GST/HST Audit and Examination

Compliance Programs Branch
GST/HST Directorate

On this page

Overview & Privacy Impact Assessment (PIA) Initiation 

Government institution

Canada Revenue Agency

Government official responsible for the PIA

Sahil Behal, A/Director General
GST/HST Directorate
Compliance Programs Branch

Head of the government institution or Delegate for section 10 of the Privacy Act

Lia Jackson
Director
Access to Information and Privacy Directorate

Name of program or activity of the government institution

Reporting Compliance

Standard or institution specific class of record:

Goods and Services Tax/ Harmonized Sales Tax (GST/HST) Audit
Record Number: CRA CPB 476

Standard or institution specific personal information bank:

GST/HST Audit and Examination
Bank Number: CRA PPU 430
TBS Registration Number: 20160020

Legal authority for program or activity

The Minister of National Revenue is responsible for administering and enforcing the Excise Tax Act. Part IX of the Excise Tax Act provides the legislative authorities under which the GST/HST Audit and Examination Program operates and outlines the circumstances and means by which individuals and businesses must calculate, collect, remit and report on the GST/HST. It also outlines the circumstances in which an individual or business may be eligible to claim a rebate of the GST/HST.

The authority to collect personal information is implicitly authorized under subsection 275(1) of the Excise Tax Act as the Minister of National Revenue must collect information to carry out the mandate of administering the GST/HST. There are specific reporting obligations for registrants, as well as specific audit and inspection powers in the Excise Tax Act.

Part III.I of the Federal-Provincial Fiscal Arrangements Act provides the authority for federal-provincial agreements respecting the harmonization of sales tax systems including the accounting for, collection, administration and enforcement of the harmonized taxes. 

Authority to inspect, audit and examine

Subsection 288 of the Excise Tax Act authorizes the inspection, audit and examination of documents, property, and processes of a person to validate the correct amount of GST/HST owing on the account and to prevent the issuance of unwarranted refunds and rebates. This includes information already in CRA systems originally collected under Part IX of the Excise Tax Act.

Section 275 of the Excise Tax Act authorizes the use of business intelligence and risk analysis to identify and address non-compliance including the involvement of virtual assets and blockchain technologies.

Authority to require production of documents or information

The CRA may request or require documents and additional information to support a review, examination, or audit under sections 289, 289.1 and 292 of the Excise Tax Act.

Authority for indirect collection

The indirect collection of personal information is implicitly authorized under subsection 275(1) of the Excise Tax Act as the Minister must collect information to carry out the mandate of administering the GST/HST.

Personal information collected from federal and provincial government departments is used to determine the correct amount of GST/HST owing on the account and to prevent the issuance of unwarranted credits and rebates is governed by Part III.1 of the Federal-Provincial Fiscal Arrangements Act.

Personal information already in CRA systems originally collected under the Income Tax Act may be used to validate identity and verify flow through reporting and the sharing of information is authorized under section 241(4)(d)(ii) of the Income Tax Act.

Personal information collected from commercially purchased data such as credit bureau information or real estate data, from other persons and publicly available open sources is authorized by section 275(1) of the Excise Tax Act and is used to determine the correct amount of GST/HST owing on the account and to prevent the issuance of unwarranted refunds and rebates.

Disclosures

Personal information may be disclosed under section 295(5)(d)(ii) of the Excise Tax Act to the Canada Border Services Agency for the purpose of the effective administration and enforcement of the statutes under its responsibility.

Personal information may be disclosed under 295(5)(d)(i) of the Excise Tax Act to Finance Canada for the purposes of formulating or evaluating fiscal policy.

Personal information may be disclosed under section 295(5)(d)(ii) of the Excise Tax Act for the purpose of administering other CRA programs such as individual or corporate returns.

Social insurance number

The social insurance number is collected under the Social Insurance Number Disclosure Regulations, SOR/91-41 and section 237 of the Income Tax Act and is used for identification purposes.

Summary of the project, initiative or change

Overview of the Program or Activity

GST/HST Audit and Examination Program

The GST/HST Audit and Examination Program was separated from income tax and initiated as a separate program to prioritize and strengthen the compliance focus on GST/HST in 2010. The program’s mandate is to:

The program identifies existing and emerging GST/HST schemes, other arrangements, and transactions that result in a loss to Canada’s tax revenue in all regions, except Quebec, to minimize losses to GST/HST revenue.

Addresses non-compliance by registrants by exploring alternative compliance treatments for this population by using risk-based approaches to identify, select and audit the riskiest files while keeping internal controls and integrity measures in place.

It develops targeted compliance strategies for high-risk segments of the medium business population and provides functional direction and program-specific policies, procedures and advice regarding compliance issues related to the GST/HST of medium businesses defined as owner operated business, small corporations, and partnerships.

Continued enhancement of GST/HST compliance through risk assessment and the implementation of compliance initiatives of the large business population nationally, which is comprised of both domestic and non-resident large business entities, such as corporations, partnerships, trusts, income trusts, gaming authorities, financial institutions, and other business entities (as well as the entities controlled by these large business registrants).

