Fatca Ides Technical Faqs

FATCA IDES Technical FAQs

General Questions

A1. What is the International Data Exchange Services (IDES) system?

System that allows IRS to exchange tax payer information with foreign tax authorities. An

overview of data transmission to the IDES system is currently available on the IRS website

at FATCA International Data Exchange Resources and Support Information (IDES).

Updated: 02-20-2015

A2. What is the International Compliance Management Model (ICMM) system?

System that allows IRS to send/receive, process, store, and manage FATCA data received from

various sources to support needed compliance activities.

Updated: 02-20-2015

A3. What is the difference between an IDES Alert and an ICMM Notification?

IDES issues email alerts via unsecured, plain-text email and they contain information about the

transmission processing within the IDES system. An ICMM Notification is a “transmission” file

archive that contains encrypted documents that are sent from the United States Internal

Revenue Service (IRS) to a Foreign Financial Institution (FFI), direct reporting non-financial

foreign entity (NFFE), or Host Country Tax Authority (HCTA) in response to the transmission of a

FATCA Report submitted on the Intergovernmental FATCA XML Schema or the paper Form

8966.

Added Dated: 05-08-2015

A4. What is the frequency of IRS request for information on recalcitrant accounts?

The transmission can occur on the ad-hoc basis as HCTA receives the information from FFIs, or

the HCTA can provide a single submission at or before the submission date and time as

specified in the IGA. This applies to all jurisdictions.

A5. What is IRS expectation for HCTA response to request for information on recalcitrant

accounts?

Standards for request and/or response to information requests are defined in the IGAs and the

Competent Authority Arrangement (CAA).

Updated: 02-20-2015

A6. What are IRS standards for HCTA data validation on recalcitrant accounts through the

FATCA XML schema?

All data provided should fully comply with FATCA XML schemas posted on IRS.gov. The schema

user guides describe fields that are mandatory for FATCA reporting.

Updated: 02-20-2015

A7. How can HCTA and FFI obtain information as to system development progress and status?

The IRS publishes this information on the FATCA site on IRS.gov making it universally available

at the same time. Additionally, users can subscribe to the FATCA newsletter for updates on the

latest IRS news, guidance, regulations and other public information related to FATCA.

Updated: 02-20-2015

A8. What types of technical support will be present during integration testing? How will the

HCTAs, direct reporting NFFEs, and FFIs report issues with integration testing back to the IRS?

The IDES vendor will provide help desk support under their contract with the IRS during testing

to address technical issues related to the use of IDES. For testing related issues, the IDES Help

Desk can be reached at [email protected]. If you have any particular issues related to

data preparation, you can submit an email to [email protected].

Updated: 06-08-2015

A9. What is the protocol for HCTAs to contact the IRS with technical issues or questions

regarding IDES?

The IDES vendor will be responsible for resolving technical issues or questions regarding IDES.

The IDES Help Desk can be reached at 1-800-613-IDES (4337), 605-271-0311, or via email at

[email protected].

Updated: 02-20-2015

A10. What is the protocol for HCTAs to contact the IRS with issues or questions regarding

reporting requirements?

The HCTA should direct questions regarding reporting requirements to the United States

Competent Authority.

A11. When can I enroll to use IDES?

The IDES enrollment site is now open and can be accessed at IDES Enrollment. For HCTAs, once

you receive your enrollment letter from the IRS, it will include HCTA-specific instructions to

enroll.

Updated: 02-20-2015

A12. Does an HCTA need to get a GIIN?

No, GIINs are specific to Financial Institutions, Direct Reporting NFFEs, and sponsoring entities.

However, when an HCTA enrolls, they will receive a FATCA Entity ID Number, which resembles a

GIIN. For example, the FATCA Entity ID Number of the IRS is 000000.00000.TA.840.


A13. Will an API or standalone application be available to assist with data preparation?

IDES will not be providing an API or application for data encryption and transmission. The file

format has been described and the file preparation guide has been published on IRS.gov to

assist users. There are currently samples of Data Preparation code available on GitHub in the

IRSgov repository.

