Introduction to the strategy
The ATO Superannuation information technology services incident communication strategy has been developed to complement the ATO business continuity plan (BCP) and provides further detail of how the ATO will respond in the event that ATO superannuation services are not performing as expected.
The ATO provides critical enabling services that the superannuation industry utilises as part of their everyday operations. As these services are critical in nature, it's essential that there be an agreed approach on how the ATO will communicate with the superannuation industry in instances when these systems are not operating as expected.
This information provides the framework to achieving a consistent and timely approach to communication with the superannuation industry. It also defines the roles, responsibilities and steps the ATO will follow in order to provide prompt and effective communication with the superannuation industry during a system incident. The outcome is a pragmatic process which the industry participants can confidently rely upon in managing their services and relationships.
Background of the strategy
During late 2016 and 2017, the ATO experienced system failures each lasting several days at a time. This resulted in superannuation stakeholders being unable to process member requests and make payments in a timely manner. This compromised their ability to meet their legal and client service obligations.
A joint communication plan to provide timely and informative messages during an outage was developed to deal with these events if they occur in the future.
Scope of the strategy
This communication strategy covers incidents affecting the operation of ATO superannuation enabling services from when an incident is confirmed through to resolution.
Currently, the scope of this communication strategy is limited to services that are critical to the operation of superannuation funds. Services that are critical include:
- SuperTICK
- Fund Validation Service (FVS)
- SuperMatch
- Member Account Attribute Service (MAAS)
- Member Account Transaction Service (MATS)
- Small Business Superannuation Clearing House (SBSCH). Note: this service will be closed from 1 July 2026
- SMSF Verification Service (SVS)
- SMSFMemberTICK.
The strategy will complement the ATO’s business continuity plan, and the information provided can be utilised by the industry as part of their BCPs. This is not designed to replace existing arrangements or requirements by APRA.
Where there are incidents that affect other superannuation services, such as remittance advice and recovery runs and the Departing Australia superannuation payment (DASP) online system, the ATO will continue to issue CRT Alerts. To receive CRT alerts and Super funds newsletter subscribe to ATO newsletters and alertsExternal Link.
Other online services, such as Online Services for Business and Online Services for Agents will advertise system and performance issues via their own dashboards or maintenance pages.
Planned outages are currently communicated through the Superannuation DashboardExternal Link and won’t be dealt with in this strategy.
Note: For printing purposes, the web address of the Superannuation Dashboard is https://sses.status.ato.gov.au/External Link
ATO business continuity plan
The ATO BCP has been updated since the Report and provides an overarching strategy for the ATO in supporting the different community sectors, including the superannuation industry. It provides the organisational roles and directions on assessing the risk and approach treatments.
It recognises there will be consistent approaches to communication and messaging across community sectors during a system incident. It also recognises that sector and service impacts differ and tailored communications are most effective.
|
Group responsible |
Role |
|---|---|
|
Superannuation Response Group – made up of ATO staff and a cross section of the superannuation industry |
The Superannuation Response Group’s purpose is to determine and advise the ATO Superannuation Systems Co-ordinator on the following (more detail below the table):
The Superannuation Response group will be made up of:
|
|
ATO Superannuation Fund Services & Engagement Senior Executive |
|
|
ATO Digital Partnership Office – DPO |
|
|
ATO Super Systems Support |
|
|
APRA |
|
|
Industry stakeholders |
|
The Superannuation Response Group’s purpose
The Superannuation Response Group's purpose is to determine and put into effect the following arrangements.
How to best contain the impacts on the industry
The Superannuation Response Group will:
- assess potential impact of the incident on Industry
- determine any practical steps to minimise disruption
- discuss available service options for the industry to consider.
Identify options to maintain operations where possible
The Response Group will recommend alternative arrangements and short-term workarounds to be put into place (if any).
The resumption process
The Response Group will provide advice to the ATO Superannuation Systems Co-ordinator on the impact and consequence of different options to resume services.
Key communications messages and key stakeholders
The Response Group will:
- provide advice on communications to key stakeholders
- provide advice on key messages on the incident, taking into consideration impacts to integrity and confidence
- determine stakeholders to receive communications, including consideration of communications to regulators, clients and other potentially impacted parties.
