AML/CTF compliance report - Instruction guide

Contents


Introduction

Under subsection 47(2) of the Anti-Money Laundering and Counter-Terrorism Financing Act 2006 (AML/CTF Act) a reporting entity is required to periodically provide an anti-money laundering and counter-terrorism financing (AML/CTF) compliance report to AUSTRAC. The compliance report sets out a reporting entity's compliance with the AML/CTF Act, regulations and Anti-Money Laundering and Counter-Terrorism Financing Rules (AML/CTF Rules).

AUSTRAC performs part of its statutory function as administrator of the AML/CTF Act through the compliance report. AML/CTF compliance reports contribute to AUSTRAC's monitoring of ongoing industry compliance with the AML/CTF Act, regulations and AML/CTF Rules.


Reporting period

The responses you provide in your compliance report should be for your activities during the reporting period. The reporting period for the 2015 compliance report is:

1 January 2015–31 December 2015


Lodgement period

The compliance report should be completed and submitted to AUSTRAC during the lodgement period. The lodgement period for the 2015 compliance report is:

4 January 2016–31 March 2016

It is AUSTRAC's strong preference for the AML/CTF compliance report to be completed online. However, those who do not have internet access can submit paper-based compliance reports.


Key terms

For the purposes of completing the 2015 compliance report:

  • terms and expressions used in the compliance report will have the meanings given to them in the AML/CTF Act or AML/CTF Rules unless indicated otherwise
  • a reporting entity is a person that provides a designated service
  • a designated service is a service that is listed in section 6 of the AML/CTF Act
  • the terms you and your refer to the reporting entity
  • the term customer is defined in section 5 of the AML/CTF Act and includes a prospective customer
  • Politically exposed persons (PEPs) are individuals who occupy a prominent public position or functions in a government body or international organisation, both within and outside Australia. This definition also extends to their immediate family members and close associates. The AML/CTF Rules define three categories of PEPs:
    • Domestic PEPs are individuals who hold a prominent public position or function in an Australian government body
    • Foreign PEPs are individuals who hold a prominent public position or function in a government body of a foreign country.
    • International organisation PEPs are individuals who hold a prominent public position or function in an international organisation.

Designated business groups

Subsections 47(6) and 47(7) of the AML/CTF Act allow a member of a designated business group to lodge a compliance report on behalf of the group. The term designated business group is defined in section 5 of the AML/CTF Act.

Please refer to Chapter 3 of the AUSTRAC compliance guide for more information about designated business groups.


Help

For further information you can also contact the AUSTRAC Contact Centre on:

  • Telephone (within Australia): 1300 021 037
  • Telephone (international): +61 2 9950 0057
  • Email: contact@austrac.gov.au

TTY access (telephone typewriter for the hearing and speech impaired) within Australia:

National Relay Service:

  • TTY/voice: 133 677 and ask for 1300 021 037
  • Speak & listen (SSR): 1300 555 727 and ask for 1300 021 037.

AML/CTF programs – Part A (General)

1. Did you have a written AML/CTF program on 31 December 2015?

Anyone who provides designated services as defined in section 6 of the AML/CTF Act is legally required to adopt and maintain a written AML/CTF program. AML/CTF programs set out how a reporting entity complies with its obligations under the AML/CTF legislation.

This question requires you to indicate if you had a written AML/CTF program in place as at 31 December 2015.

Please refer to the following resources for further information:

2. For each component of your AML/CTF program, indicate your status on 31 December 2015.

AML/CTF programs comprise two parts - Part A and Part B. There are several components that make up Part A of the AML/CTF program and this question requires you to indicate the level of implementation for each of the listed components as at 31 December 2015.

The ratings used in this question are:

  • Not commenced
  • Partially implemented – this component of the program was under development, though there were major shortcomings, with a significant element of the requirements not implemented.
  • Implemented – this component was essentially fully implemented.
  • Not applicable – can be selected for components 2(a) and (b) where a reporting entity does not have any employees and for 2(c) where a reporting entity operates as a single-person business.

