Staff gifts, events and their deductibility

The Australian Government has announced significant changes to the Higher Education Loan Program (HELP), including HECS-HELP loans, aimed at reducing the financial burden on university graduates. These reforms, effective from the 2025 financial year, are set to benefit approximately three million Australians. 20% Reduction in Help Debt From June 1, 2025, all outstanding HELP debts – including HECS-HELP, FEE-HELP, SA-HEPL, OS-HELP and Vet student loans will be reduced by 20% before any indexation is applied. This measure is expected to alleviate approximately $16 Billion in student debt across the country. The Australian Tax Office will automatically apply this reduction to eligible accounts.  https://www.education.gov.au/higher-education-loan-program/20-reduction-student-loan-debt/faqs-20-reduction-all-outstanding-help-loan-debt?utm_source=chatgpt.com Change to Repayment Thresholds Effective July 1, 2025, the minimum income threshold for compulsory HELP repayments will increase from $54,435 to $67,000. Additionally, a marginal repayments system will be introduced, where repayments are calculated only on income above the new threshold, rather than on total income. This adjustment means that graduates earning below this new threshold will not be required to make compulsory repayments, and those earning above it will pay a smaller percentage of their income towards their debt. These reforms are part of the governments broader effort to make higher education more accessible and to support graduates in their financial journey’s.

With Christmas just around the corner, many businesses are planning parties to celebrate the year. But before you book the venue, it’s worth understanding how Fringe Benefits Tax (FBT) may apply. What Is FBT? FBT is a tax employers pay on certain non-cash benefits provided to employees, such as entertainment. Whether your Christmas party attracts FBT depends on where it’s held , who attends , and how much it costs . When FBT Applies On your business premises (during work hours) Usually exempt from FBT if only employees attend. Offsite (e.g., restaurant or venue) If the cost is under $300 per person (including GST) and the event is infrequent, it’s usually exempt under the minor benefits rule . If it costs over $300 per person , FBT generally applies . Who attends Employees: May be exempt if cost is under $300. Employees’ partners: Also counted separately for the $300 rule. Clients: Not subject to FBT, but not tax deductible. Quick Examples

Federal Treasurer’s announced on 13 October 2025 changes to the proposed Division 296 tax measure which applies additional tax to earnings attributable to an individual’s total superannuation balance (TSB) in excess of $3 million. The start date for the revised measure has been pushed back to 1 July 2026 with the first Div 296 tax assessments in respect of the 2026-27 financial year being issued in 2027-28. The changes announced included introducing a second large superannuation balance threshold of $10 million with an additional 25% tax imposed on earnings attributable a total superannuation balance (TSB) in excess of $10 million, indexing the large balance thresholds of $3 million and $10 million to CPI, and moving to a realised earnings approach that aligns to existing income tax concepts. No longer will the tax be imposed on unrealised gains. Changes will now make this tax a two tier approach; 15% extra tax on earnings attributable to a TSB above $3 million up to $10 million, meaning a total tax rate of 30% applied to this portion of earnings 25% extra tax on earnings attributable to a TSB above $10 million, meaning a total tax rate of 40% applied to this portion of earnings Both thresholds will be indexed to the Consumer Price Index (CPI). The $3 million threshold will be indexed in increments of $150,000 and the higher $10 million threshold will be indexed in increments of $500,000. Funds will need to calculate taxable/realised earnings and attribute to fund members. Adjustments will be made for elements such as contributions and pension phase income. Calculations closely align to existing tax concepts – it will not include unrealised gains. Please note this is not yet law (must pass both Houses of Parliament). Start date is proposed to be 1 July 2026, with the first assessment against the large balance thresholds on 30 June 2027. ATO will send a tax assessment for the additional tax which can be paid from either super or personal funds. Does not apply to everyone – only those over $3 million at 30 June.

