New measures to combat fraud in the field of VAT and obligations of the banks which are members of the Association of Cyprus Banks. 

As of 01/01/2024, the new legislative measures of the European Commission will apply, which aim to combat fraud in the field of VAT in cases of cross-border e-commerce carried out by sellers established in another Member State or in a third country. 

These measures are implemented at European Union (EU) level through Directive (EU) 2020/284 amending Directive 2006/112/EC as regards laying down certain requirements for payment service providers and through Regulation (EU) 2020/283 amending Regulation (EU) 904/2010 as regards measures to strengthen administrative cooperation to combat fraud in the field of VAT. 

These measures oblige authorised credit institutions ('ACIs' or 'Banks') and other payment service providers to submit information to tax authorities on beneficiaries of cross-border payments in relation to cross-border payments originating in Member States. 

Are the new measures to combat fraud in the field of VAT in Cyprus implemented? 

The implementation of the measures in Cyprus is based on the following: 

1. Regulation (EU) 2020/283, like all European Union Regulations, is binding and directly and simultaneously applicable in all EU Member States. 

1. Cyprus, as a member state of the European Union, must comply with Directive 2020/284/EU and this is expected to be done through an amendment of the Value Added Tax Law and through the issuance of the Value Added Tax (Obligations of Payment Service Providers) Regulations by the Council of Ministers.    

As a result, licensed credit institutions and other payment service providers in Cyprus are required to collect information and submit it quarterly on an automatic basis, to the competent tax authorities (in the case of Cyprus to the Tax Department).  The tax authorities will then forward the relevant information to a European database, the Central Electronic Payment Information System (CESOP), where it will be stored, compiled and cross-checked with other European databases.  Access to CESOP will be available to the competent authorised officers of the tax departments of each Member State through a network called Eurofisc. 

Who falls under the new measures to combat fraud in the field of VAT in Cyprus? 

The new measures apply to all authorised credit institutions and other payment service providers offering payment services within the European Union.  The submission of information concerns information on the identification of beneficiaries of cross-border payments (natural and legal persons) who receive more than 25 cross-border payments per trimester, and details on the date, amount and Member State of origin of the payment. 

What do the new measures to combat VAT fraud mean for customers of the member banks of the Association? 

For those making a payment from Cyprus to a beneficiary in another Member State, as of 1 January 2024, the beneficiary's payment service provider will submit information about the beneficiary and each transaction (if the beneficiary receives more than 25 cross-border payments per trimester). 

For those making a payment from Cyprus to a beneficiary in a third country, as of 1 January 2024, the payer's payment service provider will submit information about the beneficiary and each transaction (if the beneficiary receives more than 25 cross-border payments per trimester).

For those receiving a payment in Cyprus (beneficiary) from a payer from another Member State, the beneficiary's payment service provider will submit information about the beneficiary and each transaction (if the beneficiary receives more than 25 cross-border payments per trimester).

Information on the Protection of Personal Data

Concerning the natural persons who fall under the new measures, the Banks will process the necessary data on the basis of the principles of the European General Data Protection Regulation 2016/679 and the relevant national legislative framework for the protection of personal data. Personal data will be processed in a way that safeguards, inter alia, the principles of legality, purpose, transparency, integrity, security and proportionality. Only information on payments that may be linked to an economic activity will be transmitted to the tax authorities. Information on consumers and on the reasons on which the payment is based shall not form part of the transmission. 

Banks are obliged to process the necessary data to comply with the legal obligations imposed on them by Regulation (EU) 2020/283, Directive 2020/284/EU and the relevant national Legislation and Regulations. 

Further information on the processing of personal data by the Banks, the rights of the data subjects and other important information regarding the use of data by the Banks is contained in the individual 'Privacy Statements' of the Banks, which are available on their websites. 

The first submission of information will take place in 2024 and will concern cross-border payments made between 01/01/2024 and 31/03/2024. 

Payment service providers will be subject to penalties for non-compliance, as determined by applicable law. 

The Cyprus Bans Association and its members do not provide tax advice.  Those who need more information are encouraged to contact their tax advisor.  Useful information can be found on the European Commission's website: https://taxation-customs.ec.europa.eu/taxation-1/central-electronic-system-payment-information-cesop_en