Legal development

Tax and data centres – a global tax controversy perspective

By Tim Gummer and Sara Sinfield

24 February 2026

Share Share
fibre optic cable
Share

    1. An evolving global landscape

    As discussed in our previous article entitled "Tax and Data Centres – Powering Structural Change", the global data centre market is experiencing unprecedented interest from investors, developers, funders and occupiers.

    At the same time, tax authorities around the world are struggling to grapple with and assess tax risks connected with data centre assets, in the context of tax systems which were originally constructed with a view to tax administration based upon brick and mortar economies.

    Against this framework it is critical from a tax perspective that investors, developers, funders and occupiers strike an appropriate balance between:

    (a) structural optimisation — by considering appropriate holding structures to protect commercial interests which align with the organisation's global tax policy and governance framework, and

    (b) risk mitigation — by considering engagement with Tax authorities in each jurisdiction impacted by the data centres themselves and the digitalised business that the data centre is supporting.

    We are increasingly seeing global tax authorities approach tax risk within data centre structures using a "whole of code" approach.

    This includes utilising a very broad range of international tax rules and treaties such as the application of (i) permanent establishment rules, (ii) transfer pricing concepts and (iii) thin capitalisation rules. Tax authorities are also interested in a broad range of indirect tax issues including VAT/GST and stamp taxes as well as general anti-avoidance rules and specific, targeted, local anti-avoidance measures.

    Given the increased focus on these structures by tax authorities, investors and occupiers are increasingly focusing on ensuring the proper documentation of commercial and tax governance decisions and processes, with a view to creating contemporaneous "evidence files". These serve as contemporaneous evidence of the commercial drivers behind decisions taken in the lifecycle of the project, and can prove key to withstanding subsequent challenges from Tax authorities.

    2. Data centres in the crosshairs: How revenue authorities are re-setting the rules of engagement

    Hyperscalers, cloud providers and digital infrastructure investors and funders have poured billions of dollars into new facilities powering everything from generative AI to central government functions. The speed and scale of such growth has not gone unnoticed by Tax authorities.

    For example, the Australian Taxation Office (ATO) has moved data centre structures to the top of its international tax program, signalling that the ATO believes large amounts of Australian tax revenues are leaking offshore. Transfer pricing reviews, permanent establishment (PE) questions and general anti-avoidance enquiries are now common features of audit activity across multiple jurisdictions.

    Many investors, funders and occupiers who have traditionally viewed their data centre assets primarily as "passive" real estate assets are discovering that global tax authorities (including the ATO) by contrast view them as high-value operating businesses.

    3. Common themes in data centre audits

    Permanent establishment — servers are no longer “passive”

    Global tax authorities are increasingly focusing on whether foreign entities in multinational groups have a "domestic" taxable presence by way of having a fixed place of business through large-scale data centres.

    From an OECD perspective, a computer server can constitute a permanent establishment if two key conditions are met. If both such conditions are met, the server location can trigger tax implications in that country, regardless of whether employees are physically present on site:

    First condition — there must be a fixed place of business in the relevant jurisdiction that is at the disposal of the company. In practice, this means that the company owns or leases the hardware and operates it. If the enterprise can decide where the server is located, how it is configured, when it is maintained, and for what business functions it is used, that points strongly to the site being at its disposal.

    Second condition — the company must carry on business activities through that fixed place that are not merely preparatory or auxiliary. If the functions performed by the server form an essential and significant part of the enterprise’s overall business, or if other core functions of the enterprise are carried out through that equipment, the activity is then not preparatory or auxiliary. In such cases, from an OECD perspective the server is not just hosting; it is conducting the business.

    Transfer pricing and sales creation — the undervalued data-centre

    Taxpayers can expect detailed questions on functions, assets and risks (FAR), with an acute focus on development, enhancement, maintenance, protection and exploitation (DEMPE) of intangibles that rely on computer capacity, latency advantages and sovereign-data credentials (e.g. as seen in recent audits undertaken by the ATO).

    Similar themes arise in many jurisdictions. In Germany, for example, the German Tax Authority (GTA) views domestic intragroup data centres as significantly contributing to market success and therefore not easily replaced. Even if the on‑site headcount is small, the location itself is viewed by the GTA as key, giving rise to potential "taxing rights" for the GTA. From that perspective, Tax authorities may argue that pricing the service purely on cost misses the bigger picture, especially the scalability that the data centre enables in the business model.

