4.1 Stakeholders from the small to medium enterprises (SME) market segment were largely concerned with the ATO's application of the risk differentiation framework (RDF). As the RDF is yet to be fully deployed in the SME market segment, there was concern and uncertainty about how the ATO will apply it.

4.2 It should be noted that many of the discussions in the previous chapter may become relevant in this context depending on how the application of the RDF to this market segment evolves.

4.3 Particular concerns that have been raised with the IGT thus far include:

  • inputs into the risk categorisation process — uncertainty was expressed as to how the ATO uses quantitative and qualitative data; and
  • communication of the risk categorisation — whether and how the ATO will communicate to the taxpayer their opinion of the taxpayer's risk and whether the taxpayers would be afforded due process.

4.4 This chapter provides some background to this market segment and the ATO's SME business line before addressing the above stakeholder concerns.


4.5 The ATO's SME business line administers SME taxpayers as well as those classified by the ATO as 'highly wealthy individuals' and 'wealthy Australians'.

4.6 SME taxpayers are those entities with an annual turnover between $2 million and $250 million. This particular market segment comprises a diverse group of businesses such as closely held private groups, foreign owned multinational corporations, charities, sole traders and partnerships.

4.7 Highly wealthy individuals (HWIs) are those Australian resident individuals who, together with their associates, effectively control $30 million or more in net wealth.

4.8 Wealthy Australians are those Australian resident individuals who, together with their associates, effectively control net wealth of between $5 million and $30 million.284

4.9 As at March 2013, the ATO had identified:

  • 183,000 SME economic groups representing 220,000 entities;
  • 2,600 HWIs representing 36,000 entities; and
  • 70,000 wealthy Australians representing 450,000 entities.285

4.10 There is less publicly available taxpayer information for this market segment as compared to the large business segment. There are various reasons for this, a key one being that entities in these market segments typically do not have the same level of mandatory financial disclosure requirements as public companies listed on the stock exchange.

4.11 In relation to risk specifically, another reason why more information is available in the large business segment is that it consists only of approximately 1,850 economic groups and entities encompassing over 32,000 businesses. Whilst all these groups are risk assessed using quantitative 'risk filters', the ATO incorporates additional detailed qualitative information into the risk assessment of a subset of approximately 100 taxpayers. Further information about this process is presented in Chapter 3 in connection with the large business segment.

4.12 For the SME market segment, the ATO has a greater reliance on third party data sources for risk assessment processes. These data sources may be from other government departments, financial institutions or other third parties.286 The ATO approaches to this market segment are outlined in their publication, Tax compliance for small-to-medium enterprises and wealthy Australians (Tax Compliance) which was produced following recommendations contained in the IGT's Review into the ATO's Compliance Approaches to Small and Medium Enterprises with Annual Turnovers Between $100 million and $250 million and High Wealth Individuals (SME Review).

4.13 One of the ATO's approaches to the SME market segment is the 'private-group approach', whereby the ATO recognises that some individuals may be the controlling minds or key decision-makers behind businesses that encompass multiple entities. This approach allows the ATO to assess risk at a holistic group level rather than at the entity level. This also allows ATO officers to approach the group through a single contact point for income tax matters, subject to privacy restrictions. An ATO example of a kind of private group is illustrated below:

Figure 15: ATO example of a kind of private group

Graphic giving an ATO example of a kind of private group.

View image enlarged

Source: ATO, Tax compliance for small-to-medium enterprises and wealthy individuals.

4.14 In its Tax Compliance publication, the ATO indicates that it takes a risk-management approach to compliance by categorising SME market sub-segments according to other risks they pose relative to each other:

We support this approach with sophisticated data-matching techniques that access external and internal information. This process of filtering and prioritising serves two purposes:

  • it reduces the costs of compliance for low-risk taxpayers by minimising the possible intrusiveness of our compliance activities
  • it ensures we invest our resources in the areas of greatest risk.

