Regulatory risk differentiation is the process used by a regulatory authority (the regulator - most often a tax administration) to systemically treat entities differently based on the regulator's assessment of the risks of the entity's non-compliance.
Regulators can include law enforcement agencies. Entities refers to those under the authority/control of the regulator – in most cases ranging from individuals to companies (legal entities) to multinationals operating within the regulator's jurisdiction.
The risk differentiation process requires the regulator to directly link a robust risk assessment, such as via a risk scoring model, to different regulatory responses (e.g. financial penalties, criminal imprisonment). Regulatory risk differentiation is also referred to as the Compliance Model in some regulatory agencies.[1] See for example the Australian Prudential Regulatory Authority risk differentiation approach known as: PAIRS[2] / SOARS.[3] PAIRS is the Probability And Impact Rating System, while SOARS is the Supervisory Oversight And Response System.
{{cite web}}
: CS1 maint: archived copy as title (link)
{{cite web}}
: CS1 maint: archived copy as title (link)