Global updates – a quick glance
Argentina: The minimum and maximum basis for employee social security contributions increased to a monthly salary of ARS 45,281.15 and ARS 1,471,616.10 respectively from March 1, 2024.
Australia:
- Australian Taxation Office (“ATO”) has announced changes to individual income tax rates and thresholds effective from July 1, 2024.
- Australia introduces right to disconnect effective from August 26, 2024.
Belgium:
- Preparation of employee training plan and informing employee their training rights made mandatory for employer with 20 or more employees effective from April 1, 2024.
- Small business scheme for VAT extended to foreign companies meeting certain conditions, effective January 1, 2024.
- Law enacted to mandate public CbC reporting for multinationals effective for financial years beginning on or after June 22, 2024.
Brazil:
- Monthly individual tax brackets and employee social security contribution table revised for 2024.
- Constitutional Amendment introducing major indirect tax reforms enacted.
Bulgaria: Public CbC reporting to be made mandatory for multinationals effective for financial years beginning on or after January 1, 2025.
Canada:
- Canada: Federal budget for 2024 presented on April 16, 2024. Individual income tax thresholds revised for 2024; 100% Capital Cost Allowance (CCA) deduction in the first year of use on certain assets proposed; waiver of withholding requirement on payments to non-residents in certain situations proposed.
- Quebec: The budget for 2024 presented on March 12, 2024. Individual income tax thresholds revised for 2024; changes to refundable and non-refundable tax credit proposed for development of e-businesses.
- Quebec: Introduction of Act to prevent psychological harassment and sexual violence at workplace effective from March 27, 2024.
Chile: Amendments to labour code for prevention, investigation, and punishment for workplace harassment, etc.
China:
- China released new regulation relaxing requirements for cross-border transfer of personal data, effective from March 22, 2024.
- Shanghai reduces employee basic medical insurance payment rate from 10% to 9% from March 1, 2024.
Cyprus:
- Thresholds increased for the preparation of transfer pricing local file.
- Cyprus increased the Intrastat threshold for arrivals effective from January 1, 2024.
Denmark:
- Working Time Act amended, and new provisions introduced to record working time of employees effective from July 1, 2024.
- Revision in the thresholds for filing Intrastat Returns for 2024.
France:
- Revised social security ceilings and income tax scales announced for 2024.
- France released new guidance regarding employer tax due from companies that hire or host foreign nationals.
- France relaxed rules for renewal of parental presence leave.
Gibraltar: Gibraltar announced implementation of a Qualified Domestic Minimum Top-Up Tax (“QDMTT”) effective from January 1, 2024
Greece: Greece implements global minimum tax from January 1, 2024.
Hong Kong:
- The first weekday after Christmas has been added as a new statutory holiday beginning from the year 2024.
- Hong Kong’s budget for 2024 increased the business registration fees from HKD 2,000 to HKD 2,200 and proposed introduction of a two-tiered standard tax rates regime for “salaries tax” and “tax under personal assessment”.
Hungary:
- Thresholds for Intrastat returns increased effective from January 1, 2024.
- Hungary amends progressive retail turnover tax rates effective from January 1, 2024.
India: India enacted Finance Act, 2024, extending time limit for incorporation of start-ups eligible for tax holiday from March 31, 2024, to March 31, 2025.
Ireland: Extension of child benefit to 18-year-olds, who are in full time education or having a disability, effective from May 1, 2024.
Italy:
- Italy introduced new rules for the expatriate regime effective from January 1, 2024.
- Italy introduces a biennial preventive agreement to simplify tax obligations for small taxpayers.
- Italy imposes stricter requirements for VAT representatives, effective from February 22, 2024.
Israel:
- Israel Tax Authority updated thresholds for invoicing and VAT reporting for 2024.
- Tax Authority introduced digital system to facilitate employee termination process effective from January 2024.
Japan:
- Japan passes Tax Reform 2024 with following changes:
- Blue tax filing companies are entitled to a 30% income deduction from qualifying income from intellectual properties for a period of seven years starting from April 1, 2025.
- Additional tax credits of 5%-15% for companies on increasing the wages of their employees, extended for another three years till March 31, 2027.
- From April 1, 2025, foreign enterprises offering digital services through a digital platform are liable for consumption tax.
- Japan amended Labor Standard Ordinance effective from April 1, 2024, revising employer obligations regarding notification related to workplace and duties.
Malaysia:
- Service tax rate has been increased from 6% to 8% beginning March 1, 2024.
- Companies (Amendment) Act 2024 has introduced the requirement of identifying and verifying beneficial owner and maintaining beneficial owner register beginning from April 1, 2024.
Morocco: Effective from February 14, 2024, non-resident digital service providers are liable for Value-Added-Tax in Morocco.
Peru: Peru introduced 5 days of paid bereavement leave for employees in private sector.
Poland: Poland announced revised thresholds for small taxpayers and social security contribution caps, effective from January 1, 2024.
Singapore: Singapore budget 2024 presented on February 16, 2024. Introduced Enterprise Support Package; introduction of Refundable Tax Credit; implementation of Global Minimum Tax; changes in the social security contributions for senior workers.
South Africa: National Budget 2024 announced; implementation of Global Minimum Tax (“GMT”) effective from January 1, 2024, announced two pot retirement system proposed to be effective from September 2024.
