April 2026: BAS Deadline, Junior Pay Rates & Cyber Security

Just a cheeky heads up — BAS time is here again for Australian small businesses. Yeah, yeah, we know, it feels like we just did it too! As usual our good friends at the ATO are keen for their usual update, so we need to keep them happy.

March Quarter BAS Including PAYGI Due 26 May 2026

What we are chasing:

• Income and Expenses
• Bank Statements
• Payroll
• Any random "I'll deal with that later" transactions

Please keep an eye on your inbox as the team might pop into your emails if they have questions or need a bit more info.

When your BAS is ready to review and sign, we will send you an email and an SMS — because one reminder is never enough!

Fair Work Commission Issues Junior Rates Decision

The Fair Work Commission has released a decision to phase out junior pay rates for certain employees aged 18 to 20. The changes relate to the following awards:

• Fast Food Industry Award 2020
• General Retain Industry Award 2020
• Pharmacy Industry Award 2020

What You Need to Know

• Employees aged 18 to 20 with more than 6 months service must be paid the full adult rate.
• Junior rates will remain unchanged and continue to apply for employees with less than 6 months's service.
• The changes are proposed to be phased in from 1 December 2025, with full implementation by 1 July 2029.

What Should You Do Next?

• Review whether these updates apply to your business
• Assess any payroll, compliance or pricing impacts early
• Ensure your systems and processes are ready ahead of implementation dates
• Seek advise where there is uncertainty

Over the Coming Months, We Will:

• Provide further updates as more details become available
• Reach out to you if any specific changes are required by your business
• Offer guidance and support to help you transition with confidence

Cyber Threats Continue to Rise — What Can You Do?

The Australian Cyber Security Centre (ACSC) Cyber Threat Report 2024-2025 highlights that weak or stolen passwords remain one of the most common entry points for attackers. Whether you are managing your accounts, using cloud software, or running day-to-day business systems, short and simple passwords offer very little protection against modern cyber-attacks.

How Quickly Can a Password Be Cracked?

Cybercriminals often use brute force and dictionary attacks to guess passwords. A brute force attack systematically tries every possible combination of letters, numbers and symbols until it finds the correct one. Advances in computing power have made these attacks incredibly fast. According to the latest Hive Systems 2025 Password Table, the time it takes to crack a password varies dramatically based on its length and complexity.

These statistics highlight a simple fact: short passwords are not secure. If you use passwords shorter than 12 characters, your sensitive data could be at serious risk.

Why Should You Use Longer Passphrases?

A passphrase is a longer, more complex password that consists of multiple words strung together, making it both stronger and easier to remember. For example, instead of using "PasswOrd!", which can cracked in seconds, try combining unrelated words with a symbol, e.g. "BluePiano$TigerMountain".

Here are some benefits of using passphrases:

• Increased Security — 16+ characters make brute force attacks nearly impossible!
• Easy to Remember — a sentence-like phrase is simpler to recall than a random mix of characters.
• Lower Risk of Reuse — employees tend to reuse short passwords across multiple accounts, which makes then vulnerable if one account is compromised.