The Complete Professional Services Compliance Checklist for Australian SMBs

Running a professional services business in Australia — whether you're a law firm, accounting practice, consulting firm, or registered tax agent — means navigating one of the most layered regulatory environments of any SMB sector. Licensing boards, the Tax Practitioners Board, ASIC, the Office of the Australian Information Commissioner, Safe Work Australia, and the Fair Work Commission all have something to say about how you operate.

This professional services compliance checklist for Australia brings every major obligation into one place so you can see where you stand and what needs attention.

---

Part 1: Professional Licensing and Registration

Licensing is the foundation of your compliance position. Operating without the correct registration isn't just a fine risk — it can mean the difference between a lawful business and an unlawful one.

Tax Agents and BAS Agents

• [ ] Registered with the Tax Practitioners Board (TPB) under the Tax Agent Services Act 2009
• [ ] Registration is current — renewal due date tracked with an advance reminder (TPB sends reminders, but tracking it yourself is prudent)
• [ ] All individuals providing tax agent services or BAS services are either registered practitioners or working under appropriate supervision of a registered practitioner
• [ ] Compliance with the Code of Professional Conduct under the Tax Agent Services Act 2009 (honesty, integrity, independence, confidentiality, competence)
• [ ] Continuing Professional Education (CPE) requirements are being met and recorded (generally 90 hours over three years for tax agents, 45 hours for BAS agents)
• [ ] If a corporation, the "sufficient number" of registered tax agents requirement is satisfied
• [ ] No conduct that could constitute a sanction risk under TPB disciplinary procedures

Law Firms and Legal Practitioners

• [ ] All legal practitioners hold a current practising certificate issued by the relevant state or territory Law Society or Bar Association
• [ ] Admission status is current (solicitors practising in NSW or Victoria operate under the Legal Profession Uniform Law; other states have equivalent state legislation)
• [ ] Practising certificate renewal dates are tracked — typically annual
• [ ] Conditions on practising certificates (e.g., supervision requirements for restricted or supervised practice) are being complied with
• [ ] Law firm is appropriately structured and registered with the relevant Law Society or Law Institute
• [ ] Incorporated Legal Practices (ILPs) meet ongoing suitability requirements
• [ ] CPD requirements for legal practitioners are met (generally 10 CPD units per year in NSW and Victoria under the Uniform Law)

Other Licensed Professional Services

• [ ] Engineers, architects, and surveyors hold current state-based licences or registrations relevant to their practice area
• [ ] Migration agents are registered with the Office of the Migration Agents Registration Authority (OMARA)
• [ ] Financial planners who provide advice through your firm comply with ASIC licensing requirements — if your firm holds an AFSL, confirm all advisers are properly authorised
• [ ] Business name registration is current with ASIC
• [ ] Company registration is current and annual review fees paid to ASIC on time

---

Part 2: Continuing Professional Development (CPD)

CPD compliance is individual to each practitioner but the firm bears responsibility for ensuring it happens.

• [ ] CPD requirements for each licensed profession in your practice are documented and tracked by individual
• [ ] CPD calendars or tracking systems are in place — do not rely solely on individual self-reporting
• [ ] CPD obligations are built into annual performance review cycles
• [ ] Records of CPD completion are retained (most regulators require you to keep records for a number of years after the end of the CPD year)
• [ ] CPD year-end is known and diarised — many professions run on a calendar year or a July–June financial year cycle
• [ ] Practitioners who have changed roles, returned from parental leave, or moved between firms have their CPD position confirmed

---

Part 3: Trust Accounting

Trust account obligations apply to many professional services businesses, most prominently law firms and real estate agents. Getting trust accounting wrong carries severe consequences including loss of licence.

