CTRM is a voluntary compliance initiative that a company may participate in to demonstrate that it has good tax governance and tax risk management. Undertaking the CTRM allows companies to perform a holistic review of their controls and tax risk management for Corporate Income Tax (CIT) matters. It seeks to provide guidance to companies, especially large companies, in establishing robust internal controls and systematic risk management processes to identify, mitigate and monitor key corporate income tax risks and bring tax compliance upstream.

Businesses Suited for CTRM

CTRM is targeted at large companies that have complex structures and business models, particularly publicly listed companies and other multinational corporations. These companies should place emphasis on tax risk management as part of their corporate governance, and ensure that adequate and effective tax risk control systems and processes are in place to manage their CIT compliance risks. 

Elements of the CTRM Framework

Level of ControlObjectives and Features of the Controls
Tax Governance StructureTo set the tone at the top (i.e. the Board) and regard tax risk management as an integral part of the company’s corporate governance.
The control features at this level aim to establish whether the Board and senior management have incorporated CIT risk management framework and policies as part of the CIT controls framework in the company.
The relevant control checks are to ensure that the Board and senior management recognise the importance of CIT compliance and maintain an oversight over the company’s CIT matters, particularly CIT matters that potentially have significant tax implications to the company. 
Entity-Level ControlsTo enable the senior management to maintain effective oversight over CIT compliance matters.

The control features at this level aim to establish whether the senior management has adopted an effective risk management framework to identify, evaluate and manage CIT risks and compliance.

The relevant control checks are to ensure that:

  1. The senior management designates a credible and capable person or team who has the necessary skills and experience to manage CIT matters effectively;
  2. There is a process to identify, evaluate and manage CIT risks;
  3. The relevant information is disseminated in a timely manner to the relevant process owners; and
  4. The adequacy and effectiveness of the CIT risk management processes are reviewed periodically.
Tax Reporting ControlsTo ensure that the tax data extracted and compiled for CIT returns submission is complete and accurate.
The control features at this level aim to establish whether the tax values are compiled correctly for CIT reporting, and the tax treatment of CIT issues is applied appropriately and complies with the relevant tax laws and rules.
The relevant control checks are to ensure that: 

  1. Both the tax data and tax treatment are captured in the CIT returns correctly and submitted to IRAS in a timely manner;
  2. The responses to IRAS’ tax enquiries are timely, accurate and complete; and
  3. The adequacy and effectiveness of the CIT compliance processes are reviewed periodically.

The control features above are incorporated in the CTRM Checklist (XLSX, 180KB), a checklist which encompasses practice-oriented tax control features as demonstration of sound tax risk controls. A company adopting CTRM is required to complete the CTRM Checklist.

Applying for the CTRM

Once you ascertain that you have met the pre-requisites to participate in CTRM, you can apply for the CTRM by submitting an application form to IRAS. IRAS will review your application and accept your application if you satisfy all the pre-requisites.

Upon receipt of IRAS’ confirmation on your eligibility to participate in the programme, you must perform a self-review of your internal control processes by completing the CTRM Checklist (XLSX, 180KB). The completed CTRM Checklist must be reviewed by a CTRM Reviewer (i.e. qualified independent third party assessed and approved by IRAS) and submitted to IRAS together with all other required documents. You will be awarded the CTRM Status if IRAS assesses that your internal control processes for CIT compliance are adequate and effective, and that you have low CIT compliance risks.

Learn more about the CTRM application and review process (PDF, 262KB).

Pre-requisites to Participate in the CTRM

You should meet all the following pre-requisites before you apply to participate in the CTRM:

  • You have implemented the key controls listed in the CTRM Checklist (XLSX, 180KB) for all 3 levels (i.e. Tax Governance Structure, Entity-Level Controls and Tax Reporting Controls) covering the CTRM period. A key control is considered as implemented if 60% or more of the supporting control features of each key control or their equivalents are present.
  • The statutory auditor’s opinion of your last 3 years’ financial statements is unqualified.
  • You are not currently under any CIT audit for tax avoidance or investigation conducted by IRAS.
  • You have good compliance records^ for CIT (including withholding tax), GST and Property Tax for the last 3 years and no outstanding tax* with IRAS as at the date of application to participate in the CTRM.
  • You have committed to appoint a qualified CTRM Reviewer to conduct the CTRM review.

^ Include filing of tax return and payment of tax promptly as well as responding to queries by the deadlines as agreed with IRAS.

* Excludes tax due under instalment plan or amount due for the next GIRO deduction.

Screening of First-Time CTRM Reviewers

For Public Accounting Entity or its tax affiliates (henceforth referred to as 'firm') who are first-time CTRM Reviewers, IRAS will conduct screening on a firm level basis to be assured of the firm’s capability in conducting the CTRM Review. The screening review is necessary as the CTRM Reviewer’s professional judgment and findings in the conduct of the CTRM Review is a critical aspect of the programme. Any interested firm can write in to IRAS to request for the screening review via [email protected]. When writing to us, furnish the following information:

