Skip to main content

Preview questions in the AUSTRAC 2022 compliance report

The information on this page will help you complete your 2022 compliance report.  

Your 2022 compliance report  will cover your business activities for the 2022 calendar year.

When your report is due

Your 2022 compliance report must be submitted to AUSTRAC between 1 January and 31 March 2023. There can be penalties for failing to submit your compliance report. Find out more about the consequences of not complying.

2022 compliance report questions  

The questions in the 2022 compliance report are listed below to help you prepare. We’ve made changes to some questions this year to make it easier for you to complete your report.

An explanation of the bolded terms can be found under ‘key terms’. Further information can be found by clicking the linked text.

Preview questions

Questions

 Key terms

Did you offer designated services during all or part of the reporting period (1 January 2022 00:00 to 31 December 2022 23:59)? (Yes or No)

 

If Yes

Do you believe you have a legal exemption from submitting a compliance report? (Yes or No)

If Yes

On what basis do you believe this? (Maximum 500 characters)

 

If you did not offer designated services (you will only be presented with the Your feedback and Review and submit sections of the form):

Are you sure?

You have been enrolled as providing designated services during this period.

  • If you offered any designated services during the reporting period, you must change the answer that you provided above.
  • If you have stopped providing designated services and do not expect to provide designated services again, you must request removal from the Reporting Entities Roll in addition to completing this form.
  • If you have stopped providing designated services but are likely to provide designated services again in the future, you do not need to request removal from the Reporting Entities Roll. However, AUSTRAC may be in touch with you to understand your plans to recommence providing designated services.

 

Why did your business not offer designated services during all or part of the reporting period? (Maximum 500 characters)

 

Does your business intend to offer designated services in 2023? (Yes or No)

 

Does your business provide digital currency exchange services? (Yes or No)

Digital currency exchange services

Providing a digital currency exchange service means exchanging money (whether Australian or foreign currency) for digital currency, or exchanging digital currency for money (Australian or foreign currency).

Does your business accept/trade in cash? (Yes or No)

 

Does your business offer any of the following products and/or services? (Select all that apply)

  • Stable coins
  • Privacy coins
  • Non-fungible tokens
  • Initial coin offering (ICO) tokens
  • Cryptocurrency ATM and/or kiosk
  • Retail exchange
  • Instant exchange
  • Peer to peer exchange
  • Over the counter (OTC) brokerage
  • Crypto payment provider
  • Decentralised finance (DeFi) lending

 

 

Does your business accept customers from overseas jurisdictions? (Yes or No)

 

What transaction amounts and/or limits does your business apply to the amount of fiat and/or digital currency for buy/sell/trade orders? (Maximum 500 characters)

 

Did your business experience de-banking in 2022? (Yes or No)

Debanking

De-banking means a situation in which a financial institution withdraws banking services to a business. AUSTRAC understands there is industry-wide concern due to the risk of de-banking. Information provided under this question will only be used to help AUSTRAC establish a picture of the extent of this concern.

Approximately how many full time equivalent employees does your business have?

  • Sole trader or Partnership with no other employees
  • 1-5 (micro business)
  • 6-20 (small business)
  • 21-99 (medium business)
  • 200 or more (large business)

Employee

A person who is employed and paid through wages or salary or under contract.

Approximately how many of those full time equivalent employees have a primary role in AML/CTF compliance?

  • 1
  • 2-4
  • 5-9
  • 10-19
  • 20-49
  • 50-99
  • 100 or more

 

Please specify number of full time equivalent employees with a primary role in AML/CTF compliance (Maximum 6 characters)

 

Has there been a change in key personnel or contact details for your business? (Yes or No)

Key personnel

For remitters and digital currency exchange providers – key personnel means beneficial owner(s), director(s), AML/CTF compliance officer or any other individuals who have the ability to influence business decisions over the entity’s finances and operations.

For all other enrolled entities that DO NOT provide either remittance or digital currency exchange services – key personnel means the AML/CTF compliance officer.

