The Taxman Cometh… Why Telcos Must Tackle Sales Tax Fraud

Did you know that involvement in a fraudulent supply chain, even as an innocent party, can still leave you liable for the fraudulent tax loss? This article was written to raise awareness of Missing Trader Tax Fraud in particular, and of sales tax fraud in general. The examples given are real, and I gratefully acknowledge the contribution of industry colleagues, particularly from Telecom Italia and Vodafone.

I recently presented this issue to the Risk & Assurance Group. Whilst that presentation focused on the impact of Missing Trader VAT Fraud within the European Union (EU), the subject is equally relevant to telecoms operators in markets subject to Goods & Services Tax (GST). In fact, improved EU awareness may result in fraud migration to GST markets and in these circumstances, GST authorities are likely to review the EU countermeasures, with potentially significant consequences for the industry. Operators must pay attention!

First, do you know how VAT works? Well, VAT-registered businesses charge VAT on their goods or services and reclaim any VAT they’ve paid on business-related goods or services.

How VAT works 777x238

VAT traders must report the VAT they’ve charged and paid to their tax authority; this is done through a VAT return which is usually due every 3 months. According to the European Commission in January 2016, VAT fraud is costing the EU €180bn annually. The Commission doesn’t hold separate data for MTIC (Missing Trader Intra-Community) fraud but Europol estimates that €40-60 billion of the annual VAT losses are caused by organised crime groups and that 2 percent of those groups are behind 80 percent of the MTIC fraud.

MTIC VAT Fraud is not a new concept and has been around as long as the tax itself. In its simplest form a registered VAT trader makes a fraudulent reclaim of VAT and disappears with the money paid out. However, tax authorities soon implemented countermeasures on large repayments and the fraudsters were required to evolve new models in order to continue exploiting tax processes.

The fraudsters moved into import/export and since they liked to keep their transport costs down (hey, they’re in business too!) they specialised in high value, low volume goods, initially computer chips but then moving into mobile phones. Supplies of goods between members of the EU are zero-rated for VAT purposes so a VAT Trader effectively received goods VAT free. The fraudsters established a fraudulent trading chain and one of the companies in the chain would go missing with the VAT.

VAT Carousel 777x437

When tax authorities brought in countermeasures in the form of ‘reverse charge’ orders on electronics and mobile phones, the fraudsters moved on to carbon credits and to wholesale telecoms.

Tax authorities weren’t impressed by MTIC fraud and responded by refusing input tax to the buffer traders further down the chain. This is where it could become your problem if you’re in the chain because you then take the loss, not the tax authority. The precedent was established in the European Court of Justice by the case of Belgium vs Kittel (Case C-439/04). Often known as the ‘Kittel Principle’, this ruling can be broken down into three components:

  1. Was there fraudulent evasion of VAT?
  2. Was the transaction ‘connected with’ that fraudulent evasion of VAT?
  3. Did the taxable person know when he entered into the transaction, or should he have known that it was ‘connected with fraudulent evasion of VAT’?

So what test will tax authorities apply to determine if you ‘should have known’? They expect traders to:

…take every precaution which could reasonably be required of them to ensure that their transactions are not connected with fraud.

Its clear you’ll be held liable but this is spectacularly unhelpful in establishing how you ‘should have known’. In the absence of clear guidance, its necessary to apply a risk based approach as you would with any other risk, involving:

  • Identification of high risk areas
  • Risk assessment of new and existing counterparties
  • Ongoing monitoring of accounts and trading
  • Training and awareness
  • Governance

The EU is due to publish generic MTIC guidance any time now and I am currently preparing an MTIC Good Practice Guide for telecoms operators. In the meantime, you might want to consider the following high risk areas:

  • Domestic and international interconnect (voice and data)
  • Terminals (handsets, tablets)
  • Exceptions and non-standard procedures, including MVNOs and roaming
  • Mergers and acquisitions

Initial risk assessments may lead many telecoms operators to conclude they have a minimal, or acceptable, exposure to MTIC Fraud. That may be true at the time of the assessment, but if there’s no awareness of MTIC in the business who will identify risks in new business opportunities or new products and services?

Is MTIC a Risk to My Business?

Anyone who needs convincing about the potential impact of MTIC is unaware of Operation Phuncards-Broker – a telecoms MTIC fraud and money laundering scheme involving €400m VAT. This Italian investigation was taken over by Rome’s anti-Mafia prosecutors when it became apparent the Carabinieri and Guardia di Finanza were investigating the same Panamanian company, Broker Management. The investigation produced 1600 pages of allegations, resulting in 56 arrests. A great summary produced by Professor Richard Ainsworth of Boston University is available here.

