The ATO has announced it is investigating recent reports of 2 tax agents whose clients are reporting the receipt of an unexpected ATO refund into their bank account. It said there is no information to suggest ATO systems have been compromised. The impacted agents proactively contacted the ATO and the ATO says it is working in partnership to mitigate the risk to other clients and revenue.
The ATO says it has sophisticated risk models in place to scrutinise every tax return to identify refund fraud, blatant errors and higher risk claims. The ATO investigates identified fraudulent refunds and looks for commonalities across those refunds to address and identify the extent of the fraud, potential improvements for risk detection capabilities, opportunities for enhanced security measures and those responsible for the fraud.
If a business or tax practice notifies the ATO of a potential data breach, the ATO says it puts a number of strategies or treatments in place to protect affected clients depending on the circumstances eg:
- Issue an alert to ATO staff to seek additional proof of record ownership.
- Continue to monitor the impacted taxpayers ATO records.
- Apply additional security measures within ATO systems.
[ATO website: announcement; TT Month; LTN 136, 20/7/17]