Have you notified AUSTRAC of these changes? (Yes or No)

 

How did you provide designated services in 2022? (Select all that apply)

  • ATM
  • IDM
  • Electronic gaming machines
  • Email
  • Face to face
  • Fax
  • Mobile application
  • Remittance platform
  • Self-service gambling terminal
  • Telephone
  • Website
  • Video conferencing
  • Broker
  • Mail
  • Trading platform
  • Additional method(s) (please specify – maximum 200 characters)

Designated services

IDM

Intelligent Deposit Machine, a type of advanced ATM that offers self-service transaction facilities which credits cash and cheque deposits to recipient accounts.

Mobile application

Is software, often called an 'App', designed to run on a mobile device, such as a smartphone or tablet.

Remittance platform

A system that enables funds transfers for remittance purposes.

If you are a remittance network provider, whose affiliates conduct transactions using your remittance platforms, you MUST select this option.

Self-service gambling terminal

A terminal at which customers can credit or withdraw from an account or place a bet or wager. Self-service gambling terminal does NOT include an electronic gaming machine.

Additional method(s)

Select this option if you provided designated service(s) using methods other than, or in addition to, those that are listed.

If you enter more than one 'Additional method', please separate them with a comma.

Were any of the above delivery methods introduced in 2022? (Yes or No)

Delivery methods

Channels through which your business provides or delivers the designated services.

Why were these delivery methods introduced in 2022? (Maximum 500 characters)

 

Which delivery methods were introduced in 2022? (Select all that apply)

  • ATM
  • IDM
  • Electronic gaming machines
  • Email
  • Face to face
  • Fax
  • Mobile application
  • Remittance platform
  • Self-service gambling terminal
  • Telephone
  • Website
  • Video conferencing
  • Broker
  • Mail
  • Trading platform
  • Additional method(s) (please specify – maximum 200 characters)

 

 

Outsourcing

 

Did your business outsource any of the following AML/CTF functions in 2022? (Select all that apply)

  • Customer identification
  • AML/CTF program development
  • Transaction monitoring
  • Transaction reporting
  • None

Please see AUSTRAC’s guidance on Engaging AML/CTF advisors.

Outsourcing AML/CTF compliance functions

For the purposes of the Compliance Report, ‘Outsourcing’ is considered to be:

Entering into an agreement with a third party to undertake aspects of the AML/CTF program on your behalf.

  • Includes using any overseas businesses, even if this business is related to your business.
  • Excludes using a domestic business that is related to your business.
  • Excludes use of third party software applications and lists.

Customer identification

Program development

Transaction monitoring

Transaction reporting

Have you checked the program is tailored to your business and its ML/TF risks? (Yes or No)

 

Legal business name of the provider for your AML/CTF program development? (Maximum 200 characters)

 

Legal business name of the provider for your outsourced customer identification? (Maximum 200 characters)

 

Legal business name of the provider for your outsourced transaction monitoring? (Maximum 200 characters)

 

Legal business name of the provider for your outsourced transaction reporting? (Maximum 100 characters)

 

How does your business monitor and manage its outsourced AML/CTF function(s)? (Maximum 500 characters)

 

Do you have an AML/CTF program? (Yes or No)

AML/CTF program

Sole trader or individual

If your business operates as a sole trader or an individual, you are still required to have an AML/CTF program.

What was the reason for not having an AML/CTF program (Maximum 200 characters)?

AML/CTF program

Explain why you do not have an AML/CTF program.

When was your AML/CTF program last approved?

  • In 2022
  • Within the previous two years
  • Within the previous three years
  • More than three years ago
  • Program has not been approved

AML/CTF program approval

Approved program

Approved means adoption of the initial program or approval of changes to your program by your board, senior management or equivalent.

Sole Trader

If your business operates as a sole trader or an individual, then the sole trader or individual will need to approve the program.

Governing Board

If your business does not have a governing board, then your senior management will need to approve the program.

Why has the AML/CTF program not been approved? (Maximum 500 characters)

 

Did you make any changes to your AML/CTF program in 2022? (Yes or No)

 

What prompted these changes? (Select all that apply)

  • AUSTRAC compliance assessment
  • AUSTRAC enforcement action
  • AUSTRAC engagement, feedback or guidance
  • Change of AML/CTF Compliance Officer
  • Changes to your ML/TF risk assessment
  • Newly identified risks
  • New designated service
  • New technology or delivery method
  • Regular scheduled review
  • Internal review of systems or procedures
  • Advice from industry body
  • Advice from external consultant or service provider
  • Media reports
  • Independent review
  • Changes to legislation
  • Changes to designated business group
  • Changes to management or ownership
  • Additional reason(s) for changes (please specify) (Maximum 200 characters)

Changes to AML/CTF Program

The events that prompted changes to the program, may have occurred outside of the reporting period.

