February 2023 Newsletter

Due Dates

GST Due Dates

GST Compliance calendar for due dates falling in the month of February 2023

GST Compliance calendar for due dates falling in the month of February 2023


Important Due Dates February 2023

Circulars/Notifications/Press Release

Circular issued for providing the relaxation on deadlines to claim exemptions on Long Team Capital Gain

  • CBDT vide circular No. 01/2023 provided relaxation that where the last date of compliance under section 54 to 54GB such as investment, deposit, payment, acquisition, purchase, construction or such other action falls between 1st April 2021 to 28th February 2022, such compliance may be completed on or before 31st March 2023.

Notification for Abolition of limit of Statement of Financial Transaction (SFT) in relation to interest income

  • Reporting of Interest was made mandatory vide notification 2/2021 in SFT-016 if the interest exceeds INR 5,000/account. CBDT has issued Notification No. 01/2023 to abolish this limit and now the information is to be reported for all account/deposit holders where cumulative interest exceeds Rs. 5,000/ per person in the financial year.

Case Laws

Unsigned notice issued for assessment would make the further proceedings Null and Void : Bombay High Court

  • Assessee is non-resident and his income was below the maximum amount chargeable to tax.
  • Assessee received a notice under section 148 stating that the income chargeable to tax for the relevant assessment year had escaped assessment. No Manual or digital signature was affixed on the notice received.
  • Aggrieved by this, assessee preferred a writ petition.
  • Revenue’s argument that the mistake of not signing the notice under Section 148 would not void the further proceedings as the same is curable under section 292B.
  • High Court observes that a notice without a signature affixed on it is an invalid notice and is effectively no notice in the eyes of law. Thus, holds that the notice issued to assessee as null and void.

Disallowance of delayed payment charges for non-deduction of TDS: Chennai ITAT

  • Assessee is engaged in the business of trading in shares and has paid late payment charges to the broker.
  • Assessing Officer has disallowed such charges on account of non-deduction of TDS treating the same as interest in nature.
  • ITAT held that there should be lender and borrower relationship. In this case, the assessee has paid some charges for delayed payment of amount towards purchase and sale of shares to a broker, without there being any contractual obligation or other terms and conditions applicable to borrowing.
  • Therefore, we are of the considered view that, said payment cannot be considered as interest for the purpose of section 194A .


SEZ unit not liable to pay GST under RCM - Maharashtra AAAR

It is common knowledge that supply of goods or services to SEZ unit is a zero-rated supply and supplier need not pay GST under forward charges mechanism. The applicant in this case M/s. Portescap India Private Limited had approached authority for advance ruling (AAR) to seek an answer to the question whether they are liable to pay GST under reverse charge mechanism (RCM) on renting of immovable property services received by it from SEZ developer.

AAR had earlier ruled that applicant is liable to pay GST under RCM in this case. Aggrieved by this ruling applicant filed an appeal before appellate AAR. The appellate AAR overturned the AAR’s decision and held that subject to providing a letter of undertaking or bond as a deemed supplier of service, the applicant is not required to pay GST under RCM.

Supreme Court rules on classification of All-in-One Integrated desktop computers

The issue in this case before the Hon’ble Supreme Court was regarding classification of All-in-One Integrated desktop computers. The assessee in this case M/s. HP India Sales Private Limited imported All-in-One desktop computers and classified them under tariff item 8471 50 00 as other Automatic Data Processing machines (ADPs). The customs Authority were of the view that the ADPs in this case are portable and thus they merit classification under tariff item 8471 30 10 resulting in higher collection of duty.

The department contended before Supreme Court that the ADPs in this case are portable and can be carried easily from one place to another as the weigh is less than 10 kgs. Absence of inbuilt power source does not make these ADPs as non-portable. The department further contended that the display dimension of the ADPs (18.5 inches) will not affect the portability fact of the goods.

The Assessee contended that the classification involves an element of functionality and the ADPs in their case are not capable of functioning without any power source. Assessee further contended that the weight is not the sole factor to determine the portability of any commodity and the meaning of the word ‘portable’ ought to be understood in the context of ADPs.

