1. Imperatives Driving GST and GSTN :
The proposed implementation of GST, a destination based consumption tax, has been designed as a dual VAT, keeping in view the unique federal nature of India’s Constitutional Polity. The different imperatives driving this reform and role of GSTN in achieving them is briefly spelled out below
1.1 Seamless Flow of Input Tax Credit across the Country
GST rollout envisages implementation of 35 GST Laws of the different State governments and the Central Government in such a manner so as to ensure seamless flow of input tax credit across States in the country. For achieving the seamless flow of input tax credit it has been proposed that the all interstate transaction will attract a levy of IGST, approximately equal to the sum of the CGST levy and the Standard SGST levy for a particular commodity. Consequently, in case of business to business (B2B) transactions the recipient will accumulate IGST credit which can be utilised for discharging his liabilities of IGST, CGST or SGST. Successful implementation of this scheme will require prompt verification of the IGST credits claimed on interstate transactions in the returns.
Hence a need was felt for a trustworthy entity which will facilitate ITC verification on interstate transactions. Further, a strong need has been felt by all the State governments for quick verification of all type of input tax credits claimed by the taxpayers which would be facilitated by the GST system managed by an entity having very strong IT infrastructure.
1.2 Settlement of IGST on interstate transaction to consumers to the destination State Govt. and the Central Government.
GST is a destination based consumption tax in which interstate transactions are proposed to be taxed at full rate. Under this design the tax on transactions destined to a consumer in a different state will be collected at full rate in the state of origin as IGST but it will be apportioned between the Central Government and the destination State government. The information support and the accounting of this settlement needs to be done by an independent entity.
Further, to simplify the administration of the GST regime, it is proposed that the IGST credit can be used to pay CGST and SGST liabilities and the IGST liabilities can be discharged using SGST and IGST credits. This would however impact the revenues of the State and Central Governments and the GST system is expected to provide information on the cross utilisation of IGST credit, SGST credits and CGST
credit to finally transfer funds amongst the IGST, CGST and SGST accounts to reverse any impact caused by cross utilisations. This again has to be performed by the GST system.
1.3 Ease of doing business and minimisation of Compliance Cost:
The indirect tax domain in India has developed in a very complex manner. The GST reform is expected to simplify it. However, the federal nature of polity imposes constraint on the extent of simplification possible. There are going to be 34 State GST Laws and one Central GST laws. To overcome this limitation, a need was felt to have a single common interface with the tax payer through a GST Common Portal, which will be the medium for most of his interactions with the tax authorities. A tax payer will take registration through this common portal, file a single return for each tax period, make payments of all types of due taxes, and claim all types of refunds.
The complexity of the GST System can be envisioned with the data which the GST System is expected to handle as given below:
a. 70 to 80 Lakhs taxpayers;
b. 260 to 300 Crores B2B invoice data per month
c. More than 120,000 tax officials to work
d. Monthly filing of returns
e. Credit of ITC
In view of the above complexities and requirement, an Empowered Group on IT for GST was set up under the chairmanship of Shri Nandan Nilkeni in the year 2010 to prepare the IT strategy for GST Implementation. This task group recommended the setting up of GSTN as a private section 25 company with the central government and the State Government holding 24.5 % each (together around 49%) and rest with private institutional players. The strategic control of this organisation was envisioned to jointly with the Central and State Governments. The recommendations of the Committee were approved by the Empowered Committee of State Finance Ministers (EC) and the Union Cabinet, which led to incorporation of Goods and Services Tax Network, as a Section 25 (not for profit), non-Government, private limited company in March 2013. The union cabinet while approving creation of GSTN also approved that GSTN will be an exclusive national agency responsible for delivering integrated Indirect Tax related services involving multiple tax authorities, which will provide common Registration, Return filing and e-Payment services to the taxpayers. The Cabinet also empowered it to charge the users of the GST Systems namely tax authorities and the taxpayers.
