Trust Bloomberg Tax for the international news and analysis to navigate the complex tax treaty networks and global business regulations.
Companies that chose to pay ransoms to computer malware in the course of a major cyberattack in Russia and Ukraine can use the payments to reduce their corporate income tax, practitioners told Bloomberg BNA.
However, it may prove difficult for businesses to collect enough documents to make a convincing case to the tax authorities.
On June 27, more than 80 companies in Russia and Ukraine came under a cyberattack of an unprecedented scale. Other organizations were also disrupted across the globe. The organizations were attacked by malicious encryption software Petya, which spread through the tax accounting software developed by Ukranian company M.E.Doc. The malware encrypted computer files and required a payment of $300 in cryptocurrency to restore access to them.
Among those affected, according to computer forensics company Group-IB, were Ukrainian telecom operators, banks, and state enterprises including Ukrtelecom, railroad corporation Ukrzaliznytsia and the federal postal service. In Russia, among the affected were oil giants Rosneft and Bashneft.
Rosneft did not respond to a request for comment from Bloomberg BNA.
The computer virus neither provided the attackers any access to the financial statements of the companies nor had the capabilities to remotely manage or copy the data, says Sergey Nikitin, deputy head of the Laboratory for Computer Forensics at Group-IB, a Moscow-based computer forensics company that identified the ransomware.
The M.E.Doc program “is common for all legal entities in Ukraine. The virus “flew” with an update of this program—hence the scale of infection in that country, including some government organizations,” Nikitin told Bloomberg BNA in a June 30 email.
According to Nikitin, the attackers only collected around $10,000 from 45 transactions in bitcoins. However, it remains unclear how many companies chose to pay the ransom.
“There is no way to establish whether this was from one or several companies. Theoretically, one company could pay several times,” the expert said.
He noted that to avoid exposure, it is unlikely the attackers would use the funds, given the wide media attention around by the cyberattack.
Russian law provides for opportunities to consider a ransom paid to a computer malware as extraordinary expenses, thus enabling the taxpayer to reduce their amount of corporate income tax, says Aleksey Gatin, managing partner at Moscow-based Law and Taxes.
In an interview with Bloomberg BNA, Gatin said Article 265 of the Russian Tax Code allows companies to reduce the sum of taxable profits by extraordinary expenses if losses arise from the acts whose perpetrators are not established.
“To do this, the taxpayer must provide documents to the authorities proving that some persons committed the crime whose perpetrator is unknown,” Gatin told Bloomberg BNA by phone on June 30.
According to the practitioner, the tax authorities would be unwilling to take these expenses into account without convincing arguments. During tax inspections, the authorities tend to scrutinize the documents that justify companies’ expenses, including the expenses on software products, online resources, and digital applications, Gatin said.
“It is clear that the tax authority are likely to refuse to take into account extra expenses to reduce taxable profits. But I think that the court in such case would take the taxpayer’s side,” Gatin added.
Paying ransom to the malicious software program can be considered a business expense, but taxpayers may find it difficult to support their arguments with documentation, says Dmitry Kostalgin, managing partner at Tadvisor, a tax-consulting firm.
“The problem is that the intruders do not leave any bills or other primary documentation. One can try, of course, to submit payment slips and certificates of the computer examination [as a proof there was a cyberattack],” Kostalgin told Bloomberg BNA in a June 29 email.
To decrease the tax base by the sun of the ransom, tax authorities are likely to require the computer to be examined by an independent specialist, Kostalgin said. Eventually, this is going to cost the company a disproportionate amount of time and money, the practitioner said.
To contact the editor reporter on this story: Natalia Suvorova at firstname.lastname@example.org
To contact the editor responsible for this story: Penny Sukhraj at email@example.com
Copyright © 2017 The Bureau of National Affairs, Inc. All Rights Reserved.
All Bloomberg BNA treatises are available on standing order, which ensures you will always receive the most current edition of the book or supplement of the title you have ordered from Bloomberg BNA’s book division. As soon as a new supplement or edition is published (usually annually) for a title you’ve previously purchased and requested to be placed on standing order, we’ll ship it to you to review for 30 days without any obligation. During this period, you can either (a) honor the invoice and receive a 5% discount (in addition to any other discounts you may qualify for) off the then-current price of the update, plus shipping and handling or (b) return the book(s), in which case, your invoice will be cancelled upon receipt of the book(s). Call us for a prepaid UPS label for your return. It’s as simple and easy as that. Most importantly, standing orders mean you will never have to worry about the timeliness of the information you’re relying on. And, you may discontinue standing orders at any time by contacting us at 1.800.960.1220 or by sending an email to firstname.lastname@example.org.
Put me on standing order at a 5% discount off list price of all future updates, in addition to any other discounts I may quality for. (Returnable within 30 days.)
Notify me when updates are available (No standing order will be created).
This Bloomberg BNA report is available on standing order, which ensures you will all receive the latest edition. This report is updated annually and we will send you the latest edition once it has been published. By signing up for standing order you will never have to worry about the timeliness of the information you need. And, you may discontinue standing orders at any time by contacting us at 1.800.372.1033, option 5, or by sending us an email to email@example.com.
Put me on standing order
Notify me when new releases are available (no standing order will be created)