In our previous Insight, AUSTRAC Cracks Down on Emerging Finance Sectors – New Powers, we covered AUSTRAC’s increasing surveillance of emerging non-bank lending and financing sectors and related target sectors such as Digital Currency Exchanges and the potential use of enhanced regulatory examination, information and investigation powers under the Anti-Money Laundering and Counter-Terrorism Financing Amendment Act 2024 (Cth).
Non-Bank Lending Sector and Digital Currency Exchanges - beware
AUSTRAC’s regulatory campaign focusing on the non-bank lending and financing sector was confirmed on 15 May when AUSTRAC announced the appointment of an external auditor to Mercedes Benz Financial Services Australia after raising concerns about the financier’s compliance with the AML/CTF Act.
AUSTRAC listed concerns with serious issues such as:
assuming most customers were low risk
a lack of systems to identify and escalate suspicious matters
inadequate transaction monitoring.
AUSTRAC CEO Brendan Thomas specifically identified:
“the non-bank lending sector, such as mortgage providers, personal loans, equipment and motor vehicle financing and leasing, have a responsibility to ensure they have the resources and processes in place to comply with their AML/CTF obligations.”
That AUSTRAC “have written to the entire sector detailing non-reporting and under-reporting as well as raising concerns with the sector’s ability to identify and manage high-risk customers and effectively monitor customer transactions.”
Similarly, AUSTRAC issued infringement notices of $75,120 to digital currency exchange provider Cointree Pty Ltd for the alleged failure to submit suspicious matter reports (SMRs) to AUSTRAC on time.
AUSTRAC explained the underlying policy imperative that by failing to submit SMRs on time it denies AUSTRAC and its law enforcement partners, the opportunity to act on the information in a timely manner and SMR reporting forms the backbone of its intelligence function.
The fact that Cointree fully co-operated with AUSTRAC in self-disclosing the breaches and took proactive steps to remediate its systems and controls to ensure future compliance helped to mitigate a more serious regulatory response.
AUSTRAC has indicated that the Digital Currency Exchange (DCE) sector is undergoing rapid growth, and it has significant concerns about some DCE’s capacity for and commitment to AML/CTF compliance.
In light of the heightened risk in the DCE sector, it is a regulatory priority for AUSTRAC and DCE compliance is a specific area of focus across 2025.
Updated AML CTF Program requirements and governance
In the context of ensuring compliance of systems and controls to ensure future AML CTF compliance, significantly, the Amendment Act also updates the AML CTF Program requirements to:
remove the current ‘check box’ compliance approach
set outcomes-focused obligations for an effective AML/CTF program
require reporting entities to take a risk-based approach to their AML/CTF program.
This shifts the focus from a compliance-based approach to a risk-based, outcomes-oriented approach in order facilitate a reporting entity to tailor a Program which aligns and addresses the actual risks which a particular business encounters.
The Amendment Act also removes the requirement for separate Parts A and B of an AML CTF Program to provide a reporting entity with a greater flexibility to structure its Program if it effectively identifies, mitigates and manages relevant AML CTF risks.
Overall, the regulatory changes have substantial implications for AML CTF governance.
Time to Review AML/CTF Programs
Directors and senior management of reporting entities with oversight of AML/CTF Programs should undertake a re-assessment of their business (particularly non-bank lenders and financiers and the DCE and payment platform sectors) to ensure that the AML/CTF Program reflects and adopts a risk-based approach in line with the modified regulatory framework and AUSTRAC’s current regulatory priorities.
For further information, please contact Michael Bracken and Zac Mizgalski of our Financial Services team.
This publication has been prepared for general guidance on matters of interest only and does not constitute professional legal advice. You should not act upon the information contained in this publication without obtaining specific professional legal advice. No representation or warranty (express or implied) is given as to the accuracy or completeness of the information contained in this publication and to the extent permitted by law, Cowell Clarke does not accept or assume any liability, responsibility or duty of care for any consequences of you or anyone else acting or refraining to act in relation on the information contained in this publication or for any decision based on it.