SMSF Audit Guide: What Trustees Need to Know
A guide to the annual audit requirement for Australian self-managed super funds. Covers what the audit involves, what auditors check, how to prepare records, what happens when a finding is raised, and how to avoid the most common audit failures.
Key facts at a glance
What is the SMSF audit?
An SMSF audit is an annual mandatory review of an SMSF's financial statements and regulatory compliance, conducted by an independent ASIC-registered SMSF auditor before the fund's annual return is lodged with the ATO. It is not optional, it cannot be waived, and it cannot be conducted by the trustees themselves.
The audit is your fund's annual health check. A clean audit report gives peace of mind. A qualified opinion or auditor contravention report triggers ATO attention. Good record-keeping makes the process faster, cheaper, and less stressful.
The two parts of the audit
The SMSF audit has two distinct components, and both must be completed:
1. Financial audit: A review of the fund's financial statements - the balance sheet, income statement, and member statements. The auditor checks that the financial statements accurately represent the fund's financial position and comply with applicable accounting standards.
2. Compliance audit: A review of whether the fund has complied with the Superannuation Industry (Supervision) Act 1993 (SIS Act), SIS Regulations, and other superannuation law during the financial year. This is the component that identifies operational breaches - things like the sole purpose test, the in-house asset rule, related party transactions, pension payment minimums, and investment strategy documentation.
A fund that completes only one component is not compliant.
What the audit is not
The audit is not:
- A tax return preparation service
- Investment advice
- A guarantee that the fund is compliant in all respects
- A substitute for the trustees' own responsibility to understand and comply with superannuation law
The auditor provides independent assurance. Legal responsibility for running the fund compliantly remains with the trustees at all times.
What is the SMSF audit deadline?
The SMSF audit deadline is tied to the fund's annual return deadline: the audit must be finalised before the fund's annual return is lodged. Auditors must generally be appointed at least 45 days before the annual return lodgement deadline to allow sufficient time for the audit process.
- Self-lodging funds: Annual return due 31 October - audit should begin no later than mid-September
- Via a registered tax agent: Extended deadline (typically February or May) depending on the agent's lodgement program
Most SMSF accountants begin the audit process in August or September for a 30 June year-end fund.
A fund that lodges its annual return without a completed audit has breached the SIS Act. If an audit is not arranged at all, the ATO may treat this as a serious compliance failure - potentially resulting in a compliance review, administrative penalties, or referral for enforcement action. The audit is not an optional formality.
Who can conduct an SMSF audit?
Only an independent SMSF auditor registered with ASIC can legally conduct an SMSF audit. Not every accountant or financial adviser is qualified or registered to audit an SMSF.
ASIC registration requirement
Since 1 July 2013, SMSF auditors must be registered with ASIC. Registration requires:
- Holding a relevant accounting qualification
- Meeting minimum competency requirements, including SMSF-specific training
- Holding professional indemnity insurance
- Passing ASIC's fit and proper assessment
Trustees can verify whether an auditor is registered by searching the ASIC professional registers at asic.gov.au. The auditor's SMSF auditor number (SAN), which is ASIC's unique identifier for a registered SMSF auditor, must be included in the annual return.
The independence requirement
The auditor must be independent of the fund and its trustees. This is a legal requirement. The independence rules mean:
- The auditor cannot be a member of the fund
- The auditor cannot be a trustee or director of the corporate trustee
- The auditor cannot be a relative of a fund member or trustee
- The auditor cannot be an employer or employee of the trustees in the same business
- There must be no financial or other relationship that could compromise independence
In practice, the fund's own accountant can prepare the financial statements and tax return, but a separate, independent registered auditor must conduct the audit. Many accounting firms use genuinely separate divisions or refer to external auditors for this purpose.
How do you find an SMSF auditor?
The ASIC SMSF auditor register is the starting point for confirming registration. In practice, many trustees find an auditor through their SMSF accountant, administrator, or tax agent, but trustees should still confirm the auditor's registration and independence before the audit is finalised.
If the fund has complex assets - property, an LRBA, crypto assets, unlisted investments, or pension accounts - choose an auditor with experience in those areas and ask what records they expect before the engagement begins.
Using the same auditor each year
There is no legal requirement to rotate SMSF auditors annually. Many funds use the same registered auditor year after year, which has practical advantages - the auditor builds familiarity with the fund's history, recurring transactions, and any prior findings.
However, if any change in circumstances affects independence (such as the auditor becoming a business partner of a trustee), the fund must appoint a different auditor immediately.
