SMSF Audit Guide

The SMSF audit has two distinct components, and both must be completed:

1. Financial audit: A review of the fund's financial statements - the balance sheet, income statement, and member statements. The auditor checks that the financial statements accurately represent the fund's financial position and comply with applicable accounting standards.

2. Compliance audit: A review of whether the fund has complied with the SIS Act, SIS Regulations, and other superannuation law during the financial year. This is the component that identifies operational breaches - things like the sole purpose test, the in-house asset rule, related party transactions, pension payment minimums, and investment strategy documentation.

A fund that completes only one component is not compliant.

Since 1 July 2013, SMSF auditors must be registered with ASIC. Registration requires:

• Holding a relevant accounting qualification
• Meeting minimum competency requirements, including SMSF-specific training
• Holding professional indemnity insurance
• Passing ASIC's fit and proper assessment

Trustees can verify whether an auditor is registered by searching the ASIC professional registers at asic.gov.au.

The auditor must be independent of the fund and its trustees. This is a legal requirement. The independence rules mean:

• The auditor cannot be a member of the fund
• The auditor cannot be a trustee or director of the corporate trustee
• The auditor cannot be a relative of a fund member or trustee
• The auditor cannot be an employer or employee of the trustees in the same business
• There must be no financial or other relationship that could compromise independence

In practice, the fund's own accountant can prepare the financial statements and tax return, but a separate, independent registered auditor must conduct the audit. Many accounting firms use genuinely separate divisions or refer to external auditors for this purpose.

There is no legal requirement to rotate SMSF auditors annually. Many funds use the same registered auditor year after year, which has practical advantages - the auditor builds familiarity with the fund's history, recurring transactions, and any prior findings.

However, if any change in circumstances affects independence (such as the auditor becoming a business partner of a trustee), the fund must appoint a different auditor immediately.

The financial audit checks:

• Opening balances match the prior year's closing balances and audited statements
• All transactions during the year are recorded accurately
• Assets are valued at market value at year end
• Member balances are correctly calculated
• Income, expenses, and tax provisions are correctly reported
• Financial statements comply with the AASB accounting standards applicable to SMSFs

The auditor checks that the fund's investments comply with the SIS Act:

• Sole purpose test: Are all investments consistent with providing retirement benefits? Is there any evidence of personal benefit to trustees or related parties?
• In-house asset rule: Do in-house assets exceed 5% of total fund assets?
• Arm's length rule: Were all transactions conducted at market rates?
• Related party transactions: Were any assets acquired from or disposed of to related parties, and if so, were they permitted?
• Investment strategy: Is there a current written investment strategy? Does the fund's actual asset allocation reflect the strategy? Has it been reviewed during the year?

• Were all contributions received validly - for example, age and work test conditions met for personal contributions?
• Were contribution amounts within the applicable caps?
• Were benefits paid in accordance with a valid condition of release?
• Were pension payments made at or above the minimum drawdown amount by 30 June?
• Were any lump sums paid correctly from preserved or restricted non-preserved amounts?

• Is the trust deed current and appropriate for the fund's activities?
• Have all trustees signed the trustee declaration (NAT 71089)?
• Are trustee records maintained - minutes, resolutions, and investment strategy?
• Is the fund correctly registered with the ATO?
• Are TFNs held for all members?
• Has the fund lodged prior year returns? (Auditors check for outstanding returns.)
• Were any reportable TBAR events lodged correctly and on time?

Different asset types attract different audit procedures:

• All assets: Must be held in the correct trustee name (or corporate trustee name). Mis-titling is a frequent administrative finding.
• Listed shares and managed funds: Verified against brokerage statements, share registry records, and end-of-year valuations from market data.
• Real property: Verified against title documents, council rates, lease agreements (where applicable), and independent valuations where required.
• Bank accounts and term deposits: Verified against bank statements reconciled to fund records.
• LRBAs: Verified for correct holding trust structure, loan documentation, and PCG 2016/5 compliance for related party loans.
• Unlisted investments: May require additional evidence of valuation and legitimacy.
• Crypto assets: Verified against exchange records, wallet addresses, and year-end valuations. The auditor will check that custody arrangements are consistent with the sole purpose test and that assets are held by the fund - not in a member's personal wallet.

