Welcome to the latest edition of our Not-for-Profit Newsletter. Please feel free to contact us if you have any questions about the content of this Newsletter.

In this edition

For those with 31 December financial reporting requirements, this edition includes a summary of key financial reporting focus areas. Following on from previous editions that covered cyber-security matters, this edition also includes a few cyber-security, managing data, and privacy items. We also cover several governance and compliance
matters, and ACNC related items including a summary of governance standards that deal with how charities should operate.

Click below to read a section:

Governance
Compliance
Fraud
Financial reporting
Sustainability reporting
ACNC activites
NDIS
Aged care

Governance

ATO checklist promotes good governance

A new Australian Taxation Office checklist is aimed at helping not-for-profits stay up-to-date with tax, superannuation and industry obligations. The NFP tax, super and registry responsibilities checklist aims to reduce the chances of NFPs failing to comply.

The tax office recommends that entities check their tax and super obligations on a regular basis, at least every 12 months. Keeping ABN authorisations and contact details current ensures that NFPs know about significant tax, super, and registry changes.
The checklist offers advice in sections:

Checks that all NFPs should be regularly completing
Checks for NFPs that self-assess as income-tax exempt
Checks for income-taxable NFPs
Checks for NFPs with more than $150,000 in turnover
Checks for NFPs that employ staff
Checks for NFPs that need to make payments to the ATO, and
Checks for charities registered with the Australian Charities and Not-for-profits Commission.

For more information visit https://www.ato.gov.au/businesses-and-organisations/not-for-profit-organisations/yourorganisation/in-detail/checklists/nfp-tax-super-and-registry-responsibilities-checklist.

Community tells ATO about NFP failures

In 2023-24 the ATO received more than 47,000 tip-offs from the community about errant corporate behaviour.

As at 31 October, the office had received about 240 tip-offs about NFPs. The most common behaviours reported were:

Entities failing to meet their obligations
NFPs failing to operate according to their purpose
Misuse of NFP vehicles, and
Failing to meet employer obligations

Cyber-security governance principles refreshed

Digital-supply-chain risks, data governance and regulatory and legislative shifts are some of the key updates in a refreshed Cyber
Security Governance Principles. Since their release in October 2022, the principles, produced by the Australian Institute of Company Directors and the Cyber Security Cooperative Research Centre, have become the leading source of cyber-security governance guidance for Australian boards.

Given the scale and speed of changes in the cyber-security landscape, the updated principles reflect the evolving cyber-threat landscape and best-practice cyber-resilience strategies. New case studies are included. AICD managing director Andrew Charlton and CEO Mark Rigotti said the principles had become the leading best-practice
guidance for Australian directors when it comes to overseeing and managing cyber risks across organisations, large and small.

‘Over recent years, global conflicts and the evolution of cybercrime have seen new threats emerge, and Australian boards are consistently placing cyber at the top of their agendas’, they said.

Rachael Falk, CSCRC CEO, said cyber-security was of increasing importance and complexity for Australian organisations.

‘Establishing good governance practices for cyber-security, including understanding the strength of existing risk controls, who are our key digital suppliers, and keeping abreast of new and emerging threats and risks is vital for directors’, she said. ‘These principles will help Australian directors build a strong understanding of what “good” looks like in relation to cyber governance and help keep Australian organisations and the community safer in our digital world.’

ASIC updates guidance on insolvent trading

ASIC has updated its regulatory guide for directors and their professional advisers on the duty to prevent insolvent trading and new guidance on safe-harbour provisions. Updates to regulatory guide 217 Duty to prevent insolvency trading: Guide for directors follow industry consultation.

RG 217 provides guidance on understanding and complying with the duty to prevent insolvent trading.

Several developments have influenced the need for updates to RG 217, including the 2017 introduction of ‘safe harbour’ provisions under the Corporations Act 2001 and recommendations from Treasury’s Review of the Insolvent Trading Safe Harbour in 2021.

More protection of Australians’ privacy

The Office of the Australian Information Commissioner has welcomed the passing of the Privacy and Other Legislation Amendment Bill 2024 as a significant step forward in advancing Australians’ privacy protections.

