AML/CFT Review

Frequently Asked Questions

Frequently Asked Questions

What is AML/CTF?

The Anti-Money Laundering and Counter-Terrorism Financing Act 2006  (AML/CTF Act) place responsibilities on Australian entities that provide any designated services listed under section 6 of the AML/CTF Act. These entities generally provide financial, gambling, bullion or digital currency exchange services to detect and deter money laundering and terrorism financing. The Act ensures that businesses take appropriate and efficient steps to ensure that their clients are not money laundering and terrorism financing while contributing to public confidence in the Australian financial system.

What is an Independent AML/CTF Audit?

The AML/CTF Act requires Reporting Entities to have an independent review of their Risk Assessment, AML/CTF Programs and processes. This must be conducted by an appropriately qualified and independent person. If you need assistance with an independent AML/CTF Review please contact us here.

What is a Risk Assessment?

A Risk Assessment is a Reporting Entity’s foundational document which assesses the risks and vulnerabilities of being exposed to money laundering or terrorist financing.

What is a Program(s)?

A Reporting Entity’s Programs must be based on the risks assessed in its Risk Assessment and must set out internal policies, procedures and controls which will manage and mitigate money laundering and terrorist financing. There are three types of AML/CTF Programs:

  • Standard program – applies to individual reporting entities;
  • Joint program – applies to reporting entities that are members of a “designated business group”; and
  • Special program – applies only to holders of an Australian Financial Services Licence (AFSL) offering a particular kind of designated service.

AML/CTF Programs have two key parts:

  • Part A, relating to the identification, management and reduction of the risk of ML/TF (not required for a special program); and
  • Part B, relating to customer identification and verification procedures i.e KYC.

How often should independent reviews be done?

You must decide how often reviews are done. How you decide depends on:

• The size of your business or organisation.
• What kind of business or organisation you have.
• How complex your business or organisation is.
• Your level of money laundering/terrorism financing risk.

High-risk organisations should have independent reviews done at least every two to three years.