FATCA XML Schema Best Practice Revisions

The IRS have released a bulletin this week which focuses on FATCA XML Schema best Practices. The guidance is surrounding reducing the threat posed by SQL injection in malicious forms (currently the top website hack today) along with other notable XML character restrictions.

Certain characters are now prohibited by XML syntax rules and should a document contain any of the following characters, the data packet will be rejected and an error notification will be generated. Entity references will be subjected to the same treatment.

Character

Description

Apostrophe
– – Double Dash
# Hash
Quotation Mark

As above Syntax rules surrounding character restrictions are now being enforced, therefore, If an XML document contains one of the following characters in element values, the data packet will be rejected and an error notification will be generated.

Character

Description

& Ampersand
Less Than
Greater Than

 

To prevent file error notifications in future, ensure your files do not include any of these characters at your earliest convenience.