Apart from providing shared IT Infra for registration, return and tax payment, GSTN is also supposed to
i. Ensure integration of the GST Common Portal with existing tax administration systems of Central / State Governments and other stakeholders
ii.. Run the clearing-house mechanism for IGST amongst centre and states
iii. Provide Analytics and Business Intelligence to tax authorities
iv. Carry out research, study best practices and provide training to the stakeholders
To retain strategic control but yet provide flexibility and agility, GSTN has been created as a special purpose vehicle (SPV) for the implementation of common IT Infrastructure for GST with following equity structure:
| Central Government | 24.5% |
| State Governments & 2 UTs & EC Collectively | 24.5% |
| LIC Housing Finance Ltd | 11% |
| ICICI Bank Ltd | 10% |
| HDFC Ltd | 10% |
| HDFC Bank Ltd | 10% |
| NSE Strategic Investment Corporation Ltd | 10% |
2. Interface between GST Core Systems and State/CBEC System
In GST regime, while taxpayer facing core services of applying for registration, uploading of invoices, filing of return, making tax payments shall be hosted by GST System, all the statutory functions (such as approval of registration, assessment of return, conducting investigation and audit etc.) shall be conducted by the tax authorities of States and Central governments. While GSTN shall develop and host application modules (termed as back-end modules) supporting such statutory functions for 19 States (termed as “Model 2” States), rest of States and Central government (termed as “Model 1” States) have decided to develop and host the back-end modules themselves. (List of Model 1 and Model 2 states as on 30th June 2016 is as per Annexure-I). Schematic diagram of interaction between GST System and the IT Systems of CBEC/States is given in the diagram below.
IT Interfaces (Over APIs) (Image Panding)
Fig. – Typical Schematic of Integration of GST with States/CBEC
It is imperative that GST System and such back-end modules shall have two-way data exchange for smooth administration of GST. The registration, return and payment information submitted at GST System shall be forwarded to the back-end system on near real-time basis while response generated at back-end system shall flow back to GST System. There shall be scenarios where information shall be generated at back-end systems that need to flow to GST System such as when a demand is generated at the back-end system after completion of an audit or assessment process. GST System shall have provision for receipt of such intimation, just like claims (e.g. refund claims), processing thereof as per law, and for issuance of authorisation with accounting and MIS.
3. Core functions at GST System
a. Registration
a) New Taxpayer Registration
Registration of a business with the tax authorities implies obtaining a unique identification code from the concerned tax authorities so that all the operations of and data relating to the business can be agglomerated and correlated. In any tax system this is the most fundamental requirement for identification of the business for tax purposes or for having any compliance verification program. It is pertinent to mention here that in GST regime, there will be dual authority (concerned State and Central governments) for every taxpayer and registration will be accorded only after due approval from both the authorities are in place.
b) Amendment of Registration
Capturing registration information is not a one-time activity and any change in critical information should be reported / entered at the GST System within a stipulated time period to be specified in GST Laws. Accordingly, every registered taxpayer will have the option to amend his registration information (barring few fields such as PAN, Legal Business Name / Proprietor Name, State Code etc.) at the GST System.
c) Surrender of Registration
Surrender module will be available for all valid and active GSTINs. GST System will provide the facility to the registered taxpayer to voluntarily surrender the GSTIN. There are certain situations in which the taxpayer might surrender the GSTIN; some of them are as follows:
a) Closure of the business
b) Transfer of business, due to death of taxpayer
c) Change in the nature of business
d) Change in the constitution of business from proprietary to partnership or otherwise
e) Amalgamation of two or more business entities etc.
d) Cancellation of Registration
The cancellation of registration may be initiated by tax authorities in certain situations such as following:
In case a tax payer contravenes specified provision of the GST laws;
In case a taxpayer has not filed any return at all during a predetermined period.
Illustration: Business Process of Registration
The application for Registration will be made Online on GST Portal. The registration will be based on PAN of the Entity. The system envisages minimal documentation for registration as some of the key data like PAN, Business Constitution, Aadhaar, CIN/DIN etc. (as applicable) will be validated online against respective agency i.e. CBDT, UID, MCA etc. The typical workflow of information and responsibilities across GST and CBEC/States in Registration process are as per below:
| From GST Systems to States | From States to GST System |
| Validated Registration application data; or application for amendment /surrender | Query or demand for additional documents, if any |
| Supporting scanned documents | Approval or Rejection |
| Additional Document or clarification | Digitally signed Registration Certificate |
b. Return
A return is a statement of specified particulars relating to business activity undertaken by taxable person during a prescribed period. A taxable person has a legal obligation:
a. To declare his tax liability for a given period in the return;
b. Furnish details about the taxes paid in accordance with that return; and
c. File correct and complete return within stipulated time frame.
A return needs to be filed even if there is no business activity (i.e. Nil Return) during the period of return. Taxpayers will file return in electronic form only. There will be one common return form for all different types of GST i.e. CGST, SGST, IGST and Additional Tax.
c. Payments
In GST regime, every taxpayer will have to make payment of the due tax, interest, penalty and other amounts specified in law and incorporate such payment information details into the return form before filing of such return. Payment may also be made for other purposes such as for demand against assessment order etc.
