52018PC0813

EUROPEAN COMMISSION

Brussels, 12.12.2018

COM(2018) 813 final

2018/0413(CNS)

Proposal for a

COUNCIL REGULATION

amending Regulation (EU) No 904/2010 as regards measures to strengthen administrative cooperation in order to combat VAT fraud

EMPTY

EXPLANATORY MEMORANDUM

1.CONTEXT OF THE PROPOSAL

•Reasons for and objectives of the proposal

This proposal is part of the package of legislation on the mandatory transmission and exchange of VAT-relevant payment information. The context of the package as a whole is set out comprehensively in the explanatory memorandum of the proposal for a Council Directive amending Directive 2006/112/EC as regards introducing certain requirements for payment service providers 1 .

The proposal to amend Regulation (EU) No 904/2010 on administrative cooperation and fighting fraud in the field of value added tax 2 is an important part of the package. This is because the proposal lays down rules for the Member States to collect in a harmonised way the records made electronically available by the payment service providers pursuant to Article 243(b) of the VAT Directive. Furthermore, the proposal sets up a new central electronic system for the storage of the payment information and for the further processing of this information by anti-fraud officials in the Member States within the Eurofisc framework. Eurofisc is the network for the multilateral exchange of early-warning signals to fight VAT fraud, established pursuant to Chapter X of Regulation (EU) No 904/2010.

2.LEGAL BASIS, SUBSIDIARITY AND PROPORTIONALITY

•Legal basis

The legal basis for this initiative is Article 113 of the Treaty on the Functioning of the European Union (TFEU). This Article provides for the Council, acting unanimously in accordance with a special legislative procedure, to adopt provisions for the harmonisation of Member States’ rules in the area of indirect taxation to the extent that such harmonisation is necessary to ensure the establishment and functioning of the single market and to avoid distortion of competition.

•Subsidiarity

This initiative is consistent with the principle of subsidiarity, as the main problem at stake, e-commerce VAT fraud, is common to all Member States and is exacerbated by the insufficient tools at the disposal of tax authorities. Member States alone are not able to obtain from third parties such as payment service providers the information necessary to control VAT cross-border supplies of goods and services, ensure that the e-commerce VAT rules are correctly applied and tackle e-commerce VAT fraud.

In particular, the objective of exchanging cross-border payment information in order to fight e-commerce VAT fraud cannot be achieved by Member States alone (because they lack the legal basis to collect information in another jurisdiction) not by inter-connecting national electronic systems through an electronic interface. In fact, such a system would not be able to aggregate payment information from different payment service providers on the same payee and recognise double records on the same payments. Nor would such system be able to provide a full overview of payments received by the payees from payers in the Union.

A central European system for the collection and exchange of payment data is the most effective way to give tax authorities a complete view to control compliance with VAT rule on e-commerce and fight VAT fraud. Any initiative to introduce new tools for cooperation that are targeted at the problem requires a proposal by the Commission to amend Council Regulation (EU) No 904/2010.

•Proportionality

The initiative does not go beyond what is necessary to meet the objective of fighting e-commerce VAT fraud. In particular, in terms of data protection, the processing of payment information complies with the principles of necessity (only the information necessary to achieve the objective of combating e-commerce VAT fraud is processed) and proportionality (the type of information and the way it is processed by the anti-fraud experts of tax authorities do not exceed the limits of what is appropriate to achieve the objective of fighting e-commerce VAT fraud), and is in line with the General Data Protection Regulation 3 , Regulation (EU) 2018/1725 4 and the Charter of Fundamental Rights 5 .

