Information sheets

Issued: 23 December 2024

Last modified: 23 December 2024

TOC (auto-generated)

 

Disclaimer

This is a Tax Practitioners Board (TPB) Information sheet (TPB(I)). It provides information regarding the TPB’s position on the application of the additional breach obligations in subsections 30-35 and 30-40 of the Tax Agent Services Act 2009 (TASA), which applies from 1 July 2024.

While this TPB(I) seeks to provide practical assistance and explanation, it does not exhaust, prescribe or limit the scope of the TPB’s powers in the TASA. 

The principles, explanations and examples in this TPB(I) do not constitute legal advice and do not create additional rights or legal obligations beyond those that are contained in the TASA or which may exist at law.

Document history

This TPB(I) was originally issued as an Exposure Draft on 30 April 2024. The TPB invited comments and submissions in relation to the information contained in it by 28 May 2024. The TPB considered all the comments and submissions received and made changes to the Exposure Draft. In summary, these changes were made by the TPB to give greater practical guidance to registered tax practitioners on the breach reporting obligations, including the meaning of key terms, phrases and tests used in the law, provide additional case studies and examples, and address industry concerns about how the obligations may operate in practice. 

The TPB published this finalised TPB(I) on 23 December 2024 and is based on the TASA as at the date of issue.

Issued: 23 December 2024


Introduction

  1. This Information sheet (TPB(I)) has been prepared by the Tax Practitioners Board (TPB) to assist registered tax agents and BAS agents (collectively referred to as registered tax practitioners) understand the breach reporting obligations under sections 30-35 and 30-40 of the Tax Agent Services Act 2009 (TASA), which apply from 1 July 2024.
  2. These obligations broadly require registered tax practitioners to report:
    • ‘significant breaches’ of the Code of Professional Conduct (Code) in the TASA[1] relating to their own conduct to the TPB; and
    • ‘significant breaches’ of the Code by other registered tax practitioners to the TPB and recognised professional association(s) (RPAs) of that tax practitioner.
  3. The registered tax practitioner must have reasonable grounds to believe that they, or the other tax practitioner, has breached the Code, and the breach is significant.
  4. This TPB(I) provides information for registered tax practitioners on:
    • the existing obligations under section 30-35 of the TASA to notify the TPB of a change in circumstances (paragraphs 19 to 28)
    • the additional obligations under sections 30-35 and 30-40 of the TASA to notify the TPB and RPAs of breaches of the Code (paragraphs 29 to 139), including the meaning of key terms and phrases
    • when they must notify the TPB and RPAs of breaches of the Code (paragraphs 140 to 187)
    • client confidentiality and legal professional privilege (paragraphs 188 to 194)
    • consequences for failing to comply with the breach reporting obligations (paragraphs 195 to 210)
    • TPB’s approach to investigating breach notifications (paragraphs 211 to 225)
    • case studies (paragraph 226).

When the breach reporting obligations apply

  1. The breach reporting obligations in sections 30-35 and 30-40 of the TASA apply to a significant breach of the Code, where a registered tax practitioner has reasonable grounds to believe that the breach occurred on or after 1 July 2024.
  2. Registered tax practitioners are not required to report breaches that occurred before 1 July 2024. However, if the conduct giving rise to a breach first occurs before 1 July 2024 but is ongoing on or after that date, the breach must still be reported, although this will not apply in circumstances where a registered tax practitioner enters a new client engagement and becomes aware of conduct of the prior registered tax practitioner in relation to that client that gives rise to a breach that occurred before 1 July 2024. In those circumstances, given the prior registered tax practitioner is no longer providing a service to the client, the conduct giving rise to the breach will not be ongoing on or after 1 July 2024.
  3. Although the breach reporting obligations are a standing obligation, they do not require registered tax practitioners to ‘continually’ self-assess as a reoccurring action (for example, daily assessment of whether a breach has occurred). 
  4. The TPB does not expect a registered tax practitioner to assume the role of ‘investigator’ or ‘auditor’, or to ‘go looking’ for potential breaches of the Code by other registered tax practitioners, for example, when accepting information from another registered tax practitioner relating to a new client engagement. However, if a registered tax practitioner has reasonable grounds to believe that a significant breach has occurred, they must report the breach. Whether there is a need to report the breach is a professional judgement for the registered tax practitioner, based on the facts and circumstances. For more information on the reporting of conduct of another registered tax practitioner, see paragraphs 126 to 137.
  5. The breach reporting obligations do not obviate or diminish the broader legal, ethical, contractual, and professional frameworks in which registered tax practitioners operate. For example:
    • the legal requirements under the TASA may be supplemented by professional and ethical standards required of members of a particular RPA
    • under common contractual terms of agreements with clients or professional indemnity insurers, registered tax practitioners are required to act in a timely and efficient manner to address risks and to mitigate losses.

Who the breach reporting obligations apply to

  1. The breach reporting obligations apply only to registered tax practitioners in relation to:
    • their own conduct (in the case of self-reporting), and 
    • the conduct of another registered tax practitioner (in the case of reporting against another registered tax practitioner). 
  2. They do not apply to any unregistered tax practitioners, including non TPB registered entities that a registered tax practitioner may employ, use or otherwise engage to provide tax agent services on their behalf. 
  3. Importantly, the obligations apply to any registered tax practitioner entity (individual, company or partnership).

Objective of breach reporting obligations

  1. The breach reporting obligations were introduced through amendments made to the TASA by Treasury Laws Amendment (2023 Measures No. 1) Act 2023 as part of: 
    • broader reforms to implement recommendations arising from an independent review into the effectiveness of the TPB and the TASA; and
    • the government’s response to the PricewaterhouseCoopers tax leaks matter.
  2. The focus of the reporting regime is on identifying, managing and targeting non-compliance with the Code obligations by registered tax practitioners, with the objective of:
    • improving the conduct of registered tax practitioners in providing tax agent services 
    • enhancing the protection of clients
    • increasing community confidence in the integrity of the system that regulates those services and the tax industry. 
  3. By introducing an obligation to report significant breaches of the Code, the regime also helps to mitigate the risk of non-compliance. 
  4. Consistent with the object of the TASA[2] and other statutory disclosure regimes,[3] the expanded regime seeks to uphold and enhance professional and ethical standards across the registered tax practitioner sector. It also serves to provide the TPB (as the regulator), and RPAs, with timely intelligence and data to:
    • provide and shape support and services for registered tax practitioners
    • provide ongoing education to increase compliance
    • inform compliance action
    • identify, assess and target compliance and systemic risks.
  5. The regime adopts a proactive approach to compliance and managing risk. The obligations will encourage registered tax practitioners, who are well positioned to understand their obligations under the Code, to self-assess on an ongoing basis and improve their voluntary compliance.
  6. By requiring the reporting of ‘significant’ breaches of the Code, it will also allow the TPB and RPAs to focus their compliance action, strategies, education, support and services on targeting higher risk issues impacting the tax profession.

Existing notification obligations - section 30-35

  1. Section 30-35 of the TASA outlines what changes a registered tax practitioner must notify the TPB of in writing.
  2. Notification must be given within 30 days of the day on which the registered tax practitioner becomes, or ought to have become, aware that the event outlined in section 30-35 of the TASA occurred.
  3. These notification obligations apply where one or more of the events outlined in the table below occurs:
Notification obligation for an individual, a partnership or a company entity
Individual
Partnership
  • Cease to meet one of the requirements for tax agent registration or BAS agent registration.
  • A section 20-45 of the TASA event affecting its continued registration occurs in respect of a partner in a partnership, or a director of a company that is a partner in a partnership.
  • The composition of the partnership changes.
  • A change in the partnership’s address for service of notices or any other circumstances relevant to its registration. 
Company
  • Cease to meet one of the requirements for tax agent registration or BAS agent registration.
  • A section 20-45 event affecting its continued registration occurs in respect of a director of the company.
  • An individual becomes, or ceases to become, a director of the company.
  • A change in the company’s address for service of notices or of any other circumstances relevant to its registration.
  1. If a registered tax practitioner does not comply with these obligations, they will breach:
    • section 8C of the Taxation Administration Act 1953 (TAA)
    • subsection 30-10(2) of the TASA, which requires registered tax practitioners to comply with the taxation laws in the conduct of their personal affairs (Code Item 2).
  2. It is also a factor that may be taken into consideration when determining whether a registered tax practitioner continues to meet the ‘fit and proper’ registration requirement.

Tax practitioner registration requirements

  1. A ‘tax practitioner registration requirement’ is defined in section 90-1 of the TASA as matters about which the TPB must, under Subdivision 20-A of the TASA, be satisfied before the TPB is obliged to grant an application for registration under the TASA. The eligibility criteria for registration are prescribed in section 20-5 of the TASA.
  2. For an individual this includes:
    • being a fit and proper person
    • meeting the qualification and experience requirements 
    • having professional indemnity (PI) insurance that meets the TPB’s requirements 
    • completing continuing professional education (CPE) that meets the TPB’s requirements (renewal only).
  3. For a partnership this includes:
    • each individual partner or director of a company partner is fit and proper
    • a company partner is not under external administration and has not been convicted of a serious taxation offence or an offence involving fraud or dishonesty during the previous 5 years
    • meeting the sufficient number requirement to provide tax agent services to a competent standard, and to carry out supervisory arrangements 
    • having PI insurance that meets the TPB’s requirements.
  4. For a company this includes:
    • each director of a company is fit and proper
    • the company is not under external administration and has not been convicted of a serious taxation offence or an offence involving fraud or dishonesty during the previous 5 years
    • meeting the sufficient number requirement to provide tax agent services to a competent standard, and to carry out supervisory arrangements 
    • having PI insurance that meets the TPB’s requirements.

Section 20-45 events

  1. A section 20-45 of the TASA event includes being: 
    • convicted of a serious taxation offence
    • convicted of an offence involving fraud or dishonesty
    • penalised for being a promoter of a tax exploitation scheme
    • penalised for implementing a scheme that has been promoted on the basis of conformity with a product ruling in a way that is materially different from that described in the product ruling
    • an undischarged bankrupt or going into external administration
    • sentenced to a term of imprisonment.

Additional breach reporting obligations

  1. From 1 July 2024, registered tax practitioners have additional breach reporting obligations. 
  2. In summary, these obligations require registered tax practitioners to notify the TPB: 
    • if they have reasonable grounds to believe that they have breached the Code and that breach is significant (breach self-reporting)
    • and applicable RPA (where relevant) if they have reasonable grounds to believe that another registered tax practitioner has breached the Code and that breach is significant (breach reporting of another registered tax practitioner).
  3. If a registered tax practitioner fails to comply with the additional breach reporting obligations, they will breach section 8C of the TAA and subsection 30-10(2) of the TASA (Code Item 2). It is also a factor that may be taken into consideration when determining whether they continue to meet the ‘fit and proper’ registration requirement. If there is a breach of TASA, there there may be consequences for that breach. Refer to Consequences for failing to comply with the breach reporting obligations for more information.

Breach self-reporting

  1. Section 30-35 of the TASA requires that a registered tax practitioner must notify the TPB in writing if the registered tax practitioner has reasonable grounds to believe that they have breached the Code and that the breach is a significant breach (section 30-35(4) of the TASA).
  2. Notification must be given within 30 days of the day on which the registered tax practitioner first has, or ought to have, reasonable grounds to believe that they have breached the Code and the breach is a significant breach. 

Breach reporting of another registered tax practitioner

  1. Subsection 30-40(1) of the TASA requires that a registered tax practitioner must notify the TPB in writing if the registered tax practitioner has reasonable grounds to believe that another registered tax practitioner has breached the Code and the breach is a significant breach.
  2. Further, under subsection 30-40(2) of the TASA, if a registered tax practitioner (the first tax practitioner) has reasonable grounds to believe that another registered tax practitioner (the second tax practitioner) has breached the Code and the breach is significant, and the first registered tax practitioner is aware that the second registered tax practitioner is a member of an RPA,[4] the first registered tax practitioner must also notify that RPA.
  3. Notification must be given within 30 days of the day on which the registered tax practitioner first has, or ought to have, reasonable grounds to believe that the other registered tax practitioner has breached the Code and that breach is a significant breach.

What does 'significant breach of the Code' mean?

  1. Subsectiion 90-1(1) of the TASA defines a ‘significant breach of the Code’ as a breach that: 
    1. constitutes an indictable offence, or an offence involving dishonesty, under an Australian law 
    2. results, or is likely to result, in material loss or damage to another entity (including the Commonwealth)
    3. is otherwise significant, including taking into account any one or more of the following:
      • the number or frequency of similar breaches by the tax practitioner
      • the impact of the breach on the tax practitioner’s ability to provide tax agent services
      • the extent to which the breach indicates that the tax practitioner’s arrangements to ensure compliance with the Code are inadequate; or
    4. is a breach of a kind prescribed by the Tax Agent Services Regulations 2022 (TASR).
  2. Determining if a breach of the Code is a ‘significant breach of the Code’ must be decided on a case-by-case basis, having regard to the particular facts and circumstances. 
  3. The breach reporting obligations do not make a distinction between ‘actual’ or ‘alleged’ breaches. However, as explained below, registered tax practitioners must have ‘reasonable grounds to believe’ there has been a significant breach. This means they must have a solid foundation or basis for their belief, supported by appropriate facts and evidence. They do not need conclusive proof but need to be able to appropriately substantiate their claim. 
  4. If a registered tax practitioner is not certain whether there has been a significant breach of the Code but they have reasonable grounds for their belief, they must report it. However, if they are unsure if they have reasonable grounds, they should err on the side of caution and report it. 
  5. Whilst the TPB appreciates that there may be less obvious, marginal or ‘borderline’ cases, which may create uncertainty, ultimately the registered tax practitioner is required to make a professional judgement, based on the facts and circumstances.
  6. Importantly, the subjective intent of the registered tax practitioner involved in any relevant significant breach is irrelevant. If a breach satisfies one of the tests in paragraph 37(a) to (d) above, and the registered tax practitioner has reasonable grounds for their belief, it needs to be reported, irrespective of:
    • whether the conduct giving rise to the breach is intentional or not, and 
    • the standard of care exercised by the registered tax practitioner. 