The bill included significant measures, notably:

The introduction of a statutory tort for serious invasions of privacy, giving individuals a route to seek redress for privacy
harms in courts
The expansion of the OAIC’s enforcement and investigation powers, including new tiers of civil penalties and the ability to
issue infringement notices
A new mechanism to prescribe a ‘whitelist’ of countries and binding schemes with adequate privacy protections to facilitate
cross-border data transfers, and
A requirement that privacy policies contain information about substantially automated decisions that significantly affect
individuals’ rights and interests, including the kinds of decisions and personal information used.

‘These new powers and functions come at a critical time, as privacy harms increase and the Australian community demands more power over their personal information’, privacy commissioner Carly Kind said.

First Cyber Security Act passed

Passing of the federal government’s cyber-security legislation marks a substantial step towards strengthening Australia’s cyber defences and resilience.

New laws ensure that Australians can trust their digital products, help break ransomware business models, support Australian organisations through cyber-security incidents, and ensure that national cyber practices, policies, and procedures are improving.

The new laws include:

Requirements that certain businesses report ransom payments, and
The establishment of a Cyber Incident Review Board to conduct no-fault, post-incident reviews of significant cyber security incidents and make recommendations to aid in the prevention, detection, response, and minimisation of future cyber incidents.

The package also progresses reforms under the Security of Critical Infrastructure Act 2018.

Payday super

While most employers do the right thing, the Australian Taxation Office estimates that $3.6 billion worth of super went unpaid in 2020–21.

From 1 July next year, employers must pay their employees’ super simultaneously with salaries and wages. The federal government has announced details aimed to ‘incentivise’ compliance and ensure that employees are compensated for delays in receiving their super, including:

An updated ‘super-guarantee’ charge will ensure that employees are fully compensated for any delay in receiving their super,
incentives for employers to catch up on any missed payments quickly, and an increase in the severity of consequences for
employers that deliberately or repeatedly do the wrong thing
Businesses will become liable for the charge if super contributions are not received by their employees’ funds within seven
days of payday. This allows time for payment processing to occur as well as for swift action to be taken against employers
that are not meeting their obligations, and
Revised choice of fund rules that will make it easier for employees to nominate their fund when starting a new job, reducing
unintended duplicate accounts, and giving employers more timely and accurate details.

Compliance

Wages underpayment can earn jail time

From 1 January, intentionally underpaying an employee’s wages and entitlements can be a criminal offence. The Fair Work Ombudsman can investigate suspected criminal underpayment and refer suitable matters for prosecution. If a person is convicted of a criminal offence, a court can impose fines, prison time, and both.

There are protections for businesses to avoid criminal prosecution. They include the Voluntary Small Business Wage Compliance Code and cooperation agreements.

Other workplace changes starting from 1 January include:

A significant increase to the maximum penalty for underpayment contraventions for a non-small business employer
New definitions and minimum pay rates for entry-level classifications in some awards, and
Changes to classifications and minimum pay rates for some employees in the aged-care sector.

Recent changes to workplace laws have included changes to casual employment, a new right to disconnect, independent contractor changes, and new regulated worker rules.

Fraud

Charity fraud funded overseas trips

Angela Stathopoulos, 49, has pleaded guilty in the Melbourne Magistrates’ Court to stealing more than $459,000 from a charity that feeds the homeless and supports needy children. The offences against Prahran Community Learning Centre occurred between May 2011 and March 2022 while Ms Stathopoulos was the centre’s principal executive officer.

The court was told that Ms Stathopoulos used the charity’s money to bankroll 10 overseas holidays, buy concert tickets, jewellery, dance lessons, designer clothes, and accessories. Ms Stathopoulos’s offending came to light only after new board members joined the charity in 2020 and tried to tighten the centre’s financial reporting and risk management.

The court was told that the centre’s federal and local-government funding was at risk. Students and families that needed to transfer to other education centres were distressed.

Ms Stathopoulos was bailed to appear at the County Court at a later date for sentencing.

Financial reporting

Simpler NFP reporting on the way?

Long-awaited proposals to change reporting requirements for many NFPs have arrived. Special-purpose financial statements will be restricted and a new third tier of reporting proposed.

