A Guide to AML for Australian FinTechs
Uncover the core compliance responsibilities that arise from Australia’s AML/CTF regime and how FinTechs should respond using a risk-based approach.
Download the guideBeing aware of the conditions that increase the likelihood of a customer’s involvement in money laundering (ML) or terrorist financing (TF) is a responsibility that financial institutions cannot take lightly. The absence or inadequacy of robust ML/TF risk management programs exposes FinTechs to serious reputational and compliance risks that can result in heavy fines and enforcement actions by regulators.
But what risk management strategies can Australian firms employ to best fulfill their gatekeeping responsibilities?
The risk-based approach is vital to the Financial Action Task Force (FATF) and regulators such as AUSTRAC. If firms target suitable financial crime risks, select the right tools to do so, and use those tools precisely, there is a much better chance of disrupting criminal activity.
However, there is still a danger that the phrase “risk-based approach” has become empty with over-use and is implemented in anti-money laundering and combatting terrorist financing (AML/CTF) neither as widely nor as deeply as it might. So how can FinTechs internalize the risk-based philosophy across the range of their AML/CTF activities?
As firms grow and mature, many begin crafting their ML/TF Risk Assessment within a broader risk assessment framework, which helps identify inherent financial crime risks and provides a structured process for evaluating where AML/CTF frameworks need to change. This is often called an “Enterprise Wide Risk Assessment” (EWRA).
In EWRAs, there are three key concepts:
A firm’s first EWRA is likely to be basic, given a lack of experience and data. The real value comes when it is applied regularly. The question that arises, therefore, is how often firms should refresh their EWRA. There is no rule, but most mature firms that use the framework will schedule a “full-dress” process yearly. However, firms should also be prepared to undertake event-driven reviews when it is significant enough of a trigger, external or internal. An economic downturn, a war, or a significant public health event like the pandemic are likely to act as a ready prompt to refresh an EWRA, as are the introduction of a new product, a market expansion, or change in delivery channels, etc.
In this broader discussion of the importance of factoring risk-based thinking deeply into a firm’s processes, it is worth highlighting some of the primary AML/CTF risks that Australian firms should consider as they craft their risk assessments. In its 2021-2025 Corporate Plan and other statements, AUSTRAC has prioritized several strategic risks:
To help financial institutions stay abreast of emerging typologies, AUSTRAC regularly issues guidance resources, which include information on crime-specific indicators to help with detection. These resources include guidance on:
Not all guidance reports will directly apply to a firm’s individual risk environment and profile. However, it is essential to stay abreast of developments, and AUSTRAC is regularly added to its body of documents every few months. Firms should visit the AUSTRAC website to collate and review the new material.
Uncover the core compliance responsibilities that arise from Australia’s AML/CTF regime and how FinTechs should respond using a risk-based approach.
Download the guideOriginally published 16 September 2022, updated 16 September 2022
Disclaimer: This is for general information only. The information presented does not constitute legal advice. ComplyAdvantage accepts no responsibility for any information contained herein and disclaims and excludes any liability in respect of the contents or for action taken based on this information.
Copyright © 2023 IVXS UK Limited (trading as ComplyAdvantage).