Media Reports

Reports include, but are not limited to, newspaper articles, news websites, social media.

Additional reason(s)

Select this option if you have reasons other than, or in addition to, the reasons that are listed.

If you enter more than one ‘Additional reason’, please separate them with a comma.

When was Part A of your program most recently independently reviewed?

  • In 2022
  • Within two years
  • Within three years
  • More than three years ago
  • Program has not been independently reviewed

Please see AUSTRAC's guidance on Engaging AML/CTF advisors

Why has your program not been independently reviewed?

Enter reason below (Maximum 500 characters)

 

How often does your AML/CTF program state that your Part A AML/CTF program must be independently reviewed?

Tick the most appropriate option.

  • Annually
  • Every two years
  • Every three years
  • Less frequently than every three years
  • Program review is based on the triggering of an event (i.e. change in business structure)
  • Program does not specify frequency of independent reviews
  • Other (please specify) (Maximum 80 characters)

 

Why does your program not specify a frequency? (Maximum 500 characters)

 

What prompted this review? (Select all that apply)

  • AUSTRAC compliance assessment
  • AUSTRAC enforcement action
  • AUSTRAC engagement, feedback or guidance
  • Change of AML/CTF Compliance Officer
  • Changes to your ML/TF risk assessment
  • Newly identified risks
  • New designated service
  • New technology or delivery method
  • Regular scheduled review
  • Internal review of systems or procedures
  • Advice from industry body
  • Advice form external consultant or service provider
  • Media reports
  • Independent review
  • Changes to legislation
  • Changes to the designated business group
  • Changes to management or ownership
  • Additional reason(s) for changes (Please specify) (Maximum 200 characters)

Reasons for review

The events that prompted this review. These may have occurred outside of the reporting period.

Media Reports

Reports include, but are not limited to, newspaper articles, news websites, social media.

Additional reason(s)

Select this option if you have reasons other than, or in addition to, the reasons that are listed.

If you enter more than one ‘Additional reason’, please separate them with a comma.

What additional reasons prompted the independent review? (Maximum 500 characters)

 

How was the independent review conducted?

  • Internally
  • Externally
  • Combination

 

Service provider type

  • Accountant
  • Lawyer
  • Auditor
  • Consultant
  • Other (Please specify) (Maximum 80 characters)

 

Service provider name

Legal business name of the provider (Maximum 100 characters)

 

Did you report internally to the Board or Senior Management on any of the following matters in 2022? (Select all that apply)

  • AML/CTF risk awareness training statistics
  • AUSTRAC engagement, feedback, or guidance
  • Changes to ML/TF risk assessment
  • Independent review or remediation
  • Newly identified risks
  • Performance of outsourced functions
  • Staff compliance or non-compliance with AML/CTF program or policies
  • Transaction monitoring information
  • Internal AML/CTF statistics
  • AML/CTF uplift activities
  • Did not report internally to the Board or Senior Management regarding above matters in 2022
  • Other matter(s) (please specify) (Maximum 200 characters)

Reporting internally Means informing your board, senior management or equivalent through a recorded notification (e.g. email, written brief, attendance at a minuted meeting.)

Other matter(s)

Select this option if you reported on any other matter(s) other than, or in addition to, the matters that are listed.

If you enter more than one ‘Other matter’, please separate them with a comma.

 

 

Did you do an ML/TF risk assessment of your business in 2022? (Yes or No)

ML/TF

ML/TF means money laundering and terrorism financing.

