Experts outline business preparation for looming code obligations

Small businesses and tax practitioners are being encouraged to review and solidify their quality management systems to remain compliant as changes to the code of conduct kick in on 1 July 2025.

In a panel session at The Tax Institute's NSW Tax Forum on Thursday morning, Peter de Cure, chair of the TPB; Rebecca Mihalic, director of businessDEPOT; and Tim Sandow, president of The Tax Institute, reinforced the importance of being prepared ahead of the fast-approaching changes.

De Cure said the changes had caused significant concern among small businesses, yet reassured there was no need for worry.

“I think quality management systems is one of those things that’s good for every business, every tax practice, to have an appropriate system to manage the quality of your work,” he said.

“I know that some of the smaller firms are very concerned about this, but our expectations of a sole practitioner are entirely different from our expectations of a big four or medium key practice. Our expectations of a small practitioner are that they have a documented system that demonstrates what their protocols are for keeping their files secure.”

“We are also looking at their cyber security protocols and if they’ve got a checklist for making sure that any staff that work in that practice knows simple protocols to run a business carefully and sensibly.”

De Cure noted that a simple protocol reinforced across all employees went hand-in-hand with a reasonable level of professionalism, and that was all that was required.

However, the expectations of a larger firm were more sophisticated, he said.

De Cure said reassured practitioners that while he remained chair of the TPB, he would not “be sending investigators out to check your quality management system”.

Mihalic echoed the importance of quality management systems and noted the importance of client engagement letters, specifying what agents were responsible for and what they were not. Client engagement letters were important as part of the process of keeping clients’ information and allowed for compliance and mitigation of any conflicts of interest, she said.

“For us, the engagement templates we use cover off a whole range of other things not specific to these new task updates that we need to tell our clients about our offshoring, or our data stored in the cloud.”

“They’re in client signage, so we have evidence that they've read, they've understood and they've accepted. We are engaged directly by those individual clients as well… it also means that we're very specific about services we're offering, and at any point, anyone that can jump in and double check before they do something that we are actually engaged to that work.”

Engagement being part of a quality management system also helped with client relationships, as it helped clients run a better business in that they knew exactly what to expect and what not to expect from their agent, Mihalic added.

“We take it to the extent around the quality of the accounts we need to receive from clients. If clients don’t want us to do a detailed review of all the transactions, then we need to have an agreement on the quality that comes to us, that they can engage some sort of professional to help them with their bookkeeping or accounts that are internally or externally before we take that on.”

Both de Cure and Mihalic said it was imperative for businesses to have sound systems in place, and urged for action to be taken sooner rather than later to aid compliance.