By Manish Ghiya, Principal, Compliense Advisors
a) What are AML/CTF reforms and why do they matter | The updated Australian Anti-Money Laundering and Counter-Terrorism Financing Act (AML/CTF Act), amended by the Amendment Bill passed in November 2024, implements the Australian Government’s commitment to protecting the integrity of the Australian financial system by strengthening the AML/CTF regime.
The updated law: (a) expands the AML/CTF regime to cover new Designated Services provided by Tranche 2 entities — professions and businesses previously outside the regulatory framework; (b) modernises and simplifies the regime to ensure it remains fit-for-purpose in today’s financial environment.
b) Benefit of changes for the existing reporting entities (REs)
- Reduced systemic risk: With more sectors regulated, there’s less opportunity for illicit funds to enter the financial system, thus reducing overall exposure to the money laundering/terrorism financing money laundering and terrorism financing (ML/TF) risks.
- Institutional investors, global funds, and sophisticated clients prefer working with businesses that operate in robust regulatory environments.
- Positioning themselves as industry leaders in compliance and market integrity.
c) Impact for an RE’s existing obligations | The core AML/CTF obligation is still to identify, assess, understand, and mitigate ML/TF risks by implementing a robust AML/CTF compliance framework. However, there are many changes in the obligations — both small and significant – that an existing RE must implement.
It will also be useful to review at the outset whether the RE or its group company provides any newly included Designated Services. The update of AML/CTF policies and risk assessment must factor this in.
d) ML/TF risk assessment | The updated Act mandates conducting an ML/TF risk assessment to identify and assess the risks of ML, TF, and Proliferation Financing (PF) that an RE reasonably faces in providing the Designated Services. There are a few aspects to consider:
- PF risk assessment:
An RE is now also required to assess PF risk as part of its ML/TF risk assessment. Some relaxations apply if the overall ML/TF risk assessment is low. PF occurs when a person makes an asset available, provides a financial service, or conducts a financial transaction that is intended to facilitate the proliferation of weapons of mass destruction.
- Newly regulated businesses as clients
If the RE has newly regulated businesses as existing clients, their customer risk scores may change, impacting the RE’s overall customer risk assessment.
- AUSTRAC Risk Assessments
REs should also consider their AUSTRAC sectoral risk assessment and the ML, TF, and PF National Risk Assessments.
Implementing above will require updating the RE’s risk assessment methodology.
e) Impact on an RE’s current AML / CTF program | The entire suite of policies, procedures etc that support AML/CTF compliance are now called as ‘AML/CTF policies’. It is vital that these policies should align with the RE’s risk assessment. The policies should be outcome focused, in that it should mitigate ML/TF risks and achieve compliance.
The AML/CTF program must be independently evaluated at least once every three years.
f) Ongoing review of risk assessment and AML/CTF policies | In addition to event-based updates required to an RE’s risk assessment (for example: the launch of new Designated Services, or change to its organisation’s circumstances or risk profile), the updated law mandates a review and update of its risk assessment and AML/CTF policies at least every three years. Having said that, the frequency must corelate to the nature, size, and complexity of the business, thus requiring a shorter update cycle in relevant cases.
g) Sanctions screening | New requirements mandate screening of customers as part of initial customer due diligence (CDD) for targeted financial sanctions. This means that unlike before, failure to conduct sanctions screening can also breach the requirements under the AML/CTF legislation.
h) Incremental details for enrolment | There are incremental information requirements for enrolling as an RE. Consider AUSTRAC’s guidance on the subject when available for updating the information.
i) Governance | The reforms strengthen the governance framework requirements, prescribing roles for the governing body, senior manager and AML Compliance Officer of an RE.
The governing body will have oversight responsibilities, and the ‘senior manager’ has certain decision approving responsibilities (like approving the AML/CTF policies; approving onboarding certain politically exposed persons (PEPs); etc.
j) Fit-and-proper requirements for AML compliance officers (AMLCO) | The new regime requires ‘fit-and-proper’ suitability of an individual for appointment as the AMLCO, and who must be at management level. The draft rules recommend considering multiple factors including competence, skills, and expertise; good character; record of conviction for serious offence or regulatory action; whether an undischarged bankrupt; and conflict of interest.
k) Staff training | Appropriate staff training and awareness are essential on the changes and updated processes. Awareness sessions will also be essential for the RE’s senior management and even the directors/governing body. Also refer to AUSTRAC’s guidance and educational materials when released.
l) Implementation timelines | The changes are becoming effective in phases. Some are already effective (eg: the updated Offence of Tipping off, effective from March 2025).
- 31 March 2026: New provisions (including new AML/CTF program requirements, risk assessment, fit and proper norms for AMLCO, and initial CDD) become effective for existing REs, including Virtual Asset Service Providers.
- 1 July 2026: AML/CTF obligations become applicable for the new Designated Services provided by Tranche 2 entities.
With the bar of regulatory expectation that much higher now, the updated compliance program should aim to achieve that!
Note: The updated law maintains the existing exemption for AFSL holders providing Designated Services covered by item 54, table 1 in section 6 (for example, financial planners).
This article is for general informational purposes only and discusses a few key aspects of the subject it covers. It is not exhaustive and does not constitute professional / legal advice. Please seek specific advice for your situation.
Compliense Advisors is an AML and FinCrime compliance and risk management advisory firm, and we can assist with your AML/CTF compliance obligations. Write to us at [email protected]. Visit our website for more knowledge articles, and signing up for new articles and updates.
