Entity overview

The Australian Taxation Office (ATO) is Australia’s principal revenue collection entity and is part of the Treasury portfolio. The ATO’s role is to administer Australia’s tax system, significant aspects of Australia’s superannuation system and business registry services.

The ATO has a single outcome delivered through 19 programs. It administers legislation governing tax, superannuation and the Australian Business Register and supports the delivery of government benefits to the community. The Commissioner of Taxation is the accountable authority for the ATO. In addition, the Commissioner of Taxation is also the accountable authority for the Tax Practitioners Board, the Australian Business Registrar and the Australian Charities and Not-for-profits Commission. The Commissioner is also the Registrar of the Australian Business Register and the first Registrar of the Australian Business Registry Services. Further information is available from the Australian Taxation Office’s website.

In the 2024–25 Portfolio Budget Statements (PBS) for the Treasury portfolio, the aggregated budgeted expenses for the Australian Taxation Office for 2024–25 total $33.5 billion. The PBS contain budgets for those entities in the general government sector (GGS) that receive appropriations directly or indirectly through annual appropriation Acts.

The level of budgeted departmental and administered expenses, and the average staffing level are shown in Figure 1. Administered expenses represent the largest proportion of the ATO’s total budgeted expenses.

Figure 1: Australian Taxation Office – total expenses and average staffing level by entity

Portfolio expenses and staffing level

Source: ANAO analysis of 2024–25 Portfolio Budget Statements.

Audit focus

In determining the 2024–25 audit work program, the ANAO considers prior-year audit and other review findings and what these indicate about portfolio risks and areas for improvement. The ANAO also considers emerging risks from new investments or changes in the operating environment.

The primary risks identified for the ATO relate to protecting data including the personal information of taxpayers held by the ATO, and application of the law in relation to offsetting debt deemed uneconomical to pursue.

Specific risks in the ATO relate to governance, regulation, and financial management.


The ATO is heavily reliant on IT systems to perform its functions. The ATO holds significant data holdings of business and personal information. Data governance and management, Essential Eight and Protective Security Policy Framework compliance, and contract management are key risks. Weaknesses have been identified in the way the ATO manages enterprise change management for key IT systems.

Systems integrity is important due to the ATO’s reliance on its IT systems. Cyber resilience, risk controls and their adequacy, and taxpayer privacy are specific risks. Related risks include segregation of tax IT systems, connections with other Australian Government systems, project management, resourcing, and staff capacity and capability.


The ATO faces a series of compliance risks. These include risks arising from administering tax legislation, private rulings, new policies and programs, risk profiling, delivery of budget measures, combating the shadow economy, and performance measures relating to compliance activities.

There are potential risks relating to the effectiveness of debt recovery and management if the ATO does not implement appropriate policies and procedures. This risk may lead to an increase in non-recoverable debts and potential reputational risk to the ATO around debt recovery and increases in tax gaps.

There are potential risks associated with the ATO workforce, particularly around skills shortages in the IT area. The nature of the ATO’s work means that the ATO needs to maintain a consistent focus on promoting compliance with the requirements of its ethical and probity frameworks. There are potential reputational risks if the ATO does not comply with legislation, does not properly manage perceived or actual conflicts of interest, or demonstrate procedural fairness.

Financial management

Risks in the preparation of financial statements arise from the significant value of taxation revenue, specifically the accuracy of taxation revenue, estimates of administered income and expenses and the valuation of tax receivables and provisions for refunds.

Previous performance audit coverage

The ANAO’s performance audit activities involve the independent and objective assessment of all or part of an entity’s operations and administrative support systems. Performance audits may involve multiple entities and examine common aspects of administration or the joint administration of a program or service.

During the performance audit process, the ANAO gathers and analyses the evidence necessary to draw a conclusion on the audit objective. Audit conclusions can be grouped into four categories:

  • unqualified;
  • qualified (largely positive);
  • qualified (partly positive); and
  • adverse.