Terms used in the breach reporting law

  1. The phrase ‘significant breach of the Code’ is defined in the TASA. However, many of the terms and phrases used in that definition, and legal concepts discussed in the context of the breach reporting obligations, for example, ‘reasonable grounds to believe’ are not explained in the TASA. As such, many of these terms and phrases have therefore been given their ordinary meaning[5], having regard to their statutory setting and the purpose of the breach reporting law. The TPB has also relied on relevant case and statute law, including Australian criminal law, to support the guidance, as required.

What is an ‘indictable offence, or an offence involving dishonesty, under an Australian law’?

  1. Whether a breach of the Code constitutes a ‘significant breach of the Code’ within the meaning of paragraph (a) of the definition in subsection 90-1(1) of the TASA will ultimately depend on the nature and type of the breach and the relevant Criminal law (Commonwealth, State or Territory). 
  2. It involves a consideration of whether the breach constitutes an ‘indictable offence’ or an ‘offence involving dishonesty’ under an ‘Australian law’, having regard to the:
    • meaning given to 'indictable offence' in the relevant jurisdiction; and
    • nature of the conduct involved and whether it involves ‘dishonesty’.
  3. For the purposes of the TASA, ‘Australian law’ means a ‘Commonwealth law’ (law of the Commonwealth), ‘State law’ (law of a State) or a ‘Territory law’ (law of a Territory)[6]. An offence under an Australian law may be against a statutory provision or common law.
  4. In some circumstances, the offence under an Australian law may be both an ‘indictable offence’ and ‘offence involving dishonesty’. However, for paragraph (a) of the significant breach definition to apply, the breach only needs to satisfy one of these requirements.
  5. Offences covered under paragraph (a) of the definition may include, but are not limited to, those involving fraud (including social security and tax fraud), theft/stealing, money laundering, bribery and corruption, embezzlement, dealing with proceeds of crime, dishonest use of position, knowingly making false or misleading statements, cyber-crimes and unlawfully obtaining or disclosing information.[7]  
  6. The breach reporting law requires all ‘indictable offences’, or ‘offences involving dishonesty’ (however minor or material), to be reported. It does not allow for only certain offences to be reported or impose any further qualification or threshold on the conduct constituting an offence for a reporting obligation to arise. Nor is there any discretion for the TPB to do so. However, the TPB will consider the nature and seriousness of the offence when assessing non-compliance with the breach reporting obligations and deciding what action to take.
Indictable offences
  1. ‘Indictable offence’ is not defined in the TASA or TASR. As such, the term is given the meaning provided by the relevant criminal law of the Commonwealth, State or Territory law that applies to the offence. Whether an offence is an ‘indictable offence’ will therefore vary according to the jurisdiction.
  2. For example, in the case of an offence under Commonwealth law, an ‘indictable offence’ is an offence against a law of the Commonwealth punishable by imprisonment for a period exceeding 12 months, unless the contrary intention appears.[8]  In Queensland, ‘indictable offences’ mean ‘crimes’ and ‘misdemeanours’ as provided for under the relevant statutory Code,[9] and in New South Wales, they mean offences that can be prosecuted on indictment.[10] 
  3. Generally speaking, indictable offences are the more serious criminal offences heard in a higher court, such as the District or Supreme Court, and may require a trial by judge and jury.
Offences involving dishonesty
  1. The word ‘dishonesty’ is similarly not defined in the TASA and TASR, and is therefore given its ordinary meaning, having regard to the context and purpose of the provision in which it appears. 
  2. It is clear from the ordinary meaning[11] of ‘dishonesty’ (and ‘dishonest’), that the term refers to conduct that lacks honesty, and/or is characterised by a disposition to lie, cheat or steal, or be fraudulent.
  3. The term ‘dishonest’ has been given a specific meaning in some statutory contexts, derived from common law principles.[12] For example, the Criminal Code Act 1995 (Cth)[13] defines ‘dishonest’ as meaning dishonest according to the standards of ordinary people and known by the defendant to be dishonest according to those standards.[14] Similar definitions are contained in criminal law legislation in State and Territory jurisdictions.[15] 
  4. Consistent with this approach, the TPB considers that the meaning and scope of the term ‘dishonest’ for the purposes of paragraph (a) of the significant breach definition is determined by reference to its ordinary meaning and community standards, subject to any express definition that applies in the criminal law relevant to the offence. 
  5. This position also aligns with the interpretation of the words ‘offence involving fraud or dishonesty’ as used in paragraph 20-45(b) of the TASA for the purposes of the ‘fit and proper’ registration requirement in section 20-15 of the TASA.[16]  
  6. For a breach of the Code to be an offence ‘involving’ dishonesty, the TPB considers that the conduct giving rise to the offence must include an element of ‘dishonest’ conduct.[17]
Determining whether a breach is an 'indictable offence' or 'offence involving dishonesty'
  1. It is not the case that a breach of a particular Code item will automatically constitute an ‘indictable offence’ or an ‘offence involving dishonesty’. It will ultimately depend on the facts and circumstances of the case. For example, whilst Code item 1 requires a registered tax practitioner to act with ‘honesty’ and integrity, and it is reasonable to expect that non-compliance with this Code item may involve an element of dishonest conduct, the breach still needs to amount to an ‘indictable offence’ or ‘offence involving dishonesty’ within the meaning of paragraph (a) of the significant breach definition.
  2. Registered tax practitioners must have reasonable grounds for their belief that a breach of the Code is an ‘indictable offence’ or an ‘offence involving dishonesty’, having regard to the criminal law that applies to the offence under the Commonwealth, State or Territory law.
  3. The TPB appreciates that determining whether an offence is covered by paragraph (a) of the definition involves legal concepts and laws that registered tax practitioners may not have expertise in. In these cases, registered tax practitioners should exercise their professional judgement as to whether they need to report,[18] make a considered decision, and keep a record of that decision. If the registered tax practitioner is unsure, they should err on the side of caution and report the matter to the TPB.
  4. Importantly, registered tax practitioners are not expected to have conclusive evidence that a breach has occurred, they merely need a belief on reasonable grounds. 
  5. Even if a registered tax practitioner is unsure whether a breach of the Code constitutes an ‘indictable offence’ or an ‘offence involving dishonesty’, or concludes they do not have reasonable grounds to believe it is, they must still report it if it is considered ‘otherwise significant’ for the purposes of paragraph (c) of the significant breach definition.
  6. The obligation for a registered tax practitioner to self-report to the TPB if they are convicted of an offence involving fraud or dishonesty already exists under the TASA.[19] However, the obligation under the additional breach reporting regime is broader as there is no requirement that the registered tax practitioner has been ‘convicted’ of the offence.[20]

When will a breach result, or be likely to result, in material loss or damage to another entity (including the Commonwealth)?

  1. Whether a breach of the Code by a registered tax practitioner constitutes a ‘significant breach of the Code’ within the meaning of paragraph (b) of the definition in subsection 90-1(1) of the TASA will ultimately depend on the facts and circumstances. 
  2. With the exception of ‘entity’ and ‘Commonwealth’, the terms used in paragraph (b) of the significant breach definition are not defined in the TASA or TASR and are therefore given their ordinary meaning, having regard to their statutory context. 
Loss or damage
  1. Given the broad general meaning attributed to these terms,[21] and in the absence of any limitation or qualification (express or implied), the TPB considers that ‘loss or damage’ for the purposes of paragraph (b) of the significant breach definition captures any detriment, disadvantage, injury, harm or cost to another entity resulting, or likely to result, from the breach, provided it is considered ‘material’. It covers both financial and non-financial ‘loss or damage’.
  2. For example, it may include a financial loss to a client resulting from fraudulent or dishonest conduct or a failure to provide competent services or take reasonable care in applying the taxation laws. It may also include damage caused to the reputation of a client or the Commonwealth, a loss of privacy, breach of confidential information, or unauthorised disclosure of a client’s identity, and loss or damage in the form of adverse impacts on the health and wellbeing of clients as the result of a tax practitioner’s conduct.  
When loss or damage is ‘material’
  1. The TASA and TASR do not explain, or offer any insight into, when loss or damage will be ‘material’.
  2. Importantly, whether loss or damage to the other entity is considered ‘material’ will ultimately depend on the facts and circumstances. The TPB acknowledges that the concept of ‘materiality’ has a subjective element in the sense that the degree of significance or importance attaching to the loss or damage, and the impact or consequence it has for the other entity, is specific to that other entity. The same loss or damage may be viewed as material by one entity but not another. 
  3. Because the loss or damage is to another entity, a registered tax practitioner may also not be aware of, or in a position to appreciate, the exact nature and scope of the loss or damage, including how and to what extent it has impacted the other entity.
  4. In light of this, and the ordinary meaning of the term,[22] the TPB considers that loss or damage will be ‘material’ if a reasonable person, having the knowledge, skill and experience of a registered tax practitioner in the same circumstances, would expect it to be of substantial import, effect or consequence to the other entity. This requires the registered tax practitioner to exercise their professional judgement, taking into account the individual circumstances, including the information known to them about the breach. 
  5. The law supporting the breach reporting obligations does not allow or provide for a more prescriptive threshold to be applied to determine ‘materiality’. Nor does it prescribe particular types of ‘loss or damage’ that will, or will not, be considered material. 
  6. Because the test for ‘materiality’ is ultimately an objective one, having regard to the particular facts and circumstances, and ‘loss or damage’ may be financial or non-financial, the TPB considers it is not appropriate to prescribe, for general application:
    • a set threshold, for example, a monetary threshold, that can be applied, or
    • a non-exhaustive list of particular types of ‘loss or damage’ that will, or will not, be considered material.
Result or be likely to result
  1. Having regard to the ordinary meaning of the terms ‘result’ and ‘likely’,[23] the TPB considers that a breach will:
    • ‘result’ in material loss or damage to another entity, if there is a sufficient connection or relationship between the breach and the loss or damage, such that it can be said that the loss or damage is a consequence, outcome or effect of the breach. The registered tax practitioner must believe on reasonable grounds, based on the information known or available to them, that the loss or damage arose, or proceeded as a consequence of, the breach
    • be ‘likely’ to result in material loss or damage, the loss or damage needs to be a probable consequence, outcome, or effect of the breach, not just a mere possibility. 
  2. Consistent with the interpretation given to the term in other statutory contexts, including the criminal law jurisdiction, the TPB considers that ‘likely’ refers to a substantial – a ‘real and not remote – chance’, or a ‘real chance or possibility’, that the loss or damage will result.[24]
  3. Applying this standard, if a reasonable person, having the knowledge, skill and experience of a registered tax practitioner, would expect the loss or damage to result from the breach in the sense of it being a real and not remote possibility, this will be sufficient. It is not necessary to determine the question with any certainty. Whether the loss or damage is considered a ‘likely’ result is ultimately a professional judgement to be made by the tax practitioner, having regard to the circumstances. 
  4. Given the broad scope afforded by the wording in paragraph (b) of the significant breach definition, the loss or damage that results, or is likely to result, from a breach covers not only direct consequences, outcomes, or effects of the breach, but potentially indirect ones. For example, if a registered tax practitioner breaches Code item 6 by unlawfully disclosing client information to a third party, and the client suffers from identity theft in the future because of that breach, the breach will be significant as it has resulted in indirect loss or damage to the client.  
Other entity (including the Commonwealth)   
  1. Finally, the material loss or damage that results, or is likely to result, from the breach must be to another ‘entity’, including the ‘Commonwealth’. The term ‘entity’ is broadly defined for the purposes of the taxation law, including the TASA, as including an individual, body corporate, partnership, unincorporated association, trust, superannuation fund and approved deposit fund.[25] In this context, ‘Commonwealth’ refers to the ‘Commonwealth of Australia’.[26]
  2. In many cases the relevant ‘entity’ will be a client of the registered tax practitioner. However, it could potentially include an entity a registered tax practitioner is the supervising agent for, a related entity of a client, or an entity that is a party to an arrangement or transaction with a client.
  3. Loss or damage to the Commonwealth could potentially include reputational damage, prejudice to an investigation, loss of revenue (for example, through tax collections), data breaches, and breaches of confidential information.
  4. Whether a breach results, or is likely to result, in material ‘loss or damage’ to the Commonwealth may be difficult for registered tax practitioners to gauge or measure. However, for the purposes of the breach reporting obligations, the decision ultimately remains a professional judgement for the registered tax practitioner, based on the particular facts and circumstances. For example, in relation to ‘loss of revenue’ and ‘reputational damage’ to the Commonwealth, registered tax practitioners might consider:
    • Loss of revenue (including tax revenue) – the amount and scale of the loss (for example, through uncollected tax and tax debts), the number and type of clients involved, the risk to future revenue if unreported, and the impact on the trust and confidence in the Commonwealth to manage revenue, and the tax system, more broadly. 
    • Reputation damage – nature, scale and severity of the damage or reputational risk, impact on public perception, risk of negative publicity and media coverage, and the impact or potential flow-on effects on revenue, agencies and stakeholder relationships, and trust and confidence in the Commonwealth more broadly.

When will be a breach be 'otherwise significant'?

