All AUSTRAC Reporting Entities are required by the Anti-Money Laundering and Counter-Terrorism Financing (AML/CTF) Act 2006 to adopt and maintain procedural documentation to address the obligations imposed by the Act. The AML/CTF Program should be a written document, divided into two parts, which addresses how you will manage the money laundering (ML) and terrorism financing (TF) risks your business may face.

AUSTRAC has released guidance about what needs to be included in Part A and Part B of your AML/CTF Program in their Compliance Guide. AUSTRAC has also noted in their regular news and updates that the omission of the reporting obligations from Part A of a reporting entity’s AML/CTF Program translates to non-compliance.

Sophie Grace can provide an AML/CTF Program tailored to your specific needs to ensure that you comply with the obligations under the AML/CTF Act and Rules.

What should you include in your AML/CTF Program?

The Program must include the following:

• procedures to identify, mitigate and manage the ML/TF risks that your business may reasonably face; 
• the applicable Know Your Customer (KYC) processes to identify and verify your customers;
• the various reporting obligations which are applicable to your business;
• employee due diligence program;
• an AML/CTF risk awareness training program for employees;
• record keeping procedures;
• an explanation in relation to your procedures to monitor compliance with your AML/CTF Program; and
• ongoing and enhanced customer due diligence programs.

Part A

Part A must detail your procedures to identify, mitigate and manage the ML/TF risks that your business may reasonably face. Part A must include:

• procedures for an independent review of Part A of your Program to be conducted on a regular basis;
• an ML/CTF Risk Assessment including:
  • new designated services, before they are introduced to the market;
  • new methods of delivering a designated service, before they are adopted;
  • new or developing technologies used to provide designated services, before they are adopted; and
  • changes in the nature of the business relationship, control structure or beneficial ownership;
• processes to ensure you submit International Funds Transfer Reports (IFTIs), Threshold Transaction Reports (TTRs), Suspicious Matter Reports (SMRs) and other required reports to AUSTRAC within specified timeframes;
• an explanation of the training your employees will undertake on an ongoing basis in relation to the ML/TF risks your business may face;
• a clear delegation of responsibilities of all employees including the appointment of an AML/CTF Compliance Officer;
• procedures to screen employees before they are employed and/or when they are promoted (employee due diligence program);
• ongoing Customer Due Diligence (OCDD) processes, which include:
  • Systems and controls to ensure information about customers is kept up to date, and when to collect and verify further KYC information;
  • A transaction monitoring program; and
  • An Enhanced Customer Due Diligence (ECDD) program.
• a risk-based Transaction Monitoring Program; and
• procedures for Part A to be managed and approved by an AML/CTF Compliance Officer and Director.

Part B

Part B of an AML/CTF Program sets out your customer identification and verification procedures. It should include all Know Your Customer (KYC) procedures in accordance with the AML/CTF Rules.

All reporting entities must have a Part B of their AML/CTF Program. An independent review of Part B of your AML/CTF Program is not required under the law, however Sophie Grace recommends reporting entities ensure their KYC procedures are reviewed regularly. Regular review ensures the KYC procedures are applicable to your business, customer types and location and the designated services your business provides.

For further information on how to determine whether the review is independent and what is required, please refer to our blog article titled ‘Is it time for an Independent AML/CTF Compliance Review?’.

Further Information

If you provide remittance services or operate as a digital currency exchange provider, you will be required to have an AML/CTF Program in place in order to finalise your registration with AUSTRAC.

Sophie Grace can provide you with an AML/CTF Program tailored to your business’ needs. Alternatively, you can purchase a template document from our online shop.