AML to-do’s in 2024

By Manish Ghiya, Principal, Compliense Advisors

The New year is around the corner, and it may be time to make a list of AML to-do’s for 2024, triggered by compliance obligations and potential external events. Here we discuss a few such items.

1. Compliance Report

The first day of the new year will bring the obligation[1] of submitting the Compliance Report for 2023 with AUSTRAC, due by 31 March 2024.

Putting together the compliance report tests the robustness of your AML/CTF compliance framework. For example, to respond positively to questions regarding consideration of AUSTRAC guidance and legislation changes, means among other things, that you have considered all such matters, disseminated appropriate information to stakeholders, taken appropriate governance actions, and implemented necessary updates to the AML/CTF program and risk assessment.

It will help to review the responses from your previous year’s report and build from there. A different response to the same question may warrant review. It will also be useful to compare the last and current questionnaire templates to upfront known changes in questions to appropriately focus on new or revised questions. Even a small tweak in a question could require a significantly different response.

2. ML/TF Risk assessment refresh

Another item to consider is ML/TF risk assessment[2] review or refresh. The regulatory expectation is that the risk assessment should always be current and up to date.

The refresh frequency of the risk assessment will be as per your AML program. However, even if the timeline for a refresh is not due, there should be consideration for reviewing or refreshing the risk assessment to align with the current operating environment if significant events have taken place since the last risk assessment. Technically, AUSTRAC can order updating a risk assessment if it is not current.

Changes in legislation, significant AML deficiencies found, corporate restructure, changes in the designated services, or even significant findings in AML reviews could require updating the risk assessment before it is due.

3. AML Program Part A – independent review

That will be another item to put on your to-do list, if due in 2024. Even if not due, significant changes in the operating environment may require an earlier review than as per your program timeline. Examples include significant changes in your ML/TF risk profile, significant changes to your business operations or customers, geography, etc., or significant compliance deficiencies.

Independent review requires extensive pre-preparation. It would be useful to review everything on the AML front since the last review, including the last review’s report and action items. This will help to be solidly prepared for the review.

One thing to consider will be whether to limit the review only to Part A, as required by the regulations, or to undertake a review of Part B as well, as it has significance for the KYC and customer due diligence framework. Further, it is a prerequisite to demonstrate the independence of the reviewer.

Apart from the above items, there are some potential changes coming up in 2024 that may have to be on your to-do list. These include:

4. AML/CTF legislation changes

The AML/CTF legislation is set to undergo changes, currently under consultation, for modernising and simplifying the AML/CTF regime in Australia and tranche-two expansion, to be followed by legislating the changes.

The modernising and simplifying proposals include-

• consolidating Parts A and B of the AML/CTF program into a single document;
• an explicit requirement for conducting ML/TF risk assessment, and its triggers;
• changes around customer due diligence requirements;
• permitting non-reporting entities in a group to be a member of the designated business group; and
• changes to ‘no tipping off’ provisions permitting better information sharing.

Further, tranche-two expansion will see the inclusion of a number of businesses in the scope of the AML/CTF regime including the real estate sector, lawyers and accountants.

These changes will have impact on an organisation’s AML program, risk assessment and larger AML framework.

5. Potential changes to the sanctions legislation

Sanctions legislation is to be complied with generally by everyone, and not just by the reporting entities.

The Department of Foreign Affairs & Trade launched a review of the Australian Autonomous Sanctions regulations and associated instruments, led by the Australian Sanctions Office, in January 2023 (the submissions deadline was 26 February 2023).

While there is no available timetable for the next steps, this should be a placeholder in your to-do’s, to keep tabs on progress, and analyse and update your sanctions compliances at the appropriate time.

Conclusion

Ongoing AML/CTF compliance requires juggling many balls at the same time and on an ongoing basis. Proactive and proper planning can help in getting your key AML compliances across the line in a timely manner.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Note: More details on some of the above topics can be referred to on our website www.compliense.com.au. Above article is for general informational purpose only, and does not constitute advice. Seek professional advice for your specific needs. Contact us on [email protected] for our AML and FinCrime compliance advisory services.

[1] This obligation does not apply for providers of only item 54 designated services of table 1, Section 6(2) of the AML/CTF Act.

[2] Item 54 only providers implementing the Special AML/CTF Program are required to consider the ML/TF risks posed by various factors including customer types, customers’ source of funds and wealth, delivery channel, and dealing with foreign jurisdictions.