The safeguards laid down under Regulation (EU) No 904/2010 and the European framework on data protection will apply to the exchange of payment information under the present proposal. For the assessment of the necessity and proportionality principles, it should be first noted that the collection, exchange and analysis of VAT-relevant information has as its objective the fight against e-commerce VAT fraud. This is well documented by the stakeholder consultation, in which the tax authorities stressed the need for payment information to fight e-commerce VAT fraud effectively. The respondents to the public consultations (individuals and businesses) also confirmed that payment information is necessary to help tax authorities fight e-commerce VAT fraud (as long as the information on consumers is kept confidential). In addition, only information related to potential e-commerce VAT fraud would be sent to the tax authorities and exchanged between them. This means that only the information necessary to detect potential fraudsters established outside the Member State of consumption would be exchanged (i.e. no information about domestic payments will be exchanged). This information would include the number of payment transactions made, the date of the payment transactions, and the information on where — in principle — the place of taxation should be. It is not necessary to exchange any information identifying people who make payments online (i.e. consumers), apart from information on the origin of the payment (e.g. the location of the bank used to make the payment, which is necessary to establish the place of taxation). Therefore, it would not be possible to use the payment information to monitor the purchasing habits of consumers.

A central electronic system of payment information (‘CESOP’) would be set up. It will allow Member States to transmit payment information they store at national level, helping to effectively fight e-commerce VAT fraud. CESOP would be able to aggregate per payee all VAT-relevant payment information transmitted by the Member States, and it would allow the creation of a complete overview of payments received by the payees (i.e. the businesses) from payers (i.e. the consumers making purchases online) in the EU. CESOP would recognise any multiple recording of the same payment transaction, clean the information received by the Member States (i.e. remove duplicates, correct or report errors, etc.), allow Eurofisc liaison officials to crosscheck payment data with VAT information exchanged under Regulation (EU) No 904/2010, and retain the information only for the period necessary for tax authorities to carry out VAT controls. CESOP would only be accessible to Eurofisc liaison officials from the Member States, and the only purpose for which CESOP would allow enquiries is for investigations into suspected or detected VAT fraud.

In terms of storage, CESOP would guarantee the appropriate level of security in line with the rules governing the processing of personal information by the Union’s Institutions.

The exchange of information between tax authorities would exclusively take place within the Eurofisc network. The central electronic system will be accessible only to Eurofisc liaison officials. Access to CESOP would be regulated through use of a user identifier, and the system would keep track of any access. Furthermore, information would be retained on CESOP for only 2 years to allow Member States a reasonable period of time to carry out VAT audits. The information would then be erased after 2 years.

The system would not have an interface with the internet, as payment service providers would submit their information to national authorities. The exchanges of information among national tax authorities would take place through the secure common communication network, which supports all exchanges of information between tax and customs authorities, and provides all the necessary security features (including encryption of information).

Fighting VAT fraud is an important objective of general public interest of the Union and of the Member States, as referred to in Article 23(1)(e) of the General Data Protection Regulation and in Article 20(1)(b) of Regulation (EU) 2018/1725. In order to safeguard that important objective and the effectiveness of tax authorities in pursuing that objective, the restrictions laid down in article 55(5) of Regulation (EU) No 904/2010 will apply to CESOP.

•Choice of the instrument

Since this proposal amends Regulation (EU) No 904/2010, it also has to be a regulation.

3.RESULTS OF EX-POST EVALUATIONS, STAKEHOLDER CONSULTATIONS AND IMPACT ASSESSMENTS

•Ex-post evaluations

The current proposal is supported by an evaluation of Regulation (EU) No 904/2010, in particular its sections focusing on its use in the field of e-commerce VAT fraud 6 . The result of the ex-post evaluation is explained in the explanatory memorandum of the proposal to amend the VAT Directive.

4.BUDGETARY IMPLICATIONS

The budgetary implications are set out in detail in the explanatory memorandum of the proposal for a Council Directive amending Directive 2006/112/EC as regards introducing certain requirements for payment service providers.

5.OTHER ELEMENTS

•Implementation plans and monitoring, evaluation and reporting arrangements

The Eurofisc reports and the annual statistics of the Member States are presented and discussed in the Standing Committee on Administrative Cooperation 7 in accordance with Article 49 of Regulation (EU) No 904/2010. The Standing Committee is chaired by the European Commission. In addition, the Commission will seek to obtain from Member States any relevant information on the functioning of the new system and on fraud. Where relevant, coordination will be ensured within the Fiscalis Committee (this committee has still not yet been set up under the new Fiscalis programme 8 ).

Regulation (EU) No 904/2010 and Directive 2006/112/EC already lay down rules for periodic Commission evaluations and reporting. Therefore, in line with these existing obligations, every 5 years, the Commission will report to the European Parliament and the Council on the functioning of the new administrative cooperation tool, pursuant to Article 59 of Regulation (EU) No 904/2010.

