ato

 
 
Show download pdf controls
Show print controls

  • Department of Home Affairs passenger movement records – 2016–17 to 2022–23

    The ATO has a responsibility to protect public revenue and maintain community confidence in the integrity of the tax system. Our passenger movement data-matching program will help us mitigate loss of government revenue.

    The passenger movement records data-matching program has been developed to address identity and residency compliance risks including:

    • registration
    • lodgment
    • reporting
    • payment obligations.

    Department of Home Affairs (Home Affairs) passenger movement data will be used as an indicator to help the Australian Taxation Office (ATO) profiling, determining and assessing cases within the tax and superannuation systems.

    The data will prevent unnecessary contact with taxpayers where the data supports client reported information. In addition, the data will supplement the ATO's existing visa data-matching program by ensuring at the time of assessment the most current movement records are made available.

    Our data-matching programs follow the Office of the Australian Information Commissioner’s (OAIC) Guidelines on data matching in Australian government administration (2014). The guidelines assist Australian government agencies to use data-matching as an administrative tool in a way that complies with the Australian Privacy Principles (APPs) and the Privacy Act 1988 (Privacy Act) and are consistent with good privacy practice.

    Find out about:

    Why we look at passenger movements data

    Australian income tax obligations for business entities and individuals are treated differently depending on residency status.

    As an individual, you will fit into one of the following categories:

    There are separate rules for working holiday makers and individuals who are tax residents of more than one country.

    More information on residency categories is available at Work out your tax residency.

    For business entities, there are different residency criteria for:

    Program objectives

    The objectives of this data-matching program are to:

    • promote voluntary compliance and increase community confidence in the integrity of the tax and superannuation systems
    • improve knowledge of the overall level of identity and residency compliance risks including registration, lodgment, reporting and payment obligations
    • gain insights from the data to help develop and implement administrative strategies to improve voluntary compliance, which may include educational or compliance activities
    • identify ineligible claims for tax and superannuation entitlements
    • refine existing risk detection models and treatment systems to identify and educate individuals and businesses who may be failing to meet their registration, lodgment and payment obligations and help them comply
    • identify potentially new or emerging non-compliance and entities controlling or exploiting those methodologies.

    How we use the data

    The data in this program is not used directly to initiate automated compliance activity. Taxpayers selected for our compliance activities are identified through other methods. Under this data-matching program Home Affairs will provide current and, where necessary, historical passenger movement data for individuals being assessed.

    The passenger movement data-matching program will be used:

    • to verify identity and residency status for registration purposes
    • in ATO risk detection models and as an indicator of residency to help the ATO in profiling, determining and assessing candidates for residency status for Australian tax and superannuation.

    Our previous related programs

    This is a new program. We have undertaken a pilot of this data. The review under the pilot identified risks that support the need for this data-matching program.

    We also conduct the:

    • visa data matching program – this has been operating for more than 10 years
    • Higher Education Loan Program (HELP)
    • Vocational Education and Training Student Loans (VSL)
    • Trade Support Loans (TSL).

    Data providers

    The passenger movements data is provided by Home Affairs. The ATO is the matching agency and sole user of data obtained for this program.

    Home Affairs legislation

    The Movement Reconstruction (MR) database contains records of passenger movements into and out of Australia since June 1981. Under the Migration Act 1958 (the Migration Act), the MR database is a notified database. There are restrictions regarding access to and disclosure of information from the database. These are detailed in subsection 488(1) of the Migration Act. A penalty of imprisonment for two years applies and access is audited.

    Under the Migration Act, the ATO has direct access to the MR database. Relevant ATO employees are authorised to access movement records for prescribed purposes, in accordance with paragraph 488(2)(g) of the Migration Act and the Instrument made under sub-regulation 3.10A(2) of the Migration Regulations 1994, which specifies the prescribed employees, agencies and purposes of the Migration Act.

    Our formal information gathering powers

    The Commissioner of Taxation has formal information gathering powers contained in section 353-10 of Schedule 1 to the Taxation Administration Act 1953.

    This is a coercive power that obligates the data providers to provide the information requested. We will use the information for tax and superannuation compliance purposes.

    Privacy Act

    Data will only be used within the limits prescribed by Australian Privacy Principle 6 (APP6) contained in Schedule 1 of the Privacy Act and in particular:

    • APP6.2(b) – the use of the information is required or authorised by an Australian law
    • APP6.2(e) – the ATO reasonably believes that the use of the information is reasonably necessary for our enforcement-related activities.