  1. Registered tax practitioners are not required to report all other breaches of the Code, only those that are considered ‘otherwise significant’ within the meaning of paragraph (c) of the definition of ‘significant breach of the Code’ in subsection 90-1(1).
  2. Whether a breach of the Code is ‘otherwise significant’ is ultimately a question of fact to be decided on a case-by-case basis, having regard to the circumstances. It is not the case that a breach of a particular Code item will always be ‘otherwise significant’. 
  3. The term ‘significant’ is not defined in the TASA or TASR, and therefore takes its ordinary meaning, having regard to the statutory context in which it appears. The Macquarie Dictionary[27] relevantly defines ‘significant’ (adjective) as meaning ‘Important; of consequence’.[28] 
  4. The use of ‘otherwise’ makes it clear that for a breach to be a ‘significant breach’ within the meaning of paragraph (c) of the significant breach definition, it is not one ordinarily covered by paragraphs (a) and (b). That is, it is not an indictable offence, or an offence involving dishonesty under an Australian law and has not resulted, and is not likely to result, in material loss or damage to another entity.
  5. When considered in the context of the TASA and its legislative intent, the TPB considers a breach of the Code to be ‘otherwise significant’ if the registered tax practitioner considers it is still sufficiently important, serious or material for it to be reported, taking into account the particular circumstances, notwithstanding the fact it is not covered by paragraphs (a) and (b) of the definition. 
  6. This will be the case if the breach (or potential breach) reflects, or is capable of reflecting, on a registered tax practitioner’s fitness and proprietary for registration, and their conduct more broadly as a registered tax practitioner in providing tax agent and BAS services to a competent standard.
  7. Adopting this view is consistent with:
    • the broader policy intent of the TASA to ensure that services of registered tax practitioners ‘are provided to the public in accordance with appropriate standards of professional and ethical conduct’[29] 
    • the fit and proper test for registration eligibility, which looks at whether an individual is of ‘good fame, integrity and conduct’.[30]
  8. It also aligns with the above-mentioned objectives of statutory disclosure regimes in the regulatory context more generally. Focussing on the more important, serious or material breaches will allow the TPB and RPAs to focus their compliance action, strategies, education, support and services on targeting higher risk issues impacting the tax professional industry.
Factors to consider 
  1. Determining whether a breach is ‘otherwise significant’ requires a registered tax practitioner to make a judgement based on a holistic assessment of the circumstances and the information known to them at a point in time. Although a registered tax practitioner is not expected to conclusively determine the issue, they still need to have ‘reasonable grounds’ for their belief.
  2. In making this determination, registered tax practitioners should take account of one or more of the following factors specifically referred to in the TASA:[31]  
    • The number and frequency of similar breaches of the Code. 

      The greater the number or frequency of similar breaches, the more likely it may be that the breach is significant. Repeated breaches of the Code reflect on a registered tax practitioner’s fitness for registration. They may also indicate an increased risk of further non-compliance with the TASA, an underlying systemic issue, or inadequate compliance arrangements to mitigate risk.

      Even if a breach, when considered by itself, is minor in nature, it may still be ‘significant’ when considered against the background of other similar breaches. These similar breaches may:

      • be known to the registered tax practitioner to have occurred in the past 
      • result from the same act by a registered tax practitioner (for example, where the same transaction is performed for several entities); or 
      • also be considered when deciding whether a breach is ‘significant’ and should be reported.

      Whilst the number and frequency of similar breaches is a relevant factor, we recognise it may not always be indicative that a breach is significant. One single breach may be ‘otherwise significant’ when considered in isolation and independent of any similar breaches. 

    • The impact of the breach on the registered tax practitioner’s ability to provide tax agent or BAS services.

      If a registered tax practitioner considers the breach will or may negatively impact their, or another registered tax practitioner’s ability or capacity to provide the tax agent or BAS services covered by their registration, this may indicate that the breach is ‘significant’. For example, a breach of particular Code items may indicate a broader underlying issue that may continue to impact a registered tax practitioner’s ability to provide those services, or potential for other (including similar) breaches of the Code. 

    • The extent to which the breach indicates that the registered tax practitioner’s arrangements to ensure compliance with the Code are inadequate.

      If the nature of the breach itself, or the circumstances surrounding the breach, indicates that there are broader systematic issues with the arrangements that a tax practitioner has in place to ensure compliance with the Code, it is more likely that the breach will be ‘significant’. For example, if the breach is of particular Code items, this may increase the likelihood of the breach being viewed as significant if the nature of such breaches is suggestive of broader inadequacies. 

      If a breach is isolated or minor, whilst this in itself is not determinative, it may suggest the breach is not significant. Factors such as the length of time it took to identify the breach and the extent to which the arrangements helped to identify and mitigate the breach, and prompt remedial action, will be relevant considerations when determining whether the breach is indicative of inadequate compliance arrangements.

  3. A breach may be ‘significant’ if only one, or a combination, of the above factors apply.
  4. However, when deciding whether a breach is ‘otherwise significant’, registered tax practitioners are not limited to these factors. They can take into account any factor they consider relevant. Other considerations may include the:
    • nature and scale of the registered tax practitioner's business
    • number of clients involved
    • complexity of the arrangements
    • loss or potential financial or non-financial loss to clients
    • vulnerability of affected clients
    • impacts and harm on the tax system more broadly.
  5. All registered tax practitioners should be aware of the standards of professional and ethical conduct expected of them under the TASA, including the Code. 
  6. As such, they should be well-positioned to make an assessment about whether a breach is ‘otherwise significant’ in relation to their own conduct, given their compliance history, the compliance arrangements they have in place, and the facts and circumstances surrounding the breach that are readily known to them. 
  7. The TPB recognises that establishing whether a breach is ‘significant’ in relation to the conduct of another registered tax practitioner may be more difficult, as the registered practitioner is not necessarily privy to the same information about the breach (or potential breach). However, provided there are ‘reasonable grounds’ to conclude that the breach is ‘significant’, and they can substantiate their reasoning, this will be sufficient. 
  8. For example, a registered tax practitioner may be operating in a small firm and have knowledge or reasonable grounds to make that conclusion about the professional conduct of their partner. In another circumstance, a registered tax practitioner may be apprised of another tax practitioner’s misconduct by virtue of a review or report, including via an audit, an internal review, or a ‘due diligence’ analysis associated with the purchase or sale of a business.
  9. In balancing their understanding of the facts and in exercising professional judgement, registered tax practitioners considering significant breach reporting obligations must have regard to the TASA policy objectives. TPB guidance may be supplemented by advice from other professionals and RPAs. In finely balanced circumstances, registered tax practitioners are always encouraged to engage with the TPB in a timely, cooperative and transparent manner.
  10. If a registered tax practitioner is not certain whether a breach is ‘otherwise significant’ but they have reasonable grounds for believing it is, they must report it.
  11. Even if a breach is not considered ‘otherwise significant’, registered tax practitioners are still expected to take steps to address or remedy the breach if it relates to their own conduct. 
Interaction with other tests for determining 'significant breaches'
  1. It is generally expected that a registered tax practitioner will consider whether a breach is covered under paragraphs (a), (b) and (d) of the definition of ‘significant breach of the Code’ in subsection 90-1(1) in the first instance, before considering whether it is ‘otherwise significant’. However, if they are unsure, they can still report the breach under this paragraph if they have reasonable grounds to believe it is ‘otherwise significant’.
  2. If a breach is covered (or potentially covered) by more than one paragraph of the definition, a registered tax practitioner only needs to report the breach to the TPB and the applicable RPA (where relevant) once. However, they should advise the TPB and the RPA of all reasons why they have reasonable grounds for believing that the breach is ‘significant’.

When is a breach prescribed by the TASR?

  1. The TASR can prescribe certain breaches as being ‘significant’ for the purposes of the breach reporting obligations for registered tax practitioners, under paragraph (d) of the definition of ‘significant breach of the Code’ in subsection 90-1(1).
  2. Currently there are no breaches prescribed in the TASR as being ‘significant breaches’. The TPB will update this guidance if any breaches are prescribed in the future. 

What does ‘reasonable grounds to believe’ mean? 

  1. For the breach reporting obligations to apply, a registered tax practitioner must have ‘reasonable grounds to believe’ that they or another registered tax practitioner has breached the Code and that the breach is a significant breach. 
  2. There is no set threshold or formula for determining whether there is a need to report, beyond establishing those reasonable grounds. 
  3. The phrase ‘reasonable grounds to believe’ is not defined, or otherwise explained, in the TASA. As a result, it is given its ordinary meaning, having regard to the purpose of the provision and its statutory context. 
  4. As discussed below, what constitutes ‘reasonable grounds to believe’ in any given scenario will ultimately depend on the facts and circumstances and must be considered on a case-by-case basis. 
  5. Having regard to the ordinary meaning of the terms 'reasonable', 'grounds, and 'believe',[32] it is clear that the phrase ‘reasonable grounds to believe’ requires the registered tax practitioner to have a sound foundation or factual basis in the circumstances on which to credit or form their belief that they, or another registered tax practitioner, has breached the Code and that breach is ‘significant’. 
  6. Further, it is established in case law that when legislation uses the term ‘reasonable grounds’ to describe a basis for a state of mind, for example, in forming a belief about a matter, there needs to be an existence of facts which are sufficient to induce that state of mind in a reasonable person.[33] Whether a person has reasonable grounds for a belief is an objective test and it is irrelevant whether the person subjectively believes they have reasonable grounds. A ‘reasonable belief’ is a term that has been used in some criminal jurisdictions and is generally considered to infer a higher threshold than a ‘reasonable suspicion’.[34] 
  7. For a registered tax practitioner to have ‘reasonable grounds to believe’ that they, or another registered tax practitioner, have breached the Code and the breach is significant, the foundation or basis for the belief does not need to be established to a high evidentiary standard. This means there does not have to be conclusive proof. However, the belief must be supported by appropriate facts and evidence. Tax practitioners need to be able to support their claim and be in a position to verify or corroborate it as appropriate.
  8. It is sufficient if a reasonable person, possessing the required knowledge, skill and experience of a registered tax practitioner, would, when objectively considered, form the belief on the same grounds in the same circumstances. 
  9. Because the test is an objective one that looks at a reasonable person with the required knowledge, skill and experience of a registered tax practitioner in the same circumstances, registered tax practitioners are not expected to possess a higher level of knowledge, skill and experience than would be the case for the type of registration they hold. 
  10. For example, in the case of a registered BAS agent, they are not expected to have the same knowledge, skill and experience of a registered tax agent. Similarly, if a registered tax practitioner holds conditional registration, they are not expected to have the same knowledge, skill and experience of a registered tax practitioner whose registration does not have a condition imposed.
  11. Having said that, if a BAS agent, or registered tax practitioner with a conditional registration, has reasonable grounds to believe that they or another registered tax practitioner has breached the Code, and the breach is significant, they are still required to report the breach, even if it relates to a tax agent service they are not qualified or TPB registered to provide, or taxation law unrelated to their services.

Deciding whether there are reasonable grounds

  1. Whether a registered tax practitioner has ‘reasonable grounds to believe’ that they, or another registered tax practitioner, have breached the Code and the breach is significant, involves looking at whether:
    • a reasonable person in considering the registered tax practitioner’s conduct, would consider that the conduct has breached the Code,[35] and
    • in those situations where a reasonable person does believe the conduct has breached the Code, that person would also believe the breach is ‘significant’, having regard to the definition in subsection 90-1(1) of the TASA. 
  2. Generally, the TPB would expect registered tax practitioners to be aware of the facts and circumstances surrounding a breach of the Code by their own conduct and be well-placed to make an assessment about whether notification to the TPB is warranted. Even though the registered tax practitioner is required to make a decision in the context of their own conduct, they still need to consider the question objectively and address bias.
  3. Whether a registered tax practitioner has ‘reasonable grounds to believe’ that another tax practitioner has breached the Code, and the breach is significant, may be more difficult to establish, particularly given they may not be privy to the same facts and information. 
  4. Making such a determination will depend on an analysis of the surrounding circumstances and consideration of a number of factors, including but not limited to:
    • the source of the information forming the basis of the belief and the credibility and reliability of that source or information
    • whether there is independent evidence, verification or corroboration of the breach as appropriate, including the conduct giving rise to the breach (noting that, if a registered tax practitioner does not obtain additional evidence, verification or corroboration of the breach where appropriate, this does not absolve them of any responsibility to report)
    • the circumstances in which the tax practitioner became aware of the breach, including the nature of the relationship between the registered tax practitioners
    • the proximity of the registered tax practitioner to the conduct of the other registered tax practitioner who has purportedly breached the Code (for example, through business dealings, mutual clients or working relationships)
    • whether, and to what extent, the registered tax practitioner made reasonable enquiries or sought advice, as appropriate, to ascertain whether a breach of the Code occurred (noting that, if a registered tax practitioner does not make reasonable enquiries or seek advice where appropriate, this does not absolve them of any responsibility to report)
    • whether there are any alternative reasonable explanations that could counter the allegation that a significant breach has occurred. 
  5. Whether independent evidence, verification or corroboration of a breach, including making additional enquiries or seeking professional advice, is appropriate to establish there are reasonable grounds, is a professional judgement for the registered tax practitioner that will ultimately depend on the particular facts and circumstances. Evidence, verification, or corroboration of the breach may be obtained, for example, through first-hand experience or observation, publicly available information from the TPB and/or other regulators, client information or complaints, or professional advice obtained in relation to the breach. Where a registered tax practitioner decides not to obtain independent evidence, verification or corroboration of a breach, including making additional enquiries or seeking professional advice, they should document their decision and the reasons for it to ensure the decision can be readily supported if required. 
  6. There is no set formula or threshold for determining whether there are reasonable grounds to believe that a registered tax practitioner has breached the Code, and that the breach is significant. The test is an objective one, taking into account the facts and circumstances of the case and the meaning given to significant breach.
  7. If there are sufficient facts and evidence to conclude, when objectively considered, that there are reasonable grounds to believe that a significant breach of the Code has occurred, the registered tax practitioner must notify the TPB and applicable RPA (where relevant). 
  8. As discussed above, this does not require facts or evidence amounting to proof of a significant breach. It is sufficient that a reasonable person in the position of the tax practitioner would report the breach in the same circumstances. 
  9. Whilst the TPB appreciates there may be less obvious, marginal and ‘borderline’ cases that create uncertainty, ultimately the registered tax practitioner is required to make a professional judgement, based on the facts and circumstances, as to whether they have reasonable grounds to believe that a significant breach has occurred, and if so, report the breach. If a registered tax practitioner considers they have reasonable grounds, even if they are not certain, they must report.

