Naavi.org

In response to the previous post “Is Karnataka Government hitting NASSCOM through E Commerce taxation?”, the following comment has been received from Mr G.D, Thakur, Assistant Excise and Taxation Commissioner, Hyderabad. Since the response is exhaustive, it has been published here as an independent post. We thank Mr Thakur and also invite others to provide such useful content for publication.

E-Commerce  Taxation Issue:

The e-commerce is a way of doing business only distinct from traditional methods of business.The taxation is not different to the e-commerce than the traditional business.Rather it is more convenient to the Taxing Authorities to collect tax from the E-Commerce Business than the traditional business.The e-commerce turnovers and classification of goods for tax schedules is available on a system software than the traditional business which is a mixed maintenance of accounts containing several issues on which the present day taxing authorities are spending their whole time.
In the e-commerce the business turnover,which cannot be suppressed or misappropriated and item schedules can be managed very easily and accordingly the actual tax liability can be worked out on the same system software and the tax payments can be made online into the Govt Treasuries instantly.
The present system of the e-commerce is engineered on the Sales and Purchase Agreements with the online sellers and buyers ,which decides the Point of Vat Incidence  and collection and further depositing with the respective Governments.Whatever the Agreements which I have gone through,it is reflected as the seller and buyers other than the Online Market Places[ Viz Flipcart,Snap Deal].The e-commerce majors treat their platforms as the Online Market Place only and they have designed their Sale and Purchase Agreements ,which puts the Liability to collect VAT on the online sellers only.The e-commerce majors charges some market fees,facility charges and commission on the sale value of the products traded through their Platform from the online sellers registered with their online platform[ viz flipcart or the snapdeal].
In nut shell the e-commerce present scenario ,which appears to me:

1.The E-commerce companies calls the online sellers and register them .They register both types of dealers registered with the State VAT departments and unregistered dealers also.Having TIN is not mandatory for them in all cases.
2. Under the VAT regimes ,the tax is always collected by the seller only i.e.the seller state viz the Sale Invoice Issuing State.The VAT will be collected by the state issuing invoice and charging VAT thereon.
3.Under the VAT ,s basic principles are uniform throughout the country.The e-commerce revenue is being collected by the selling states only and the consuming states definitely loosing their Tax Revenues.In e-commerce it is a golden chance for those states to attract the e-commerce majors  for doing the neat and clean business.The general approach of the E-Commerce majors is to effect supplies from the vicinity of the consumers to bring down the logistics charges.
4.The Value addition chain is depleted by the e-commerce.As all the chain of distribution from the distributor,sub distributor,dealership,wholeseller and the retailer chain is totally absent, and this was the need of the traditional business.The e-commerce do not require this chain mechanism and the ultimate gainer is the end customers.The online business will bring down the market of black money as the e-commerce business is totally through the Banks and other online Pay portals which are easy to track down and regulate than the cash money flow.
5.In the e-commerce only three trading entities are exiting.1. E-commerce Shopping Platforms 2. Online sellers 3.Online Buyers[ mostly are end customers]
6.The Ecommerce major stress upon to shift the onus of VAT Collection and its deposit on the online sellers and to be paid by the end customers only.
7.The e-commerce majors claims to charge Commission of certain percentage of the sale value of the goods sold through their platform and some facility and market charges from the online sellers.If this commission or incidental turnover part is inclusive in the sale price decided by the online sellers,then the liability of the e-commerce majors to pay VAT on the value addition nullifies.
8.The commission or the incidental charges received by the E-commerce majors are the component of the sale value ,which is arrived at by the online sellers after determining all the charges in addition to the purchase price of the said commodity.The sample agreements as being followed by these e-commerce majors shows that the commission is charged @ of certain percentage of the sale price from the online sellers,on which VAT is inclusive by the Online seller.
9.The VAT is paid by the seller on the price,which includes the basic purchase price,his profit margin,incidental charges and commission paid to the E-commerce major or packing or any other logistics charges.The state government ,when received all the due amount of VAT including the component of turnover involved paid to the –Ecommerce majors, no other VAT liability arises on the E-Commerce Major.This is based on the Terms and Conditions of the  Sample Agreement signed by a e-commerce major with the Online seller.The sale price when decided at the point of the seller and the goods are directly transferred to the end-customer ,the VAT applies on the sale value.If this sale value is determined after summing up all the prices involved [ basic procurement price of the item +incidental charges incurred by the seller +charges paid to the packing and storage + charges paid to the E-commerce majors as a commission or in any form for making the item marketable and transportation and handling charges]and VAT is paid on this turnover to the respective state government,and the goods are sold to the end customer,then no other VAT liability arises on the E-Commerce Major[ viz. FLIPCART or SNAPDEAL].For the services provided by them ,they may be accountable for any service taxes if their service qualifies that liability,but not VAT.
10.In otherwise ,if the state authorities want to collect tax from the e-commerce majors ,that is restricted to the ‘Component of Value Addition Part Only’.When this value addition part turnover is already suffered VAT by the online seller to online buyer,then there lefts no turnover with the E-Commerce major to pay any value addition VAT.
11.However,the responsibility of the maintenance of the details Accounts  of the online sale and purchase,online sellers to the state govt or online access for exercising administrative control over the online sellers,is must if the proper VAT realization is to be achieved by the state governments.
12. Therefore E-commerce is not difficult to tax.Rather is is very convenient to tax provided our taxing authorities steps along with the technology .It will prove a boon to the technology updated states and will certainly  adv-affect the tax collections of those states who will lag behind in welcoming this e-commerce.
13.The e-commerce is a neat and clean ,and environmental friendly business and makes available the commodities at the doorstep of consumers at very cheap rates.
14.This documents is based on the typical online sale and purchase agreement.For any e-sales business,the   cyber contract as mutually signed between the contracting partners in lawful obligation to the Indian Contract Act 1872 as amended on date in India and as per the International treaties on trades and business to which  India is party  ,are the determining factors to decide the incidence of VAT.
15.There is strong need to familiarize the State Taxation Machinery about the e-taxation and to address their apprehensions about the mis-conceptions.The E-commerce will increase the VAT revenues with ease of doing business for the entire society.
16.The e-commerce majors should not apprehend about the clarity of Taxation Laws .The law is already explicit.The VAT s basic fundamentals like incidence of taxation ,and definitions  and sales concept are uniform throughout the country. The federal structure of VAT and Ecommerce is based on the foundations of the CST Act -1956, the Sales of Goods Act-1930,The Indian Contract Act-1872 and the IT Act-2000/2008 (e-commerce).

