• Record keeping standard for Australian Taxation Office contractors


    Proper record keeping is a crucial part of all government administration and accountability. It is the basis for establishing and maintaining documentary evidence of government activities and decisions supporting good business practice. The need for proper record keeping is equally applicable, whether government business is conducted within government agencies or if the activities are outsourced.


    These guidelines apply to all contractors (including officers, employees, agents and sub-contractors) or any other person or entity acting for, or on behalf of, the Australian Taxation Office (ATO). Within these guidelines, use of the word 'contractor' applies equally to all such parties, including consultants and service providers.

    These guidelines have been prepared for use by contractors who are required to insure that record keeping standards in contractual arrangements are consistent with ATO standards for the creation, care, access, storage, preservation and return or legal destruction of all Commonwealth records.

    Definition of Commonwealth records

    According to the International Standard ISO 15489 Information and documentation - Records Management, Commonwealth records are defined as:

    'any recorded information, in any form, including data in computer systems, created or received and maintained in the transaction of its business or the conduct of its affairs and kept as evidence of such activity.'

    Put in simple terms, any inputs and/or outputs, including paper or electronic, produced by an individual or group in the course of ATO business should be considered a record. Electronic records include email, word processing, spreadsheets, graphics, video and sound formats. Non-electronic records include paper correspondence, facsimiles, electronic whiteboard and computer printouts. They are to be created and maintained on paper which will remain intact for as long the records are needed.

    Regardless of format, the ATO's records are to be managed according to their value to the ATO, our clients and the Commonwealth.

    Legislative and regulatory requirements for record keeping

    The ATO record keeping requirements arise, and are derived, from the regulatory and accountability environment in which we operate.

    Our record keeping requirements are to comply with Commonwealth legislation on records and information, including:

    • Archives Act 1983 (including any subsequent review documentation)
    • Financial Management and Accountability Act 1997 (FMA Act)
    • Crimes Act
    • Evidence Act 1995
    • FMA Regulations
    • Freedom of Information Act 1982
    • Privacy Act 1988
    • Electronic Transactions Act
    • Public Service Act.

    Record keeping requirements are also to comply with ATO-specific legislation, including:

    • A New Tax System
    • Income Tax Assessment Act 1936
    • Fringe Benefits Tax Assessment Act 1986
    • Superannuation Acts
    • Excise legislation
    • Sales tax Acts
    • other miscellaneous legislation (for example, wool tax).

    1. Capture and registration of records

    The purpose of registration is to provide evidence that a record has been created or captured in a record keeping system.

    Records are to be captured into a record keeping system which links the record to descriptive information about the business context of the record and to other related records.

    2. Control/access/tracking of records

    Records are to be maintained for as long they are legally or administratively required.

    Records are to be accessible for the time they are required to be kept.

    Access to records of business or record keeping transactions must be auditable.

    3. Usability, reliability and accuracy of records

    Records are to support ATO obligations to the taxpayer, as expressed in the taxpayers' charter. Records, regardless of format, are to:

    • be legible, understandable and re-presentable
    • be full and accurate to the extent necessary to facilitate action by ATO personnel and by their successors
    • enable proper scrutiny or audit of the conduct of ATO business by anyone authorised to undertake such activity
    • protect the financial, legal and other rights of the ATO and our clients and any other people affected by our actions and decisions
    • contain structure - that is, document the relationship between the physical format (if appropriate) and the data elements comprising the record
    • reflect the context in which the records were created and used, including the business process of which the transaction is part and the participants in that transaction
    • document the complete range of the contracted business
    • include all business transactions for which any kind of requirement for evidence exists
    • be captured and maintained in a form that can be produced as evidence in a court of law
    • be created and maintained in formats that will convey them intact across successive hardware and software platforms
    • be captured in an authorised record keeping system to ensure authenticity
    • be securely maintained to prevent unauthorised access.

    4. Preservation and storage of records

    ATO records of all formats are to be preserved and protected for as long as they are required.

    Storage facilities for paper records will have the appropriate building and internal environments.

    Disaster recovery plans are to be developed and maintained to ensure minimum loss of records and disruption to business, in the event of an emergency or disaster.

    Storage media for maintaining electronic records are to be operated and maintained so that the evidential elements of the records cannot be altered.

    5. Disposal of records

    Records owned by the Commonwealth cannot be destroyed without the approval of the National Archives of Australia. This is to ensure that records are retained for as long as they are of value to the Commonwealth and the public, and to protect the public's right of access to records. The prohibition on destruction applies no matter where the records are kept, in the Commonwealth's custody or in a contractor's custody.

    Destruction of ATO records1 is to be authorised only by the Director Records Management (through contact with the contract manager). Contractors should be made aware that they need to seek a specific approval to destroy records that are in their custody. This will ensure that the risk of inadvertent destruction is minimised.

    Contractors are free to destroy records which they own at any time (subject to any legislative and record keeping requirements places on their business).

    Records migrated to or between other record keeping systems, are to be maintained to ensure that they are accessible, comprehensive and managed for as long as is required.

    Where functions are to be transferred to another agency, the ATO will ensure that the transfer of associated records also transfers obligations for retention, disposal and accessibility of those records to the gaining agency.


    Record keeping requirements are in place to ensure that:

    • records are created and registered in an authorised record keeping system
    • access to, and tracking of, records is done in a controlled manner
    • regardless of format, records are usable, reliable and accurate
    • records are preserved and protected for as long as they are required in appropriate storage facilities
    • records are disposed of according to their value, with approval from the ATO.

    Further information

    Further information can be obtained through the nominated ATO representative.

    1 Note - The term 'ATO records' includes both records that are created by the ATO and records that are created on behalf of the ATO - for example, records created within a contractual arrangement.

      Last modified: 30 Oct 2014QC 17519