New Data Breach Laws

If the recent "Cabinet Files" of secret, government documents being sold through a second hand store have taught us anything, it's that sensitive documents can be sold both cheaply and easily, even when no there are no nefarious motives involved. New data breach rules in effect from 22 February 2018 place an increased onus on business to both protect and notify individuals whose personal information is involved in a data breach that is likely to result in serious harm.

Regardless of how good your existing systems are, data breaches are a reality either through human error, mischief, or simply because those looking for ways to disrupt are often a step ahead. But it's not all about IT, there have been numerous cases of hard copy records being disposed of inappropriately, employees allowing viruses to penetrate servers after opening the wrong email, and sensitive data on USBs lost on the way home.

Who is covered by the data breach scheme?

The Notifiable Data Breach (NDB) Scheme affects organisations covered by the Privacy Act (those with an annual turnover of $3M or more). However, if your business is 'related to' a business covered by the Privacy Act, deals with health records (eg: gyms, child care, natural health providers, etc.), or a credit provider etc., then your business is also affected (see the full list).  Special responsibilities also exist for the handling of tax file numbers, credit information and details contained on the Personal Property Securities Register.

What you need to do

It's important to keep in mind that complying with these new laws means more than notifying your database when something goes wrong. Organisations are required to take all reasonable steps to prevent a breach occurring in the first place, put in place the systems and procedures to identify and assess a breach, and issue a notification if a breach is likely to cause 'serious harm'.

Taking all reasonable steps – assessing risk

The Privacy Act already requires organisations to take all reasonable steps to protect personal information. The new data breach laws merely add an additional layer to assess breaches and notify where the breach poses a threat. For example, if you have not already, you should assess issues such as:

·         How personal information flows into and out of your business. For example:

o    What information do you gather (including IP data from websites)

o    What information do you provide (eg: do you provide information on your clients to third parties?)

o    Where private information is stored – map out what systems you use, where these systems store data (if cloud based, your data may be held in a foreign country), what level of security is provided within those systems, and what level of access each team member has (and what they should have access to for their role)

·        How private information is handled by your business across its lifecycle and who has access at each stage (not just who is accessing the information for their work but who 'could' access this information)

·          Possible impacts on an individuals' privacy (risk assessment)

·       The policies and procedures in place to manage private information, including risk management and mitigation, whether these are adhered to, and actively managed

·      The policy review process - review policies and procedures at least annually but again with the introduction of new systems and technology. Remember, you can't just have a policy sitting somewhere, it needs to be actively reinforced and adopted by team members

·          Instate new project protocols for ensuring privacy where personal information is at risk

·       Document everything including your reviews and procedural updates even if nothing changed. If there is ever an issue where your business's culpability is assessed, your capacity to prove that you took all reasonable steps will be important.

Not only in Australia. Does your Business have International Connections?

These days, many businesses also operate overseas or have overseas customers and you need to be aware of the data breach requirements in other countries too.  Most US states have compulsory data breach requirements. Likewise the European Union, with the EU's General Data Protection Regulation (GDPR) coming into effect from 25 May 2018. If you operate through a local distributor in the European Union or have direct supply into those countries then it's likely your business will be caught by the Regulation.

Make sure you have a Plan! 

These days, many businesses also operate overseas or have overseas customers and you need to be aware of the data breach requirements in other countries too.  Most US states have compulsory data breach requirements. Likewise the European Union, with the EU's General Data Protection Regulation (GDPR) coming into effect from 25 May 2018. If you operate through a local distributor in the European Union or have direct supply into those countries then it's likely your business will be caught by the Regulation.\

When it comes to data breaches, all organisations must have a data breach response plan. The data breach plan covers the:

·       Actions to be taken if a breach is suspected, discovered or reported by a staff member, including when it is to be escalated to the response team

·         Members of your data breach response team (response team), and

·         Actions the response team is expected to take.

 The Office of the Australian Information Commissioner provides a sample breach response plan.

Identifying a Serious Breach

So, what is a serious breach? A breach has occurred when there is unauthorised access to or disclosure of personal information or a loss of personal information that your business holds. Whether a breach is serious is subjective but may include serious physical, psychological, emotional, financial, or reputational harm. If a breach occurs, you need to think through how that information could be used for identity theft, financial loss, threats to physical safety (for example someone's home address), job loss, humiliation or reputational damage, or workplace bullying or marginalisation.