Updated 07-14-2015

A14. I am a Sponsoring Entity located in a Model 1 IGA jurisdiction. I am responsible for

reporting on behalf of entities in Model 2 and non-IGA jurisdictions. When I attempt to enroll

in IDES the system rejects my enrollment as coming from a Model 1 IGA jurisdiction. How can

I use IDES as required to submit FATCA Reports?

Note: In order to be able to use IDES ahead of the June extended deadline for submission of

FATCA reports for Model 2 and non-IGA jurisdictions you will have to obtain your new GIIN by

May 21, 2015.

The IRS developed a process that allows you to use IDES. You will obtain a second GIIN that

reflects that you are located in a Model 2 or non-IGA jurisdiction.

1. Enter the IRS Registration Portal and create a new account.

2. Select the Financial Institution Type, Sponsoring Entity and click Next to continue.

3. Complete other questions and proceed to Part 1, Questions 3A-4.

a. Question 3: Select Financial Institutions Country of Residence, Other.

b. Question 3B: Enter your Financial Institution’s country/jurisdiction tax ID, if available.

c. Question 4: Select the Financial Institution’s classification in its jurisdiction of tax

residence, None of the Above.

4. Complete the application and other entries as you did originally.

After the approved GIIN appears on the FFI List, use the GIIN to enroll in IDES. Detailed

information on IDES enrollment process can be found at https://www.ides-support.com/.

Updated: 07-14-2015

A15. What are the differences between the FATCA XML Schema v1.0 and Form 8966 for

“rounding off to the whole currency amount”?

The general guidelines for rounding are the same in the instructions to Form 8966 and the

schema. In the instructions to Form 8966, you may round fractional currency amounts up (or

down) to the closest non-fractional (whole) currency amount. If you choose to round currency

amounts, you must round all currency amounts reported. The schema defines the format of the

money amount; it does not address the general accounting practices to round off to the whole

amount.

The schema allows whole numbers and decimal numbers with 2 fraction digits (e.g. 12345,

12345.76 and 12345.7 are valid amounts). If an amount has more than 2 fraction digits, the

amount will be invalid (e.g. 12345.768 is invalid amount).


System Availability and Design

B1. When will the IDES system be accessible for HCTA, direct reporting NFFE, and/or FFI use?

IDES is designed to be "always on" and available to receive files. The system will be unavailable

during planned maintenance periods. Generally, maintenance is performed on Saturdays

between 6 PM and midnight EST. Any additional outages will be announced on the FATCA

IRS.gov website.

Updated: 07-14-2015

B2. What methods of file transfer are available for the IDES system?

The IDES system is intended to support both SFTP and HTTPS transfers.

B3. Is the IDES system IPv6 compatible?

No, IDES will be IPv4 compatible only at the current time. Information about IPv6 compatibility

will be published at a later date.

B4. What information will be contained in the IDES Alerts?

Information on IDES Alert Codes.

B5. What information will be contained in the ICMM Notifications?

Information on ICMM Notifications can be found on IRS.gov at IRS FATCA Report Notifications.

The IRS has recently published a user guide containing information on ICMM Notifications.

Updated: 03-03-2015

B6. How does an entity enroll for a testing window?

First, they need to be an enrolled user of IDES. When a testing window has been identified, all

enrolled users will receive an email notifying them of the window as well as instructions for

signing up for that specific window. Additional information regarding testing can be found on

the IRS.gov website.


B7. When will the IDES system be accessible for testing purposes?

The IRS conducts periodic testing of IDES. Dates for testing windows will be made available

atIDES Test Schedule.

Updated: 07-14-2015

B8. I have not received an expected email about IDES enrollment. Are there any known issues

related to this?

Please make sure that you're email spam filter will accept emails from the IDES enrollment site

(@ides-support.com). This is not only important for the enrollment email, but IDES Alerts.


B9. How do I enroll for testing?

All those that are registered users with IDES will receive an email that provides details for the

upcoming testing window. The email will include the start and end date of the window as well

as the URL for that specific window. If you are an enrolled IDES user, you will be enrolled in the

testing window.


B10. What is the URL for accessing the test environment?

The URL is different for each testing window. The URL will be included in the email to registered

IDES users alerting them of the upcoming test window.


Data Format and Structure

C1. What format should data be provided for the FATCA Report?

