2006 (with staggered implementation from 13 Dec 2006 to 12 Dec 2008, thus phasing in the new legislation and replacing the old). A second tranche to include accountants, lawyers, real estate and others
has been delayed.
The Australian Transaction Reports and Analysis Centre (“AUSTRAC”) regulates AML across all industry sectors
Guidance on AML requirements has been provided by AUSTRAC:
No, although there are certain 'trigger events' that require a reporting entity to verify the identity of existing customers. An example of such a trigger event is the customer accessing a new product or service.
No, however a certain number of exemptions have been provided for transaction thresholds in industries including bullion, low value superannuation, gaming service providers and currency exchange at
The reporting entity must obtain the customer’s name, residential address and date of birth. The customer’s full name and either their date of birth or their residential address must be verified based on
reliable and independent documentation and/or electronic data.
The reporting entity must collect from the customer the following information:
a) the company's full registered name;
b) registered address;
c) principal place of business address; and
d) Australian Company Number (“ACN") or Australian Registered Business Number (“ARBN”).
Under the new AML/CTF Rules commenced in June 2014: A reporting entity must collect and verify the full name and either the date of birth or address of all beneficial owners on all entity types. The reporting entity is not required to identify beneficial owners if the customer is a company which is verified under the simplified company verification procedure under paragraph 4.3.8 of the AML/CTF Rules 2007, or a trust which is verified under the simplified trustee verification procedure under paragraph 4.4.8 of the AML/CTF Rules 2007. The beneficial owner is defined as an individual who ultimately owns (25% or more) or controls (directly or indirectly) the customer
Enhanced due diligence procedures are required to be implemented by reporting entities in accordance with the risk based approach and procedures that they adopt. Risk triggers specified in the rules as requiring enhanced customer due diligence are where the provision of a designated service is high risk or when a suspicion has arisen. Also to be considered are prescribed foreign countries in relation to prohibition or regulation of transactions with them. Under the new AML/CTF Rules commenced in June 2014, a foreign PEP or the customer that has a foreign PEP as the beneficial owner must be subject to enhanced customer due diligence.
Reporting entities are required to consider the risk posed by PEPs in accordance with the risk based approach and procedures that have been adopted by the reporting entity.
As A13, under the new AML/CTF Rules commenced in June 2014, a foreign PEP or the customer that has a foreign PEP as the beneficial owner must be subject to enhanced customer due diligence
Due diligence assessments must be carried out on the financial institution with which they wish to enter a correspondent banking relationship, prior to the commencement of the relationship and at regular intervals thereafte
Reporting entities are required to consider the additional risk posed by non face-to-face business, in accordance with the risk based approach and procedures they have adopted. There are currently no
specific rules or guidance relating to non face-to-face business.
Suspicious Matter Reports (“SMRs”) are made to AUSTRAC, who act as Regulator and FIU
All Threshold Transactions (“TTRs”) over AUD10,000 (approx. USD7,030) in cash and all International Funds Transfer Instructions (“IFTIs”) are required to be reported to AUSTRAC. In addition, Cross Border Currency movements (“CBMs”) must be reported to AUSTRAC, the Australian Customs Service, or the Police if over AUD10,000 (approx. USD7,030).
No minimum threshold for SMRs, or IFTIs, but AUD10,000 (approx. USD7,030) for Cash Transactions.
Yes, prohibited under criminal law and the AML/CTF Act 2006.
No requirement to have automated monitoring, but the AML/CTF Rules require each reporting entity to have a suspicious activity monitoring program.
Yes, provided the requirements of the Privacy legislation and protocols are complied with. Rules silent on how to monitor and where – AUSTRAC focuses on appropriateness of arrangements.
There is no requirement for a bank’s external auditor/other external organisation to report on the bank’s AML systems and controls. However, there is a requirement for the reporting entity to have an independent review performed on Part A of their Program on a regular basis. This independent review can be performed by either an internal or external party (Standard AML/CTF programs are divided into Parts A and B)
As above, an independent review of the Program is required on a ‘regular’ basis. In practice this is conducted based on the bank’s risk-based approach, with many banks choosing to conduct the independent review on an annual basis. The report must be provided to the governing board and senior management. The regulator also requests a copy during their reviews. This does not constitute part of the financial statement audit.
assess the effectiveness of the Part A program having regard to the ML/TF risk of the reporting entity
yes. Sensitive data is information or an opinion about an individual’s racial or ethnic origin, political opinions, membership or a political association, religious beliefs or affiliations, philosophical beliefs, membership of a professional or trade association, membership of a trade union, sexual preferences or practices, criminal record or health information. It is subject to a higher level of privacy protection as it may only be collected with consent, cannot be used or disclosed for a secondary purpose and cannot be shared in the same way that personal information can be shared.
No identification card
The law does not apply to documents related to migration and citizenship. In addition, some regions have laws that provide that the law does not apply to wills, powers of attorney and some real estate transactions. However, there is no exception to the law that applies to standard business agreements.
Part 10 states that one can meet legal requirement for a handwritten signature by using an electronic signature or communication.
Summary of law
Australia's electronic signature law is considered a permissive or minimalist law. This means that it allows nearly all documents to be signed using simple electronic signatures. It is very similar to the U.S law, with minimal requirements and clear enforceability. One only needs to have a means to reasonably identify the person signing and show evidence of their agreement. Of course, one should always get the consent of the signing party to do business electronically and follow standard record retention processes.
There is no new legislation; however new AML/CTF Rules commenced in June 2014 primarily focused on customer due diligence. The old legislation (Financial Transaction Reports Act 1988) is still in force but applies to a limited number of entities
Yes. This is the central theme of the AML regime
Identification documents must be certified as a true copy by one of a number of categories of qualified individuals including legal practitioners, Justices of the Peace and Police Officers. A list of authorised
persons can be found in chapter 1 of the AML/CTF Rules.