Furthermore, every 4 years the Commission will report to the European Parliament and the Council on the operation of the new VAT obligations imposed on payment service providers pursuant to Article 404 of Directive 2006/112/EC. The Commission will ensure that the two reports are coordinated and built on the same findings.

•Detailed explanation of the specific provisions of the proposal

In Article 2, new definitions are added to align the exchange of payment information with the terminology used in Directive (EU) 2015/2366 9 (PSD2) on payment services in the internal market.

Section 2 is added to Chapter V to introduce a new central electronic system of payment information (CESOP) to be developed by the Commission. Furthermore, an obligation has been added for the Member States to collect the records made electronically available from payment service providers pursuant to Article 243b of the VAT Directive. To keep the administrative burden of payment service providers to a minimum, under Article 24b(2)(b) a common electronic format to collect these records will have to be adopted through implementing acts. The competent authorities (under the meaning of Regulation (EU) No 904/2010) of the Member States will have to transmit to CESOP the information they collect from the payment service providers established in their own Member State every quarter. The Member States can appoint any national department of the tax authority to collect the payment information from the payment service providers in accordance with the proposed Article 24b(1) and (2). However, only the competent authority under the meaning of Regulation (EU) No 904/2010 can transmit the information to the CESOP (Article 24b(3)).

CESOP will correct formal mistakes in the transmitted information (cleansing) and aggregate the overall payment information transferred by the competent authorities of the Member States per payee (recipient of the funds). Then CESOP will analyse the information (e.g. matching payment information with VAT information available to Eurofisc officials) and will allow Member States’ Eurofisc liaison officials to have a complete overview of the payments received by given payees. In particular Eurofisc liaison officials will be able to see whether the payments received by a given payee in a given period exceed EUR 10 000 across the Member States. The EUR 10 000 threshold on intra-EU supplies has been introduced by the VAT e-commerce Directive as from 2021 10 . When the total annual intra-EU turnover of a given supplier is exceeded, the place of supply is in the Member States of consumption.

The storage period of the information in CESOP will be 2 years. This retention period is proportional, considering the right balance between the need of tax authorities to fight e-commerce VAT fraud, the high volume of information to be stored in CESOP, and the sensitivity of the payment information stored in the system.

The information on incoming payments will allow Member States to detect domestic suppliers selling goods and services abroad without fulfilling their VAT obligations. Information on outgoing payments will allow the detection of suppliers established abroad (either in another Member State or outside the Union) that should pay VAT in a given Member State.

It will take at least 3 years to set up CESOP. During this time, the Commission and the Member States in the Standing Committee on Administrative Cooperation would have to work on a number of technical details listed in Article 24e. This Article grants the Commission the power to adopt an implementing Regulation containing the technical measures to, among other, establish and maintain the system as well as manage it. For the purpose of this article, maintaining the system must be understand as regarding the technical and performance requirements (mostly relevant for IT purposes) to set up the system, to ensure maintenance work, to set up standards for inter-operability with Member States, and other similar measures. The management is a business process related to the monitoring of the system’s performance and lifecycle. For example, the Commission may take the decision to update the system, to migrate it, to generate performance reports, control accesses, etc.

The Commission would bear the costs for the development and maintenance of CESOP as well as the costs of maintaining the connection between CESOP and Member States’ national systems, while the Member States would bear the costs of all necessary developments to their national electronic system. More details are in the financial fiche and in Section 4 of the explanatory memorandum of the proposal for a Council Directive amending Directive 2006/112/EC as regards certain value added tax obligations for certain taxable persons, as part of this package.

Because of these investments and running costs, and because the system will be used by Eurofisc liaison officials, an additional subparagraph is added in Article 37 to introduce a new reporting obligation in the Eurofisc annual report for Member States and the Commission to assess whether the system leads to additional VAT assessed and collected, or to specific VAT controls.

