Corporate Tax

Tax Risk Management & Control Framework for Corporate Income Tax

insight featured image
The Tax Risk Management & Control Framework for Corporate Income Tax is a voluntary compliance initiative introduced by the Inland Revenue Authority of Singapore in 2022.

What is the CTRM?

With a growing international emphasis on tax accountability, the IRAS has introduced the Tax Risk Management & Control Framework for Corporate Income Tax, also referred to as CTRM, for companies to voluntarily review their internal controls and risk management process.

By adopting this framework, companies can seek the IRAS’s confirmation that its internal controls are robust, leading to lower compliance costs for corporate income tax (CIT) matters.

The CTRM Framework

Companies must ensure that CIT controls are implemented at all three levels to be awarded the CTRM status.



Tax Governance Structure

Demonstrate that the Board and senior management have incorporated CIT risk management framework and policies and maintain an oversight over the entity’s CIT matters.

Entity-Level Controls

Enable the senior management to maintain effective oversight and adopt an effective risk management framework to identify, evaluate and manage CIT risks and compliance.

Tax Reporting Controls

Ensure the completeness and accuracy of the tax data extracted and compiled for CIT reporting, and the timeliness of CIT returns submission and response to IRAS enquires


Benefits of CTRM

Reduced compliance costs

Companies who are awarded the CTRM status will be granted a one-time waiver of penalties for the voluntary disclosure of Corporate Income Tax and Withholding Tax errors made within three years from the award of the CTRM status and a further three years upon renewal of the CTRM status.

Step-down on IRAS’s compliance audit

Additionally, IRAS will discuss with the company after the CTRM status has been awarded to identify the key tax risk areas or key CIT issues based on the company’s current business and structure. The review of these tax risk areas will be calibrated by the IRAS as part of its CIT compliance audit review for the next three consecutive Years of Assessment (YAs).


Application for CTRM status

The CTRM is a self-assessment on your existing work processes for CIT compliance matters. Upon completion of the self-review CTRM checklist, it must be reviewed by an accredited CTRM reviewer before submitting it to the IRAS for evaluation.

The CTRM status granted is valid for three years, after which, a renewal of the CTRM status will be required.

Pre-requisites for companies who wish to participate in CTRM:

  • Implemented key controls listed in the CTRM Checklist, scoring at least 60 per cent for each of the three levels covering the CTRM period.
  • Obtained an unqualified statutory auditors’ opinion for the last three years of financial statements.
  • Should not be under any CIT audit on tax avoidance or investigation conducted by IRAS
  • Good compliance records for CIT, WHT, GST, Property Tax for the last three years
  • No outstanding tax with IRAS as at the application date
  • Appointed a qualified CTRM Reviewer to conduct the CTRM review.


Phase 1: Getting ready for the CTRM

This phase involves:

  1. Confirming the company’s eligibility for the CTRM
  2. Performing a high-level self-assessment on the current business controls in the CTRM Checklist
  3. Submit a CTRM application to IRAS


Phase 2 – Commencement and conduct of CTRM review

This phase involves:

  1. Collating information for the conduct of CTRM Review.
  2. Formalising the work plan and timeline
  3. Reviewing your responses in the CTRM Checklist and conducting the risk assessment.
  4. Working with you to map out and review the effectiveness of the company’s existing internal controls and process
  5. Reporting the findings


Phase 3 – Consolidate and submit findings to the IRAS

This phase involves:

  1. Evaluating the findings documented in phase 2.
  2. Determining appropriate follow up actions to address the control gaps.
  3. Reviewing and quantifying the CIT and WHT errors identified in phase 2.
  4. Finalising and submitting the CTRM deliverables to the IRAS for evaluation.


Phase 4 – Evaluation by IRAS on the documents submitted

The IRAS has a dedicated CTRM team who is responsible for reviewing the CTRM deliverables and awarding the CTRM status. During this period, the IRAS may request for meetings to clarify the information submitted and conduct site visits to verify the control measures implemented. After which, the IRAS will determine whether the CTRM status is awarded, and this decision is final.


Phase 5 – Post CTRM and renewal of CTRM status

Although the CTRM status awarded by the IRAS is valid for three years, companies are encouraged to commence the CTRM renewal process six months before the expiry of the CTRM status award. The relevant documents is required to be submitted to IRAS at least three months before the expiry of the CTRM Status award.