Data should be provided in the XML format, which complies with the Inter-governmental FATCA

XML schema as agreed by the International Community and published on the IRS FATCA web

site. See IRS Publication 5124 FATCA XML v1.1 User Guide.

C2. Is there a naming convention for files pertaining to IRS request for information on

recalcitrant accounts?

No, there is currently no naming convention required at this time. If there is a change to this

requirement, it will be published on the IRS FATCA web site.

C3. When will sample XML files related to FATCA submissions be available?

Sample XML documents for the FATCA NIL reports, sender metadata, and notifications have

been uploaded to the IRS.gov website and can be found at FATCA XML Schemas and Business

Rules for Form 8966. Additional sample XML packets are being developed and will be posted on

IRS.gov as soon as available.


C4. What is the format for sending metadata for file transfers to IDES (e.g., indicate a specific

sender / receiver)?

Information regarding the metadata schema is documented in the IDES Metadata Schema User

Guide, which can be found at IDES User Guide.

C5. Is the XML data based on UTF-8 character encoding?

Are there any restrictions on the range of characters that can be used? Yes, the FATCA XML

schema v1.1 was developed using UTF-8. Additional specifications regarding acceptable

characters can be found in the Competent Authority Arrangements.

C6. Is there a "not to exceed limit" on the size of the transmitted data file?

Is there a method to associate and/or merge files if transmission split due to size restrictions?

At the current time, the maximum recommended file size is 200MB compressed. There is

currently no method to merge files; this will be addressed at a later date if this becomes a

recurring need. There is no need to associate the files, all the information can be sent in as

many transmissions as needed.

C7. Within the XML schema, is the SendingCompanyIN data element used to determine the

origin of the file?

The IRS will not rely on the SendingCompanyIN data element to determine the origin of a file.

The Sender will be identified in the metadata that accompanies each IDES transmission.

C8. How will the DocTypeIndics reserved for testing purposes will be used in production and

test environments?

There is a 'test' Doc Type Indicator in the schema that corresponds to each production

indicator. It is expected all partners will make use of the 'test' doc type indicators during testing

periods. The sender should not send data with ‘test” doc type indicators to IDES in production.

Test data should only be transmitted to the test environment during test window.

Updated: 04-08-2015

C9. How will the IRS handle updates to the XML schema? Will the system still be able to

accept older versions of the schema or will prior years' files need to be updated to the current

schema version?

The IRS will publish information regarding updates to the schema on IRS.gov. The methods for

handling multiple schema versions will be published as soon as possible.

Updated: 03-03-2015

C10. If an individual has only received certain payment types, should the other payment types

be listed with a zero amount or should they be omitted from the report for that individual?

If an individual has not received a particular payment type, zero amount is acceptable. If a

particular payment type is not relevant to the individual, it is preferred that the information be

omitted.

C11. What is the procedure for FFIs, direct reporting NFFEs, and HCTAs to verify test data

prior to the launch of IDES?

The IRS will send Notifications regarding the submission of test files in the same way as in the

production environment. If additional questions are generated after receiving a Notification,

feel free to contact the IRS at the number indicated on the Notification.

Updated: 03-03-2015

C12. Can an HCTA create its own standard numbering format for the MessageRefID in the

FATCA XML Schema for its financial institutions to use?

Yes. The only requirement is that the field be unique for each sender for the lifetime of the

system and that it not exceed the maximum length of 200 characters.

Updated: 06-22-2015

C13. What is the difference between corrected, amended and void files?

'- Corrected Data (FATCA2) is used for records being re-transmitted after the IRS has notified

the sender of a problem with the file or underlying data. Corrected Data should ONLY be used

when responding to an IRS request to correct the data.

-Amended Data (FATCA4) is used to amend a record(s) previously transmitted to, received and

processed by the IRS, but is later found to contain erroneous information.

-Void Data instructs IRS to disregard previously-filed records when data needs to be re-

transmitted. Please see IRS Pub 5124 for specific scenarios where this would be required. The

original records should be re-transmitted with code FATCA3 which instructs IRS to void the

original transmission. After voiding records, the revised records should then be transmitted to

IRS with code FATCA1 as New Data.


C14. When submitting a file with amended or corrected entries, what should be included in

the MessageRefId field?

The MessageRefId should be a unique identifying number for the new file that includes the

updated entries. The CorrMessageRefId should be the MessageRefId of the original file

submission.

