Exceptional circumstances cause infrastructure to be scaled up rapidly and the COVID-19 crisis resulted in massive levels of digital dependency to ensure businesses continuity. Looking back on what occurred as well as anticipating the speed of change looking forward, we’ve identified areas that may assist in dealing with the change and innovation that characterises the digital economy and could help to future proof your company.
Crises usually demand additional skills or require the use of existing skills in different ways. The rise of digital meetings throughout COVID-19 is an example. Even now, digital conferencing has become part of corporate life, it seems to me, people remain with only basic skills and little knowledge or desire to understand even such basics as where to place the camera or use a reasonable level of lighting to ensure effective participation. It’s easy to assume that if people are using a technology, they have sufficient skills. Whereas the reality is that some are operating with only enough skill to get by. While training and development are increasingly present in corporate life. a new step is required, which is a constant review of the new and emerging skill demands to ensure adequate training and staff improvements.
A recent OECD report on lessons learned about digital security during the COVID-19 crisis noted one of the lessons as the need to responsibly manage digital security risk, rather than neglect it.
In times of crises, it’s tempting to bypass risk assessment and treatment processes altogether to ensure business continuity. However, fast implementation of new or temporary digital infrastructures and adoption of new processes on the fly are likely to create weak links that malicious actors will seek to exploit. Business decision makers need to own the responsibility of deciding what to do with digital security risk rather than transferring it to technical people. It’s a timely reminder that digital security must support business objectives rather than hinder them through rigid bureaucratic processes.
Digital security risk management processes should be flexible to match business needs without sacrificing good security practice. An effective, trusted and seamless relationship between business decision makers and technical security experts enables the business to drive digital security risk management decisions. Digital security preparedness is part of broader business continuity planning and going forward it will be necessary for the organisation to test plans that it can rapidly implement when disruptive events occur in order to ensure business continuity and resilience. Integrating digital security preparedness into the broader enterprise risk management, business continuity and crisis management planning.
A start would be to review the effectiveness and consistency of emergency plans and digital security risk management processes, asking questions such as: Did the organisation follow pre-defined processes? Were the emergency plans flexible enough? For SMEs, COVID-19 drew attention to weak digital security, with the shift to remote working increasing the potential for attacks and introducing new vulnerabilities. Learning from the crisis and implementing procedures around digital security will help prepare an organisation.
Data powers the digital economy. Continuous improvement of the quality and integrity of the data being used for decision making is essential. As technologies such as 5G increase bandwidth, improve latency and lower cost, connectivity will be instant and cheap. This will provide greater access to data streams and trend analyses regarding the internet of things, artificial intelligence, advanced analytics and machine learning. Given the enormous quantities of data that will be produced, it will become increasingly important to understand exactly the organisation’s data needs while exploring the opportunities that instant data can provide which will result in new products and services, customers, and markets.
As new technologies continue to emerge, it will be necessary to assess their efficacy against the needs and demands of your organisation’s commercial environment. It can be challenging trying to wade through the ‘theoretical speak’ to understand what these technologies are and how they work. To determine their relevance for your organisation, an assessment framework will help you keep abreast of the new technologies to market and ensure innovation aligns with your strategic direction. This will also enable you to mitigate some of the risks linked to obsolete technology or the scalability of technology deployed. While each organisation will have different components to their framework, the tools we use to ascertain whether new technology is of relevance to the business are:
- Talk, read and listen
There is a surprising amount of information about new technologies provided by the OECD, governments, academics, private consultants, and journalists. Additionally, the organisations using these technologies often provide discussion on how they’re being used. This information becomes valuable when assessing whether the technology will be right for your organisation.
Both customers and employees will have some level of frustration in dealing with the organisation. Keeping a note of these frustrations and being vigilant around how the new technology may assist or hinder operations will help you determine whether it suits your organisation and if not, what alternatives there are.
All ideas were once a thought. Encourage your employees to keep abreast of the benefits of the new technology and consider new products or services that could arise from these technologies. Encouraging and collating these ideas will provide a range of opportunities that the organisation can use to innovate and transform.
Governments around the world are focusing more and more on electronic services and using consumption tax to increase their haul as these taxes are thought to be less distortionary and more conducive to growth. In surveys conducted by the OECD, it is posited that in central government spending, a destination-based VAT is the preferred approach to the taxation of consumption. In contrast with origin-based taxes, destination-based taxes avoid distorting the producer’s choice of location given that the consumer is less mobile.
Traditionally, consumption taxes were generally levied on either goods sold within a country or imported into a country. The rise of electronic services has provided a challenge for governments. Unlike physical goods being imported into their country and taxed on entry, electronic services were delivered direct to the end-user with no ‘entry point’ to provide Governments access to tax. With the burgeoning digital economy, various governments started to change the way tax was levied on these services. For electronic services, it is not the end-user resident in that country who has the responsibility to remit the indirect tax, it is the company that provides the electronic services.
This means that for many companies providing digital services, they have a taxing point in countries that they do not physically operate in. In other words, a company based in Australia which provides electronic services to end-users that reside in the EU, has a responsibility to pay VAT and submit returns in the EU even though it is not physically an EU-resident and does not operate through a permanent establishment. An Australian company could well have a tax liability to the revenue authorities in another country without having operated outside of Australia. The legality of these claims and the ability for the revenue authorities to collect will lead to some challenges in the future.
Given this example, tax in the digital economy could be a ‘quiet assassin’ for businesses who are not vigilant. Companies could be amassing significant liabilities in other countries without their knowledge.
In July 2020, the OECD released a new global tax reporting framework, the Model Rules for Reporting by Platform Operators with respect to Sellers in the Sharing and Gig Economy (“MRDP”). Under the MRDP, digital platforms are required to collect information on the income realised by those offering accommodation, transport, and personal services through platforms and to report the information to tax authorities. It would be expected with this level of information and the increase of data analytics, revenue authorities will have far greater oversight into the operations of taxpayers and this could lead to increased auditing. While these rules are only suggestions, the OECD is moving forward to work on the international, legal and technical framework to facilitate the automatic exchange of the information collected under the MRDP.
Understanding international as well as domestic tax implications will become more and more necessary as organisations expand into the digital economy.
Looking into the future is hard so a focus on some fundamental issues that will continue to impact the organisation will assist in future proofing your business.