Reasonable grounds for reporting another tax practitioner

  1. The breach reporting obligations do not require, and the TPB does not expect a registered tax practitioner to assume the role of ‘investigator’ or ‘auditor’, or to ‘go looking’ for potential breaches of the Code by other registered tax practitioners - for example, when accepting information from another registered tax practitioner relating to a new client engagement. Nor is the breach reporting regime intended to involve the constant ‘monitoring’ of conduct between registered tax practitioners, or the proactive checking of work previously done by other registered tax practitioners, to identify potential compliance issues. 
  2. However, if a registered tax practitioner, in the course of providing their services and conducting their business, becomes aware of, or is alerted to, information that: 
    • gives them reasonable grounds to believe there has been a significant breach, they are required to report that breach, or 
    • would prompt a reasonable person in the same circumstances to make further enquiries or seek advice to establish if there are ‘reasonable grounds’, it would be prudent for them to do so to ensure they are meeting their breach reporting obligations. Whether it is appropriate to make reasonable enquiries or seek advice is a professional judgement by the registered tax practitioner.
  3. If a registered tax practitioner has based their belief that a significant breach has occurred on hearsay, gossip, the opinion of third parties, or discussion with other registered tax practitioners and has not made further enquiries or obtained independent verification or advice to substantiate the belief, this will not be sufficient for them to have ‘reasonable grounds’ for that belief. 
  4. This is the case even if a registered tax practitioner has obtained information about a potential breach in a professional setting - for example, if it is acquired during a discussion group or other gathering of registered tax practitioners involving the sharing of information (whether in-house or externally organised), technical training session, whilst supervising staff within the workplace, or in their interactions with professional associations. Whether information obtained in such scenarios is sufficient to constitute ‘reasonable grounds’ and there is a need to verify or corroborate the information, will ultimately depend on the facts and circumstances.
  5. Conversely, if a registered tax practitioner has founded their belief on first-hand experience and/or observation of conduct over time, such that they have a sound factual basis on which to credit their view, and they can corroborate it with evidence as relevant, this will more readily support a finding that reasonable grounds for the belief exist.
  6. The TPB appreciates that the nature of the relationship between the parties may, in some cases, make notifying the breach difficult or sensitive (for example, if they are a colleague or associate). It may also have a bearing on the credibility of the notification made and increase the potential for frivolous, vexatious or malicious claims (for example, where one registered tax practitioner is in direct competition to another). 
  7. However, consistent with the object of the TASA and the breach reporting obligations, it is important that registered tax practitioners make an objective assessment of the need to report and ensure there are reasonable grounds to support the claim. Registered tax practitioners are expected to make this assessment independent of any personal bias. 

Frivolous, vexatious or malicious claims

  1. The TPB has a framework in place to mitigate and address the risks of registered tax practitioners making breach reports about another tax practitioner that may be frivolous, vexatious or malicious. 
  2. A report may be considered frivolous, vexatious or malicious if it is:
    • trivial and lacks substance
    • made without sufficient grounds
    • made for the purpose of wasting the TPB’s time and resources, and/or 
    • brought with an ulterior or collateral purpose, or with the intent of causing harm to the tax practitioner being reported.  
  3. The TPB will assess the information provided in a breach report and make further enquiries (as appropriate) to ensure the reporting of a significant breach relating to another registered tax practitioner’s conduct is reasonable and credible, and is not frivolous, vexatious or malicious.
  4. The TPB may take action against the notifying tax practitioner if the TPB considers that a breach report is frivolous, vexatious or malicious, for example, if the claim involves knowingly making a false or misleading statement. Such situations may raise issues about the notifying registered tax practitioner’s compliance with other requirements of the TASA, including:
    • the fit and proper person requirement, which registered tax practitioners must meet to maintain their registration; and 
    • other Code items, including the requirement to act with honesty and integrity (Code Item 1), and the false or misleading statements requirement in section 15 of Tax Agent Services (Code of Professional Conduct) Determination 2024, which may lead to the imposition of administrative sanctions. 
  5. This type of situation is to be contrasted with one in which a registered tax practitioner reports a breach in good faith as they have formed the view that there are reasonable grounds that a significant breach has occurred, but a different conclusion is reached as part of the TPB’s assessment and/or investigation process. In such cases, it is unlikely that the TPB would impose any administrative sanctions.

Where a registered tax practitioner is unsure

  1. Some of the terms and phrases used in the breach reporting law involve legal terminology and concepts, and other laws, that registered tax practitioners may not have knowledge of, or expertise in. In these cases, registered tax practitioners should exercise their professional judgement as to whether they need to report,[36] make a considered decision, and keep a record of that decision. 
  2. If a registered tax practitioner is not certain whether there has been a significant breach of the Code but they have reasonable grounds for their belief, they must report it. However, if a registered tax practitioner is unsure whether they have reasonable grounds, they should err on the side of caution and report the matter to the TPB. 

Notification of significant breaches

Timeframe for notifying breaches

  1. ‘Significant breaches’ of the Code must be notified to the TPB, and applicable RPA (where relevant), within 30 days of the day on which the registered tax practitioner first has, or ought to have, reasonable grounds to believe that: 
    • they have breached the Code and that breach is significant, or 
    • another registered tax practitioner has breached the Code, and that breach is significant.
  2. This 30-day notification period is prescribed in the TASA. The TPB does not have any power or discretion to extend this timeframe. However, as discussed below, the TPB will take the reasons for any delay in reporting into account when assessing the breach report and determining the appropriate compliance action (if any) to take.
  3. The 30-day notification period runs from the day the registered tax practitioner has, or ought to have, reasonable grounds for believing a significant breach has occurred, not 30 days from the date of the breach, or 30 days from when they suspect there may be a breach. For example, if a registered tax practitioner needs to make additional enquiries, obtain additional evidence, or seek professional advice to establish they have ‘reasonable grounds’ for the belief, the 30 days will run from the day they first have, or ought to have, sufficient information to support that view.

What does ‘first have, or ought to have’ mean?

  1. The phrase ‘first have, or ought to have’ has two elements that need to be considered: 
    • The term ‘have’ looks at the point in time when the registered tax practitioner actually forms the view that there are reasonable grounds for believing that a significant breach has occurred. That is, when they first have a sound foundation and basis for the belief.
    • The phrase ‘ought to have’ looks at the point in time when the registered tax practitioner is objectively taken to have reasonable grounds for believing that a significant breach has occurred. The test is an objective one, which considers when a reasonable person in the same position as the registered tax practitioner with knowledge of the same facts and circumstances, and having made reasonable enquiries, is likely to have reasonable grounds for the belief.[37] 
  2. Determining when a registered tax practitioner first ‘ought to have’ reasonable grounds for the belief that a significant breach of the Code has occurred will depend on the facts and circumstances. It will also vary depending on whether the significant breach relates to their own conduct or the conduct of another registered tax practitioner.
  3. A registered tax practitioner will be taken to have reasonable grounds to believe that there has been a breach of the Code and that breach is significant where, objectively assessed, that belief is likely to be held by a reasonable person, possessing the required knowledge, skill and experience of a registered tax practitioner, having regard to the considerations discussed above.[38] This is the case whether the breach of the Code relates to a registered tax practitioner’s own conduct or another registered tax practitioner’s conduct.
  4. The TPB acknowledges that it may be more difficult to establish if a registered tax practitioner ‘ought to have’ reasonable grounds for believing that another registered tax practitioner has breached the Code and that breach is significant. In making that assessment, regard should be had to the considerations discussed above.[39]
  5. The 30-day notification period runs from the day the registered tax practitioner first has, or ought to have reasonable grounds for the belief. If there are multiple grounds supporting the belief, and these grounds become evident at different times, the timeframe runs from when the registered tax practitioner first had sufficient grounds for the belief. 
  6. If a reasonable person in the same position as the registered tax practitioner would have had reasonable grounds to believe that a significant breach had occurred at an earlier time than when the registered tax practitioner actually formed the belief, the 30-day notification period runs from that earlier point in time.

Reporting outside the 30-day period

  1. If a registered tax practitioner does not comply with the 30-day notification period, they must still report the breach. This is because the breach reporting obligations not only require that the breach be reported to the TPB, and applicable RPA (where relevant), but also that it be reported within the specified 30-day timeframe. 
  2. When reporting the breach outside the 30-day period, the registered tax practitioner must give reasons for the delay in notifying the breach and support their claim with appropriate evidence and facts. The TPB will take this information into account when assessing the report and determining the appropriate compliance action to take. We will consider any extenuating circumstances or relevant factors that give rise to the delay. 
  3. As the 30-day notification period runs from the day the tax practitioner first has, or ought to have, reasonable grounds for believing a significant breach has occurred, and not 30 days from the date of the breach, tax practitioners should be well positioned to report on time.
  4. This distinction may be important in those situations where a registered tax practitioner wishes to seek professional advice, including legal advice, to help form a view on the matter. However, it is not the case that the TPB necessarily expects registered tax practitioners to obtain advice within the 30-day period. Whether this is required or practical will ultimately depend on the circumstances. The key issue when considering whether the 30-day period has been complied with is identifying the point in time when the registered tax practitioner has (or ought to have) reasonable grounds for believing there has been a significant breach. For example:
    • If a registered tax practitioner seeks professional advice to help them determine whether a significant breach has occurred, the 30-day period may start to run from the day they receive the advice if, in their professional judgement, it is needed to establish that they have (or ought to have) reasonable grounds for the belief. Registered tax practitioners should advise the TPB and applicable RPA (where relevant) of this fact when they report.
    • If a registered tax practitioner has reasonable grounds for believing that a significant breach has occurred based on existing facts and evidence but wishes to obtain advice to confirm their view, the 30-day period still runs from the day they form that view, not when they obtain the advice. However, registered tax practitioners should advise the TPB and applicable RPA (where relevant) that they are seeking further advice. If the registered tax practitioner waits until they receive the advice, they will need to explain the reasons for the delay in reporting.
  5. It is important that registered tax practitioners keep us informed of any issues that are or may adversely impact on their registration. Transparency and cooperation can support early resolution of issues.

Who to notify

Notifying the TPB

  1. If a registered tax practitioner has reasonable grounds to believe that they, or another registered tax practitioner, have breached the Code, and the breach is a significant breach, they must notify the TPB.
  2. Notification must be made using the:
  3. The TPB will acknowledge receipt of the report by the reporting registered tax practitioner and consider its merits in line with the law supporting the breach reporting obligations and our compliance approach. Lodging a report and obtaining acknowledgment of receipt do not confirm that we will commence a formal investigation or take any compliance action in relation to the report. Each report will be considered on a case-by-case basis. 
  4. Further information about the details the TPB requires tax practitioners to provide when reporting significant breaches of the Code, is available on the TPB website.
  5. If a breach is reported by a registered tax practitioner in relation to the conduct of another registered tax practitioner, the TPB will not notify that other practitioner that a report has been received when it is lodged. However, the TPB may make contact with that other registered tax practitioner as part of the TPB’s approach to investigating breach notifications, including to determine the veracity of the report made.
  6. If a reporting tax practitioner is concerned about confidentiality, including their identity potentially being disclosed to the other registered tax practitioner, they should advise the TPB when they report.

Notifying recognised professional associations 

  1. If a registered tax practitioner has reasonable grounds to believe that another registered tax practitioner has breached the Code and it is a significant breach, and the registered tax practitioner is aware that the other practitioner is a member of a professional association recognised by the TPB under the TASR, they must notify that association of the breach in writing. 
  2. Professional associations are accredited by the TPB as either ‘recognised tax agent associations’ or ‘recognised BAS agent associations’, collectively referred to as RPAs.[40]
  3. The obligation to notify the RPA only applies if the registered tax practitioner is ‘aware’ of the other tax practitioner’s membership with the RPA. This will be the case if the tax practitioner has actual knowledge that the other practitioner is a member of an RPA.
  4. If the registered tax practitioner has a suspicion that another registered tax practitioner may be a member of an RPA, the TPB recommends that the reporting registered tax practitioner make reasonable enquiries to confirm the suspicion. This could include undertaking a check of the TPB’s Public Register. 
  5. The TPB’s Register may include information about whether a registered tax practitioner is a member of an RPA. Tax practitioners are encouraged to review and update their details on the register. However, the TPB does not generally verify RPA membership details. 
  6. Tax practitioners who are considering reporting Code breaches to an RPA, may wish to make additional enquiries, including with the relevant RPA, to confirm membership. In some cases, the RPA website may provide a list of members. 
  7. If a registered tax practitioner is unable to establish whether another registered tax practitioner is a member of an RPA after checking the TPB Register and making other reasonable enquiries, where possible and appropriate, they should document this outcome and the steps they have taken in case they are required to explain their position as part of any future review or investigation.
  8. Breaches must be notified in writing. Registered tax practitioners should contact the relevant RPA to find out how to notify them of the breach and what information they require.[41] 

Reporting obligations if breach already reported

  1. Section 30-40 of the TASA imposes an obligation on registered tax practitioners to report significant breaches of the Code by other registered tax practitioners.
  2. However, if a registered tax practitioner has actual knowledge that a possible significant breach of the Code has already been reported to the TPB, and to an applicable RPA (where relevant), by another registered tax practitioner in accordance with the breach reporting obligations, the TPB will not, as a general rule, take any compliance action against that registered tax practitioner if they do not report the breach. 
  3. This compliance approach will only apply if the registered tax practitioner:
    • believes the information provided to the TPB about the breach, including the details of the breach, to be accurate; and
    • has no further material information to add about the breach.
  4. Adopting this pragmatic and risk-based compliance approach avoids the need for duplicate reporting in such cases. 
  5. For example, a registered tax practitioner may have actual knowledge that a significant breach has already been reported because:
    • the breach has been reported by a member of the same firm (such as another partner, or a managing partner on behalf of the firm)
    • the TPB has publicly released information about the breach and/or any enforcement action taken in relation to the breach (for example, in the form of media releases, news articles or other communications).
  6. Actual knowledge requires the registered tax practitioner to rely on something more than a suspicion, hearsay, gossip, the unsubstantiated opinion of third parties, or publicly available information published by entities other than the TPB. The position needs to be supported, and the registered tax practitioner must be able to verify and corroborate it as required.   
  7. If a registered tax practitioner decides not to report a significant breach of the Code in accordance with the breach reporting obligations because they have actual knowledge that it has already been reported, they should document their decision and the reasons for it and ensure the decision can be readily supported if required. 
  8. If a registered tax practitioner is unsure whether a breach has been reported to the TPB, and to an applicable RPA (where relevant), has additional information regarding the breach that may assist any potential investigation, or does not agree that the information that has been provided is accurate, they must still report the breach themselves.