Using an unregistered person to conduct the audit is a serious breach regardless of the quality of the work performed. The ATO requires a valid SAN on the annual return. If the person who conducted the audit is not registered with ASIC, the audit is not valid and the annual return cannot be lodged correctly.
What does an SMSF audit cover?
The compliance audit covers the fund's activities across the entire financial year. Auditors work from a standard checklist of superannuation law requirements and assess the fund against each one.
Financial statement review
The financial audit checks:
- Opening balances match the prior year's closing balances and audited statements
- All transactions during the year are recorded accurately
- Assets are valued at market value at year end
- Member balances are correctly calculated
- Income, expenses, and tax provisions are correctly reported
- Financial statements comply with the AASB accounting standards applicable to SMSFs
Investment compliance checks
The auditor checks that the fund's investments comply with the SIS Act:
- Sole purpose test: Are all investments consistent with providing retirement benefits? Is there any evidence of personal benefit to trustees or related parties?
- In-house asset rule: Do in-house assets exceed 5% of total fund assets?
- Arm's length rule: Were all transactions conducted at market rates?
- Related party transactions: Were any assets acquired from or disposed of to related parties, and if so, were they permitted?
- Investment strategy: Is there a current written investment strategy? Does the fund's actual asset allocation reflect the strategy? Has it been reviewed during the year? ASIC's SMSF advice file review shows why weak establishment records can turn into audit evidence problems later.
Contribution and benefit checks
- Were all contributions received validly - for example, age and work test conditions met for personal contributions?
- Were contribution amounts within the applicable caps?
- Were benefits paid in accordance with a valid condition of release?
- Were pension payments made at or above the minimum drawdown amount by 30 June?
- Were any lump sums paid correctly from preserved or restricted non-preserved amounts?
Trustee and administrative compliance checks
- Is the trust deed current and appropriate for the fund's activities?
- Have all trustees signed the trustee declaration (NAT 71089)?
- Are trustee records maintained - minutes, resolutions, and investment strategy?
- Is the fund correctly registered with the ATO?
- Are TFNs held for all members?
- Has the fund lodged prior year returns? (Auditors check for outstanding returns.)
- Were any reportable transfer balance account report (TBAR) events lodged correctly and on time?
Asset-specific checks
Different asset types attract different audit procedures:
- All assets: Must be held in the correct trustee name (or corporate trustee name). Mis-titling is a frequent administrative finding.
- Listed shares and managed funds: Verified against brokerage statements, share registry records, and end-of-year valuations from market data.
- Real property: Verified against title documents, council rates, lease agreements (where applicable), and independent valuations where required. Property-specific rules are covered in the SMSF Property Guide.
- Bank accounts and term deposits: Verified against bank statements reconciled to fund records.
- LRBAs: Verified for correct holding trust structure, loan documentation, and PCG 2016/5 compliance for related party loans. PCG 2016/5 is the ATO practical compliance guideline for limited recourse borrowing arrangement (LRBA) related party loans. For why ASIC is scrutinising property-led SMSF setup advice, see our Report 824 audit implications update.
- Unlisted investments: May require additional evidence of valuation and legitimacy.
- Crypto assets: Verified against exchange records, wallet addresses, and year-end valuations. The auditor will check that custody arrangements are consistent with the sole purpose test and that assets are held by the fund - not in a member's personal wallet. See the SMSF Crypto Guide for record-keeping expectations.
The compliance audit looks at different questions to the tax return. A clean tax return does not mean a clean audit. The accountant checks whether the numbers add up. The auditor checks whether the fund actually operated within the law throughout the year. These are two separate assessments, and trustees should not assume one implies the other.
SMSF audit checklist: how to prepare
Most audit delays and findings are caused by incomplete or disorganised records - not by genuine compliance breaches. Providing the auditor with complete, well-organised documentation at the outset significantly reduces the time, cost, and risk of the process.