Exposure draft 334 Limiting the Ability of Not-for-Profit Entities to Prepare Special Purpose Financial Statements proposes amendments to the Conceptual Framework for Financial Reporting and Australian accounting standards (including interpretations) to remove NFPs’ ability to prepare special-purpose statements via AASB 1057 Application of Australian Accounting Standards.

The proposed amendments apply to:

NFPs that are required by legislation to prepare financial statements that comply with either Australian accounting
standards or other accounting standards
NFP entities that are required only by their constituting document or another document to prepare financial statements
that comply with Australian accounting standards, and
NFP entities that elect to prepare general-purpose statements.
The draft proposes that the amendments apply to annual periods beginning on or after a date that is at least three years after the
issue of the proposed standard, earlier application permitted. It’s intended that the draft has the same application date as for the
proposed Tier 3 standard and other consequential amendments arising from it.

ED 335 proposes a new Tier 3 standard General Purpose Financial Statements – Not-for-Profit Private Sector Tier 3 Entities with simplified recognition, measurement, and disclosure requirements that will apply to eligible private-sector Tier 3 NFPs.

ASIC focus areas for 31 December financial reports

ASIC is urging directors, preparers of financial reports and auditors to be aware of the enduring and ongoing focus areas in its surveillance of financial reports for the year ending 31 December (see Appendix ASIC’s ‘enduring’ focus areas for financial reporting).

Areas of focus for the upcoming reporting season include: impairment and asset values; provisions; subsequent events; and disclosures in the financial report.

Commissioner Kate O’Rourke said: ‘We have highlighted matters that require the most judgement and use of estimates as these areas have previously shown the highest rates of non-compliance.

‘While these areas are emphasised, ASIC expects all reporting entities to ensure the reports are complete, accurate and informative.’

Ms O’Rourke said ASIC would also target, more broadly non-compliance with financial-reporting obligations.

This will also be the first financial year for December year-end reporters to prepare and lodge a consolidated-entity disclosure statement. ASIC will be monitoring them for compliance.

You can review the focus areas for consideration here.

Sustainability reporting

New guidance on aligning financial and sustainability reporting

The International Federation of Accountants has published guidance on coordinating financial and sustainability reporting. Building Trust in Sustainability Reporting and Preparing for Assurance is a practical resource to strengthen governance and control to enhance the quality of sustainability information and disclosures.

It outlines steps to align sustainability and financial reporting in terms of quality, timing, and connectivity, and addresses challenges thrown up by sustainability reporting.

By implementing a systematic annual cycle of governance and control activities, companies can improve the quality and maturity of their data and reporting, reducing the likelihood of modified assurance conclusions and audit opinions.

The new guidance can be applied to the adoption of the IFRS Sustainability Disclosure Standards issued by the International Sustainability Standards Board and jurisdictional requirements, including the European Sustainability Reporting Standards. Both sets of standards also emphasise the importance of transparency on governance, risk management, and internal controls to inform an assessment of the quality of a company’s sustainability reporting.

Sustainability-related risks and opportunities outlined

The International Financial Reporting Standards Foundation has published the 61-page guide Sustainability-related risks and opportunities and the disclosure of material information. It is designed to help companies identify and disclose material information about sustainability-related risks and opportunities that could reasonably be expected to affect cash flows, access to finance and cost of capital over the short, medium, and long terms.

A key focus of the guide is to help companies understand how the concept of sustainability-related risks and opportunities is described in IFRS S1 General Requirements for Disclosure of Sustainability-related Financial Information, including how these can arise from a company’s dependencies and impacts.

The guide highlights how companies applying ISSB standards can benefit when making materiality judgements for financial statements, particularly when applying IFRS accounting standards. It sets out a process that is closely aligned with the four-step process illustrated in the International Accounting Standards Board’s IFRS Practice Statement 2: Making Materiality Judgments.

The guide also sets out considerations a company might make to drive connectivity between sustainability-related financial disclosures and a company’s financial statements.

ACNC activities

ACNC concerns over Hillsong charities

After serious allegations had been made about the Hillsong Church’s charities, the Australian Charities and Not-for-profits Commission began to investigate Hillsong College’s compliance with the ACNC act and regulations.