    Keeping data safe

    The data-matching program will be conducted on our secure systems that comply with the requirements of:

    All ATO computer systems are strictly controlled according to Australian Government security standards, for government ICT systems, with features including:

    • system access controls and security groupings
    • login identification codes and password protection
    • full audit trails of data files and system accesses.

    We will use our secure internet-based data transfer facility to obtain the data from source entities.

    Data elements collected

    Data will be collected for the 2016–17 to 2022–23 financial years for selected individuals.

    Data may include:

    • full name
    • personal identifier (PID)
    • date of birth
    • gender
    • arrival date
    • departure date
    • passport information (travel document ID, country code)
    • status types (visa status, residency, lawful, Australian citizen)

    Number of records

    This data collection is expected to include the personal information of approximately 670,000 individuals each financial year.

    Data quality

    Following our analysis of the quality of data previously acquired from Home Affairs, we expect the data acquired under this program will be of good quality.

    The data is sourced from providers' systems and may not be available in a format that can be readily processed by our systems. We apply extra levels of scrutiny and analytics to verify the quality of the data.

    This includes but is not limited to:

    • meeting with providers to understand their data holdings, including data use, currency, formats, compatibility and natural systems
    • sampling data to ensure it is fit for purpose before fully engaging providers
    • verification practices at receipt of data to check against confirming documentation; we then use algorithms and other analytical methods to refine the data.

    Data is transformed into a standardised format and validated to ensure it contains the required elements prior to loading to our computer systems.

    We undertake program evaluations to measure effectiveness before determining whether to continue to collect future years of the data or to discontinue the program.

    To assure data is fit for consumption and maintains integrity throughout the data-matching program, it is assessed against the 11 dimensions of the ATO data-quality framework:

    •  accuracy – the data correctly represents the actual value
    • completeness – all expected data in a data set is present
    • consistency – data values are consistent with values within the data set
    • currency – how recent the time period is that the data set covers
    • precision – the level of detail of a data element
    • privacy – access control and usage monitoring
    • reasonableness – reasonable data is within the bounds of common sense or specific operational context
    • referential integrity – when all intended references within a data set is valid
    • timeliness – how quickly the data is available for use from the time of collection
    • uniqueness – if duplicated files or records are in the data set
    • validity – data values are presented in the correct format and fall within predefined values.

    Data retention

    The collection of data under this program includes financial years from 2016–17 to 2022–23. The data collection is expected to occur daily using an automated system to system access process.

    We destroy data that is no longer required, in accordance with the Archives Act 1983, the records authorities issued by the National Archives of Australia, both general and ATO-specific.

    We will retain each financial year’s data for five years from receipt of the final instalment of verified data files from the data providers. The data is required for this period for the protection of public revenue as:

    • travel frequently covers periods longer than one financial year
    • individuals identified as not meeting their tax or superannuation obligations - including being partly or wholly outside the tax and superannuation systems, may have been operating that way for multiple years
    • the data enhances our ability to identify taxpayers who may not be complying with their tax and superannuation obligations, which is integral to protecting the integrity of the tax and superannuation systems
    • it supports our general compliance approach of reviewing an assessment within the standard period of review, which aligns with the requirements for taxpayers to keep their records
    • the data is also used for multiple risk models, including models that establish retrospective profiles over multiple years aligned with the period of review.

    While increased data-retention periods may increase the risk to privacy, we have a range of safeguards to appropriately manage and minimise this. ATO systems and controls are designed to ensure the privacy and security of the data we manage.

    See also:

    Public notification of the program

    Notice of our intention to conduct the passenger movements data-matching program for the 2016–17 to 2022–23 financial years is communicated by:

    • publishing a notice in the Federal Register of Legislation gazette in the week commencing 12 April 2021
    • publishing the data-matching program protocol on our website
    • Home Affairs Privacy PolicyExternal Link on the Home Affairs website includes that personal information is disclosed to the ATO for data-matching purposes. Home Affairs may also notify international travellers of their participation in this program.

    Gazette notice content

    The following information about the data-matching program appears as a gazette notice in the Federal Register of Legislation.

