AML/CTF Ongoing Requirements

Businesses who are Reporting Entities under the AML/CTF Act must do a variety of things to ensure they meet all the obligations required by AUSTRAC and the law.


What are your AML/CTF obligations?

  • Adopting and maintaining an AML/CTF Program;
  • Notifying AUSTRAC of any changes or updates to your AUSTRAC enrolment and registration;
  • Conducting regular internal and independent compliance reviews of your AML/CTF Program and business operation;
  • Reporting various transactions to AUSTRAC such as International Funds Transfer Instructions, known as IFTIs, Suspicious Matter Reports, known as SMRs and Threshold Transaction Reports known as TTRs;
  • Submitting regular compliance reports to AUSTRAC (if applicable);
  • Conducting Know Your Customer, sometimes called KYC and AML/CTF risk assessments for each of your clients;
  • Maintaining and implementing robust Customer Due Diligence (“CDD”) procedures;
  • Keeping appropriate records;
  • If you are a Remittance Network Provider, you will also have to conduct certain transaction reporting on behalf of the affiliates in your remittance network.


How can Sophie Grace Assist you?

Here’s some examples where we can assist your company:

  • Developing an AML/CTF Compliance Program;
  • Updating your existing AML/CTF Compliance Program;
  • Identification and analysis of money laundering and terrorism financing risks;
  • Processes for monitoring and reporting transactions;
  • Ongoing customer due diligence and enhanced customer due diligence procedures; and/or
  • Know Your Customer procedures – collection and verification of information.


With a long list of obligations, it can be a daunting task ensuring your business is compliant with the AML/CTF requirements. This is where Sophie Grace can assist you. We can help you with many aspects of compliance so you can ensure you are meeting your obligations.


Risk Assessment and Management


Assessing the ML/TF risks which impact your business and development measures to address these risks is a key obligation for all reporting entities. Reporting entities must:

  1. Identify the risks facing their business;
  2. Assess and measure these risks;
  3. Apply controls to effectively manage and mitigate the risks identified;
  4. Monitor and review the effectiveness of controls.


A risk assessment should include an assessment of:

  • customers;
  • products and services;
  • business practices and delivery methods;
  • the countries and jurisdictions a reporting entity deals with.


Customer Due Diligence Requirements

AUSTRAC is responsible for overseeing all financial service providers who are considered reporting entities under the AML/CTF Act and this includes ensuring all entities have in place procedures to identify and verify their customers.

Identification and verification of your customers is essential in order to:

  • determine the money laundering and terrorism financing risks posed by each customer;
  • determine whether to proceed to onboard the customer; and
  • assess the level of future monitoring which may be required.


Initial Client Onboarding Requirements (KYC)

A variety of information needs to be collected from the customer, depending on the customer type. This process is often referred to as Know Your Client (“KYC”).

Reporting entities must collect information from all new customers.  These are broken down according to their category and have tailored requirements:

  • individuals;
  • sole traders;
  • companies;
  • partnerships;
  • trusts;
  • associations (incorporated and unincorporated);
  • registered cooperatives; and
  • government bodies.


Reporting entities are also required to verify the information collected. This process is intended to ensure the information provided is confirmed by the reporting entity as being accurate. The AML/CTF contains safe harbor provisions which include verifying the information collected against certified copies of a primary photographic, non photographic or secondary document.


Ongoing Client Monitoring

The AML/CTF Act also requires the conduct of Ongoing Customer Due Diligence (“OCDD“) – that is, regular monitoring of customers and documenting what triggers you have to require further or updated identification from your clients.

Sophie Grace is able to provide ongoing compliance support to Reporting Entities in order to ensure your AML/CTF obligations are met.  If you would like further information or assistance, please contact Sophie Grace directly.

Rather watch a video?

Sophie Grace’s Director, Sophie, goes through the ongoing compliance obligations for Remittance and Digital Currency Exchange Providers in Australia

Sophie Grace Compliance Portal

Sign up today for up-to-date compliance policies and regular consultation with our specialist staff

Contact Us

We will contact you as soon as possible!