EY | Assurance | Tax | Transactions | Advisory

About EYEY is a global leader in assurance, tax, transaction and advisory services.The insights and quality services we deliver help build trust and confidencein the capital markets and in economies the world over. We developoutstanding leaders who team to deliver on our promises to all of ourstakeholders. In so doing, we play a critical role in building a better workingworld for our people, for our clients and for our communities.

EY refers to the global organization, and may refer to one or more, of themember firms of Ernst & Young Global Limited, each of which is a separatelegal entity. Ernst & Young Global Limited, a UK company limited byguarantee, does not provide services to clients. For more information aboutour organization, please visit ey.com.

Ernst & Young LLP is a client-serving member firm ofErnst & Young Global Limited operating in the US.

© 2016 Ernst & Young LLP.All Rights Reserved.

SCORE No. CK0984BSC No. 16010-2085514

ED None

ey.com

FATCAcontrol andcompliance

Ernst & Young LLP contacts

Neil BrombergAdvisFATCA Advisory Leader+1 212 773 9011neil.bromberg@ey.com

ory Principal

Tara FerrisTax Principal+1 212 360 9597tara.ferris@ey.com

Paul FrascoAdvisory Senior ManagerBanking & Capital Markets+1 212 773 9037paul.frasco@ey.com

Mike Weinberg AdvisoryPrincipal Banking &Capital Markets+1 212 773 2355mike.weinberg@ey.com

Terence CardewTax PartnerFATCA Tax Leader+1 212 773 3628terence.cardew@ey.com

John StaplesTax Principal+1 202 327 5662john.staples@ey.com

Justin O’BrienTax PrincipalInformation Reporting+1 212 773 4767justin.obrien@ey.com

Critical transition for FATCA Why EY?EY’s service offerings

Consequence of noncomplianceOrganizationsthat fail to comply with the new FATCA regulationsexposethemselves to the following risks:

• Significant reputational risk, as failings in a single jurisdiction orbusiness unit may place overall compliance at risk

• Financial risks of underwithholdingpenalties, particularly for entitiesoperating as USWAs

• Competitive disadvantage of being subject to 30% FATCA withholdingtax and limited ability to do business with compliant financialinstitutions

• Customer/investor relationship issues stemming from incorrectclassification, burdensome documentation procedures and/orwithholding

What this means for your organizationBoth non-US and US-based financial institutionshave invested significanttime, effort and resources into FATCA compliance. Actionsto evaluatethe effectivenessof systems and processesand build the surroundingcontrol and compliance infrastructure are essentialnext steps indemonstrating compliance to regulators, management and clients. Youwill need to:

• Effect testing to demonstrate compliance with the regulations and theeffectiveness of internal controls

• Identify areas of process weakness and develop programs for ongoingprocess improvement

• Confirm the compliance of vendors performing essential paymentprocessing, tax reporting, or customer tax withholding functions.

Focus areas of our assessmentsEffectiveness of design• Do the documented procedures, technical specifications, and training

support an effective balance between prevention and detectioncontrols?

• Does the design meet both the requirements of FATCA in the respectivejurisdiction (IGAModel 1, IGA Model 2, Non-IGA) and the establishedcorporate policy and risk profile?

Operational effectiveness• Were the solutions implemented as intended and are they operating

effectively, especially in cases where automationwas minimalandheavy reliance was placed on trainingand education?

Effective ongoing compliance and testing strategy• Are strategic or tactical approaches in place for providing certifications

of compliance on an ongoing basis with sufficient evidence thatcontrols are operating and failures to withhold have been identifiedtimely?

Our teams leverage a deep background in FATCA, risk and controls, andtestingto support your organization in evaluating the effectivenessof internalcontrol systemsand improve risk and compliance management practices.

Our service offerings are intended to support your organization in any phaseof your FATCA program from evaluation of the current state controls, toprocesses and procedures redesign and remediation.

