DAC6 Country Profile: Germany

VinciWorks is publishing a series of guides on how each EU member state has implemented DAC6. This blog was originally published on June 23, 2020 and was updated in January 2021.

Bundestag

How has Germany implemented DAC6?

As of 1st January 2021 all EU Member States and the UK have begun their DAC6 reporting.

Legislation Details

The German Ministry of Finance (Bundesministerium der Finanzen) published the German DAC6 legislation on 21 December 2019. The legislation is called Gesetz zur Einführung einer Pflicht zur Mitteilung grenzüberschreitender Steuergestaltungen (Law for the introduction of an obligation to report cross-border tax arrangements).

Germany did not postpone DAC6 implementation and it is now in force.

Taxes covered

German legislation covers cross-border arrangements. The legislation is in line with the EU Directive and does not include domestic arrangements or any additional hallmarks.

Legal Professional Privilege

Germany exempts from reporting the intermediaries who are protected by legal professional privilege (e.g. auditors, attorneys and tax advisors). In these situations, the reporting obligation of certain data shall partly shift to the user of the cross-border arrangement (the taxpayer).

Reporting

Germany requires reporting to be made by intermediaries and relevant taxpayers using an electronic/XML file and a web-based form. Information on reportable cross-border arrangements should be submitted in German, though some information may be reported in English.


Penalties

Penalties for non-compliance with the reporting obligations are up to EUR 25,000 per breach. 

Download full country profile

VinciWorks’ full country-by-country guide to DAC6 implementation

DAC6 guide to country-by-country implementation

To help firms save time and money on conducting their own research, VinciWorks has collaborated with Transfer Pricing Services to create a concise country-by-country guide to DAC6 compliance. The guide can be purchased either together with our DAC6 compliance solution or as a standalone tool.

Preview the guide

How are you managing your GDPR compliance requirements?

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.

“In a world older and more complete than ours they move finished and complete, gifted with extensions of the senses we have lost or never attained, living by voices we shall never hear.”

Picture of James

James

VinciWorks CEO, VInciWorks

Spending time looking for your parcel around the neighbourhood is a thing of the past. That’s a promise.

How are you managing your GDPR compliance requirements?

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.

How are you managing your GDPR compliance requirements?

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.