Dubbed India's largest tax reform since independence, the Goods and Services Tax debuted on July 1st, 2017 with four tax rates-- 5, 12, 18 and 28 percent. Manufacturers, traders, and enterprises are figuring out the complexities of the unified tax umbrella they have to comply with. The fully-implemented GST is now set to process over three billion invoices each month, constituting extremely sensitive corporate data, the safety of which is paramount to national and corporate interests. Here are the top security issues that have been stressed by the experts that may jeopardize India's new tax network.
Fear of data leaks
PwC, a global professional services firm, pointed to the security loopholes in the GST network, stating that there is potential for data leaks, privilege abuse, master data changes or transactional data changes from any of the multiple ends of GSTN owing to the absence of a privilege monitoring mechanism for the parties involved. PwC also emphasized the lack of security infrastructure in the country to handle the huge magnitude of data generated post-GST implementation.
Data transmitted outside enterprise boundary
The GST arrangement also permits the role of GST Suvidha Providers (GSPs) and Application Service Providers (ASPs) to help suppliers and buyers in filing their tax returns. Experts say this is another major security issue as a large volume of enterprise data will be accumulated outside the enterprise boundary and transmitted over the internet. According to PwC, due to the increase in the number of interfaces with external systems, sharing of large volumes of enterprise information with third parties may create security risks for both vendors and buyers.
Open source platform
The open source platform of GST is under constant maintenance even in the second phase of GST migration, marking its lack of preparedness. The Associated Chambers of Commerce of India (ASSOCHAM) highlighted this particular weakness of the GSTN. Experts have opined that the new tax system was rushed to meet the deadline, and not enough time was allocated to carry out the security and infrastructure testing.
GSTN's shareholding arrangement
The Indian Revenue Service officials raised their apprehensions about the majority share of private stakeholders in the GST network. They stated that the execution of the tax system should be under the sole control of the government and that transferring sensitive data in the hands of private entities could be dangerous for national security. Politicians of the ruling government itself such as Subramaniam Swamy also questioned GSTN's shareholding arrangement under which private entities hold 51 percent of its stake.