The commission identified the following concerns:
Compliance with record-keeping obligations (s 55-5(2)) of the ACNC act
Compliance with governance standard 5 that requires charities to take reasonable steps to ensure that its responsible people are subject to, understand, and carry out the standard’s demands
Compliance with external conduct standard 1 (Reg 50.20(3)(a) of ACNC regulations and s. 25-5(3)(b) of the ACNC Act) that covers the way a charity manages its activities overseas, how it is required to control overseas finances and other resources and the requirement to comply with Australian laws.
Duties include:
- To act with reasonable care and diligence (reg 45.25(2)(a) of the ACNC Regulations and s. 25-5(3)(b) of the ACNC Act)
- To act honestly and fairly in the best interests of the charity and for its charitable purposes (reg 45.25(2)(b) of the ACNC Regulations and s. 25-5(3)(b) of the ACNC Act)
- To disclose conflicts of interest (reg 45.25(2)(e) of the ACNC Regulations and s. 25-5(3)(b) of the ACNC Act), and
- To ensure that the financial affairs of the charity are managed responsibly (reg 45.25(2)(f) of the ACNC Regulations and s. 25-5(3)(b) of the ACNC Act)
Compliance with external conduct standard 2 (Reg 50.20(3)(b) of the ACNC Regulations and s. 25-5(3)(b) of the ACNC Act) that covers the requirements for a charity to obtain and keep sufficient records for its overseas activities on a country-bycountry basis, and
Compliance with reporting obligations (Subdivision 60-B and 60-C of the ACNC Act), charities must report annually to the ACNC, with a charity’s reporting obligations dependent on its size.

The commission has published details of an enforceable undertaking by Hillsong College. What the college must do is detailed on the ACNC register. The ACNC is considering using compliance agreements for other Hillsong Church charities. Such an agreement is a voluntary action plan that supports improvements to a charity’s governance and compliance.

Protecting the vulnerable

The ACNC has released findings of a review into how charities protect vulnerable people from harm. Managing safeguarding risk found that:

Strong safeguarding requires charities to take the time to establish appropriate processes, systems, and procedures
Smaller charities might benefit from working with larger, more experienced charities and peak bodies
Safeguarding was often reflected in a charity’s culture but not always documented in formal policies and procedures, resulting in inconsistency in addressing risks, and
Most charities were aware of legal obligations, however, these were rarely recorded in a single place, such as a register. This made it difficult to keep on top of changes to relevant legislation.

ACNC commissioner Sue Woodward said the charity sector clearly understood the importance of managing harm risks. The commission’s review highlighted how critical it was for charities to protect against dangers such as exploitation, violence, and abuse.

‘Safeguarding is an important focus area for the ACNC. Ineffective safeguards can result in an increased risk of harm to vulnerable people including children, seniors, and people with impaired intellectual or physical functioning’, Ms Woodward said.

To help charities meet their obligations, the ACNC has a checklist, policy template, and guidance. See the Governance Toolkit: Safeguarding vulnerable people home page.

Updated guidance on managing data and privacy

The ACNC has updated guidance on managing personal information and data, helping charities better understand their obligations under privacy law. The Office of the Australian Information Commissioner, the privacy and FOI regulator, has collaborated with the ACNC in response to the evolving digital landscape and increasing need for organisations to address cyber-security risks and data-privacy concerns.

The updated guidance provides clear steps for charities to safeguard personal data, ensuring that they comply with legal obligations and adhere to best practice. Key areas covered include data collection, secure storage and handling of personal information, and the importance of transparency in how charities manage individuals’ data to build trust with donors, beneficiaries and volunteers.

The ACNC’s guidance aligns with an OAIC counterpart Privacy for Not-for-profits including charities, which outlines specific guidance on consent management, data-breach response, and ensuring that the information of volunteers and beneficiaries is handled with care. See the ACNC home page Managing people’s information and data.

Charity concerns rise

More than 2300 concerns about charities were reported in 2023-24, a 10 per cent rise on the previous financial year. More than 1000 (45 per cent) of the 2309 came from the public. Of these, 26 per cent related to private benefit (using charity money for personal gain) and 21 per cent were about funds mismanagement.

The ACNC investigated 59, revoking the charity status of nine organisations due to compliance inaction, and referred 36 charities to other government agencies. There were several joint investigations with federal and state agencies.