We use our risk differentiation framework to view risk, categorise the SME market from an income tax perspective, formulate strategies and apply treatments. We are committed to using the framework and will continue to improve its application to ensure our interactions with you achieve the best possible compliance outcomes.287

4.15 As with the large business and international (LB&I) RDF, the framework seeks to categorise taxpayers using likelihood and consequence of non-compliance factors. Similar to the LB&I market segment, taxpayers are categorised as higher risk taxpayers, key taxpayers, medium risk taxpayers or lower risk taxpayers. These categorisations are shown in Figure 16 below.

Figure 16: RDF for small-to-medium enterprises and wealthy individuals

Graphic showing RDF for small-to-medium enterprises and wealthy individuals.

View image enlarged

Source: ATO, Tax compliance for small-to-medium enterprises and wealthy individuals.

4.16 In addition to outlining the application of the RDF to the above three market segments, the Tax Compliance publication also describes how it determines risk:

We identify compliance risks by matching and analysing data and information.

Our initial risk-identification systems apply complex algorithms and risk rules. Our skilled analysts and compliance officers complement this work by applying their knowledge and experience at the risk-identification stage of a case.

In addition, our compliance program sets out the specific compliance risks we focus on each year. These risks will change in response to economic conditions, new legislation and changes to your business environment. We may also identify new risks through our intelligence and risk-monitoring processes.288

4.17 In earlier years, compliance work in relation to wealthy Australians was supported by the ATO's Strategic Compliance Initiative. This initiative was part of $302 million Federal Budget funding over four years to address compliance risks associated with Australia's economic recovery. The SME business line was allocated $68.9 million of this funding to identify and profile wealthy Australians.289

4.18 Through this initiative, the ATO has developed a repository of intelligence in relation to wealthy Australian group structures. Future compliance activity in this market segment builds on this foundation of intelligence.

4.19 In addition to approaching taxpayers on a private group basis, the ATO undertakes project-based work:

We may undertake reviews and compliance-verification activities on medium-risk taxpayers. These activities may be part of a compliance project involving other businesses with similar issues. This approach allows us to address systemic tax issues on a consistent basis across the SME market, thereby reducing compliance costs to all taxpayers.290

Previous audits and reviews

4.20 Some aspects of the SME business line operations were the subject of a 2011 Australian National Audit Office (ANAO) performance audit.291 The audit made findings with respect to:

  • the governance arrangements supporting compliance in the SME market;
  • how the SME business line assesses compliance risks;
  • the ATO's compliance strategies for the SME market segment; and
  • how the ATO measures the effectiveness of its compliance strategies.

4.21 The ANAO audit also made two recommendations in relation to aspects of the then SME 'risk engine'. The ATO agreed to both recommendations.

4.22 In 2011, the IGT SME Review covered issues such as:

  • technical capability and support;
  • compliance decision-making;
  • project management;
  • audit conduct, communication and taxpayer engagement; and
  • information gathering.

4.23 The review made 41 recommendations, 38 of which the ATO agreed in full, two in part and disagreed with one.

Stakeholder concern — inputs into the risk categorisation process

4.24 Stakeholders expressed a sense of uncertainty about the type of information the ATO uses when risk rating the SME population. For example, they were unsure as to how the ATO used quantitative versus qualitative information.

4.25 In 2011, the ATO replaced the former 'risk engine' with a new corporate risk assessment tool, being the Risk Assessment and Profiling Tool (RAPT). Whilst the RAPT is used across the ATO, the manner and extent to which it is used can vary by business line. It should be noted that this system is different to the 'risk filters' used by the LB&I business line where the RAPT is not a major part of the risk categorisation process.

4.26 The RAPT is one of a suite of corporate risk assessment tools. Among others are the Operational Analytics (OA) and the Analyst Workbench (AWB) tools. The ATO uses OA for mainly high volume low complexity work, while the AWB is used mainly for low volume high complexity work. As seen in Figure 17 below, the RAPT fits in between these tools for medium volume medium complexity compliance work.