The Supreme Court accepted the classification adopted by the assessee and held that:

  • Important ingredient in the classification of ADPs is the point relating to the power source.
  • Weight cannot be the sole factor in determining the factum of portability.
  • ADPs in this case have a diagonal dimension of 18.5 inches and without any protective case it will be difficult to carry them.

Considering the above discussions, the Supreme Court has held that the ADPs in this case are not portable as contended by the department and approved the classification adopted by the assessee.

Cybersecurity Post AI Revolution

The future is going to be AI and the past days have shown us figment of the future of AI with Dall E, Stable Fusion, and the internet sensation nowadays, ChatGPT. However, the space crept up by the Artificial Intelligent software were not the ones that people predicted that it would. In the past, while people discussed about Artificial Intelligence over a tea, everyone focused on jobs that are less complex and would require less  cognitive ability. But defeating the lay man’s prediction, AI has lived up to its name and is performing tasks that require not only cognitive abilities but also creative minds.

The current interfaces could write you poems, stories, essays, articles, codes, draw you pictures and a great range of other things that requires an artistic mind. This mostly surprised a lot of people who thought AI driving car itself as a peak application of the technology. Some predicted that AI would mostly take over jobs that are mechanical and repetitive tasks giving more time to humans to pursue their creative talents. However, we are looking at a utopian future where AI would work together with humans at the same level or even at a superior level.

That being said, it is clear that the impact of AI in the field of cyber security would be profound as AI is everchanging and ever evolving. However, evaluating the current capacity of AI, there are several advantages as well as disadvantages for AI in the field of cybersecurity which we would discuss in the following sections


Builds Intelligence over Time

With the help of machine learning and deep learning technologies, AI can learn more about organization’s network behavior over a period of time. The capacity to crunch large amount of data, identify patterns that are manually a herculean task, and clustering them together to find any deviation through any deviations in the normal traffic.

Identifying unknown threats

There are new methods developed and deployed by hackers every minute that needs to be countered. Modern AI powered solutions are necessary to prevent such sophisticated social engineering attacks that can harm your organization. AI can identify and alert any threat that may not familiar or even zero day threat by identifying certain threats with certain basic characteristics of the malware being used.

Handles a lot of Data

Your average phone has a speed of 2.5 GHz, that means the CPU completes 2.5 billion cycles in a single second. Now imagine an AI powered by advanced CPU hosted on clouds with powerful CPUs and GPU executing multiple queries at the same time. AI can detect potential threats, even when it comes to a large chunk of data. In a company, there is a lot of communication and exchange of data internal and external. This data needs protection from malicious people and software. But it’s not possible for cybersecurity personnel to check all the traffic for possible threats. AI is the best possible solution in this case, which can detect any threat hidden in this traffic.

Automating Repetitive and Duplicate Process

Attackers tend to change their tactics, but the basic security practices tend to remain the same every day. The repetitive and mechanical nature could dull the person who handles this task manually resulting in a less than accurate result. You can use AI to mimic the best human qualities and avoid the short comings.

Now there is long list of advantages however there are some dangers that we need to prepare for as well. Who could explain the dangers of AI better than an AI. So, I asked it to chatgpt and here is its response.

AI can be misused by hackers in several ways to attack organizations:

AI-powered phishing attacks

Hackers can use AI to create highly convincing phishing emails that can trick employees into giving away sensitive information or downloading malware.

AI-powered cyber attacks

AI algorithms can be trained to automate various hacking techniques, making attacks faster and more effective.

AI-powered disinformation campaigns

Hackers can use AI-generated fake news, propaganda, and social media posts to spread misinformation and manipulate public opinion.

AI-powered cyber espionage

AI algorithms can be used to automate the process of gathering sensitive information from target organizations.

AI-powered autonomous attacks

AI algorithms can be programmed to launch attacks on an organization’s systems without any human intervention, making it more difficult to track and attribute the source of the attack.