In this increasingly digital age, small businesses are becoming more and more vulnerable to the threat of cybercrime. In particular, there has been an increase in supply chain attacks targeting small businesses. Cybercriminals are constantly adapting their tactics and using AI to fuel their attacks. As technology advances, so does the risk to your sensitive data. This increasing risk means it’s more important than ever to get the basics right. The good news is, AI still can’t beat smart cyber habits. October is Cyber Security Awareness Month, so we’re here to equip you with four essential tips to safeguard your business against cybercrime. 1. Strengthen your first line of defence Humans can often be the weak spot in a business’s cybersecurity efforts, so it’s important to have a strong first line of defence in your systems to protect your business. It doesn’t have to be super complex or expensive – the easiest and most effective solutions are free or low-cost. To start with, get your security basics sorted: Passwords: Strong passwords are the foundation of your online security. Use long, unique passwords for each account, and consider using a password manager to keep track of them. Multi-factor authentication (MFA): MFA adds an extra layer of protection by requiring additional verification, such as a code sent to your phone, when logging in. Secure products and services: Choose reputable providers that prioritise security. Look for certifications like ISO and SOC2 compliance when selecting software and services. Use public wifi safely: While the most secure option is to use wi-fi at your home or office, there are a few things to keep in mind if that’s not an option: Use your personal mobile phone as a hotspot – it’s significantly safer than café, hotel, or airport networks. Connect to a trusted VPN first, if available. Verify any wi-fi network with the venue before continuing – fake hotspots are a common scam to capture credentials. Don’t access confidential or sensitive information over public wi‑fi. Avoid oversharing personal information online: Attackers harvest publicly available details to tailor convincing phishing and social engineering attacks (email, SMS, voice, and social apps). Even small personal facts (roles, travel, family, habits) help them impersonate people you trust or bypass checks. 2. Educate your team about phishing One way cybercriminals can exploit small businesses is through phishing scams, in which cybercriminals impersonate trusted individuals or organisations to trick them into revealing sensitive information through deceptive emails or text messages. A phishing email looks like it comes from a legitimate source, but fraudulently tries to get you to provide sensitive information, such as your password or credit card details. Some of these emails might also try to infect your device by getting you to click a link to a malicious website or attachment. However, even the most advanced phishing is still toothless if you know enough to pause, think critically about the message, and react appropriately if something doesn’t seem right. With this in mind, it’s important to educate your team about phishing and train them to: Adopt a zero trust approach: Your team motto where data is concerned should be ‘never trust, always verify’. Bake security into your processes, for example, a payment can’t be processed without specific verification steps (even if it appears to be the CEO asking you to process it!) Identify phishing attempts: Teach your employees how to spot phishing emails by being on the lookout for suspicious links, urgent requests, or grammatical errors. Avoid suspicious links and attachments: Encourage your employees to hover over links before clicking, and to avoid downloading attachments from unknown senders. 3. Learn how to spot a deepfake Conventional scams are difficult enough to spot, but AI-based scams can be harder to detect and so even more dangerous. Deepfakes allow cybercriminals to create seemingly legitimate audio and video that can be incredibly convincing. Voice cloning replicates somebody’s tone and language to trick someone else into having a genuine phone conversation. Cybercriminals can use deepfakes to impersonate executives, clients, or even government officials. Train your team to look for signs of deepfakes, such as: inconsistent eye blinking or pupil dilation artificial-looking noise or distortions poor lip-syncing blurred or irregular shadows 4. Stay informed and vigilant, and report suspicious activity Cyber threats are constantly evolving, so it’s crucial to stay informed about the latest scams and security best practices. Regularly update your software and apps, apply security patches, and consider subscribing to cybersecurity newsletters or blogs. Finally, ensure you and your team report any suspicious activity. Work to create a culture where employees feel comfortable reporting anything unusual, even if it turns out to be harmless. So, what should you do if the worst happens and your business gets attacked or compromised? First of all, and most importantly – don’t panic. But do act quickly. Don’t be afraid to speak up – the cyber criminal wants you to be too embarrassed to tell anyone. Report the attack to your local Computer Emergency Response Team (CERT) agency or national cybersecurity agency, and if there’s an immediate threat to life or risk of harm, call the police. Cybersecurity is everyone’s responsibility. By following these tips and staying vigilant, you can significantly reduce your risk of falling victim to cybercrime.