The return used to be the start of the conversation. Not any more.
Voluntary self-assessment has been the structural assumption of African income tax for a generation. KRA's Income & Expense Validation Engine and the Draft Finance Bill 2026, FIRS's FIRSMBS, RRA's EBM, and SARS's pre-population programme are quietly inverting it. The Commissioner now arrives at the conversation with a position already formed from third-party data. The taxpayer's return is a response.
There is a clause buried in the Draft Finance Bill 2026 in Kenya that, if enacted in its current form, changes the operating assumption of the income tax system. The clause amends the Tax Procedures Act to empower the Commissioner to determine the tax liability of a person 'suspected of having entered into or carried out a tax avoidance scheme' from secondary data — withholding tax declarations, employer filings, eTIMS records, whistleblower reports, third-party information, and data obtained under any other written law. The shift is not from one calculation method to another. It is a shift in who carries the opening position in the assessment conversation.
Under the existing self-assessment framework, the taxpayer files. The Commissioner reviews, may audit, and may issue an additional assessment with reasons. Under the proposed framework, in cases of suspected avoidance, the Commissioner can compute liability from data the authority already has — and the taxpayer's first job is to object.
The same direction is visible across the continent. Nigeria's Tax Reform Acts 2025 expanded FIRS's data-driven audit authority. FIRS plans to integrate its database with NIBSS, the Nigeria Customs Service, the Nigerian Communications Commission, and the Corporate Affairs Commission — giving the authority a real-time view across banking, customs, telecommunications, and corporate registration. Rwanda's RRA operates the Electronic Billing Machine network and uses VAT return pre-population from EBM data. From January 2026, banks and mobile money operators in Rwanda function as withholding agents for VAT on digital services where the supplier is unregistered. The Mauritius Revenue Authority extended the same logic to foreign digital service providers from the same date. SARS in South Africa has used pre-populated returns and bank data exchanges for years and is now layering on AI-driven risk profiling.
The technology to bring this data together exists. The question facing every Commissioner is not whether to do it but how to do it without two specific failures. The first failure is the assessment that is wrong because the third-party data was wrong. The second failure is the assessment that is right but cannot be defended at the Tribunal because the file does not show how the Commissioner reasoned across the data sources.
Third-party data does not produce assessments. Third-party data produces files. Files become assessments only when the reasoning across the data is sound.
The first failure is operational. eTIMS invoices that were issued and then cancelled, withholding tax filings submitted under the wrong PIN, NIBSS reports that captured a transit transaction rather than a beneficial receipt, customs declarations that double-count a re-exported good — every dataset the authority brings in has its own integrity profile. An assessment built on uncritically aggregated third-party data will, on a fraction of files, be objectively wrong. Those wrong assessments cost the authority cases at TAT, settlement concessions in ADR, and the public trust the IAT clarification was issued to defend.
The second failure is one of articulation. The taxpayer who receives a default assessment built across five data sources is entitled, on objection, to know how the Commissioner combined them. An assessment that says 'your bank deposits and your eTIMS invoices total KES 47 million, your return declared KES 19 million, additional assessment raised on the difference' is an assessment that does not survive a competent objection.
Where each sits.
Akki is the substrate the third-party data lands in. The integration with NIBSS, with the eTIMS platform, with the bank reporting feeds under the Tax Procedures Act, with the customs system, with the integrated population registry — all sit on Akki. The data is structured. Each data point carries its provenance, its date, its confidence rating, and its handling rules. The officer reviewing a file does not see a flat data dump. They see a structured picture in which each piece of evidence has a known weight.
Solva does the reasoning across the data. When the validation engine flags a discrepancy between a return and the third-party data, Solva structures the analysis the way the file will need to look at TAT. It restates the question — does the third-party data, properly interpreted, support an additional assessment. It surfaces what is known from each source, what is missing, and what would change the picture. It tests alternative explanations the taxpayer would advance — the eTIMS invoices were cancelled, the bank deposits include loan disbursements, the customs declarations were transit not import. It produces a recommended assessment in which the data treatment is explicit. When the picture across the data does not support a defensible assessment, Solva refuses to recommend and names which data point would have to be different for the picture to hold.
SyniSense governs the data layer with specific reference to inter-agency sharing. The data the authority obtains from another government agency — KRA from NTSA, FIRS from NIBSS, RRA from the National Identification Agency — is held under the source agency's authorising statute and the data protection framework. SyniSense ensures that when AI models do the reasoning, the identifying fields are anonymised at the boundary, the purpose of the cross-referencing is logged, and the audit receipt the data protection commissioner can request is generated. The Nigeria Computer Society's December 2025 objection to the FIRS-DGFiP MoU on data sovereignty grounds is the kind of question every Commissioner should expect to be asked. SyniSense is the architectural answer that lets the Commissioner say, with evidence: the data did not leave.
The audit selection process changes. The authority is not picking files randomly or by industry. It is picking files where the third-party data, weighted by source reliability, suggests a defensible additional assessment. The volume of audits is lower; the yield per audit is higher; the win rate at TAT is higher.
The default assessment process changes. Under the new powers the Draft Finance Bill proposes, or under FIRS's expanded audit authority under the 2025 Tax Reform Acts, the Commissioner can determine liability from third-party data without waiting for the return. The risk of doing this badly is high. The benefit of doing it well is also high. Solva makes the difference between the two operationally tractable.
The objection conversation changes. The taxpayer's representative does not arrive at the Tax Appeals Tribunal alleging the Commissioner has computed liability from a flat aggregation. They are looking at a reasoning trail. The Tribunal's job is to weigh the Commissioner's reasoning against the taxpayer's evidence. The conversation is on the substance.
And the data protection commissioner's review changes. When the ODPC, the NDPC, the Rwanda data protection authority, or the South African Information Regulator asks the authority how the third-party data is governed, the answer is the audit receipts. Compliance with the Data Protection Act is demonstrable rather than asserted.