If you suspect a breach has occurred, your business is obliged to take "reasonable" and "expeditious" action regardless of whether you think it is serious or not (you have a maximum of 30 days, but in general the first 24 hours is often the most crucial). Ignorance is not a defence. A lack of systems to identify system breaches fails the Privacy Act's requirement to take all reasonable steps to protect personal information. As soon as a breach is identified anywhere in the business, whether it is IT based or physical, steps need to be taken - even if it is simply noting that no further action is required.

If you suspect a data breach has occurred that may meet the threshold of 'likely to result in serious harm', you must conduct an assessment. Sounds simple right? But the problem for business is often that there are initially no definitive answers about the extent of a breach or its seriousness for the assessment to take place. Take the example of a retail business with an online store. Your IT department tells you that your customer database has been hacked, but can't tell you what information may have been impacted or to what degree. You don't want to alarm your customers unnecessarily but you do need to contain the damage and assess the situation quickly, not just because of the NDB scheme, but because your business's reputation is on the line. 

Notifying a Breach

If a breach is assessed to potentially result in serious harm, you are obliged to advise affected individuals and the Australian Information Commissioner. You have the option to:

·         Notify all individuals whose personal information is involved in the eligible data breach

·         Notify only the individuals who are at likely risk of serious harm; or

·        Publish your notification, and publicise it with the aim of bringing it to the attention of all individuals at likely risk of serious harm.

You advise the Australian Information Commissioner of a serious potential breach using the Notifiable Data Breach statement - Form.

Ignorance is not a Defence. So be Informed, be Empowered and be Ready!

Changes to Company Tax & Franking Rates

As you are probably aware, company tax rates from 2017 financial year (FY) onwards have changed and there are implications for franking rates as a result. To ensure that you consider these changes and the effect that they may have on your business, we thought that we would bring you further clarification.

In the 2017 FY, the lower company tax rate of 27.5% applied if the Small Business Entity (SBE) was carrying on a business, and the aggregated turnover of the SBE was less than $10M in the 2016 or 2017 financial years. There was also no need to analyse passive versus active income, with passive income relating to income streams such as royalties, interest, rent and dividends, capital gains and trust or partnership income.

The franking percentage in 2017 FY was also limited to 27.5% if the above criteria applied. However, if the company wasn't carrying on a business in the 2017 FY, or the aggregated turnover was $10M or more in the 2016 FY, the franking rate was limited to the higher rate of 30%.

Assuming legislation is passed, the 2018 FY will see some changes to the previous criteria. Under the new rules, a company will not be able to access the lower company tax rate of 27.5% unless its aggregated turnover is less than $25M and no more than 80% of the company's assessable income is from passive income streams. This effectively replaces the 'carrying on a business test' with a passive income test.

The Bill also makes changes to the maximum franking percentage rules for 2018. The franking rate will again be limited to 27.5%, but only if the aggregated turnover was less than $25M in the 2017 FY and 80% or less of turnover was passive. Subsequently, the franking rate will be limited to 30% if the aggregated turnover was $25M or more in the 2017 FY or more than 80% of turnover in the 2017 FY was passive. Additionally, if a company didn't exist in the 2017 FY, the franking rate will be capped at 27.5% in the 2018 FY.

As always, we are only a phone call away on 02 4861 8383, and are more than happy to help you maximise your potential, and that of your business.

Wages Declaration & Workers Compensation

In Australia, Workers' Compensation is a necessary cost of employing staff, whether full-time, part-time or casual.  Although the schemes in different states can vary slightly, many of the fundamentals remain the same.  One such fundamental, is the declaration of wages that is required in order to gain an appropriate workers' compensation insurance policy for your business.

You may be forgiven for thinking that wages is a cost that is easily determined by looking at your payroll figures. However, wages as outlined by the various states' workers' compensation acts is so much more than simply wages.  In fact, remuneration is probably a better term and besides salary and wages, might incorporate other benefits and entitlements that are made to workers. These may include shift and other allowances, overtime, bonuses, commissions, grossed up fringe benefits, compulsory superannuation guarantee contributions, salary sacrificed superannuation, long service leave payments, termination payments, the value of cash substitutes, payments to working directors and trust distributions to workers in lieu of wages, to name a few. Essentially, any benefit paid (whether cash or non-cash), to or in relation to a worker, is generally to be considered.

