ATO e-Audit

If you are flagged by the Australian Taxation Office (ATO) for an audit, and you maintain electronic financial records, you may be subject to an e-Audit. This may be a preferred option as it can streamline the audit process and minimise cost and disruption to your business, but it pays to be prepared.

The ATO provides insight into the e-Audit process and the types of information it will likely require from you.


The e-Audit process

The e-Audit process comprises the following stages:


Access to and supply of electronic information

The ATO will usually seek access to your records through a cooperative approach, but in some instances it may utilise its formal access powers, such as in cases involving potential tax avoidance.

Even where information is to be supplied electronically, the ATO will still schedule a meeting with you to develop an understanding of your system and identify what information they need to collect.


Data review and analysis

The ATO uses specialised software to verify that the data that you provide is accurate and complete. It then conducts a series of tests on this data to ensure you comply with tax laws.

The data is not altered as part of this process, but nevertheless, it is recommended to keep a backup of the data supplied to the ATO.



When the audit and compliance activity is completed, the data you provided to the ATO will be stored as part of a case file kept as a record of the compliance activity. This information is protected by law.


Information systems risk assessment

As part of the e-Audit process, the ATO may use its information systems risk assessment (ISRA) tool to assess your system’s risks regarding the correct reporting of your tax and super obligations. A report will be prepared which highlights any compliance risks and provides recommendations to mitigate them.


Being prepared

If you are subject to an e-Audit and ISRA, you will save time and minimise disruption by having all the relevant information and documentation readily available.

For an e-Audit, this may include the names and versions of all software and systems used to meet your tax obligations, contact details of the accountant who prepares your BAS or financial records, and system support documentation which can include a system architecture diagram, data dictionary, BAS preparation papers and other working papers.

Similar information may be required for an ISRA, as well as additional information such as data entry processes, IT contracts for system maintenance, roles and responsibilities across accounting and IT teams, and disaster recovery plans.



If you are on the ATO’s radar for an audit, and your financial records are kept electronically, you may be subject to an e-Audit and information systems risk assessment. These processes help the ATO to ensure that you are compliant with tax laws, and that the information systems used to support your business have a high level of integrity.

It helps to be prepared and have all relevant documentation available. This will minimise disruption to your business if you do become the subject of an e-Audit.

Nyman Gibson Miralis provides expert advice and representation in financial crime matters, including cases involving fraud, tax offences and money laundering.

Contact us if you require assistance.