Key documents to provide
Financial records:
- Bank account statements for all fund accounts (full year)
- Term deposit certificates and interest statements
- Brokerage statements and contract notes for all share transactions
- Year-end portfolio valuations from broker, share registry, or market data
- Dividend and distribution statements
- Rental income records and property management statements where applicable
Governance and compliance records:
- Copy of the current trust deed with all deeds of variation
- Trustee minutes and resolutions for the year
- Current written investment strategy
- Evidence of annual investment strategy review (trustee resolution)
- Signed trustee declarations for all trustees (NAT 71089)
- Member contribution records and contribution caps tracking
- Pension documentation: commencement documents, minimum drawdown calculations, payment records
- Binding death benefit nominations where applicable
- LRBA loan agreements and repayment records where applicable
Property-specific documentation
If the fund holds property:
- Certificate of title confirming ownership in the fund's or corporate trustee's name
- Lease agreements for residential and commercial properties
- Rental income records and bank statements showing rent received
- Current independent valuation or documented basis for the value used
- Evidence of market-rate rental where the tenant is a related party
- Building insurance policy in the fund's or corporate trustee's name
- Mortgage and loan statements for LRBA properties
Crypto and pension-specific documentation
Crypto assets:
- Exchange account records for all transactions during the year
- Wallet addresses confirming custody is in the fund's name
- Year-end valuations from the exchange or a recognised market data source
Pensions:
- Pension commencement documents signed before the first payment
- Trustee resolution to commence the pension
- Account balance at 1 July and minimum drawdown calculation
- Bank records confirming payments meet or exceed the minimum
- TBAR lodgements and ATO confirmation of any reportable events
Auditors charge by the time they spend. An audit requiring multiple rounds of follow-up requests for missing documents takes longer and costs more. Providing complete records upfront is the single most effective way to reduce the cost and duration of the annual audit. For indicative audit fee ranges and the factors that drive cost, see the SMSF Costs and Fees Guide. Many accounting firms include an audit documentation checklist with their engagement letter - use it.
What are the most common SMSF audit findings?
Common SMSF audit findings are the issues auditors most often identify when reviewing fund records and compliance evidence. Section 08 turns these findings into a prevention checklist, so this section focuses on what auditors are actually testing and why each issue matters.
Pension payment failures
Missing the minimum pension drawdown by 30 June is the most commonly identified compliance breach. It is entirely avoidable and usually receives immediate auditor attention because the tax consequences can affect the whole pension account for the year.
When the auditor identifies a shortfall, the audit report must be qualified. The fund may need to apply to the ATO for relief under the Commissioner's discretion. If relief is not granted, the pension is taken to have failed for the whole year and all earnings lose their tax-free treatment.
Investment strategy deficiencies
Investment strategy deficiencies are among the most frequently raised audit issues because the strategy is checked every year. Common problems:
- No written strategy exists at all
- Strategy not reviewed or updated for several years
- Generic template that does not reflect the fund's actual asset allocation
- Strategy does not address insurance needs of members
- Fund's actual investments are materially inconsistent with the stated strategy
ASIC's 2025 review of SMSF establishment advice flagged the same pattern from another angle: weak or generic reasoning at setup can leave trustees with documents that do not reflect how the fund actually operates. See our ASIC Report 824 explainer for the audit connection.
Loans to members or related parties
Any loan from the fund to a member or related party is prohibited under s65 of the SIS Act. This is less common than record-keeping issues but more serious when found. The auditor will identify these arrangements - including informal ones that are not documented as loans but function as loans, such as expenses paid by the fund on behalf of a member that are not properly reimbursed.
Related party asset acquisition
Acquiring assets from a related party - particularly residential property - is one of the most serious breaches an auditor can identify. Where found, the auditor must report it to the ATO via an auditor contravention report (ACR) and qualify the audit report.
Asset valuation issues
Common valuation problems:
- Property carried at historic cost rather than current market value
- Unlisted investments with no documented basis for the value used
- Crypto assets valued at the wrong date or using an unreliable source
- Artwork or collectibles without current independent valuations
Titling and ownership issues
Assets not held in the correct name - the trustee's name in their capacity as trustee, or the corporate trustee's name - are a common administrative finding and a frequent follow-up request. This occurs most often when:
- Individual trustees change and assets are not re-titled
- Assets were acquired in a member's personal name
- Bank accounts are held in a member's personal name rather than the fund account
In-house asset breaches
Where in-house assets exceed 5% of total fund assets at year end, the auditor must report this. The most common cause is a related party lease arrangement not correctly classified, or the fund's total asset value declining while the in-house asset value remains static.
TBAR reporting failures
From 1 January 2026, all SMSFs must lodge transfer balance account reports (TBARs) quarterly. Auditors are identifying funds where quarterly TBARs have not been lodged (or were lodged late) for pension commencements, commutations, or death benefit income stream events. Use the SMSF Compliance Calendar to line up recurring reporting dates.
