Enter your idea

I appreciate the update but agree with others that this is a critical feature. It is separation of duties 101. Sadly, Xero is not the company it once was.

Thank you for your response regarding the visibility of changes to supplier bank account details.

We appreciate the transparency around this not being a current development priority. However, we would like to reiterate that this feature is not simply a “nice to have” — it is a critical security measure. As a small business, we rely heavily on Xero to safeguard our financial operations, and unfortunately, the lack of a clear and proactive audit trail for bank account changes exposes us to significant fraud risk.

While we understand that bank account admin permissions and the Assurance Dashboard provide some level of control, they do not go far enough. What is missing is immediate visibility, notification, and alerting when sensitive changes are made — particularly in the context of rising cyber threats and internal fraud risks.

We urge your product team to reconsider the priority of this feature, not just as an enhancement, but as a fundamental part of financial governance and small business protection. Xero has built a reputation on trust and reliability — addressing this gap is essential to maintaining that trust.

@Kelly Middleton given you understand the appetite for it from your paying customers and I'm guessing that you understand the security and compliance issues that not having this causes, why does Xero choose not to implement it?

I get an email every time an employee changes their bank account so why can I not with a change to contact bank details?

Regarding the Bank Account Admin Permission and this statement

- If you change any digits of a contact's bank account, you’ll receive an email notification to check that the change is valid.

In this instance, and please correct me if I'm incorrect, but the User who changes the account is the person who gets the email. That is utterly pointless regarding preventing fraud.

As a business owner who has been the victim of fraud due to the actions of an employee at an accounting firm, the above options you suggest are only great after the fact, only after the fraud has been discovered, we are wanting security functionality to prevent fraud. Why does Xero have no appetite to do this?

I find it odd that this very small measure it is not implemented by a program that cites being security conscious

Was this not already a notification that used to happen? If so then why was it removed?

Hi, I fully support this proposal, and hope it can be implemented asap. I believe MYOB has this functionality? There has been a lot of fraud cases in news recently in regards to changing supplier bank accounts, or adding new suppliers, this would be another step to increasing visibility on any activity like this.

This shouldn't be too difficult to implement.

Yet another basic thing Xero SHOULD do, but doesn't, so try exporting a list of emails to excel, then grab the email list by selecting all the emails in that column and drop into Outlook email BCC and it will intuitively list them for bulk use.

We are a relatively large organisation any being notified of changes in bank accounts for suppliers would streamline our invoice approval process significantly and reduce the potential for fraudulent behaviour.

Please implement this! Agree with the other requesters that this function is an important anti-fraud measure.

Following this up! Very important. It already happens for Payroll Changes, should be implemented for all bank changes.

Please implement, it's critical to improve internal controls.

Please implement, to strengthen internal controls of Xero.

Please implement. A critical improvement to improve internal controls.

This is a key control and protectiion, I really don't know why Xero haven't implemented it despite much support for it

This is important please make this urgent as this is very critical for any business or organisation using Xero.

This is crucial. This would make fraud identification much simpler and is an important internal control.

This is very significant to strengthen controls environment.

This is crucial. Please implement ASAP. The current set up either gives users access to make bank account changes or not - this insufficient for efficient AP management. AP still need access to make changes to bank accounts, but they need checks and balances in place for any changes made.

This is a critical control for internal audit and fraud identification. Development should complete this ASAP