AUSTRAC Releases New Compliance and Reporting Guidance for High-Risk Customers

Following a consultation in December 2022, the Australian Transaction Reports and Analysis Centre (AUSTRAC) has released new compliance and reporting guidance for high-risk customers to discourage debanking activities, sometimes known as de-risking. Customers affected by debanking include some fintechs, remittance providers, digital currency exchanges, and other businesses considered high-risk or nontraditional. 

The guidance encourages sound risk assessments and reassures firms that sound anti-money laundering and counter-terrorist financing (AML/CTF) is possible without resorting to de-risking, and emphasizes that the practice may undermine a sound AML/CTF approach. Before this, the Australian Senate had issued a report with a section discussing examples of specific Australian entities affected by debanking and highlighting their experiences. This advice also harmonizes with the Financial Action Task Force’s (FATF’s) reflections on the ethical concerns of de-risking certain groups of customers.Aims of the Guidance

The guidance seeks to accomplish two things. First, it aims to clarify appropriate risk-based AML procedures for financial institutions. In particular, it seeks to assure firms that it is reasonable to offer services to high-risk businesses, explain AUSTRAC’s expectations regarding managing risks with these businesses, and offer adequate support to ensure firms can conduct appropriate risk management in higher-risk business relationships.

Second, AUSTRAC seeks to inform potential business clients in high-risk sectors about the information they must provide to ensure a compliant business relationship. This is not the first time AUSTRAC has called for caution concerning de-risking activity, indicating that concerns over the trend are ongoing.

Risk-Based versus Zero-Risk Approaches

AUSTRAC seeks to clarify the distinction between a true risk-based approach and the concept of “zero-risk.” The regulator highlights that zero risk is impossible and that regulatory guidance does not expect firms to achieve this. Instead, firms should focus on demonstrating that they “took reasonable precautions, and exercised due diligence” to control risks reasonably.

In support of this point, AUSTRAC emphasizes that actual risk varies significantly from customer to customer, even within sectors considered high-risk. It may seem that a “play it safe” approach is the best, categorically excluding high risks rather than managing them. However, AUSTRAC points out that this approach can increase the risk of money laundering and terrorist financing, aside from negatively impacting legitimate business. According to the Australian Senate, the practice negatively impacts AML/CTF efforts in several ways:

• Limits available historical data due to clients frequently having to change banks.
• Encourages activities less open to regulation, such as cash transactions.
• Leads to more underground activities, causing AUSTRAC to miss out on key financial reports.
• Limits AUSTRAC intelligence available to law enforcement, creating a chain reaction negatively impacting intelligence community effectiveness and collaboration.

A sounder approach for firms is implementing regular, tailored enterprise-wide risk assessments. These assessments allow a business to focus on risks that truly affect it rather than wasting time and effort on areas irrelevant to its operations. Risk assessments also allow firms to establish their risk appetite: the level of risk the business can handle in their day-to-day operations. These crucial assessments enable a firm to respond to risks in precise, targeted ways. 

When a firm clearly understands the risks that truly face it – and what it can safely handle – it may not need to resort to de-risking whole categories. This allows more mutually beneficial business relationships with legitimate customers who happen to be in higher-risk sectors.

Key Takeaways

Debanking is an ongoing issue worthy of firms’ consideration. In line with AUSTRAC’s most recent guidance, firms considering doing business with higher-risk clients should consider the tenets of sound AML/CTF processes, which include:

• A risk-based approach aligned with human rights laws and other regulations.
• Ongoing customer due diligence and enhanced due diligence where relevant.
• Individual customer risk assessments, taking into account key information such as the source of funds, the customer type, the business relationship’s nature and purpose, and which designated services will be provided.

For an in-depth review of the components of a risk-based AML/CTF approach, firms should review AUSTRAC’s full guidance.