Changes to anti-money laundering laws have come into effect: what now? - Terrorism, Homeland Security & Defence

Changes to Australia's anti-money laundering and counter terrorism finance laws seek to make it easier for banks and other reporting entities to prevent financial crime and to strengthen Australia's financial system.

On 17 June 2021, amendments to the Anti-Money Laundering and Counter-Terrorism Financing Act 2006 (Cth) (AML/CTF Act) came into effect. This AML/CTF reform program ( known as Phase 1.5) is partially a product of the statutory review of the AML/CTF Act in April 2016 by the Attorney General's Department (Statutory Review).

The reforms are also the result of over five years of legislative consultation and review stimulated by criticisms of the AML/CTF Act in the 2015 Mutual Evaluation Report of Australia by the Financial Action Task Force (FATF).

Key changes

Third party reliance on customer due diligence procedures

A key focus of the amendments was the creation of safe harbor provisions under the AML/CTF Act to enable one reporting entity to rely on the customer due diligence of another, called 'third party reliance'.

Division 7 of the AML/CTF Act provides that in general a reporting entity is ultimately responsible for the actions of anyone else who conducts customer due diligence on its behalf. In other words, the Act deems that 'anyone else' to be the agent of the reporting entity.

Before the amendments, if a customer entered into a transaction with multiple reporting entities, the customer might need to undertake customer due diligence with each entity involved in the transaction.

The amendments expand the circumstances where a reporting entity may rely on third parties' customer due diligence, reducing the need for multiple instances of customer due diligence, though reporting entities still need to satisfy the record-keeping requirements under Part 10 of the Act.

As the Australian Financial Markets Association pointed out in 2018, however, the new 'safe harbour' provisions do not entirely mitigate the compliance burden. How these provisions work, and some of the limitations of them, are explained below.

First, the safe harbour is only available if the relevant third party is:

another reporting entity regulated under the AML/CTF Act; or
an entity located in a foreign country that is subject to equivalent customer due diligence and record-keeping obligations as those in the AML/CTF Act in Australia (called a 'suitable foreign entity').

Second, there are two scenarios where third party reliance is available, but they offer differing degrees of protection.

Where there is an arrangement or agreement

The best protection is available when a reporting entity enters into a written agreement with the third party. As long as it carries out regular assessments of the arrangements; and has reasonable grounds to believe that the third party is satisfying the customer due diligence requirements under the AML/CTF rules at the time of making the agreement, safe harbour protection will be available.

The written agreement will need careful drafting to disturb the presumption of agency under the Act. At a minimum, however, it should:

outline the responsibilities of each of the parties to the arrangement; and
have provisions enabling the reporting entity to:
- obtain all required know-your-customer information relating to the identity of the customer; and
- obtain verification details on request and without delay, including:
  - the customer;
  - the beneficial owner of the customer; and
  - a person acting on behalf of the customer.

On a case-by-case basis

There may also be limited protection available where, on a case by case basis, a third party has undertaken customer due diligence procedures prescribed by the AML/CTF rules; and a reporting entity has reasonable grounds to believe that it is appropriate to rely on those procedures, having regard to the risks of money laundering and financial terrorism it faces.

However, for case-by-case third party reliance, reporting entities will need to make a written record:

of the third party's status as a reporting entity or suitable foreign entity;
that the third party has obtained all the appropriate KYC information and that this is available to the reporting entity; and
of the reporting entity's consideration of the risk factors set out in 7.3.3 of the Act, such as the nature of the transaction and the threats of money laundering, in concluding that it has 'reasonable grounds'.

Reporting requirements for cross-border movement of money or bearer negotiable instruments

The amendments consolidate reporting requirements for cross-border movements of physical currency and bearer negotiable instruments so that there is now a requirement to report, for both:

cross-border movement 'worth $10,000 or more'; and
receipt of $10,000 or more from overseas.

Breach of these reporting requirements also now attracts higher penalties.

Further restrictions on correspondent banking relationships

'Correspondent banking relationships' (CBRs) are cross-border arrangements between financial institutions, which enable one institution to provide banking services to another institution (and their affiliated customers) in another country.

CBRs are notoriously susceptible to money laundering and terrorism financing risks. To address this, the amendments strengthen existing restrictions on CBRs by:

extending existing prohibitions on CBRs to prohibit financial institutions from entering into CBRs that allow their accounts to be used by shell banks;
requiring banks to undertake both initial and ongoing due diligence assessments of CBRs and;
removing the availability of a defence that the financial institution was not reckless as to its correspondent banking arrangements.