• Control and compliance infrastructure: Support the development anddocumentationof the control and compliance infrastructure, includingestablishing risk and control minimum standards and developingongoingcompliance testing programs to support RO certifications

• FATCA health check: Executionof a point-in-timeassessment of thedesign and operational effectivenessof the processesand systemssupporting FATCA compliance

• Third-party testing: Services customized to meet your internal controlreporting needs to meet customer requests, commonly referred to asService Organization Control Reports (SOC)

• Internal audit co-sourcing: Training, educationand audit executionthrough co-source or full outsource

• Beyond FATCA: Beyond FATCA our teams have the capabilitiesand tools to extend our assessments and controls designs to thefull scope of tax information reporting and withholdingrequirements including Ch3, Ch61, and CRS

Our teams of cross-functional resources comprise advisory, assurance, andtax resourcesto bring deep technical knowledge and an approach tailored toyour business footprint. AlthoughFATCA is a tax law, it createscomplex challengesand impacts processesacross the organization requiringspecialized knowledge:

• Onboardingand Know Your Customer (KYC)/Anti-Money Laundering (AML)

• Tax reporting, withholdingand compliance

• Customer data and document management

• Payment processing

• Information technology processes

• EY’s Tax Form Validator (TFV), a web-based tool that streamlines andprovides independent validation of IRS Tax Forms and self certifications

Proprietary tools: EY has developed a proprietary businessrisk assessmentmethodology, predefined risk and control frameworks, and scalable auditprograms integrated into our risk assessment models across the corecomponents of thecompliance infrastructure.

Industry and product knowledge: First and foremost, EY practitioners arebanking and capital markets, insurance and asset management professionalswith deep practical industry experience implementing FATCA solutions infinancial services and executing risk-and-controls-based analysis and testing.

Integrated approaches: Our service teams combine tax, operations,compliance, customer experience and internal audit know-how.

Assessment activities

Effectivenessof design

Operationaleffectiveness

Ongoingcompliancecertification

FATCAcontrol minimum

Assessmentheat map

Findings andmanagement action plan

Agr

eeke

yco

ntro

ls

Defin

ein

-sco

peFA

TCA

dom

ains

The Foreign Account Tax Compliance Act (FATCA) is a US tax law aimedat eliminating offshore tax evasion through enhanced customer duediligence and reporting.

FATCA created enormous complexity for organizations operating acrossmultiple jurisdictions to implement processes and systems that met thediffering requirements by entity type and jurisdiction. US WithholdingAgents (USWA) and Foreign Financial Institutions (FFIs) must haveprocesses in place to collect customer tax documentation, executerequired reporting, perform 30% withhold on certain US-sourcedpayments to noncompliant accounts and counterparties, and in someinstances FFIs were required to establish a FATCA Responsible Office(RO) to make compliance certifications.

This is a critical time in the compliance lifecycle to identify weaknesses inthe implemented policies, procedures, and system and put remediationplans in place.

Critical transition for FATCA Why EY?EY’s service offerings

Consequence of noncomplianceOrganizationsthat fail to comply with the new FATCA regulationsexposethemselves to the following risks:

• Significant reputational risk, as failings in a single jurisdiction orbusiness unit may place overall compliance at risk

• Financial risks of underwithholdingpenalties, particularly for entitiesoperating as USWAs

• Competitive disadvantage of being subject to 30% FATCA withholdingtax and limited ability to do business with compliant financialinstitutions

• Customer/investor relationship issues stemming from incorrectclassification, burdensome documentation procedures and/orwithholding

What this means for your organizationBoth non-US and US-based financial institutionshave invested significanttime, effort and resources into FATCA compliance. Actionsto evaluatethe effectivenessof systems and processesand build the surroundingcontrol and compliance infrastructure are essentialnext steps indemonstrating compliance to regulators, management and clients. Youwill need to:

• Effect testing to demonstrate compliance with the regulations and theeffectiveness of internal controls

• Identify areas of process weakness and develop programs for ongoingprocess improvement

• Confirm the compliance of vendors performing essential paymentprocessing, tax reporting, or customer tax withholding functions.

Focus areas of our assessmentsEffectiveness of design• Do the documented procedures, technical specifications, and training

support an effective balance between prevention and detectioncontrols?

