Show download pdf controls
  • Data related matters

    Data matching and user agency

    The ATO is the matching agency and in most cases the sole user of the data obtained in the course of this data matching program. The data matching program will be conducted on our secure systems in accordance with approved policies and procedures.

    In very limited and specific circumstances we may be permitted by law to disclose individual records to other government agencies.

    Learn more about:

    Data providers

    The list of data providers will be expanded progressively and this list updated as we obtain data from other specialised payment systems. Data will be initially obtained from:

    • Ausfit Pty Ltd Australia
    • Bill Buddy Pty Ltd
    • Commonwealth Bank of Australia
    • Debitsuccess Pty Ltd
    • eDebit Pty Ltd
    • Ezidebit Pty Ltd
    • Ezypay Pty Ltd
    • FFA Paysmart Pty Ltd
    • Integrapay Pty Ltd
    • IP Payments Pty Ltd
    • National Australia Bank Limited
    • New Zealand Banking Group Limited
    • Paymate
    • PayPal Australia Pty Ltd
    • POLi Payments Pty Ltd
    • Quickpay Pty Ltd
    • SecurePay Pty Ltd
    • Southern Payment Systems Pty Ltd (T/A Pin Payments)
    • St George Bank
    • Stripe Payments Australia Pty Ltd
    • Westpac Banking Corporation

    A principle based approach has been adopted to ensure that inclusion as a data provider is fair and transparent. Inclusion of data providers in the program is based on the following principles:

    • The data owner or its subsidiary operates a business in Australia that is governed by Australian law.
    • The data owner provides online, mobile or automated payment facilities for its clients and maintains records of electronic payments received by those clients. The data owner provided these facilities for the year in focus.
    • Where the data owner captures data already collected under the current merchant credit and debit card data matching program, they may be excluded from this program.
    • Where the client base of a data owner does not present an omitted income risk or the administrative or financial cost of collecting the data exceeds the benefit the data may provide, the data owner may be excluded from the program.

    Data elements

    We will obtain the following information from the data providers for the 2013–14, 2014–15, 2015–16 and 2016–17 financial years:

    Merchant record fields

    • Unique merchant reference number
    • Business category description
    • Name of the primary account owner
    • Birth date of the primary account owner
    • Merchant's legal business and trading names
    • Business, residential and postal addresses
    • Email address
    • Phone number(s)
    • Merchant's Australian Business Number or Australian Company Number
    • Bank-State-Branch and account number of the merchant's settlement account
    • Name details of the merchant’s settlement account
    • Merchant’s facility start date.

    Transaction record fields per merchant – monthly transaction totals

    • Unique merchant reference number
    • Monthly sales amounts and counts for each merchant
    • Monthly refund amounts and counts for each merchant

    See also:

    Number of records

    It is estimated that the total number of records obtained will be in the vicinity of 300,000. It is expected that around 50,000 of these will relate to individuals.

    Data quality

    The ATO expects that the data acquired will be of high quality as it was in the first collection. The accuracy of this data is fundamental to effective business operations for specialised payment system operators. In many cases, the provider of the specialised payment system assumes liability for the transactions it processes on behalf of merchants. As such a high level of integrity in the client identification fields is essential and built into the merchant on-boarding process. The ATO has also developed quality assurance processes in conjunction with the data providers to ensure the integrity of the data.

    Data will be transformed into a standardised format and validated to ensure that it contains the required data elements prior to loading to our computer systems.

    Learn more about:

    Data retention

    We are seeking to have the Privacy Commissioner exercise his discretion and allow the ATO to vary from the data destruction requirements contained in the Guidelines.

    The collection of annual data under this program is expected to start in the first half of the calendar year.

    We are seeking to retain the data for five years after it is collected for each relevant financial year on the basis that its retention is required for the protection of public revenue. Current Guidelines allow for a twelve month retention. Destroying the data in the timeframes contained in the Guidelines would hinder our ability to protect public revenue because:

    • Businesses identified as not meeting their taxation obligations, including being partly or wholly outside the taxation system, may have been operating that way for multiple years. A retention period of five years will enable the ATO to cross reference taxpayer records retrospectively.
    • The nature of the discrepancy matching that occurs under this program will be, in some instances, iterative. This includes the data being used to generate lodgment reviews with subsequent lodgments then being compared to the transactional data for accuracy. This process can occur over multiple years.
    • It would hinder our ability to conduct long term trend analysis in the fast evolving electronic payments market.