Interaction of obligations to self-report and report other registered tax practitioners

  1. The obligation to report breaches relating to a registered tax practitioner’s own conduct, and the requirement to report significant breaches relating to another registered tax practitioner’s conduct, exist independent of each other. 
  2. This means that even if a registered tax practitioner self-reports a breach, another registered tax practitioner is still required to report the same breach if they have reasonable grounds to believe there has been a significant breach. 
  3. The requirement to report applies to any registered tax practitioner entity that has reasonable grounds to believe there has been conduct amounting to a significant breach, irrespective of whether another entity has reported it. 
  4. However, if a breach has already been reported, registered tax practitioners can consider if the above compliance approach applies.
  5. For example, if the conduct of an individual registered tax practitioner, who is the sole director of a registered tax agent company, constitutes a significant breach of the Code, and they have reasonable grounds for that belief, they are required to self-report the breach. The registered tax agent company is, strictly speaking, also required to report the breach as it is reasonable to conclude they have reasonable grounds to believe there has been a significant breach. If the registered tax agent company decides not to report the breach in reliance on the above compliance approach, they still need to document their decision and the reasons for it and ensure the decision can be readily supported if required.

Interaction of obligation to notify of breaches and other notification obligations

  1. In some circumstances, this breach reporting requirement regarding a significant breach of the Code may also be relevant for other obligations in the TASA. In particular, the obligation in section 15 of the Determination relating to the making, preparing or directing, or permitting someone to make or prepare a false or misleading statement may give rise to a registered tax practitioner having a reasonable belief they breached the Code and the breach is significant, particularly where the false or misleading statement resulted from a failure to take reasonable care, recklessness or an intentional disregard of a taxation law by the registered tax practitioner. Where this is the case, the registered tax practitioner will be required to provide a report to the TPB under the breach reporting requirements in the TASA. 
  2. While the obligation to notify the TPB under subsection 15(2) of the Determination is separate to the breach reporting obligations in the TASA, in most cases, a single notification to the TPB will satisfy both obligations. 
  3. Although the TPB’s consideration and treatment of breaches of the TASA, including the Code, ultimately depend on the facts and circumstances, the TPB will take into account mitigating circumstances. For example, compliance with the obligations relating to correcting false or misleading statements and the breach reporting obligations, when considering the appropriate course of action (including the imposition of sanctions) in respect of a breach by a registered tax practitioner. 

Reporting obligations if breach remedied

  1. A registered tax practitioner still has an obligation to report a significant breach of the Code to the TPB, and applicable RPA (where relevant), if a breach has been ‘rectified’, or they have taken steps to address or remedy the breach. The key issue registered tax practitioners need to consider when determining whether to report a breach in circumstances involving rectification, is whether, at the time they identify the conduct that may give rise to a breach and they are making that determination, the breach has occurred and it is significant. However, rectification of a breach is a factor the TPB may take into consideration when deciding what further action it might take (refer to paragraph 210 of this Information sheet). 

Deciding not to report

  1. If a registered tax practitioner assesses their conduct, or the conduct of another registered tax practitioner against the breach reporting obligations, and decides the conduct does not involve a significant breach, having regard to whether they have reasonable grounds for their belief, it would be prudent for them to document that decision should:
    • they be required to explain it as part of a future review or investigation, and/or
    • the TPB forms the view that the breach should have been reported.
  2. If a registered tax practitioner decides, in good faith, not to report a breach to the TPB based on their assessment, and can support their rationale for not reporting, and the TPB later makes a contrary finding, the TPB will take a pragmatic and balanced approach when deciding what compliance action to take (if any). 
  3. If the TPB is satisfied with the registered tax practitioner’s explanation for not reporting, the TPB’s response is likely to be a measured and educative one, with the aim of assisting the registered tax practitioner to better understand the breach reporting obligations, as appropriate. In these cases, the TPB is unlikely to impose any sanctions, although this will ultimately depend on the facts and circumstances.

Client confidentiality and legal professional privilege

  1. Under Code item 6 (subsection 30-10(6) of the TASA), registered tax practitioners must not disclose information relating to the affairs of a client or former client, to a third party unless they have obtained the client’s permission, or they have a legal duty to do so. 
  2. Notifications to the TPB and RPAs under the breach reporting regime may involve the disclosure of client information. However, as these disclosures are required by law under the TASA, they will generally be covered by the legal duty exception. As such, breach reporting disclosures will be compliant with Code item 6. 
  3. This is subject to any information, including client information, being protected by legal professional privilege (LPP). LPP protects confidential communications between a qualified legal advisor and their client from compulsory production where they were made for the dominant purpose of seeking legal advice, or for use in existing or anticipated litigation. LPP does not attach to all communications between a qualified legal advisor or their client. For example, LPP does not extend to communications in furtherance of an illegal or improper purpose. Once waived, LPP cannot be restored and may be lost permanently. Waiver may occur by way of widely distributing a confidential legal advice to different third parties or in communications that refer to and/or disclose the content or essence of the legal advice. 
  4. The TASA, including the breach reporting obligations and Code item 6, does not override the law relating to LPP.[42] As such, registered tax practitioners should consider whether LPP applies before providing information to the TPB, and applicable RPA (where relevant), and if so, they have a duty to consult their client as to whether the client wishes to waive their right to LPP in order to provide the information to the TPB and RPA. 
  5. If registered tax practitioners are unsure how the law relating to LPP applies, it would be prudent for them to seek legal advice. 

Application of privacy laws under the Privacy Act 1988 (Cth)

  1. Registered tax practitioners should consider whether the privacy laws in the Privacy Act 1988 (Cth) apply to them, including when disclosing personal information covered by that Act. The breach reporting obligations under the TASA do not obviate any requirements under these laws. However, as noted at paragraph 189 above, breach reporting disclosures will be compliant with Code item 6.[43]
  2. The Office of the Australian Information Commissioner (OAIC) regulates the Privacy Act and provides guidance on the privacy laws, including the Australian Privacy Principles. To find out more about the privacy laws, and who they apply to, registered tax practitioners can refer to the OAIC website at oaic.gov.au

Consequences for failing to comply with the breach reporting obligations 

  1. The TPB will adopt a transitional approach to enforcing compliance with the breach reporting obligations, focusing first on consultation, education and building awareness, and making improvements in voluntary compliance, supervisory and regulatory systems. However, the TPB will always be alert and responsive to higher risk misconduct and regulatory breaches. For example, when investigating a registered tax practitioner in relation to a fraud, consideration will be had to broader compliance responsibilities, including breach reporting.
  2. A failure to comply with any of the breach reporting obligations is a breach of section 8C of the TAA and subsection 30-10(2) of the TASA (Code Item 2). It is also a factor that may be taken into consideration when determining whether a registered tax practitioner continues to meet the ‘fit and proper’ registration requirement. 
  3. Noting that no 2 cases are the same, the TPB will take a pragmatic and risk-based approach to assessing non-compliance with the breach reporting obligations and determining the appropriate compliance action to take. 
  4. Each breach will be considered on a case-by-case basis, having regard to the facts and circumstances present when a registered tax practitioner became aware, or ought to have become aware, that the breach occurred. This may include looking at the extent of the failure to comply with the obligation and the risk associated with that failure to comply.

Section 8C of the TAA

  1. Paragraph 8C(1)(d) of the TAA makes it an offence for a person to refuse or fail to notify the Commissioner of Taxation, or another person or thing, when and as required under a ‘taxation law’, to the extent that they are capable of doing so.[44] This applies equally to a refusal or failure to notify the TPB.[45]
  2. As the TASA is a ‘taxation law’ within the meaning of the ITAA 1997 for the purposes of section 8C,[46] it is therefore an offence for a registered tax practitioner to fail to comply with any of the breach reporting obligations.
  3. The offence is one of ‘absolute liability’.[47] The penalties imposed for offences under section 8C depend on the type of registered tax practitioner entity that has committed the offence (individual or corporation), and whether there have been any previous offences.
  4. An offence under section 8C is punishable under section 8E by a fine of up to $6,260 for a first offence; $12,520 for a second offence; or $15,650 and/or imprisonment for up to 12 months, for a third or subsequent offence. Under section 8ZF of the TAA, a corporation that has committed an offence under section 8C may be fined up to $55,500 for a third or subsequent offence.

Subsection 30-10(2) of the TASA

  1. Subsection 30-10(2) of the TASA states that ‘you must comply with the taxation laws in the conduct of your personal affairs’ (Code Item 2). 
  2. The term ‘taxation laws’ in the context of the Code means:
    1. an Act of which the Commissioner of Taxation has the general administration (including any part of an Act to the extent to which the Commissioner has the general administration of the Act); or
    2. legislative instruments made under such an Act (including such a part of an Act); or
    3. the TASA or TASR.[48] 
  3. ‘Personal affairs’ also includes the affairs of the registered tax practitioner's practice, for example, the registered tax practitioner's duties and obligations with regard to maintaining registered tax practitioner registration.[49] This includes notifying the TPB of any changes in circumstances, including that they no longer meet a registration requirement or there is a change in the composition of their tax practice, within a specified period of time. 
  4. The breach reporting obligations in sections 30-35 and 30-40 of the TASA are therefore taxation laws that registered tax practitioners must comply with in the conduct of their personal affairs.
  5. If a registered tax practitioner fails to comply with taxation laws in the conduct of their personal affairs, including a failure to comply with the breach reporting obligations, the TPB may find that the registered tax practitioner has breached the Code and may impose sanctions for that breach. The TPB will take into account the relevant facts and circumstances when considering breach reporting issues, including the facts surrounding that failure to comply, in determining what sanction, if any, to impose on a registered tax practitioner who has been found to be in breach of Code Item 2. 
  6. In addition, it is important to be aware that conduct that leads to a breach of Code Item 2 could impact on a registered tax practitioner meeting the fit and proper person requirement and other Code items, such as Code Item 1, which relates to honesty and integrity.
  7. If a a registered tax practitioner breaches the Code, the TPB may impose one or more of the following sanctions:
    • a written caution
    • an order requiring the registered tax practitioner to do something specified in the order
    • suspension of the registered tax practitioner’s registration
    • termination of the registered tax practitioner’s registration (and a period within which a terminated tax practitioner may not re-apply for registration). 
  8. The TPB’s Information Sheet TPB(I) 34/2018 Code of Professional Conduct – complying with taxation laws in the conduct of your personal affairs provides additional guidance to assist registered tax practitioners understand their obligations under Code Item 2.

TPB's approach to investigating breach notifications

  1. The TPB has the power to formally investigate matters under the TASA, including breaches of the Code.[50]  However, a ‘significant breach’ that is reported to us by a registered tax practitioner in line with the breach reporting obligations will not automatically trigger the commencement of a formal investigation. 
  2. Consistent with our current approach to investigating complaints, we will undertake a preliminary analysis of the breach notification, make relevant enquiries and use information available to us to assess and validate the potential breach and mitigate the risk of frivolous, vexatious or malicious claims. 
  3. The TPB will take a risk-based approach when deciding whether to commence a formal investigation. In making this decision, the TPB will consider several factors including, but limited to, the following: 
    • nature of the breach
    • seriousness of the breach and level of risk involved
    • number and frequency of breaches
    • whether there is sufficient evidence to support the breach notification 
    • in the case of a breach notification about another registered tax practitioner, the circumstances surrounding the making of the notification and relationship between the parties 
    • compliance history of the registered tax practitioner
    • whether the breach has been rectified or remedied or any steps taken to address it
    • nature and scale of the registered tax practitioner’s business
    • number of clients involved
    • impact or harm to clients and the tax system more broadly
    • whether the breach notification is otherwise frivolous, vexatious or malicious based on the information provided
    • if a breach is reported outside the 30-day notification period, the reasons for any delay in reporting the breach, and any consequences for TPB investigation and other agencies as a result of the delay.
  4.  When reporting significant breaches of the Code by another registered tax practitioner for the purposes of the breach reporting obligations, the reporting tax practitioner will need to identify themselves and provide their contact details to the TPB to comply with their obligations. They can’t remain anonymous. 
  5. To ensure a fair process, the TPB may be required to disclose details of the reported breach to the other registered tax practitioner. There are also times when the circumstances of the breach are such that it may be possible for that registered tax practitioner to discern who has reported the matter.
  6. If a reporting tax practitioner is concerned about confidentiality, including their identity potentially being disclosed to the other registered tax practitioner, they should advise the TPB when they report.
  7. Depending on the relationship between the registered tax practitioners, reporting tax practitioners may be eligible for the extended tax whistleblower protections that commenced from 1 July 2024, introduced by the Treasury Laws Amendment (Tax Accountability and Fairness) Act 2024. These changes seek to provide protections for disclosures by eligible whistleblowers to the TPB relating to the misconduct of registered tax practitioners. Only individual registered tax practitioners who are ‘eligible whistleblowers’ within the meaning of the taxation law will be afforded protection for disclosures made in breach reports. Eligible whistleblowers will have their identity protected, unless it is to an authorised body, or with the whistleblower’s consent.
  8. Once a significant breach is notified to the TPB in relation to the conduct of another registered tax practitioner, the TPB may contact the notifying registered tax practitioner to seek further information relevant to the breach being reported. The TPB is limited in the information that we can disclose to a notifying registered tax practitioner about action we take in relation to a significant breach notification due to privacy and secrecy laws, but we will provide updates to notifying registered tax practitioners as appropriate where we are able to or required to by law. 
  9. The TPB has additional guidance on investigations, which includes information on the process, approach to dealing with complaints, investigations into breaches of the Code, and the process for the review and appeal of outcome of investigation decisions.  