Figure 17: How rapt fits into the suite of corporate risk tools

Diagram showing how RAPT fits into the suite of corporate risk tools.

Source: ATO292

4.27 The SME business line uses the RAPT to drive a largely quantitative-based process using risk flags and risk signposts. All of these risk flags and risk signposts are brought together into what is known as the Integrated Scoring Model (ISM). The ATO has indicated:

The Integrated Scoring Model (ISM) is the process of risk assessing and prioritising the S&ME market (both private wealth groups and SME economic groups) based on likelihood and consequence of known compliance risks. Currently, there are approx 120 risk rules that form part of the likelihood score, these comprise of two types of risk rules:

A risk flag highlights the likelihood of a compliance risk based on a combination of variables from different data sources. A risk flag will affect the group's risk score.

A signpost identifies an event; further verification work may be required to determine if a compliance risk has occurred. A signpost in itself is not a risk; however, a combination of signposts may indicate a potential compliance risk.293

4.28 A risk flag or combination of flags usually seeks to assess the likelihood that a taxpayer has incorrectly reported against a particular type of tax risk. For example, there are risk flags that assess risks against:

  • capital gains tax;
  • consolidation;
  • various international taxation obligations;
  • demergers;
  • franking credits;
  • fringe benefits tax;
  • losses;
  • non-lodgement;
  • phoenix activity;
  • research and development;
  • self-managed superannuation funds;
  • professional firms;
  • trusts; and
  • tax and economic performance.294

4.29 The risk rules usually test a compliance risk hypothesis using the data from income tax return labels.295 In all, there are 84 risk flags and 35 risk signposts covering the above risks. This chapter uses the term 'risk rules' to refer to both risk flags and risk signposts unless a specific reference indicates otherwise.

4.30 In contrast to the LB&I higher consequence segment, where a moderation process considers qualitative information for some 140 large business taxpayers, the SME business line seeks to risk assess 700,000 entities by using quantitative data.

4.31 Nevertheless, the SME business line seeks to take into account some qualitative aspects in its risk assessment. These have been described as 'contextual attributes' and are used to incorporate information about the taxpayer from outside the tax return itself. The contextual attributes are used to increase or decrease the initial likelihood score depending on the attribute.296 The three contextual attributes are 'start-up businesses', 'phoenix activity', and 'advance pricing arrangement'.

4.32 The rules then produce likelihood and consequence scores which are used to place taxpayers relative to each other within the RDF. The ATO emphasises that the 'RDF is an initial risk assessment tool and that it does not indicate non-compliance'.297

4.33 The risk rules are developed by risk managers within the SME business line. As part of developing risk rules, risk managers are also required to develop risk guides,298 which explain to compliance staff why their case was selected (that is how the taxpayer triggered the risk rule) and what the compliance officer should consider during the case. These risk guides are considered later below.

4.34 Risk managers in the SME business line are required to review their risk rules twice a year.299 The purpose of the review is to ensure that the latest information is used when the SME business line runs the RDF in February and August of each year. The risk manager is to convene a workshop to conduct the review. The workshop should have the following participants:

  • the risk manager (and appropriate members of their team);
  • the senior technical leader(s);
  • experienced active compliance officers;
  • a population strategy — national case selection panel representative; and
  • appropriate guests from other business lines.

4.35 However, in some workshops, participation may be limited. For example, in a 2011 workshop, representatives from all the above areas attended300 whilst in a 2012 workshop, only the risk manager and two representatives from the SME Risk and Detection area were in attendance.301

4.36 The workshop considers the current risk rule and its application, associated documents (such as the risk guides), and considers any new rules or gaps in the current rule. A risk manager may have responsibility for a 'suite' of risk rules related to a particular risk area. In this case, the panel would consider all the rules within the suite.