• [ ] A statutory trust account is maintained at an approved ADI (authorised deposit-taking institution) where required
• [ ] The trust account is correctly named in accordance with state legislation
• [ ] Trust monies are kept strictly separate from the firm's own funds — no commingling
• [ ] A trust account ledger is maintained recording every receipt and payment, with client sub-accounts
• [ ] Monthly trust account reconciliation is completed and retained
• [ ] Receipts are issued for all trust money received
• [ ] Trust payments are made only when authorised and for appropriate purposes
• [ ] Controlled money accounts (where applicable) are correctly established and recorded
• [ ] Annual trust account audit is completed by an external, independent auditor within the timeframe required by your state regulator
• [ ] The auditor's report is lodged with the relevant regulator (Law Society, Legal Services Commissioner, or equivalent) by the due date
• [ ] Any trust account deficiency is reported immediately to your regulator — a trust shortfall must never be left uncorrected
• [ ] Staff who handle trust money have been trained in applicable requirements

Note: Trust account requirements differ by state. NSW firms are subject to the Legal Profession Uniform General Rules 2015; Victorian firms to the Legal Profession Uniform General Rules as applied in Victoria; Queensland, Western Australia, South Australia, and other states have equivalent legislation under their own Legal Profession Acts. If you operate across jurisdictions, confirm requirements state by state.

---

Part 4: Professional Indemnity Insurance

• [ ] Professional indemnity (PI) insurance is current and provides adequate coverage for your practice area and revenue
• [ ] Cover period is tracked — lapsed PI insurance is both a licence compliance risk and a significant commercial risk
• [ ] Policy excess, coverage limits, and exclusions are understood and reviewed annually
• [ ] Renewal is actioned well ahead of the expiry date — insurers may require disclosure of claims history or practice changes
• [ ] Prior acts coverage (run-off) considered if a principal or senior practitioner is retiring or if the firm is winding up
• [ ] PI insurance meets mandatory requirements set by your professional body or regulator (minimum coverage amounts and conditions vary by profession and state)

---

Part 5: Privacy Compliance

Most professional services businesses handle sensitive information about clients — financial, legal, or personal. Privacy Act compliance is not optional for businesses with turnover above $3 million, and many professional services SMBs will meet that threshold. For detailed guidance, see our Privacy Act reform guide.

• [ ] Privacy Policy is current, accessible (on your website and available to clients on request), and accurately describes how you collect, use, store, and disclose personal information
• [ ] Clients are notified at the point of collection of the purposes for which their information is collected (Australian Privacy Principle 5)
• [ ] Client files and data are held securely — digital files are access-controlled and encrypted, paper files are stored securely
• [ ] Client data is not disclosed to third parties (referral partners, overseas cloud services, contractors) without appropriate authorisation or notification
• [ ] A documented data breach response plan exists — the Privacy Act 1988 requires eligible data breaches to be assessed and, where necessary, notified to the OAIC and affected individuals under the Notifiable Data Breaches (NDB) scheme
• [ ] The assessment period for a potential NDB is tracked (30 days from becoming aware of the breach to complete an assessment)
• [ ] Cloud storage and software-as-a-service tools used by the firm have been assessed for privacy risk — particularly where data is stored or accessible overseas
• [ ] Staff are trained on the firm's privacy obligations at induction and when the Privacy Policy is updated

---

Part 6: ASIC Registration and Annual Obligations

• [ ] ASIC company registration is current (Pty Ltd, company, trust with corporate trustee, etc.)
• [ ] ASIC annual review statement reviewed and annual review fee paid on time — late payment incurs penalties
• [ ] Company details updated with ASIC within required timeframes when directors, addresses, or share structures change
• [ ] Business name registration renewed before expiry (1 or 3 year registration periods available)
• [ ] If an AFSL or ACL is held, all ASIC licence obligations are separately managed (refer to financial services compliance)

---

Part 7: Work Health and Safety

Professional services offices may look low risk, but WHS obligations apply fully — and regulators have increasingly focused on psychosocial hazards that are common in high-pressure professional environments.