Interactions with other government agencies and regulatory bodies

  1. The TPB will continue to leverage off existing information-sharing frameworks with other government agencies and regulatory bodies, including the Australian Taxation Office (ATO), to support the breach reporting regime.
  2. The TPB will consider information identifying ‘potential’ Code breaches received through these frameworks as part of its ordinary review and investigations processes and take any compliance action, as appropriate, in accordance with the breach reporting obligations. 
  3. Information referred to the TPB about the conduct of registered tax practitioners may not constitute a significant breach of the Code. As with breach reports made directly to the TPB, whether this is the case, will ultimately depend on the particular facts and circumstances. 
  4. For example, if the ATO refers information to the TPB about the conduct of a registered tax practitioner identified as part of taxpayer review, audit, investigation or litigation action, the TPB will review the intel in line with the TPB’s approach to investigating breach notifications before taking any further action. Conversely, if information received from a registered tax practitioner as part of a breach report identifies a potential tax compliance risk, the TPB may refer that intel to the ATO. 
  5. If another government agency is aware of conduct that may constitute a significant breach of the Code,  and/or refers information about that conduct to the TPB, the registered tax practitioner must still report the breach to the TPB and/or applicable RPA (where relevant).
  6. If a formal investigation is commenced, and a breach of the TASA, including the Code, is identified, the TPB is required to notify any RPA(s) of the registered tax practitioner and the ATO[51] of the outcome in the circumstances outlined in subsection 60-125(8) of the TASA. Further, where a breach of the TASA, including the Code, is identified, the TPB is required to include details of the Board’s findings, including the contravening conduct and reasons for the Board’s findings, on the TPB Register in accordance with subsection 60-135(1) of the TASA and the requirements stipulated in the TASR.

Case studies

  1. Whether a registered tax practitioner has reasonable grounds to believe there has been a significant breach of the Code must be decided on a case-by-case basis, having regard to the particular facts and circumstances. For this reason, it is not possible to provide a list of:
    • scenarios that will (or will not) constitute significant breaches of the Code, or 
    • grounds that will amount to ‘reasonable grounds’. 
  2. The below case studies provide general guidance only. In all cases, consideration will need to be given to the specific facts and circumstances.

    Case study 1 – ‘Reasonable grounds to believe’ tax practitioner does not meet an ongoing registration requirement and has breached Code

    David is a registered tax agent. He is the sole director and one of 2 nominated supervising agents of a registered tax agent company. He employs 10 staff to provide tax agent services on behalf of the registered tax agent company. Of the 10 staff:

    • one staff member, Gaby, has 5 years of experience in providing tax agent services and is the other nominated supervising agent. She is largely responsible for the training of new staff, and the reviewing of work undertaken by the less experienced staff members
    • 2 are recent graduates with less than 6 months of experience, and
    • the remaining staff members have 2 years of experience.

    Gaby recently commenced maternity leave. David did not nominate a replacement supervising agent.

    After a period of 6 months, David began receiving complaints from clients in regard to the quality of work undertaken by some of the employees of the registered tax agent company, with a number of clients’ tax returns adjusted during audits undertaken by the ATO, with substantial additional tax shortfall penalties and interest charges imposed on clients.

    As the sole director, David was concerned that the registered tax agent company was likely in breach of its obligation to ensure that the tax agent services provided on behalf of the company are provided competently (Code Item 7) and whether the number of supervising agents nominated was adequate and decided to make further enquiries. 

    David discovered that a number of staff oversights and errors had occurred, quality checks and controls had not been updated to reflect the change in supervising agents, and in Gaby’s absence, staff training had ceased. 

    David had reasonable grounds to believe that the company had breached its ongoing registration requirement to have a sufficient number of individuals, being registered tax agents, to provide tax agent services to a competent standard and to carry out supervising arrangements. 

    Further, the company’s failure to ensure that adequate supervisory and quality control arrangements were in place, and staff had the required skills and experience, meant that the company had failed to ensure that the tax agent services provided on its behalf were provided competently, and as such, was in breach of Code item 7. 

    David also had reasonable grounds to believe the breach was significant, noting that the breach:

    • resulted in material loss to the clients
    • was considered ‘otherwise significant’ given that:
      • there were a number of clients impacted over a period of 6 months 
      • the ability for the tax agent company to provide a competent service was impacted by the change in supervising agents 
      • the tax agent company’s arrangements to ensure compliance with the Code were inadequate given all training and quality assurance of work was undertaken by one staff member. 

    As David, in his capacity as sole director of the tax agent company, has reasonable grounds to believe the conduct constitutes a significant breach of the Code by the company, he self-reports the company’s breach to the TPB using the Notify a change in circumstances form.

    The breach reporting law technically also requires David to report in his individual capacity as a registered tax agent. However, as David has actual knowledge that the breach has already been reported by the company, he believes the information to be accurate and has no further material information to add, he decides not to report it in line with the TPB’s compliance approach. 

    David documents that decision and the reasons for it should he be required to explain the decision as part of a future review or investigation.

    The TPB assesses the breach report by the tax agent company, undertakes a preliminary analysis of the information provided and makes further enquiries in order to decide whether to commence a formal investigation. In the circumstances, it is likely that the TPB will find the company has breached Code item 7and that the breach is significant, which may lead to the imposition of sanctions. It is also likely that the TPB may also find that the company has breached Code items 8, 9 and 10. 

    It is unlikely that the TPB would take any compliance action against David for not reporting the breach in his individual capacity as he correctly relied on the TPB’s compliance approach. As David is the sole director of the company, it is likely that the TPB would take the same approach if David had reported the breach by the company in his individual capacity, and not on behalf of the company. 

    Case study 2 – Tax practitioner’s conduct equates to a significant breach of the Code 

    Ivan is a registered tax practitioner. He is one of 2 directors of a registered tax agent company. Frank, the other director, is also a registered tax agent. They are members of the same RPA.

    Over a period of 2 years, Ivan lodged false business activity statements (BAS) without the knowledge and authorisation of more than 10 clients. Following an ATO investigation, the ATO cancelled the lodgements to prevent a substantial amount of BAS refund credits from continuing to be paid when it was discovered that the entities were not carrying on an enterprise for GST purposes. The ATO also referred this intel to the TPB as part of their existing information sharing processes as they were concerned that the conduct involved had been fraudulent.

    Ivan had misappropriated the BAS credits, in addition to other client tax refunds, by nominating them to be paid into his own bank account, and the bank account of another individual who was not entitled to the returns. He also put a number of clients at risk when he shared his credentials used to access ATO systems with another individual. This allowed unsupervised access to confidential taxpayer information and left the clients open to their information being used fraudulently.

    Frank is contacted by several of Ivan’s clients regarding the suspected misappropriation of client refunds. With the permission of those clients, he checks the firm's records, which confirms that the funds had not been paid to the firm’s trust account. He also discovers email evidence that Ivan shared his ATO credentials with another person. Through his enquiries he also discovers that Ivan had falsely lodged BAS on behalf of the clients.

    Although Ivan is aware of his obligations under the breach reporting law and is well positioned to make an assessment that his conduct involves significant breaches of the Code, he decides not to report to the TPB as he is concerned about the potential consequences.

    Based on the information provided by Ivan’s clients and the findings of his own enquiries, Frank considers he has reasonable grounds to believe Ivan has breached a number of Code items, in particular Code items 1, 3, 4 and 11, and the breaches are significant, noting that the:

    • false lodgements and misappropriation of client funds may constitute an offence involving dishonesty under an Australian law, as they involve dishonest conduct
    • breach of client confidentiality was likely to result in material loss or damage to the impacted clients, and
    • breach would have been considered ‘otherwise significant’, given the impact of the breach on Ivan’s ability to provide tax agent services and the extent to which the breach could be said to indicate inadequate arrangements to ensure compliance with the Code. 

    Frank has an obligation to notify the TPB, within 30 days of the day on which he first had, or ought to have had, reasonable grounds to believe that he had breached the Code and the breach was significant. Frank considers the time runs from the day he obtains sufficient information to substantiate his view, being once he made additional enquiries following the client complaints to obtain further evidence. He lodges his report using the TPB Complaints form. As Frank is aware that Ivan is a member of the same RPA, he also has an obligation to notify the RPA within the same period. He makes sure both reports are lodged on time. 

    The TPB assesses Frank’s breach report in order to decide whether there is sufficient credible information to commence a formal investigation. Taking into account the intel the TPB has received from the ATO about the false lodgements, it is likely that the TPB will find Ivan has breached Code items 1, 3, 4 and 11, which may lead to the imposition of sanctions. 

    As Ivan has not self-reported the breach to the TPB, it is likely the TPB will take a firmer compliance approach to enforcing compliance with the breach reporting obligations, particularly given the nature and seriousness of the breaches, the number of breaches and clients involved, and the risk of further non-compliance.

    Case study 3 – Tax practitioner’s conduct does not equate to a significant breach of the Code, but does later when considered with other breaches

    Samantha has been a registered tax agent for 5 years and is employed by ABC Pty Ltd, a registered tax agent company.

    Recently, ABC Pty Ltd received a complaint from a new company client that identified the following issues concerning the tax agent services provided by Samantha:

    • Samantha had not passed on the client’s most recent tax refund for a month
    • Samantha had failed to provide the client with a finalised copy of the client’s return, and
    • client instructions and interactions were not documented properly.

    After further investigation, ABC Pty Ltd discovered that this was a once off occurrence and it appeared no other clients had been impacted. 

    While Samantha’s behaviour may be considered to be a breach of the Code (Code item 7) as she had failed to provide tax agent services competently, ABC Pty Ltd consider they do not have reasonable grounds to believe the conduct involved equates to a significant breach of the Code, noting the breach:

    • does not constitute an indicatable offence, or an offence involving dishonesty, under an Australian law
    • has not resulted, nor is it likely to result, in a material loss or damage to the client or other entity
    • is not considered to be ‘otherwise significant’ given it was a once-off, had not impacted Samantha’s ability to otherwise provide tax agent services, and was not indicative of any systemic issue that would result in non-compliance with the Code.

    ABC Pty Ltd decide, in good faith based on the information available to them, that they do not have an obligation to report. They document that decision and the reasons for it should they be required to explain the decision as part of a future review or investigation.

    Three months later, ABC Pty Ltd receives several complaints from other clients, identifying similar issues. The company considers there are now reasonable grounds to conclude there has been an ‘otherwise significant' breach of the Code, particularly given:

    • the number and frequency of similar breaches by Samantha (even though each by itself may not be considered significant)
    • the conduct indicates:
      • broader issues that may continue to impact Samantha’s ability to provide tax agent services, and the potential for similar breaches
      • broader systematic issues with the arrangements that Samantha has in place to comply with the Code obligations.  

    Although ABC Pty Ltd are not certain there is a breach that meets the reporting criteria, because they have reasonable grounds for their view that there has been an ‘otherwise significant’ breach and can substantiate it, they err on the side of caution and report the conduct to the TPB and Samantha’s RPA. They provide evidence of their previous decision not to report, which they made in good faith at the time, when they lodge their breach reports.

    Case study 4 – Tax practitioner, through credible information, is aware that that another tax practitioner’s conduct equates to a significant breach of the Code 

    Colin is a registered tax agent in a medium sized accounting firm, XYZ Firm.

    Ben is a former colleague of Colin, who worked at XYZ Firm until he recently secured a position at another firm. He is currently a registered tax agent and member of the same RPA as Colin. Colin took over Ben’s clients when he left the firm.

    Colin has recently become aware, through his interactions with several of Ben’s former clients, that Ben had been receiving substantial tax refunds on behalf of the clients and depositing those refunds into his own personal business account and retaining them. The clients provide Colin with copies of their notices of assessment, tax refund and account details, which confirm they did not receive the payments. 

    Colin is also aware that Ben had been misleading clients into believing their tax returns had been lodged and advising them that they owed tax, money which was then paid to Ben, and used for his own benefit. The clients provide Colin with details of the payments made, including the account details of the personal business account Ben provided them with. 

    Colin followed up these complaints by checking XYZ Firm’s working files and online records for the clients involved, prepared by Ben while he was working at the firm, which confirmed that the tax refunds and tax payments had not been paid to a trust account held by the firm, and there had been false or fraudulent lodgements.

    Based on this information, Colin considers he has reasonable grounds to believe that Ben has breached multiple Code items (in particular Code items 1, 3, 4 and 11), and the breaches are significant, taking into account the following:

    • it appears Ben may have committed an offence involving dishonesty under an Australian law, having misappropriated client funds
    • the misappropriation of funds has resulted in, or is likely to result, in material loss or damage to Ben’s clients 
    • the breach is ‘otherwise significant’ given the behaviour has been ongoing for some time and involves multiple breaches of the Code. 

    Colin is under an obligation to notify both the TPB and RPA (which he is aware that Ben is a member of) within 30 days of the day on which he first had, or ought to have had, reasonable grounds to believe that Ben had breached the Code and the breach is a significant breach. In the circumstances, Colin considers that the 30-day period runs from the day he accessed the firm’s information and was able to substantiate the client’s claims.

    Colin promptly lodges both reports as he is keen to ensure he complies with the breach reporting obligations. He also advises XYZ Firm of his findings and that he had lodged breach reports with both the TPB and RPA. After further discussion with Colin, and consideration of the TPB’s compliance approach for breaches already reported, XYZ Firm decide to lodge their own breach reports. Although the information Colin had provided is accurate, they have additional material information to further support the breaches reported.

    The TPB assesses the breach reports lodged by both Colin and XYZ Firm in order to decide whether there is sufficient credible information to commence a formal investigation. It is likely that the TPB will find Ben has breached Code items 1, 3, 4 and 11, which may lead to the imposition of sanctions. As Ben is also required to self-report to comply with the breach reporting obligations, but has failed to do so, this will also be taken into account by the TPB when deciding what compliance action to take. 

    Case study 5 – Tax practitioner, through ‘gossip’ thinks that another tax practitioner’s conduct may equate to a significant breach of the Code 

    Brittany is a registered BAS agent. She attends monthly discussion group sessions with other registered BAS agents. She is also a member of an online forum that discusses new and emerging issues in the BAS agent space.

