Vendors subject to the New York sales and use tax must maintain “adequate books and records.” The New York State Department of Taxation and Finance (DTF) recently published a bulletin, TB-ST-770, enumerating the basic sales and purchase records that a vendor must maintain in order for the records to be considered adequate.

In TB-ST-770, the Department provided further guidance on the proper maintenance of books and records when using an electronic point-of-sale (POS) system to record transactions subject to the New York sales and use tax.
POS systems must maintain an audit trail feature that creates a record of every transaction performed using the system. This audit trail includes the date, time, and a detailed description of any changes made to the sales invoice from the original transaction source to the final total. In fact, a taxpayer’s books and records would be considered inadequate if the audit trail function were deactivated at any time, and the date, time and description of every record change was not recorded. This is required of every taxpayer using a POS system regardless of the taxpayers’ business size or sophistication.
However, TB-ST-770 has far exceeded any prior requirements for the use of an electronic record-keeping system. The TB’s requirements for POS systems versus traditional paper systems essentially penalizes businesses that adopt electronic POS systems, imposing requirements so stringent that the US Defense Department’s electronic systems themselves might fall short, let alone those systems commercially available for purchase by a “mom and pop” store in New York. The requirements of the TB, when coupled with recently proposed legislation by the DTF, may make it impossible for a vendor to adopt and maintain a POS system that is affordable, manageable, and adequate under DTF requirements. In doing so, the DTF may inadvertently discourage businesses from utilizing electronic record-keeping. In addition,the TB specifically states that the stringent requirements contained therein do “not provide an exhaustive list of records [a vendor] must keep.”Thus the requirements, in addition to being onerous, are so vague that a vendor cannot know for certain whether their system would be deemed adequate.

The DTF’s concern about the accuracy of electronic audit systems, however, seems to stop at its own door. Despite the DTF’s demand that every vendor in New York maintain record-keeping procedures and systems with internal control systems that are essentially infallible, the DTF itself chooses to maintain an audit record-keeping system for itself that entirely lacks internal controls. For example, the DTF recently stipulated the following in litigation in the Division of Tax Appeals:

The Audit framework Extension (AFE) application developed by the New York State Department of Taxation and Finance does not maintain a history of changes to files or data records within its case folder or database for each audit case. No audit trail or other logging system has been implemented to track ongoing changes for an audit case.

Therefore, although the integrity of all records maintained by the DTF in every tax audit in this state depends upon an electronic record-keeping system of its own creation that has absolutely no internal controls, the DTF insists that every vendor maintain POS systems with extraordinary (and possibly unattainable) levels of internal controls.

This requirement is placed on every vendor that uses a POS system, including “mom and pop” operations without technical sophistication, budget, or IT personnel. It is also a classic example of the hypocrisy of “do as I say, not as I do.”

It is clear that the new DTF rules hold vendors to a significantly more stringent standard than ever before required for paper or electronic systems and to an exponentially higher standard than that which is used by the DTF to maintain its own records. In a telephone conference related to litigation with the DTF under the Freedom of Information Law (FOIL),the programmers who wrote the AFE software admitted that the AFE audit program does not track when AFE files are accessed, when changes are made to AFE files,who made the changes, and how often the records were accessed.The AFE system does not even keep track of whether the documents and records have been accessed at all. Any DTF personnel with access to the AFE program can make alterations to documents without leaving a trace; in doing so, anyone can rewrite the critical history of the audit. Thus,the DTF demands an extraordinary, unusual and possibly commercially unattainable level of internal controls in POS systems, while at the same time asserting that its own electronic record-keeping system,which has no internal controls at all, is adequate for sales tax audit purposes.

Nor does the fact that these records are kept by an agency of the state provide the requisite level of comfort in the presence of a system with no internal integrity. For example, the system used for “in-dating” records received by the DTF is simply a rubber hand stamp with a manually adjustable date. Accurate receipt dates are extremely important in our tax system. They are critical for determinations of penalty application, interest, timeliness, and statutes of limitation to name a few issues. The lack of internal controls in making sure the correct date is applied is disturbing. Even more disturbing, however,is that official DTF policy condones or even encourages the backdating of documents.

In 2008, for example, an employee at a DTF district office,while backdating documents, made a mistake that may have allowed backdating to be discovered. Rather than punish this misconduct, however, the management of the DTF office simply established a formal procedure for backdating documents so as to prevent future disclosure of the fraudulent practice. In an email dated February 15, 2008 (the “backdating email”), a high-ranking official of that DTF district office advised all of the personnel that “[f]or the future, we have a separate, extra, stamp to be used for backdating items.”When the author learned of these procedures, he brought them to the attention of the DTF; and, aside from stonewalling him in response to a related FOIL request, the DTF has done nothing to improve the integrity of the date stamping process or hold any participants accountable for backdating records that would likely be prosecuted as a criminal offense if done by a vendor or his representative.

The new DTF rules for POS systems demand new and extraordinary internal control requirements, while the DTF itself persists in using a system devoid of any internal controls in its own record-keeping systems. This certainly leaves open the argument that if existing internal controls in POS systems are inadequate, then the DTF’s own records, produced on systems without any internal controls at all and with documented misuse and abuse, are insufficient to carry their burden in supporting an assessment. At the very least, one wonders whether the Courts will support a hypocritical demand for POS controls that simply discriminate against vendors choosing to use, instead of paper records, commercially reasonable and available POS systems(which are at least as reliable as paper records previously accepted by the courts).

This article is general and informational in nature and you should read the terms of our legal disclaimer regarding its use.