CRS and charities continued…

Emily DeaneOn 18 August, I attended the latest Charities CRS Working Group meeting, hosted by HMRC. The main issues discussed were as follows:

  • HMRC confirmed that CIOs (charitable incorporated organisations) will be treated in the same way under CRS as other corporate bodies and this will be incorporated into the new guidance.
  • HMRC confirmed that collection of Taxpayer Identification Number (TIN) and date of birth information is on a best-efforts basis if the charity does not already hold the information. A charity should also make best efforts to get a self-certification prior to issuing a grant, however they are not compelled to refuse to give a grant without a self-certification.
  • Charities have an obligation to tell their beneficiaries that their data may be shared, as per Regulation 6. There is no requirement under Data Protection to seek consent from the beneficiaries, since the data is being shared under a legal requirement.
  • HMRC are still reviewing the anti-avoidance measures and they will provide an update when compliance colleagues have been consulted further.
  • HMRC will add further examples to the guidance regarding the definition of ‘indirect beneficiaries’ to help illustrate cases around identifying who is the beneficiary of a grant.

Potential human rights abuses are still a major concern among the charity sector. HMRC are taking into consideration some instances where the exchange of data may not be warranted and could be tantamount to a breach of human rights. HMRC have been collecting examples from the working group in order to increase transparency around this issue and to take on board potential activities of jurisdictions where there are existing concerns around human rights.

The new guidance manual has been published on HMRC’s website and can be viewed via this link:

HMRC also published this Guidance Note for charities in relation to automatic exchange of information.

HMRC intend to host some CRS charity-specific seminars around the country and STEP will flag these events as they arise.

On a broader CRS basis, the HMRC AEOI team is running an educational event aimed at businesses and agents in the small and medium sectors who are affected by AEOI and would like more information. The event will include speakers from agents, industry and HMRC as well as the opportunity for 1‐2‐1 ‘surgeries’ plus small group discussions on due diligence best practice. The event will take place on 7 October 2016 in London. To register an interest in the event please email [email protected]

STEP will continue to attend the periodic working group to discuss ongoing technical issues with HMRC in this connection.

Emily Deane TEP, STEP Technical Counsel

STEP and PCI Compliance

Credit cards

As part of our ongoing work to ensure the safety and security of our members, STEP is currently working towards becoming fully compliant with the latest Payment Card Industry (PCI) Security Standards. This means that we will be making changes to the way we accept payments and handle sensitive information.

What is PCI Compliance?

PCI Compliance is an information security standard for organizations that handle credit card details from the major card schemes including Visa, MasterCard, American Express, Discover, and JCB. It’s designed to ensure that companies have all the correct measures in place to ensure the ongoing security of the card information they handle.

How will the changes affect you?

Whilst the vast majority of changes will affect internal systems and procedures, STEP will be making some changes to the way we accept card payments:

We will now be automatically rejecting any emails sent to us that contain sensitive card information (that includes the card number, expiry date and CVV) please note that direct debit information can still be accepted.

This information is currently being rejected by way of an email reply, however rejecting it before it arrives with us will increase the safety of your card information.

We will no longer be accepting or sending faxes in any form.

Faxes are fast becoming an outdated method of communication. STEP currently receives such a low volume of faxes that the decision has been taken to discontinue this service.

We will no longer be accepting payment over the phone.

STEP have been evaluating PCI compliant telephone payment options, however given the low volume of telephone payments we currently process, we have come to the decision that the most effective way we can ensure your safety is to remove this option.

The Future:

All the changes we are making to our payment procedures are intended to make your experience with STEP fully compliant with the latest PCI Security Standards. We have recently upgraded our online payments to accept payments in GBP, USD, EUR and CHF.

We will continue to review our payment options to ensure we are providing you with the best service possible.

For any further information on PCI Compliance, you can find it here

For any questions relating to payments, please do get in touch, you can reach us by telephone on +44 (0) 203 752 3700, [email protected] and [email protected].


James Harris is STEP’s Information Technology Manager.

Why the Private Client Awards stands out – a judge’s perspective

Sally EdwardsThere are many awards in the financial services sector these days – barely a fortnight goes by that I do not see an article or press release about an award being given to some deserving individual, firm or jurisdiction.

However, the STEP Private Client Awards stands out for two reasons: firstly, the fact that STEP itself represents a recognised quality watermark in our field; and secondly, because the industry understands the rigour of the assessment and judging process for the awards.

It’s worth considering for a moment the first point, being the strength of the STEP brand. STEP membership is an important benchmark for practitioners, and STEP provides quality training sessions and conferences for members, as well as a respected and effective lobbying voice for the industry.

STEP’s reputation is based on rigour and expertise, so the second point about the judging process is hardly surprising, but bears underlining – the STEP awards are meticulously judged through a practitioner-led process, and a serious amount of effort goes into even preparing a shortlist.

So, when asked to be a part of the judging panel for this year’s awards, I was delighted to accept. Having been on the Panel of Experts for a few years, I had an idea of how much work would be required, but even with that experience I was genuinely impressed at how much effort is involved, and how seriously the judging process is taken.

The judges were given a significant amount of ‘homework’ to get through, over and above the meetings at which the shortlists and winners were selected, some after lengthy debate – with real efforts made on the parts of all of the judges to be scrupulously fair.

Having been a part of the judging process and seen it from the other side, I am even more proud of Ogier’s Awards last year, and I am now looking forward even more to next month’s event.

It’s not just a fun evening with a great host, it’s also a good networking event, and from the point of view of a team based in Jersey, a great opportunity to meet face-to-face with some of those who we deal with mainly by phone or email.


Sally Edwards TEP is Head of the Private Client and Trusts Team at Ogier, which won the International Legal Team of the Year in both 2015 and 2012. This year, she is a member of the judging panel for the STEP Private Client Awards.