Was this risk assessment documented? (Yes or No)

 

What prompted this risk assessment? (Select all that apply)

  • AUSTRAC compliance assessment
  • AUSTRAC enforcement action
  • AUSTRAC engagement, feedback, or guidance
  • Change of AML/CTF Compliance Officer
  • Newly identified risks
  • New designated service
  • New technology or delivery method
  • Regular scheduled review
  • New risk assessment methodology
  • Advice from industry body
  • Advice from external consultant or service provider
  • Media reports
  • Independent review
  • Changes to legislation
  • Additional reason(s) for risk assessment (Please specify) (Maximum 200 characters)

Reasons for risk assessment

Media Reports

Reports include, but are not limited to newspaper articles, news websites, and social media.

Additional reason(s)

Select this option if you had reason(s) other than, or in addition to, the reasons that are listed.

If you enter more than one 'Additional reason', please separate them with a comma.

Do you have a documented process for conducting a risk assessment? (Yes or No)

 

Assessment

 

What employee checks do you conduct? (Select all that apply)

  • Check licensing
  • Open source searches
  • Police checks
  • Other qualification checks
  • Reference checks
  • Sanction and PEP checks
  • Social media review
  • News and media
  • Bankruptcy checks
  • Credit checks
  • ASIC banned and disqualified person checks
  • Identification checks
  • Additional check(s) (please specify) (Maximum 200 characters)

Employee Check

Third party providers

You have also conducted a check if you use a third party provider for employee due diligence. Select the checks that they undertake on your behalf.

Open source searches

Information searches using publicly available sources on the internet.

PEP

A PEP is a politically exposed person.

Social media review

Information searches on social network online platforms.

Additional check(s)

Select this option if you conducted checks other than, or in addition to, those that are listed.

If you enter more than one ‘Additional check’, please separate them with a comma.

Do you assess the ML/TF risk for each employee’s role? (Yes or No)

ML/TF

ML/TF means money laundering and terrorism financing.

Do you conduct different employee checks for roles with higher ML/TF risk? (Yes or No)

 

AML/CTF Training

 

Did you provide AML/CTF training in 2022? (Yes or No)

 

What AML/CTF training did you provide? (Select all that apply)

  • Training for new employees
  • Regularly scheduled refresher training
  • Training on request
  • ACAMS
  • Role specific training
  • Additional training (Please specify) (Maximum 200 characters)

AML/CTF training type

Additional training

Select this option if you provided training other than, or in addition to, the types that are listed. If you enter more than one ‘Additional training’, please separate them with a comma.

Did you update your AML/CTF training program in 2022? (Yes or No)

Updates to AML/CTF training program

Includes changes to the content of training, the way in which training was delivered, who it was delivered to, or how frequently it was delivered.

What prompted this update? (Select all that apply)

  • AUSTRAC compliance assessment
  • AUSTRAC enforcement action
  • AUSTRAC feedback & guidance
  • Changes to your ML/TF risk assessment
  • New designated service
  • Newly identified risks
  • Internal review of systems or procedures
  • New technology or delivery methods
  • Advice from industry body
  • Advice from external consultant or service provider
  • Media reports
  • Independent review
  • Changes to legislation
  • Additional reason(s) for update (Please specify) (Maximum 200 characters)

Updates to AML/CTF training program

Includes changes to the content of training, the way in which training was delivered, who it was delivered to, or how frequently it was delivered.Media Reports

Reports include, but are not limited to newspaper articles, news websites, and social media.

Additional reason(s)

Select this option if you had reason(s) other than, or in addition to, the reasons that are listed.

If you enter more than one 'Additional reason', please separate them with a comma.

Customers

 

Approximately how many customers/members do you have?

  • 1-100
  • 101-1,000
  • 1,001-10,000
  • 10,001-100,000
  • 100,001-1 million
  • More than 1 million

 

What are your customer types? (Select all that apply)

  • Individual
  • Company
  • Trustee
  • Partnership
  • Association
  • Registered co-operative
  • Government body      

Customer Types

These are the types of customers that you provide designated services to?

Customer verification

 

Risk assessment

 

How many of your customers are high risk or above?

Number of customers (Maximum 6 characters)

High risk customer

You are required to assess what you consider to be a high risk customer relationship within your business. This assessment should be set out in your AML/CTF program. Factors that you should take into account include:

  • The legal structure of your customer (i.e. individual, company, trustee)
  • The beneficial owners of your customer (if applicable)
  • Whether your customer is a politically exposed person
  • The source of funds and wealth of your customer
  • The nature and purpose of the business relationship with your customers
  • The control structure of your non-individual customers
  • The types of designated services that you provide
  • The methods by which you provide designated services
  • The foreign jurisdictions with which you deal.