    See the submission to the Privacy Commissioner setting out the basis for seeking the variation to the data destruction guidelines and its impacts on individual privacy.

    Public notification of the program

    We will notify the public of our intention to undertake this program by:

    • publishing a notice in the Australian government notices gazette on 15 October 2014 (2013–14 FY) and 14 April 2016 (2014–15 to 2016–17 FY) - view the content of the gazette notices below
    • publishing this data matching program protocol on our website at Data matching protocols
    • advising the data providers they  
      • can notify their clients of their participation in this program and providing written materials to assist with this
      • should update their privacy policies to note that personal information is disclosed to us for data matching purposes.
       

    Gazette notice content

    Commissioner of Taxation - Notice of a data matching program

    The Australian Taxation Office (ATO) will request and collect data relating to electronic payments made to businesses through specialised payment systems for the period from 1 July 2013 to 30 June 2014 from the following entities:

    • Ausfit Pty Ltd
    • Australia and New Zealand Banking Group Limited (BPAY data)
    • Bill Buddy Pty Ltd
    • Commonwealth Bank of Australia (BPAY data)
    • Debitsuccess Pty Ltd
    • eDebit Pty Ltd
    • Ezidebit Pty Ltd
    • Ezypay Pty Ltd
    • FFA Paysmart Pty Ltd
    • Integrapay Pty Ltd
    • IP Payments Pty Ltd
    • National Australia Bank Limited (BPAY data)
    • Flexi Online Pty Ltd (T/A Paymate)
    • PayPal Australia Pty Ltd
    • POLi Payments Pty Ltd
    • Quickpay Pty Ltd
    • St George Bank (BPAY data)
    • Westpac Banking Corporation (BPAY data)

    This acquired data will be electronically matched with certain sections of ATO data holdings, including other third party data holdings, to help protect businesses which meet their obligations from unfair competition.

    It is expected that records relating to over 25,000 individuals will be matched.

    This program is called the Specialised Payment Systems Data Matching Program and it will enable the ATO to:

    • provide a more level playing field for businesses that do the right thing by identifying, for corrective actions, those that may not be meeting their obligations
    • more accurately identify businesses with certain characteristics, such as operating as ‘cash only’, which may assist in identifying alternate techniques that should be used to ensure relevant taxpayers meet their obligations.

    A document describing this program has been prepared and lodged with the Office of the Australian Information Commissioner. A copy of this document is available at www.ato.gov.au/dmprotocols or by emailing SpecialPurposeDataSteward@ato.gov.au with reference to the specialised payment systems data matching program.

    The ATO complies with the Office of the Australian Information Commissioner’s Guidelines on data matching in Australian government administration (2014) which includes standards for data matching to protect the privacy of individuals. A full copy of the ATO’s privacy policy can be accessed at www.ato.gov.au/privacy

    Commissioner of Taxation - Notice of a data matching program

    The Australian Taxation Office (ATO) will acquire data relating to electronic payments made to merchants through specialised payment systems for the 2014–15, 2015–16 and 2016–17 financial years. The data items that will be obtained are personal details of:

    • Merchants using the services of a specialised payment system to take electronic payments
    • The amount and quantity of the transactions processed.

    It is estimated that records for 300,000 entities will be obtained, including around 50,000 for individuals.

    These records will be electronically matched with ATO data holdings to identify non-compliance with registration, lodgment, reporting and payment obligations under taxation laws.

    The objectives of this data matching program are to:

    • Ensure compliance with registration, lodgment, correct reporting and payment of taxation obligations.
    • Promote voluntary compliance with taxation obligations and increase awareness in the community of the ways the ATO uses data matching to address non-compliance, by publishing this program protocol.
    • Assist the ATO in building intelligence about businesses including broader risk, trend and strategic analysis.

    A document describing this program has been prepared in consultation with the Office of the Australian Information Commissioner. A copy of this document is available at Data matching protocols.