Please refer to the following resources for further information:

  • AML/CTF Act, Part 7 – 'Anti-money laundering and counter-terrorism financing programs'
  • Anti-Money Laundering and Counter-Terrorism Financing Rules Instrument 2007 (No.1) (AML/CTF Rules Instrument 2007 (No.1) – chapters 8, 9 and 15
  • AML/CTF Act, Part 2, Division 6 – 'Ongoing customer due diligence'
  • AUSTRAC compliance guide - Chapter 6 - AML/CTF programs

3 (a) From the following list, please select the customer types to which you provided a designated service:

Individuals; companies; trustees; partnerships; incorporated and unincorporated associations; registered co-operatives; government bodies.

Place a tick in response to 3(a) for each customer type applicable.

(b) Did you assess the money laundering/terrorism financing risks posed by these customer types?

To identify your money laundering and terrorism financing risk you are required to conduct a risk assessment of the customer types to whom you provide designated services.

Question 3(a) requires you to indicate your particular customer types and 3(b) asks if a risk assessment had been conducted for each of these customer types selected, as at 31 December 2015.

Responses for question 3(b) are only required for each customer type selected in 3(a).

Please refer to the following resources for further information:

4. Did you assess the money laundering/terrorism financing risk of each of your designated services?

To identify your money laundering and terrorism financing risk you are required to conduct a risk assessment of your designated services.

This question requires you to indicate whether you had assessed the risk of the designated services that you provided being used to facilitate money laundering and/or terrorism financing.

Please refer to the following resources for further information:

5. Did you have a procedure to assess the money laundering/terrorism financing risk of any new designated services before making them available to customers?

To identify your money laundering and terrorism financing risk you are required to conduct a risk assessment of any new designated services before you offer them to your customers.

This question requires you to indicate whether you had a procedure in place as at 31 December 2015 to assess the risk of how a new designated service may be used to facilitate money laundering and/or terrorism financing.

Please refer to the following resources for further information:

6 (a) Did you provide designated services from a permanent establishment in a foreign country?

This question requires you to indicate if you provided any designated services at/or through an overseas permanent establishment during the reporting period. You may wish to refer to the AML/CTF Act, section 6(6) – 'Geographical link'.

(b) Did you assess the money laundering/terrorism financing risk posed by the provision of designated services in that country?

Providing designated services in a foreign country may pose different money laundering and terrorism financing risks which are required to be assessed. Reporting entities that provide services at/or through a permanent establishment overseas are required to implement systems and controls to manage those risks effectively.

A response for 6(b) is only required if you responded 'Yes' to 6(a).

For the definition of a permanent establishment, please refer to the AML/CTF Act, section 21.

Please refer to the following resources for further information:

7. Did you assess the money laundering/terrorism financing risk posed by the methods used to deliver your designated services?

Some examples of delivery methods are:

  • face-to-face     
  • internet, telephone, mail, fax or email    
  • via a third party such as an agent, broker or intermediary.

To identify your money laundering and terrorism financing risk you are required to conduct a risk assessment of the methods you employ to deliver your designated services to your customers. For example, the risks posed by providing designated services face-to-face would differ from providing them via the internet.

This question requires you to indicate whether you had assessed the risk of how the methods you had utilised to provide designated services may have been used to facilitate money laundering and/or terrorism financing.

Please refer to the following resources for further information:

8. Did you have a procedure to assess the money laundering/terrorism financing risk of any new delivery methods before making them available to your customers?

To identify your money laundering and terrorism financing risk you are required to conduct a risk assessment of any new methods of delivering your designated services, before you make them available to your customers.

This question requires you to indicate whether you had implemented a procedure to assess the money laundering and/or terrorism financing risk posed by any new methods of delivery of your designated services, before you made them available to your customers.

Please refer to the following resources for further information:

9. Have all members of your designated business group adopted a joint AML/CTF program?

Reporting entities that are related to one another or fall into another category set out in chapter 2 of the AML/CTF Rules Instrument 2007 (No.1) can elect to form a designated business group (DBG) and adopt a joint AML/CTF program.

A response for question 9 is only required if you belonged to a DBG during the reporting period.

If you belonged to a DBG, indicate if you had adopted a joint AML/CTF program with the other members of your DBG during the reporting period.

