Tax file numbers (TFNs) are unique numbers issued by the Australian Taxation Office (ATO) to identify individuals, corporations and others who lodge income tax returns with the ATO.
While individuals cannot be required to provide their TFN, there may be consequences if they don’t. For example, if individuals do not quote their TFN to employers and financial institutions then they may have tax deducted from their income or interest payments at the highest marginal rate.
Quotation of TFNs is also a condition of receipt of most Australian Government assistance payments.
The Tax File Number Guidelines 2011 (TFN Guidelines) issued under s 17 of the Privacy Act 1988 (Privacy Act) regulate the collection, storage, use, disclosure, security and disposal of individuals' TFN information. The TFN Guidelines only apply to the TFN information of individuals and do not apply to TFN information about other legal entities such as corporations, partnerships, superannuation funds and trusts.
The TFN Guidelines are legally binding. A breach of the TFN Guidelines is an interference with privacy under the Privacy Act. Individuals who consider that their TFN information has been mishandled may make a complaint to the Office of the Australian Information Commissioner (OAIC).
Under transitional arrangement for the amendments made to the Privacy Act on 12 March 2014, the TFN Guidelines continue in operation as if they were rules issued under s 17 of the Privacy Act.
TFN guidance material
Privacy fact sheet 6 is not legally binding — it is intended to provide guidance related to the handling of TFNs and assistance in interpreting the TFN Guidelines. Privacy fact sheet 6 uses frequently asked questions to suggest a number of steps individuals and TFN recipients, including investment bodies, should consider taking to protect the privacy of TFN information.
Privacy fact sheet 6 should be read in conjunction with the TFN Guidelines and the advisory 'Classes of lawful tax file number recipients' document that the ATO and the Australian Prudential Regulation Authority (APRA) have released. This document is not part of the TFN Guidelines and is not legally binding. It is a joint ATO and APRA document and constitutes part of the ATO and APRA's obligations under the TFN Guidelines to publish information on the classes of persons or bodies who are authorised by law to request an individual quote that individual's TFN.
As well as constituting a breach of the TFN Guidelines, unauthorised use or disclosure of TFNs can be an offence under the Taxation Administration Act 1953 (TAA) and can attract penalties including imprisonment and monetary fines.
Sections 8WA and 8WB of the TAA create offences for unauthorised requirements or requests that a person's TFN be quoted, and the unauthorised recording, maintaining a record of, use or disclosure of an individual's TFN respectively, unless an exception applies. Provisions regulating TFNs are also contained in Part VA of the Income Tax Assessment Act 1936. In addition, the Data-matching Program (Assistance and Tax) Act 1990 provides for, and regulates, the matching of records between the ATO and assistance agencies using the TFN in a data-matching process.
In the context of superannuation, Part 25A of the Superannuation Industry (Supervision) Act 1993 (SIS Act) and Part 11 of the Retirement Savings Accounts Act 1997 (RSA Act) also contain rules and restrictions on the quotation, use and transfer of TFNs. Furthermore, under the SIS Act and RSA Act, APRA can make legislative instruments that approve the manner of quoting TFNs.
TFN related functions
Under the Privacy Act, the Australian Information Commissioner has a number of monitoring, advice and assessment related functions regarding the handling of TFNs. Under s 28A the Australian Information Commissioner has the following monitoring functions in relation to TFNs:
- examining the records of the Commissioner of Taxation to ensure that the Commissioner
- is not using TFN information for purposes beyond his or her powers (s 28A(1)(c)(i))
- is taking adequate measures to prevent the unlawful disclosure of the TFN information that he or she holds (s 28A(1)(c)(ii))
- evaluating compliance with the TFN Guidelines (s 28A(1)(d))
- monitoring the security and accuracy of TFN information kept by TFN recipients (s 28A(1)(e)).
Under s 28B(1)(d) the Australian Information Commissioner may provide advice to TFN recipients about:
- their obligations under the TAA in relation to the confidentiality of TFN information; or
- any matter relevant to the operation of the Privacy Act.
Under s 33C(1)(c) the Australian Information Commissioner may conduct an assessment as to whether TFN information held by a TFN recipient is being maintained and handled in accordance with the TFN Guidelines.