By tightening these restrictions, the reforms will close a gap in the AML/CTF Act identified by FATF. That gap had meant that under the pre-amendment legislation, financial institutions were not required to satisfy themselves that the other institution in the CBR did not permit its accounts to be used by shell banks. Given the reforms largely mirror existing international banking practice, the Federal Government expects them to only have a minor cost to banks.

New exceptions to the prohibition on 'tipping off'

It is a crime for reporting entities to 'tip off' or disclose any information about a Suspicious Matter Report (SMR) made about one of their clients (other than to an AUSTRAC entrusted person), including the fact that an SMR has been made.

To date, there have been very limited exceptions to the prohibition on 'tipping off'. The amendments have expanded these exceptions to allow reporting entities to share SMRs and related information with:

external auditors who are reviewing the reporting entity's AML/CTF program; and
foreign members of a designated business group or corporate group outside of Australia for the purpose of disclosing the risks involved in dealing with a particular customer.

Two safeguard measures have also been introduced to mitigate risks which could arise from these increased opportunities for disclosure. First, external auditors can only disclose the SMR information in connection with the audit. Second, the exception for foreign members only applies where the foreign members are also regulated by a foreign regime that enacts 'some or all of the FATF recommendations'. Currently there are 37 countries and two regional organisations that are members of the FATF.

Despite the broad coverage of FATF members and affiliated organisations, like the Asia-Pacific Group, businesses should seek legal advice as to whether a foreign member is in a jurisdiction that is regulated by laws of a foreign country that enact some or all of the FATF recommendations before proceeding to share information. It is important that businesses are cautious in making these inquiries since they bear the burden of proof in these matters under section 13.3(3) of the Criminal Code.

The amendments also permit reporting entities to communicate information about compliance with an AUSTRAC section 49 notice (including what has been produced) to an AUSTRAC entrusted person such as a staff member of AUSTRAC.

Enhanced domestic and international information sharing

The amendments allow for greater information sharing between AUSTRAC and government agencies which will enable greater cooperation between agencies to facilitate investigation of criminal activity connected to money laundering.

The amended section 125 empowers the AUSTRAC CEO to authorise federal, state and territory government agencies to access 'AUSTRAC information' for the purpose of carrying out that agency's duties and functions and exercising its powers.

Section 127 now also permits the AUSTRAC CEO and government agencies to disclose AUSTRAC information to foreign agencies and governments where appropriate undertakings are given.

Regulatory crackdown on AML non-compliance

The original AML/CTF Act was enacted in a spirit of partnership between business and government, and the Statutory Review sought to continue that push by reducing red tape and simplifying the AML/CTF Act.

However, public trust in the capacity of reporting entities to effectively respond to the threats from organised crime and money laundering has been eroded by revelations from the Royal Commission into Misconduct in the Banking, Superannuation and Financial Services Industry and the Independent Liquor and Gaming Authority Inquiry under section 143 of the Casino Control Act 1992 (NSW) (Bergin Inquiry).

In the time since the last major amendments to the AML/CTF Act, AUSTRAC has expanded significantly, from 351 staff in 2018-19 to 514 staff in 2020. By the end of 2021 it will have a total of 571 staff. It has also brought significant penalty enforcement proceedings against major banks and institutions,¹ undertaken a largescale campaign regarding the remittance sector, and has announced investigations focusing on casinos in the wake of the Bergin Inquiry and the Royal Commission into the Casino Operator and Licence.

The latest amendments straddle the sometimes contradictory aims of simplifying compliance while also strengthening institutional accountability and management of money laundering and terrorism financing risks.

The result is a legislative landscape that may hold some challenges for businesses seeking to benefit from the new provisions. While the earlier spirit of the legislation may have emphasised the minimisation of risk and a partnership, businesses should expect that the landscape is shifting more toward compliance and regulation in future.

AUSTRAC's success to date has heightened awareness of money laundering and financial crime risks within corporate Australia. Recent regulatory crackdowns on AML non-compliance in the banking, gaming and remittance sectors underlines the importance of reporting entities updating their controls in line with the latest changes.

Footnote

¹ Against Westpac in 2020: Chief Executive Officer of the Australian Transaction Reports and Analysis Centre v Westpac Banking Corporation (2020) 148 ACSR 247;; Commonwealth Bank of Australia in 2018: Chief Executive Officer of the Australian Transaction Reports and Analysis Centre v Commonwealth Bank of Australia Limited [2018] FCA 930; Chief Executive Officer of Australian Transaction Reports and Analysis Centre v TAB Limited (No 3) [2017] FCA 1296.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.