What factors do you consider when determining a customer as high risk? (Maximum 500 characters)

 

Did you perform Politically Exposed Persons (PEPs) checks in 2022? (Yes or No)

Politically Exposed Persons (PEPs)

Where your business uses a broader PEP definition than that prescribed by the AML/CTF Act, you may choose to answer based on that definition.

Why did you not perform PEP checks in 2022? (Maximum 500 characters)

 

How did you identify PEPs? (Select all that apply)

  • Media Review
  • Open source searches
  • Commercial or external database
  • Sanctions list
  • Self-certification or declaration by customer
  • Additional identification method(s) (Please specify) (Maximum 200 characters

Politically Exposed Persons (PEPs) identification

Where your business uses a broader PEP definition than that prescribed by the AML/CTF Act, you may choose to answer based on that definition.

Open source searches

Information searches using publicly available sources on internet.

Commercial database

A database of information developed and maintained by a commercial entity and made available to customers. This is the information for which you are likely to pay or subscribe for.

Additional method(s)

Select this option if you identify PEPs using methods other than, or in addition to, the methods that are listed.

If you enter more than one 'Additional identification method', please separate them with a comma.

How many of your customers did you identify as PEPs? Number of customers (Maximum 6 characters)

 

Unusual or potentially suspicious activity

 

How did your staff report unusual or potentially suspicious activity? (Select all that apply)

  • Email (internal)
  • Online form (internal)
  • Paper form (internal)
  • Verbal conversation (internal)
  • Submit SMR to AUSTRAC (external)
  • Staff did not identify and report any unusual or potentially suspicious activity in 2022
  • Additional reporting methods (internal)
  • Additional reporting methods (external)

Reporting of unusual or suspicious activity

You or your staff may report unusual or potentially suspicious activity by escalating the matter to a specified person or area within your business or by submitting a suspicious matter report (SMR) directly to AUSTRAC.

Internal

Reporting processes within your business.

External

Reports to, and engagement with, AUSTRAC.

Online form

A digital form that is accessible and editable online.

SMR

SMR means suspicious matter report.

Additional method(s)

Select this option if you report methods other than, or in addition to, the methods that are listed.

If you enter more than one 'Additional method', please separate them with a comma.

Please specify additional reporting methods (internal): (Maximum 200 characters)

 

Please specify additional reporting methods (external): (Maximum 200 characters)

 

Please explain why staff did not identify and report any unusual or potentially suspicious activity? (Select all that apply)

  • Transaction monitoring system did not identify any unusual activity
  • Staff did not identify any unusual or suspicious activity
  • Unusual or suspicious activity was identified and assessed, but was not considered suspicious
  • Other (Please specify) (Maximum 200 characters)

 

Transaction Monitoring Program (TMP)

 

Do you have a TMP in place? (Yes or No)

 

Is your TMP manual, automated or both?

  • Manual
  • Automated
  • Both

Transaction Monitoring Program (TMP)

Manual

Transactions are added to a spreadsheet, or ledger and manually reviewed for any potential anomalies, outliers or unusual activity.

Automated

A series of predefined rules built into a software program or system. The rules are then run over your transaction data and alerts generate whenever a transaction 'hits' on a rule.

Describe the automated systems you use as part of your TMP: (Maximum 500 characters)

 

Did you review TMP rules in 2022? (Yes or No)

Transaction Monitoring Program (TMP) rules

TMP rules

Any rules, logic or thresholds that are used to identify unusual or potentially suspicious transaction activity.