[The views expressed are my own ]

G.D.Thakur-Assistant Excise and Taxation Commissioner

Naavi adds:

The E Commerce platform works as an agent of both the seller and the buyer and recovers a service charge as a facilitator which is for convenience recovered from the seller from the proceeds. Unless the market place owner buys from the seller and re-sells it under his own invoice, he is neither the buyer nor the seller. At best the service charge levied can be subjected to the service tax though I prefer it to be waived. The State Government should not intervene and try to recover a “Withholding tax” as Karnataka Government appears to be aiming at. 
Also from the technical perspective, this requires a change of the software process handling the payment and introduces a complication. We should remember that there are other service intermediaries such as the courier or the payment gateway and each one of them gets their share. These may also be directly distributed from the sale proceeds and are income of each of these agencies and are subject to taxation in their respective states. For convenience, the market place may maintain an account and credit the entire sale proceeds to one account and make on account payments from such an account. Different companies may adopt different practices.

We also need to recognize that the market place operates in “Cyber Space” and the buyer and the seller are residents of different states . ITA 2008 has a means of defining where the contract is concluded and accordingly the location of the “Sale” has to be determined.

If a seller is from Delhi, there is no need for him to pay tax in Karnataka. (Any inequalities between predominantly selling states and predominantly buying states is being addressed in the GST scheme which we expect to be operative in the next year.

Karnataka Government is therefore harassing the E Commerce players just because they have chosen to open their head office in this State Even where there is a ware house, the correct interpretation is that the ware house is rented to the seller to enable efficient distribution. Any other interpretation is convoluted and mischievous.

Karnataka Government made the same mistake in respect of “Aggregators” of Taxi service and failed to recognize “Aggregation” as a “Service”. Though the Ubers and Olas have accepted this for the time being, this is a a dangerous precedent. If the same principle is extended, “Make My Trip” will require air line operating license before booking airline tickets and Book My Show would be liable for the entertainment tax payable for the movie. 

I hope people in the Government donot think of E Commerce only as a milch cow and try to extract as much of money as possible. They should look at the overall impact on the economy that the decisions leave. At present it appears that the Government is unfriendly to E-Commerce Business and is driving businessmen out of the State. If this is not checked, E-Business in Bengaluru including the “Start Up Business” will dry up.

