COMMENT | As many people in the channel might know, the ATO is in the middle of a massive transformation project. And if you’ve kept up with it over the past 12 months the likely impression is that it hasn’t been going well.
There was the storage network crash in December that the ATO labelled as its “worst unplanned outage” in recent memory. It was so bad it prompted an independent inquiry to determine the cause.
There have been at least another 10 outages from February to June – and three of those were in one June week. The ATO blamed vendors Hewlett-Packard and Leidos, and “stressed” fibre-optic cables.
Behind the scenes, however, the ATO is making good ground. In fact, by one measurement, Australia’s tax department is not just leading the world, it is miles ahead of its peers.
“We expose more APIs than any other revenue agency in the world and, according to my maths, more than the rest of the world’s agencies combined,” said John Dardo, deputy commissioner and chief digital officer at the ATO, at the Accounting Technology Showcase Australia conference in October.
“Everyone else is looking at us and saying, ‘Holy macaroni, how did you get there?’”
This is an astonishing claim. The UK government has made a lot of noise about its Making Tax Digital initiative. Part of which will require all businesses to use online accounting software to lodge their tax returns. However, the UK is sitting at 175 API connections while the ATO is closer to 230 and will soon reach more than 350 once it adds some off-the-shelf packages, Dardo told me after his speech.
Dardo, a 20-year veteran at the ATO, took up the role seven months ago – after the big crash in December, he pointedly told the audience. He previously ran the ATO’s Standard Business Reporting (SBR) project for a year and a half. SBR is the common data framework which will allow government departments to pre-fill online forms with basic contact details through to social security and payroll data.
One of the biggest challenges is dealing with cloud accounting software. And it’s not, as you may have assumed, because of security issues. MYOB, Xero and Reckon use the Amazon Web Services data centre in Sydney – as does the ATO.
“The reality is that if you’re in an AWS data centre in Sydney, that data centre from a security perspective is identical to the one in Singapore and North Virginia,” Dardo said. “The problem is the jurisdictional risk.”
In Australia there are certain laws and protections in place that control who hosts that data. These protections cannot be enforced if the data is hosted outside the country. The ATO is worried that if an Australian business is hosting tax-related information in an American data centre that the US may then want access to it in the future. Given that the US is the centre for the largest technology companies in the Western world, this is a broader problem.
Regardless, the ATO is waiting for the software companies to explain their position on jurisdictional risk. Once they do the department will make recommendations to businesses and tax agents about accounting software. Because today the jurisdictional risk is not borne by the software companies but by their business customers in Australia, Dardo said.
“The risk is not for the person making the choice to be offshore, which is the software providers. There are businesses using the practitioner [accountant] where the business and the practitioner don’t know the data is offshore. And the employees of that business don’t know their TFNs, bank account details, sick leave histories are offshore.”
One for the next IT trivia night: Dardo says all AWS data centres are identical except for one, which services the Homeland Security department. “The reporting lines must be US citizens. But otherwise it’s the same.”
Sholto Macpherson is a journalist and commentator who covers emerging technology in cloud