Back to Blog
Compliance2 January 2026

How Long Should You Keep Tax Audit Documents? (ATO Guidance)

The ATO's record-keeping rules are clear but frequently ignored. Here's the definitive guide for Australian businesses and their advisors.

The ATO's record-keeping rules are clear, but they're frequently misunderstood. Here's the definitive guide for Australian businesses and their advisors on how long tax audit documents actually need to be kept.

The five-year rule

The default rule under the Income Tax Assessment Act is that records must be kept for five years from the date the relevant tax return is lodged, or the end of the transaction or act they relate to — whichever is later. For most businesses this means five years from lodgement date.

When it's longer

Several situations extend the five-year clock:

  • Depreciating assets. Records relating to assets claimed as depreciation must be kept for five years after the last claim — so potentially decades.
  • Capital gains tax. CGT records must be kept for five years after the asset is sold or disposed of. If you bought a property in 2005 and sold it in 2024, you need records from 2005 until 2029.
  • Losses carried forward. If you're claiming prior-year losses, you need to keep records from the year the loss was incurred for as long as the loss is still being applied.
  • Fraud or evasion. The ATO can audit "back to the beginning" in cases of suspected fraud. Practically speaking, assume indefinite retention is wise for core records.

What counts as "records"

The ATO guidance is broad. Records include: invoices, receipts, contracts, bank statements, stock records, motor vehicle expense logs, wage records, superannuation contribution records, BAS statements, and any working papers used to prepare tax returns. If it was used to support a tax position, it's a record.

Format requirements

Records can be kept in paper or electronic form. Electronic records must be in English, not modified or altered, and able to be shown to the ATO on request. The ATO explicitly accepts cloud-stored records — with the important caveat that you remain responsible for ensuring they're available and legible for the full retention period.

The practical question: where

Once you've decided to keep records electronically, the question becomes where. Shared drives and email are poor choices because they don't have retention controls, audit trails, or guaranteed availability. A proper document management system or data room with automatic retention policies is a better fit for the five-year plus retention windows the ATO requires.

As always, this is general information, not tax advice — check the ATO website or speak to your accountant for specific situations.