Show download pdf controls
  • ATO Fraud and Corruption Control Plan 2018-19

    We have zero tolerance towards fraud and corruption and take all reasonable measures to prevent, detect and respond to fraud and corruption risk, managing public resources in a way that maximises benefits for the community. We've prepared a Fraud and Corruption Control Plan to meet community expectations and our legislative obligations under the Public Governance, Performance and Accountability Act 2013 and Commonwealth Fraud Control Framework 2017.

    We are committed to supporting taxpayers and employees who choose to do the right thing, and dealing with those who don’t. Preventing, detecting and responding to fraud and corruption, including tax evasion and tax fraud, is an important part of meeting that commitment.

    We treat fraud and corruption seriously, and have zero tolerance for such behaviour.

    The Fraud and Corruption Control Plan (the Plan) outlines our approach to managing fraud and corruption risks and complies with the Commonwealth Fraud Control Framework 2017.

    The Plan is reviewed annually and details at a high level the range of strategies we have in place to prevent, detect and respond to internal and external fraud and corruption, and the associated oversight and reporting mechanisms.

    The Plan outlines the particular roles certain positions and bodies have with respect to fraud and corruption, as well as the critical role that everyone who works in the ATO plays in identifying and responding to fraud and corruption risks. All suspected cases of fraud or corruption must be reported, and the Plan outlines how to do that and where to get additional information.

    The Plan also identifies how the community can report, and encourages them to do so.

    By all playing our part we can ensure the highest levels of integrity are maintained, and thereby ensure that everyone has trust in what we do.

    Chris Jordan signature

    Commissioner of Taxation

    The ATO Fraud and Corruption Control Plan (the Plan) documents the strategic and operational approach to controlling fraud and corruption impacting the ATO.

    The Plan provides an overview of how fraud and corruption risks will be managed and ensures compliance with the Commonwealth Fraud Control Framework 2017.

    The Plan:

    • describes the fraud and corruption control framework
    • articulates our approach to fraud and corruption
    • recognises the relationships with agencies we work with and the role they play
    • communicates the message that reducing the risk of fraud and corruption within the ATO is everyone’s responsibility.

    Risk tolerance

    We acknowledge that in our interactions with clients and service providers, and in the delivery of our services, not all fraud and corruption risks can be avoided or prevented.

    We have a policy of zero tolerance towards fraud or corruption impacting the ATO.

    In practice, ‘zero tolerance’ in the ATO means that we will:

    • assess all alleged instances of fraud or corruption, and further investigate as necessary
    • pursue disciplinary, administrative, civil or criminal actions as appropriate
    • seek to prosecute through the courts, where appropriate
    • seek to recover debts owed to the ATO, where appropriate.

    What is fraud and corruption

    Fraud is defined in the Commonwealth Fraud Control Framework 2017 as “dishonestly obtaining a benefit, or causing a loss, by deception or other means”. For an activity to be fraud, it must be deliberate and lead to a direct or indirect benefit to an individual or group.

    Fraud can either be internal or external. Internal fraud is committed by employees or contractors, and can include:

    • falsely claiming employee benefits
    • accessing and disclosing taxpayer information without authorisation
    • falsifying qualifications
    • improperly reducing a debt or other liability
    • releasing funds without proper authority
    • using ATO assets for personal benefit.

    External fraud is committed by taxpayers and other third parties dishonestly and intentionally, and can include:

    • failing to declare all income
    • providing a false payment summary
    • claiming a deduction to which you are not entitled
    • lodging a false business activity statement
    • identity enabled fraud
    • failing to remit PAYGW and/or superannuation guarantee.

    The Plan addresses both internal and external fraud impacting the ATO.

    We define corruption as “the dishonest or biased exercise of Commonwealth public official functions”.

    Examples of corruption that may be realised in the ATO include:

    • abuse of office (eg provision of sensitive information to facilitate external fraud committed by others)
    • biased tax-related decision making by ATO official
    • nepotism (particularly in relation to employment)
    • collusion for personal gain.

