8 minute read | Articles

Mar 2025

The Cayman Islands Tax Information Authority (the “TIA”) is responsible for monitoring compliance and taking enforcement action with regards to the Common Reporting Standard (CRS), pursuant to the Tax Information Authority Act (the “TIA Act”) and the Tax Information Authority (International Tax Compliance) (Common Reporting Standard) Regulations (the “CRS Regulations”, and together with the TIA Act, the “CRS Regime”).

In March 2023, the TIA updated the Enforcement Guidelines: Common Reporting Standard1 (the “CRS Enforcement Guidelines”) and these CRS Enforcement Guidelines specifically set out the TIA’s core objectives along with the process for taking enforcement action against corporate bodies or individual and the administrative penalties regime of the CRS Regulations. The core objective of the TIA under the CRS Regime and CRS Enforcement Guidelines is to provide ongoing compliance monitoring and enforcement function, ensure that accurate data and information is collected, reported and exchanged with the various relevant international authorities to demonstrate the Cayman Islands’ adherence and commitment by effective implementation of the CRS regime.

Entities which are classified as “Financial Institutions” (FIs) have direct obligations under the CRS Regime, including the obligation to register as an FI with the TIA, appoint a Principal Point of Contact (PPoC) and Authorising Person, maintain written policies and procedures which address the requirements of the CRS Regime, conduct due diligence on account holders, identify reportable accounts, undertake reporting and complete an annual CRS declaration form.

The Functions of the TIA

Section 5 of the TIA Act sets out the principal functions of the TIA, which include but are not limited to:

  • monitoring compliance with the TIA Act and the CRS Regulations;
  • enforcing the TIA Act and the CRS Regulations made under the TIA Act and investigating a person where the TIA reasonably believes that the person is or has been in breach of the TIA Act and/or the CRS Regulations;
  • performing such other functions as may be prescribed under the TIA Act or any other Law; and
  • examining, by way of scrutiny of returns, on-site inspections or audit reports, or in such other manner as the TIA may determine, the affairs or business of any person.

These functions allow the TIA to operate and exercise their powers to ensure compliance with the TIA Act and the CRS Regime.

CRS Inspections

The TIA is focused on ensuring the effectiveness of the CRS Regime and has now begun conducting CRS inspections of selected FIs. These CRS inspections may be desk based and/or onsite and will assess the FI’s effective compliance with its obligations under the CRS Regime.

The TIA Criteria and Procedure for Imposing a Penalty

Pursuant to regulation 24 of the CRS Regulations, the TIA has the authority to impose a penalty on a corporate body or on an individual for an offence. In accordance with regulation 25 of the CRS Regulations, when deciding whether to impose a penalty or its amount the TIA will consider the following criteria:

(a) the need to ensure strict compliance with, and to penalise and deter contravention of, the CRS Regulations;

(b) the nature, seriousness and consequences of the contravention;

(c) the apparent degree of the party’s inadvertence, intent or negligence in committing the contravention;

(d) the party’s conduct after becoming aware of the contravention, including, for example —

(i) whether and how quickly the party brought the contravention to the TIA’s attention; and

(ii) the party’s efforts to remedy the contravention or prevent its recurrence; and

(e) the party’s history of compliance with the CRS, in the Cayman Islands or elsewhere, of which the TIA is aware.

The TIA will also consider other matters which it thinks may be reasonable, such as the submissions and representations made to the TIA by the FI. In the consideration of the TIA on whether the TIA will impose a penalty or its amount, it should be noted that the criteria and matters prevail over any issues concerning the party’s resources or ability to pay.

The TIA may impose a Primary Penalty pursuant to regulation 24 of the CRS Regulations, and, subject to complying with regulation 28 to 31, the TIA also has the power to penalise corporate bodies and individuals forming part of an unincorporated FI for offences against Part 3 of the CRS Regulations.

Non-compliance with the TIA Act and CRS Regulations will result in administrative penalties being imposed by the TIA under the CRS Regime. However, the TIA must follow the procedure outlined under regulation 24 of the CRS Regulations, subject to complying with regulations 28-31 of the CRS Regulations in order to impose an administrative penalty.

Penalty Amounts

The TIA may impose penalties as follows:

a) KYD$50,000 or US$60,975:

i) for an offence by a body corporate; or

ii) for an offence by an individual who forms, or forms part of, an unincorporated Cayman FI; or

b) otherwise, KYD$20,000 or US$24,390

Breach Notice

A Breach Notice will always be issued before a Primary Penalty Notice. The Breach Notice will include the party’s name, proposed penalty and reasons, relevant facts, proposed amount, and a minimum 60-day response period. It may also outline steps to remedy the breach, noting if these have already been taken. The extent of remediation will influence the decision to issue a Penalty Notice and its amount.

The TIA will review any responses and reconsider the proposed action and penalty amount, which cannot exceed the initial proposal. The TIA may revoke, confirm, or reduce the penalty. If no response is submitted by the deadline, the Primary Penalty stands without reconsideration.

Penalty Notice

A Penalty Notice will include the party’s name, the penalty amount, the reasons for the penalty, a statement that the penalty will become a debt to the Crown after 30 days, and information about the right to appeal the decision within 60 days. The notice will also reference the same compliance reference as in the Breach Notice.