Incident phases
The phases of the BCP process are:
The ATO will maintain a contact register of email addresses, business hours and weekend contact details for Superannuation Industry Response Group members. The ATO will confirm with Response Group members that contact details are current and up to date in June and December of each year.
Response group members should update the ATO where there are changes to membership or contact details.
This information highlights how the ATO will communicate through the incident phases.
1. Incident notification
The ATO becomes aware of incidents in a number of different ways including internal systems monitoring or reports from the superannuation industry or through digital service providers. Superannuation industry representatives are reminded to raise incidents through the Digital Partnership Office (DPO).
The ATO will communicate confirmed superannuation industry wide incidents through the Superannuation DashboardExternal Link.
Impacted stakeholders will take appropriate actions per their own incident guidelines based upon their impact and experience.
2. Incident management
The timing of response communication activities would be dependent upon the timing of the outage event. For the purpose of this section core hours are defined as 7am to 9pm AEDT which covers major processing centre hours across the industry. For incidents that are initiated in non-core hours, a communication message via the Dashboard will be provided by 7am.
The following guidelines set a minimum expectation for communication. The SuperStream Delivery Senior Executive may call a Superannuation Response Group meeting more urgently should there be a need.
During core business hours there are response timeframes.
Short-term unplanned outage (up to 4 hours)
An announcement is published to the Superannuation DashboardExternal Link indicating we are aware of the outage and investigating (holding message).
A further announcement is published as more details are known if required.
If the outage is not resolved by 9pm AEDT, a holding message will be placed on the dashboard, with a further update provided at 7am AEDT.
When the services resume communications this will be advised through the Superannuation Dashboard.
An announcement is added to the Online Services for DSPs landing page.
Medium-term unplanned outage (4 hours to 24 hours)
Publish announcement to the Superannuation DashboardExternal Link at least every 4 hours as additional information is available about the incident. Dashboard subscribers will get an email notification prompting them to visit the dashboard to read each new announcement.
if the outage isn't resolved by 9pm AEDT, a holding message will be placed on the dashboard, with a further update provided at 7am AEDT.
The ATO SuperStream Delivery Senior Executive will notify APRA of the outage.
When services resume publish an announcement to the Superannuation DashboardExternal Link.
DPO Relationship Managers to contact Super Gateways or GNGB directly to keep them informed throughout.
Long-term unexpected outage (over 24 hours)
Teleconferences for the Superannuation response group are convened as soon as it is known that the outage is expected to continue for more than 24 hours or the outage has continued for 24 hours. Future teleconferences will be scheduled as decided by the ATO SuperStream Delivery Senior Executive in consultation with the Superannuation Response Group.
The Superannuation DashboardExternal Link will be updated as new information comes to hand. Notifications on the dashboard will include a time when the next update will be provided. Dashboard subscribers will receive an email alert each time we publish a new announcement prompting them to visit the dashboard to check the latest announcement.
An announcement is updated regularly on Online Services for DSPs landing page.
DPO Relationship Managers remain in contact with Super Gateways directly.
Unplanned weekend outage – over 24 hours
SMS will be issued to out-of-hours contact details for the Superannuation Response Group.
The Superannuation DashboardExternal Link will be updated as new information comes to hand. Notifications on the dashboard will include a time when the next update will be provided. Dashboard subscribers will receive an email alert each time we publish a new announcement prompting them to visit the dashboard to check the latest announcement.
An announcement is updated regularly on Online Services for DSPs landing page.
DPO Relationship Managers remain in contact with Super Gateways or GNGB directly.
When services resume a Superannuation DashboardExternal Link announcement will be published. The Superannuation Response Group may also meet again to review the incident if deemed necessary by the ATO SuperStream Delivery Senior Executive in consultation with the Superannuation Response Group.
For incidents that are initiated in non-core hours, a communication message via the Dashboard will be provided at 7am.
3. Resumption of services
The plan for the resumption of services will be determined on a case-by-case basis and the plan for the resumption of services will be communicated through the Superannuation Dashboard for each incident.
Resumption messages will contain clear directions on the process for the industry to resume usage of the services. In developing the process for the resumption of services, the ATO will minimise the impact on the industry and consider the following factors:
- the appropriate priority of services for resumption
- resumption approach (gradual whitelisting required or not)
- throttling backlogs where necessary and possible.
The priority of the services is outlined in Appendix 1.
