The Relationship Authorisation Manager (RAM) serves as the primary gateway for Australian businesses seeking secure digital access to government services. Administered by the Australian Taxation Office, this system links individual Digital IDs—such as myGovID—to Australian Business Numbers, enabling authorised representatives to transact online without repeatedly proving their authority across different agencies.
By centralising these permissions, RAM addresses a critical friction point in digital governance. Rather than managing separate credentials for the Department of Employment and Workplace Relations, the Export Service, or tax functions, businesses can now delegate access through a single, hierarchical framework while maintaining visibility over who acts on their behalf.
What Is the Relationship Authorisation Manager and Why Does It Matter?
| Core Definition A government authorisation service administered by the ATO that verifies individuals acting on behalf of businesses. |
Primary Purpose Simplifying secure access to online services including tax, grants, super contributions, and export documentation. |
| Common Uses Authorising staff for DEWR services, managing export accounts, and linking businesses to Digital IDs. |
Key Features Hierarchical role management, email-based verification codes, and centralised authorisation revocation. |
- RAM eliminates redundant logins by centralising business authorisations across multiple government agencies under one Digital ID framework.
- Only verified Principal Authorities can initially link an ABN, with eligibility confirmed against the Australian Business Register or ASIC records.
- The system operates under strict Digital ID Act 2024 accreditation standards, functioning as an attribute service provider within AGDIS.
- Service-specific authorisations allow precise control, restricting users to particular platforms like the Export Service or DEWR portals.
- Email-based invitation codes ensure secure onboarding without transmitting sensitive personal identification data between parties.
- Authorisations remain valid only while the individual holds their current appointment or position within the organisation.
- RAM protects privacy by displaying only the transactor’s role to government services, not their full identity credentials.
| Aspect | Details |
|---|---|
| System Name | Relationship Authorisation Manager (RAM) |
| Administering Agency | Australian Taxation Office (ATO) |
| Legislative Framework | Digital ID Act 2024 |
| Required Identification | Verified Digital ID (e.g., myGovID) |
| Business Identifier | Australian Business Number (ABN) |
| Role Tiers | Principal Authority, Administrator, Authorised User |
| Accreditation Level | Attribute Service Provider (AGDIS) |
| Primary Access Method | Web interface with email verification |
| Data Protection Method | Role-only visibility to services |
| Validity Period | Duration of current appointment/position |
Who Can Access RAM and What Are the Distinct Roles?
Access to RAM operates through a three-tier hierarchy designed to separate high-risk administrative functions from day-to-day transactional capabilities. This structure ensures that only proven responsible persons can establish the initial business link, while allowing delegation of routine tasks to staff or external representatives.
Principal Authority
The Principal Authority represents the highest level of control within RAM. This role is reserved for responsible persons listed in official government registers—specifically sole traders, directors, trustees, or public officers. Only these individuals possess the authority to perform the initial ABN link using a verified Digital ID, establishing the foundation for all subsequent authorisations within the entity.
Principal Authorities must appear in official registers such as the Australian Business Register, ASIC, ORIC, or ACNC to establish an ABN link. Sole traders, directors, trustees, and public officers typically qualify for this role.
Authorisation Administrators
Once a Principal Authority establishes the business connection, they may appoint Authorisation Administrators to manage the operational workload. These administrators can add and manage Authorised Users, but they cannot modify the Principal Authority’s access or appoint other administrators. This limitation maintains strict control over the hierarchy while distributing day-to-day management responsibilities.
While Principal Authorities can appoint multiple Authorisation Administrators, these administrators cannot, in turn, designate other administrators—only Authorised Users. This creates a controlled, top-down management structure.
Authorised Users
Authorised Users occupy the operational tier, receiving permissions to transact with specific government services on the business’s behalf. Access is granted through an email-based invitation system containing a unique authorisation code. The recipient must sign in with their Digital ID, review a formal declaration, and submit their acceptance before gaining access to designated agency platforms.
How Does the Authorisation Process Work?
The RAM workflow follows a structured four-phase approach designed to verify identity at each transition point while minimising administrative overhead for businesses.
Establishing the Initial Link
The process begins exclusively with the Principal Authority. This individual signs into RAM using their verified Digital ID and completes the ABN linkage process. This step cannot be delegated; it must be performed by a responsible person whose details match those held in the Australian Business Register or related corporate registers.
Adding and Inviting Users
Once the business is established in RAM, the Principal Authority or an Authorisation Administrator can create authorisation requests. The system requires the authoriser to specify particular agencies and roles for the recipient, ensuring access is strictly limited to necessary functions. Upon submission, the recipient receives an email containing a secure authorisation code.
Accepting and Managing Permissions
Recipients accept invitations by signing into RAM with their Digital ID and entering the provided code. The interface requires a declaration review before final submission. Ongoing management includes regular audits of active authorisations and immediate revocation capabilities when access is no longer required.
What Compliance Standards Govern RAM?