• Does the design meet both the requirements of FATCA in the respectivejurisdiction (IGAModel 1, IGA Model 2, Non-IGA) and the establishedcorporate policy and risk profile?

Operational effectiveness• Were the solutions implemented as intended and are they operating

effectively, especially in cases where automationwas minimalandheavy reliance was placed on trainingand education?

Effective ongoing compliance and testing strategy• Are strategic or tactical approaches in place for providing certifications

of compliance on an ongoing basis with sufficient evidence thatcontrols are operating and failures to withhold have been identifiedtimely?

Our teams leverage a deep background in FATCA, risk and controls, andtestingto support your organization in evaluating the effectivenessof internalcontrol systemsand improve risk and compliance management practices.

Our service offerings are intended to support your organization in any phaseof your FATCA program from evaluation of the current state controls, toprocesses and procedures redesign and remediation.

• Control and compliance infrastructure: Support the development anddocumentationof the control and compliance infrastructure, includingestablishing risk and control minimum standards and developingongoingcompliance testing programs to support RO certifications

• FATCA health check: Executionof a point-in-timeassessment of thedesign and operational effectivenessof the processesand systemssupporting FATCA compliance

• Third-party testing: Services customized to meet your internal controlreporting needs to meet customer requests, commonly referred to asService Organization Control Reports (SOC)

• Internal audit co-sourcing: Training, educationand audit executionthrough co-source or full outsource

• Beyond FATCA: Beyond FATCA our teams have the capabilitiesand tools to extend our assessments and controls designs to thefull scope of tax information reporting and withholdingrequirements including Ch3, Ch61, and CRS

Our teams of cross-functional resources comprise advisory, assurance, andtax resourcesto bring deep technical knowledge and an approach tailored toyour business footprint. AlthoughFATCA is a tax law, it createscomplex challengesand impacts processesacross the organization requiringspecialized knowledge:

• Onboardingand Know Your Customer (KYC)/Anti-Money Laundering (AML)

• Tax reporting, withholdingand compliance

• Customer data and document management

• Payment processing

• Information technology processes

• EY’s Tax Form Validator (TFV), a web-based tool that streamlines andprovides independent validation of IRS Tax Forms and self certifications

Proprietary tools: EY has developed a proprietary businessrisk assessmentmethodology, predefined risk and control frameworks, and scalable auditprograms integrated into our risk assessment models across the corecomponents of thecompliance infrastructure.

Industry and product knowledge: First and foremost, EY practitioners arebanking and capital markets, insurance and asset management professionalswith deep practical industry experience implementing FATCA solutions infinancial services and executing risk-and-controls-based analysis and testing.

Integrated approaches: Our service teams combine tax, operations,compliance, customer experience and internal audit know-how.

Assessment activities

Effectivenessof design

Operationaleffectiveness

Ongoingcompliancecertification

FATCAcontrol minimum

Assessmentheat map

Findings andmanagement action plan

Agr

eeke

yco

ntro

ls

Defin

ein

-sco

peFA

TCA

dom

ains

The Foreign Account Tax Compliance Act (FATCA) is a US tax law aimedat eliminating offshore tax evasion through enhanced customer duediligence and reporting.

FATCA created enormous complexity for organizations operating acrossmultiple jurisdictions to implement processes and systems that met thediffering requirements by entity type and jurisdiction. US WithholdingAgents (USWA) and Foreign Financial Institutions (FFIs) must haveprocesses in place to collect customer tax documentation, executerequired reporting, perform 30% withhold on certain US-sourcedpayments to noncompliant accounts and counterparties, and in someinstances FFIs were required to establish a FATCA Responsible Office(RO) to make compliance certifications.

This is a critical time in the compliance lifecycle to identify weaknesses inthe implemented policies, procedures, and system and put remediationplans in place.