Risk-based triage assessed concerns. Regulatory actions included developing compliance agreements (such as action plans to improve management practices) and providing education (such as advice to improve record keeping).

The ACNC has announced a compliance and enforcement focus for 2024–25. Priorities include protecting vulnerable people, preventing misuse of charities for terrorism purposes, stopping financial mismanagement, fraud, and private benefit, and preventing charities from carrying out activities that put them at risk of a disqualifying purpose.

The ACNC will also investigate the emerging risk of misusing complex structures to conceal fraud and non-compliance.

‘Like other Australian-based regulators and international colleagues, we are concerned about the use of complex structures to either hide what charitable funds are being used for, or to conceal significant private benefit or other serious non-compliance’, Ms Woodward said.

ACNC finds material errors

The ACNC has helped 71 charities fix material errors in their financial reports following its 2023-24 review.

The commission reviews annually at least 250 reports and annual information statements.

The reviews identified errors in reporting how much key management personnel were paid.

Compliance reviewed

The ACNC has conducted 52 reviews to check charities’ general level of compliance with the ACNC Act and address identified risks.

Twenty-six of the reviews were about cyber-security compliance, and 12 charities were advised on areas where they could improve cyber-security. Of 24 charities whose reviews focused on safeguarding, nine got advice on the matter.

The commission has revoked the charity status of nine organisations. On average, they had been operating for 11 years, the youngest for four years, the oldest for 23. Of eight self-audits six resulted in regulatory advice.

DGR charities reviewed

The ACNC has conducted 492 reviews of charities with deductible-gift-recipient endorsement to check that they were still eligible to be registered. The checks met a target of reviewing 2 per cent of DGR endorsed charities.
No detailed review was required of 137 charities, which kept their DGR status. Support was provided to help them to update the charity register.

For 253, a detailed review was needed.

No further action was required of the remaining 102.

Adhering to ACNC’s governance standards

The ACNC’s governance standards is a set of core principles dealing with how a charity should be run. Charities must meet the standards to be registered and remain registered. The principles do not apply to basic religious charities.

They require charities to remain charitable, operate lawfully, and be run in an accountable and responsible way, which helps to maintain public trust.

The principles are high-level. Charities must determine what they need to do to comply with them.

An ACNC self-evaluation tool aims to help charities assess if they are meeting their obligations. It also helps to identify issues that might prevent them from doing so.

It poses questions and prompts charities to describe both the practical steps they are taking to meet their obligations and to list relevant policies or procedures.

A charity that conducts activities overseas – including sending funds overseas from Australia – must comply with both externalconduct and governance standards.

Four external-conduct standards cover aspects of a charity’s overseas operations.

An ACNC self-evaluation tool for charities operating overseas aims to help charities assess if they are meeting their obligations and identify issues that might prevent their doing so.

The tool poses questions and prompts charities to describe the practical steps they are taking to meet their obligations.

NDIS

Crackdown on unfair participant pricing

A National Disability and Insurance Scheme taskforce has received almost 3000 complaints about unfair pricing for its participants.

The taskforce is a joint collaboration by the National Disability Insurance Agency, the NDIS Quality and Safeguards Commission, and the Australian Consumer and Competition Commission.

Since its establishment in December 2023, the taskforce has received and sorted more than 2800 reports, most of them (2456) about pricing.

The NDIS commission has referred 34 consumer-related matters to the ACCC for further action
The NDIA has referred more than 140 businesses to the ACCC concerning potential misconduct under consumer law, and
The ACCC is investigating many NDIS providers for contraventions of consumer law and soon expects to take enforcement action.

The NDIS commission has resolved more than 85 per cent of pricing related matters, sending out warning letters and educating providers about their obligations under the NDIS conduct code.

Assistant Minister for Competition, Charities and Treasury Andrew Leigh said issues identified by the taskforce included false or misleading advertising of NDIS goods and services, providers not adhering to consumer-guarantee laws, unfair contract terms, and providers wrongly accepting payment or charging for goods or services not supplied.

‘The ACCC has put businesses on notice that it is focusing on problematic advertising practices which target NDIS participants’, Dr Leigh said.

‘Everyone working within the scheme needs to be aware of their responsibilities under the code of conduct as well as under Australian consumer law.’

Misleading advertising targeted

The ACCC is focusing on advertising that targets NDIS participants.