The new paragraph 1a of Article 55 clarifies that payment information cannot be used by the Member States for establishing the assessment base, collecting VAT, or conducting administrative VAT controls unless the payment information has been cross-checked with other information available to the tax authorities. Finally, the restrictions to data-protection obligations and rights in accordance with Article 55(5) of Regulation (EU) No 904/2010 will apply to the CESOP

These restrictions are needed to avoid disproportionate effort by the Member States and the Commission that would render impossible the legal task of (i) the tax authorities to analyse and process the information to fight e-commerce VAT fraud, and (ii) the Commission to manage the system.

2018/0413 (CNS)

Proposal for a

COUNCIL REGULATION

amending Regulation (EU) No 904/2010 as regards measures to strengthen administrative cooperation in order to combat VAT fraud

THE COUNCIL OF THE EUROPEAN UNION,

Having regard to the Treaty on the Functioning of the European Union, and in particular Article 113 thereof,

Having regard to the proposal from the European Commission,

After transmission of the draft legislative act to the national parliaments,

Having regard to the opinion of the European Parliament 11 ,

Having regard to the opinion of the European Economic and Social Committee 12 ,

Acting in accordance with a special legislative procedure,

Whereas:

(1)Council Regulation (EU) No 904/2010 13 inter alia lays down rules on the storage and exchange of specific information through electronic means.

(2)The growth of electronic commerce (‘e-commerce’) facilitates the cross-border supply of goods and services to final consumers in Member States. In this context a cross-border supply refers to situations where the VAT is due in a Member State and the supplier is established in another Member State, or in a third country or third territory. However, fraudulent businesses, established either in one Member State or in a third country or in a third territory, exploit e-commerce opportunities in order to gain unfair market advantages by evading their VAT obligations. Where the principle of taxation at destination applies, because consumers have no accounting obligations, the Member States of consumption need appropriate tools to detect and control these fraudulent businesses.

(3)The traditional cooperation to combat VAT fraud is done between Member States tax authorities and is based on records held by the businesses directly involved in the taxable transaction. In cross-border business-to-consumers’ supplies, typical within the field of e-commerce, this information may not be directly available and thus new tools are necessary for tax authorities to tackle cross-border e-commerce VAT fraud in an effective way.

(4)In the vast majority of cross-border online purchases made by European consumers, payments are executed through payment service providers. In order to execute a payment transaction, a payment service provider holds specific information in order to identify the recipient or payee of that cross-border payment together with details of the amount and date of the payment transaction and the Member State of origin of the payment. This information is necessary for tax authorities to carry out their basic tasks to detect fraudulent businesses and to determine VAT liabilities in relation to cross-border business-to-consumers’ supplies. It is therefore necessary and proportionate that the VAT-relevant information, held by a payment service provider, is made available to the tax authorities of the Member States and that Member States exchange this information to identify and combat e-commerce VAT fraud.

(5)Therefore giving tax authorities the tools to access and exchange this VAT-relevant information in relation to cross-border payments, whether they are made to businesses or consumers, is a necessary and proportionate measure to fight effectively against e-commerce VAT fraud. These tools are essential as tax authorities need this information for VAT control purposes, to protect public revenues but also legitimate businesses in the Member States which in turn protects employment and European citizens.

(6)It is important that the processing and exchange of information between Member States, relating to payment transactions, should be proportionate to the objective of fighting e-commerce VAT fraud. Therefore, information on consumers or payers and on payments not likely to be connected to economic activities should not be collected by, and exchanged between the tax authorities of the Member States.

(7)The record-keeping obligations of payment service providers in Directive 2006/112/EC 14 require national competent authorities to collect, exchange and analyse the information relating to payment transactions.

(8)A central electronic information system ‘CESOP’ where Member States transmit payment information they store at national level, would achieve the objective of fighting e-commerce VAT fraud more effectively. This system should aggregate, in relation to individual payees, all VAT relevant information regarding payment transactions transmitted by Member States and should allow for a full overview of payments received by payees from payers located in the Member States. Furthermore, this information system should recognise multiple records from the same payment transactions, clean the information received from the Member States (e.g. remove duplicates, correct error in data, etc.) and permit Eurofisc liaison officials of Member States to cross-check payment data with the VAT information they dispose of and make enquiries for the purpose of an investigation into suspected VAT fraud or to detect VAT fraud.