Financial records:

• Bank account statements for all fund accounts (full year)
• Term deposit certificates and interest statements
• Brokerage statements and contract notes for all share transactions
• Year-end portfolio valuations from broker, share registry, or market data
• Dividend and distribution statements
• Rental income records and property management statements where applicable

Governance and compliance records:

• Copy of the current trust deed with all deeds of variation
• Trustee minutes and resolutions for the year
• Current written investment strategy
• Evidence of annual investment strategy review (trustee resolution)
• Signed trustee declarations for all trustees (NAT 71089)
• Member contribution records and contribution caps tracking
• Pension documentation: commencement documents, minimum drawdown calculations, payment records
• Binding death benefit nominations where applicable
• LRBA loan agreements and repayment records where applicable

Auditors frequently encounter:

• Trustee minutes and resolutions that have not been completed for the year
• Investment strategy that predates significant changes to the fund's asset mix with no evidence of review
• Trustee declarations not signed by newer trustees
• Contribution records that do not allow the auditor to verify cap compliance

Audit findings fall into a spectrum:

• Minor deficiencies: Administrative issues that do not represent a breach of superannuation law - for example, a minor formatting issue in the minutes or a document that was prepared but not formally signed. Typically resolved without reporting to the ATO.
• Qualified audit opinion: A material issue with the financial statements or a compliance matter the auditor cannot resolve. This appears in the audit report and is disclosed in the annual return.
• Reportable contraventions: Certain breaches must be reported to the ATO by the auditor via an Auditor Contravention Report (ACR), specified under s130 of the SIS Act and ATO reporting criteria - regardless of whether the breach has been rectified.

When an auditor identifies a reportable contravention, they have an independent legal obligation to lodge an ACR with the ATO within 28 days of completing the audit. They cannot skip or delay this obligation because the trustee has already self-reported or rectified the breach.

Reportable contraventions include:

• Loans to members or related parties (s65)
• Acquisition of assets from related parties (s66)
• In-house asset limit exceeded (s84)
• Benefits paid without a condition of release being met
• Failure to maintain an investment strategy
• Other breaches specified under s130 SIS Act and ATO reporting criteria

An ACR triggers an ATO review of the fund.

Where the auditor identifies a potential breach during the audit process:

1. The auditor will typically contact the trustee or their accountant to discuss the issue
2. In many cases, documentation can be provided or a minor issue rectified before the audit opinion is finalised
3. Where a substantive breach has occurred, early engagement with the auditor about steps taken to rectify it is important - auditors take remediation into account
4. If the breach is reportable, consider engaging an SMSF specialist before the ACR is lodged

The ATO's response depends on the nature and severity of the breach. Possible responses include:

• An educational letter explaining the rule that was breached
• A rectification direction requiring specific steps within a set timeframe
• An education direction requiring trustees to complete an approved course
• Administrative penalties (per breach, per trustee for individual structures, or to the company for corporate trustee structures)
• A compliance review of the fund
• In the most serious cases, a notice of non-compliance - making the fund a non-complying fund, taxed at 45% on its taxable income

The ATO has a published compliance approach that signals it aims to work with trustees to rectify issues, particularly for first-time or inadvertent breaches.

The auditor issues their report to the trustees (or their accountant). The full audit report is retained by the fund - it is not lodged directly by the auditor with the ATO. Key information from the report (including the auditor's SAN and any qualified opinions) is included in the annual return when lodged by the trustee or their tax agent.

If a reportable contravention exists, the auditor lodges an ACR directly with the ATO as a separate, independent obligation - this occurs regardless of the annual return lodgement process.