Security & trust

Trust is the product, not a feature.

This is regulated, reputation-critical work: a wrong return means a lost client and an IRD penalty. Every decision in automate.business serves one test: does this keep the firm calm, in control, and safe? Here's exactly how.

Read-only access

We pull data to prepare returns. We never edit, post, or delete anything in your clients' books: the connection is read-only by design.

NZ data residency

Client data is encrypted in transit and at rest, and stays hosted in New Zealand. You control retention.

Human-gated filing

No return is ever lodged with IRD without an authorised person's explicit approval. It can't be automated, even over the API.

Everything audited

Every action (agent, human and IRD) is recorded in an append-only, exportable trail. The evidence to defend any figure.

How we handle your data

Specific, not hand-wavy.

Connections & access

  • Ledgers connect via official Xero & MYOB OAuth: we never see or store credentials.
  • Access is read-only and scoped to exactly what we explain at connect time.
  • Bank data arrives through official open-banking feeds.
  • Revoke any connection at any time, from your side or ours.

Storage & encryption

  • Encrypted in transit (TLS) and at rest (AES-256).
  • Hosted in New Zealand; Enterprise can set custom residency.
  • Each prepared return is sealed to an immutable snapshot.
  • Configurable retention and export on request.

People & permissions

  • Two-factor authentication on every sign-in.
  • Reviewer roles control who can approve and file.
  • SSO and advanced permissions on Enterprise.
  • Every sign-in and approval is recorded with who, when, and from where.

How the agent is governed

  • Tiered autonomy: trusted work auto, consequential work gated.
  • A confidence floor escalates anything uncertain to a human.
  • Tools called over MCP or the API obey the same rules.
  • Your data is never used to train shared models.
The proof

An audit trail built to be handed to IRD.

Done-for-you is only safe if you can show your work. Every step is append-only, hash-chained, and exportable as a clean evidence pack, designed for a client or an auditor, not just an internal log.

Immutable & chained

Each entry references the hash of the one before it: no gaps, no edits.

Who, what, when, which model

Agent, human and IRD actions, with the inputs behind each.

One-click evidence pack

Export a period's full trail as a PDF for any reviewer.

automate.business/app/audit
Our posture

Built to a professional standard.

automate.business is made in New Zealand by alumni of leading fintech and accounting platforms. We hold ourselves to the standards firms are accountable to.

Privacy Act 2020

Handled in line with NZ privacy principles.

Encryption everywhere

TLS in transit, AES-256 at rest.

Published sub-processors

A current list, available on request.

Safe enough to put your name on.

See exactly how the agent works, where it stops, and what gets recorded.

Read-only access · NZ-hosted · nothing files without you