In the period between 2019–20 and 2023–24 the Australian Taxation Office was included in 15 performance audits. The conclusions directed toward the Australian Taxation Office were as follows:

  • one was unqualified;
  • ten were qualified (largely positive);
  • three were qualified (partly positive); and
  • one was adverse.

Figure 2 shows the number of audit conclusions for the Australian Taxation Office that were included in ANAO performance audits between 2019–20 and 2023–24 compared with all audits tabled in this period.

Figure 2: Audit conclusions 2019–20 to 2023–24: the Australian Taxation Office compared with all audits tabled


Source: ANAO data

The ANAO’s annual audit work program is intended to deliver a mix of performance audits across seven audit activities: governance; service delivery; grants administration; procurement; policy development; regulation and asset management and sustainment. These activities are intended to cover the scope of activities undertaken by the public sector. Each performance audit considers a primary audit activity. Figure 3 shows audit conclusions by primary audit activity for audits involving the Australian Taxation Office.

Figure 3: Audit conclusions by activity for audits involving the Australian Taxation Office, 2019–20 to 2023–24


Source: ANAO data

Financial statements audits


The Australian Taxation Office is part of the Treasury portfolio. The risk profile of the Australian Taxation Office is shown in Table 1.

Table 1: Australian Taxation Office risk profile


Type of entity 

Engagement risk 

Number of higher risks 

Number of moderate risks 

Material entity 

Australian Taxation Office





Other audit engagements (including Auditor-General Act 1997 section 20 engagements)

Australian Taxation Office – GST Cost Statement

Australian Taxation Office – GST Controls Statement


Note a: Sourced from Public Governance, Performance and Accountability Act 2013 (Flipchart of PGPA Act) Commonwealth entities and companies (Department of Finance) as at 1 March 2024.

Material entities

Australian Taxation Office

The Australian Taxation Office (ATO) is Australia’s principal revenue collection entity and is part of the Treasury portfolio. The ATO’s role is to administer Australia’s tax system, significant aspects of Australia’s superannuation system and business registry services, together with the provision of support to the Tax Practitioners Board and the Australian Charities and Not-for-profits Commission.

Australian Taxation Office’s total budgeted revenue for 2024–25 is $637.6 billion, with the majority of these revenues attributable to income tax and indirect tax. Budgeted taxation receivables are $46.2 billion, or around 69% of total budgeted assets (Figure 4).

Figure 4: Australian Taxation Office’s total budgeted financial statements by category ($’000)


Source: ANAO analysis of 2024–25 Portfolio Budget Statements.

The Australian Taxation Office has been classified by the ANAO as a high risk engagement. This engagement risk rating reflects the number and quantum of key areas of financial statements risk that will be a focus of the audit, as well as the: dependence on sophisticated and interfaced business systems for financial reporting; considerable judgement and significance of the use of estimation and allocation processes to determine key financial balances; and ongoing scrutiny by Parliament and the public.

There are five key risks for the Australian Taxation Office’s 2023–24 financial statements that the ANAO has highlighted for specific audit coverage, including two risks that the ANAO considers potential key audit matters (KAMs).

  • The estimation and allocation processes associated with the reporting of taxation revenue, given the value of transactions subject to estimation that involve the application of significant judgement and specialist knowledge. (KAM – Accuracy of taxation revenue)
  • The processes for estimating debt provisions and adjustments to taxpayer accounts, including settlement adjustments and the allowance for credit amendments and impairment losses associated with taxation receivable balances at year end. This is due to the complexity of the ATO’s debt management and settlement processes and the volume of transactions subject to estimation. (KAM – Valuation of taxation receivables and provisions for refunds)
  • The compliance program relating to the collection of taxation revenues, supported by the ATO’s risk management approach to compliance activities in a self-assessment and voluntary compliance regime.
  • The complexity of, and reliance on, IT business systems for processing taxpayer returns and statements.
  • The complex manual data compilation processes required for financial reporting that increase the risk of error or misstatement.