I wish some official from the Karnataka Commercial Taxes department responds to this.

Naavi

P.S: Kindly read this along with the earlier post : “Is Karnataka Government hitting NASSCOM through E Commerce taxation?

During the recent visit of Prime Minister Modi and German Chancellor Angela Merkel to Bengaluru, the Chief Minister Mr Siddaramaiah and more so his party was unhappy that NASSCOM did not invite him for the interaction with the industrialists. It appears that this displeasure is now playing itself out in the form of policy implementations designed to hurt the IT and E Commerce industry in Karnataka.

For some time Congress is taking various steps to discredit the Modi Government and one part of this strategy is to ensure that no cooperation is given to the Center on its economic initiatives. It is possible that the Modi team would have felt that Karnataka politicians could even try to put spokes in the wheels on Modi’s initiatives and decided to keep the State Government at a distance during the Anela Merkel meet.

Some time back Karanataka lost one expansion plan of Infosys and possibly from Tata Motors. Recently  flipkart chose Hyderabad as the location to open its biggest warehouse and fulfillment center.  (See report here) . In April  Amazon India’s had announced that it was putting all future investments in Karnataka on hold due to the state government’s “non-cooperative attitude.” Announcing the setting up of its FC in Telangana, Amazon company said the policy parameters in Karnataka were not in sync with e-commerce industry demands. 

It is clear that neighboring Andhra and even Telengana are actively poaching on projects both in IT and non IT and Karnataka is slipping in its development curve. It is only the momentum of the past that is keeping the state afloat.

One of the recent studies by KPMG indicate that E Commerce gives a boost to the SMEs. There are many success stories of SMEs making it a big success with the help of the online stores. (See report here). At such a time when E Commerce needs to be encouraged, the Government has taken yet another step in down grading its status for “Ease of Doing Business” particularly in the E-Commerce area by proposing a “Value Added Tax Deduction At Source”.

See Report in ET here

It is stated that the Government is proposing a 1 per cent levy on payments by buyers to sellers on e-commerce sites, a move that could encourage other states to follow suit.  If put in place, e-commerce companies will have to deduct 1 per cent of payments made to vendors before passing the money on, making goods costlier for consumers.

The state says the levy will help keep tabs on the revenue of sellers, who would be able to claim credit for the tax. The authorities feel this will ensure that disclosures are accurate and companies are paying the right amount of tax.

However one can visualize that  this move will introduce more hurdles in the operation of E Commerce in Karnataka and would be construed as a retrograde step which could have been prompted by the recent face off with the NASSCOM.

I hope that wiser counsels in the Government would sense that there is a gradual erosion of the credibility of the Government in business circles which is not good for the economic development in the State. Sooner this is realized and corrective steps taken, better it is for the State.

For this purpose, it is necessary for Mr Siddaramaiah to break himself out of the policy bind dictated by his high command which is interested in taking the Indian economy backwards lest Modi may claim credit.  Siddaramaiah should try to emulate Devraj Urs and consider the betterment of the State ahead of other political game plan. It is true that  Devraj Urs lost out politically because Indira Gandhi was too strong but the current Congress high command is more dependent on Karnataka and Siddaramaiah may have a good chance to win his way of he shows some courage and conviction to restore the pride of Karnataka in Congress circles by taking an independent political policy stand that is good for the State.

Let’s watch how this war between the Government and the NASSCOM play out..

Related Article:

Karnataka Hold meeting with E Commerce players

Karnataka Loses upto 2000 crores in tax revenue to e-commerce

In a development which has disturbed over 4500 companies in US doing business in EU region as data processors under the “Safe Harbor” agreement, the Court of Justice of the European Union has struck down the 15 year old agreement for not providing “Adequate Privacy Protection”.

Safe Harbor agreement was established between the United States Department of Commerce and the European Union (E.U.) in November 2000 to regulate the way that U.S. companies export and handle the personal data (such as names and addresses) of European citizens. The agreement was a policy compromise set up in response to a European directive that differed from the 1998 European Commission Directive on Data Protection, which prohibited data transfer to non-European countries that did not adhere to stringent criteria. .

See Reports in Wall Street Journal and Computer World

The agreement had established a framework for a compromise solution between U.S. and E.U. privacy procedures.