RAM operates within a strictly regulated framework designed to meet Australia’s evolving digital identity standards. The system holds accreditation under the Digital ID Act 2024 as an attribute service provider within the Australian Government Digital ID System (AGDIS). This status requires adherence to rigorous standards covering privacy protection, security protocols, usability, accessibility, risk management, and fraud control.
Authorisations automatically depend on holding a current appointment. If a Principal Authority or Authorised User leaves their position, their RAM access becomes invalid regardless of the original authorisation date.
Businesses must ensure that all delegated authorities align with current employment records and corporate governance structures. The system provides visibility into who can transact on the business’s behalf, but maintaining accurate records remains the organisation’s responsibility.
How Has RAM Evolved Within Australia’s Digital Identity Framework?
- : Parliament enacts the Digital ID Act 2024, establishing the legislative foundation for RAM’s accreditation as an attribute service provider.
- : RAM achieves formal accreditation under the Australian Government Digital ID System (AGDIS), meeting standards for privacy, security, and fraud control.
- : The Financial Services Council publishes updated guidance documentation, reflecting current operational protocols and best practices.
- Integration Phase: RAM connects with established infrastructure including the Australian Business Register and myGovID to streamline verification processes across agencies.
- Agency Expansion: The system extends support to include the Department of Employment and Workplace Relations and the Agriculture Export Service, broadening its utility for business compliance.
What Is Definitively Established About RAM Versus What Remains Unclear?
| Established Facts | Uncertain or Unconfirmed Aspects |
|---|---|
| RAM requires a verified Digital ID linked to an ABN through the Australian Business Register. | Specific future feature updates beyond the August 2025 guidance remain unspecified. |
| The system operates under Digital ID Act 2024 accreditation standards. | Whether RAM will expand to additional state-level services beyond current federal agencies. |
| Three distinct role tiers exist with specific permissions for each. | The exact timeline for potential integration with emerging digital identity technologies. |
| Authorisations terminate when an individual’s appointment or position ends. | Detailed technical specifications of the fraud control mechanisms employed. |
How Does RAM Integrate With Australia’s Broader Digital Government Strategy?
RAM functions as a critical infrastructure layer within the Australian Government Digital ID System (AGDIS), bridging the gap between individual identity verification and business entity authorisation. By linking myGovID credentials to ABN records held in the Australian Business Register, the system enables seamless interoperability across disparate government platforms without requiring agencies to maintain duplicate verification systems.
This integration reflects a broader shift toward user-centric digital governance, where The Morning Bulletin – Rockhampton’s Oldest Newspaper History has documented similar administrative transitions in regional business operations. The consolidation of authorisation management aligns with Australia’s international commitments to streamline regulatory compliance while maintaining robust security protocols.
What Do Official Sources Say About RAM Implementation?
“RAM verifies and manages authorisations for parties acting on behalf of businesses, linking a user’s Digital ID to an ABN from the Australian Business Register to confirm authority without sharing personal details.”
— Financial Services Council Guidance, August 2025
“Users must hold current appointments/positions for authorisations to remain valid.”
— RAM Terms and Conditions
“RAM is accredited under the Digital ID Act 2024 as an attribute service provider in the Australian Government Digital ID System (AGDIS), meeting standards for privacy, security, usability, accessibility, risk, and fraud control.”
— Australian Government Architecture
What Are the Essential Takeaways for Australian Businesses?
The Relationship Authorisation Manager represents a fundamental shift in how Australian businesses interact with federal government services, replacing fragmented credential systems with a unified, role-based hierarchy. Organisations must designate appropriate Principal Authorities from their leadership ranks, implement regular audits of active authorisations, and ensure all delegates maintain current verified Digital IDs. For business operators navigating these transitions, understanding these protocols proves as essential as following other major administrative developments, such as coverage of Alone Australia Season 3 – Release Date, Winner and Where to Watch for those tracking national program schedules.
Frequently Asked Questions
Can I authorise external representatives using RAM?
Yes, RAM supports authorising staff or external representatives to act for the business in government online services such as DEWR or Export Service.
How quickly can access be revoked once no longer needed?
The system includes revocation options allowing Principal Authorities or Administrators to view and remove authorisations immediately through the management interface.
Are sole traders eligible to use RAM as Principal Authorities?
Yes, sole traders qualify as responsible persons who can establish Principal Authority status by linking the ABN using their verified Digital ID.
Is there a fee associated with using RAM services?
The research does not specify any fees for using RAM, as it appears to be a standard government authorisation service administered by the ATO.
What specific government agencies currently support RAM authorisation?
Current integrations include the Department of Employment and Workplace Relations, Agriculture Export Service, and Australian Taxation Office functions.
Can an Authorisation Administrator create other administrators?
No, Authorisation Administrators cannot create other administrators; they may only add and manage Authorised Users, maintaining a controlled hierarchy.
What happens to my RAM access if I leave the business?
Authorisations terminate automatically when an individual no longer holds their current appointment or position within the business structure.
Related stories
Liam O'Brien covers Australian politics and public affairs for Australian News Desk.