Trust distributions to workers in lieu of wages, are one such benefit that is often over looked.   Generally, if a trust distribution occurs as remuneration for work done, and is given wholly or partly, as a substitute for wages, then it is to be included in the overall wages declaration for workers' compensation purposes. However, this does vary from state to state. In some states, remuneration is legislated by law, while in others individual insurers outline their inclusions. Therefore, it is vital that you know where you stand in your particular state, and ensure that you include all relevant workers' payments when making your wages declaration.

It's also important to note that in some states and territories you are not required to have Workers' Compensation Insurance if your total "wages" are below certain thresholds. To learn more about the various workers' compensation schemes in Australia, and to ensure that you are meeting your obligations, speak with your insurer and visit the website of the relevant government agency in your state or territory:











ASIC is Best - So Why Pay More?

Recently, one of our clients notified us about a letter they had received from a business agency, regarding renewal of their business name. It was from a legitimate company and it referenced ASIC several times. It contained the following renewal and fee information:

Please note that you do not need to use an external agent (or your accountant) to renew your business name. It is now a simple matter of going directly to the ASIC website and completing the online details. The ASIC fee is $35 a year or a discounted fee of $82 for three years.

Of course, if you would like to discuss your renewal or would like us to do it for you, then please give us a call on 4861 8383 and we can discuss your options and any associated fees.


Small Business Threshold Increases to $10m

Legislation is expected to pass soon in parliament that will make it easier for many businesses to qualify for the small business concessions that were previously only available to those with an aggregated turnover below $2m.

Once the legislation is passed, businesses whose aggregated turnover does not exceed $10m will have access to many of the same benefits held by their smaller counterparts, allowing them to tap in to a range of tax concessions and hence free up vital funds. Even better, the Bill will be retrospective, meaning that the benefits will apply for the whole of the 2016-17 financial year.

Some benefits that will be available to those who qualify for the increased threshold under the small business rules are as follows:

·         Instant asset write-off for assets costing less than $20,000 purchased during the 2016-17 financial year.

·         Deductions for professional expenses for start-up and small business rollover when restructuring.

·         Small business income tax offset for unincorporated entities.

·         Company income tax for small businesses dropping to 27.5% in 2016-17, and then down to 25% over the 

  next ten years.

Additional concessions may also be available to you depending on eligibility. These are:

·  Income Tax Concessions including simplified trading stock rules, an immediate deduction for prepaid 

 expenses and a two-year amendment period.

·        PAYG Instalment Concessions allowing taxpayers to pay a pre-set quarterly amount.

·        Fringe Benefits Tax Concessions for car parking and work related devices.

·        Super Concessions allowing you to use a small business superannuation clearing house.

·        GST & Excise Concessions allowing you more flexibility.

However, the current threshold for access to the small business capital gains tax concessions will remain unchanged at $2m.

Please note that regardless of eligibility, the use of these concessions is optional.

Good news all round for many of you, giving you added flexibility, better cash flow and more simplified processes so that you can get on with the business of running your business. At KDA Group, we're all about helping you to maximise your potential, and this includes making the most of tax concessions available to you. If you think you might need some assistance, we're only a phone call away on 4861 8383.

Business Valuations: A Call to Action!

Imagine the following....

The time comes to sell up. You have an awesome business, sales have grown 20% per year for the past three years, the opportunities are endless and buyers should be climbing over each other to acquire you. Then you list with a well-regarded business broker and one by one, the suitors disappear. Any offers you receive are substantially lower than your asking price. In fact, they only cover your stock and equipment, and not the $1M of goodwill you thought was a given. You can't work it out. Okay, you know you are working around the clock to keep the place going, but that's why you've decided to let someone else have a go. Sure, your cash position is getting worse every week, but that's why you hoped one of your competitors with cash-laden pockets would step in and help you out of a hole.

So what's it all about?

People pay a price for value. When it comes to businesses, investors do their due diligence, because buying a business for millions of dollars is a big decision and no-one likes getting their fingers burnt. The bottom line? Investors will pay a price for a business, but only according to the value that they can extract.