Please refer to the following resources for further information:

10 (a) Did you screen employees who were in a position to facilitate money laundering or terrorism financing?

To reduce money laundering and terrorism financing risks you are required to implement a process to determine in what instances you may need to:

  • screen new employees who may be in a position to facilitate money laundering or terrorism financing offences
  • re-screen employees who are promoted or transferred into a new position.

Please refer to the following resource for further information:

(b) Did you have a procedure in place to manage employee non-compliance with your AML/CTF program?

Reporting entities must implement a procedure to manage any employee who fails to adhere to their AML/CTF program.

Question 10 requires you to indicate if your AML/CTF program included any or all of the listed provisions in paragraphs 8.3 or 9.3 of the AML/CTF Rules Instrument 2007 (No.1).

Important note: Reporting entities should note the Privacy Commissioner's information sheet on the handling of employee information, which is available on the Office of the Australian Information Commissioner website.

11. Was an independent review of your AML/CTF program conducted by:

  1. an internal party?

  2. an external party?

Because an AML/CTF program may need to be revised due to changes within your operations, your AML/CTF program must include a procedure for it to be reviewed from time-to-time. This review can either be conducted by an independent person within the organisation or by an external party.

This question establishes whether the review of your AML/CTF program was conducted by an internal or external party as per the requirements of chapters 8.6 or 9.6 of the AML/CTF Rules Instrument 2007 (No.1).

Please refer to the following resources for further information:


AML/CTF programs – Part B (Customer identification)

12. For each of your customer types, indicate if you had procedures to:

  • Collect the minimum know your customer (KYC) information?
  • Verify the minimum KYC information?
  • Identify if additional KYC information needed to be collected?
  • Identify if additional KYC information needed to be verified?

Part B of an AML/CTF program sets out the applicable customer identification and verification procedures for your customer types. Chapter 4 of the AML/CTF Rules Instrument 2007 (No.1) sets out what the minimum customer identification and verification requirements are, as well as additional requirements which apply on the basis of risk. This gathering and verifying of customer information is also referred to as KYC procedures.

The table in this question indicates compliance with collection and verification of KYC information across the different customer types to whom you provide designated services.

KYC information is defined in chapter 1 of the AML/CTF Rules Instrument 2007 (No.1).

Responses to question 12 are only required for each customer type that was selected in 3(a).

Please refer to the following resources for further information:

13. Did you have procedures in place to respond to discrepancies that arose in the course of verifying KYC information?

If a discrepancy was to occur during the course of verifying a customer's identification, your AML/CTF program is required to have a procedure to address that discrepancy.

This question requires you to indicate if you had implemented such a procedure.

KYC information is defined in chapter 1 of the AML/CTF Rules Instrument 2007 (No.1).

Please refer to the following resources for further information:

14. Did you have procedures in place to identify agents of customers?

Part B of your AML/CTF program sets out the applicable customer identification and verification procedures for your customers. This includes circumstances where your customer is represented by an agent.

This question requires you to indicate if you had procedures in place to identify agents of customers to whom you provided any designated services.

Please refer to the following resources for further information:

  • AML/CTF Act, section 89 – 'Applicable customer identification procedures – agent of customer'
  • AML/CTF Rules Instrument 2007 (No.1) – chapter 4.11.

15. Did you have any high risk customers or groups of customers (including politically exposed persons)?

This question requires you to indicate if you may have provided designated services to any customers who could be considered to be a high risk of facilitating money laundering or terrorism financing. This will be determined by your own risk assessment within your AML/CTF program.

Please refer to the following resources for further information:

16. Did you outsource any of your customer identification or verification procedures?

Chapter 7 of the AML/CTF Rules Instrument 2007 (No.1) sets out the circumstances where one reporting entity can rely on the applicable customer identification procedure carried out by another reporting entity under section 38 of the AML/CTF Act. This includes an Australian financial services licence holder making arrangements for a person to receive a designated service or another member of your designated business group. However, where the circumstances in the AML/CTF Rules are not satisfied, a reporting entity may be able to use an agent to carry out a customer identification and/or verification procedure on its behalf under section 37 of the Act.