    Gazette notice: Commissioner of Taxation – Notice of a data-matching program

    The Australian Taxation Office (ATO) will access data from the Department of Home Affairs on passenger movements during the 2016–17 to 2022–23 financial years.

    The data accessed will be electronically matched with certain sections of ATO data holdings to identify taxpayers that can be provided with tailored information to help them meet their tax and superannuation obligations, or to ensure compliance with taxation and superannuation laws.

    Data items include:

    • full Name
    • personal Identifier (PID)
    • date of birth
    • gender
    • arrival Date
    • departure Date
    • passport Information
    • status types (visa status, residency, lawful, Australian citizen)

     

    We estimate that records relating to approximately 670,000 individuals will be obtained each financial year.

    The objectives of this data-matching program are to:

    • promote voluntary compliance and increase community confidence in the integrity of the tax and superannuation systems
    • improve knowledge of the overall level of identity and residency compliance risks including registration, lodgment, reporting and payment obligations
    • gain insights from the data to help develop and implement administrative strategies to improve voluntary compliance, which may include educational or compliance activities
    • identify ineligible tax and superannuation claims
    • refine existing risk detection models and treatment systems to identify and educate individuals and businesses who may be failing to meet their registration, lodgment and payment obligations and help them comply
    • identify potentially new or emerging non-compliance and entities controlling or exploiting those methodologies.

    A document describing this program is available at ato.gov.au/dmprotocols.

    This program follows the Office of the Australian Information Commissioner’s Guidelines on data matching in Australian Government administration (2014) (the guidelines). The guidelines include standards for the use data-matching as an administrative tool in a way that complies with the Australian Privacy Principles (APPs) and the Privacy Act 1988 (Privacy Act) and are consistent with good privacy practice.

    A full copy of the ATO’s privacy policy can be accessed at ato.gov.au/privacy.

    End of example

    Our lawful role

    The ATO is the Australian Government’s principal revenue collection agency. The Commissioner of Taxation has responsibility for ensuring taxpayers meet their tax and superannuation obligations.

    Compliance with these obligations is a matter we take seriously. Failure to address non-compliant behaviour has the potential to undermine community confidence in the integrity of the tax and superannuation systems and our capability to administer those systems.

    The ATO carries out its legislated functions through general powers of administration contained in but not limited to:

    • section 3A of the Taxation Administration Act 1953
    • section 8 of the Income Tax Assessment Act 1936
    • section 1-7 of the Income Tax Assessment Act 1997
    • section 43 of the Superannuation Guarantee (Administration) Act 1992
    • section 356-5 in Schedule 1 of the Taxation Administration Act 1953.

    Data-matching is one of the strategies used to identity and deal with non-compliant behaviour. Data-matching also provides a degree of assurance that taxpayers are meeting their obligations.

    Privacy Act

    The Privacy Act 1988 (Privacy Act) regulates how personal information is handled by certain entities, such as companies and government agencies.

    Schedule 1 of the Privacy Act lists the 13 Australian Privacy Principles (APPs). The principles cover the collection, use, disclosure, storage and management of personal information.

    Data will only be used within the limits prescribed by the APPs and the Privacy Act.

    The Australian Government Agencies Privacy CodeExternal Link, embeds privacy in all government agency processes and procedures. It ensures that privacy compliance is a priority in the design of our systems, practices and culture.

    The ATO complies with the code's requirements, and we are transparent and open about what information we collect, hold and disclose. We train our staff to keep personal information safe, and all our systems and offices are protected and secure.

    See also:

    How we protect your personal information

    Our staff are subject to the strict confidentiality and disclosure provisions contained Division 355 of Schedule 1 to the Taxation Administration Act 1953 and include terms of imprisonment in cases of serious contravention of these provisions.

    All information and records are managed in accordance with the provisions of the Archives Act 1983.

    The requirement to retain data is reviewed on an ongoing basis in accordance with the timeframes and requirements of the OAIC guidelines. We destroy data that is no longer required, in accordance with the Archives Act 1983 and the records authorities issued by the National Archives of Australia, both general and ATO-specific.

    Under section 24 of the Archives Act 1983, records can be disposed of where it is approved by the National Archives; required by another law, or a normal administrative practice that the National Archives approves of.

    Approval from National Archives is normally provided through records authorities, which are used in the process of sentencing to make decisions about keeping, destroying or transferring particular information and records.