This begs the question, how do you create and improve business value?

The first thing you need to understand is how business value is calculated.  There are many methods for valuing businesses, but the most common and widely accepted formula is the Capitalisation of Future Maintainable Earnings method (to use the technical name).  Put simply the formula is:

          Profits X Capitalisation Rate = Business Value

The reason that we look at profits is that the purchaser of a business wants to know what the predictable financial performance of a business is likely to be over the foreseeable future.  

The capitalisation rate is related to assessing the level of risk involved in the business being valued.  The lower the risk, the higher the capitalisation rate will be. 

So there are two factors at play here – profits, and risk.

You can focus on increasing your profits, as this will drive an increase in your business value. Likewise, you can also assess the risks attached to your business, and work to reduce or eliminate them, as reducing risk will also increase your business value.

We all know the profit piece fairly well. We can:

·        Increase sales

·        Increase gross profit

·        Decrease overheads

All things being equal, these three steps will deliver the profit increase we require. It's not rocket science!

However, reducing risk can be a longer term challenge.  Ultimately, investors like businesses that are boringly predictable.  There are many factors which reduce the risk associated with a business.  Some of the key ones are:

·        Low working capital requirement, quick cash conversion cycle (aka, cash 


·        Strong supply chain; diversity of suppliers

·        Regular repeat sales (annuity type income)

·        Diversity of customers (by size, industry, geography, no reliance on a few 

         customers for the majority of sales)

·        Well managed stock

·        Retention of staff, particularly management, following transfer of 


·        Strong processes and information systems that allow the business to run 

         like a well-oiled machine

·        Protection of Intellectual Property

The crunch line? I'd like to challenge you. Do you know what your business is really worth, and are you doing what you can to improve its value? Remember, working on the profits and capitalisation rate now, even if you're not planning on selling, will make your business more profitable (obviously), easier to manage, more cash positive, and less time consuming. What more could you want?

At KDA Group we're all about helping you to maximise your potential, and this includes business value.  If you think you might need some assistance, we're only a phone call away on 02 4861 8383.

Cashflow or Crash Flow?

"Hello, Mr Banker, we're out of cash again…"

Cash is King.  Cash is the lifeblood of your business.  Lack of cash is the most common cause of company failure in Australia; in fact, in the 2016 financial year, 45.6% of company failures were due to this reason.

We all know how important cashflow is, but what do we really do about it? Do we actively manage it and plan for an outcome, or do we sit by, watch it flow in and out, and hope for the best?

You have probably all heard the adage, 'failing to plan is planning to fail', and this applies to cashflow as much as it does to everything else in life. Everyone does sales projections, and some people do expense budgets but sadly the cashflow forecast often gets pushed into the too-hard basket.

After all, how can you plan for customers who pay anywhere from COD to 90 days after invoice? How are you supposed to know if you'll run out of stock in three months' time, and might need to pay cash on order to your local supplier to buy more stock before your regular shipment arrives from Vietnam?

The trouble is, you don't! However, a good cashflow forecast based on accurate assumptions, and proper double entry accounting principles, will give you the best chance of managing the cash requirements related to these unpredictable events.

By working through a cashflow forecasting exercise you will be forced to:

·        Create a forecast of sales for the forecast period

·        Estimate your cost of sales (this can be tied back to an estimated gross profit)

·        Budget for your expenses

·        Think about what personal expenses you have planned

         (that will be funded with cash from the business)

·        Do a realistic assessment of what capital expenditure will be required

         (the new Land Rover Discovery, and the flash office refurbishment), and

·        Last, but not least, estimate your tax bills.

The benefits of an accurate cashflow forecast are threefold:

·        You have a financial roadmap for the next one to two years

         (we recommend forecasting at least the next full financial year)

         with which you can drive performance and keep your staff accountable

·        You can compare your actual performance against your roadmap,

         identify where things are getting out of control, and manage them accordingly, and

·        You will identify any:

    o    Opportunities arising from strong cash generation (maybe setting up the US branch is possible after all!)

    o    Periods of tight cashflow ahead of time, so you can make appropriate arrangements with your bank or other financiers well in advance (they will LOVE this!).