    General anti-avoidance — the last line of offence

    Where contractual allocations appear engineered to divert profit offshore, particularly via intra-group service or licensing arrangements, global tax authorities are increasingly seeking to invoke anti-avoidance and "substance" over form rules.

    For example, in Australia, recent announcements make clear that the tax authorities see data centres as a new frontier, and the threat of a 40% Diverted Profits Tax assessment remains a live deterrent during transfer pricing negotiations.

    Similarly, Italy's challenges to the arrangements of Google and Netflix concerning their respective domestic digital infrastructure in respect of content streaming in recent years demonstrates a crackdown on multinationals arrangements and is anticipated to extend to data centre arrangements.

    4. What are we seeing in practice?

    Onerous information gathering powers

    Taxpayers can expect multi-stage, multi-discipline requests for information (RFIs) that cover technical design, procurement, network topology, customer contracting, IP ownership and board-level decision-making. Large data dumps are no longer sufficient; tax authorities are requesting curated narratives linking source documents to FAR positions.

    Functional interviews across the business

    Audit teams are expanding interviews beyond the local finance and tax group. Facility engineers, procurement leads, product managers and even site reliability specialists are being asked to explain day-to-day decision-making, contractual sign-off and escalation pathways. Statements made in these sessions are subsequently compared with the written functional analysis provided by advisers.

    Data-rich benchmarking expectations

    Tax authorities (e.g. the ATO) are drilling into PUE (power-usage effectiveness), utilisation rates, AI workload allocations and specific chip-sets to test whether Australian operations still reflect “routine” levels of risk. Outdated comparables based on traditional co-location models are being challenged where facilities now host graphics processing unit (GPU) clusters underpinning global AI products.

    5. The benefits of contemporaneous "evidence files"

    These serve as contemporaneous evidence of the commercial drivers behind decisions taken in the lifecycle of a project. When used appropriately, contemporaneous "evidence files" can act as a living repository that contemporaneously captures salient commercial facts, contracts and analysis supporting tax positions which are adopted. Properly curated, this can serve three strategic purposes:

    (a) Improved responsiveness — when the tax authority issues an information request, you can respond with targeted evidence rather than launching a time-consuming hunt through shared drives.

    (b) Controlling the narrative — by aligning and clearly documenting clear and contemporaneous commercial reasons for decisions and actions, recording operational reality and desired financial outcomes, you set the story rather than allowing auditors to piece it together from disparate, and frequently non-contemporaneous, sources.

    (c) Issue containment—a clear prima facie case often limits follow-up RFIs and reduces the need for multiple interview rounds, shortening the overall life-cycle of the review.

    Key elements of contemporaneous "evidence files" should include:

    (a) records of the commercial reasons for decisions and actions being taken or omitted;

    (b) up-to-date functional analysis mapping domestic activities to DEMPE factors;

    (c) PE risk assessments aligned with server-control protocols;

    (d) benchmarking that reflects current AI utilisation;

    (e) board minutes evidencing strategic decision-making; and

    (f) service agreements reconciled to actual flows of goods, services and funds.

    6. Conclusions and key practical takeaways

    Data centres have moved from a niche real estate asset to critical infrastructure underpinning the global digital economy. Organisations which invest now in proactive risk reviews, and which maintain robust, defensible "evidence files", will be best placed to resist assessments, limit disruption and demonstrate governance to boards and investors.

    Practical pro-active risk mitigation steps include:

    (a) Holistic risk reviews—to map operational reality against PE, transfer pricing and GAAR exposure, identifying evidence gaps early.

    (b) Building and refreshing contemporaneous "evidence files" —to contemporaneously document FAR, DEMPE, contracting chains and strategic decisions.

    (c) Proactivity—in appropriate cases consider providing targeted material to the tax authorities upfront to frame the factual narrative and avoid wide-ranging requests.

    (d) Preparation of people—to coach operational teams on audit protocols and ensure statements made in functional interviews align with documented positions.

    (e) Monitoring change—refresh your analysis as facilities evolve from co-location to AI-optimised workloads; a “routine” return today may look non-arm’s-length tomorrow.

     

    For more data centre insights see our data centre hub here.

    The information provided is not intended to be a comprehensive review of all developments in the law and practice, or to cover all aspects of those referred to.
    Readers should take legal advice before applying it to specific issues or transactions.

    Key Contacts