Late TBAR lodgements can cause the ATO to issue incorrect excess transfer balance determinations based on incomplete data.
Missing or outdated records
Auditors frequently encounter:
- Trustee minutes and resolutions that have not been completed for the year
- Investment strategy that predates significant changes to the fund's asset mix with no evidence of review
- Trustee declarations not signed by newer trustees
- Contribution records that do not allow the auditor to verify cap compliance
What happens when an audit finding is raised?
An audit finding does not automatically mean the fund is in serious trouble. Auditors distinguish between minor administrative deficiencies and substantive compliance breaches, and the response required differs accordingly.
Types of audit findings
Audit findings fall into a spectrum:
- Minor deficiencies: Administrative issues that do not represent a breach of superannuation law - for example, a minor formatting issue in the minutes or a document that was prepared but not formally signed. Typically resolved without reporting to the ATO.
- Qualified audit opinion: A material issue with the financial statements or a compliance matter the auditor cannot resolve. This appears in the audit report and is disclosed in the annual return.
- Reportable contraventions: Certain breaches must be reported to the ATO by the auditor via an auditor contravention report (ACR), specified under s130 of the SIS Act and ATO reporting criteria - regardless of whether the breach has been rectified.
Auditor contravention reports (ACRs)
When an auditor identifies a reportable contravention, they have an independent legal obligation to lodge an ACR with the ATO within 28 days of completing the audit. An ACR is the formal report registered SMSF auditors use to notify the ATO of reportable SMSF breaches. They cannot skip or delay this obligation because the trustee has already self-reported or rectified the breach.
Reportable contraventions include:
- Loans to members or related parties (s65)
- Acquisition of assets from related parties (s66)
- In-house asset limit exceeded (s84)
- Benefits paid without a condition of release being met
- Failure to maintain an investment strategy
- Other breaches specified under s130 SIS Act and ATO reporting criteria
An ACR triggers an ATO review of the fund.
Responding to a finding before it escalates
Where the auditor identifies a potential breach during the audit process:
- The auditor will typically contact the trustee or their accountant to discuss the issue
- In many cases, documentation can be provided or a minor issue rectified before the audit opinion is finalised
- Where a substantive breach has occurred, early engagement with the auditor about steps taken to rectify it is important - auditors take remediation into account
- If the breach is reportable, consider engaging an SMSF specialist before the ACR is lodged
ATO response to an ACR
The ATO's response depends on the nature and severity of the breach. Possible responses include:
- An educational letter explaining the rule that was breached
- A rectification direction requiring specific steps within a set timeframe
- An education direction requiring trustees to complete an approved course
- Administrative penalties (per breach, per trustee for individual structures, or to the company for corporate trustee structures)
- A compliance review of the fund
- In the most serious cases, a notice of non-compliance - making the fund a non-complying fund, taxed at 45% on its taxable income
The ATO has a published compliance approach that signals it aims to work with trustees to rectify issues, particularly for first-time or inadvertent breaches.
Early engagement with both the auditor and the ATO is consistently the best approach when a breach has occurred. Trustees who self-identify, rectify promptly, and engage proactively are treated more favourably than those whose breach surfaces through an audit or ATO review with no prior disclosure. The worst outcome is a breach that remains unaddressed and compounds over multiple years.
What is in the SMSF auditor's report?
At the conclusion of the audit, the auditor issues two reports. Both must be completed before the annual return can be lodged.
What is in the independent auditor's financial report?
This covers the financial audit. It states whether, in the auditor's opinion, the financial statements give a true and fair view of the fund's financial position and comply with applicable accounting standards.
The opinion is either:
- Unqualified: The auditor is satisfied the financial statements are materially correct
- Qualified: The auditor has identified a material issue they cannot resolve
A qualified financial report is a serious matter and will trigger ATO scrutiny.
What is in the compliance audit report?
Part B of the audit report covers the fund's compliance with the SIS Act and SIS Regulations. For each relevant section of the Act, the auditor states whether the fund complied, whether there was a breach, or whether they were unable to obtain sufficient evidence.
The auditor's SMSF auditor number (SAN) is included in the annual return. If the auditor has identified a reportable contravention, they independently lodge an ACR with the ATO - regardless of what the trustee discloses in the annual return.
Audit report lodgement process
The auditor issues their report to the trustees (or their accountant). The full audit report is retained by the fund - it is not lodged directly by the auditor with the ATO. Key information from the report (including the auditor's SAN and any qualified opinions) is included in the annual return when lodged by the trustee or their tax agent.