IGT observations

4.37 The SME market consists of a high number of taxpayers, so the ATO is highly reliant on quantitative methods to filter for risks against the selected population at first instance. The use of 'contextual attributes' is a useful addition to the risk assessment process, adding some qualitative considerations to the process.

4.38 The IGT notes that most of the risk rules are associated with specific taxation risks which is helpful for ensuring that the ATO is testing for specific types of potential non-compliance.

4.39 The IGT supports the ATO's regular review of the risk rules. By necessity, at the outset, risk managers develop risk rules based on estimates which can then be refined and become more accurate by feedback loops that is input from completed cases such as risk reviews and audits. It is important, therefore, for the risk rule review process to incorporate compliance officers' experience from actual case work. Whilst this may be the expectation, it does not always happen in practice.

Recommendation 4.1

The IGT recommends that the ATO incorporate compliance officer experiences and case work results into the risk rule review processes.

ATO response


Stakeholder concern — communication of the risk categorisation

4.40 As described above, since September 2012, the ATO has publicly shared its RDF process for SME taxpayers through its online Tax Compliance guide. This, however, was a general description, and in contrast with the LB&I notification process, did not specifically inform particular taxpayers about how the ATO considered specific risks.

4.41 Stakeholders expressed concerns as to whether the ATO would communicate the risk categorisation to them and, if so, how. Furthermore, where the ATO sought to notify the taxpayer of their risk categorisation, there were also concerns as to whether the taxpayer would have an adequate opportunity to have such a categorisation reviewed.

4.42 Some stakeholders indicated that communicating the ATO's specific risk concerns would assist taxpayers and their advisors in self-managing their own compliance risks and may assist in promoting voluntary compliance. Other stakeholders appreciated that such an approach may be impractical for the entire SME market segment, but highlighted that such an approach may be justifiable for the largest taxpayers in this segment. The ATO often refers to this collective segment as 'S4', being businesses with a turnover of between $100 million to $250 million.

4.43 As shown in Figure 16 above, the ATO has identified 5500 SMEs, 450 HWIs and 1900 wealthy Australians as higher risk taxpayers. The ATO has indicated that not all taxpayers would receive a notification of their risk categorisation due to the numbers in this market segment. Furthermore, the ATO has indicated that it would only provide a risk categorisation to taxpayers if new compliance activity was underway.302

4.44 The ATO's Compliance Program 2012-13 indicates that it plans to complete around:

  • 200 reviews and 50 audits of HWIs; and
  • 120 reviews and 50 audits of wealthy Australians.303

4.45 The ATO has previously conducted trials and pilots in sharing risk information with some SME taxpayers and their advisors. Between February 2009 and April 2012, the ATO ran the Risk Assessment Information Sharing (RAIS) project. Part of the RAIS project was jointly run with KPMG.304

4.46 The intent of the project was to:

  • reduce the uncertainty being experienced by taxpayers and their advisors around the ATO Risk Engine and its results by effectively engaging these taxpayers and making known to them our view of their level of 'riskiness';
  • prompt some of them to consider if and how they want to reduce their level of riskiness in our eyes, leading to more voluntary compliance in our market overall; and
  • demonstrate our compliance activity is credible because it is based on a systematic and deliberate risk assessment and case selection method that we are capable of explaining.305

4.47 One of the results of the RAIS project was the ATO's development of two risk communication products for taxpayers in the SME market, namely:

  • the Compliance Notification letter; and
  • a pilot of the Risk Report.306

4.48 The intent of the Compliance Notification letter was 'to provide earlier certainty to businesses about the conclusion of their tax affairs for that year, improving their experience with the tax system'.307

4.49 The objective of the risk report was for the ATO to influence taxpayer behaviour and 'demonstrate their openness and transparency' about their view of tax risk.308

4.50 Further information about these products was provided to the ATO Tax Practitioner Forum (ATPF) SME sub-group in March 2013 of which IGT officers attended as observers.309 Some practitioners raised potential issues with the intent and delivery of the Compliance Notification letters, citing potential unintended increases in uncertainty and compliance costs from undertaking a further pilot.