What prompted you to review your TMP rules? (Select all that apply)

  • AUSTRAC compliance assessment
  • AUSTRAC enforcement action
  • AUSTRAC feedback & guidance
  • Newly identified risks
  • New designated service
  • New technology or delivery method
  • Regular scheduled review
  • Change of AML/CTF Compliance Officer
  • Changes to your ML/TF risk assessment
  • High ratio of false positives
  • Advice from industry body
  • Advice from external consultant or service provider
  • Media Reports
  • Independent Review
  • Changes to legislation
  • Changes to product offerings
  • Changes to management of ownership
  • Internal audit
  • Additional reason(s) for review (Please specify) (Maximum 200 characters)

Review of TMP rules

High ratio of false-positives

A significant proportion of the matters identified through a particular rule or threshold are deemed not to be suspicious.

Media reports

Reports include, but are not limited to, newspaper articles, news websites, social media.

Additional reason(s) for review

Select this option if you had reason(s) other than, or in addition to, those that are listed.

If you enter more than one 'Additional reason', please separate them with a comma.

Did your TMP identify any potentially suspicious customer transactions that required further review in 2022? (Yes or No)

 

Why did your TMP not identify any suspicious customer transactions? (Enter reason below) (Maximum 500 characters)

 

Enhanced Customer Due Diligence (ECDD)

 

Do you have a documented ECDD program? (Yes or No)

 

Did you conduct ECDD in 2022? (Yes or No)

 

Why did you not conduct ECDD in 2022? (Please enter reason for not conducting ECDD in 2022) (Maximum 500 characters)

 

How did you conduct ECDD? (Select all that apply)

  • Extra information gathered (directly from the individual or business)
  • Extra information gathered (informally via open source searches, commercial or external databases, news or media)
  • Verify or re-verify KYC information
  • Verify or re-verify beneficial owner information
  • More detailed analysis of transaction monitoring
  • Senior management approval
  • Consider whether to process transaction
  • More analysis of KYC information
  • Additional method(s) (Please specify) (Maximum 200 characters)

Conducting ECDD

Extra information gathered

Collection of extra information from the customer or third party sources to clarify already collected KYC or beneficial owner information, or to identify the source of wealth and funds of the customer and beneficial owners.

KYC information

Know-Your-Customer information.

Senior management approval

An approval by senior management for continuing the business relationship and the provision of a designated service to the customer.

Additional method(s)

Select this option if you used method(s) other than, or in addition to, those that are listed.

If you enter more than one 'Additional method', please separate them with a comma.

Do you have a documented procedure in place to record and consider AUSTRAC feedback and guidance? (Yes or No)

 

What feedback or guidance did you receive? (Select all that apply)

  • Correspondence from AUSTRAC in relation to your business specifically
  • Correspondence from AUSTRAC in relation to your industry
  • Correspondence from AUSTRAC in relation to all Reporting Entities
  • AUSTRAC publications in relation to your industry
  • AUSTRAC publications in relation to all Reporting Entities
  • No feedback, guidance material or correspondence was received from AUSTRAC in relation to your business' compliance during 2022
  • Other (Please specify) (Maximum 200 characters)

 

What did you do in response to this? (Select all that apply)

  • Communicated or escalated feedback internally
  • Conducted training
  • Increased AML/CTF resourcing
  • Reviewed or changed AML/CTF program
  • Reviewed or changed ML/TF risk assessment
  • Reviewed or changed transaction monitoring rules
  • Back-captured transaction reports
  • No action required
  • Independent review
  • Additional action(s) (Please specify) (Maximum 200 characters)

Response to AUSTRAC feedback

ML/TF

ML/TF means money laundering and terrorism financing.

Additional action(s)

Select this option if you took action other than, or in addition to, those that are listed.

If you enter more than one 'Additional action', please separate them with a comma.

Thank you for completing the compliance report.

AUSTRAC is focussed on providing better assistance and guidance to our reporting entities and your feedback would be appreciated. Please take a moment to answer the following questions.

What did AUSTRAC do well to help your compliance? (optional) (Maximum 500 characters)

What could AUSTRAC have done much better? (optional) (Maximum 500 characters)

 

The content on this website is general and is not legal advice. Before you make a decision or take a particular action based on the content on this website, you should check its accuracy, completeness, currency and relevance for your purposes. You may wish to seek independent professional advice.

Last updated: 22 Dec 2022
Page ID: 851

Was this page helpful?

Was this page helpful?
Please note that feedback you provide here will be used only for the purpose of improving our website. If you have a specific question about your AML/CTF obligations, please contact us.