Cockatoo guide

SMSF Audit Requirements

Every SMSF must be independently audited each year by an approved SMSF auditor before it lodges. Here is what the audit covers, the timing, and what happens when a contravention is reported.

Every self-managed super fund must be independently audited every year — there are no exceptions, even for a fund that made no investment changes or holds only cash. The annual audit is a legal requirement and it must happen before the fund lodges its annual return, because the return asks whether the audit has been done and whether the auditor reported any problems. For trustees, the audit is both a compliance checkpoint and a useful safety net that catches issues early.

This guide explains who can audit an SMSF, what the audit covers, the timing, and what happens when an auditor finds a contravention. It builds on the self-managed super fund pillar guide and connects closely to your trustee responsibilities — the audit is essentially where those responsibilities are tested each year.

Who can audit an SMSF?

The audit must be carried out by an approved SMSF auditor — someone registered with the Australian Securities and Investments Commission (ASIC) and holding an SMSF auditor number (SAN). Not every accountant is an approved SMSF auditor, and crucially the auditor must be independent:

  • The auditor cannot audit a fund where they (or their firm) have prepared the accounts or provided the financial statements, beyond limited exceptions.
  • The independence requirements have been tightened in recent years, which is why many trustees use one firm for accounting and administration and a separate firm for the audit.

The trustees are responsible for appointing the auditor and giving them the documents they need — in good time.

What the audit covers

The annual SMSF audit has two parts:

  • A financial audit — checking that the fund’s financial statements are accurate and fairly presented.
  • A compliance audit — checking that the fund has complied with the relevant provisions of super law.

The compliance side is where most attention falls. The auditor typically examines whether:

  • the fund meets the sole purpose test;
  • assets are kept separate from members’ personal assets and are correctly owned by the fund;
  • investments are at market value with supporting evidence;
  • transactions were at arm’s length;
  • the fund has a current investment strategy that has been followed;
  • benefits were only paid on a valid condition of release;
  • any limited recourse borrowing arrangement is correctly structured; and
  • contributions and pensions were handled correctly, including minimum pension payments in pension phase.

To do this the auditor needs the financial statements, bank statements, investment records, valuations, the trust deed, minutes, the investment strategy and evidence for anything unusual. Clean, contemporaneous records make the audit faster and cheaper — see the record-keeping duties in trustee responsibilities.

Timing

The rhythm each year is:

  1. The financial year ends 30 June.
  2. Trustees prepare (or have prepared) the fund’s financial statements and records.
  3. The audit is completed — it must be done before the annual return is lodged.
  4. The annual return is lodged with the ATO by the due date, and the fund pays the ATO supervisory levy.

The auditor must be appointed in time to complete the audit before lodgement — generally the audit should be finalised well before the return’s due date. Leaving the audit to the last minute is a common cause of late lodgement, which is itself a breach.

What happens if the auditor finds a problem

If the auditor identifies a breach of super law, two things can follow:

  • Management letter / qualification. The auditor raises the issue with the trustees, and the audit report may be qualified. Many issues can be rectified.
  • Auditor Contravention Report (ACR). Where a contravention meets the ATO’s reporting criteria (for example, it is significant, unrectified, or falls into defined tests), the auditor is legally required to lodge an ACR with the ATO. The auditor does not have discretion to hide a reportable breach — reporting it is part of their role.

An ACR does not automatically mean penalties, but it puts the breach on the ATO’s radar. How the ATO responds depends on the nature and seriousness of the contravention and whether it has been fixed — enforcement options range from education and rectification directions through to administrative penalties or making the fund non-complying, as covered in trustee responsibilities.

First-year and change-of-auditor notes

A fund’s first audit covers the period from establishment, so trustees should have the setup documents — trust deed, trustee consents, ATO trustee declarations and the initial investment strategy — ready for the auditor from day one. If you change auditors between years, the new auditor may ask about the prior year’s report and any unresolved matters, so keep previous audit reports and management letters on file. And if a member starts or stops a pension during the year, expect the auditor to look closely at the pension phase mechanics — minimum payments, commencement documentation and, where the fund has both pension and accumulation accounts, any actuarial certificate.

Because independence rules mean the auditor cannot also prepare the accounts, most trustees settle into a rhythm of one firm for accounting and administration and a separate approved auditor engaged each year. Building that relationship early makes every subsequent audit quicker.

How to make audits smooth (and cheap)

  • Keep records year-round rather than reconstructing at year end.
  • Separate your accounting and audit providers to satisfy independence rules.
  • Get valuations sorted early, especially for property and unlisted assets.
  • Fix small issues promptly so they do not become reportable contraventions.
  • Book the auditor in good time to avoid a late-lodgement scramble.

The audit fee is a fixed annual cost of running any SMSF — factor it into your budget alongside accounting and the ATO levy in SMSF costs and fees.

Common pitfalls

  • Assuming a simple fund does not need an audit — every fund does, every year.
  • Using an auditor who lacks independence from the accounts preparer.
  • Leaving the audit so late that lodgement is missed.
  • Poor records that turn a routine audit into an expensive investigation.
  • Ignoring a management letter and letting a fixable issue become an ACR.

The annual audit is the yearly test of whether you have met your trustee duties. Keep clean records, run a genuine investment strategy, and the audit becomes a formality rather than a fright.

This article is general information only and not financial or tax advice; consider your own circumstances and speak to a licensed adviser or the ATO before acting.

Common questions

About this guide

What does this guide cover?

Every SMSF must be independently audited each year by an approved SMSF auditor before it lodges. Here is what the audit covers, the timing, and what happens when a contravention is reported.

Who is this guide useful for?

It is written for Australian readers who are comparing options, checking definitions, or making decisions connected to SMSF.

Where can I read more on this topic?

Use the related SMSF, Superannuation tags and the reading links on this page to keep exploring connected Cockatoo articles.

Cockatoo updates

Get the next practical guide in your inbox.