Anti-Money Laundering and Counter-Terrorism Financing (AML/CTF) reporting entities have a variety of obligations which need to be documented and adhered to in order to ensure compliance with the AML/CTF Act and AML/CTF Rules. These obligations now also apply to Digital Currency Exchange Providers.
One of the primary obligations includes adopting and maintaining an AML/CTF Program which complies with the AML/CTF Rules.
What should be included in your AML/CTF Program?
AUSTRAC has released guidance about what needs to be included in Part A and Part B of your AML/CTF Program in their Compliance Guide. AUSTRAC has also noted in their regular news and updates that the omission of the reporting obligations from Part A of a reporting entity’s AML/CTF Program translates to non-compliance. Please refer to our blog article titled Double-Checking your AML/CTF Reporting Obligations for further information.
Part A of an AML-CTF Program should include the procedures for a reporting entity to identify, manage and mitigate the money laundering or terrorism financing (ML/TF) risks which are applicable to its business. Part A should include:
- procedures for an independent review of Part A of your Program to be conducted on a regular basis;
- various reporting obligations which are applicable to your business;
- an ML/CTF Risk Assessment including:
- new designated services, before they are introduced to the market;
- new methods of delivering a designated service, before they are adopted;
- new or developing technologies used to provide designated services, before they are adopted; and
- changes in the nature of the business relationship, control structure or beneficial ownership;
- an AML/CTF risk awareness training program for employees;
- a clear delegation of responsibilities of all employees including the appointment of an AML/CTF Compliance Officer;
- employee due diligence program;
- ongoing and enhanced customer due diligence programs and transaction monitoring program;
- a risk-based Transaction Monitoring Program; and
- procedures for Part A to be managed and approved by an AML/CTF Compliance Officer and Director.
Part B of an AML/CTF Program sets out your customer identification and verification procedures. It should include all Know Your Customer (KYC) procedures in accordance with the AML/CTF Rules.
All reporting entities must have a Part B of their AML/CTF Program. An independent review of Part B of your AML/CTF Program is not required under the law, however Sophie Grace recommends reporting entities ensure their KYC procedures are reviewed regularly. Regular review ensures the KYC procedures are applicable to your business, customer types and location and the designated services your business provides.
For further information on how to determine whether the review is independent and what is required, please refer to our blog article titled ‘Is it time for an Independent AML/CTF Compliance Review’.
Sophie Grace can assist you to update your AML/CTF Policy to ensure you are meeting your AML/CTF obligations.
For any DIYers out there, you can purchase an AML/CTF Program Template from our online shop and customise it to your business.
If you would like further information or any assistance with your AML/CTF obligations, please contact Sophie Grace directly.