4. Finalisation and review
The ATO will update the superannuation industry of any material learnings from post implementation reviews.
Industry impacts and assessment
The stakeholders that are potentially affected and the action they must take are as follows:
- super funds – report to government and manage contributions and rollovers and make payments
- administrators and gateway operators – provide administration and data routing services for superfund and employer clients
- regulators (APRA/ATO/ASIC) – provide oversight of funds, employers and intermediaries in meeting their responsibilities
- members – use ATO and fund services to make informed investment decisions
- employers and clearing houses/bureaus – send contributions to funds.
Services covered under this communication strategy
SuperTICK
SuperTICK is used by trustees in a number of different circumstances outlined below:
- Trustees are required to verify member information when opening a new superannuation account within three days of receiving the member information. This is required under Superannuation Industry (Supervision) Regulations (1994) regulation 7.07BExternal Link.
- Trustees are required to verify member information using an ATO enabling service prior to transferring a member’s superannuation account. This is required under Superannuation Industry (Supervision) Regulations (1994) regulation 6.33DExternal Link.
Guidance for trustees on legislative obligations
APRA provided guidance for the superannuation industry for periods of ATO outages:
How should Registrable Superannuation Entities (RSE) licensees address the interaction between the 3 day rollover rule and processing delays, such as the end of the fund's reporting year?
Whilst RSE licensees must comply with RSE licensing law at all times, APRA's view is that the prospect of action against an RSE licensee due to failure to meet the 3 day rule during exceptional circumstances (administration peak periods or material ATO superannuation service disruptions) would be remote where the RSE licensee could demonstrate that despite taking every reasonable action non-compliance was unavoidable.
Fund Validation Service (FVS)
The Fund Validation Service contains critical information relating to each superannuation fund, including bank accounts for rollovers and contributions. Prior to processing transactions, the Fund Validation Service is generally checked to ensure the correct information for the fund is being used.
SuperMatch
The SuperMatch service is used by approved funds to get a complete listing of their member’s accounts when they have their member’s consent. It is an optional service and can only be used by funds who have completed an application process with the ATO.
Member Account Attribute Service
This service requires all super providers to report all member account details and updates to these member accounts within 5 business days, effective from 1 April 2018 using the MAAS service. Also known as event-based reporting.
Member Account Transaction Service
This service requires all super providers to report all member account contributions and transactions within ten business days, effective from 1 July 2018 using the MATS service. Funds are required to report member contributions or transactions more frequently and at a transactional level.
Small Business Superannuation Clearing House
A free online super payments service administered by the ATO that can be used by employers with 19 or fewer employees or have an annual aggregated turnover of $10 million or less, to pay super contributions in one transaction to a single location.
This service will be closed from 1 July 2026.
SMSF verification service (SVS)
APRA-regulated funds and self-managed super funds (SMSF) that receive a request to rollover their member’s super balance to an SMSF must use the SMSF verification service (SVS) to verify SMSF details before making the rollover.
Regulation 6.33E of the Superannuation Industry (Supervision) Regulations 1994 (SISR) requires funds to use an electronic service upheld by the ATO, in this instance the SVS, to verify certain information about an SMSF before making a rollover to an SMSF.
SMSF MemberTICK
The SMSF memberTICK Service is used by Self-Managed Super Funds (SMSFs) to validate the tax file number (TFN) of an SMSF member prior to a rollover.
Regulation 6.33D of the Superannuation Industry (Supervision) Regulations 1994 (SISR) requires SMSFs to use an electronic service by the ATO to confirm the TFN of the member before making a rollover to an APRA fund or another SMSF
Appendix 1 – ATO superannuation enabling service priorities
The priority of the services has been determined by assessing the services against the following:
- ATO service required to be used by super funds to conduct superannuation transactions
- ATO service required to receive superannuation transactions from super funds
- ATO service required to send ATO superannuation transactions (including Small Business Superannuation Clearing House)
- ATO service required to receive super fund to ATO reporting
- ATO service used for member engagement activities.
The services that support superannuation transactions have been prioritised over services that are used for reporting to government purposes and discretionary member information services.
The priorities for ATO superannuation enabling services are as follows:
- SuperTICK
- SVS
- Fund Validation Service
- SMSFMemberTICK
- SuperMatch
- SBSCH
- MAAS and MATS.