These are just a few examples of how AI can be misused by hackers to attack organizations. It is important for organizations to be aware of these risks and take appropriate measures to protect themselves.

So, we now know what AI is capable off in this nascent stage. As it evolves, AI technology is quickly becoming an essential tool for IT security teams to enhance their performance. With the sheer volume of attacks, humans alone cannot ensure the security of an enterprise-level system. AI provides the necessary analysis and threat detection to minimize the risk of breaches and improve overall security.

Additionally, AI can help identify and prioritize risks, streamline incident response, and detect malware before it becomes a problem. Despite some potential downsides, AI is expected to significantly advance the field of cybersecurity and help organizations establish a more secure defense against cyber threats.


Latest Updates

Accounting and Corporate Regulatory Authority (ACRA)

1) Raising Competency of Audit Committee and Finance Team Crucial to High Quality Financial Reporting

On 6th January 2023, the Accounting and Corporate Regulatory Authority (ACRA) has issued its fourth Financial Reporting Surveillance Programme (FRSP) report, which noted that knowledge gap and insufficient due diligence remain the main root causes contributing to material non-compliances with accounting standards. Another root cause was the lack of action taken on issues raised by auditors.

 ACRA reviews the financial statements (FS) of Singapore-incorporated companies for compliance with the accounting standards in Singapore and publishes the findings to help companies avoid the common pitfalls and improve their financial reporting. This latest FRSP report covers the FS reviewed between 1 April 2020 to 31 March 2022. Of the 33 sets of FS (comprising 27 listed companies and 6 non-listed companies) reviewed, ACRA found a total of 23 material non-compliance with accounting standards in 12 FS.

Key Findings

The 23 material non-compliances were in areas such as business valuations, impairment assessments, presentation in cash flow statement, consolidation, and equity accounting. Through engagements with the companies, ACRA observed that the material non-compliances were due to the following factors:

a. Knowledge gapwithin the finance teams, Chief Financial Officers (CFOs) and Audit Committees (ACs), resulting in incorrect application of accounting standards;

b. Insufficient due diligenceby the finance teams, CFOs and ACs, on transactions that were neither complex nor required judgement; and

c. Lack of action taken on issues raised by auditors. This includes failure to act upon the areas qualified or disclaimed by the statutory auditors and accepting modified audit reports in consecutive years, instead of taking the appropriate steps to rectify the issues and resolve non-compliances with the accounting standards.

Strengthening Financial Reporting Competency

Apart from the efforts made to recruit qualified persons, more can be done to strengthen the competency of the financial reporting team. With evolving business models and more complex transactions, it is critical for preparers to understand the substance of the transactions and the principles behind the accounting standards in order to correctly apply the relevant accounting standards to the transactions. The companies should invest in training to equip and upskill the finance teams, including CFOs and ACs to bridge any competency gaps. Where necessary, the Board can support them by providing access to experts and consultants for advice on more complex matters.

 Statutory auditors play an important role in financial reporting – they can assist the ACs, CFOs and finance teams by highlighting accounting and auditing issues early. In such situations, the ACs should guide the CFOs and finance teams to resolve the statutory auditor’s concerns, so as to avoid the issuance of modified audit reports. The Board should also apply rigour in reviewing and approving the FS, to ensure that the FS provides a true and fair view of the financial position and performance of the company.

 As companies ramp up their sustainability efforts, attention should also be placed on the accounting implications of climate change. ACs should consider the key accounting and auditing considerations in their review of the FS and engagement with the statutory auditor.

The reliability of financial information is crucial to the credibility and stability of our business environment. Through the FRSP, ACRA will continue to focus its efforts on strengthening the financial reporting value chain so that investors and other stakeholders are provided with reliable and meaningful financial information.



Inland Revenue Authority of Singapore

1) Tax Residency of a Company

Tax residence status of a company

Under the Income Tax Act of Singapore, the tax residence status of a company is determined by the place where its control and management is exercised.