4.51 Since then, the ATO has informed the IGT that due to feedback from various sources, the ATO would not proceed with issuing Compliance Notification letters to lower-risk taxpayers. The main reasons for not proceeding were that:

  • the initiative would require a high level of ATO resources;
  • the letters may not achieve the intent of providing certainty to taxpayers;
  • the letters may actually increase compliance costs or cause them concerns; and
  • lower-risk taxpayers did not desire contact from the ATO for this purpose.310

4.52 For the risk reports, the ATO is continuing to develop further trials, with 500 risk reports sent in March 2013. The ATO intends to only send risk reports to higher consequence taxpayers that are the subject of new ATO compliance activity, citing resource demands given the large numbers of taxpayers in this market segment.311

IGT observations

4.53 The IGT recognises the usefulness of the SME business line approach in communicating the risk assessment process to the general SME population through the Tax Compliance guide as well as aspiring to make more personalised communication with taxpayers about their particular risk profile, such as through the risk report pilot.

4.54 In this respect, the Tax Compliance guide reflects the same consideration of transparency to that described in the Large business and tax compliance (LBTC) booklet targeted at the large business market:

We believe that being transparent, accountable and willing to engage constructively with us reflects good corporate citizenship and a positive attitude to compliance with tax law. By taking this approach, you are likely to lower your tax-risk profile and enjoy the benefits of good reputation that follow.312

4.55 However, due to the large numbers of taxpayers in this market segment, a different approach to that taken with large business taxpayers is required. This will require a different balance to be struck between providing due process for taxpayer risk categorisation notifications and the ATO's use of resources for such a large number of taxpayers.

4.56 Where the ATO is intending to conduct compliance activity, such as a risk review or an audit, it is vital the ATO and the taxpayer have an opportunity to discuss the taxpayer's risk categorisation. This may address certain taxpayer concerns about receiving due process as part of the risk categorisation process.

4.57 It is apparent, however, that the ATO currently categorises more taxpayers as higher risk than it plans to risk review or audit. Presumably that means those selected for further compliance activity pose an even higher risk and should perhaps be placed in a different risk category. Whilst adding a further category to the RDF may not necessarily change taxpayers' relative risk positions in terms of the ATO's perceptions of likelihood and consequence, it better identifies the highest risk taxpayers and better supports the ATO's actual resource allocation choices and initial taxpayer engagement stance.313

4.58 With respect to the risk reports, the IGT observes that it is desirable for taxpayers to have a better understanding of what the ATO considers to be risk factors and to have the opportunity to change their behaviour if they so desire.

4.59 The SME business line has also indicated that its risk reports are 'indicative and not definitive'.314 This is due to the reliance on quantitative data and the lack of a qualitative moderation process as per the LB&I process. Therefore, the risk report arguably represents a lower 'reputational risk' to the taxpayer and perhaps a lower reputational risk for the tax manager of the taxpayer.

4.60 In this context, the IGT is concerned that it may be difficult for large numbers of taxpayers to have a one-on-one meeting with ATO staff to discuss the issued risk reports. Accordingly, great care needs to be taken to ensure the process is reliable and robust in this market segment. If not, costs and related consequences may blow out for both taxpayers and the ATO.

4.61 The IGT notes the importance of stakeholder consultation as seen in the case of the now discontinued Compliance Notification letters. Consultation through the ATPF surfaced important feedback about the potential unintended consequences of the proposed letters. Such consultation ensured that the ATO did not undertake a potentially resource intensive project that may have resulted in more uncertainty and higher compliance costs for taxpayers.