    At a recent discussion group session, Brittany overheard 2 attendees gossiping about a mutual acquaintance, Chris, an individual also known to Brittany. She overheard them discussing the new requirements for BAS agents to complete 90 hours of continuing professional education (CPE) and how Chris, has been falsifying his CPE certificates. She also overheard them saying that Chris had made false statements to the TPB to hide the fact that he had not completed his CPE.

    Brittany made no further enquiries regarding what she had overheard. She also did not have any independent evidence to suggest that Chris had in fact falsified his CPE certificates. In fact, Brittany had recalled seeing Chris at several of the discussion groups she attends, as well as 2 recent technical workshops delivered by her professional association.

    As Brittany had no evidence that Chris had falsified his CPE certificates to verify or corroborate the gossip and given her knowledge that Chris had recently attended discussion groups and technical workshops on the CPE requirements, it was reasonable for her not to make further enquiries.

    In these circumstances, Brittany would not be under an obligation to notify the TPB. She would not be considered to have reasonable grounds to believe that Chris had breached the Code, as such a belief would be founded solely on the gossip overheard at the group discussion session.

    Case study 6 – Tax practitioner, a direct competitor of another practitioner, makes a frivolous and vexatious unsupported claim to the TPB

    Tamara is a registered tax agent in a large well-known accounting firm. Max, a registered tax practitioner in another leading accounting firm known to be in direct competition with Tamara’s firm, recently took over one of her clients, actively seeking out the client engagement. Tamara was unhappy to have lost this client as they were a ‘big client’ and she had only recently joined the firm and was keen to make an impression.

    Tamara overhears a discussion between colleagues at her firm regarding the client’s change in firms, and the fact that it had come as a surprise to the firm given the rumours that had been circulating that Max had been involved in fraudulent tax claims of substantial monetary value.

    Tamara does not make any further enquiries to substantiate the rumours she has overheard. However, she decides to report a significant breach of the Code to the TPB anyway, seeing this as a potential opportunity to ‘get back’ at Max. Although it would be reasonable for Tamara to conclude that a fraudulent claim involving a substantial sum of money would be considered a significant Code breach (despite not having expertise in criminal law), she does not turn her mind to whether it meets the relevant test.

    Tamara doesn’t consider the consequences of lodging such a report or the lack of evidence she has to substantiate it, focussing instead on her personal motives.

    As the breach relates to the conduct of another registered tax practitioner, Tamara uses the TPB Complaints form to lodge the report. The information accompanying the breach notification provides very little detail about the breach and contains a number of statements that do not appear to be supported.

    On receipt of the report, the TPB undertakes a preliminary analysis of it to assess and validate the purported breach and determine whether Tamara has ‘reasonable grounds’ for believing there has been a significant breach of the Code by Max. 

    The TPB makes initial enquiries with Tamara regarding the background to the purported breach, the circumstances in which she became aware of it and the nature of the relationship between the parties in an attempt to substantiate the claim. It becomes very clear during these communications that she is basing her view solely on the hearsay, speculation or the unsubstantiated opinion of her colleagues. The history to the takeover and competition between the firms may also have a bearing on the credibility of the notification made and increases the potential for it to be vexatious. She did not make any further enquiries to verify or corroborate the rumours she heard, nor did she have any independent evidence.

    The TPB also does not have any information to indicate that Max has a history of non-compliance with the TASA, including the Code, or the taxation laws more broadly.

    As the breach notification has not been sufficiently supported with appropriate facts and evidence, and the TPB is not satisfied there are reasonable grounds for the belief that there has been a significant breach, the TPB treats the claim as frivolous and vexatious. The TPB decides not to commence a formal investigation regarding Max’s conduct in response to the report.

    TPB records show that Tamara recently lodged another breach notification in relation to a purported breach of the Code by a colleague within the same firm. The notification was also treated as frivolous and vexatious due to a lack of appropriate facts and evidence to support it.

    Given the circumstances surrounding these breach notifications, and concerns that Tamara may not be acting honestly and with integrity by making these frivolous and vexatious claims, it is likely that the TPB will take steps to investigate Tamara’s conduct.

    Case study 7 – Tax practitioner is not certain whether a breach is significant but reports the breach 

    Alana is a registered tax agent. She is one of 2 directors of a small suburban accounting firm, Bill being the other director. The firm employs 2 accounting graduates and a BAS agent. The firm’s clients are largely local small businesses, most of which are individual sole traders.

    The firm recently located to a newly established suburb and took on a large number of local individual sole traders operating in the building industry as clients. 

    During the recent tax time period, Alana stumbled across hard-copy versions of income tax returns that Bill had prepared for 7 of his new clients. The returns appeared to be claiming what Alana regarded as excessive amounts of work-related car expenses given the clients' occupations. Alana questioned Bill about the returns that had been prepared by him, including whether the clients had logbooks to substantiate the claims. Bill reassured her that it was all above board, and although he hadn’t seen any supporting documentation from his clients, they had assured him that they had the necessary paperwork. Alana did not question Bill any further as he seemed reluctant to explain his rationale for the claims. She was also not able to make any further enquiries as she did not have access to Bill’s client files.

    Given Bill’s response to her enquiries and her knowledge of work-related car expense claims in the building industry, Alana considers she had reasonable grounds to believe that the expenses had been claimed without appropriate substantiation and Bill had breached the Code. Alana was not certain whether this conduct would amount to a significant breach, noting that she was not aware of the scale of the expense claims being made by Bill for his client base, and was unable to confirm that the clients had appropriate substantiation for the claims made in their returns. However, given the number of clients involved and the likelihood of others, Alana errs on the side of caution and reports the breach to the TPB.

    In the circumstances, Alana has made the correct decision to report the breach. She considers she has reasonable grounds to believe that a breach of the Code has occurred. Although she is not certain whether a significant breach has occurred and does not have conclusive proof, she still considers she has a solid enough foundation or basis on which to base her belief, supported by appropriate facts and evidence, for the following reasons:

    • the work-related car expense claims in the hard copy tax returns were excessive
    • Bill was evasive when questioned about appropriate substantiation for the claims made 
    • Bill admitted he had not seen any supporting documentation
    • she had evidence of at least 7 clients with excessive expense claims, and
    • if Bill was claiming similar amounts for other clients, the claims would be of a scale that Alana would consider significant. 

    If the breach is investigated further by the TPB and deemed not to be significant, it is unlikely there would be any adverse consequences for Alana, including any sanctions imposed. The report would not be considered malicious, vexatious or frivolous as she reported the breach in good faith on the basis that she considered she had reasonable grounds to believe the breach was significant.

    Case study 8 – Tax practitioner is not certain whether a breach is significant and decides not to report the breach 

    Assuming the facts of case study 7 above, before deciding whether to report the breach, Alana decides to make further enquiries to try and further substantiate her belief that the work-related car expenses for the 7 clients were made without appropriate substantiation.

    Alana speaks to one of the accounting graduates who is working under the supervision of Bill. She asks the graduate whether they had assisted in completing the income tax returns for those clients. She also asks them whether the clients had provided copies of their logbooks for the work-related car expenses that had been claimed. The graduate confirms that they did assist Bill in completing sections of the income tax returns for those clients and that Bill had advised the graduate that the clients had provided copies of their logbooks to substantiate the claims, although they did not review the logbooks themselves. 

    Alana makes no further enquiries. She remains suspicious about the work-related car expenses that have been claimed and whether the conduct extends to other clients. However, in the circumstances, given the further enquiries she made and reassurances provided to her from the graduate, she decides not to report. 

    Alana documents her decision in her work diary. She includes details of the further enquiries she made, the evidence available to her, and her reasons for not reporting the breach.

    Several months later, the TPB receives a referral from the ATO in relation to potential misconduct by Bill. He has overclaimed work-related car expenses for a significant number of clients, including the 7 clients that Alana had made further enquiries about. Further, the claims were made without supporting documentation. In some cases, logbooks were not sighted by Bill and in other cases, incomplete logbooks were relied on.

    In the circumstances, it is unlikely that the TPB would take any compliance action against Alana. Her decision to not report was made in good faith and supported by the fact that she had documented in detail her reasons for not reporting. As such, the TPB is likely to take an educative approach and assist Alana to better understand her breach reporting obligations.

    Case study 9 – Tax practitioner acquires new client and reports a significant breach of another tax practitioner from a different firm

    Louis is the sole director of a registered tax agent and small accounting firm. He is approached by Betty, a new client who, in their first meeting, expresses her dissatisfaction with the quality of work undertaken by the previous tax agent, John.

    In this meeting, Louis probes Betty further and asks her what she was dissatisfied with so he could ensure that he provides a better service for her. Betty mentions to Louis that her last 2 tax returns were amended, and she had shortfall interest charges and general interest charges imposed on each occasion. Louis made further enquiries of her to better understand what triggered the amendments and Betty confirmed that it related to work-related clothing expenses that had been claimed on John’s advice, that she was not entitled to. She provided copies of the amended income tax returns for his perusal. Betty also advised that she has a friend, still a client of John’s, who also had tax returns for previous years amended for the same reason.  

    In the circumstances, Louis had reasonable grounds to believe that John had breached the Code by not taking reasonable care in ascertaining the client’s state of affairs (Code item 9), not taking reasonable care to ensure that the taxation laws were applied correctly to Betty’s circumstances (Code item 10), and not ensuring that the tax agent service provided was provided competently (Code item 7). In addition, Louis assessed the breaches as ‘otherwise significant’, particularly given the:   

    • conduct involved more than one breach of the Code
    • financial impact the breaches had on his client
    • information he had that the claiming of unsubstantiated work-related clothing expenses was not limited to one client
    • behaviour appeared to have been ongoing for some time
    • increased risk of future Code breaches
    • conduct reflected on John’s ability to provide tax agent services competently.  

    Louis decides to report the breach to the TPB. Louis thinks that John may be a member of an RPA and decides to check the TPB’s register which confirms that he is. Louis visits the relevant RPA’s website, which has a list of members, to double-check, before making a second report to that RPA.

    In the circumstances, Louis has made the correct decision and reported the breach. Louis had sufficient information to substantiate his belief that John had breached the Code and that the breach was significant. Louis has also appropriately discharged his responsibilities under the breach reporting obligations by reporting the breach to the RPA.

    Case study 10 – Tax practitioner acquires new client and does not report a significant breach of another tax practitioner from a different firm  

    Rhonda is a registered tax agent. Most of her work involves the completion of individual income tax returns.

    As the tax time period approaches, Rhonda takes on an unusually high number of new clients. Rhonda thinks nothing of this until, when completing the income tax returns for these clients, she notices that these clients have all come from a registered tax agent at a competitor’s firm. She contacts her competitor, Mary, and asks for the files for those clients (including key original documents, such as trust deeds). Mary refuses to provide Rhonda with those files and there is no further discussion.

    Rhonda suspects that something untoward must have occurred for those clients to have changed tax agents, particularly noting that Mary refused to provide Rhonda with those files.

    When Rhonda next meets with her clients to review the income tax returns that have been completed for them before lodgement, she queries them about their reasons for changing tax agents. Most of the clients expressed a general dissatisfaction with the work of Mary but did not provide any details of potential breaches that would require Rhonda to report her conduct in relation to the work performed. 

    In the circumstances, Rhonda determines that she does not have reasonable grounds to believe that a significant breach has occurred in relation to the work performed by Mary for her clients and decides not to report her on that basis. She documents her decision not to report, including details of the further enquiries she made and how she arrived at the decision not to report.

    However, Rhonda is still concerned about Mary’s conduct in relation to withholding the client files, which contains key documents, information and background (for example, key original documents of the client, such as trust deeds) that may be relevant to the provision of tax agent services by Rhonda moving forward. She considers she has reasonable grounds to conclude that Mary has still breached the Code, in particular Code items 1, 4 and 11, and that the breach is ‘otherwise significant’ in relation to that conduct and decides to report it to the TPB, and Mary’s RPA.

    Not long after Rhonda reports the breach to the TPB, it comes to the TPB’s attention, through an ATO referral, that Mary had been underreporting the business income of the clients involved. She had not been reporting cash payments that those clients had been in receipt of, despite being aware that the clients were involved in businesses where cash payments were common.

    In the circumstances, although Mary has breached the Code and the breach would likely be considered significant, Rhonda did not contravene the breach reporting obligations in relation to reporting of this conduct. At the time Rhonda made the decision not to report, the TPB would not expect Rhonda to take on the role of investigator or auditor and probe further. She made appropriate reasonable enquiries of both Mary and the clients and was not able to obtain any evidence of a breach having occurred.

    Case study 11 – Tax practitioner incorrectly claims deductions as a result of using new software that has incorrectly classified transactions and the breach is considered ‘otherwise significant’ 

    Isaac is a registered BAS agent. He recently attended a practice management conference. At this conference, a number of new software products designed and sold by various digital service providers (DSP) were marketed to attendees. The new software products are designed to streamline the coding of transactions according to GST classifications. 

    Isaac, impressed by the new products, decided to purchase one of the software products to assist him in his BAS agent business. He had recently taken on a large number of clients due to a colleague retiring and was excited about the prospect of expanding his client base further given the efficiencies that new software product would inject into his business. 

    Isaac spent some time familiarising himself with the software product before he implemented it into his businesses processes. This included running dummy clients through the software and reviewing the output of the software for accuracy. In performing the testing of the new software product, Issac noticed errors in the software output for 5 out of 10 clients, which if used would have resulted in the overclaiming of GST input credits. However, as the DSP was a reputable company and the product had come highly recommended to him at the conference, Isaac put it down to 'one-off' teething issues.

    Despite these findings, Isaac commenced using the software for clients with an annual aggregated turnover of more than $250,000. Given there had only been a few discrepancies identified in testing, he decided there was no need to undertake further reviews of the output of the software to determine if it was faulty. Nor did he contact the DSP he purchased the software product from to establish whether any other errors had been reported.

    After several months of using the software, Isaac noticed some errors in one of his client’s BAS. He decided to review other BAS prepared for that client and other clients and noticed similar errors which resulted in the overclaiming of GST input credits. Isaac recalled the errors he identified during testing, which should have led him to conduct further reviews of the data and make enquiries with the DSP at the time. Armed with this additional evidence, confirming his early suspicion that the new software may be faulty, Isaac decided to do further testing of the software to see where the errors may have occurred, and contact the DSP. 

