms. Jasmina Trajkovski – ISM technical advisor, and Ms. Irene Bashabe – a tax advisor.

Denis K Kateeba, the Commissioner Tax Investigations Department said that Exchange of information is a tool for effective taxation of cross border transactions and revenue detection. The increased volume of international business and cross border transactions of our taxpayers with assets abroad triggered the need to obtain information through automatic exchange of information to curb the risk of revenue loss.

He added that for Uganda to exchange information on a regular basis, URA needs to do an assessment of information security management focusing on compliance with OECD’s requirements.

**The teams in attendance during the OECD online meeting in Nakawa**

OECD supports URA in the areas of the legal domestic and international frameworks, IT and administrative capacity, and information security management. The team is developing regulations to ensure that they are ready to participate in regular information exchange by September 2023, if the team passes their January assessments.

Lloyd Garrochinho asked the team to effectively utilise the mock assessment and requested the trainees to freely interact and share experiences so that they paint a great picture of information security and easily prepare for the upcoming assessment.

For the two days, the benchmark focused on information security management and IT and administrative capacity. These involved elements of confidentiality like access controls, information protection, operations management, penalties and sanctions, and non-compliance and breach investigation given that cyber-attacks are one of the organization’s threats.