Updated: 06-22-2015

C15. How can HCTAs and filers ensure that the DocRefID they are using is unique across all

reporting FIs ?

The DocRefID data element should be a unique identifier of a correctable item across all

reporting financial institutions and reporting periods. To ensure the identifier is truly unique,

the IRS will be requiring the following format rule for creation of the DocRefID beginning

October 1, 2015. Until that time (i.e. for files submitted up through September 30, 2015), the

IRS will accept DocRefIDs that comply with either the old DocRefID or this new format. This

transition period will allow those who want to begin using the new DocRefID rules to begin

using them now to ensure uniqueness amongst FFIs, but it will not force those who prefer to

continue using the old DocRefID rules to adopt the new rules until October 1, 2015.

• The data format is <reporting FI GIIN><period character (.)><unique value across all time for

the reporting FI>

• The first part – <reporting FI GIIN> is the GIIN for the reporting FI associated with the

reporting group

• The second part is a period character (.)

• The third part – <unique value across all time for the reporting FI> is an identifying value for

the referenced record that is unique within the reporting FI for all time. Use of a GUID is

recommended but not required.

This element should contain at least 21 characters, which includes the first part – reporting FI

GIIN, the second part – period character (.), and at least one alphanumeric character to

represent the third part. The maximum length of DocRefID is 200 characters.

DocRefID Examples:

S519K4.99999.SL.392.12291cc2-37cb-42a9-ad74-06bb5746b60b

127BM7.00001.ME.124.406abc8a1830490e847890ba3b13a646

Updated: 06-22-2015

C16. Are there any characters that are not allowed due to XML syntax rules and should be

avoided in submitted XML documents?

Use of the ampersand (&), greater than (>) and less than (<) symbols as element values are

prohibited since they are not allowed by XML syntax rules and will cause the transmission to be

rejected with a failed schema error notification. Replacing the characters with an entity

reference will still cause a rejection.

Updated: 01-14-2015

C17. Are there any characters that pose a security threat and should be avoided in submitted

XML documents?

Use of the apostrophe (‘), double dash (--), quotation mark ("), and hash (#) symbols are

prohibited as they can be used in a security threat and will cause the transmission to be

rejected with a failed threat detection error notification. Replacing the characters with an entity

reference will still cause a rejection.

Updated: 06-02-2015

C18. Can the restricted characters be included in escaped portions of the file (i.e. comments)?

Yes. Inclusion of any restricted characters will only cause a rejection if they are within the XML

data elements. Restricted characters in escaped portions of the file, i.e. comments, will not

cause a rejection.


C19. Which users are permitted to submit pooled reports? What is the procedure for

submission of these reports?

Pooled reports may not be submitted by HCTAs with respect to FIs in Model 1 jurisdictions. Pool

reports may be submitted by FIs in Model 2 and Non IGA jurisdictions. Pooled reports are

submitted using the same method as account reports. Pooled reports can be submitted using

the FATCA Schema and by selecting pooled report in the reporting group.


C20. Which users are required to submit a Nil report? What is the procedure for submission

of these reports?

Only Direct Reporting Non-Financial Foreign Entities (NFFEs) are required to submit nil reports.

For all other entities, submission of nil reports is not mandatory and submission of these

reports is optional. While nil reporting might not be required by the IRS, it might be required by

the local jurisdiction. Please check with your local tax administration. Nil reports that are

submitted must provide Reporting FI information. The report contains Reporting Group, but it

does not contain any account reports or pooled reports. Reporting group can be empty or can

contain Sponsor or Intermediary information.


C21. We're receiving a Notification that there are restricted characters in our file but when

we check the FATCA XML Schema (Form 8966) we don't find any. What is wrong?

The IRS has noted that some signature tools may insert illegal characters in the KeyInfo element

when generating a signature. If so, the KeyInfo element should be removed before submitting

the package. The package will validate without it. Also check the updated guidance around

restricted characters, referenced in FAQ C17. There has been recent change in the guidance and

apostrophes, even in entity reference form, will cause a Failed Threat Detection Notification.

Updated: 07-14-2015

Data Transmission

D1. What are the procedures for sending files to IDES and/or ICMM systems?