    Fraud and corruption control


    Our fraud and corruption control framework is consistent with Commonwealth requirementsFootnote1 and comprises of governance, risk management and policy controls, including:

    • a suite of targeted Chief Executive Instructions (CEI), policies and guidance material
    • Ethical Business Relationship Statement
    • dedicated internal governance and conformance arrangementsFootnote2
    • regular reporting of fraud and corruption control activity
    • this Plan
    • regular environmental scans and external intelligenceFootnote3
    • external and internal risk assessmentsFootnote4
    • a work program of fraud and corruption risk assessments and reviews
    • data matching and analytics
    • sharing information with other tax and law enforcement jurisdictions
    • collaborative reviews with other ATO integrity and assurance pillars
    • testing of fraud and corruption controls
    • mandatory fraud awareness training of all ATO employees and contractors
    • a suite of tailored self-help material and multi-channel communications
    • specialised training and qualifications for ATO employees in dedicated fraud control and investigation roles
    • mandatory requirement to assess fraud and corruption risk impact in all corporate and business line projects
    • mechanisms for reporting suspected fraud, corruption and tax crime
    • analysis of internal and external fraud and corruption incidents
    • continual improvement of fraud and corruption control processes and systems
    • intelligence-led fraud and corruption activities
    • application of civil, administrative or disciplinary penalties and sanctions
    • prosecution and recovery of proceeds of fraudulent and corrupt activity
    • strategic partnerships with law enforcement and intelligence agencies
    • an annual Organisational Behavioural Assessment.


    Our fraud and corruption control strategy includes the following measures:

    • Prevention – proactive measures designed to help reduce the risk of fraud and corruption occurring.
    • Detection – measures designed to uncover incidences of fraud and corruption when they occur.
    • Response – measures including assessment, investigation, analysis, referral and recovery.

    All control measures are informed by and respond to current and emerging fraud and corruption risks, as well as behavioural insights, and are reviewed on a regular basis to ensure approaches remain appropriate, cost-effective and proportionate to relevant risks.

    Fraud and corruption risks

    Internal fraud risks

    As a result of consultation with stakeholders and business lines, this iteration of the plan has focused on the following three internal fraud and corruption risk areas:

    • The information we hold – We have a significant amount of sensitive and personal information. Unauthorised or inappropriate access to that information can compromise the integrity of the taxation and superannuation systems, and undermine public trust. The move to online access, as well as the capacity to aggregate and manipulate large amounts of data through system development, heightens the potential risks.
    • Our changing workforce – Our workforce mix is changing, with more externally engaged employees providing services to us. Our need for specialist skills subject to labour, market pressure, and the need to deploy additional resources quickly require different employment processes to mitigate fraud risk. Employees are also performing more work remotely and are using a range of mobile technologies to access, store and transfer information.
    • The integrity of our resources – A cultural shift to a less rigid and defined rules based environment, with an associated focus on trust and empowerment, creates potential risks in how ATO assets and resources might be used. This includes both physical and financial assets.

    External fraud risks

    External fraud risks revolve around a threat to revenue to which the ATO is one agency in the Commonwealth that is responsible for managing the risk.Footnote5

    The risks can range from small scale fraud perpetrated by an individual who deliberately over claims a small expense they didn’t incur through to networked offshore organised groups who attempt multi-million dollar frauds.

    Because of the broad behaviour and activity within the threat (evasion and fraud), we manage the external fraud risk as tax crime.

    We targets several areas where tax crime is prevalent:

    • cash and the hidden economy
    • cybercrime
    • identity crime and tax-related scams
    • offshore tax evasion
    • trusts
    • phoenix companies
    • refund fraud
    • serious financial crime and those who enable external fraud

    We do this through a range of compliance activity, and in collaboration with regulatory and law enforcement agencies where required. We also participate in various multi agency international, national and state serious and organised crime forums and working parties. Task forces such as the Illicit Tobacco Taskforce, Phoenix Taskforce, Serious Financial Crime Taskforce and the Joint 5 Alliance share intelligence and investigate, disrupt and prosecute serious financial crimes.

    An enterprise tax crime strategy is in place which is supported by a number of independent risk review activities managed through an ongoing program. . The outcome from these activities, and behavioural insights, will inform future fraud and corruption risk management strategies.

    Insider threat

    Employees who engage in counterproductive workplace behaviour can be a factor in both internal and external fraud. Corruption of or by a public official is also an enabler of fraudulent behaviour.

    Infiltration (including by organised crime) or an employee taking advantage of an opportunity, are both circumstances which can arise.

    The continuing development of an Organisational Behavioural Assessment is a key measure in identifying and responding to potential insider threats. Other control measures include pre-employment screening, requirements to declare and avoid certain associations, and the sharing of intelligence information.

