Regulatory risk differentiation

Regulatory risk differentiation is the process used by a regulatory authority (the regulator - most often a tax administration) to systemically treat entities differently based on the regulator's assessment of the risks of the entity's non-compliance.

[1] See for example the Australian Prudential Regulatory Authority risk differentiation approach known as: PAIRS[2] / SOARS.

[10] The shape of the compliance pyramid indicates: The choice of remedy (e.g. financial penalties, criminal imprisonment) imposed by the regulator becomes increasingly severe higher up the pyramid – with the view of creating an incentive for entities to move towards more compliant behaviours.

[12] In this version of the compliance pyramid, four broad categories of client (called archetypes) were defined by their underlying motivational postures: This approach has been widely adopted, particularly within Australia.

[13] The strength of the model is the regulator being seen to apply the right remedy to the right situation, by taking an entity's apparent motivation (including their efforts to comply) into account.

Regulatory Conversations and the Construction of Identities" July 2008[14] or "The ATO Compliance Model in Action: A Case Study of Building and Construction by Neal Shover, Jenny Job and Anne Carroll"[15] and "Reducing the risk of policy failure: challenges for regulatory compliance"[16] The weakness of the compliance pyramid is that attitudes are generally not visible to the regulator, only behaviours.

This approach has been used by the Australian Prudential Regulatory Authority, the Australian Taxation Office and the UK Pension Regulator[27][28][29] Explicitly considering the likelihood and consequences of an entity possibly breaking a law is a requirement of the UK Statutory Code of Practice for Regulators[30] which emerged from the 2005 Hampton Report "Reducing administrative burdens – effective inspection and enforcement".

In this example of the risk differentiation framework developed by Dr Stuart Hamilton in 2007,[35] the ATO links its strategies to the likelihood and consequences of entities not complying with a law.

This cooperative compliance approach was originally developed by Dr Stuart Hamilton with Jim Killaly and Alice Dobes of the ATO in 1999.

[36] The Cooperative Compliance approach was later adopted by the OECD Forum on Tax Administration as best practice.

[39] In June 2010 the ATO released its revised "Large Business and Tax Compliance" booklet that detailed its approach to risk differentiation in the Large Market[40] In January 2011 the risk differentiation approach was also 'highly commended' in the annual Australian Comcover Risk awards[41] The entire approach is mapped out in the UNSW ATAX 2012 paper 'New dimensions in regulatory compliance' and in the UNSW PhD Thesis: 'Managing Ambiguous Compliance in Highly Skewed Populations' [42] [43] For a whole of taxpayer population risk differentiation framework example see FIGURE 4.

Alternative compliance models
Compliance model used by ATO
The ATO Compliance Model
Generic Tax Compliance Risk Bow-Tie developed by Dr Stuart Hamilton from the ATO
Generic Tax Compliance Risk Bow-Tie used by the ATO
Scatterplot of likelihood and consequences of entities breaking a law
Scatterplot of ratings of risk of entities breaking a law
Overlaying detection strategies onto risk matrix
ATO risk matrix
The same overlay with more detail
Detailed ATO risk matrix
Bowtie approach׀Aligning risk management steps with the bow-tie and risk differentiation