TPB's AI guidance fails to address 'most significant compliance risk', warns NTAA

The NTAA said the draft information sheet provided by the TPB did not provide sufficient practical, proportionate guidance that practitioners need to comply with confidence.

One of the key issues with the draft guidance was its failure to address AI features that are embedded in existing software, the association said in a submission.

"The draft information sheet broadly assumes a practitioner actively chooses to enter information into an AI tool. Increasingly, AI features are embedded by default in platforms practitioners already use, including Xero, MYOB, QuickBooks, and Microsoft 365," it said.

"Practitioners using these platforms may not have made a conscious decision to disclose client information to an AI tool, yet the tool has accessed it."

The NTAA noted that practice management platforms such as MYOB and QuickBooks are incorporating a range of AI features into their core products.

"For example, Xero recently announced a multi‑year partnership with Anthropic to power its AI assistant JAX (Just Ask Xero) with Claude," it said.

"Broadly, JAX analyses revenue and profit performance, tracks cash flow, and identifies unpaid invoices, effectively processing client financial data in the background as part of the platform’s ordinary operation."

Microsoft 365, which includes Copilot capabilities across Outlook, Word, Excel and Teams, processes data in the background as part of the platform’s ordinary operation, the NTAA noted.

"From the practitioner’s perspective, the data flow is often invisible; a staff member opens an email, works on a document, or reviews a client file, and AI functionality operates in the background," the submission said.

"The practitioner has not made a conscious decision to disclose client information to an AI tool, yet the tool has accessed it."

The NTAA warned that, for many practices, this use of AI is already "the most significant compliance risk they face", yet the draft information sheet does not specifically address this risk.

The association said that practitioners who use AI-embedded software are also likely to encounter practical issues with paragraph 22 of the draft information sheet.

Paragraph 22 recommends that when obtaining client permission under Code Item 6, which relates to client confidentiality and obtaining permission to provide any information relating to a client’s affairs to a third party, the practitioner must clearly inform the client about the proposed disclosure.

They must provide details such as to whom the disclosure will be made, where it will be made, and where the data will be stored.

The NTAA said while the intent of the recommendation is sound, its practical application to external AI products presents significant challenges for practitioners.

"For AI features embedded within third-party software platforms, practitioners frequently do not have access to or clarity of all the specific information paragraph 22 contemplates," the association said.

"A practitioner using Xero, for example, may not readily be able to determine precisely where client data processed by JAX is stored, which third-party AI providers are involved in the processing chain, or how data flows between the software platform and its AI partners.

"This information is typically controlled by the software vendor and may change without notice to the practitioner as platform features are updated or new AI partnerships are announced."

The NTAA recommended that, for AI features embedded in third-party software platforms, the final TPB Information Sheet should confirm that listing any relevant AI-enabled products or software providers in the relevant client notification correspondence would be sufficient to meet the client disclosure obligation under Code Item 6.

"Requiring practitioners to identify and disclose the specific AI sub-processors, data storage locations, and processing arrangements for every third-party platform they use would impose a disproportionate compliance burden and require information that is not typically readily available to practitioners," it said.

"A practical approach would be to require practitioners to identify the third-party software providers through which client data may be processed, combined with a general statement about the practitioner’s approach to AI use and data security.

"We recommend that the finalised exposure draft explicitly acknowledge this category of embedded AI use and provide guidance on what level of disclosure is proportionate and practicable for practitioners in these circumstances."