    Fraud and corruption prevention

    We have a suite of prevention strategies that are targeted at building a strong integrity culture within the ATO, and fraud awareness in those who interact with the ATO. Implementation of these strategies contributes to reducing the fraud and corruption risk impacting the ATO.

    Our first line of defence approach to fraud and corruption prevention is based on:

    • a strong awareness of what fraud is and what to do about it
    • appropriate information to ensure taxpayers are aware of their rights, responsibilities and obligations
    • a “helping to comply” approach
    • strong leadership
    • sound fraud and corruption risk management
    • robust recruitment and vetting processes
    • regular training and communication
    • a robust fraud and corruption control policy framework
    • intranet sites dedicated to addressing internal fraud and corruption control and external fraud
    • an external communications program that demonstrates the consequences of committing tax crime, including an external intranet site dedicated to the-fight-against-tax-crime
    • rigorous risk evaluation and differentiated treatment strategies.

    Fraud and corruption detection

    We will never eliminate all occurrences of fraud or corruption, so we want to detect it where it exists. Our fraud and corruption detection activity is based around:

    • system monitoring and scanning, and associated control scenarios
    • proactive detection analytics
    • data modelling and intelligence analysis to identify potential fraudulent and corrupt behaviour, including identity crime models stop systemised attack on the system
    • intervention to encourage customers to comply
    • annual disclosures about changes in circumstances and external interests (security clearance holders)
    • ongoing suitability declaration for non-security clearance holders
    • sharing intelligence with, and collaborating across, law enforcement and integrity agencies and international jurisdictions
    • systematic review and analysis of fraud referrals to identify possible trends
    • internal and external audits
    • a strong culture of reporting, and awareness of how to report
    • Public Interest Disclosures.

    Fraud and corruption response

    If we find or identify potentially fraudulent or corrupt behaviour, whether it is internal or external, we will respond and deal with it appropriately. We do that in the following ways:

    • assessment of all reports and allegations to determine an appropriate response
    • establishment of specialist units to manage and respond to fraudulent or corrupt activity
    • undertaking investigations in accordance with Australian Government Investigations Standards
    • pursuing disciplinary, administrative, civil or criminal actions as appropriate
    • pursuing the recovery of fraudulently or criminally obtained benefits where appropriate
    • joint investigations with other law enforcement bodies and agencies
    • appropriate reporting, including to external scrutineers
    • maintain appropriate fraud insurance.

    Reporting fraud and corruption

    Receiving reports

    Consistent with the approach that dealing with fraud and corruption is everyone’s responsibility, ATO employees have an obligation to report incidents of suspected fraud or corruption. There are a range of mechanisms for doing so:

    Reports about external fraud or tax crime can be made to the Tax Integrity Centre by:

    • completing the tip-off form. The form is also available in the contact us section of the ATO app  
    • phoning 1800 060 062
    • fax 1800 804 544
    • posting to
      Tax Integrity Centre
      Locked Bag 6050
      DANDENONG VIC 3175 

    Law enforcement agencies report tax crime involving serious and organised crime groups to: email

    Performance reporting

    Regular reporting is an important part of effective governance and assurance. To ensure our fraud control arrangements are appropriate and systems remain in place to prevent, detect and respond to fraud and corruption, the following internal and external reporting occurs:

    • monthly to the relevant risk owner
    • quarterly to the Audit and Risk Committee
    • quarterly to the Enterprise Risk Management Committee
    • to each meeting of any specialist committee (e.g. Crime and Account Integrity Steering Committee, Account Integrity Business Management Working Group Refund Fraud – Systems, Serious Financial Crime CEOs Forum)
    • annually to the Australian Institute of Criminology
    • as required to the Commonwealth Ombudsman in accordance with the requirements of the Public Interest Disclosure scheme.

    Referrals and information exchange also occur on a case by case basis to bodies including:

    • Australian Federal Police
    • Australian Securities and Investment Commission
    • Australian Criminal Intelligence Commission
    • Australian Commission for Law Enforcement Integrity
    • Australian Transaction Reports and Analysis Centre
    • Commonwealth Director of Public Prosecutions.