(9)Taxation is an important objective of general public interest of the Union and of the Member States and this has been recognised in relation to the restrictions that may be imposed on the obligations and rights under Regulation (EU) 2016/679 of the European Parliament and of the Council 15 and in respect of the protection of information under Regulation (EU) 2018/1725 of the European Parliament and of the Council 16 . Limitations in relation to data protection rights are necessary due to the nature and volume of that information which originates from payment service providers and should be based on the specific and predefined conditions and details laid down in Articles 243b to 243d of Directive 2006/112/EC.

(10)Therefore, it is necessary to apply restrictions to the data subject rights in accordance with paragraph 5 of Article 55 of Regulation (EU) No 904/2010. In fact, the full application of the rights and obligations of the data subjects would seriously undermine the effectiveness of the fight against e-commerce VAT fraud and might allow the data subjects to obstruct ongoing analysis and investigations due to the massive volume of information sent by the payment service providers and the possible proliferation of requests from data subjects to the Member States, the European Commission or both. This would impede the effectiveness of the system and the capacity of tax authorities to pursue the objective of this Regulation by jeopardising enquiries, analysis, investigations and procedures carried out in accordance with this Regulation. Therefore, the objective of fighting VAT fraud cannot be achieved by other less restrictive means of equal effectiveness. Furthermore, these restrictions respect the essence of the fundamental rights and freedom and are necessary and proportionate measures in a democratic society.

(11)The exchange of payment data between tax authorities is crucial to combat fraud effectively. Only the Eurofisc liaison officials should process the payment information and only with the objective of fighting VAT fraud. That information should not be used for other purposes than the ones established by this Regulation, such as for commercial purposes.

(12)However, it is important, in order to safeguard the rights and obligations under Regulation (EU) 2016/679, that information in relation to payment transactions should not be used for automated profiling and should always be verified by reference to other tax information available to the tax authorities of the Member States.

(13)It is necessary and proportionate that payment service providers retain records of the information in relation to payment transactions for a two-years period to assist Member States fight e-commerce VAT fraud and detect fraudsters. This period constitute the minimum necessary for Member States to carry out controls effectively and investigate into suspected VAT fraud or detect VAT fraud, and it is proportionate considering the massive volume of the payment information and its sensitivity in terms of protection of personal data.

(14)Each Member States’ Eurofisc liaison officials should be able to access and analyse the information in relation to the payment transactions for the purpose of fighting VAT fraud. Duly accredited persons of the Commission should access the information only for the purpose of developing and maintaining the central electronic information system. Both groups of users should be bound by the confidentiality rules laid down in this Regulation.

(15)As the implementation of the central electronic information system will require new technological developments, it is necessary to defer the application of this Regulation to allow Member States and the Commission to develop these technologies.

(16)E-commerce VAT fraud is a common problem for all Member States. Member States alone do not have the information necessary to ensure that the e-commerce VAT rules are correctly applied and to tackle e-commerce VAT fraud. Since the objective of this Regulation, the fight against e-commerce VAT fraud, cannot be sufficiently achieved by the Member States because of the cross-border nature of the e-commerce but can be better achieved at Union level, the Union may adopt measures, in accordance with the principle of subsidiarity as set out in Article 5 of the Treaty on European Union. In accordance with the principle of proportionality, as set out in that Article, this Regulation does not go beyond what is necessary in order to achieve that objective.

(17)This Regulation respects the fundamental rights and observes the principles recognised by the Charter of Fundamental Rights of the European Union. In particular, this Regulation seeks to ensure full respect of the right of protection of personal data lay down in article 8 of the Charter. In that regard, this Regulation strictly limits the amount of personal data that will be made available to the tax authorities. The processing of payment information pursuant to this Regulation should only occur for the purpose of countering e-commerce VAT fraud. The payment data transmitted and exchanged should be processed only by the Eurofisc liaison officials of tax authorities within the limits of what is appropriate to achieve the objective of fighting e-commerce VAT fraud.

