Anti-Money Laundering and Counter Terrorism Financing Act 2006


Paper | Anti-Money Laundering and Counter-Terrorism Act - Update for Financial Services

Download Full Document October 2019

The Federal Parliament has made a number of changes to the Anti-Money Laundering and Counter-Terrorism Financing Act 2006 (Cth) (“AML/CTF Act”), which includes giving more powers and functions to the regulator, the Australian Transaction Reports and Analysis Centre (“AUSTRAC”) to more effectively ensure reporting entities comply with the AML/CTF Act.

What you need to know

AUSTRAC is Australia’s financial intelligence agency with the responsibility for preventing and detecting money laundering and terrorism financing. By expanding the powers of AUSTRAC, the government seeks to increase the level of compliance of “reporting entities” with the AML/CTF Act by giving AUSTRAC greater powers. AUSTRAC can issue infringement notices for a greater number of offences under the AML/CTF Act, including non-compliance with customer identification procedures, reporting obligations and record-keeping obligations.

Am I a reporting entity?

A business is subject to the requirements of the AML/CTF Act as a “reporting entity” if it provides a “designated service”. The AML/CTF Act nominates certain types of services, particularly in the finance, gambling and bullion sectors as “designated services” because such services have been identified as posing a risk for money laundering and/or financing of terrorism.

“Designated services” in the financial sector include:

  • Conducting specialised financial services involving factoring or debtor financing, finance leases, forfaiting bills of exchange or promissory notes, issuing or dealing with letters of credit, derivatives or foreign exchange contracts
  • Conducting activities relating to loans (including as assignee of loans) or finance (including hire purchases)
  • Providing remittance services
  • Operating a digital or foreign currency exchange business
  • Preparing payroll for other businesses
  • Providing financial advisory services where the service is arranging for clients to receive a designated service

What are my obligations as a reporting entity?

Reporting entities must meet the minimum requirements set out in the AML/CTF Act. Beyond that, each reporting entity must assess the risks of potential money laundering or terrorism financing when it provides a designated service to a customer.

The AML/CTF Act imposes 5 key requirements on reporting entities:

  • Enrolment – reporting entities must enroll with AUSTRAC before providing a designated service.
  • Establish and maintain an AML/CTF program – this program is a written document that sets out how reporting entities identify, mitigate and manage the risk that the services are offered are not misused for money laundering or terrorism financing activities.
  • Customer due diligence – identifying and verifying the customer’s identity and ongoing transaction monitoring.
  • Report to AUSTRAC – notify AUSTRAC of certain matters such as suspicious matters and transactions involving transfers of $10,000 or more in physical or digital currency.
  • Keep records – retain records of transactions, customer identification, electronic funds transfer instructions and details of its AML/CTF programs.

What happens if I don’t comply?

Enforcement actions such as civil penalty orders, enforceable undertaking, infringement notices and remedial directions are specific legal actions that AUSTRAC can take to make sure reporting entities comply with the AML/CTF Act.

A civil penalty order can be up to 20,000 penalty units ($4.2M) for an individual, or 100,000 penalty units ($21M) for body corporates. In 2018, the Federal Court ordered the Commonwealth Bank of Australia to pay a penalty of $700M for failure to comply with the AML/CTF Act.
AUSTRAC can also issue a written notice requiring the reporting entity to appoint an external auditor to review its money laundering and terrorism financing risk management or undertake an assessment of its money laundering and terrorism financing risk. AUSTRAC has recently ordered an audit of Afterpay and PayPal Australia’s compliance with the AML/CTF Act.

Let’s talk

Our banking and finance team has assisted clients navigate the complex anti-money laundering and counter-terrorism financing regulatory framework. Our approach to compliance with the AML/CTF Act starts with advising you on your legal obligations and then providing you with assistance in implementing policies and procedures, and reporting structures to ensure compliance.

Our services include:


  • Provide legal advice on the application of the AML/CTF Act across your organisation
  • Develop new policies or enhance existing policies to comply with the AML/CTF Act.

Risk Assessment

  • Assist with the money laundering and terrorism financing risk assessment.
  • Review the integration of your money laundering and terrorism financing risk assessment approach into broader existing risk frameworks.

Design and development of the AML/CTF Program

  • Design and develop an AML/CTF Program for your designated ‘service business’.
  • Assist with the development of audit and compliance reporting requirements to ensure that your AML/CTF Program is effectively managing the money laundering and terrorism financing risks identified.

Remediation and investigations

  • Conduct investigations into any non-compliance with the AML/CTF Act – under the cover of legal privilege if necessary.
  • Act as liaison with AUSTRAC.


  • Provide on-site anti-money laundering and terrorism financing risks awareness training to your staff.

Independent review

  • Conduct an independent review of your AML/CTF Program in accordance with the requirements of the AML/CTF Act.


The content of this newsletter is for general information purposes only and should in no way be treated as formal legal advice.