INSIGHT

Reminder – AUSTRAC compliance reports are due

By Kerensa Sneyd, Andrew Shetliffe, Lauren McCarthy
Financial Services

Reviewing the recent changes to the form and how they will affect reporting entities 10 min read

With 2022 now in full swing and the due date for AUSTRAC compliance reports just around the corner (on 31 March 2022), we take a look at some recent changes to the form and how they will affect reporting entities.

What has changed?

In December 2021, AUSTRAC announced some important changes to its compliance reporting form, with the express intention to 'make it easier for you to complete your report.'

Until now, compliance reports have generally required reporting entities to select a response to each question from a predefined list (most often, a simple yes/no response). We all like multiple choice questions. This year, there will be a number of free text fields for reporting entities to complete. These will typically offer an 'opportunity' (read 'requirement') for a reporting entity to explain its responses – ie why it is not doing (or has not done) certain things that AUSTRAC would usually expect it to do.

For example, if a reporting entity's anti-money laundering and counter-terrorism financing program does not specify the frequency of an independent review, it must explain why not. Similarly, if a reporting entity's transaction monitoring program did not identify any suspicious matters, it must explain why.

What does it mean?

While there is no requirement in the Anti-Money Laundering and Counter-Terrorism Financing Act 2006 (Cth) (the AML/CTF Act) for reporting entities to self-report breaches of it to AUSTRAC, some of the questions in the revised compliance report come close to introducing such a requirement via the 'back door'. Certain questions may elicit responses that AUSTRAC considers akin to an admission of a contravention of the AML/CTF Act. Few reporting entities would tick 'No' to the question 'Do you have a transaction monitoring program?' without expecting a follow-up query.

The new requirements seem intended to prompt reporting entities to engage more actively with how the procedures incorporated in their AML/CTF programs do, in fact, address their assessment of ML/TF risks. There appears to be a strong inference, for example, that a transaction monitoring program is inadequate unless it identifies at least one suspicious matter annually.

While not themselves new, a couple of broader compliance reporting implications may be relevant when reporting entities confront the changes to the compliance reports. For example:

  • Section 48 of the AML/CTF Act expressly says that answers given in a compliance report are not admissible in evidence against the reporting entity (except in very limited circumstances). However, reporting entities will need to carefully consider how they complete these free text fields, as responses that expose gaps, or potential gaps, in systems or processes may prompt further inquiries from AUSTRAC. Reporting entities should consider whether such gaps, or potential gaps, may be able to be addressed before the lodging of the compliance report, avoiding having to provide an answer that may pique AUSTRAC's interest.
  • Section 136 of the AML/CTF Act creates an offence for knowingly completing a compliance report in a manner that is false or misleading (including by omission). While it may be tempting to brush over the detail, we anticipate that AUSTRAC will expect reporting entities to give robust responses, with the offence in s136 in mind.
  • While there are restrictions on the use of a compliance report as evidence in proceedings, AUSTRAC has broad information-gathering powers. If it is dissatisfied with the free text explanations, it may use these powers to obtain the evidence it needs to take further action.
  • On a similar note, while a compliance report can't be used in evidence against the person giving the report in certain proceedings, there is nothing in the AML/CTF Act that suggests AUSTRAC can't rely on a compliance report as the grounds for issuing an infringement notice.

While we find it hard to argue with an initiative aimed at achieving closer engagement by reporting entities with ML/TF risks, we query whether they will agree with AUSTRAC that the changes make compliance reporting 'easier'.