In force since 2000, the data framework allowed companies based in the U.S. to store personal data about Europeans on U.S.-based computer servers by simply undertaking by a declaration to abide by a series of EU principles, enforced by the U.S. Federal Trade Commission. More than 4000 companies had availed this simple self-certification process.

The decision of the Court now requires these companies to find alternative means of continuing to process data of European citizens.

One of the alternate means is to enter into a contract on the lines of what is suggested by EU (See more about Model Contracts here).

The apprehension in EU circles is however that any arrangement between the parties may not prevent the US Government authorities having access to the data. Any individual commitment given by the data processing company would not be able to prevent the request of the law enforcement in US as well as the other Government authorities to either seek the information under a due process of law or by illegal snooping.

The Judgement does not have any direct impact on India since we are already working under the “Individual Contractual bindings” as well as the statutory commitments under ITA 2008 which includes a “Due Process” for interception. However at present the EU market may not have adequate trust in Indian Privacy Protection law particularly since we donot have a “Privacy Act”.

Following the confusion created in the US market, there is an opportunity that is now available to India which NASSCOM can pursue. Firstly, we need to speed up the passing of the Privacy Bill. Secondly the Privacy Bill can incorporate a commitment to protect privacy of any Person (including the citizen of another country) and set a “Due Process” which is “Stringent” for interception. Simultaneously the “Encryption Policy” should also support the need for Privacy Protection.

If possible, India can also try to enter into a separate Safe Harbor agreement with EU which addresses the concerns expressed by the Court and develop its own model contract (which is already inherent under Sec 79 and 43A of ITA 2008) so that Indian data processors can bid for the EU data processing contracts.

We look forward to the Government  initiating some action on this.

Naavi

The credit card fraud reported in media today involving use of 580 fake cards created by fraudsters resulting in withdrawals of Rs 2.84 crores from Kotak Mahindra Bank is a lesson to all those men in Judicial positions who have been always difficult to be  convinced that Banks can fail in their security procedures.

The details of the case is available here

Fortunately, in this fraud, no customer is involved. The fraudsters obtained the details of “yet to be used” credit card numbers assigned to K0tak Mahindra Bank by Master Card and created card accounts in fictitious names and encashed the same through online portals.

It is surmised that a security breach at DZ Card India Ltd, Gurgaon could have resulted in the fraud. Possibility of insider involvement in DZ card or Kotak Bank is not ruled out. But “negligence” and “Failure of Information Security policy and Procedures” is a certainty.  Violation of RBI regulations on how to manage information security with an outsourced agent can also be visualized. Possibility of negligence by  multiple agencies involved in the processing of the card printing, and its encashment is not ruled out.

While the Police can follow the available leads and try to resolve the case, I would like to make this a case to be quoted in all Bank fraud litigation hearings where the Banks make a statement….

“We have international level of information security and no breach can happen at our end. If there has been a fraud, the negligence must be at the customer’s end and hence the loss should be borne by him and him alone.”

I have heard this argument from all the banks against whom I have either directly or indirectly followed complaints some with the Banking Ombudsmen,  some with  Adjudicators and also Judges of various courts.

Even in this case, if there is any query, the Bank as well as the Card printing agent will claim that they are “PCI-DSS Compliant” or “ISO 27001 Compliant” and file a one page document signed by one of the Big4 audit firms or some other firm stating that they have satisfactorily undergone an audit as of a particular date.

Ask them “Are you ITA 2008 Compliant?”.. they will perhaps say “What do you mean by it?..

These companies think that technical best practice compliance is better than legal compliance. All of them will learn the hard way that when the bell rings, it is the legal compliance that can save them from liabilities and not the technical best practice compliance.

The Judicial authority who may not know the difference between ISO 9001 and ISO 27001 or what  PCI-DSS means, is likely to be impressed by the weight of the audit firm’s reputation and ignore any plea by the poor customer that he has no knowledge how his Credit Card or Debit Card appeared in some ATM or Merchant Establishment’s claim or how his identity could have been stolen.

I therefore invite the attention of all such judicial authorities to realize and start believing that Frauds such as  Phishing or Credit/Debit/ATM Cards or Mobile Banking or Mobile Wallet frauds can occur without any knowledge of the customers.

The subject case proves that such frauds can occur even when cards are not issued at all to any customer. If so, it can also happen on a clone of a card issued to a customer.

If this truth is understood by these Judicial persons, I would be happy that this fraud had a beneficial impact on the society.