All files will be submitted through IDES. IDES supports transfers through HTTPS and SFTP.

Specific operational procedures for data preparation are documented in the IDES User Guide.

D2. What are the procedures for sending metadata for files to IDES?

Metadata files needs to be included in the transmission file submitted to IDES. Specific

operational procedures for sending metadata files are documented in the IDES User Guide.

Additionally, a sample metadata XML file can be found at FATCA XML Schemas and Business

Rules for Form 8966.

D3. Will requests from the IRS for information on nonconsenting U.S. accounts and

nonconsenting nonparticipating FFIs be transmitted via email?

No, all IRS requests for information will be transmitted via IDES. Format of the message

exchange between IRS and HCTA will be via PDF

Updated: 03-03-2015

D4. Will IDES be used for transmitting the ICMM notifications?

Yes, IDES will be used as the transmission path for ICMM Notifications. A message type in the

metadata will be used to distinguish Notifications from FATCA Reports.

D5. How will reciprocal data from the IRS be sent to an HCTA and in what format?

The data will be sent through IDES. The format of the XML specification is the same as the Form

8966 XML schema published on the IRS website and can be found in the IRS Publication

Intergovernmental FATCA XML Schema v1.1.

D6. How will the HCTA notify IDES of outages of their systems that will be receiving data?

The HCTA should direct information regarding system outages to the United States Competent

Authority.

D7. What is the procedure for sending corrected and/or amended data to receiving HCTA?

Will the resubmission need to include only the corrected / amended entries or will the entire

report need to be resubmitted?

Procedure for submitting corrected or amended data will be the same as the submission of a

new report. Specific operational procedures for data preparation are documented in the IDES

User Guide. The resubmission will only include the corrected / amended entries, with a

reference to the original report. Please refer to the FATCA XML User Guide for preparing

corrected or amended reports.

D8. What required data validation should be done on the FATCA Report data prior to being

submitted to IDES?

The FATCA Report data XML file must be validated against FATCA XML schema published on IRS

site. IRS Publication 5124 FATCA XML v1.1 User Guide contains all information required to

ensure data is valid within the report. The User Guide outlines which fields are mandatory as

well as specific business rules for each data element.

D9. I uploaded a FATCA Report to IDES 3 days ago. I received an Alert from IDES via e-mail

that my file was successfully uploaded, but I have not received a Notification back from the

IRS about the status of my FATCA Report. What could be wrong?

The IDES alert of a successful upload is information about the transmission of your file. IDES

alerts cannot provide information about the receipt and processing of your files by IRS ICMM.

The IRS should issue an ICMM Notification for every FATCA Report that is successfully

transmitted through IDES letting you know the status of your FATCA Report. You should always

receive a Notification within 24 hours, and in most cases within a few minutes, of the IRS ICMM

system receiving your file. However, the IRS has identified specific instances during testing

where ICMM Notifications are not issued to filers when certain errors are present. In addition,

the IRS has identified circumstances in which filers did not download their notifications before

the 7 day retention period expired, and these notifications were deleted and are no longer

available for download. The IRS is working to address and resolve these issues.

In the meantime, there are a few things you can do to maximize your ability to receive

notifications sent to you, and to determine whether a notification has been sent to in response

to your file. These are as follow:

• First, make sure that e-mail alerts from IDES are not blocked as SPAM by your own e-mail

system. Your e-mail system may have deleted it or may have sent it to you SPAM inbox. If

you have been sent an alert that a notification is present, but the alert email is blocked you

may never be aware of the notification’s availability for download.

• Second, make sure your IDES User Profile is configured to allow IDES to send you e-mail

alerts, including those regarding notifications. There is a box that can be set to either send or

not send you email alerts. If you would like to receive email alerts, including those about

notifications, make sure it is set to send e-mail alerts.

• Third, check your IDES inbox over the next 24 hours following the upload of your file to IDES

to determine whether there is a Notification waiting for download. Even if you have not

received an e-mail Alert, the Notification could still be in your folder ready for download.

After seven days the notification will automatically be deleted from the system.

If you have checked your folder in IDES and there is no Notification present after 48 hours or

longer since your file was uploaded successfully, an error types which is suppressing a

notification from being sent may have been detected on your file. A few things to check that

may help include the following:

• Making sure the digital certificate you are using for signature and encryption for FATCA data

has not expired or been revoked by your Certificate Authority.