If a reportable contravention exists, the auditor lodges an ACR directly with the ATO as a separate, independent obligation - this occurs regardless of the annual return lodgement process.
The annual return asks whether the auditor's report contains a qualified opinion. Answering this incorrectly - for example, leaving it blank when the opinion is qualified - is a lodgement error. The ATO matches information from the ACR database against the annual return. Discrepancies are identified and may trigger further review of the fund.
How do trustees avoid common SMSF audit mistakes?
Section 05 explains what auditors commonly find. This prevention checklist translates those findings into the practical habits that reduce audit delays, qualified opinions, and avoidable ATO attention.
Audit mistake prevention checklist
- 1Appoint the auditor early. The audit must be completed before the annual return is lodged. Leaving it until October for a self-lodging fund may not leave enough time, particularly if records are incomplete. Appoint at least 45 days before the lodgement deadline.
- 2Verify the auditor's registration. Not every accountant is registered. The ATO requires a valid SAN on the annual return. If the person who signs off the audit is not ASIC-registered, the audit is not valid.
- 3Check independence before the engagement starts. The auditor cannot have a financial, personal, or business relationship with the fund or trustees that could compromise independence. Using a family member, business partner, or the same person who prepares the tax return without a genuinely separate engagement may invalidate the audit.
- 4Provide complete records upfront. Every follow-up request adds time and cost. Missing bank statements, unsigned minutes, or an absent investment strategy are the most common causes of delays.
- 5Review the investment strategy before year end. If the strategy has not been reviewed or updated to reflect the fund's current asset allocation, the auditor will raise a finding. Document the review with a trustee resolution.
- 6Check minimum pension drawdowns before 30 June. This is the most common and most avoidable compliance finding. Set a reminder in June each year for every pension account in the fund.
- 7Re-title assets after trustee changes. When a trustee is added or removed, assets must be re-titled to reflect the new trustee arrangement. This is frequently missed and can require legal correction.
- 8Keep accounting and audit roles separate in your thinking. The accountant prepares the financial statements and tax return. The auditor independently checks compliance. A clean tax return does not mean a clean audit.
- 9Respond promptly if an ACR is lodged. If the auditor lodges an ACR, the ATO will contact the fund. Engage promptly and consider obtaining specialist advice before responding.
- 10Keep records for the required period. Financial records must be kept for at least 5 years. Trustee declarations, minutes, and investment strategy documents must be kept for at least 10 years.
- 11Keep a year-to-year audit file. Auditors may request prior-year evidence or proof that previous findings were rectified. A well-organised audit file makes later audits faster.
Related resources: The Rules & Limits Reference covers the investment strategy requirement, sole purpose test, in-house asset rule, and arm's length rule - the areas most commonly flagged in compliance audits. Pension payment obligations and TBAR requirements are covered in the SMSF Pension Guide. Key dates including the annual return deadline are on the SMSF Compliance Calendar.
Common SMSF audit questions
These answers cover the short, practical questions trustees usually ask before the annual audit starts.
How much does an SMSF audit cost?
Audit cost depends on fund complexity, provider pricing, asset types, transaction volume, and record quality. A simple cash-and-listed-share fund usually costs less to audit than a fund with property, an LRBA, pensions, crypto assets, or incomplete records. For indicative ranges, see the SMSF Costs and Fees Guide.
Can my accountant audit my SMSF?
Your accountant can prepare the SMSF accounts and annual return, but the audit must be completed by an independent ASIC-registered SMSF auditor. The same person usually cannot audit their own accounting work.
What happens if I miss the SMSF audit deadline?
The annual return cannot be lodged correctly without a completed audit. Late audit or lodgement can lead to ATO follow-up, penalties, loss of lodgement concessions, and extra professional costs to bring the fund back up to date.
How long does an SMSF audit take?
A straightforward audit can be completed quickly once complete records are available. Delays usually come from missing bank statements, unsupported valuations, unsigned minutes, incomplete pension documents, or investment strategy issues.
What is an auditor contravention report?
An auditor contravention report, or ACR, is the formal report an SMSF auditor lodges with the ATO when a breach meets the reporting criteria. The auditor must lodge it even if the trustee has already started fixing the issue.
Do I need to send the audit report to the ATO?
The full audit report is kept by the fund. Key audit details, including the auditor's SAN and whether the opinion was qualified, are included in the SMSF annual return. If there is a reportable breach, the auditor separately lodges an ACR with the ATO.