FATCA Current-State Assessment (Processes, Controls, IT/Data)

We document and assess your existing FATCA operating model — processes, governance & controls, IT architecture and data readiness — to identify gaps and quick wins before redesign or implementation.

Request a fixed-fee scope Back to FATCA Implementation & Redesign

Who it’s for

  • Reporting entities planning a FATCA redesign or validating readiness before first-time implementation.
  • Institutions with recent changes (products, systems, outsourcing, group structure) seeking assurance on control effectiveness.
  • Teams preparing for RO certification who want a reviewer-ready view of gaps, risks, and priorities.

Scope of the assessment

Processes & Governance

  • Onboarding & indicia identification, remediation workflows
  • Roles/RACI, handoffs, SLAs, training & reviewer checkpoints
  • Control calendar, KRIs, escalation & remediation routes

IT Architecture & Data

  • Source systems & interfaces across client, account, and transaction data
  • Data quality & completeness (TIN/GIIN, classifications, balances)
  • Mapping readiness for Form 8966 / local XML, logs & evidence trail

Reporting & Evidence

  • Filing workflow, validations, error handling & resubmissions
  • Evidence packs, tie-outs (GL), receipts/ACKs
  • Interfaces to local portals (EU/CH/LI/UK, etc.)
Governance (part of the program) FATCA Reporting Discovery & Feasibility

How we work

  1. 1) Scoping & document review

    Agree perimeter; review org charts, procedures, data dictionaries, process maps, prior filings & control evidence.

  2. 2) Walk-throughs & sampling

    Process walk-throughs and selective sampling of filings/evidence to assess design vs. operating effectiveness.

  3. 3) Gap analysis & quick wins

    Prioritized findings with risk rating, quick wins vs. structural fixes, and dependencies (IT/outsourcers).

  4. 4) Read-out & roadmap

    Reviewer-ready read-out with a right-sized redesign/implementation roadmap and resource estimate.

Deliverables you receive

Current-State Process Map

End-to-end view from data capture through mapping, validations, submission, and evidence retention.

Control Heatmap & Data Readiness

Risk-ranked control assessment with KRIs, plus data completeness/quality and mapping readiness.

Findings & Action Plan

Prioritized remediation list with owners, target dates, and recommendations for hardening controls.

Options & combinations

  • Independent or with Internal Audit: We align on rating scales, documentation standards, and sampling.
  • Combine with FATCA Voluntary Review: Formal, sampling-based testing and reviewer report if required.
  • QI alignment: Optional joint review of pools/rates mapping, 1042-S/1042 tie-outs, and documentation.
FATCA Voluntary Review QI Withholding & 1042-S Hardening

Next steps after assessment

Target Design

Target operating model with integrated governance, control calendar/KRIs, field mappings, and exception handling.

Build & Configure

Implement mappings/validations, evidence templates, portal onboarding, and training.

Dry-Run → Go-Live → Submission

Sampling, tie-outs, fixes, final filings & ACKs; corrections/re-filings as needed; handover & RO support.

Corrections & Re-filings RO Certification Support (FATCA)