Published 23 June, 2017
AUSTRAC has identified a number of short-falls in its recent review of reporting entities and their compliance with AML/CTF obligations.
The key areas for improvement that were identified by AUSTRAC were:
- ML/TF risk assessments.
- Application of the risk-based approach to AML/CTF compliance.
- Outsourcing and automation of activities.
- Governance issues.
We will look at these areas for improvement in further detail over a four part series.
Reporting entities are able to take a risk-based approach to their AML/CTF compliance depending on the nature, size and complexity of their business.
The reporting entity’s processes should be documented in an AML/CTF program which is tailored to meet the specific ML/TF risks the business faces. The AML/CTF legislation contains detailed requirements about what must be included in a reporting entity’s AML/CTF program.
The key areas that AUSTRAC have identified for reporting entities to improve their AML/CTF programs include:
- Setting out the actual systems and controls the reporting entity has in place to comply with its AML/CTF obligations, rather than repeating the requirements from the AML/CTF Rules or other AUSTRAC guidance material.
- Ensuring the program is tailored to the reporting entity’s business (including nature, size, complexity and ML/TF risks faced), not just using a standard template that is applied to an entity regardless of the industry in which it carries on business.
- Making sure all documented processes are clear and set out what staff members must do, when they must do it and why.
If your AML/CTF program doesn’t tick these boxes, it is important that you review and update it as soon as possible.