The meaning of this “control and management” is derived from common law principles— being the directing authority that controls the affairs of a company, usually the strategic management and decision-making body (the Board of Directors who make the fundamental policies of the company’s business).

Such distinguishing factors of this control and management include the body’s power and ability to raise finance; to approve accounts; to appoint those who manage the company’s day-to-day operations; to declare a dividend; to decide on matters relating to a merger/acquisition/joint venture; and has control of the company’s bank accounts.

To be regarded as tax resident in Singapore, it is therefore advisable to have as many of its Board meetings in Singapore, showing that key decisions by the controlling and managing authority of the company are made in Singapore.

How Tax Residency Affects Corporate Income Tax

While tax resident and non-resident companies are generally taxed in the same manner, tax resident companies enjoy certain benefits, such as:

  • Exemption or reduction in tax imposed on specified foreign income that is derived in a jurisdiction that has an Avoidance of Double Taxation Agreement (DTA)with Singapore
  • Tax exemption on specified foreign income such as foreign-sourced dividends, foreign branch profits, and foreign-sourced service income under Section 13(8) of the Income Tax Act 1947
  • Foreign tax credit for the taxes paid in the foreign jurisdiction against the Singapore tax payable on the same income
  • Tax exemption for new start-up companies

Certificate of Residence

The Certificate of Residence (COR) is a letter issued by IRAS to certify that the company is a tax resident of Singapore for the purpose of claiming tax benefits under the DTAs that Singapore has concluded with other jurisdictions. It is generally required by the foreign tax authority to prove that the company is a Singapore tax resident.



1) SGX Reg Co caps independent directors’ tenure, enhances remuneration disclosures

On 11th January 2023, Singapore Exchange Regulation (SGX RegCo) has announced that it will limit to nine years the tenure of independent directors (IDs) serving on the boards of listed issuers. The proposal to limit the tenure of IDs, which stemmed from recommendations by the Corporate Governance Advisory Committee (CGAC), received broad market support during a public consultation process.

Disclosure on Remuneration Details of Directors and CEOs

Remuneration disclosure is important for companies listed on the Singapore Exchange because it promotes transparency which enables shareholders and investors to assess the value of the company in relation to how much the management is remunerated and thus incentivized in its management of the company.

Currently, Principle 8 of the Code of Corporate Governance (“Code”) provides that a listed issuer must be transparent on its remuneration policies, level and mix of remuneration, the procedure for setting remuneration, and the relationships between remuneration, performance and value creation. Provision 8.1 of the Code recommends that a listed issuer should disclose in its annual report the policy and criteria for setting remuneration, as well as names, amounts and breakdown of remuneration of, among other things, each individual director and the CEO. Compliance with the Principles of the Code, which set out broadly accepted characteristics of good corporate governance, is mandatory. However, the Provisions of the Code, which underpin the Principles, are applied on a comply or explain basis – as a result, majority of companies choose to disclose remuneration in salary bands citing competition and sensitivity concerns.

Following this announcement, for annual reports prepared for financial years ending on or after 31 December 2024, Singapore-listed issuers will be required to disclose the exact amounts and breakdown of remuneration paid to each individual director and the CEO by it and its subsidiaries. Such breakdown must include (in percentage terms) base or fixed salary, variable or performance-related income or bonuses, benefits in kind, stock options granted, share-based incentives and awards, and other long-term incentives. Termination, retirement and post-employment benefits should also be separately disclosed.

It should be noted that disclosures for at least the top 5 key management personnel (not director or CEO) will remain unchanged – issuers should specify the names, amounts and breakdown of remuneration for such key management personnel in bands no wider than S$250,000.

SGX RegCo believes that the increased transparency will enable investors to assess whether the directors and CEO are appropriately incentivised.

Tenure of Independent Directors

The Code of Corporate Governance defines an ID as one who is independent in conduct, character and judgement, and has no relationship with the company, its related companies, substantial shareholder or officers, which could interfere or be reasonably perceived to interfere with his independent judgement. IDs are important to enable an objective check on management.