    Note: The ATO complies with the Office of the Australian Information Commissioner’s Guidelines on data matching in Australian government administration (2014) which includes standards for data matching to protect the privacy of individuals. A full copy of the ATO’s privacy policy can be accessed at www.ato.gov.au/privacy

    Legal matters

    Learn more about:

    Data dictionary

    Merchant record file

    Field number

    Field Name

    Format

    Description

    1

    REF_NUM

    CHAR (12)

    Unique merchant identifier

    2

    BUS_CTGRY

    CHAR (100)

    Business category, ie description of business activity

    3

    SRNM

    CHAR (30)

    The surname of the individual primary account owner

    4

    FRST_NM

    CHAR (15)

    The first name or the first initial of the individual primary account owner

    5

    OTHR_GVN_NM

    CHAR (30)

    The second name or second initial of the individual primary account owner

    6

    DOB

    CHAR (8)

    Birth date of the individual primary account owner

    7

    FULL_NM

    CHAR (76)

    Merchant’s legal business name

    8

    TRDG_NM

    CHAR (76)

    Merchant’s business trading name

    9

    BUS_ADDR

    CHAR (100)

    Business address including postcode

    10

    RSDNTL_ADDR

    CHAR (100)

    Residential address including postcode (of primary account owner)

    11

    PSTL_ADDR

    CHAR (100)

    Postal address including postcode

    12

    BUS_PH_NUM

    CHAR (20)

    Business phone number including area code

    13

    MBL_PH_NUM

    CHAR (20)

    Mobile phone number

    14

    EMAIL_ADDR

    CHAR (100)

    Email address on record

    15

    RPRTD_ID_NUM

    CHAR (11)

    Australian Company Number or Australian Business Number

    16

    BSB

    CHAR (6)

    Merchant’s settlement account BSB number

    17

    BNK_ACNT_NUM

    CHAR (30)

    Merchant’s settlement account number

    18

    BNK_ACNT_NM

    CHAR (100)

    Merchant’s settlement account name details

    19

    REGN_STRT_DT

    CHAR (8)

    Merchant’s registration commencement date

    Merchant transactional file

    Field number

    Field Name

    Format

    Description

    1

    REF_NUM

    CHAR (12)

    Unique merchant identifier

    2

    MNTH_PERD

    CHAR (6)

    Month of period of transactions

    3

    SLS_AMT

    CHAR (20)

    Gross value of monthly sales made by merchant

    4

    SLS_CNT

    CHAR (20)

    Gross count of monthly sales

    5

    RFND_AMT

    CHAR (20)

    Total value of monthly refund transactions

    6

    RFND_CNT

    CHAR (20)

    Count of monthly refund transactions

    Go back

    Submission to the Privacy Commissioner

    Varying from the data destruction requirements

    The Australian Taxation Office (ATO) is seeking approval for the Specialised Payment Systems data matching program to vary from one or more of the conditions detailed in Guideline 10 of the Office of the Australian Information Commissioner’s Guidelines on data matching in Australian government administration (2014) (the Guidelines).

    During November 2014 Specialised Payment Systems (2013–14 financial year) data matching program was granted exemption to retain the data for three years from the receipt of all verified data files from data providers. We seek to increase the period for a further two years, taking the total retention period to five years from the receipt of all verified data files from data providers

    For the subsequent Specialised Payment Systems (2014–15 to 2016–17 financial years) data matching program we sought and were granted exemption to retain the data for five years from the receipt of all verified data files from the data providers.

    The extra data retention period will align the 2013–14 financial year program, with 2014–15 to 2016–17 financial years program. The two programs are the same. For increased clarity we intend to consolidate the two programs covering the data matching activity for Specialised Payment Systems across 2013–14 to 2016–17 financial years.

    We consider that a variation from the usual retention periods for this data matching program is in the public interest as:

    • A retention period of five years will enable the ATO to cross reference taxpayer records retrospectively.
    • The nature of the discrepancy matching that occurs under this program will be iterative in some instances occurring over multiple years.
    • It would enable the ATO to conduct long term trend analysis in the fast evolving electronic payments market.
    • Destruction of the data would inhibit the ATO’s ability to identify taxpayers who may be subject to administrative action and therefore result in loss of public revenue.

    Considering our mitigation strategies, we have determined that this variation will not affect the privacy of an individual.

    This program will be subject to an evaluation within three years which is consistent with the requirements of Guideline 9.

    We do not require that this request be kept confidential (Guideline 10.6) and have no concerns if the Office of the Australian Information Commissioner place this information on its website.

