DSP or Add-on Developer?

The ATO's Operational Framework and the SSAM outline different requirements for Digital Service Providers (DSPs) and third party add-on developers.

Click the button below to take the quiz or use the table to self assess whether your application should be certified under the ATO's Operational Framework or the SSAM.

DSP or Add-on Quiz DSP or Add-on Quiz

	Digital Service Provider (DSP)	Third Party App/Add-on
Purpose	Accounting for business or taxation purposes; Corporate compliance or ASIC entity management; E-invoicing access point; Income tax or GST calculation, reporting and lodgment; Payroll calculation, reporting and lodgment; Superannuation calculation, reporting and lodgment; Superannuation gateway or clearing house.	Any other business purpose eg. Point of sale, inventory, expense claim management
ATO Integration	ATO Integration - Direct or indirect connection using SBR1, SBR2, PLS or ELS channel. Including via a data intermediary such as a Sending Service Provider or Superannuation Gateway.	No connection to ASIC or the ATO via API.
API ecosystem	Provides a public or private API allowing third parties to connect and send/receive data.	Consumes an API endpoint provided by a DSP (eg. Xero, QBO, MYOB).
Hosting	Desktop or cloud	Cloud only
TFN data stored or used in application	Yes	No
Personal or financial data stored or used in application	Yes	Maybe
Certification	Yes, ISO 27001 or IRAP	Maybe
Applicable Standard	DSP Operational Framework	SSAM

You can download a copy of the standard (PDF) here: Security Standard for Add-on Marketplaces (SSAM).

How to register as a DSP:

If your application qualifies you as a Digital Service Provider (DSP), then you will need to register your software with the Digital Partnership Office at the ATO and complete the Operational Framework Security Questionnaire. Click here for more information.

DSP or Add-on Developer?

How to register as a DSP:

Become a Member

Member Directory