Our risk management strategy is maturing to better align with our legal responsibilities under the PGPA Act, and the Commonwealth Risk Management Policy.
Recognising our operational independence, we work in collaboration with the ATO’s Risk Framework, to improve cooperation in managing enterprise or higher priority risks that are shared across the tax profession and tax system.
This cooperative risk management approach recognises controls or mitigation strategies can be mutually beneficial, and addresses community expectations and requirements regarding delivery of an efficient, effective, economic and ethical public services.
Enterprise risk |
Risk description |
Management strategy |
---|---|---|
Tax and superannuation performance influenced by tax advisers |
There is a risk that the performance of the tax and superannuation systems declines due to regulatory system failure to uphold legal and professional standards of tax advisers. |
We are managing this risk through supervision and compliance that is fair and proportionate to risks. This law and compliance program includes data analytics and intelligence, preventative early warning nudges, enquiries, investigations, sanctions and litigation. In 2025–26, we will encourage the level playing field, cooperation and transparency and voluntary compliance by providing guidance and publishing our compliance priorities. |
Influencing policy and law design |
|
We are managing this risk by providing advice to Treasury and government and we work closely with the ATO. TPB views on policy, law, guidance and administration are shaped by consultation and coordination with stakeholders, especially the community, tax profession, professional and educational providers. |
End‑to‑end client services |
There is a risk that the TPB does not deliver efficient and effective stakeholder services to the community and to tax practitioners, undermining confidence in the TPB and the regulatory and tax systems. |
We are managing this risk by understanding tax practitioner needs and their professional 'lifecycle' to maximise TPB support with community awareness, registration standards (education, experience, ethics), practical guidance products, continuing professional education, appropriate supervision and leveraged compliance strategies. Public support includes our Law & Compliance program to uphold professional standards, Client Support program to advise clients impacted by sanctions that have been applied to tax practitioners, and transparency via the TPB Register supporting informed engagement and decision making. |
Enabling technology and systems |
|
|
Data governance |
There is a risk that the TPB does not access, use or manage data lawfully and effectively, failing to detect and treat risks, drive digital innovation, and assess and report on effectiveness, resulting in undermining confidence in the TPB and the regulatory and tax system. |
We are managing this risk by prioritising data governance, lawful sharing of data and systems with the ATO and partners, risk, measurement and reporting systems built on data analytics and science. |
Cybersecurity |
There is a risk that the confidentiality, integrity, or availability of TPB information systems is compromised by an external threat actor or malicious insiders, resulting in direct and indirect financial impacts, the undermining of trust in the TPB and government. |
We are managing this risk by working with the ATO and ensuring our cybersecurity capabilities meet whole of government requirements. |
Registration integrity |
There is a risk that TPB registration processes lack integrity, tax practitioners are registered lacking education, experience or ethical standards, adversely impacting tax or superannuation outcomes for clients and the community, resulting in undermining confidence in the TPB, tax system and profession. |
We are managing this risk through improvements to TPB support over the tax practitioner lifecycle, including proof of identity, risk assessments (disqualified entities, significant breach reports, personal tax obligations), annual registration attestation, ATO coordination in fraud detection and TPB compliance improvements. |