Continuing Penalty Notice

A Continuing Penalty of up to KYD$100 per day may be imposed where a Primary Penalty has been imposed and not stayed, the contravention remains un-remedied, and the party is capable of remedying the contravention. Regulation 24(3) clarifies that lack of funds or reliance on an agent does not excuse the party from remedying the contravention. A further Breach Notice is not required to be sent prior to a Continuing Penalty Notice being issued.

Service of Notices

Notices will be sent via email to the PPoC of the FI based on the information registered on the DITC Portal. If the PPoC is unavailable, the notice is sent to the Authorising Person. If both are unavailable, the notice goes to the FI’s Registered Office.

For individuals, notices are served electronically when possible, or otherwise in any other way that a summons may be served under the Criminal Procedure Code.

Offences

In the event that the TIA Act and Regulations are contravened, Cayman FIs and their directors or equivalent fiduciaries, as applicable, risk committing various offences. It is important to note that prosecution against a person for an offence (whether or not a conviction resulted) precludes the imposition of a penalty against that person for the same offence, but not vice versa, i.e. the imposition of an administrative penalty does not preclude a criminal prosecution for the same offence (see 2.7 of the CRS Enforcement Guidelines).

The range of offences is extensive and the penalties and fines associated with a breach are significant – up to approximately US$60,975 for an offence committed either by corporate bodies or an individual who forms part of an unincorporated Cayman FI; or otherwise, approximately US$24,390 for a Primary Penalty2. The TIA may also impose a daily default fine of US$122 (a Continuing Penalty) where a Primary Penalty has been imposed and the contravention has not been, but is capable of, remediation. It is to be noted that limitation periods are applicable. The TIA may not impose a Primary Penalty for another offence under Part 3 of the CRS Regulations after the earlier of (a) one year after becoming aware of the breach, or (b) six years after the breach occurred (see 2.8 of the CRS Enforcement Guidelines).

Further, a Cayman FI commits an offence inter alia if, in purported compliance with Part 2 of the Regulations (dealing with application of the CRS), the FI gives the TIA information that is materially inaccurate (the “act”) and (i) the institution knew of the inaccuracy when the act was done, (ii) in doing the act behaved fraudulently, intentionally, negligently or recklessly; (iii) in doing the act, contravened its policies and procedures under Regulation 7; or (iv) discovered the inaccuracy after doing the act, but did not notify the TIA about the inaccuracy as soon as practicable after making the discovery.

The CRS Regulations provide for imputed offences: if a Cayman Islands FI commits an offence, all directors, managers and secretaries, and other similar officers to any such office whatever called, are also guilty of the offence. However, it is a defence for the defendant to prove that the defendant exercised reasonable diligence to prevent the contravention.

Appeals

Penalties may be appealed to the Court and appeals must be made within 60 days after receipt of the penalty notice issued by the TIA, or any later period the Court allows. The appeal acts as a stay of proceedings and the TIA cannot, without leave of the Court, enforce the penalty or interest thereon until completion of the appeal. It is to be noted that interest accumulates on a penalty while any part of the penalty continues to be unpaid (see Regulations 34 and 35).

The Court may either affirm, set aside or vary the decision appealed against, or set aside the original decision and remit the matter to the TIA for it to reconsider with directions the Court considers fit.

In accordance with Regulation 24(4), a penalty becomes a debt owing to the Crown 30 days after the penalty is imposed. Debts owing to the Crown will be collected in accordance with Cayman Islands Government debt collection procedures.

Case Law

There are currently no decided applications in this developing area, although we do anticipate contested applications as FIs navigate more active enforcement by the TIA.

Compliance and understanding the enforcement function of the TIA to ensure FIs comply with the obligations in the CRS Regulations is important; failure to do so can lead to substantial penalties. Conyers Regulatory & Risk Advisory team have been actively assisting a number of FIs with CRS remediation and advising on Breach Notices and appealing Penalty Notices. Please contact our Regulatory & Risk Advisory team if you have any questions.

1Enforcement Guidelines: Common Reporting Standards (CRS) Version 1.4 issued March 2023.
2Offences committed under Part 3 of the CRS Regulations, for example false self-certification or tampering.

Authors

Róisín Liddy-Murphy

Partner, Head of Regulatory & Risk Advisory (Cayman)

British Virgin Islands, Cayman Islands

T +1 345 814 7371

LinkedIn | vCard

Sarah Howie (Farquhar)

Counsel

Cayman Islands

T +1 345 814 7780

LinkedIn | vCard

Tonicia Williams

Senior Associate

Cayman Islands

T +1 345 814 7356

LinkedIn | vCard

Daniella Carrazana

Associate

Cayman Islands

T +1 345 814 7358

vCard

Related News & Insights

April 2025 | Newsletters

Regulatory & Risk Advisory Review: Cayman Islands – January to March 2025

Read More

April 2025 | Articles

Sunrise Radio Considered – Is a Debt-for-equity Swap Carried Out at an Undervalue Unfairly Prejudicial?

Read More

March 2025 | Articles

Beneficial Ownership Update

Read More

March 2025 | Articles

Cayman Islands: Legitimate Interest Access of Beneficial Ownership

Read More

February 2025 | Press Releases

Conyers Receives Top Rankings in Chambers & Partners Global Guide 2025

Read More

January 2025 | Newsletters

Conyers Coverage Issue 12

Read More
More News & Insights

Stay current with our latest legal insights and subscribe today

Subscribe