"The Tax Administration of Kosovo (TAK), considering the continuous need to identify the risks jeopardizing tax compliance, and also based on the International Monetary Fund’s (IMF) recommendations from August 2011, decided to establish the Unit of Risk Management. Initially, the unit had a leader and one staff member until September 2013, when the TAK management decided to set up the Division of Risk Management (DRM). Since then this division has been functioning within the Department of Modernization, Planning and Analysis.

Our goals are defined in our strategic documents: TAK Strategies for 2010–2015 and 2015–2020, and TAK Compliance Strategy 2012–2015. These documents were drafted with the full assistance of the International Monetary Fund (IMF) and other international organizations.

All our actions are based on the annual risk response plans (for 2012, 2013, 2014 and 2015) that are based on the above-mentioned strategic documents and that set out in detail all risk treatment actions, which are expected to improve taxpayers’ tax compliance.The annual risk response plans describe in detail how to treat the risks to achieve the highest effect on taxpayers’ behavior with less resources, and to design operation plans for carrying out the activities necessary for increasing tax compliance. The plans include key performance indicators to measure our success in achieving the goals and to evaluate the work of the staff directly engaged in compliance operations.

The Division of Risk Management (DRM) is responsible for managing compliance risks. In order to identify these risks, the DRM uses various information sources, both internal and external. Since its establishment, the DRM – although operating with a small number of staff – has managed to implement the OECD model for risk management, which serves as the basis for all of the DRM’s work: risk identification, risk analysis, priorities, risk treatment, and measuring and assessment of risk treatment. This process is repeated from year to year and adjusted to new circumstances or risks identified in the first stage of the process, followed by establishing a new self-correction process with the help of information and lessons received in the last two stages, and adjusting to new needs and demands.The general process described above is preceded by the taxpayer segmentation process and environmental factor analysis, external factor analysis (PEST analysis) and internal factor analysis (SWOT analysis). Our taxpayer segmentation is based on the following aspects: taxpayer type, enterprise type, taxpayer size, regions of operation, tax type and tax accounts, industry, economic sector, etc.

We operate on the basis of the DRM working methodology and the OECD model for risk management, and for each process we present the following results:

Risk Identification:

• Continuous identification of risks and change of approach of risk identification by tax type, resulting in identifying over 230 risks across three tax types: 80 VAT , 77 PIT and 77 CIT risks;
• Development and full operation of a new risk analysis software, which helps assess risks based on hundred parameters that draw on taxpayer segmentation;
• Identification of risks in at least two workshops held every year (2012–2014) with the operational staff;
• Identification of risks from multiple-type collection of data from both internal and external sources.

Risk Analysis and Prioritization:

• Creation of risk sheets (profile) for identified risks;
• Scoring of identified risks;
• Mapping of identified risks;
• General and detailed analysis of each tax type and tax account;
• Analysis of different areas and taxpayer segments in specific sectors;
• Analysis in line with the specific demands of the TAK management.

Risk Treatment:

• Drafting of TAK Compliance Strategy 2012–2015 and a risk treatment strategy;
• Almost all TAK activities in the field are based on risk assessment and treatment;
• Drafting of annual risk response plans for each year: 2012, 2013, 2014 and 2015. These plans include: approach methodology, environmental factor analysis (PEST and SWOT analysis), identified risks, risk response sheets, taxpayer communication plan, regional operational compliance plan, large taxpayer department plan, collection plan, plans for the supporting division ( IT, call center, etc.), and a plan for investigation unit within TAK;
• Development of the Automatic Assignment of Audits and Auditors (AAAA) software, which enables the DRM to assign audits and auditors automatically, and not only audits that are based on risk assessment but also particular auditors for particular audits based on the taxpayer profile and the auditor profile;
• Distribution of lists of non-compliant taxpayers in the regions as identified by the DRM after analyzing information from various internal and external sources.

Oversight, measuring and assessment of treatments:

• Development of the VKME software to measure and evaluate the activities in the field;
• Online monitoring of the implementation of the risk response plan with the VKME software;
• Preparation of detailed quarterly and annual reports (200 pages) on the implementation of the risk response plan and the results of actions for each treatment individually; measuring and assessment of activities and results in terms of quantity and quality; and issuing of recommendations in the end of each report;
• Assessment of special cases, whether arising from the risk module or from the lists of non-compliant taxpayers."

Agron shared his country's experience in implementing CRM when attending the learning course on modern approaches to tax compliance that we ran on May 12–14, 2015. The course was delivered as part of the Supporting Capacity Development of Tax Administrations in South East Europe project, primarily supported by the Dutch Ministry of Finance, Center of Excellence in Finance, International Monetary Fund, and Assistance Technique France (Adetef). The overall objective of the project is to contribute to strengthening of beneficiary institutions’ capacity in implementing the EU’s recommendations under which the revenue authorities can deliver tax compliance risk management.