Is your AML/CTF program compliant?

Prepared by Julia Winzar

AUSTRAC has identified a number of short-falls in its recent review of reporting entities and their compliance with AML/CTF obligations.

The key areas for improvement that were identified by AUSTRAC were:

  • ML/TF risk assessments.
  • Application of the risk-based approach to AML/CTF compliance.
  • Outsourcing and automation of activities.
  • Governance issues.

We will look at these areas for improvement in further detail over a four part series.

Reporting entities are able to take a risk-based approach to their AML/CTF compliance depending on the nature, size and complexity of their business.

The reporting entity’s processes should be documented in an AML/CTF program which is tailored to meet the specific ML/TF risks the business faces. The AML/CTF legislation contains detailed requirements about what must be included in a reporting entity’s AML/CTF program.

The key areas that AUSTRAC have identified for reporting entities to improve their AML/CTF programs include:

  • Setting out the actual systems and controls the reporting entity has in place to comply with its AML/CTF obligations, rather than repeating the requirements from the AML/CTF Rules or other AUSTRAC guidance material.
  • Ensuring the program is tailored to the reporting entity’s business (including nature, size, complexity and ML/TF risks faced), not just using a standard template that is applied to an entity regardless of the industry in which it carries on business.
  • Making sure all documented processes are clear and set out what staff members must do, when they must do it and why.

If your AML/CTF program doesn’t tick these boxes, it is important that you review and update it as soon as possible.