4.62 The IGT also sees an opportunity for the ATO to provide greater certainty through publishing more information about the risk flags. As noted in the previous section, risk managers are responsible for developing risk guides for each risk rule. The guides should contain information for compliance officers to consider when undertaking reviews, namely :

  • an explanation of the risk hypothesis — what the taxpayer might be doing incorrectly;
  • explanations of false positives — a set of facts which would indicate that the taxpayer is indeed compliant, notwithstanding the fact that they triggered the risk rules; and
  • information request — the main evidence that the compliance officer would need to request, in order to test whether the taxpayer was correctly or incorrectly applying the law.315

4.63 It is the IGT's view that all risk guides should contain at least the above three elements. The risk hypothesis will assist compliance officers in their information gathering activities. Furthermore, when the risk hypothesis is communicated to the taxpayer, the taxpayer will understand why the ATO officer is asking for related information.

4.64 Currently, all risk areas published in the Tax Compliance guide are listed by name only. These are reproduced in Appendix 10. The IGT believes that these risk areas should be accompanied by risk hypotheses and factual situations which should attract the attention of the taxpayer and the ATO. Such approach can be seen in the LB&I income tax risk filter depicted in Figure 10 in Chapter 3.

4.65 Providing the risk hypothesis, along with the relevant risk factor assists taxpayers in understanding the nature of the ATO's concerns. For example, one of the characteristics on the 'What attracts our attention' list is a specific reference to 'accessing business assets for tax-free private use'. For this risk factor, it may be useful for taxpayers themselves to understand that the tax-free private use of business assets has certain tax implications. The risk hypotheses in this instance may be:

  • Taxpayer may not have correctly reduced their deduction for decline in value for depreciating assets, due to the private use increasing the non-taxable use percentage (s40-25 Income Tax Assessment Act 1997 [ITAA 1997]).
  • Taxpayer may not have correctly calculated the capital gain or balancing adjustment amount from a balancing adjustment event happening to a depreciating asset that has been used for a non-taxable purpose (s40-250 and s104-235 ITAA 1997).
  • Taxpayer may not have correctly applied the partly creditable rules for GST input tax credit purposes (s11-30 A New Tax System (Goods and Services Tax Act) 1999).
  • Individual taxpayer has accessed benefits of an associated company, but may not have correctly calculated or applied fringe benefits tax (Fringe Benefits Tax Assessment Act 1986).

4.66 Expressing the risk hypotheses with the risk factor in the manner outlined above assists taxpayers and their tax advisors to better understand their own risk, by checking to see if those risk factors match their circumstances.

4.67 It should be noted that the IGT uses the term 'risk hypothesis' in the same way it is used in his LB&I Review316 and in the large business active compliance manual. The large market income tax risk filters317 and other ATO documents refer to the risk hypothesis as the 'risk description'.

Recommendation 4.2

The IGT recommends that the ATO:

  1. ensure all ATO risk guides contain:
    1. an explanation of the ATO's risk hypothesis;
    2. explanations of any applicable false positives; and
    3. an indication of the types information that the compliance officer should be seeking from the taxpayer to determine the presence of a risk.
  2. publish additional information on the risk factors currently listed in the publication Tax compliance for small-to-medium enterprises and wealthy individuals such as the risk hypothesis and the indicators used to determine the presence of risk.

ATO response


The ATO supports greater transparency in respect of what attracts our attention and will also look at other publications to provide this information, for example, placing links in the online Compliance in Focus publication.

Proportionality of ATO compliance approach

4.68 Stakeholder representations from this market segment were largely focused on the inputs that the ATO uses to arrive at risk categorisation and the manner in which the ATO would communicate such a categorisation. Whilst the ATO's compliance approach is generally articulated in their Tax Compliance publication, taxpayers are yet to experience the full effect of the RDF since its use in this market segment is at an earlier stage than in the large business market.318

4.69 The IGT also observes that there are significant differences between the large business market and the SME market and as such this will require different ATO approaches.