    In the meantime, Isaac reports the breach to the TPB as he has reasonable grounds to believe that he had breached the Code on the basis that he had not taken reasonable care in ensuring that the taxation laws are applied correctly to a client’s circumstances (Code item 10), and for not ensuring that the services provided to the client was provided competently (Code item 7). 

    He assessed the breach as ‘otherwise significant’ for the following reasons:

    • there were a number of clients impacted over the course of the period in which he was using the new software
    • Isaac should have taken steps to undertake further testing and make enquiries before using the new software to prepare his client's BAS, having identified errors in the testing phase
    • his ability to provide a competent service was impacted by the errors caused by the new software, noting that he should have ceased using the software until the source of the errors was determined
    • he had taken on additional clients that he was now at risk of not having the appropriate and adequate resources in place to provide a competent service to
    • his arrangements to ensure compliance with the Code were inadequate, noting that it was some time until the errors were discovered and there appeared to be no adequate review of the output of the software after the testing phase.

    After further testing of the software with the assistance of the software provider, Isaac discovers where the coding errors occurred and made the necessary adjustments in the software to ensure no further errors would arise. He also implemented a new process of regularly reviewing the data generated by the software for accuracy. He also immediately lodged amended BAS for each of the clients impacted.

    In the circumstances, Isaac has met his obligations under the breach reporting requirements. Although the TPB may make a determination that there has been a significant breach of the Code by Isaac, it is likely the TPB will take into account the fact that Isaac has complied with his breach reporting obligations and has rectified the breaches in determining the appropriate sanction to impose.

    Case study 12 – Tax practitioner acquires information about a suspected breach while supervising employees 

    Christopher is a registered tax agent. He is one of 2 directors of a small accounting firm and the sole supervising agent of the tax agent company. The firm employs 4 additional staff, 2 of whom are recent graduates. 

    As supervising agent for the firm, Christopher’s responsibilities include:

    • providing a substantial degree of oversight of the work undertaken by the 2 graduates, including of work they have undertaken for Cheryl, the other director of the firm, also a registered tax practitioner
    •  undertaking periodic checks of material prepared by staff
    • conducting quality review of work undertaken by staff as required
    • providing appropriate ongoing training to staff, particularly the 2 graduates.

    During the course of his supervision of the 2 graduates, Christopher notices that there has been no accounting for the private portion of expenses of several clients, with those private portions of the expenses claimed as business expenses. Christopher immediately identifies a potential knowledge gap in the graduates’ understanding of how business expenses should be accounted for. At this point, Christopher does not have reasonable grounds to believe that there had been a breach of the Code.

    Christopher arranges to deliver some additional training on the topic of business income to address the knowledge gap. During those training sessions, there was some general discussion around the expenses that had been incorrectly claimed. The graduates inform Christopher that when they were instructed by Cheryl to complete the work, she had assured them that all expenses were legitimate business expenses. When the graduates queried Cheryl about whether the clients in question had provided receipts to substantiate the expenses, her response was that they had provided some receipts but not all. She had also admitted to the graduates that this area of the tax law had never been a strong point and she needed to ‘brush up’ on her knowledge and skills but could never find the time.

    At this point, Christopher is concerned that Cheryl may be overclaiming business expenses for her clients. He asks the graduates if he can see their working papers for the returns that were prepared and, in particular, any documentation in relation to the business expenses and the substantiation that had been provided. While examining the working papers and other documentation, Christopher forms the view that there are reasonable grounds to believe that Cheryl has breached the Code (Code items 7, 8 and 10) and that the breaches are ‘otherwise significant’, particularly given the:

    • conduct involved more than one breach of the Code
    • number of similar breaches
    • number of clients involved
    • increased risk of future Code breaches
    • conduct reflected on Cheryl’s ability to provide tax agent services competently more broadly and were indicative of inadequacies in her arrangements to ensure compliance.

    Christopher reports the breach to the TPB. Christopher has complied with his breach reporting obligations under the TASA.

    Case study 13 – Tax practitioner obtains information during discussion groups and makes further enquiries to substantiate claim

    Hannah is a registered tax agent at a mid-tier accounting firm, employed at an office located in a regional country area. Each month, she attends tax training sessions run by an external provider. These training sessions are open to all tax professionals and are followed by a discussion group session where the content of the training session is discussed in further detail. 

    Hannah is a regular attendee at both the training and discussion group sessions. At a recent discussion group session focusing on personal services income (PSI), a registered tax agent from another firm, Rowan, who was a regular attendee at these sessions, discussed a hypothetical scenario. In this scenario, the client was proposing to set up a company for the purposes of diverting personal service income and avoiding being taxed at the individual tax rates. Rowan, who admitted he had limited knowledge on the topic of PSI, sought the thoughts of others as to whether this was something that the client could legally do.

    Hannah had some familiarity with the PSI rules and knew that if the client in this hypothetical scenario met one of the tests for determining whether the PSI rules applied, then the income would need to be attributed to the individual. There was some discussion around this and how the PSI rules may apply to the scenario before the discussion moved on to other matters.

    Several months down the track, Hannah took on new clients. All clients came from the firm that Rowan is employed at, located in the same regional country area. Hannah had initial meetings with these clients to discuss their tax affairs and to draft letters of engagement for the clients to sign. The clients provided Hannah with copies of their most recent income tax returns and working papers for those tax returns. They also provided company returns for associated entities. Upon inspection of the previous income tax returns and working papers, Hannah noticed that Rowan, the registered tax practitioner from the discussion groups she attends, had completed the returns. It also appeared that not all PSI income had been appropriately accounted for in the clients’ individual tax returns and had been diverted to various other entities.

    Hannah recalled the hypothetical situation discussed by Rowan at the recent discussion group session she attended. Based on that discussion, and her observations following inspection of the clients’ individual income tax returns and the company returns of associated entities, Hannah considered she had reasonable grounds for believing Rowan had breached Code items 1, 4, 7, 9 and 10 by advising clients to enter into arrangements for the sole or dominant purpose of obtaining a tax benefit. Hannah assessed the breaches as ‘otherwise significant’, noting the:

    • significant amounts of PSI income had been diverted to the associated companies, presumably to take advantage of the company tax rate, which was a lower rate than the individual income tax rates that would be applicable to the clients
    • number of clients involved
    • number of similar breaches across the client files
    • increased risk of future Code breaches
    • conduct reflected on Rowan’s ability to provide tax agent services competently more broadly and was indicative of inadequacies in his arrangements to ensure compliance.

    Hannah reports the breaches to the TPB. Having knowledge that Rowan is a member of 2 RPAs, Hannah also reports the breaches to each of the RPAs. 

    Hannah has complied with her breach reporting obligations under the TASA.


References

[1] This includes ‘significant breaches’ of subsection 30-10(17) of the TASA, which relate to obligations determined by the Minister under section 30-12 of the TASA, subject to the applicable application date of those obligations. For more details, see Tax Agent Services (Code of Professional Conduct) Determination 2024.

[2] Effective from 1 January 2024, the object of the TASA is to support public trust and confidence in the tax profession and the tax system by ensuring that tax agent services are provided to the community in accordance with appropriate standards of professional and ethical conduct: section 2-5 of the TASA.

[3] See, for example, the breach reporting regime administered by the Australian Securities and Investments Commission (ASIC), which broadly requires Australian financial services licensees and Australian credit licensees to report certain breaches of the Corporations Act 2001 and National Consumer Credit Protection Act 2009 to ASIC, including ‘significant breaches’ of core obligations. 

[4] A list of recognised professional associations is published on the TPB’s website. 

[5] Derived, in the first instance, from The Macquarie Dictionary, Macmillan Publishers Australia, 2023.

[6] Section 3-5 and subsection 90-1(2) of the TASA; section 995-1 of the Income Tax Assessment Act 1997.

[7] Offences may be described differently depending on the Commonwealth, State or Territory law that applies. Whether there is an indictable offence or offence involving dishonesty will ultimately depend on the facts and circumstances.

[8] Section 4G of the Crimes Act 1914

[9] Section 3 of the Criminal Code Act 1899 (Qld)

[10] Section 3 of the Criminal Procedure Act 1986 (NSW)

[11] See the definitions of ‘dishonesty’ and ‘dishonest’ in The Macquarie Dictionary, Macmillan Publishers Australia, 2023.

[12] Based on the criminal test of dishonesty expressed in R v Ghosh [1982] 3 WLR 110.

[13] Section 470.2 of the Criminal Code Act 1995.

[14] See also, section 9 of the Corporations Act 2001 (Cth), which defines ‘dishonest’ as meaning ‘dishonest according to the standards of ordinary people’.

[15] See for example, section 4B of the Crimes Act 1900 (NSW) and section 300 of the Criminal Code 2002 (ACT).

[16] The Explanatory Memorandum to the Tax Agent Services Bill 2009 states at paragraph 2.51: ‘The offence of dishonesty takes its ordinary meaning.  Under section 130.3 of the Criminal Code, dishonest is defined as dishonest according to the standards of ordinary people in circumstances where the defendant is aware of these standards.  Consequently, the scope of ‘dishonest’ is determined by community standards. 

[17] The Macquarie Dictionary Macmillan Publishers Australia, 2023, relevantly defines ‘involve’ (verb) as meaning:’1. To include as a necessary circumstance, condition, or consequence; imply; entail….3. To include, contain, or comprehend within itself or its scope’.

[18] This could include seeking professional advice, including legal advice, if the registered tax practitioner considers it appropriate to do so.

[19] If a registered tax practitioner is convicted of an offence involving fraud or dishonesty, this is an event that already needs to be reported to the TPB under section 30-35 of the TASA and may affect their continued registration under section 20-45 of the TASA.

[20]  If a registered tax practitioner has been convicted of a fraudulent and dishonest offence, and that conduct is considered a ‘significant breach’ of the Code as it constitutes an indictable offence or an offence involving dishonesty, this can be reported to the TPB using the same form.

[21] The Macquarie Dictionary, Macmillan Publishers Australia, 2023

[22] The Macquarie Dictionary, Macmillan Publishers Australia, 2023

[23] The Macquarie Dictionary, Macmillan Publishers Australia, 2023; The Australian Oxford Dictionary, Oxford University Press, 2004.

[24] Boughey v the Queen (1986) 161 CLR 10 [High Court decision considering the term in the Criminal Code Act 1979 (Tas)]; Tillmanns Butcheries Pty Ltd v Australasian Meat Industry Employees’ Union [1979] FCA 85 (Full Federal Court decision considering the term in the context of the Trade Practices Act 1974); WKNH v Australian Securities and Investments Commission [2018] AATA 1325 (AAT decision considering the term in the context of the Business Names Registration Act 2011 (Cth). 

[25] Subsection 995-1(1) and section 960-100 of the ITAA 1997. The note to subsection 995-1(1) clarifies that the term entity covers all kinds of legal person, and groups of legal person and other things, that in practice are treated as having a separate identity.

[26] Section 2B of the Acts Interpretation Act 1901(Cth).

[27] The Macquarie Dictionary, Macmillan Publishers Australia, 2023

[28] The Australian Oxford Dictionary, Oxford University Press, 2004 similarly defines the term (adjective) as ‘noteworthy; important, consequential: a significant figure in history’.

[29] Section 2-5 of the TASA.

[30] Section 30-5 of the TASA.

[31] See paragraph (c) of the significant breach definition in subsection 90-1(1) of the TASA.

[32] The Macquarie Dictionary, Macmillan Publishers Australia, 2023

[33] George v Rockett [1990] HCA 26; (1990) 170 CLR 104.

[34] For example, see section 3W of the Crimes Act 1914.

[35] The TPB’s guidance in respect of the application of Code items will be informative for the tax practitioner when making this assessment. See: TPB Information products by topic, including TPB(EP) 01/2010 Code of Professional Conduct.

[36] This could include seeking professional advice, including legal advice, if the registered tax practitioner considers it appropriate to do so.

[37] For example, in Le'Sam Accounting Pty Ltd and Tax Practitioners Board [2021] AATA 1593 (21 May 2021) the Administrative Appeals Tribunal considered circumstances where a registered tax practitioner was aware, or ought reasonably to have been aware, of certain actions taken by an employee engaged in the provision of tax agent services. 

[38] See paragraphs 106 to 139 above (as appropriate).

[39] See paragraphs 106 to 139 above (as appropriate).

[40] The TPB provides information on RPAs, including a list of RPAs that are accredited by the TPB.

[41] The TPB does not have the authority to mandate what information RPAs will require from tax practitioners and the manner of notification.

[42]  Section 70-50 of the TASA.

[43] Refer in particular to Australian Privacy Principle 6 (APP 6) Use or disclosure of personal information, and in particular, the exception relating to use or disclosure of personal information as required or authorised by law.

[44]  Subsection 8C(1B) of the TAA. 

[45] Section 8AC of the TAA provides that section 8C applies to the TASA by replacing references to the Commissioner of Taxation with the TPB.

[46] The term ‘taxation law, as used in the TASA, is given the same meaning as in section 995-1 of the 1997: subsection 90-1(2) of the TASA. Paragraph (c) of the ‘definition’ of ‘taxation law’ in subsection 995-1(1) includes the TASA and TASR.

[47]  An offence of ‘absolute liability’ is an offence where no fault elements apply to the physical elements of the offence and the defence of reasonable mistake is not available: section 6.2 of the Criminal Code Act 1995 (Cth), which applies to offences under the TAA.

[48] Under section 90-1(2) of the TASA, the term ‘taxation laws’ has the same meaning in the TASA as in section 995-1 of the Income Tax Assessment Act 1997.

[49] Bar Association (NSW) v Cummins (2001) 52 NSWLR 279 at 289; Re John Jeremy William Wyborn and Tax Agents’ Board of New South Wales [2007] AATA 1492.

[50] Section 60-95 of the TASA.

[51]  If the decision or finding is relevant to the administration of the taxation laws, other than the TASA.