    Attachments supporting this variation:

    • Table 1 – matters considered in accordance with Guideline 10.2 in seeking this variation
    • Table 2 – consistency with requirements of the other guidelines issued by the Office of the Australian Information Commissioner
    Table 1: Matters considered in seeking this variation to the Guidelines

    Matter considered

    Consideration

    10.2.a The effect that not abiding by the Guidelines would have on individual privacy

    • Retaining data for a period of five years will not materially affect the privacy of an individual. We have implemented a range of safeguards to appropriately manage and minimise any increased risk, including secure processes for handling and storing data. Once acquired, all data will be stored on our secure computer systems where access is strictly controlled and full audit logs maintained
    • The ATO and our staff operate under stringent confidentiality and privacy legislation that prohibits the improper access to or disclosure of protected information. These obligations are supported by significant penalties, including imprisonment. This substantially mitigates the risks of breaches of privacy

     

    10.2.b The seriousness of the administrative or enforcement action that may flow from the data matching program

    • An extension of the retention period will not affect the seriousness of the administrative action that may flow from the match, but will assist in detecting non-compliance or taxation fraud
    • Where we propose to take administrative action where a taxpayer may have reported incorrectly, we will differentiate between those that try to do the right thing and those that set out to deliberately avoid their obligations. Documented procedures, including the Taxpayers’ Charter and compliance model will be followed to ensure fairness and consistency

     

    10.2.c The effect that not abiding by the Guidelines would have on the fairness of the data matching program — including its effect on the ability of individuals to determine the basis of decisions that affect them, and their ability to dispute those decisions

    • There will be no effect on the fairness of the program or the ability of taxpayers to find out the basis of decisions that impact them or their ability to dispute those decisions
    • Before any administrative action is undertaken, taxpayers will be given at least 28 days to verify the accuracy of the information that has been derived from this data matching program
    • Where administrative action is to be undertaken, we will adhere to the principles established in the Taxpayers’ Charter and compliance model to ensure an equitable and consistent approach is taken
    • If a taxpayer does not agree with an assessment, they maintain the right to dispute the decision. They also have the legal right to appeal against those decisions through the courts and tribunals

     

    10.2.d The effect that not abiding by the Guidelines would have on the transparency and accountability of agency and government operations

    • There will be no adverse effects on the transparency and accountability of government operations
    • We published a notice with general information about the program in the Federal Register of Legislation - Gazettes prior to administrative action commencing. We will also update our program protocol, available on our website

     

    10.2.e The effect that not abiding by the specified requirements of the Guidelines would have on compliance of the proposed program with the Australian Privacy Principles in the Privacy Act 1988

    • There will be no effect on compliance with the Australian Privacy Principles contained in Schedule 1 to the Privacy Act 1988 due to longer retention of the data. The data is collected is solely for the stated objectives established in the data matching program protocol

     

    10.2.f The effect that complying with the Guidelines would have on the effectiveness of the proposed data matching program

    • The effectiveness of the program would be reduced if the data retention period is not extended
    • There would be a significant reduction in the our ability to detect incorrect reporting and taxation fraud without understanding and monitoring trends in the data collected
    • The destruction of the data in accordance with the current guidelines would impact the integrity of the taxation system by  
      • limiting our ability to identify taxpayers who may be subject to administrative action
      • resulting in the loss of public revenue
       

     

    10.2.g Whether complying fully with the Guidelines could jeopardise or endanger the life or physical safety of information providers or could compromise the source of information provided in confidence

    • Not abiding by all the requirements of the Guidelines would not influence or affect the personal safety of any individual identified as part of the program or compromise the source of the information provided in confidence

     

    10.2.h The effect that abiding by all the requirements of the Guidelines would have on public revenue – including tax revenue, personal benefit payments, debts to the Commonwealth and fraud against the Commonwealth

    • Not allowing the variation to the data retention period of the current program would cause us to miss potential breaches of taxation laws and subsequent non-payment of tax. This would result in the Commonwealth foregoing taxation revenue
    • There are risks to the integrity of taxation system when people fail to comply with their obligations. Abiding by all of the requirements of the guidelines will reduce the effectiveness of proposed compliance activity. We would miss the opportunity to educate those taxpayers trying to do the right thing, and deterring those that are non-compliant from repeating the behaviour
    • The effect of abiding by all of the requirements in the guidelines could negatively impact both public revenue and the confidence the public and government have in the ATO as an administrator of the taxation system. People not complying with their taxation obligations, including those operating outside the system, set a bad example to compliant taxpayers and may encourage their non-compliance. Maintaining community and government confidence in the taxation system is critical to our ongoing role

     

    10.2.i Whether complying fully with the Guidelines would involve the release of a document that would be an exempt document under the Freedom of Information Act 1982

    • Upon receipt of a freedom of information request only information relating to the taxpayer’s own affairs will be released to the taxpayer concerned

     

    10.2.j Any legal authority for, or any legal obligation that requires, the conduct of the proposed data matching program in a way that is inconsistent with the Guidelines

    • There is no specific legislative power authorising the conduct of this program inconsistent with the Guidelines
    • The Commissioner of Taxation, or his authorised representative, has formed the opinion that this data is required to enable us to effectively and efficiently carry out its legislated functions under the general powers of administration contained in  
      • Section 3A of the Taxation Administration Act 1953
      • Section 8 of the Income Tax Assessment Act 1936
      • Section 1-7 of the Income Tax Assessment Act 1997
      • Section 356-5 in Schedule 1 of the Taxation Administration Act 1953
       
    • The reasons for proposing to operate outside requirements of the Guidelines are detailed above

     

    This section outlines where we are being consistent with the requirements of the Guidelines.