• Also, you should double check the Metadata XML file that is part of your data packet, to

ensure all of the mandatory data elements are correct. In particular, please make sure that

FATCAEntCommunicationTypeCd is set to “RPT”, and that the TaxYear is set to “2014.”

• Make sure all of the entries are correct. Did you indicate you were submitting a FATCA

Report? Did you select the correct tax reporting year (it should be 2014)? Etc.

After you’ve checked these items, you should resubmit your file.

Updated: 05-08-2015

D10. What if I have mistakenly submitted my FATCA Report production files to the FATCA

Report test environment?

It is possible that you submitted your FATCA Report production files to the FATCA Report test

environment instead of to the FATCA Report production environment. Any production files that

are submitted to the test environment will not be processed and will need to be re-submitted

to the production environment. Please do not submit production files to the test environment.

In addition, please do not submit test files to the production environment.


D11. We're receiving an alert that there are too many files in package (RC026). What is

wrong?

The data packet to be transmitted is an archive in .ZIP file format. For Model 1 and 2 IGAs, this

packet should include 3 files (FATCAEntitySenderId_Metadata.xml, FATCAEntityReceiverId_Key,

and FATCAEntitySenderId_Payload). For Model 1 Option 2 IGAs, the packet should have 4 files,

all of those mentioned previously plus the HCTAFATCAEntityId_Key. You are receiving RC026

because for your respective jurisdiction, there are more than the 3 or 4 files in the data packet.


D12. Can we get individual confirmation that our files were received and approved by the

IRS?

This will be done via the notifications. The Interim Valid File Notification (NIM) indicates that

the file is in a valid format. This notification should be received within 24 hours of receiving

Alert RC001 (indicating file was successfully uploaded to IDES). Once record level validation is

functional, further communication will be sent if errors are detected during record processing.


D13. I uploaded a FATCA Report to IDES 3 days ago and have not received a notification about

the status of my FATCA Report. Does the XML format cause a problem?

The IRS has identified a specific scenario where notifications are not issued to filers when

certain errors are present. A possible cause for a missing notification is XML that is not

formatted and is contained on one continuous line. In this scenario, you can reformat the XML

into an acceptable format using a variety of online tools, such as XML Pretty Print. The correctly

formatted version of the XML can be resubmitted in a new data packet.


Data Encryption and Security

E1. What type of data encryption should be used prior to XML data transmission?

A digital signature shall be applied to XML and Notification files, referred to hereafter as data

files. FATCA digital signatures use the SHA-256 hashing algorithm in conjunction with the

private key for the sending party who will upload the file to IDES. The private key corresponds

to the public key (RSA 2048-bit) that is stored on IDES. Following the creation of a digital

signature and compression, the data file is encrypted using the AES algorithm and a randomly

generated 256-bit key. The AES key is stored in a separate file and encrypted using the receiving

party's public key, which is obtained from IDES. Both the data file and the key file shall be

combined into a single zip file along with a separate metadata file for transmission to IDES.

Updated: 07-14-2015

E2. What encryption standard will be implemented on the transmission path?

For the IDES web user interface, the user connects using a web browser and the HTTPS

protocol, which in turn utilizes Transport Layer Security (TLS 1.2) to protect sensitive data

during electronic dissemination across the Internet. Alternately, the end user can interface with

IDES using SSH File Transfer Protocol (SFTP) which is based on Secure Shell (SSH) version 2.0 or

higher.

Updated: 07-14-2015

E3. How will passwords and public keys be controlled for data transmission to IRS?

The public key of the IRS for the users will be available through IDES. Each user will have a

unique password.

Updated: 06-02-2015

E4. Who is responsible for data transmission security via encryption?

Each user, to include both HCTA/FFIs and IRS, will connect to IDES using a secure transmission

protocol and an encrypted session. More information can be found in the IDES User Guide.

E5. What type of data encryption is used for reciprocal data sent to a HCTA?

The encryption tools and processes are the same regardless of the direction of the

transmission.

E6. What are the requirements for digital certificates?

