The Australian anti-money-laundering terms a compliance team actually uses, defined in plain language by practitioners. For the full walkthrough, see the Australia AML/CTF compliance guide.
The Australian Transaction Reports and Analysis Centre, Australia's anti-money-laundering regulator and financial intelligence unit. It administers the AML/CTF Act 2006, enrols and registers reporting entities, receives reports, and supervises compliance. AUSTRAC plays the financial-intelligence-unit role that FinCEN plays in the United States, though the two regimes differ in detail.
The Anti-Money Laundering and Counter-Terrorism Financing Act 2006, the principal Australian law in this area. It sets out who is covered, what a compliant program looks like, and what must be reported to AUSTRAC.
Subordinate rules made under the AML/CTF Act 2006 that set out the operational detail of obligations, including aspects of customer identification, reporting, and program requirements. The current detail of any rule is confirmed against AUSTRAC.
Any business that provides one or more designated services listed in the AML/CTF Act 2006. Providing a designated service brings a business inside the regime with obligations attached, regardless of how the business labels itself.
A service enumerated in the AML/CTF Act 2006 that triggers AML/CTF obligations. Designated services span banking, lending, remittance, currency exchange, gambling, bullion, and digital currency exchange, among others. The service you provide sets your status, whatever your business calls itself.
The documented program a reporting entity must have and maintain to manage its money-laundering and terrorism-financing risk and meet its obligations. It is built in two parts: Part A and Part B.
The general part of an AML/CTF Program. It identifies, manages, and mitigates ML/TF risk, and it covers governance and oversight, the compliance officer, ongoing customer due diligence, transaction monitoring, employee training, and independent review.
The part of an AML/CTF Program that sets out the applicable customer identification procedures, the know-your-customer steps a business follows before it provides a designated service.
A report lodged with AUSTRAC when a reporting entity forms a relevant suspicion about a customer or transaction, including suspected money laundering, terrorism financing, or other serious offences. It is the Australian counterpart to a suspicious activity report, and it is reported to AUSTRAC, not to FinCEN.
A report lodged with AUSTRAC for a transaction involving physical currency or e-currency at or above the reporting threshold set in the regime. The current threshold and what counts toward it are confirmed against AUSTRAC guidance.
An instruction to transfer money or property into or out of Australia. Reporting entities involved in sending or receiving such instructions report them to AUSTRAC.
The process of joining the Reporting Entities Roll maintained by AUSTRAC. A business must enrol once it begins providing a designated service.
An additional step beyond enrolment required for certain activities. Remittance service providers and digital currency exchange providers must be registered with AUSTRAC to operate, not only enrolled.
The practice of identifying and verifying customers and understanding their activity. In the Australian regime the initial identification is set out in Part B of the AML/CTF Program.
The work of identifying a customer, understanding the nature and purpose of the relationship, and assessing the ML/TF risk it presents. It spans initial identification in Part B and ongoing scrutiny in Part A.
The Part A requirement to keep customer information current, reassess risk as a relationship changes, and apply enhanced measures to higher-risk customers.
Deeper scrutiny applied to higher-risk situations, such as politically exposed persons, higher-risk countries, complex or unusual structures, or where a suspicion has formed. It can include gathering more information about the customer and their source of funds and seeking senior approval to continue the relationship.
The natural person who ultimately owns or controls a customer that is a company, trust, or other entity. Identifying beneficial owners is part of customer identification under Part B where it applies.
The Part A program that watches customer transactions over time to identify activity that is unusual, complex, or inconsistent with what is known about the customer. Effective monitoring measures a customer's behavior against a sensible baseline for customers like them, which catches more than a single fixed threshold ever does.
The documented assessment within Part A of the money-laundering and terrorism-financing risk a business faces across its customers, designated services, delivery channels, and jurisdictions. It drives the design of the whole program.
The management-level individual a reporting entity designates as accountable for its AML/CTF program. The role works only when the officer has real authority and the standing to be heard by senior management and the board.
The regular review of Part A by a party independent of the people who design and run the program, testing whether it suits the business's risk, whether the business follows it in practice, and whether it works. A team cannot honestly assess its own program.
An individual entrusted with a prominent public function, who presents higher corruption and ML/TF risk and typically warrants enhanced customer due diligence.
The expansion of the AML/CTF regime to additional sectors previously outside it, commonly described as certain professional and high-value-dealer services such as lawyers, accountants, conveyancers, trust and company service providers, and real estate professionals. The current scope, commencement timing, and obligations are set by the legislation and AUSTRAC guidance.
The periodic report a reporting entity lodges with AUSTRAC describing its compliance with its AML/CTF obligations.
Compliance Command Center turns these concepts into a defensible, examiner-ready AML/CTF program for the Australian regime, run by practitioners with software doing the heavy lifting.
See Compliance Command Center Read the guides