The AML/CTF Act in Australia

At the forefront of Australia’s defense against financial crime is the Anti-Money Laundering and Counter-Terrorism Financing (AML/CTF) Act 2006. This legislation plays a pivotal role in safeguarding the financial system’s integrity, ensuring transparency, and detecting illicit activities that can undermine economic stability. 

What is the AML/CTF Act?

The AML/CTF Act establishes a robust framework that mandates financial institutions (FIs) and other designated entities to implement preventative measures to detect and deter activities that could facilitate money laundering or fund terrorist acts. It achieves this through a multifaceted approach that includes customer due diligence (CDD), suspicious transaction reporting, and ongoing monitoring. By requiring entities to implement stringent compliance measures, the act aims to create a resilient financial system that is less susceptible to exploitation by criminal enterprises. 

The act has undergone multiple updates since its introduction in 2006 as regulators strive to keep up with emerging threats and vulnerabilities. Regulatory bodies, such as the Australian Transaction Reports and Analysis Centre (AUSTRAC), play a critical role in supervising and enforcing compliance. 

For example, in April 2023, the Australian government announced a formal public consultation into proposed AML/CFT Act reforms. The reforms aim to extend the act to cover other high-risk entities, including lawyers, trust and company service providers, accountants, real estate agents, and precious metals and stones dealers – also known as designated non-financial businesses and professions (DNFBPs). The government plans to hold roundtable discussions with key stakeholders and sectoral-specific discussions alongside the public consultation.

As financial crime trends and compliance technology evolve, the AML/CTF Act will remain a dynamic instrument to align with the country’s wider Tranche 2 reforms.

The key requirements of the AML/CTF Act

Obligations under Australia’s AML/CTF Act include:

• Enroll with AUSTRAC as a reporting entity, a remittance service provider, or a digital currency exchange provider (as applicable).
• Develop and maintain an AML/CTF compliance program that is independently reviewed.
• Appoint an AML/CTF officer and carry out appropriate training.
• Carry out ongoing money laundering risk assessments.
• Conduct employee due diligence, know your customer (KYC), and enhanced due diligence (EDD), where applicable.
• Carry out ongoing transaction monitoring and report suspicious transactions to AUSTRAC; transactions of $10,000 or more must be reported. 
• Identify ultimate beneficial ownership (UBO) and monitor politically exposed persons (PEPs).
• Keep customer AML records for at least seven years.
• Report annually to AUSTRAC – this is “vital in understanding and stopping the flow of illicit funds into, out of, and within Australia.”

Who must comply with the AML/CTF Act?

An entity offering services listed in section 6 of the AML/CTF Act must comply with the act. These include: 

• Banks.
• Building societies.
• Credit unions.
• Buying or selling bullion.
• Casinos.

A Guide to AML for Australian FinTechs

Uncover the core compliance responsibilities that arise from Australia’s AML/CTF regime and how FinTechs should respond using a risk-based approach.

Download now

The penalties for non-compliance with the AML/CTF Act

Obligated entities failing to meet their compliance obligations may face monetary penalties, which can be substantial. Civil penalties for breaches range from hundreds of thousands to millions of dollars, depending on the severity of the violation. As of January 2024, civil penalty orders of up to 20,000 penalty units can be issued, with each unit worth $313. 

In cases of serious non-compliance or repeated offenses, regulatory authorities may take enforcement actions beyond monetary fines. This can include injunctions, suspension, or revocation of licenses, which can significantly impact an entity’s ability to operate.

Furthermore, the reputational damage associated with AML/CTF violations can be severe, affecting customer trust and relationships. AUSTRAC and other regulators in the country – the Australian Securities and Investments Commission (ASIC) and the Australian Prudential Regulation Authority (APRA) – urge firms to establish robust compliance frameworks to avoid these penalties and contribute to the broader effort of combating money laundering and terrorism financing. The penalties aim not only to punish non-compliance but also to serve as a deterrent, reinforcing the importance of maintaining strong AML measures.

How can Australian firms comply with the AML/CTF Act?

Australian firms can ensure compliance with the AML/CTF Act by implementing comprehensive measures to detect and prevent illicit financial activities. Key steps for compliance include:

• Conducting a thorough risk sssessment to identify and understand the specific money laundering and terrorism financing risks associated with the business.
• Develop and implement a risk-based AML/CTF program tailored to the firm’s risk profile. This should include policies, procedures, and controls to address identified risks.
• Perform due diligence on customers to verify their identity and assess the risk they pose. This involves understanding the nature of the customer’s business, monitoring transactions, and updating customer information as necessary.
• Provide ongoing training to employees to ensure they are aware of AML/CTF obligations and can effectively implement the established policies and procedures.
• Maintain accurate and up-to-date records of customer transactions, as well as records related to the firm’s risk assessments, AML/CTF program, and employee training.
• Establish mechanisms for identifying and reporting suspicious transactions to the regulatory authorities promptly. This involves developing a clear process for reporting and cooperating with law enforcement.
• Appoint a designated AML/CTF Compliance Officer responsible for overseeing the firm’s compliance efforts and liaising with regulatory authorities.
• Regularly review and update the AML/CTF program to adapt to changing risk and compliance requirements. Implement ongoing monitoring systems to detect and report any unusual or suspicious activities.
• Engage external auditors or conduct periodic independent reviews to assess the effectiveness of the AML/CTF program and identify areas for improvement.

Firms should also familiarize themselves with AUSTRAC’s 2024 regulatory priorities. Firms should be aware of the following areas that may influence future legislative changes, which are split into “enduring priorities” and “areas of increased regulatory focus”:

• Enduring priorities:
  • Mitigating and managing money laundering and terrorist financing risk.
  • Ensuring reporting entities have effective AML/CTF programs that set out how they will comply with the AML/CTF Act and AML/CTF Rules.
  • Ensuring relevant matters are reported to AUSTRAC, including international funds transfer instructions, threshold transaction reports, and suspicious matter reports.
  • Closely monitoring high-risk sectors, namely banking, gambling, and remittance.

• Areas of increased regulatory focus:
  • Digital currency exchanges.
  • Payment platforms.
  • Bullion.
  • Non-bank lenders and financiers.