To reset your password, Please click here. You may then provide your registered email address and follow the prompts to reset your password.

The registered email address is the one you used to apply to establish the SMSF and receive correspondence from ESUPERFUND. If you have forgotten your registered email address, please click here.

We advise that all communications from ESUPERFUND will be sent via the Client Portal Inbox ensuring all communications are kept secured, well organised and for easy reference. For all Inbox messages initiated by ESUPERFUND and requiring action by you, or where ESUPERFUND has responded to your query, an email notification will be sent to your registered email. Please add ESUPERFUND's domain name (@esuperfund.com.au) to your approved email sender list to avoid emails going into your "Spam" folder.

For Inbox messages that do not require any action from you (such as our monthly newsletter and SuperStream notifications), you will not receive an email notification.

Please note that you can also install the ESUPERFUND Mobile App to view Inbox messages from ESUPERFUND in a more timely manner. To install the App, please use your mobile phone to search "ESUPERFUND" in the iOS App Store or Android Play Store.

Please note that you are unable to reply to a query if it has been closed. Should you have any further queries please create a New Query.

Please clear your cache and cookies through your internet browser. Please click here for a step-by-step guide for some commonly used browsers.

Please make sure that your browser does not block pop-ups. Please enable pop-ups in your browser setting and try to download the document again. A detailed step by step guide to enable browser pop-up can be found here.

The upload size limit is 20MB per document. This is important to make sure that the documentation is successfully uploaded and received by our office. To the extent that the document size is larger than the limit, please re-scan with a lower resolution or scan it as black-and-white.

Please make sure that your browser does not block pop-ups. Please enable pop-ups in your browser setting and try to download the document again. A detailed step by step guide to enable browser pop-up can be found here.

Please clear your cache and cookies through your internet browser. Please click here for a step-by-step guide for some commonly used browsers.

Please clear your cache and cookies through your internet browser. Please click here for a step-by-step guide for some commonly used browsers.

The Annual Checklist will be released to you shortly upon lodgement of your Fund's previous year’s annual tax return. Please check your Inbox and make sure you provide all the required information/documentation to enable us to attend to your Fund’s annual compliance requirements.

Please ensure you have selected the correct reporting period under "Select Financial Year" column when viewing your Fund's investment details.

The data is displayed based on what we received from CommSec directly, sometimes the data we received may be delayed up to 5 business days.

The bank page is designed for you to view and pre-code transactions before the Annual Checklist is released. The incomplete status indicates that you have "Not Coded" or “Incomplete” transactions. Hover your mouse over the “Incomplete” status to view more details.

The transactions are locked for editing because it matches with the automated data received by our office from the associated parties directly. Hence you are not required to update the coding for these locked transactions.

The term deposit details were locked for editing because these were verified by our accountant in the previous financial year and they are not required to be changed.

The data is displayed under this section is based on the SuperStream messages that our office received from your employer(s) directly. Should you have any questions about the contribution summary page we suggest you contact your employer first.

Yes. From January 2024, all the clients are required to use MFA to login to the Client Portal.

You must select one of the following methods to receive the verification code to login to the Client Portal:

• Authenticator App
• Mobile Number
• Email Address

From January 2024, (Multi-Factor Authentication) MFA will be enabled for all the clients. You don’t need to do anything until the ESUPERFUND app or website prompts you.

Every time you login to the Client Portal, you will be prompted to select your preferred methods to receive the verification code, providing you with added flexibility and convenience in the authentication process.

Before you start, you must first install the Authenticator App (eg: Google Authenticator on Google Play or the App Store) on your preferred device.

Step 1: Select Authentication App as your preferred method to receive the verification code and you will be prompted to configure Multifactor Authentication.

Step 2: Scan the QR code or manually enter the Setup Key into your authentication app.

Step 3: When you log in in the future, you can choose to receive your verification code using your authentication app.

This will depend on the type of MFA that you have configured.

Authenticator app

If you use an authenticator app, then you do not need to enter your code every time you log in unless you want to.

Ticking the Remember This Device for 7 Days check box will save your login to the browser so that you do not need to enter a code next time that you log in to that browser (within 7 days).

However, if you access the Client Portal through a different browser or from a different device you will be prompted to provide an authentication code when logging in.

Mobile Number Authentication

If you use a Mobile to receive a verification code, then you do not need to enter your code every time you log in unless you want to.

Ticking the Remember This Device for 7 Days check box will save your login to the browser so that you do not need to enter a code next time that you log in to that browser (within 7 days).

However, if you access the Client Portal through a different browser or from a different device you will be prompted to provide an authentication code when logging in.

Email Authentication

If you use email to receive a verification code, then you will need to enter your code every time you log in.

Email MFA is intended to be a back up method to be used if you don’t have a smart phone or if you have one but cannot access it (temporarily). It’s not intended to be the primary authentication method, particularly for people who are logging in regularly.

For this reason, if you choose to use email authentication there is no option to ‘remember’ the current device and you will be required to request a code be emailed to you each time you log in.

Our MFA solution works with Microsoft Authenticator and Google Authenticator apps.

If you do not have access to a mobile device for MFA, you can choose to receive an email code instead. The verification code will be sent to your registered email address.

This method is primarily intended as an alternate of way of authenticating temporarily. It is not intended to be the primary method of authentication.

You may wish to reset your linked device for Authenticator App, for example, if you have lost your mobile device or want to change a new mobile device.

To reset your device for Authenticator App:

1. Login to the Client Portal
2. Click on ‘Profile’ – ‘Setting’ from the navigation menu
3. Click on ‘Reset/Setup Device’ next to Multifactor Authenticator Device
4. Click on ‘Proceed with Logout’ in the confirmation dialog.

You will be asked to enter your login credentials and will be prompted to re-configure the Multifactor Authentication.

The most likely reason that your code is not working is that the time on your mobile device is set incorrectly.

The code that is generated by your authenticator app is a time-based one-time password (OTP). Each OTP code in your authentication app is generated using a ‘shared secret’ (think of this like a password) and the date/time on your mobile device. The code that is generated expires 90 seconds after the time that it is generated.

Since each code from the app is only valid for 90 seconds, if the time on your device is different to the one on the server by more than 90 seconds, then the generated codes will be different and you will not be able to log in.

To ensure that the codes that your authenticator app generate are valid, you should ensure that the time on your device is correct. Configuring your mobile device to set the date and time automatically will ensure that the time on your mobile device stays correct.