If you are a Compliance Officer at a Financial Institution (FI), the most critical question you must answer before filing is: "Which FATCA Model applies to my jurisdiction?"
Getting this wrong doesn't just mean a rejected file—it can lead to significant penalties for non-compliance. While both models aim to share data with the US IRS, the submission path, file format, and security requirements are completely different.
In this guide, we break down the technical and operational differences between Model 1 and Model 2 IGA (Intergovernmental Agreements).
What is FATCA Model 1 (IGA)?Model 1 is the most common framework, used by jurisdictions like India, the UK, Singapore, and the Cayman Islands.
Under Model 1, Foreign Financial Institutions (FFIs) do not report directly to the IRS. Instead, they report to their local tax authority (e.g., the CBDT in India or HMRC in the UK). The local authority then exchanges this information with the IRS on a government-to-government level.
-
Submission Portal: Your Local Tax Portal (e.g., Insight Portal in India).
-
Format: FATCA XML v2.0 (often with local specific headers).
-
Encryption: Usually standard SSL upload; strictly AES-256 is often not required by the user (the local government handles the encryption to the IRS).
-
Deadline: Typically May 31st or June 30th (varies by country).
Model 2 is used by jurisdictions like Switzerland, Japan, and Hong Kong.
Under Model 2, the local government directs FIs to report directly to the US IRS. This is often due to local banking privacy laws that prevent the government from collecting the data itself.
-
Submission Portal: The IRS IDES Gateway (International Data Exchange Service).
-
Format: FATCA XML v2.0 wrapped in a specific transmission package.
-
Encryption: Mandatory. You must encrypt the XML payload using AES-256, sign it with a digital certificate, and create a specialized .zip package with a metadata file.
-
Deadline: Strictly March 31st of the following year.
For Model 2 filers, the biggest hurdle is the IDES Gateway. You cannot simply upload an Excel file or even a raw XML file.
The IRS requires a complex "packaging" process:
-
Generate valid FATCA XML v2.0.
-
Sign the payload using a valid Digital Certificate.
-
Encrypt the payload using a random AES 32-byte key.
-
Encrypt that key using the IRS Public Key (RSA).
-
Create a Metadata XML file describing the sender and receiver.
-
Zip everything into a specific filename format.
A manual error in any of these steps results in a "Notification of File Error" days later.
How Novus Compliance Solves BothWhether you are a Cooperative Bank in Pune (Model 1) or an Investment Firm in Zurich (Model 2), Novus Compliance automates the specific workflow you need.
-
For Model 1: We generate the clean, compliant XML ready for the Insight Portal or other local authorities.
-
For Model 2: Our Encryption Engine handles the full IDES packaging—signing, AES-256 encryption, and metadata creation—in one click.
Stop fighting with XML schemas. Try our Free GIIN Validator or Contact Us today to automate your 2026 reporting.
Happy Taxing 😀