  • Full name, address and UEN of the firm.
  • Designation and contact details of the person making the request for the screening review.
  • The firm’s process of onboarding of CTRM applicants and how it determines whether the CTRM applicants are suitable for CTRM (e.g. check whether the CTRM applicants have an established CIT Controls Framework, satisfy the pre-requisites to participate in the CTRM and fulfil the conditions under the firm’s 'Know Your Customer' checks).
  • The firm’s scope of review and how the firm would be carrying out the CTRM Review process from identifying key CIT risks, establishing whether controls are in place to mitigate the key CIT risks, performing tests of controls, obtaining supporting evidence to completing the CTRM Report.
  • The circumstances under which the firm would consider controls as inadequate or ineffective, and if so, the remedial actions the firm would take to address the control gaps or corresponding CIT/ withholding tax errors, where applicable. How will this affect the substantive review sample size, where applicable?
  • The firm’s process in ensuring that the designated team that performs the CTRM Review satisfies the conditions listed in paragraph 7 of the CTRM e-Tax Guide.
  • The profile of each member in the designated team (e.g. name of each member, designation, professional body membership, roles and responsibilities in the CTRM review) and their experiences in performing audit of internal controls and/or CIT reviews. How does the firm ensure that the designated team will continue to field team members with the relevant qualifications and experiences in the event of staff turnover or changes?

IRAS may request for additional information, documentation and/or arrange for a screening meeting to assess the designated team’s experiences in identifying key CIT risks and conduct of CIT controls review.

It may take up to 2 months for IRAS to complete the screening for a first-time CTRM Reviewer. The firm will be informed of the screening outcome upon completion of the review.

Benefits of Adopting CTRM

A company that has been assessed to have an effective CTRM is accepted by IRAS to be generally tax compliant. Accordingly, due consideration and mitigation is applied in respect of isolated instances of non-compliance (where such non-compliance does not involve deliberate tax evasion or serious tax avoidance). Hence, under the CTRM, IRAS applies:

CITA one-time waiver of penalties for voluntary disclosure of prior years’ CIT errors.
Withholding TaxA one-time waiver of penalties for voluntary disclosure of prior years’ withholding tax errors.

The above excludes any non-compliance involving deliberate tax evasion or serious tax avoidance and all the qualifying conditions of the voluntary disclosure programme# continue to apply.

# Disclosure of errors which meet the qualifying conditions for reduced penalties. See e-Tax Guide on IRAS' Voluntary Disclosure Programme (PDF, 476KB). Errors do not include fraudulent errors and errors discovered under IRAS’ audit or investigation.

The one-time waiver of penalties applies to non-compliance disclosed within 3 years of effective CTRM. If it is not applied within this period, the one-time waiver of penalties will continue to be applied to any non-compliance disclosed within a further 3-year period on the renewal of CTRM (if applicable). The one-time waiver of penalties will not be applied after the extended period.

For errors discovered during the CTRM process, you should disclose the errors and submit the relevant revised income tax computations to IRAS on a timely basis. Where more time is required to ascertain the extent of the errors, you should inform IRAS of the errors and request for more time to investigate further. For the errors disclosed to IRAS during the CTRM process and in the Report on Findings by the CTRM Reviewer (Appendix B), the date of the disclosure of these errors is deemed to be the date of award of the CTRM Status.

For errors discovered after the award of the CTRM Status, you should disclose the errors and submit the relevant revised income tax computations together with the Form for Voluntary Disclosure of Errors under the CTRM (DOCX, 50KB) to IRAS.

In addition, IRAS will discuss with you upfront to identify the key tax risk areas or key CIT issues (capped at 5 tax risk areas/ CIT issues, excluding new CIT issues which have emerged due to exceptional circumstances) based on your current business and structure. IRAS will calibrate the review of these tax risk areas/ CIT issues as part of its CIT compliance audit review for the next 3 consecutive Years of Assessment (YAs).

Example of How the One-time Waiver of Penalties is Applied

A company was awarded its CTRM status on 1 Apr 2022. Hence, it enjoys a one-time waiver of penalties for voluntary disclosure of CIT and withholding tax errors from 1 Apr 2022 to 31 Mar 2025.

On 30 Apr 2022, the company makes a voluntary disclosure of CIT errors for YA 2020. In the absence of the CTRM benefit, these errors attract a penalty as they are disclosed after the 1-year grace period for voluntary disclosure of CIT errors (from 1 Dec 2020 to 30 Nov 2021). However, as the company is entitled to the CTRM benefit and the voluntary disclosure is made within 3 years from the date IRAS awards the CTRM Status to the company, it is able to claim the benefit of a one-time waiver of penalties.

If the company does not utilise its CTRM benefit by 31 Mar 2025, the benefit may be carried forward for a further 3 years upon successful renewal of the CTRM Status i.e. up to 31 Mar 2028.

Renewing CTRM Status

The CTRM Status is valid for 3 years and is renewable before the end of the third year. You are encouraged to commence the CTRM renewal process 6 months before the expiry of your CTRM Status and submit all the relevant documents to IRAS at least 3 months before the expiry of the CTRM Status for evaluation by IRAS.

You can find more information on the CTRM, the review process, the application process and other details in the IRAS e-Tax Guide on Tax Risk Management and Control Framework for Corporate Income Tax (PDF, 262KB).


I belong to a corporate group. Must each company apply for CTRM separately?

Where more than 1 company within a corporate group intend to participate in the CTRM, a representative member company may complete the CTRM Checklist on a consolidated basis.

However, if the CIT risk areas, extent of processes and tax risk controls put in place differ significantly among member companies, each member company should consider completing a separate CTRM Checklist. Alternatively, each member company may participate in the CTRM as a standalone company.