In discussions with industry colleagues from Telecom Italia they made the point that the losses were borne by the telecoms operators not the tax authority; the investigation seized assets worth €300m from Telecom Italia and €38m from Fastweb. Plus, the Fastweb CEO spent a year in prison and then time under house arrest until he was acquitted. Fastweb and Telecom Italia were targeted because their trading meant they paid significant amounts of VAT to the Italian tax authority so instead of attracting attention with a VAT repayment, MTIC transactions could be disguised as reductions of output tax payable. You can see below how this worked in practice.

The Phone Cards

This scam involved a trading chain which sold the rights to ‘Phuncard’ phone cards from the USA to Italy, then to UK and onward to the British Virgin Islands.

Phonecards 777

Telefox charges €34m Italian VAT to Web Wizard and CMC, which re-invoice to Fastweb at the same price. Fastweb pays €34m VAT and applies a 7 percent mark-up but charges no VAT to the UK company as this is a zero-rated supply. When Telefox goes missing with €34m the Italian tax authorities recover the loss from Fastweb.

Should Fastweb ‘have known’? First of all, the trading relates only to rights to produce phonecards – there is no evidence that any physical cards existed at any point in the chain. Second, why was there no mark-up on the re-sale to Fastweb and third, why didn’t Telefox (or CMC and Web Wizard) sell to the UK company direct? Fastweb appeared to earn 7 percent just for re-invoicing to UK (too good to be true?) but in reality it was in the chain for one reason only – to fund the MTIC.

The VoIP Fraud

The VoIP fraud involved content from Panama being routed via various companies in Italy, through UK and finally to end users in Tuvalu.

VoIP Fraud 777

The content was passed from Coriano Capital in Panama to Global Telephone Network and Telefox International, then through I-Globe to Fastweb and Telecoms Italia. They passed it from Italy to Acumen, the aggregator in UK and from there it was routed to Tuvalu. When the MTIC traders, Telefox International and Global Telephone Network go missing with €337m, the tax bill ends up with the genuine telecoms operators.

So should they have known? The mere mention of Tuvalu causes most telecoms fraud managers to flinch, but leave that aside for now and look at the other factors. The traffic started off in Panama as VoIP but was converted by I-Globe and passed to Fastweb and Telecom Italia as ‘more reliable’ TDM. Fastweb and Telecom Italia turned TDM back into VoIP and passed it to Acumen in UK. Why was there constant data volumes? What was the reason for the dubious technology swap and why were Fastweb and Telecom Italia even in the chain – why wasn’t the traffic passed direct to Acumen? On the subject of Acumen, how does it look as a counterparty? The VAT of €337m at 20% means Fastweb and Telecom Italia passed traffic with a net service value of €1.7bn (337/20 x 100) to a company with an issued share capital of just £2. And then there’s Tuvalu…

Tuvalu is a group of 9 islands of about 10 square miles (27 square kilometres) and a population of 11,000. The number ranges of Tuvalu and its island neighbours have been abused because of their high termination rates and many have suffered from indiscriminate number range blocking. However, in this case you, as the operator, will have to convince the tax authority that there is a massive market there and a population with 900 internet connections was able to consume €1.7bn of pornography (yes, the licensed ‘content’ was porn) in 3 years; especially tricky considering Tuvalu’s Gross Domestic Product is $38m. Even if economic output was unaffected by a population with an apparent 24 hours a day viewing habit, it would still take 45 years to pay the porn bill.

Should Have Known

It doesn’t look good in hindsight, does it? But how many businesses are currently in similar situations, where they are making a profit on unusual or unexplained traffic and nobody is looking too closely because they’re hitting targets and making bonuses? It stops being profitable when you lose the input tax and get hit with a 100% (or more) penalty.

The global governance and compliance emphasis has changed significantly since Phuncards-Broker but you must still expect the Tax Authorities to dissect MTIC business transactions in retrospect. Will your business records show there was a process to consider MTIC risk and who made the decisions, based on what information and where those decisions are recorded?

Take Action

The MTIC risk doesn’t just relate to VoIP; it is relevant to any wholesale telecoms service. This fraud has made massive profits for organised crime and they’re looking for new partners so take action to make sure that’s not you – assess the risk, get specialist advice, implement controls and document your actions.

David Morrow
David Morrow
Dave has 35 years of law enforcement, investigation and fraud management experience including multiple international assignments. He is a recognised telecoms fraud expert and for a number of years chaired the GSMA workgroup responsible for Security & Fraud Risk Assessments.

Dave now provides fraud management support as an independent consultant.