On 29 November 2024, the Australian Parliament passed legislation introducing substantial reforms to the anti-money laundering and counter-terrorism financing (AML/CTF) regulatory regime in Australia.
The Anti-Money Laundering and Counter-Terrorism Financing (AML/CTF) Amendment Bill 2024 (Bill) represents a major milestone in AML/CTF reforms. It seeks to clarify and simplify the current regime, modernise the regulation of virtual assets and payments technology and extend the regime to certain higher risk services provided by 'tranche two' entities.
In this alert we provide a snapshot summary of the reform and the changes that Parliament made to the Bill before it was passed, but first, here are the top 5 things you need to know right now:
1. For the most part, the changes do not take effect until March 2026.
2. If you are in the real estate, precious metal and stones and professional service industries, you may now have to comply with the AML/CTF regime. We have previously discussed the impact of the reforms on the real estate sector.
3. The addition of new categories designated service will see tens of thousands of businesses brought within the scope of the legislation for the first time, and will significantly increase the regulatory responsibilities of AUSTRAC.
4. If you are in the payments and/or digital assets industry, and you do not currently have to comply with the AML/CTF regime, you should reconsider your position.
5. If you are an existing reporting entity, you will need to (amongst other things) review and update your program and related processes and procedures, including KYC, as well as AML/CTF governance. There will be a greater emphasis on carrying out a more bespoke risk assessment of AML/CTF risks of your business.
Our Risk and Regulatory Consulting team have provided practical guidance as to what these gatekeeper entities need to consider and how challenging operationalising these changes can be.
Summary of amendments to the AML/CTF Act
The key amendments made by the Bill to the Anti-Money Laundering and Counter-Terrorism Financing (AML/CTF) Act 2006 (Cth) (AML/CTF Act) are:
- Expanding the regime to 'tranche two' entities. New 'designated services' have been inserted to regulate specific 'higher risk' services provided by real estate professionals, dealers in precious metals and precious stones and professional service firms like lawyers, conveyancers, accountants and trust and company service providers;
- Modernising and expanding regulation of virtual assets. To align with FATF standards, the existing definition of 'digital currency' is replaced with the concept of 'virtual assets', and the ambit of the AML/CTF regime is extended to much greater range of virtual asset-related services;
- Renovations to address changes in payments technology. The outdated concept of 'designated remittance services' has been replaced with the concept of a 'value transfer chain'. This results in the streamlining of various existing concepts of funds transfer and remittance arrangements;
- Overhaul of the AML/CTF Program requirements. Reporting entities are now required to have an overarching written risk assessment, combined with a requirement to prepare and maintain AML/CTF policies which respond to that specific risk assessment. Both the risk assessment and policies will form part of the program;
- 'DBG' out, 'reporting group' in. The existing concept of a 'designated business group' is replaced with a simplified 'reporting group' concept. It enables entities which are under common control to form a reporting group;
- 'Senior Manager' to approve of AML/CTF program. The roles and responsibilities of the governing body, senior management and compliance officer of a reporting entity have changed. It is expected that an AML/CTF program will be adjusted in a dynamic fashion to respond to experience in practice. To facilitate this, changes to the program can be made by a senior manager and notified to the governing body rather than going through a formal approval process from the governing body for each change;
- Enhancing KYC requirements. Prescriptive rules about how customer due diligence (i.e. KYC) is to be performed have been replaced with an outcomes based framework. Reporting entities are instead required to carry out an initial risk assessment for each customer and to perform KYC/CDD according to what is appropriate for that customer (with an ongoing obligation to revisit this in some circumstances);
- Reforming the tipping-off offence. In short, reporting entities are currently prohibited from sharing any information about suspicious matters to anyone, other than to AUSTRAC. The prohibition is reframed as a prohibition on disclosing or sharing relevant information where that action could reasonably prejudice an investigation; and
- Expanding AUSTRAC's information gathering powers, providing AUSTRAC with a number of additional information gathering powers, including a new examination power allowing AUSTRAC to seek information required to make enforcement decisions or to gather evidence in relation to enforcement proceedings.
An Explanatory memorandum was provided to give further colour to the above reforms.
Government changes to the AML/CTF Amendment Act
The Government made a number of changes to the Bill after its initial introduction to Parliament on 11 September 2024 and prior to passing it during the evening of 28 November 2024. There were many technical changes which included the following outlined below:
- clarifying that reporting entities are required to develop and maintain AML/CTF policies prior to providing designated services (and that failing to do so may result in the imposition of a civil penalty), but also deleting sections providing that each designated service constitutes a separate contravention of the AML/CTF Act;
- moving the commencement date of the tipping-off offence forward to 31 March 2025;
- expanding the definition of a 'domestic politically exposed person' beyond individuals who hold an office or position in an Australian government body to include any positions specified by the AUSTRAC CEO in the AML/CTF Rules;
- clarifying the application of civil penalty provisions in relation to the failure to undertake initial and/or ongoing customer due diligence, and that a reporting entity will commit a separate offence in respect of each designated service provided to the customer in contravention of the obligations to conduct initial and/or ongoing due diligence;
- extending the term of leasehold interests excluded from the scope of 'real estate' under the AML/CTF Act to 30 years;
- excluding barristers acting on the instructions of a solicitor from the scope of the AML/CTF regime;
- updating the simplified outline in the Bill in respect of obligations relating to transfers of value to clarify that the obligations of a beneficiary institution relate to information received or otherwise obtained (e.g. through a due diligence process);
- amending obligations relating to reports of cross border transfer of value and in particular obligations of an ordering institution in relation to the transfer of information to provide for different ways in which the ordering institution may give effect to a value transfer or initiate a value transfer chain; a beneficiary institution which makes value available to recognise that the beneficiary institution may obtain information in a value transfer chain other than from ordering or intermediary institutions; and, an intermediary institution in relation to the transfer of information to recognise that the intermediary institution may receive missing information in a value transfer chain through means other than the passing of information with the transfer itself;
- clarifying that verification processes in relation to self-hosted virtual asset wallets should focus on the identity of the person controlling the wallet; and
- expanding the definition of 'qualified accountant' to include members of the Institute of Public Accountants.
A Supplementary Explanatory memorandum was released to support the above changes.
A number of the changes were implemented to give effect to recommendations made by the Senate Standing Committee on Legal and Constitutional Affairs. At the same time, other changes appear to have been made of the Government's own initiative as a result of stakeholder engagement.
Some exemptions requested by the Coalition and by independent members of Parliament were not accepted. In particular, there will be no general exemption for small businesses. Many of the new businesses captured by the expanded AML/CTF regime will be small businesses.
Next steps
Most of the changes made by the Bill will not commence until March 2026. However, some changes, such as those to the tipping off prohibition, will commence on 31 March 2025.
The legislation will need to be supported by significant changes to the AML/CTF Rules. AUSTRAC has already started to engage with industry groups. We anticipate that AUSTRAC will start broader consultation on the proposed amendments to the AML/CTF Rules before the end of 2024. AUSTRAC may also publish some guidance following the outcomes of its industry consultation process.
The embedding of risk assessment requirements into compliance program requirements means that a combination of legal and risk consulting expertise will be required to ensure compliance. MinterEllison is uniquely placed to bring an integrated offering of experienced risk and regulatory consultants and lawyers to support existing reporting entities and newly captured businesses to complete focussed AML/CTF projects.