The ACCC has been working with the National Disability Insurance Agency and NDIS Quality and Safeguards Commission to identify advertising that might breach consumer law.

‘Businesses must not make false representations regarding access to the NDIS, and consumers must be able to rely on statements being made by NDIS providers as being true and accurate’, ACCC deputy chair Catriona Lowe said.

Changes to the NDIS that clarify support that NDIS participants can and cannot spend NDIS funding on came into effect on 3 October. The goods and services that can and cannot be claimed can be found on the NDIS website.

‘The ACCC is concerned that many businesses continue to advertise goods or services that appear on the list of ineligible supports in a way that suggests NDIS funding can be used to purchase them’, Ms Lowe said.

‘We are also concerned that many NDIS providers are claiming that certain products or services are “NDIS approved”, “NDIS funded” or otherwise NDIS-endorsed when this is not the case.

‘The ACCC is actively investigating [many] NDIS providers for contraventions of the Australian consumer law and anticipates taking public enforcement action in the near future.

‘All businesses supplying goods and services to NDIS participants should urgently review their advertising and ensure they are acting in compliance with the Australian Consumer Law.’

Ausnew misled on prices, says ACCC

Ausnew misled on prices, says ACCC.

The ACCC has begun Federal Court action against registered NDIS provider Ausnew Home Care Service Pty Ltd for alleged false or misleading representations about selling aged-care and disability products.

The company operates an online shop selling specialised equipment for the aged and disabled. The ACCC alleges that Ausnew made false or misleading representations to consumers about product prices, sales durations, and the savings consumers could achieve during sales.

Ausnew also allegedly made false or misleading statements that certain products were ‘NDIS approved’, and about consumers’ guarantee rights under consumer law.

‘We have taken this legal action against NDIS provider Ausnew because we were concerned it was making misleading claims to consumers, many of whom were elderly or with a disability requiring support’, ACCC commissioner Liza Carver said.

‘This action has resulted from our program of investigations into [many] NDIS providers for potential breaches of the Australia Consumer Law.’

The ACCC is seeking declarations, injunctions, penalties, costs, and other orders for Ausnew’s alleged contraventions.

Support lists boost clarity for NDIS participants and providers

Minister Shorten has released lists of what NDIS participants can and cannot spend their funding on. The lists will provide much needed clarity and certainty to participants and providers.

They came into effect on 3 October, making it easier for participants to identify what is appropriately funded by the NDIS and what NDIS funding can be used to purchase.

There is also a substitution list that will allow participants to request a replacement support in cases where a standard household item might be able to provide better outcomes and value. The lists are among amendments to Getting the NDIS Back on Track Bill No. 1, which passed parliament in August.

There will be a year-long transition period to ensure that participants aren’t penalised for simple mistakes. The Department of Social Services and the NDIA have worked extensively with the community to obtain feedback. Changes have included:

The support categories are in language and terms which reflect supports included in plans, pricing arrangements, and how
they are claimed
A single list of support items and another of unsupported items
A replacement process to access household items and assistive technology that might better meet participants’ needs
Menstrual products
Participants may use their own funds to get the most cost-effective supports
Internal and external building modifications to remedy damage arising exclusively from disability-related behaviours or use of NDIS-funded assistive technology are included in the list
Driver training with a specialised instructor
Clarification of hair and nail care, and
Cultural activities support for First Nations participants.

Aged care

New Aged Care Act toughens regulations

Starting from 1 July, a new Aged Care Act will deliver a tougher regulatory model, strengthened quality standards and a statement of rights to ensure that older people and their needs are paramount.

The new act follows significant reforms, including 24/7 nursing, star ratings, an $11.3 billion dollar investment in worker pay rises, capped management fees, and improved transparency of the finances and operations of providers.

New funding measures are intended to put the sector on a more sustainable footing while creating a fairer system that encourages and rewards quality and innovation.

Further information on the new act is available at: https://www.health.gov.au/our-work/aged-care-act.

The material contained in this publication is for general information purposes only and does not constitute professional advice or recommendation from Nexia Edwards Marshall NT. Specific professional advice which takes into account your particular situation or circumstance should be obtained by contacting your Nexia Edwards Marshall NT Advisor.