    General or ATO-specific records authorities issued by National Archives apply to our processes of verifying and assuring taxpayer compliance with tax, superannuation and other laws administered by the ATO.

    Our record management practices allow us to satisfy the OAIC guidelines and Australian Privacy Principle 11 (APP11) contained in Schedule 1 of the Privacy Act 1988 and in particular:

    • APP11.1 – An APP entity must take reasonable steps to protect information from
      • Misuse, interference and loss
      • Unauthorised access, modification or disclosure.
       
    • APP11.2 – APP entity must take reasonable steps to destroy or de-identify information it no longer needs.

    Our on-disclosure provisions

    In very limited and specific circumstances, we may be permitted by law to disclose individual records to other government agencies.

    Division 355 of Schedule 1 to the Taxation Administration Act 1953 sets out the government agencies we can disclose taxpayer information to, and the circumstances in which we are permitted to make those disclosures.

    These include agencies responsible for:

    • state and territory revenue laws
    • payments of social welfare and health and safety programs for determining eligibility for certain types of benefits and rebates
    • overseeing super funds, corporations and financial market operators to ensure compliance with prudential regulations
    • determining entitlement to rehabilitation and compensation payments
    • law enforcement activities to assist with specific types of investigations
    • policy analysis, costing and effectiveness measurement.

    Each request for information by other agencies will be assessed on its merits and must be for an admissible purpose allowed for by taxation laws. In specific permissible circumstances, on-disclosures may include de-identified datasets for statistical analysis.

    How we undertake data matching

    The ATO's identity-matching capability is used to identify individual and or non-individual entities reported to us from several external sources. The process is mainframe-based and uses an ATO-designed software solution (technical standard). Aligning with OAIC Guideline 4.7, this standard supports all our data-matching programs.

    We use over 60 sophisticated identity-matching techniques to ensure we identify the correct taxpayer when we obtain data from third parties. This technique uses multiple identifiers to obtain an identity match.

    The identity-matching process appends matching information to the original reported transaction to include an ATO identifier number and a three-character outcome code that indicates to the user the level of matching confidence for the transaction. For example, where a name, address and date of birth are available, all items are used in the identity-matching process. Very high confidence matches will occur where all fields are matched.

    Additional manual processes may be undertaken where high confidence identity matches do not occur, or a decision taken to destroy the data with no further action.

    Our manual identity-matching process involves an ATO officer reviewing and comparing third-party data identity elements against ATO information on a one-on-one basis, seeking sufficient common indicators to allow confirmation (or not) of an individual's identity. We commonly call this process manual uplifting. Data analysts use various models and techniques to detect potential discrepancies, such as under-reported income or over-reported deductions. Higher risk discrepancy matches will be loaded to our case management system and allocated to compliance staff for actioning.

    Lower risk discrepancy matches will be further analysed. A decision is then made to take some form of compliance, educational activity or to destroy the data.

    To maintain integrity of the administration of the tax and superannuation systems, only those with a direct and genuine ‘need to know’ can access the technical standards for our identity and discrepancy matching solutions.

    Where administrative action is proposed, additional checks will take place to ensure the correct taxpayer has been identified. The taxpayers will be provided with the opportunity to verify the accuracy of the information before any administrative action is taken.

    See also:

    What we do before we amend a return

    Where we detect a discrepancy that requires verification, we will contact the taxpayer usually by phone, letter or email.

    Before any administrative action is taken, taxpayers will be given the opportunity to verify the accuracy of the information obtained by us. Taxpayers will be given at least 28 days to respond before administrative action is taken.

    For example, where discrepancy-matching identifies that a taxpayer may not be reporting all their income, but in fact they're reporting the income under another entity, the taxpayer will be given the opportunity to clarify the situation.

    The data may also be used to ensure that taxpayers are complying with their other tax and superannuation obligations, including registration requirements, lodgment obligations and payment responsibilities.

    In cases where taxpayers fail to comply with these obligations, after being reminded of them, prosecution action may be instigated in appropriate circumstances.

    Where a taxpayer has correctly met their obligations, the use of the data will reduce the likelihood of contact from us.

    Making a privacy complaint

    Our privacy policy outlines how we collect, hold and disclose data and explains what you can do if you're not satisfied with the way your information has been treated.