So don't bury your head in the sand anymore! Grit your teeth, arm yourself with a calculator, paper and pen (or Excel spreadsheet) and get on with it.  Who knows, it may not be as hard as you think!

At KDA Group we're all about helping you to maximise your potential, and this includes your cashflow.  If you think you might need some assistance, we're only a phone call away on 02 4861 8383.

When we hear the words "Fringe Benefits", many of us think only of motor vehicles, or as the festive season approaches, about the tax implications of the Office Christmas party. However, fringe benefits extend to many more areas, and probably ones you've never considered. As 2016 ends, and you start to wind down and think about celebrating, it might be worth considering the other fringe benefits you may be providing, and planning for the reporting requirements necessary for 31 March 2017.

Fringe Benefit Tax (FBT) audits by the ATO are on the increase. Particular attention is being given to payments made to, or expenses paid on behalf of, employees. Three areas being highlighted in recent times are:

Travel - this is of particular concern where spouses, or entire families, are travelling and only certain family members are travelling for business purposes.

Meals - Excessive food costs where it appears that businesses are paying for private grocery bills, rather than simple meal expenses.

Expense Payments - Where expenses seem unusually high (eg: employees' personal telephone bills).

Other types of benefits that may be of concern include:  

Work Parties & Gifts – The end of year festivities must, of course, rate a mention. So before you start ordering the platters, popping the champagne or wrapping gifts for your staff, you might want to take a minute to consider your entertainment fringe benefit liability.  For more information, why not revisit last year's blog at or the ATO for a more comprehensive guide.

Accommodation & Meals - If you provide an employee with accommodation rent free, or at a reduced rate at their regular residence, a housing fringe benefit may arise. A board fringe benefit may also arise if you provide your employee with accommodation and there is an entitlement to at least two meals a day. (Eg: a remote construction site or resident boarding school teachers).

Employee Expenses – From time to time you might reimburse an employee, or a third party regarding an employee, for expenses they've incurred. These may be business or private in nature, or a combination of the two. An expense payment fringe benefit may arise as a result.

Low or No Interest Loans – You also provide a loan fringe benefit if you give your employee a loan and charge no interest, or a rate of interest that is lower than the benchmark interest rate (5.65% for 2017).

Living Away from Home - Occasionally, an employee may be required to live away from home for a period of time to perform their work duties, and a living-away-from-home allowance (LAFHA) fringe benefit may arise if you pay an allowance to cover additional costs.

Forgiving an Employee's Debt - Sometimes you decide, or a sense of benevolence urges you, to waive or forgive the whole or part of an employee's debt. For example, if you sold goods to an employee and later told them not to bother about paying the invoiced amount. A debt waiver fringe benefit arises as a result. (NB: This does not apply if you write off the outstanding amount as a bad debt.)

Property and your Employee - Providing your employee with property of any kind, whether free or at a discount may also give rise to a property fringe benefit. Property isn't limited simply to buildings, as it may cover household items or equipment as well as shares or bonds.

Parking a Car - Car fringe benefits are a fairly common expense in many businesses. However, a separate car parking fringe benefit may also apply if your employees park at your business premises for more than four hours during the work day, if they travel between work and home at least once, if there is a commercial parking station within one kilometre of your premises and its all-day fee is more than the car parking threshold ($8.48 for 2017).

Anything Else? - Finally, just in case you thought we've covered everything, there is even provision for those things that don't fit into any of the above. For example, if you offer the use of employer property, or the provision of professional services (eg: a solicitor), or private use of a company truck or utility you may still be subject to a residual fringe benefit.

For more information go to

So as 2016 draws to a close, and you look forward to the endless possibilities that 2017 might bring, put FBT on your agenda and remember that 31 March will be here much sooner than you think.


Employees with Excessive Annual Leave

Do you have employees with excessive accrued annual leave?

New changes now in place

Employees who have accumulated large chunks of annual leave have been an ongoing dilemma for many small to medium enterprise (SME) employers. However, a recently completed Fair Work Commission review has resulted in some significant changes to the rules for 112 of the current 122 modern awards, making it easier to deal with this issue. Hailed as a godsend by many employers, the changes also allow for more flexibility for almost two million Australian workers.