    Table 2: Matters considered in seeking this variation to the Guidelines

    Paragraph

    Guideline

    Action taken/To be taken

    Paragraph 6

    Status of the Guidelines

    Our commitment to complying with the Guidelines is embedded in our data management policies and principles and clearly stated in the chief executive instruction.

    Guideline 1

    Application of the Guide

    We apply the guidelines for all data matching programs where it is anticipated the program will include records of 5,000 or more individuals.

    We recognise that programs where there are multiple data sources but with common objectives and algorithms are treated as a single data matching program.

    Guideline 2

    Deciding to carry out or participate in a data matching program

    We conduct a cost-benefit analysis and consider alternate methods prior to proposing to conduct a data matching program.

    Further, we have rigorous governance arrangements, processes and system controls in place to protect the privacy of individuals.

    Guideline 3

    Prepare a program protocol

    Prior to conducting a data matching program, we prepare a data matching program protocol, submit this to the Office of the Australian Information Commissioner and make a copy publicly available on our website

    When elements of a data matching program change, the protocol is amended, a copy of the amended protocol is provided to the Office of the Australian Information Commissioner and updated on our website.

    Guideline 4

    Prepare a technical standards report

    Documentation is prepared and maintained so as to satisfy the requirements of a technical standards report.

    Guideline 5

    Notify the public

    We publish notification of our intention to undertake a data matching program in the Federal Register of Legislation - Gazettes prior to the commencement of the program.

    This notice will include the following information as required by the Guidelines:

    • a brief description of the objectives of the data matching program
    • the matching agency and source entities involved in the data matching program
    • a description of the data contained in the data set involved in the data matching program
    • the categories of individuals about whom personal information is to be matched
    • the approximate number of individuals affected
    • reference to our privacy policy.

    Notification of the program is also published on our website and data providers are advised they can advertise their participation in the data matching program.

    Guideline 6

    Notify individuals of proposed administrative action

    Prior to taking any administrative action as a result of the data matching programs, individuals and other entities are given at least 28 days to verify the accuracy of the information provided to us by third parties.

    Guideline 7

    Destroy information that is no longer required

    We are seeking to vary from this requirement.

    Guideline 8

    Do not create new registers, datasets or databases

    We do not create new registers or databases using data obtained in the course of a data matching program.

    Guideline 9

    Regularly evaluate data matching programs

    Programs are regularly evaluated within three years of the commencement of the data matching program. These evaluations are provided to the Office of the Australian Information Commissioner on request.

    Guideline 10

    Seeking exemptions from Guideline requirements

    When we intend to vary from the requirements of the Guidelines we seek the approval of the Office of the Australian Information Commissioner and provides documentation to support the variance.

    Guideline 11

    Data matching with entities other than agencies

    We undertake our own data matching programs. This function is not outsourced.

    Where data is obtained from an entity other than an individual, we usually do so using our formal information gathering powers. In these instances the entities are advised they are able to notify their clients of their participation in the data matching program.

    Guideline 12

    Data matching with exempt agencies

    We do not usually undertake data matching with agencies that are exempt from the operations of the Privacy Act 1988 under section 7 of that Act and that are subject to the operation of the Guidelines (i.e. any data matching undertaken with an exempt agency would usually be for fewer than 5,000 individuals).

    In the event a data matching activity would otherwise be subject to these Guidelines except for the exemption status, we still adhere to the principles of the Guidelines and prepare a program protocol, seeking to vary from the Guidelines by not publicly notifying of the program and publishing the protocol. We would still lodge a copy of the protocol with the Office of the Australian Information Commissioner.

    Guideline 13

    Enable review by the Office of the Australian Information Commissioner

    We would not prevent the Office of the Australian Information Commissioner from reviewing its data matching activities and processes. These activities and processes have been reviewed by the Australian National Audit Office and Inspector-General of Taxation.

    Go back

      Last modified: 10 Jan 2019QC 48672