4.70 Nevertheless, the IGT's observations in Chapter 3 highlight the importance of ensuring that the ATO's compliance approach is proportionate to the perceived or actual risk. This includes not only the level of risk, but the type of risks which concern the ATO. These include inherent risk factors, behavioural risk factors and information confidence concerns. Clearly articulating these concerns separately ensures that ATO officers make targeted inquiries and use approaches that are proportionate to the differing mixes of these risks and concerns. Furthermore, such an articulation ensures that taxpayers better understand the ATO's concerns and the specific means by which to address those concerns.

4.71 The IGT acknowledges, however, that unlike the higher consequence taxpayer segment in the large business market, the ATO cannot make the same in-depth qualitative assessment of the taxpayers' behavioural risks for SMEs. For example, since many SMEs are privately-held, there would be less publicly available information on the taxpayer's tax risk management and corporate governance systems.

4.72 As noted above, the ATO currently takes into account three 'contextual attributes' when using the risk rules. The contextual attributes can be considered as types of behavioural factors. Other behavioural factors may need to be inferred from the taxpayer's compliance history, such as timely lodgment of returns and making of payments.

Recommendation 4.3

The IGT recommends that the ATO, in consultation with stakeholders, test the distinction between inherent factors, behavioural factors and information confidence and cost for this market segment.

ATO response


4.73 The IGT makes more general recommendations regarding proportionality in Chapter 8 of this report.

284 ATO, above n 4.

285 ATO, above n 4; see also Australian Taxation Office, ATPF SME Working Group, 14 March 2013, handout.

286 ATO, above n 33, p 31.

287 ATO, above n 4.

288 ATO, above n4.

289 Inspector-General of Taxation, Review into the ATO's compliance approaches to small and medium enterprises with annual turnovers between $100 million and $250 million and high wealth individuals (2012) para [1.54].

290 ATO, above n 4.

291 Australian National Audit Office, The Management of Compliance in the Small to Medium Enterprises Market (2011).

292 Australian Taxation Office, Risk assessment and profiling tool (RAPT) Overview.

293 ATO communication to IGT, 23 November 2012.

294 Australian Taxation Office, Integrated Scoring Model S&ME Pipeline Governance Committee Report, May 2012, page 16.

295 Ibid.

296 Ibid page 33.

297 Australian Taxation Office, Draft SME minutes, March 2013, Agenda item 3.

298 Australian Taxation Office, SME Detailed Risk Guide Extract - Available fraction flag - provided to IGT 3 April 2013.

299 Australian Taxation Office, RAD13_Review of risk rules in S&ME - (undated), last modified 7/01/2013. Provided to IGT 3 April 2013.

300 Australian Taxation Office, FBT Review workshop minutes 29 November 2011.

301 Australian Taxation Office, Consolidation risk rule workshop meeting minutes 30 July 2012.

302 ATO, above n 297.

303 ATO, above n 33, p 33.

304 Australian Taxation Office, Tier 3 Project Final Report for KPMG Risk Assessment Information Sharing Project (RAIS) April 2011.

305 Ibid page 4.

306 Ibid.

307 Australian Taxation Office, ATPF SME sub-group June 2012 minutes.

308 Australian Taxation Office, Communication Strategy Risk Report February 2013.

309 Australian Taxation Office, ATO S&ME RDF handout for ATPF SME sub-group, 14 March 2013. Representatives of the IGT were present as observers.

310 ATO communication to IGT, 27 March 2013.

311 ATO, above n 297.

312 ATO, above n 4; ATO, above n 33, p 37; ATO, above n 63.

313 Hamilton, above n 60, pp 483-531, p 515.

314 ATO, above n 309, slide 5.

315 Australian Taxation Office, Risk Guide for FBT and Available Fraction.

316 IGT, above n 122, Chapter 5.

317 See Figure 10 above on page 54 for a sample large market income tax risk filter description.

318 ATO, above n 297.