4. Approach to the GST System
GSTN has engaged M/S Infosys as a single Managed Service Provider (MSP) for the design, development, deployment of GST system, including all application software, tools and Infrastructure and operate & maintain the same for a period of 5 years from Go-Live. The various tracks under the GST system project are as under:
- Application design, development and implementation of GST common portal
- Backend Modules for Model 2 states
- Taxpayer one time Data Migration and issue of GSTIN
- IT Infrastructure procurement, supply, installation and Info Security
- DC/DR Hosting Services including providing Bandwidth for the project
- Technical Helpdesk Setup and Operations
- Training and Capacity Building
- Operations and Maintenance of the GST System for 5 years from Go-Live GST System Technical Architecture
5. GST System Technical Architecture
The GST portal will be direct, browser-based interface for Taxpayers and Tax officials to access GST services. However the GST system is designed to be built on open APIs which can provide platform-independent interfaces to systems at other model-1 State/UT Commercial Tax departments, Central Tax authorities, Agency banks, RBI, CAG, CGA and other stakeholders in GST system.
Some schematics of high level design of the system are as per diagrams below:
GST System — Schematic Design
G2G : Govt to Govt
G2B : Govt to Business
API: Application Programming Interface
6. GST Eco-System
There are multiple stakeholders in GST eco-system:
a) Tax Payers
b) CAs/Tax Advocates/TRPs
c) Banks/ RBI
d) GST Council
e) CBEC/State Tax Authorities
f) Helpdesk
g) CAG
f) CGA
i) 3rd Party Application developers
j) Aadhaar/MCA21/CBDT
GST Eco-System
7. Key solution design principles
GST System IT Framework is designed around following key design principles that define the state-of-the-art in modern design practice:
a. Platform Approach : Designed as a platform powered by a faceless Open API architecture
b. Openness : Adoption of Open API and Open Standards
c. No Vendor lock-in and Replace-ability : Vendor neutrality to be driven by design ensuring plug-ability and adherence to standards
d. Security and Privacy : Privacy and data integrity and disseminate data to authenticated and authorized users
e. Scalability : Scalability to be driven by application design ensuring scaling out with hardware addition in a modular fashion
f. Availability : Load Balanced in an active-active fashion avoiding single point of failure
g. Manageability : Ensuring non-intrusive monitoring of components assuming infrastructural failure is commonplace
h. Reliability : Ensure Data integrity and prevent unauthorized manipulation of data
i. Data Driven Decision Making : Capture enough system analytical data to provide improvement indicators
j. Reconstruction of truth : Tamper resistance capacity and source of truth (original data of invoices and final returns) could be used to reconstruct derived data
The design is aimed at following key outcomes:
Figure – Key outcomes of solution design principles
b) GST Common Portal:
The GST portal shall be accessible over Internet (by Taxpayers and their CAs/Tax Advocates etc.) and Intranet by Tax Officials etc. The portal shall be one single common portal for all GST related services e.g.
i. Tax payer registration (New, surrender, cancelation, etc.)
ii. Invoices upload, auto-drafting of Purchase register of buyer Periodic GST Returns filing
iii. Tax payment including integration with agency banks
iv. ITC, Cash and Liability ledger
v. MIS reporting for tax payers, tax officials and other stakeholders
vi. BI/Analytics for Tax officials
c) Integration with systems of States & CBEC
Model 1 States
a) All model 1 states will continue to use their own IT systems. However they will have to augment their system to receive and transmit data from/to GST system based on web services (open APIs). The APIs are being provided by the GSTN to States/CBEC for various transactional activities, specific reports
b) As an illustration, when a Taxpayer files Registration data in GST system, the registration information along with uploaded scanned documents are transmitted to the respective State’s IT system as well as CBEC’s IT system. In case of any additional information requirement, state/CBEC official updates the same in their system, which is pushed to GST system as status update to the tax payer. In case, Registration is approved or rejected, the status is transmitted to GST system through open Web Services. Thus, Tax payer is able to check Registration status anytime on GST portal.
c) In the same manner, returns, payments etc. information shall also be transmitted to respective state on continuous basis and they will be able to process the information as per their own processes, thus ensuring autonomy of state side IT system for Model 1 states.
Model 2 States
For model 2 states (presently 19 in nos. List as per annexure-I), GSTN will develop standard back end modules as per list below:
a. Approval of Dealer Registration
b. Return Processing & Payment
c. Refund
d. Audit
e. Assessment
f. Appeal and Revision
g. Recovery and Write-off/DCR
h. Enforcement and Survey
i. MIS/Reports
j. Advance ruling
k. Policy and administration
l. Prosecution
All these backend modules shall be hosted in the same data center as GST system, however on separate servers, storage etc. The tax officials of Model 2 shall access these backend modules for their various administrative needs over dedicated MPLS network links provided by GSTN for the purpose. Thus Model 2 states need not provide any servers, storage or applications etc. for GST operations. However, Model-2 States will have to assess and maintain the adequacy of their IT systems at their end in terms of the
following:
- End Points (Desktops, Laptops etc.)