At the same time, I consider that Kotak Mahindra Bank is one of the better Banks in the pack in terms of Information Security and I hope they did cover themselves with appropriate Cyber Insurance to recover this loss.

Naavi

Dr Triveni Singh, the additional Superintendent Lucknow is emerging as a “Super Cyber Crime Cop” of the country having resolved many individual and organized cyber crimes in the areas around Noida and NCR region of Delhi. Dr Tiveni Singh is an exceptionally qualified police official with an MBA and  PhD, as well as certifications of CEH and CHFI. He is one of the few Police officers in India who are both qualified and also have many field accomplishments to their credit. Perhaps it looks strange that he belongs to the UP cadre and not working in Delhi or other major metros leading a National level Cyber Crime Police Force.  Such a specialized police force is necessary for the security of Digital India and hopefully, Mr Triveni Singh will soon be provided an opportunity to use his skills in a more productive posting.

In solving some  of the recent crimes involving  Bank Frauds, Mr Triveni Singh has reported that a special task force studied 210 FIRs and 1500 complaints from the residents of Haryana, Rajasthan, Maharashtra, Punjab and Bihar and came to certain interesting conclusions as the behaviour of these gang members. The total value of the frauds involved in these cases was around Rs 80 lakhs.

The police have found that the fraudsters used the proceeds to buy mobile phones and also kept money in mobile wallets. They were able to use the e-commerce merchants and mobile wallet managers as conduits to commit crimes, exposing them to risks of being held liable for the frauds under ITA 2008. These e commerce and mobile wallet managers are guilty of weak KYC and identity verification systems contributing directly to frauds.

See Report in Times of India

One of the immediate thoughts that occurred to me on reading the report is about the Cyber Crime statistics. The report indicates that in the few states mentioned, there was nearly 1700 cases reported involving  banks. But it is not clear if these cases get reported as “Bank Frauds” in the RBI’s records. In the absence of proper recognition of the incidence of such crimes, RBI is blind to the risks of e-banking and keeps allowing Banks introduce more and more technology in Banking without appropriate safeguards.

While it is exciting to hear about innovative banking practices such as the social media banking, card less banking etc., there is no accountability for Bankers when it comes to frauds. Now RBI has provided licenses to Small Banks and Payment Banks who are more technology dependent and therefore more vulnerable to Cyber Crimes.

With every new step in the advancement of technology in Banking, the customers are being driven into higher and higher risk situations.

Banks continue to evade any liability for frauds and RBI’s ombudsmen  collude with Bankers and refuse relief to Customers in ATM card, Credit Card and Mobile frauds. The supervision of RBI on information security in Banks is inadequate and Banks work with more risks than they can afford.

To top it all, Banks which were mandated to obtain Cyber Insurance against such frauds and ensure that customers donot suffer losses by none other than RBI itself through its Internet Banking Guidelines of June 2001, refuse to take such cover even today after 15 years.

If RBI was serious about customer safety it should have ensured that by this time all Banks had a suitable Cyber Insurance cover and not bully its customers to bear the cyber fraud losses. Without such insurance cover for their customers, no new Bank should have been licensed. But despite representations to this effect, RBI did not take any action and let new Banks be licensed with more risks than existing Banks.

I wish Dr Triveni Singh books a few Bank officials for their negligence in maintaining proper information security in their systems causing losses to the customers. We are aware that under ITA 2008, vicarious liabilities accrue to Bank for their negligence which causes identity theft and unauthorized access.

In fact one of the largest phishing frauds in India occurred in PNB, Noida where a customer lost Rs 1.64 crores. The case is lingering along in the National Consumer Forum and despite atrocious negligence in “Banking Service” displayed by the Bank, justice is being delayed for more than 7 years. Around this time in 2008 a series of frauds occurred in PNB and if Dr Triveni Singh studies all such frauds, it will be clear that PNB had put all its customers to a huge level of risks entirely by their own ineptitude. While the victims of the cyber crimes are suffering for last 7 years, the then Chairman went on to become IBA chairman and enjoy the fruits of his office built over the losses of the customers of PNB. I am not sure if there is any mechanism in RBI to monitor such matters which are simply reported by the Banks as “Under litigation”. RBI should study the impact of such unresolved frauds on the trust and confidence that people have on Banks and the danger of a back lash from customers.

I wish that at least now RBI assumes accountability for safe e-banking and ensure that the future of Digital India is not endangered.

Naavi