Prior to 11 January 2023, a two-tier vote mechanism was in place to allow companies to retain long-serving IDs who have served for more than nine years. Long-serving directors could continue to be deemed independent so long as their appointment was approved by all shareholders, and then by all shareholders excluding the directors and the CEO of the issuer, and associates of these directors and CEO.

With effect from 11 January 2023, this two-tier shareholder voting mechanism will be removed, thereby limiting the tenure of IDs to nine years. It should be noted that this does not prevent directors who have served for more than nine years from being re-appointed; they can continue serving as non-independent directors.

To allow companies time to search for new IDs, existing IDs whose tenure exceed the nine-year limit can continue to be deemed independent until the company’s next annual general meeting for the financial year ending on or after 31 December 2023.

As a result of this change, consequential amendments have been made to Rule 210(5) of the SGX Listing Rules (Mainboard) and Rule 406(3)(d) of the SGX Listing Rules (Catalist) to limit the tenure of IDs to nine years.

These changes have been introduced based on recommendations by the Corporate Governance Advisory Committee (CGAC), following a public consultation process which received broad market support. The removal of this two-tier system promotes an infusion of new IDs directors on the board, giving companies an opportunity to inject new skills, experience and knowledge into their boards, and help to ensure board renewal and diversity.


IRAS- Due dates

  • Estimated Chargeable Income (ECI) (December year-end)- 31- March-2023
  • GST Return: January 2023 – March 2023- 30 April 2023
  • Form C-S/C -30-November-2023

Is Audit

Maximizing Business Efficiency with Archer: Understanding the Benefits and Implementing the Solution

When organization faces challenges during managing risk and compliance program, it tends to be outdated reporting, lack of ownership or skills, inconsistent controls, manual processes, information silos and limited risk visibility. If this is the state of business within the organization, then the ecosystem becomes complex as it expands exponentially.

RSA Archer Integrated Risk Management helps the organization to strengthen their information security posture by providing a centralized and integrated platform for managing and mitigating information risks across their operations. It also helps in operating accountability across the internal functions and external third-party ecosystem as well.

Some of the areas where Archer provides solution are Audit, Compliance, Operational Risk, Business Resiliency, Third Party Risk and Governance and IT & Security.

RSA platform and solutions

  • Archer quickly implements industry-standard process and best practices for advanced risk management, informed decision-making and, enhanced business performance as it is built on a single platform with on-premises and Software-as-a-service (SaaS).
  • Archer platform application’s UI is designed in such a way that it satisfies both security teams and business users. Identity driven reports and dashboards built into the solutions, along with the ability to create own reports and dashboards to meet the users’ needs.
  • Archer is designed to empower business users to customize applications to meet their business requirements, without the assistance of coding and developing skills.
  • The platform provides a suite of risk quantification tools and analytics that can be used to perform various types of risk assessments like threat and vulnerability assessments, Business impact assessments. This allows organizations to make more informed risk management decisions and allocate resources more effectively.
  • The platform provides organizations with the tools and information needed to meet regulatory requirements for risk management and reporting, reducing the risk of non-compliance and regulatory penalties.
  • Rather than searching the documents in the system, Archer helps to centralize and organize data which helps in improving the visibility across the wide range of compliance and process.
  • The RSA Archer Advance Workflow engine is an integral part of the platform that enables users to automate various business processes. Users can create and manage automated workflows to streamline the management of content, tasks, statuses, and approvals, within the workflow engine. The engine provides a visual, drag-and-drop interface for creating and managing workflows, making it easy for users to define and manage the steps involved in a particular process. This can help organizations to save time, reduce manual effort, and ensure consistent and efficient processing of tasks.
  • The role-based access control framework in RSA Archer can be used to enforce access controls across multiple applications. This framework helps to enforce security and privacy at the field, record, and application level. This framework also allows administrators to define and manage the roles and permissions of users within the platform, ensuring that only authorized users can access the information and fields that are relevant to their roles.
  • Archer automates many of the manual and repetitive tasks associated with risk management, freeing up time and resources for more strategic activities.