So how do some employees build up so much leave in the first place? Often it's a case of a business not being able to do without a key staff member for long periods of time, so the breaks they take are short and infrequent. It may also be part of a strategy to build up leave prior to retirement or to allow for unforeseen emergencies such as health or family issues. Then again, an employee may not want to take their leave if their family members can't get holidays at the same time. Of course, some employees simply love their work and almost need to be made to take leave. Whatever the scenario, before you know it, the employee has racked up a large amount of leave, which can be problematic for an employer when the time comes to pay out these potentially large sums.

Show me the money

The change of most interest to employees will undoubtedly be the ability to cash out some of their accrued annual leave. The new rules state that:

·         First and foremost, the application for leave to be cashed out must be made in writing and

          signed by both the employee and the employer.

·         The amount of leave to be cashed out must be clearly stated, as must the amount to be paid

          and the date on which it will be paid.

·         No more than two weeks annual leave may be cashed out in any twelve (12) month period.

·         The employee must be left with a minimum of four weeks annual leave up their sleeve.

Options for excessive leave

Some 80 of the 122 modern awards now have an "excessive annual leave" model term included, meaning that a worker has more than eight weeks annual leave accrued (or 10 weeks for shift workers).  Once leave gets to this point it may become necessary to see a reduction in the time accrued, to avoid excessive payouts later.

So what happens if agreement between the two parties on how to reduce or eliminate the excessive leave can't be reached?  One of two things can occur.  Either the employer can direct the employee to take one or more periods of leave, or the employee may give notice that they are intending to do so.

In the case of the employee, they may only give notice if the leave has been accrued for more than six months and they haven't been directed previously by their employer to reduce their leave. Where employees meet the criteria, employers are required to grant the leave.

In any event, any leave taken must be for a minimum of one week and must be taken between eight weeks and twelve months from the date of the direction or notice of intention. Additionally, the employee's remaining annual leave must not be less than six weeks.

Further information is available by contacting the Fair Work Commission on 1300 799 675 or by visiting their website at

Alternatively, contact Employsure on 1300 798 990 and quote ERA0969 for free advice for employers, or check out their website at

All in all, these welcome changes – which came into effect on 29 July – are positive ones from which both employees and employers will benefit.


As you know, here at KDA Group we have always endeavoured to keep you abreast of changing government regulations regarding superannuation in general, and your Self-Managed Superannuation Fund (SMSF) in particular. In line with this practice, we would like to inform you of some changes that came into effect earlier this year.

On July 1 2016, the laws relating to advice and SMSFs changed. This was done to ensure both the quality of the financial advice given to consumers and the provision of additional protection to taxpayers.

What the regulatory changes mean for you in practical terms, is that from now on we need to provide Statements of Advice formalising particular discussions we have with you regarding your superannuation needs.

Under the new laws, accountants are no longer able to provide advice in relation to superannuation unless they hold an Australian Financial Services Licence (AFSL) in their own right, or are licenced as an Authorised Representative of an AFSL holder.

To date, very few accountants have become licenced and therefore the pool of accountants able to provide advice on superannuation matters has shrunk considerably.

KDA Group SMSF Strategists Pty Ltd along with Kevin and Roxley have held the required licence since 2010, and are now Authorised Representatives of Merit Wealth Pty Ltd, AFSL No. 409361, allowing us to continue providing financial advice on the following: 
    • Setting up a SMSF 
    • Making contributions into your SMSF 
    • Use of a borrowing arrangement within your SMSF 
    • Establishing and finalising pensions 
    • Winding up your SMSF

As the holder of a full Australian Financial Services Licence, Merit Wealth has access to a range of financial advisers. We are confident that if your advice needs extend beyond the scope of our licence, Merit Wealth will be able to provide experienced advisers to assist you.

Regardless of the regulatory changes, you can be assured that we will continue to provide you with the same high quality of service and professionalism that you have come to expect from us here at KDA Group.

About Us

Backed by years of experience and knowledge in business accounting and taxation, KDA Group has grown to a team of 20 committed staff servicing the needs of clients Australia wide.

Read More >> 

Our Services

At KDA Group we aim to provide you with advice when your business needs it, not just when you ask for it.


We offer a range of free easy to use online resources.

View Resources >>