Physical Workplace Safety

• [ ] WHS management system exists and is appropriate for your workplace (under the Work Health and Safety Act 2011 (Cth) and state equivalents)
• [ ] Workplace risks have been identified and assessed — common hazards include ergonomics (sedentary work, workstation setup), fire safety, electrical safety, and manual handling
• [ ] Workstation ergonomics reviewed for each employee — particularly those working from home
• [ ] Emergency procedures (evacuation, first aid) are documented and communicated
• [ ] First aid supplies are accessible and maintained
• [ ] Workers compensation insurance is current for all workers

Psychosocial Hazards

• [ ] Psychosocial hazards have been identified and assessed for your workplace — professional services commonly involves role overload, long hours, client conflict, vicarious trauma (particularly for lawyers handling distressing matters), and poor role clarity
• [ ] Controls are in place to manage psychosocial risks — not just an EAP, but structural measures (workload management, supervision, clear expectations)
• [ ] Consultation with workers has occurred in relation to WHS matters — this is a legislative requirement, not optional
• [ ] WHS obligations apply to contractors and labour hire workers under your direction — confirm coverage

---

Part 8: Employment Law

Award Coverage

• [ ] The applicable Modern Award for each employee classification has been identified
• [ ] Clerks — Private Sector Award 2020 covers most administrative, clerical, and support roles in professional services firms (receptionists, legal secretaries, practice administrators)
• [ ] Professional Employees Award 2020 covers professional employees such as accountants, engineers, scientists, and information technology professionals — confirm whether it applies to your professional staff
• [ ] Law firms should confirm whether employed solicitors and barristers fall within the Professional Employees Award or are award-free (senior solicitors are typically award-free above the high income threshold but junior solicitors and graduates may not be)
• [ ] Pay rates are at or above award minimums as updated from 1 July each year following the Fair Work Commission's annual wage review
• [ ] Overtime, penalty rates, and allowances are being correctly applied where the award requires them
• [ ] Junior rates (if applicable) are applied correctly

Employment Records and Entitlements

• [ ] Written employment contracts in place for all employees
• [ ] Fair Work Information Statement provided to all new employees at commencement
• [ ] Casual Employment Information Statement provided to casual employees
• [ ] Leave entitlements tracked accurately — annual leave, personal/carer's leave, long service leave
• [ ] Long service leave entitlements reviewed — accrual and eligibility vary by state
• [ ] Pay slips issued within one working day of each pay period and contain all required information
• [ ] Employment records retained for at least 7 years
• [ ] Contractor arrangements reviewed against the Fair Work Act 2009's sham contracting provisions — and against the ATO's contractor/employee distinction for tax purposes

---

Part 9: Tax and Payroll

• [ ] ABN registration is current
• [ ] GST registration is current (most professional services firms will be registered — services are generally taxable supplies)
• [ ] BAS lodgement is on time — monthly or quarterly depending on your registration
• [ ] STP Phase 2 (Single Touch Payroll) is active and correctly configured — payroll reporting is made to the ATO each pay event
• [ ] Superannuation paid to employees' nominated funds at the current Superannuation Guarantee rate (11.5% for 2024–25, rising to 12% from 1 July 2025) and within ATO-required timeframes
• [ ] Payday Super changes monitored — from 1 July 2026, employers will generally be required to pay super at the same time as wages; assess your payroll systems now
• [ ] PAYG withholding amounts are correct for each employee and remitted on time
• [ ] Contractor payments assessed for Taxable Payments Annual Report (TPAR) reporting obligations (professional services firms that engage contractors providing services like cleaning, IT, or building in connection with their business may have TPAR obligations)
• [ ] Payroll tax registration assessed — threshold and rates vary by state; confirm position if your wages are approaching the relevant state threshold

---

How Often to Review This Checklist

Monthly: BAS lodgement, STP reporting, trust account reconciliation, super payments

Quarterly: WHS review, practising certificate and TPB registration status checks, payroll tax

Annually: PI insurance renewal, CPD records review, Privacy Policy review, award rate update (1 July), trust account audit lodgement, ASIC annual review, long service leave accruals

On any change: New hire (employment contract, award classification, Fair Work Information Statement), new service offering (does it require additional licensing?), data breach trigger (is NDB assessment required?)

---

How Reguladar Helps

Keeping track of all these obligations across licensing, CPD, trust accounting, privacy, WHS, employment, and tax is a genuine operational challenge for professional services SMBs. Reguladar gives you a single small business compliance dashboard that tracks your obligations, surfaces upcoming deadlines, and helps you stay ahead of the regulators — without needing to hold all of this in your head.

Start your free professional services compliance check at Reguladar →

This checklist is general information only. Requirements vary by profession, state, and business structure. Seek professional advice relevant to your specific circumstances.