AUSTRAC The Australian Transaction Reports and Analysis Centre website                     
   Home     Contact us      Recruitment       E-learning  

Checklist for small businesses

 

 View the PDF version
File size 60kb

Anti-Money Laundering and Counter-Terrorism Financing Act 2006

Checklist for Small Business

IMPORTANT: The information contained in this document is intended to provide only a summary and general overview on these matters. It is not intended to be comprehensive. It does not constitute nor should it be treated as legal advice or opinions. The Commonwealth accepts no liability for any loss suffered as a result of reliance on this publication. AUSTRAC recommends that independent professional advice be sought. The information contained herein is current as at the date of this document.

By 12 December 2007 reporting entities are required under the Anti-Money Laundering and Counter-Terrorism Financing Act 2006 (AML/CTF Act) to have in place an AML/CTF program. Under Section 81 of the AML/CTF Act reporting entities that have not adopted and maintained an AML/CTF program by this date cannot provide any designated services listed under the AML/CTF Act (for example, cashing a travellers cheque for a customer).

What you need to do

For most small businesses the minimum required from 12 December 2007 is to ensure you:

  • have an effective and documented AML/CTF program in place that will identify, minimise and manage money laundering and terrorism financing (ML/TF) risks
  • have developed a process that allows you to monitor and review your AML/CTF program
  • have appointed an AML/CTF Compliance Officer
  • where required, implement a process to screen staff and agents (if any) before they are employed, and/or when they are transferred or promoted
  • train your staff and agents (if any) on an on-going basis so they understand their responsibilities
  • have procedures in place to collect and verify customer identification as required
  • have procedures in place to make and store records for customer identification
  • continue to report to AUSTRAC if you are currently a 'cash dealer' under the Financial Transaction Reports Act 1988 (FTR Act)
  • have registered your business with AUSTRAC if you are a provider of designated remittance services (money transfer business).

To help small business develop good practices to reduce their ML/TF risks and help them comply with their obligations under the AML/CTF Act, AUSTRAC has developed the following list of questions a business may ask itself:

Management responsibility

  • Who will be responsible for approving and overseeing the AML/CTF program?
  • Who will be your AML/CTF Compliance Officer?
  • Is the AML/CTF program tailored to the size of your business and its needs?
  • What actions have you taken to ensure your business's AML/CTF policies and procedures have been
    communicated to your staff and agents (if any)?
  • How does your business monitor compliance with its AML/CTF obligations?
  • How does your business ensure it meets its AML/CTF obligations?
  • How often will your AML/CTF program be reviewed and by whom?
  • How will you keep the necessary records?
  • Does your business need to register with AUSTRAC as a provider of designated remittance services?
  • If your business has to register with AUSTRAC does it have procedures in place to notify AUSTRAC if your registrable details change?

Risk-based approach

  • What types of customers does your business have (for example, individuals and companies)?
  • What ML/TF risks are posed by your different types of customers?
  • What ML/TF risks are posed by new customers and by existing customers?
  • What types of products and services does your business have?
  • What ML/TF risks are posed by your different products and services?
  • What level of ML/TF risk do your business practices or service delivery methods present?
  • What countries does your business deal with?
  • What risks are posed by the different countries you do business with?
  • How does your business assess the risk of any new services you may plan to provide?
  • How does your business assess the risk of any new service delivery methods you may plan to use?
  • How does your business assess the risk of any new technologies you may plan to make use of?
  • How does your business record these risk assessments?
  • How are the identified risks in your business minimised?
  • How often are your risk assessment and procedures reviewed?

Customer due diligence (care)

  • How can you be sure your customer is who they say they are?
  • What type of identification will the business accept and not accept?
  • What information will a customer have to provide to verify their identity?
  • What additional Know Your Customer (KYC) information should you collect for high risk customers?
  • How will your customer identity and verification procedures/documents be recorded?

ML/TF Risk awareness training

  • How often and/or on what occasions will training occur?
  • How will changes to procedures be communicated to your staff and agents (if any)?
  • Does the training program for staff and agents (if any)include the following:
      • Does it tell them about the obligations your business has under the AML/CTF Act?
      • Does it let them know the money laundering and terrorism financing risks your business may face and what these risks may mean?
      • Does it provide information on the processes and procedures of your AML/CTF program and how they relate to their job?
      • Does it show how to recognise and deal with suspicious transactions?
      • Does it detail what customer identification they have to obtain?
      • Does it show how to verify customer identity?
      • Does it tell them when to re-identify existing customers?
      • Does it tell them who your AML/CTF Compliance Officer is?
      • Does it show how to monitor customer behaviour and activity?

Employee and agent due diligence (care)

  • Is there a process to ensure your staff and agents (if any) are screened for ML/TF risk before they are employed?
  • Is there a process to ensure your staff and agents (if any) are monitored for ML/TF risk on an on-going basis?
  • What happens when an employee is promoted or does a different job within the business?

Suspect transaction reporting - for 'cash dealers'

  • Do staff and agents (if any) understand what suspicious activity and/or transactions are?
  • Do staff and agents (if any) know what to do if they identify suspicious activity and/or transactions?
  • Do staff and agents (if any) understand the legal restrictions surrounding suspicious reporting?
  • Does the AML/CTF Compliance Officer know how and when to report suspicious activity and/or suspicious transactions to AUSTRAC?

For further information and help

a. Contact the AUSTRAC Help Desk or phone 1300 021 037.
b. To enrol as a reporting entity visit AUSTRAC Online
c. Refer to the AUSTRAC Regulatory Guide and AML/CTF Act Self Assessment Questionnaire available on the AUSTRAC website at www.austrac.gov.au
d. For a copy of the FTR Act and AML/CTF Act refer to www.austrac.gov.au or www.comlaw.gov.au
e. Small businesses that are reporting entities will also be subject to the Privacy Act in regard to their obligations under the AML/CTF Act. For further information please visit the website of The Office of the Privacy Commissioner or contact them on 1300 363 992.

The information contained herein is current as at December 2007
© Commonwealth of Australia - AUSTRAC 2009