AML and CTF in Australia: what you need to know

Australia is under increased threat of financial crime. Billions of dollars are laundered in Australia every year, with the number rising. In 2021, AU$12 billion was laundered in cryptocurrency alone, up 30% from 2020.

That’s why compliance with anti-money laundering (AML) and counter-terrorism financing (CTF) is mandatory for many Australian businesses, which are obligated to report back to AUSTRAC.

This article explains what AML/CTF is and why it is so important for Australian businesses to comply. 

What are AML and CTF?

AML and CTF stand for Anti-Money Laundering and Counter-Terrorism Financing consecutively. They refer to the policies, laws and regulations to stop criminals and terrorists from abusing the financial system. 

Effective implementation of AML/CTF measures means countries can help track and prevent the financial flows linked to serious crime and terrorism.

Money laundering (ML) encompasses the illegal activities used to make illegally acquired funds or assets appear legitimate or “clean”, with no obvious link to their criminal origins. 

It can involve transactions with financial institutions, businesses or private individuals and plays a vital role in organised crime, including fraud, drug trafficking, corruption and bribery, and tax crimes.

Terrorism financing (TF) involves the raising and processing of funds to supply terrorist organisations with resources and support terrorist acts. 

Australia’s AML/CTF Rules

Australia has robust laws and regulations in place to combat ML/TF. The one businesses need to become familiar with is the Anti-Money Laundering/Counter-Terrorism Financing Act (AML/CTF) 2006

The AML/CTF sets out essential compliance obligations for businesses to prevent money laundering and terrorism financing, and the requirement to report any suspicious activity to AUSTRAC.

In addition, the Financial Transactions Reports Act (FTR Act) imposes certain obligations on solicitors and entities (such as motor vehicle traders) known as ‘cash dealers’. 

Any businesses covered by these regulations, including financial institutions, must implement AML/CTF controls to prevent their services from being used for money laundering or terrorism financing activities. 

These businesses typically include financial institutions, money transfer services, crypto exchanges, online gaming and wagering.

In Australia, the Australian Transaction Reports and Analysis Centre (AUSTRAC) is the Government agency charged with enforcing the AML/CTF regulations and analysing the information submitted to detect possible criminal or terrorist activity.

Australia implements AML/CTF legislation to meet its obligations as a Financial Action Task Force (FATF) member. 

The FATF is an inter-governmental body that sets the AML/CTF international standard, monitors members’ progress, and identifies vulnerabilities that could expose the global financial system to misuse by money launderers and criminals. 

Covering more than 200 countries and jurisdictions, the FATF works with governments, national regulatory bodies and law enforcement agencies to achieve regulatory reforms.

What an effective AML and CTF compliance program looks like

According to AUSTRAC, there are two critical parts to an effectively implemented AML/CTF program. 

Part A includes processes and procedures to help identify, mitigate and manage the money laundering and terrorism financing risks the business may face. 

This includes: 

  • Undertaking an ML/TF risk assessment so you can develop an appropriate AML/CTF program, review it regularly, and update it as needed.
  • Implementing ongoing customer due diligence (OCDD) systems and controls to ensure information collected about a customer or beneficial owner is kept up to date and to determine whether additional information should be collected. 
  • Implementing transaction monitoring and enhanced customer due diligence (ECDD) processes. 

Part B focuses on the procedures for identifying customers and beneficial owners and verifying their identity (also known as Know Your Customer or KYC). 

Businesses must thoroughly verify the identity of customers during onboarding and periodically reassess their risk profiles to ensure they know who they are doing business with. 

Businesses should also be aware of listed terrorist organisations and include how they identify customers or transactions linked to terrorist organisations. This includes global politically exposed persons (PEP) and sanctions screening

It’s critical to note that businesses in Australia must comply with Australian regulations and the AML/CTF regulations of any country they operate in. 

What happens if you don’t comply? 

Failure to comply with AML and CTF regulations can lead to severe fines. These fines can range from thousands to millions of dollars, depending on the severity and frequency of the breaches.

In 2020, AUSTRAC ordered a large Australian bank to pay a civil penalty of $1.3 billion for its AML/CTF Act breaches, the largest fine in Australian corporate history. 

AUSTRAC also has the power to suspend or even revoke a bank’s registration in cases of severe non-compliance, which would effectively stop operations. 

In less severe cases, AUSTRAC can impose enforceable undertakings on the business, requiring specific actions to rectify issues and prevent future breaches. 

In 2023, an Australian organisation agreed to enter an enforceable undertaking when the regulator identified several compliance issues, including failing to verify customer identification and manage the risk of money laundering or terrorism funding.

Start with identity verification 

The first step of an effective AML/CTF program is identity verification. If you know your customers are genuine from the start, you are a step ahead in preventing money laundering and terrorism financing threats. 

Identity verification solutions, like  GBG, compare customer data against trusted and comprehensive data sets and combine document verification, biometric authentication, and liveness checks to ensure customers are who they say they are. 

Learn how we can tailor GBG’s  identity verification solution to ensure your business stays compliant with AML/CTF regulations. 

Get in contact with us today.



Why choose GBG?

Here at GBG, we help you onboard more genuine customers and stay compliant with fast and accurate identity verification. Regardless of your business size or industry, you can tap into powerful global verification solutions to keep bad actors out and protect your business.

Related Blogs