- Network and Security devices in their internal network (LAN etc.)
- Network Links and their capacity in their WAN (State WAN etc.)
- Information Security (Anti-Malware, Malicious Content filtering etc.)
- User ID and Password management
- Existing IT Systems of VAT/Service Tax/Excise
d) Business Intelligence/Analytics
The GST system shall include a robust Business Intelligence (BI) system (in Phase-III of the project). The system which is aimed to help policy makers for policy formulation and economic analysis shall provide following features:
a. Building the data warehouse landscape and BI reporting based on data captured
b. Analytics (predictive modelling based on structured and unstructured data)
c. Reporting system with visualization, ad-hoc reporting, slicing and dicing capabilities.
d. The BI system will be used by States, UTs, CBEC, GSTN Team and GST Council for various analytics and dynamic reporting.
e. Approximate cumulative users of this solution shall be 500 at the start of the project, which may go up in subsequent years. These users shall access the GST System for various BI reports and analytics.
GSTN also intends to implement appropriate fraud management system at a later date through another service provider. The Selected service provider for fraud analytics system will provide requisite specific tools for the purpose.
e) Information Security and Confidentiality
Considering the sensitivity of data in GST system, there is a great focus on information security aspects of the system i.e. Confidentiality, Integrity, Availability and non-repudiation etc. There are many key components included in the Information security Architecture of the system:
a) Core GST System will not be directly exposed to internet
b) Multi-layered security architecture with some best of the breed technologies & products – DDoS, Network & Application Firewalls, NIPS, HIPS, Anti-APT, dedicated Encryption devices, DB encryption, SIEM, IDEM and PIM solutions
c) Access to GST system through Secured tunnel & will have additional layer of control through Two Factor Authentication (2FA) e.g. OTP for critical transactions
d) Any data transfer from GST System to State system / other system to be done in encrypted format
e) Real-time collection & monitoring of System logs
f) Periodic Vulnerability Assessment, Penetration Testing, security and other audits through third party auditors
g) Certification done against key well-regarded and popular standards e.g. ISO 27001, ISO 20000, ISO 22301
In the GST system being developed by GSTN the requirements of confidentiality and security are being addressed by classifying information in the following four categories
| Level | Description | Examples |
| Level 1 (Public) |
Information that is available to all GST system users without any restrictions |
(i) GST web public content
(ii) GSTIN, Status, Name |
| Level 2 (Internal) |
Information is available to only a sub-set of internal users from GSTN & SP |
(i) Configuration parameters
(ii) Rules (iii) Application Logs etc. |
| Level 3 (Confidential) |
Level 2 restrictions plus Information is sensitive needs to be protected through Encryption or through other data masking techniques |
(i) Sensitive data and personal information (Bank account details, PAN, Aadhaar number) (ii) Personal information such as Mobile number, Address, Email id (iii) Invoice data, Tax returns details, Ledger entries |
| Level 4 (Secret) | Information that available to only very few (1 or 2) users. | (i) Passwords
(ii) Digital signature, Encryption keys (iii) Highly confidential Govt communication |
Annexure – I
List of Model-1 and Model-2 States as on 30th June 2016
| States and UTs with legislature | States | |||
| 1 | Arunachal Pradesh | 1. Andhra Pradesh | ||
| 2 | Assam | 2. Goa | ||
| 3 | Bihar | 3. Gujarat | ||
| 4 | Delhi | 4. Haryana | ||
| 5 | Himachal Pradesh | 5. | J & K | |
| 6 | Manipur | 6. | Karnataka | |
| 7 | Mizoram | 7. | Kerala | |
| 8 | Nagaland | B. | Maharashtra | |
| 9 | Odisha | 9. | Meghalaya | |
| 10 | Puducherry | 10. | Punjab | |
| 11 | Tripura | 11. | Rajasthan | |
| 12 | Uttar Pradesh | 12. | Sikkim | |
| 13 | Uttrakhand | 13. | Tamil Nadu | |
| 14 | Madhya Pradesh | 14. | Telangana | |
| 15 | Chhattisgarh | 15. | West Bengal | |
| 16 | Jharkhand | |||
| UTs without Legislature | ||||
| 1 | Chandigarh | |||
| Daman & Diu | ||||
| 3 | Dadra & Nagar Haveli | |||