    If you're not satisfied with how we have collected, held, used or disclosed your personal information, you can make a formal complaint by:

      ATO Complaints
      PO Box 1271 
      ALBURY  NSW  2640

    If you're not satisfied with the outcome of the privacy complaint, you can contact the Office of the Australian Information Commissioner.

    More details on the process can be found on the OAICExternal Link website at oaic.gov.au/privacy/making-a-privacy-complaintExternal Link.

    Why we undertake data matching

    To effectively administer the tax and superannuation systems, the ATO is required in accordance with the law to collect and analyse information concerning the financial affairs of taxpayers and other participants in the Australian economy.

    In addition to our administrator responsibilities, the Public Service Act 1999 (PS Act) requires each agency head to ensure their agency complies with legislative and whole-of-government requirements.

    Agency heads are required to ensure proper use and management of public resources as per the Public Governance, Performance and Accountability Act 2013 (PGPA Act).

    We consider and undertake a range of alternatives to data-matching to ensure entities are complying with their tax and superannuation obligations. Relying only on data that we already hold is of limited value for the following reasons:

    • The tax system operates on willing participation, so our data is derived from taxpayers that are correctly registered and meeting their lodgment obligations.
    • The only other way of ensuring that taxpayers are reporting their obligations correctly would be to contact every taxpayer directly.

    Data-matching allows us to cross-reference suitable external data to identify taxpayers who are not fully complying with their obligations, as well as those that may be operating outside the tax and superannuation systems.

    It also reduces the likelihood of unnecessarily contacting taxpayers who are complying with their tax obligations.

    Data-matching is an effective method of examining records of thousands of taxpayers to ensure compliance with lodgment and reporting obligations that would otherwise be a resource intensive exercise.

    Data-matching also assists us in effectively promoting voluntary compliance by notifying the public of areas and activities under scrutiny.

    Our quality assurance framework

    Quality assurance is integrated into our processes and computer systems and applied throughout the data-matching cycle.

    These assurance processes include:

    • registering the intention to undertake a data-matching program on an internal register
    • risk assessment and approval from the data steward and relevant senior executive service (SES) officers prior to any data-matching program being undertaken
    • conducting program pilots or obtaining sample data to ensure the data-matching program will achieve its objectives prior to full datasets being obtained
    • notifying the OAIC of our intention to undertake the data-matching program and seek permission to vary from the data-matching guidelines (where applicable)
    • restricting access to the data to approved users and access management logs record details of who has accessed the data
    • quality assurance processes embedded into compliance activities, including
      • review of risk assessments, taxpayer profiles and case plans by senior officers prior to client contact
      • ongoing reviews of cases by subject matter technical experts at key points during the life cycle of a case
      • regular independent panel reviews of samples of case work to ensure our case work is accurate and consistent.
       

    These processes ensure data is collected and used in accordance with our data-management policies and principles to also comply with the OAIC's data-matching guidelines.

    Costs and benefits of data-matching

    Costs

    There are some incidental costs to us in the conduct of data-matching programs, but these will be more than offset by the total revenue protected.

    These costs include:

    • data analyst resources to identify potential instances of non-compliance
    • compliance resources to manage casework and educational activities
    • governance resources to ensure compliance with the guidelines and Privacy Act, and quality assurance processes to ensure the rigour of the work undertaken by analysts and compliance staff
    • storage of the data.

    Benefits

    The use of data is increasingly common across government agencies and the private sector. The use of data, computer power and storage continue to grow, which increases the benefits from data matching. Data matching and the insights it provides help us:

    • deliver tailored products and services, which underpins our culture of service
    • make it easier for individual taxpayers, by providing prefilling messages in their returns
    • enable early intervention activities, as our goal is prevention rather than correction
    • maintain community confidence in our ability to administer the tax and superannuation systems, because we can
      • make better, faster and holistically smarter decisions with measurable results to deliver a level playing field for all
      • solve problems and shape what we do for the community
      • advise government and deliver outcomes with agility
       
    • maintain the integrity of the tax and superannuation systems by
      • education to assist taxpayers trying to do the right thing
      • deterring behaviours so taxpayers adhere to their obligations
      • detecting taxpayers who are not complying with their obligations, in particular targeting those that continue to deliberately abuse the tax and superannuation systems
      • enabling enforcement activity and recovery of tax revenue
      • directing compliance activities to assure that wider risks to revenue do not exist.
       
      Last modified: 13 Apr 2021QC 65285