(18)The European Data Protection Supervisor was consulted in accordance with paragraph 1 of Article 42 of Regulation (EU) 2018/1725 and delivered an opinion on… 17

(19)Regulation (EU) No 904/2010 should therefore be amended accordingly,

HAS ADOPTED THIS REGULATION:

Article 1
Amendments to Regulation (EU) No 904/2010

Regulation (EU) No 904/2010 is amended as follows:

(1)in Article 2, the following points (s) to (v) are added:

‘(s) ‘payment service provider’ means a body listed in points (a) to (f) of paragraph 1 of Article 1 of Directive (EU) 2015/2366 of the European Parliament and of the Council(*) or a natural or legal person benefiting from an exemption in accordance with Article 32 of that Directive;

(t)’payment transaction’ means an act defined in point 5 of Article 4 of Directive (EU) 2015/2366;

(u)‘payer’ means a natural or legal person as defined in point 8 of Article 4 of Directive (EU) 2015/2366;

(v)‘payee’ means a natural or legal person as defined in point 9 of Article 4 of Directive (EU) 2015/2366.

(*) Directive (EU) 2015/2366 of the European Parliament and of the Council of 25 November 2015 on payment services in the internal market, amending Directives 2002/65/EC, 2009/110/EC and 2013/36/EU and Regulation (EU) No 1093/2010, and repealing Directive 2007/64/EC (OJ L 337, 23.12.2015, p. 35)’

(2)CHAPTER V is amended as follows:

(a)the title of Chapter V is replaced by the following:

‘COLLECTION, STORAGE AND EXCHANGE OF SPECIFIC INFORMATION’;

(b)the following heading Section 1 is inserted:

‘SECTION 1

Automated access to specific information stored in national electronic systems’;

(c)the following heading Section 2 is inserted after Article 24:

‘SECTION 2

Collection of specific information and central electronic system’;

(d)the following Articles 24a to 24f are inserted:

‘Article 24a

The Commission shall develop, maintain, host and manage a central electronic system of payment information (‘CESOP’) for the purpose of investigations into suspected VAT fraud or to detect VAT fraud.

Article 24b

1.Each Member State shall collect and store in a national electronic system the information on the payees and the payment transactions referred to in Article 243b of Directive 2006/112/EC(*).

2.Each Member State shall collect the information referred to in paragraph 1 from payment service providers:

(a)no later than ten days after the expiry of the calendar quarter to which the information relates;

(b)by means of an electronic standard form.

3.The competent authority of each Member State shall transmit the information referred to in paragraph 1 to CESOP no later than fifteen days after the expiry of the calendar quarter to which the information relates.

________________________________________________________________

(*) Council Directive 2006/112/EC of 28 November 2006 on the common system of value added tax (OJ L 347, 11.12.2006, p. 1).

Article 24c

1.The Commission shall ensure that CESOP has the following capabilities:

(a)to store the information transmitted in accordance with paragraph 3 of Article 24b;

(b)to aggregate the information stored, in accordance with point (a), in respect of each individual payee;

(c)to analyse the information stored, in accordance with points (a) and (b), together with the relevant targeted information communicated or collected pursuant to this Regulation;

(d)to make the information referred to in points (a), (b) and (c) accessible to Eurofisc liaison officials referred to in paragraph 1 of Article 36.

2.CESOP shall retain the information referred to in points (a) and (b) of paragraph 1 for a maximum period of two years from the expiry of the year when the information was transferred into the system.

Article 24d

The Commission shall grant access to information stored in CESOP to Eurofisc liaison officials, who hold a user identifier for CESOP, where the information is required for the purpose of investigations into suspected VAT fraud or to detect VAT fraud.

Article 24e

The following measures, tasks, technical details, format of the standard electronic form, information elements, practical arrangements and security procedure shall be adopted in accordance with the procedure provided for in paragraph 2 of Article 58:

(a)the technical measures for establishing and maintaining CESOP;

(b)the tasks of the Commission in managing CESOP;

(c)the technical details of the infrastructure and tools required to guarantee the connection and overall operability between the national electronic systems referred to in Article 24b and CESOP;

(d)electronic standard forms referred to in point (b) of paragraph 2 of Article 24b;

(e)the information and the technical details concerning the access to the information referred to in point (d) of paragraph 1 of Article 24c;

(f)the practical arrangements to identify the Eurofisc liaison official who will have access to CESOP in accordance with Article 24d;

(g)the procedure to ensure that the appropriate technical and organisational security measures are in place, both at the time CESOP is developed and at the time information is processed in CESOP.