During the FFI, direct reporting NFFE, and HCTA enrollment process, the digital certificate must

be uploaded to the IDES website. IDES accepts eight digital certificate products from seven

Certificate Authorities (CAs). A list of acceptable certificate authorities and products can be

found at Digital certificates.

Updated: 07-14-2015

E7. Can the AES 256 key be re-used for subsequent data transmissions or does the key have

to be different each time?

The AES key must always be considered a “one time use” key. Software of the IDES User Guide

in response to inquiries regarding data preparation.

E8. Can the IRS provide additional detail regarding proper preparation of data for submission

to IDES?

The IRS will continue to update the FAQ and the data preparation section of the IDES User

Guide in response to inquiries regarding data preparation.

There are currently samples of Data Preparation code available on GitHub in the IRSgov

repository.

Updated: 05-08-2015

E9. Who needs to obtain a digital certificate?

A digital certificate is required to complete the FFI, direct reporting NFFE, and HCTA enrollment

process for IDES. Only the entity that prepares an encrypted file and uploads it to IDES needs to

obtain an account on IDES, and therefore needs to obtain a digital certificate. The private key

used to sign the XML file must correspond to the public key in the digital certificate used to

enroll in IDES.

Updated: 07-14-2015

E10. Can a digital certificate be shared by multiple organizations?

A digital certificate is issued to a single organization. The digital certificate contains a public key.

Sharing of the corresponding private key between organizations is a poor security practice and,

as such, it is strongly discouraged.


E11. If an FFI is submitting on behalf of other FFIs (i.e. a parent company submitting for its

subsidiaries), does each entity need a certificate, or only the entity submitting the file?

Only the submitting entity needs to have a certificate.


E12. How does an organization obtain an SSL certificate if it does not have a Fully Qualified

Domain Name (FQDN)?

Of the digital certificate products which IDES will accept, there is one that is not an SSL

certificate and therefore does not require the organization to have a FQDN. More information

may be found athttp://identrust.com/irs/fatca/index.html.

Updated: 03-03-2015

E13. Is the use of ides-gateway.com or ides-support.com an acceptable FQDN for obtaining a

digital certificate for IDES?

No, the FQDN in question is the entity's FQDN, not the IDES FQDN.


E14. If an entity has multiple domain names (e.g. different in each country, fund domain

name vs. company domain name, etc.), is there any guidance on which domain name should

be used for obtaining the certificate?

Whichever organization is planning on doing the actual filing, is the only organization that

requires a certificate and that is the one whose domain name should be used for the

certificate..

Updated: 06-22-2015

E15. I read in a recent cybersecurity blog that there is a concern the encryption standards

being used for FATCA data are no longer current. Is this correct?

No. The encryption process used to protect your FATCA data was assessed by the IRS prior to

granting FATCA-related information technology systems the authority to operate. The IRS also

assessed a number of security controls which are documented in NIST Special Publication 800-

53 Revision 4. The IRS would not have approved IDES for use in transmitting tax information

otherwise.


E16. During testing, we have experienced issues with decrypting the notification file. Are

there any lessons learned or best practices that you can share?

The IRS is currently developing information on variety of methods that can be utilized for

decrypting the notification file. There are currently samples of OpenSSl commands for

decrypting notifications on GitHub in the IRSgov repository.

Updated: 05-08-2015

E17. During testing, we have experienced issues with decrypting the notification file. Are

there any lessons learned or best practices that you can share?

The IRS has posted a variety of different methods for decrypting notifications on Github in the

IRSgov repository.

Updated: 06-22-2015

IDES Use for Entities Not Required to Obtain a GIIN

F1. How do I submit the FATCA XML Schema if I am a U.S. Withholding Agent (USWA),

Territory Financial Institution (TFI), third party preparer, or other entity that is not required to

have a GIIN?

Certain entities, such as USWAs, TFIs, or other third party preparers (not sponsoring entities)

submitting information on behalf of another entity, are not required to register or to obtain a

GIIN and, therefore, should not do so. USWAs, TFIs, and other entities that are not required to

have a GIIN (“non-GIIN filers”) must follow the procedure, below, in order to obtain a FATCA ID

number (FIN) that they will use in lieu of a GIIN to enroll in and use IDES (including submitting

an Intergovernmental FATCA XML schema v1.1 (electronic Form 8966)).

