Over my years as an accountant in public practice I have heard of cases of fraud with the ATO but never actually seen any first hand. That all changed in the last couple of month. I will detail the 2 situations below but for privacy have left out names and details.
A taxpayer had received a letter for an ATO Audit/payment advice and came to us for assistance. The letter referred to 6 tax returns lodged from 2017-2022 which resulted in a combined refunds of around $70,000 +. The client had not lodged any of these tax returns nor used a tax agent in these years. When we phoned the ATO to discuss the taxpayers’ letter the initial questions were, did they lose their wallet, were they a victim of recent high profile hacks or did they somehow have their details compromised?
Unfortunately the taxpayer had supplied their details to another person. It appears then that person lodged the tax returns via an online platform and received the tax refunds via an online bank account. As the taxpayer had supplied their information they must repay the lost refunds of $70,000 +.
In the second case we received correspondence from the ATO that the clients account was under review due to a suspected compromised TFN.
An amended return was lodged via an online platform, with a nominated online bank account for refund. The tax return had been amended to include a deduction of $39,000 which would have resulted in a refund of around $13,000. Luckily the ATO caught this issue early and the amended return was cancelled and no refund issued. The taxpayers account has been blocked and going forward only the taxpayer and tax agent will be able to access their information.
It is unknown where the TFN was compromised. As a result to produce the 2023 tax return we had to contact the ATO for access to the clients account for 48 hours to obtain their information. Once lodged the 2023 tax return took much longer than the 28 day service standard to be issued. The taxpayers ATO account remains blocked and only the taxpayer can unblock.
It is scary to think that someone can access your information, lodge a tax return on your behalf and potentially access a refund. Both of the above cases were quickly identified by the ATO and actions taken to block the accounts.
At Welsh Tax we don’t outsource your data. Whilst other firms may regularly outsource tax work overseas we don’t believe in it.
In my opinion outsourcing only increases your exposure, depending on the country they may not have the same level of compliance, culpability or review that we in Australia are subject to.
Below are some things you can do to mitigate your risk of TFN being compromised.
- Don’t provide your details to anyone unless you are certain they are legitimate.
- If you are worried about a text or email, don’t open it or click on the links. Call us and we can check your ATO account directly for issues or correspondence.
- We have removed mobile phone numbers from our clients ATO accounts and replaced with our office number. This way you should not receive any texts from the ATO.
- When sending information to you via email we redact your TFN so it is not displayed.
- Keep your records safe both online and hard copies. Lockable safes and computer virus protection.
- Review your cybersecurity safety both at work and privately, including regularly changing passwords.
Unfortunately with the use of computers and the internet the prevalence of cases like the above may continue. Do the best you can to protect yourself and don’t’ be complicit in exposing your details. If in doubt, Don’t.
To find out more reach out to us on 07 5494 9173 or drop us an email at [email protected].
Recent Comments