How we notify the public
We notify the public of our intention to collect AFCX data for 2024–25 financial year to 2026–27 financial year by:
- publishing a notice in the Federal Register of LegislationExternal Link gazette in the week starting 11 August 2025
- publishing this data-matching program protocol on our website at Data-matching protocols
- advising AFCX that AFCX - Privacy Policy - AFCXExternal Link should include that personal information is disclosed to ATO for data-matching purposes.
Gazette notice
The following information about the data-matching program appears as a gazette notice in the Federal Register of Legislation.
Gazette notice: Commissioner of Taxation - Notice of an AFCX data-matching program 11 August 2025
The Australian Taxation Office (ATO) will acquire relevant account and transaction data from Australian Financial Crimes Exchange (AFCX) for the 2024–25 financial year through to 2026–27 financial year.
The data items include:
- client identification details (names, addresses, phone numbers, dates of birth, identity verification document details, IP addresses etc)
- bank account transaction details (bank account details, transaction date and amount, IP addresses etc).
We estimate that records relating to approximately 70,000 individuals will be obtained each financial year.
For this data-matching program, we will match AFCX data against ATO records and other data holdings.
The data collected under this program will be used to:
- safeguard taxpayer accounts from identity crime by implementing protective controls to enable pre-lodgment detection and application of treatments to victims of fraud
- identify, detect, monitor and treat new emerging risks and behaviour patterns which may significantly impact the integrity of the tax and superannuation systems
- compare to our records and other data holdings, as part of the methodologies by which we select taxpayers for compliance activities
- provide insights through models and analysis that support our regulatory approach, to reduce the impact of financial scam and crime.
The objectives of this program are to:
- protect taxpayer records from identity crime and unauthorised access by detecting, preventing and/or mitigating risks of unlawful registration, lodgment, and refund fraud
- build intelligence about scam, fraud and crime activities and threats in the financial ecosystem to strengthen integrity of the tax and superannuation systems and develop treatment strategies
- address new and emerging risks through enhanced intelligence capabilities to reduce the impact of financial scams and crimes on taxpayers, mitigate tax revenue risk and protect the Australian community
- detect, investigate and/or prosecute perpetrators of financial crime activity including identity takeover, money laundering or serious and organised crime.
A document describing this program is available at ato.gov.au/dmprotocols.
This program follows the Office of the Australian Information Commissioner’s (OAIC) (2014) Guidelines on data matching in Australian Government administration (the guidelines). The guidelines include standards for the use of data matching as an administrative tool in a way that:
- complies with the Australian Privacy Principles (APPs) and the Privacy Act 1988 (Privacy Act)
- is consistent with good privacy practice.
A full copy of the ATO’s privacy policy can be accessed at ato.gov.au/privacy