The FIN, along with the associated identifying information that you provide, will be treated as

return information by the IRS. This FIN and the associated information provided will be used by

the IRS to validate the non-GIIN filer’s IDES enrollment and submission of files via IDES and for

other FATCA purposes. The FIN, but not the associated information (such as your name), will

be published on the Foreign Financial Institution (FFI) List to facilitate the IDES enrollment and

your submission of files via IDES. For more information about the FFI List, see IRS FFI List FAQs.

Your published FIN will be accompanied by a generic name (e.g., “U.S. Withholding Agent 1”) on

the FFI List, and publication of your FIN on the FFI List does not change your status for FATCA

purposes. That is, having your FIN published on the FFI List does not make you an FFI, and the

FIN does not serve any function related to withholding tax on payments under FATCA.

Note: In order to request a FIN, you must consent to the IRS’s publication of the FIN on the FFI

List because the FIN is return information. Visit the IDES Resources page for more information.


F2. How do I complete the FATCA XML Schema if I am a U.S. Withholding Agent (USWA) or

Territory Financial Institution (TFI)?

If you are a USWA or TFI, you complete the FATCA XML Schema in the same manner as if you

were a “ReportingFI”. In the “TIN” data element, make sure to use your U.S. EIN (or, if you are

a TFI that does not have a U.S. EIN, use the EIN used by the relevant U.S. territory tax

administration to identify the TFI).

Note: For additional information, please read FAQ Q2 under the “Reporting” section on the

General FAQ page.

Updated: 07-14-2015

F3. How do I complete the FATCA XML Schema if I am a third party preparer or other entity

that is not required to have a GIIN?

If you are a third party preparer (not a sponsoring entity) or commercial software vendor and

you are submitting the FATCA XML Schema on behalf of another entity (or on behalf of several

other entities), enter your FIN, which you obtained to enroll and use IDES, in (1)

“SendingCompanyIN” data element in the FATCA XML Schema Message Header and (2)

"FATCAEntitySenderID" data element in the FATCA XML Metadata Schema.

Note: For additional information, please read FAQ Q2 under the “Reporting” section on the

General FAQ page.

Updated: 07-14-2015

F4. Does IDES validate that a third party is authorized to submit on behalf of an FI?

No, IDES does not perform a validation.


F5. When a third party prepares the package, do they use their own digital signature or the

digital signature of the entity for whom they are preparing the package?

As the entity performing the actual submission, the third party would use their own digital

signature.


F6. If a third party submits a package on behalf of an FI, who would receive alerts and be able

to download notifications related to the payload?

The entity that submits the package will receive the alerts and notification.


F7. I am a third-party tax preparer. The tax authorities in my country have indicated they

have elected Model 1 Option 2 for FATCA Reporting. How may I enroll to use IDES to transmit

FATCA reporting information?

You can request a FATCA Identification Number (FIN) to enroll in IDES and submit FATCA

Reports. If you are reporting information to a Model 1 Option 2 (M1O2) jurisdiction, you MUST

obtain a FIN where the last three digits correspond to the ISO Country Code for the M1O2

jurisdiction. If you are reporting on behalf of other jurisdictions, you should obtain a second

FIN with the jurisdiction code of ‘Other’ to report for those other jurisdictions.

Please consult your local jurisdiction to determine if it has elected Model 1 Option 2 for FATCA

reporting. Review the IDES Resources and FIN web pages for information about how to obtain a

FIN and enroll in IDES.


F8. I am a third-party tax preparer located in a Model 1 IGA jurisdiction. I am responsible for

reporting on behalf of clients in Model 2 IGA and non-IGA jurisdictions. I obtained a FIN but

IDES will not accept my enrollment. How can I enroll in IDES?

The general rule for FATCA is that reporting entities in Model 1 IGA jurisdictions do not report

directly to the IRS, but instead report directly to their host country tax authority. IDES follows

the business rules of the IGAs. In order to use IDES to report you, need to request a FIN that

identifies your tax jurisdiction code as ‘Other’. Review the IDES Resources and FIN web pages

for information on obtaining a FIN and enrolling in IDES.

Added Dated : 07-14-2015

Documents

Fatca Ides Technical Faqs