Enter your idea

Agree with Les, disappointing this hasnt been addressed.

OK thanks Megan. Hopefully Xero get onto this. The response so far is very disappointing in that they seem more interested in making changes that suit the marketing spiel, rather than building a "grown up"SME accounting system that has much needed controls. I'm really not sure why this is such a big deal to implement.

Hi Les, we had to get our IT company to implement this, otherwise you would have to set up a rule on everyone individually.
We basically set up a rule that says anything that comes through from the xero email that has the reference o "Automatic Xero Alert: Bank account for" in the title to be redirected/forwarded to the relevant email addresses.

Hi Megan,

Thanks for this workaround. Could you please post some more details, eg the menu options to use to access the ability to set a redirect for any email that goes to our staff when they change the Xero bank details to send to a manager.

Cheers, Les

For those following, a partial work around we have found. We have set a redirect for any email that goes to our staff when they change the Xero bank details to send to the managers. This only works on updating bank details, not adding in new ones unfortunately, but its better than nothing. It would be better if we didnt have to set these rules and it was automatic from Xero like with MYOB.

Our auditors have asked us numerous times to enable this in Xero, not understanding that although it is a basic function of most finance software packages, Xero seems to have been left behind. This should be planned and in the near future. A much better use of resources and feature rollout than the recent changes to archiving in files....

A request to add "Files - Bulk export/print attached files" to product development has been accepted, albeit without a timeline. This function is much more important as it is a key day to day internal control to reduce the likelihood of being scammed.

What is needed for this to move to the Development queue?

This is an essential measure in preventing fraud.

Would benefit from being notified of supplier bank accounts being changed by another Xero login - currently only the user who is making the change gets the email alert. It would be great if other users could opt-in to be notified of changes made by another user.

The History and notes report is a complete waste of time. Doesn't show any level of detail that would highlight a potential issue. The Assurance dashboard doesn't have any ability to filter or sort so you are constantly looking at everything that has ever been changed, again pretty useless. This has to be a priority - surely there is a way to run a report that shows all changes made to a contact within a period of time, particularly bank account numbers.

Very very important please

I've been chasing for some years. Maybe if Xero used their own product to run one of their own businesses it would be higher up the priority list!

I definitely agree with Miléna Hubert, this is critical. The notification should be instantaneous not something you have to search for in a report somewhere.

As a CFO, I can't understand why this is not a Critical fix to do. Segregation of duties is one of the key pillars of healthy finance teams and we take this very seriously.

This is extremely disappointing that the product team are not planning for an update that is very much in demand. Security of payments should be a priorty for any accounting system.

I agree, this is really dissapointing, and seems an easy fix. The person making the change does get an email notification, so not sure why it would be difficult to extend that to advisors also. We get asked about this at each of our audits.
MYOB has this feature, and we may need to switch back to using them, at least they take security seriously.

https://www.myob.com/au/support/myob-business/product-account/ways-you-can-protect-your-accountright-company-file/accountright-settings-have-been-changed-email-notification

I appreciate the update but agree with others that this is a critical feature. It is separation of duties 101. Sadly, Xero is not the company it once was.

Thank you for your response regarding the visibility of changes to supplier bank account details.

We appreciate the transparency around this not being a current development priority. However, we would like to reiterate that this feature is not simply a “nice to have” — it is a critical security measure. As a small business, we rely heavily on Xero to safeguard our financial operations, and unfortunately, the lack of a clear and proactive audit trail for bank account changes exposes us to significant fraud risk.

While we understand that bank account admin permissions and the Assurance Dashboard provide some level of control, they do not go far enough. What is missing is immediate visibility, notification, and alerting when sensitive changes are made — particularly in the context of rising cyber threats and internal fraud risks.

We urge your product team to reconsider the priority of this feature, not just as an enhancement, but as a fundamental part of financial governance and small business protection. Xero has built a reputation on trust and reliability — addressing this gap is essential to maintaining that trust.

@Kelly Middleton given you understand the appetite for it from your paying customers and I'm guessing that you understand the security and compliance issues that not having this causes, why does Xero choose not to implement it?

I get an email every time an employee changes their bank account so why can I not with a change to contact bank details?

Regarding the Bank Account Admin Permission and this statement

- If you change any digits of a contact's bank account, you’ll receive an email notification to check that the change is valid.

In this instance, and please correct me if I'm incorrect, but the User who changes the account is the person who gets the email. That is utterly pointless regarding preventing fraud.

As a business owner who has been the victim of fraud due to the actions of an employee at an accounting firm, the above options you suggest are only great after the fact, only after the fraud has been discovered, we are wanting security functionality to prevent fraud. Why does Xero have no appetite to do this?

I find it odd that this very small measure it is not implemented by a program that cites being security conscious