Identify compliance risks and select the highest risk files for GST/HST small business and medium business audits and to appropriately document and communicate the risk identified to auditors; and, to collect, integrate, and analyze relevant information sources. Ensures and promotes the consistent application of standards of quality in compliance program activities; communicating best practices; identifying trends related to learning needs; and providing management with assurances that these standards are being met so audit activities are performed with integrity and meet professional standards. Risk assessing GST/HST credit and debit returns and rebate claims, taking action on the highest risk files while ensuring the timely processing of the lower risk ones to aid in the prevention of payment of unwarranted refunds and addresses non-compliance in an effective and efficient way.

Provides technical guidance and support to auditors in cases where businesses use computerized accounting, electronic point-of-sale, and other computerized business systems.

Promotes and monitors the consistent application of quality standards by reviewing case files, communicating best practices, and identifies learning needs to further promote the quality of computer audit assists and business system evaluations.

Ensures compliance of public service bodies with the Excise Tax Act. Public service bodies consist of charities, non-profit organizations, and entities known as MUSH (municipalities, universities and public colleges, school authorities and hospitals).

What’s New

Virtual assets are transforming financial services markets and changing business models, resulting in tax compliance challenges. As such, the program is working on developing strategies to identify and address non-compliance involving virtual assets and blockchain technologies.

Compliance activities within the virtual asset space are not inherently different from other compliance activities, therefore selecting the right approach in relation to differing degrees of risk will result in the most effective outcome. The program prioritizes outreach activities and business intelligence through the following initiatives:

Encouraging voluntary compliance through educational-based approaches such as training products, plain language guides, and Canada.ca webpages.

Engaging with internal and external stakeholders for the purpose of exchanging data and implementing/adopting regulatory framework of virtual assets.

Enhancing business intelligence:

Platform Economy

In response to the Office of the Auditor General report on the Taxation of E-Commerce and with the continued increased focus on the platform economy, the program will provide functional leadership and direction in respect of the platform economy for both the GST/HST.

In response to the Office of the Auditor General report, the CRA has developed a comprehensive compliance strategy to better detect and address non-compliance within the platform economy for both GST/HST, including a plan to better leverage third-party data. More precisely, the strategy recognizes the risks associated with the platform economy, where platform operators connect buyers and consumers with sellers and service providers. Four categories of platforms have been identified: sharing economy, gig economy, peer-to-peer selling and social media influencers. Each category contains unique risks requiring tailored compliance interventions.

The compliance strategy establishes the Agency’s vision in managing the effective tax administration of platforms and their participants to adequately position the Agency for the future. The strategy is based on four themes:

Additionally, the program, in collaboration with other CRA branches and programs, is working on the implementation of a number of measures that came into effect on July 1, 2021, regarding the collection, filing and reporting of GST/HST by certain online platform operators. In addition to those new responsibilities, accommodation sharing platforms and platforms providing qualifying tangible personal property will also be required to file information returns reporting their sellers’ sales. To effectively implement these measures, the program will continue to engage with other compliance programs, as well as other levels of government.

The Quantum Development Project

The Quantum Development Project is responsible for the ongoing development and support of the ‘Quantum 1.0’ tool. Quantum 1.0 is based on IBM Identity Insight software and integrates internal and external data to visualize the relationships and connections between individual and business entities. Several GST/HST audit programs currently make use of Quantum 1.0 as part of their risk assessment process.

In addition, a multi-year project to develop Quantum 2.0 has started. The goal of Quantum 2.0 is modernize and streamline the risk assessment system in the GST/HST Directorate. This will see data moved to a cloud-based platform, add new predictive models based on data mining and machine learning, and will allow for faster development and implementation of risk issues. The screener experience will be streamlined into a single portal where all the necessary information can be viewed, and can be forwarded for any necessary audit action.

For additional information, the Compliance Programs Branch maintains an accessible and regularly updated website at canada.ca/en/services/taxes. Embedded in that site are videos and recorded webinars that explain CRA’s audit process.

Scope of the Privacy Impact Assessment

The scope of this Privacy Impact Assessment covers the GST/HST Audit and Examination Program. This includes reviews, examinations, and audits at the domestic and international level to determine the correct amount of excise taxes and GST/HST owing on an account and to prevent the issuance of unwarranted refunds and rebates.

This program level, core PIA should be read along with previously completed PIAs related to program:

The Business Intelligence and Compliance Risk Assessments PIA covers the business intelligence activities undertaken by all audit areas in the Compliance Programs Branch. Data gathered and analyzed for business intelligence or risk analysis may be used by auditors during their audits.

Programs and initiatives that focus on GST/HST compliance are constantly being refined. Therefore, as a new initiative or if refinement is identified, this core PIA will be reviewed and updated accordingly, and will support consultations with the Office of the Privacy Commissioner and any personal information bank updates that may be required.

The Act Respecting the Quebec Sales Tax and the Tax Administration Act (Quebec), Leads, Criminal Investigations Division, and Voluntary Disclosures Program are out of the scope of this PIA.

Risk identification and categorization

Page details

Date modified: