Show download pdf controls
  • Identify and assess FBT risks

    FBT administration presents a number of risks that need to be identified and assessed and where appropriate, have controls and risk management solutions implemented to manage them.

    Extent and nature of your government organisation's FBT obligations

    A review into the extent and nature of your government organisation's FBT obligations is likely to include:

    • Determining the relevant employer for FBT. This may differ from the relevant entity for pay as you go (PAYG) or goods and services tax (GST) purposes.
    • Determining the FBT status of the employer (for example, whether it is an income tax-exempt government body, a public hospital, a public ambulance service or an entity subject to income tax). Australian government organisations (for example, an Australian government department, executive agency, statutory agency or an authority of the Commonwealth) are not charitable institutions or public benevolent institutions and are not eligible for a rebate. See Chapter 6 of FBT – a guide for employers.
    • Reviewing your organisation's structure to identify work area locations, disbursement of employees and any structural changes that have occurred during the FBT year.
    • Understanding the size, complexity, sophistication and resourcing of the FBT function, including whether processes are centralised or decentralised.
    • Understanding the benefits that are likely to be provided to employees (or their associates) of both your organisation and associated entities.

    Conduct annual review of FBT risks

    For the effective management of your organisation's FBT obligations it is important to conduct a risk assessment annually or when a restructure occurs that increases or decreases the functions undertaken by your organisation. Generally, the most appropriate time for performing a detailed annual risk assessment is within a short time after lodging the FBT return. A less detailed review should be undertaken prior to lodging the FBT return.

    Evaluating FBT risk involves identifying a range of options for treating risk, assessing those options, and deciding the controls appropriate to the identified risks. The risks may be associated with the organisation's understanding and interaction with the requirements of the FBT legislation or any systems and processing risks associated with day to day management of FBT administration and reporting.

    You should consider a combination of preventative and detective controls for managing FBT risks. The level and complexity of these controls should be directly proportional to the assessment of the extent of the risk relating to FBT compliance.

    You should document the results of the FBT risk assessment. Better practice entities maintain an FBT risk register in a form that is consistent with your organisation's overall risk assessment framework. Such a register can help ensure that risks are regularly reviewed and managed effectively.

    See also:

    Next steps:

      Last modified: 06 Feb 2018QC 18627