    Key responsibilities for fraud and corruption control

    While managing fraud and corruption is everyone’s responsibility, a number of bodies and positions have particular roles to play:

    • Commissioner of Taxation – as the accountable authority, is responsible for taking all reasonable measures to prevent, detect and deal with fraud relating to the ATO.
    • Audit and Risk Committee – oversees the development and implementation of this Plan and provides independent assurance to the Commissioner of Taxation on fraud and corruption risk and control.
    • Enterprise Risk Management Committee – considers emerging risks, which may include fraud and corruption, in the context of the ATO's strategic objectives.
    • Serious Financial Crime CEOs Forum – sets the strategic direction on serious financial crime risks, including the prioritization of serious financial crime risk treatments across the Commonwealth.
    • Serious Financial Crime Senior Officers Group – provides oversight and gives the CEOs assurance on serious financial crime risk and control.
    • Serious Financial Crime Joint Management Committee – implements the Serious Financial Crime work program.
    • Crime and Account Integrity Steering Committee – sets the strategic direction on tax crime and account integrity risks and threats, including the prioritization of tax crime risk treatment across the ATO.
    • Account Integrity and Business Management Forum – provides advice on account integrity and refund fraud issues with an emphasis on emerging risk and mitigation strategies.
    • Client Identity and Refund Fraud Forum – identifies, prioritises and drives initiatives to support refund integrity and management of identity crime.
    • Deputy Commissioner, ATO Corporate – is the risk owner for internal fraud, and monitors and assesses the performance of the Fraud Prevention and Internal Investigations Branch.
    • Deputy Commissioner Private Groups and High Wealth Individuals – is the risk owner for identity crime, tax crime and aggressive tax planning, and manages the tax evasion and crime response across government and internationally for the ATO.
    • Assistant Commissioner, Fraud Prevention and Internal Investigations – is an independent internal function supporting the Commissioner of Taxation with respect to internal fraud and corruption control, and is responsible for the development of this Plan.
    • Fraud Prevention and Internal Investigations Branch – is responsible for the implementation of measures to effectively prevent, detect, deal and respond to internal ATO fraud and corruption.
    • PGH Tax Evasion and Crime – responds to serious and financial crime and provides our investigative and prosecutorial capability..

    As well as the above, the following also have key responsibilities for reducing fraud and corruption risk:

    • Senior Executives – provide strong leadership and foster and support a culture of awareness and reporting.
    • Business line managers – ensure risk management is applied in the operation of their respective business line.
    • All ATO employees and contractors – identify and report fraud and corruption risks which are likely to impact the ATO and ensure related policies and procedures are adhered to.

    Supporting ACNC and TPB

    In accordance with the Schedule 1 of the Public Governance, Performance and Accountability Rule 2014 the Commissioner of Taxation is the Accountable Authority for:

    • Australian Charities and Not-for-profits Commission (ACNC)
    • Tax Practitioners Board (TPB)

    The Commissioner of Taxation therefore has ultimate responsibility for taking all reasonable steps to prevent, detect and deal with fraud and corruption in those bodies.

    To support that responsibility, we provide governance and operational support to both the TPB and ACNC.

    Maintaining integrity in fraud and corruption control

    We are committed to maintaining the highest integrity within the key areas that are responsible for fraud and corruption control in the ATO.

    We acknowledge that a lack of integrity in these areas jeopardises the internal and external confidence in the ATO.

    The ATO maintains integrity in these areas through measures such as:

    • having documented policies and procedures to support decision making
    • ensuring individuals have the appropriate security clearance for their position
    • effective reporting and management of conflicts of interest declarations
    • internal and external performance and activity reporting
    • transparent participation in independent review and reporting arrangements.
    Footnote 1
    Commonwealth Fraud Control Framework 2017 and the Fraud Rule, Policy and Guidance

    Return to footnote 1 referrer

    Footnote 2
    Including the Tax Crime and Account Integrity Steering Committee

    Return to footnote 2 referrer

    Footnote 3
    For example, the quarterly Tax Crime Environment Scan

    Return to footnote 3 referrer

    Footnote 4
    Commonwealth Organised Crime Threat Assessment, Serious Financial Crime risk assessment and the Client Experience Owners Risk Assessments

    Return to footnote 4 referrer

    Footnote 5
    Australian Federal Police, Australian Crime and Intelligence Commission, AUSTRAC and Commonwealth Director of Public Prosecutions all have a primary role.

    Return to footnote 5 referrer

      Last modified: 01 Jul 2019QC 53292