Article 24f

1.The costs of establishing, operating and maintaining CESOP shall be borne by the general budget of the Union. These costs shall include those of the secure connection between CESOP and Member States’ national systems, and also the services necessary to carry out the capabilities which are listed in paragraph 1 of Article 24c.

2.Member States shall bear the costs of and shall be responsible for all necessary developments to their national electronic system, referred to in paragraph 1 of Article 24b.’

(3)in Article 37, the following subparagraph is added:

‘The annual report shall at a minimum indicate in detail in relation to each Member State the number of controls carried out and the additional VAT assessed and collected as a result of the information processed pursuant to Article 24d.’

(4)in Article 55, the following paragraph 1a is inserted:

‘1a. The information referred to in Section 2 of Chapter V shall only be used for the purposes referred to in paragraph 1, where it has been verified by reference to other VAT information available to the competent authorities of the Member States.’

Article 2

This Regulation shall enter into force on the twentieth day following that of its publication in the Official Journal of the European Union.

It shall apply from 1 January 2022.

This Regulation shall be binding in its entirety and directly applicable in all Member States.

Done at Brussels,

For the Council

The President

(1) Council Directive 2006/112/EC of 28 November 2006 on the common system of value added tax (OJ L 347, 11.12.2006, p. 1).

(2) Council Regulation (EU) No 904/2010 of 7 October 2010 on administrative cooperation and combating fraud in the field of value added tax (OJ L 268, 12.10.2010, p. 1).

(3) Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) (Text with EEA relevance) (OJ L 119, 4.5.2016, p. 1).

(4) Regulation (EU) 2018/1725 of the European Parliament and of the Council of 23 October 2018 on the protection of natural persons with regard to the processing of personal data by the Union institutions, bodies, offices and agencies and on the free movement of such data, and repealing Regulation (EC) No 45/2001 and Decision No 1247/2002/EC (OJ L 295, 21.11.2018, p. 39).

(5) Charter of Fundamental Rights of the European Union (OJ C 326, 26.10.2012, p. 391).

(6) See attached Impact assessment, Annex 3, Section 4

(7) The Standing Committee on Administrative Cooperation (SCAC) is composed of Member States representatives and chaired by the Commission. The SCAC is responsible for the implementation of Regulation (EU) No 904/2010.

(8) Proposal for a Regulation of the European Parliament and of the Council establishing the 'Fiscalis' programme for cooperation in the field of taxation (COM(2018) 443 final), Article 18.

(9) Directive (EU) 2015/2366 of the European Parliament and of the Council of 25 November 2015 on payment services in the internal market, amending Directives 2002/65/EC, 2009/110/EC and 2013/36/EU and Regulation (EU) No 1093/2010, and repealing Directive 2007/64/EC (Text with EEA relevance) (OJ L 337, 23.12.2015, p. 35).

(10) Council Directive (EU) 2017/2455 of 5 December 2017 amending Directive 2006/112/EC and Directive 2009/132/EC as regards certain value added tax obligations for supplies of services and distance sales of goods (OJ L 348, 29.12.2017, p. 7)

(11) OJ C,, p. .

(12) OJ C,, p. .

(13) Council Regulation (EU) No 904/2010 of 7 October 2010 on administrative cooperation and combating fraud in the field of value added tax (OJ L 268, 12.10.2010, p. 1).

(14) Council Directive 2006/112/EC of 28 November 2006 on the common system of value added tax (OJ L 347, 11.12.2006, p. 1).

(15) Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) (OJ L 119, 4.5.2016, p. 1).

(16) Regulation (EU) 2018/1725 of the European Parliament and of the Council of 23 October 2018 on the protection of natural persons with regard to the processing of personal data by the Union institutions, bodies, offices and agencies and on the free movement of such data, and repealing Regulation (EC) No 45/2001 and Decision No 1247/2002/EC (OJ L 295, 21.11.2018, p. 39).

(17) OJ C […], […], p. […].