It is important to note that a reporting entity can outsource responsibility, but not accountability.

This question asks if any of your customer identification collection and/or verification procedures were carried out by an external party or agent.

Please refer to the following resources for further information:

17. Did members of your designated business group rely on the customer identification and verification procedures carried out by another member?

Part 7.3 of the AML/CTF Rules Instrument 2007 (No.1) sets out the circumstances where one reporting entity can rely on the applicable customer identification procedure carried out by another reporting entity within its own designated business group (DBG).

A response for question 17 is only required if you belonged to a DBG during the reporting period.

If you belonged to a DBG, this question requires you to indicate if your customer identification and/or verification procedures were carried out by another member of your DBG.

Please refer to the following resources for further information:

18. Did you make and retain records of all customer identification information?

This question requires you to indicate if you kept records of the customer identification information that was required to be collected when providing your designated services.

The third response option for question 18 ('Done by another DBG member') is only applicable if you belonged to a DBG during the reporting period.

Please refer to the following resources for further information:


Reporting obligations

Reporting of international funds transfer instructions, threshold transactions, suspicious matters

19. Indicate whether you had procedures in place to report the following, as at 31 December 2015:

  1. International funds transfer instructions (IFTIs)
  2. Threshold transaction reports (TTRs)
  3. Suspicious matter reports (SMRs)

On 12 December 2008 obligations to report certain transactions to AUSTRAC commenced for reporting entities. Reporting entities were required to implement procedures to ensure that these reports were generated and submitted to AUSTRAC in accordance with the requirements outlined in the AML/CTF Act, Part 3.

This question asks you to indicate your level of implementation of these procedures for each report type.

Please refer to the following resources for further information:


Correspondent banking relationships and electronic funds transfer instructions

Correspondent banking relationships

20. How many correspondent banking relationships did you have with overseas financial institutions on 31 December 2015?

A response for question 20 is only required if you are a:

  • bank
  • building society
  • credit union, or
  • other authorised deposit-taking institution.

For a definition of correspondent banking, please refer to the AML/CTF Act, section 5.

Please refer to the following resources for further information:

21. (a) Did you conduct preliminary risk assessments of all correspondent banking relationships?

(b) Did you conduct due diligence assessments of all correspondent banking relationships?

(c) Did you have a procedure to terminate a correspondent banking relationship?

Responses for questions 21(a), (b) and (c) only apply if you are a:

  • bank
  • building society
  • credit union, or
  • other authorised deposit-taking institution.

and have a correspondent banking relationship (i.e. you responded to question 20 with a number of 1 or more).

For a definition of correspondent banking, please refer to the AML/CTF Act, section 5.

Please refer to the following resources for further information:

Electronic funds transfer instructions

22. Did you keep records of the required payer information for all electronic funds transfer instructions?

A response for question 22 is only required if you are a:

  • bank
  • building society
  • credit union, or
  • other authorised deposit-taking institution

and you accepted and processed electronic funds transfer instructions during the reporting period.

Please refer to the following resources for further information:

Customer due diligence requirements

23. Have you amended your AML/CTF program to meet the customer due diligence requirements that came into effect on 1 June 2014?

On 1 June 2014, additional customer due diligence requirements came into effect under the Anti-Money Laundering and Counter-Terrorism Financing Act 2006. These additional requirements as contained in the Anti-Money Laundering and Counter-Terrorism Financing Rules Instrument 2007 (No. 1) (the Rules) specify that reporting entities, must in addition to existing requirements:

  • identify and verify beneficial owners of their customers;
  • collect and verify the name of settlors of trusts that are customers;
  • undertake enhanced requirements in relation to politically exposed persons;
  • consider beneficial owners, politically exposed persons, the source of funds or wealth and the nature and purpose of the business relationship and control structures when identifying money laundering and terrorism financing (ML/TF) risks associated with its customers; and undertake reasonable measures to update documents, data or information collected in relation to customer due diligence and identification of beneficial owners

This question asks whether you have amended your AML/CTF program to meet the customer due diligence requirements that came into effect on 1 June 2014.

Last modified: 18/12/2015 15:41