Critical transition for FATCA Why EY?EY’s service offerings

Consequence of noncomplianceOrganizationsthat fail to comply with the new FATCA regulationsexposethemselves to the following risks:

• Significant reputational risk, as failings in a single jurisdiction orbusiness unit may place overall compliance at risk

• Financial risks of underwithholdingpenalties, particularly for entitiesoperating as USWAs

• Competitive disadvantage of being subject to 30% FATCA withholdingtax and limited ability to do business with compliant financialinstitutions

• Customer/investor relationship issues stemming from incorrectclassification, burdensome documentation procedures and/orwithholding

What this means for your organizationBoth non-US and US-based financial institutionshave invested significanttime, effort and resources into FATCA compliance. Actionsto evaluatethe effectivenessof systems and processesand build the surroundingcontrol and compliance infrastructure are essentialnext steps indemonstrating compliance to regulators, management and clients. Youwill need to:

• Effect testing to demonstrate compliance with the regulations and theeffectiveness of internal controls

• Identify areas of process weakness and develop programs for ongoingprocess improvement

• Confirm the compliance of vendors performing essential paymentprocessing, tax reporting, or customer tax withholding functions.

Focus areas of our assessmentsEffectiveness of design• Do the documented procedures, technical specifications, and training

support an effective balance between prevention and detectioncontrols?

• Does the design meet both the requirements of FATCA in the respectivejurisdiction (IGAModel 1, IGA Model 2, Non-IGA) and the establishedcorporate policy and risk profile?

Operational effectiveness• Were the solutions implemented as intended and are they operating

effectively, especially in cases where automationwas minimalandheavy reliance was placed on trainingand education?

Effective ongoing compliance and testing strategy• Are strategic or tactical approaches in place for providing certifications

of compliance on an ongoing basis with sufficient evidence thatcontrols are operating and failures to withhold have been identifiedtimely?

Our teams leverage a deep background in FATCA, risk and controls, andtestingto support your organization in evaluating the effectivenessof internalcontrol systemsand improve risk and compliance management practices.

Our service offerings are intended to support your organization in any phaseof your FATCA program from evaluation of the current state controls, toprocesses and procedures redesign and remediation.

• Control and compliance infrastructure: Support the development anddocumentationof the control and compliance infrastructure, includingestablishing risk and control minimum standards and developingongoingcompliance testing programs to support RO certifications

• FATCA health check: Executionof a point-in-timeassessment of thedesign and operational effectivenessof the processesand systemssupporting FATCA compliance

• Third-party testing: Services customized to meet your internal controlreporting needs to meet customer requests, commonly referred to asService Organization Control Reports (SOC)

• Internal audit co-sourcing: Training, educationand audit executionthrough co-source or full outsource

• Beyond FATCA: Beyond FATCA our teams have the capabilitiesand tools to extend our assessments and controls designs to thefull scope of tax information reporting and withholdingrequirements including Ch3, Ch61, and CRS

Our teams of cross-functional resources comprise advisory, assurance, andtax resourcesto bring deep technical knowledge and an approach tailored toyour business footprint. AlthoughFATCA is a tax law, it createscomplex challengesand impacts processesacross the organization requiringspecialized knowledge:

• Onboardingand Know Your Customer (KYC)/Anti-Money Laundering (AML)

• Tax reporting, withholdingand compliance

• Customer data and document management

• Payment processing

• Information technology processes

• EY’s Tax Form Validator (TFV), a web-based tool that streamlines andprovides independent validation of IRS Tax Forms and self certifications

Proprietary tools: EY has developed a proprietary businessrisk assessmentmethodology, predefined risk and control frameworks, and scalable auditprograms integrated into our risk assessment models across the corecomponents of thecompliance infrastructure.

Industry and product knowledge: First and foremost, EY practitioners arebanking and capital markets, insurance and asset management professionalswith deep practical industry experience implementing FATCA solutions infinancial services and executing risk-and-controls-based analysis and testing.

Integrated approaches: Our service teams combine tax, operations,compliance, customer experience and internal audit know-how.

Assessment activities

Effectivenessof design

Operationaleffectiveness

Ongoingcompliancecertification

FATCAcontrol minimum

Assessmentheat map

Findings andmanagement action plan

Agr

eeke

yco

ntro

ls

Defin

ein

-sco

peFA

TCA

dom

ains

The Foreign Account Tax Compliance Act (FATCA) is a US tax law aimedat eliminating offshore tax evasion through enhanced customer duediligence and reporting.