South Korea:
- South Korea enacted tax reform for 2024, introduced additional obligations for multinational entities to submit supplementary transfer pricing documentation.
- The Personal Information Protection Commission amended enforcement decree for Personal Information Protection Act, laying down rules for appointment/qualification of chief privacy officer, disclosure requirements for cross border data transfer, etc.
Sweden: New rules on digital general meetings effective from January 1, 2024.
Switzerland: Introduction of new online VAT obligation in Switzerland effective from January 1, 2024.
Taiwan: Taiwan enacted the new Minimum Wage Act to create a statutory process for reviewing and adjusting minimum wage, effective from January 1, 2024.
Thailand:
- Thailand issues notifications laying down rules for cross-border transfer of personal data.
- The Ministry of Finance extended electronic filing deadline for returns/payments due between February 1, 2024, to January 31, 2027.
United Kingdom:
- UK Spring Statement 2024 announced on March 6, 2024; Employee’s national insurance contribution rate reduced from 10% to 8%; residence-based regime proposed for non-UK domiciled individuals; revision in the VAT registration and de-registration threshold.
- Provisions of Economic Crime and Corporate Transparency Act 2023 to improve quality of information in company register are effective from March 4, 2024
Data Protection Fines Table | ||||
Country | Authority Name | Fine imposed on | Reason for Fine Related to Data Protection Failure | Amount of Fine and Penalty |
Denmark | Danish data protection authority (‘Datatilsynet’) | Capio A/S, a hospital engaged in providing health care services | A fine was imposed for not supervising work of data processors appointed by the hospital, hence, violation of principle of accountability. Further, failure on the part of the hospital to ensure that the processing done by the data processors was for lawful and reasonable purposes, and they have adopted adequate measures for security of the personal data. | DKK 1.5 million |
Denmark | Danish data protection authority (‘Datatilsynet’) | Netcompany, an IT company engaged in consultancy services and providing IT solutions | A fine was imposed for violation of data protection regulations multiple times when launching the new digital mailbox, viz. failure to implement appropriate security measures while developing the mailbox, absence of impact analysis, failure to discover inappropriate coding, etc. | DKK 15 million |
France | French Data Protection Authority (“CNIL”) | Amazon France Logistique SAS, a French company that offers delivery and logistics services in France. | A fine was imposed for excessive monitoring of employee due to: failure to process personal data in adequate, relevant, and limited manner; absence of stated lawful basis;failure to take adequate measures to provide necessary information to the data subject (employees);using video surveillance without consent. | EUR 32 million |
France | French Data Protection Authority (“CNIL”) | Yahoo EMEA Limited, a global media and advertising company. | Fine was imposed for making the mechanism for refusal of cookies more complex as compared to the mechanism to accept cookies and thus, nudging users to accept cookies. CNIL concluded that this infringes the freedom of consent of internet users. | EUR 10 million |
Greece | Hellenic Data Protection Authority (“HDPA”) | The Hellenic Post S.A. (ELTA), a state-owned postal service | A fine was imposed for GDPR violations and data breach arisen due to absence/ failure of appropriate technical, security systems and policies leading to unauthorised access to personal data. | EUR 2.9 million |
Hungary | The National Authority for Data Protection and Freedom of Information (‘NAIH’) | An airline company | The fine was imposed for the following reasons: Failure to inform the data subject about the action taken based on the data erasure request of the data subject within the time limit; Infringement of the principle of transparent data processing as the data subject was not informed about the additional data processed, its purpose, legal basis, or the duration of processing by the airline in relation to the data erasure request made by the data subject. | HUF 5 million |
Iceland | The Icelandic Data Protection Authority (Persónuvernd) | Stjörnuna ehf., an operator of international fast-food chain called Subway restaurants in Iceland. | Fine was imposed for the following reasons: Failure to produce evidence that employee monitoring was based on legitimate interest for achieving quality control of employees’ work; Failure to inform its employees about being monitored in the workplace by the employers, as mandated by GDPR and the Act;Failure to maintain a register of processing activities as required by GDPR and the Act. | ISK 1.5 million |
Netherlands | Dutch data protection authority (“AP”) | Uber Technologies Inc., a multinational transportation company that provides ride-hailing services, courier services, food delivery, and freight transport and Uber B.V. (Dutch unit of US-based Uber Technologies) | Fine was imposed for the following reasons: Violation in providing transparent information;Violation of the right to access the data by the data subject;Violation of the right of data portability. | EUR 10 million |
Poland | The Polish data protection authority (“UODO”) | Morele.net sp. z o. o., a company engaged in consumer electronics distribution segment in e-commerce market. | There was a data breach incident affecting consumers due to an alleged lack of cybersecurity measures. Fine was imposed for the following reasons: Failure to adopt adequate technical security measures against data breaches;Failure to respond to unusual behaviour, such as increased network traffic;Failure to encrypt relevant data;Failure to implement two-factor authentication;Failure to conduct a risk analysis, including threats from public network logins. | PLN 3.8 million |
Spain | Spanish Data Protection Agency (‘AEPD’) | Endesa Energia S.A.U, a multinational electric utility company | A fine was imposed for major data breach exposing sensitive information of millions of gas and electricity customers to unauthorized third parties and hence, violation of GDPR provisions relating to security breach, violation of provisions related to processing of personal data etc. | EUR 6.1 million |