FATCA created enormous complexity for organizations operating acrossmultiple jurisdictions to implement processes and systems that met thediffering requirements by entity type and jurisdiction. US WithholdingAgents (USWA) and Foreign Financial Institutions (FFIs) must haveprocesses in place to collect customer tax documentation, executerequired reporting, perform 30% withhold on certain US-sourcedpayments to noncompliant accounts and counterparties, and in someinstances FFIs were required to establish a FATCA Responsible Office(RO) to make compliance certifications.

This is a critical time in the compliance lifecycle to identify weaknesses inthe implemented policies, procedures, and system and put remediationplans in place.

EY | Assurance | Tax | Transactions | Advisory

About EYEY is a global leader in assurance, tax, transaction and advisory services.The insights and quality services we deliver help build trust and confidencein the capital markets and in economies the world over. We developoutstanding leaders who team to deliver on our promises to all of ourstakeholders. In so doing, we play a critical role in building a better workingworld for our people, for our clients and for our communities.

EY refers to the global organization, and may refer to one or more, of themember firms of Ernst & Young Global Limited, each of which is a separatelegal entity. Ernst & Young Global Limited, a UK company limited byguarantee, does not provide services to clients. For more information aboutour organization, please visit ey.com.

Ernst & Young LLP is a client-serving member firm ofErnst & Young Global Limited operating in the US.

© 2016 Ernst & Young LLP.All Rights Reserved.

SCORE No. CK0984BSC No. 16010-2085514

ED None

ey.com

FATCAcontrol andcompliance

Ernst & Young LLP contacts

Neil BrombergAdvisFATCA Advisory Leader+1 212 773 9011neil.bromberg@ey.com

ory Principal

Tara FerrisTax Principal+1 212 360 9597tara.ferris@ey.com

Paul FrascoAdvisory Senior ManagerBanking & Capital Markets+1 212 773 9037paul.frasco@ey.com

Mike Weinberg AdvisoryPrincipal Banking &Capital Markets+1 212 773 2355mike.weinberg@ey.com

Terence CardewTax PartnerFATCA Tax Leader+1 212 773 3628terence.cardew@ey.com

John StaplesTax Principal+1 202 327 5662john.staples@ey.com

Justin O’BrienTax PrincipalInformation Reporting+1 212 773 4767justin.obrien@ey.com

EY | Assurance | Tax | Transactions | Advisory

About EYEY is a global leader in assurance, tax, transaction and advisory services.The insights and quality services we deliver help build trust and confidencein the capital markets and in economies the world over. We developoutstanding leaders who team to deliver on our promises to all of ourstakeholders. In so doing, we play a critical role in building a better workingworld for our people, for our clients and for our communities.

EY refers to the global organization, and may refer to one or more, of themember firms of Ernst & Young Global Limited, each of which is a separatelegal entity. Ernst & Young Global Limited, a UK company limited byguarantee, does not provide services to clients. For more information aboutour organization, please visit ey.com.

Ernst & Young LLP is a client-serving member firm ofErnst & Young Global Limited operating in the US.

© 2016 Ernst & Young LLP.All Rights Reserved.

SCORE No. CK0984BSC No. 16010-2085514

ED None

ey.com

FATCAcontrol andcompliance

Ernst & Young LLP contacts

Neil BrombergAdvisFATCA Advisory Leader+1 212 773 9011neil.bromberg@ey.com

ory Principal

Tara FerrisTax Principal+1 212 360 9597tara.ferris@ey.com

Paul FrascoAdvisory Senior ManagerBanking & Capital Markets+1 212 773 9037paul.frasco@ey.com

Mike Weinberg AdvisoryPrincipal Banking &Capital Markets+1 212 773 2355mike.weinberg@ey.com

Terence CardewTax PartnerFATCA Tax Leader+1 212 773 3628terence.cardew@ey.com

John StaplesTax Principal+1 202 327 5662john.staples@ey.com

Justin O’BrienTax PrincipalInformation Reporting+1 212 773 4767justin.obrien@ey.com