Do I Need to Enrol or Register with AUSTRAC under AML/CTF laws?

Reading Time: 8 minutes

Introduction

Australian businesses operating in financial services must navigate Anti-Money Laundering and Counter-Terrorism Financing regulations. Compliance with the Anti-Money Laundering and Counter-Terrorism Financing Act 2006 (Cth) requires certain entities to fulfil key obligations, including enrolment or registration with the Australian Transaction Reports and Analysis Centre (AUSTRAC).

This guide provides essential information to determine if your organisation needs to enrol or register with AUSTRAC for AML/CTF compliance. It will clarify who is considered a reporting entity, what constitutes a designated service, and the key obligations for businesses to mitigate money laundering and terrorism financing risks.

Understanding Anti-Money Laundering (AML) and Counter-Terrorism Financing (CTF) Obligations in Australia

The Purpose of the Anti-Money Laundering and Counter-Terrorism Financing Act 2006 (Cth)

Australia’s AML/CTF framework, established through the Anti-Money Laundering and Counter-Terrorism Financing Act 2006 (Cth) (AML/CTF Act 2006 (Cth)), aims to protect Australia’s financial system and economy. Introduced to meet international standards, the AML/CTF Act 2006 (Cth) is the primary legislation in Australia for AML/CTF compliance.

The main objectives of the AML/CTF Act 2006 (Cth) are to:

• Detect, deter, and disrupt money laundering and terrorism financing: The Act seeks to identify and prevent the flow of illicit funds, ensuring that the financial system is not used to facilitate criminal activities.
• Meet international obligations: As a member of the FATF, Australia is committed to adhering to global AML/CTF standards. The AML/CTF Act 2006 (Cth) helps Australia meet these international commitments.
• Promote public confidence: The Act aims to enhance trust and confidence in the Australian financial system by implementing robust AML/CTF measures.
• Provide government bodies with powers: The legislation equips Australian government bodies with the necessary powers to gather and share information, facilitating the investigation and prosecution of money laundering and terrorism financing offences.

Key AML/CTF Obligations for Regulated Businesses

The AML/CTF Act 2006 (Cth) imposes several key obligations on regulated entities to mitigate and manage the risks of money laundering and terrorism financing. These obligations are designed to ensure that businesses can effectively identify, mitigate, and report potential financial crimes. These key obligations include:

• Enrol and register with AUSTRAC: Reporting entities must enrol with the Australian Transaction Reports and Analysis Centre (AUSTRAC). Additionally, certain entities, such as remittance service providers and digital currency exchange providers, are required to register with AUSTRAC. This ensures that AUSTRAC can effectively supervise and monitor these higher-risk businesses.
• Develop and maintain an AML/CTF program: Regulated entities are legally required to develop, implement, and maintain a comprehensive AML/CTF program. This program must be tailored to the reporting entity’s specific risks and include policies, procedures, and controls to mitigate and manage money laundering and terrorism financing risks.
• Conduct customer due diligence (CDD): Reporting entities must undertake CDD to verify the identity of their customers. This process, known as KYC (“Know Your Customer”), helps businesses understand the nature and purpose of the customer relationship and assess the money laundering and terrorism financing risks associated with each customer.
• Ongoing CDD: Entities must undertake ongoing monitoring of their customers and transactions. This obligation includes monitoring for suspicious transactions and keeping customer information up-to-date to effectively mitigate and manage evolving money laundering and terrorism financing risks.
• Reporting certain transactions and suspicious activity: Reporting entities have a legal obligation to report specific types of transactions to AUSTRAC, including:
  • Suspicious matter reports (SMRs)
  • Threshold transaction reports (TTRs) for cash transactions of AUD 10,000 or more
  • International funds transfer instructions (IFTIs)
• Make and keep records: Regulated entities must create and retain records related to customer identification, transactions, and their AML/CTF program for at least seven years to assist in investigations and demonstrate compliance.

Upcoming Changes to AML/CTF Regulations: Expansion of Designated Services

Expansion of Scope under the Anti-Money Laundering and Counter-Terrorism Financing Amendment Bill 2024 (Cth)

The Australian Parliament has recently enacted legislative reforms through the Anti-Money Laundering and Counter-Terrorism Financing Amendment Bill 2024 (Cth) AML/CTF Amendment Bill 2024 (Cth)). These amendments mark a significant expansion of the AML/CTF framework, aiming to modernise and strengthen Australia’s ability to combat financial crime.

Designed to align with evolving international standards and recommendations from the FATF, these reforms ensure that Australia’s regulatory framework remains robust against emerging threats. This legislative update builds on the AML/CTF regime initially established in 2006, reflecting an ongoing commitment to enhance the effectiveness of Australia’s AML/CTF measures.

Inclusion of Tranche 2 Entities: Lawyers, Accountants, Real Estate, and More

A key aspect of the AML/CTF Amendment Bill 2024 (Cth) is the extension of the AML/CTF regime to include “Tranche 2” entities. These entities are considered gatekeepers to the financial system and include:

• Legal Professionals: Certain services provided by lawyers and legal practices.
• Accounting Firms: Accountancy service providers.
• Real Estate Agents: Professionals involved in real estate transactions.
• Dealers in Precious Metals and Stones: Businesses trading in precious metals, stones, and related products.
• Trust and Company Service Providers: Entities offering trust and company formation and management services.

This expansion aims to close existing regulatory gaps, ensuring a broader range of professions contributes to preventing money laundering and terrorism financing. Due to their roles, these professions are at a higher risk of being exploited by individuals seeking to launder illicit funds or finance illegal activities.

Effective Date: 31 March 2026 for Virtual Assets and 1 July 2026 for Tranche 2 Entities

The implementation of these expanded obligations will occur in stages:

• 31 March 2026:
  New regulations will take effect for businesses providing designated services related to virtual assets, including entities involved in virtual asset exchange and transfer services.
• 1 July 2026:
  The AML/CTF regime will extend to Tranche 2 entities, encompassing lawyers, accountants, real estate professionals, and dealers in precious metals and stones.

These staggered commencement dates are intended to provide businesses with adequate time to prepare and implement the necessary compliance measures. This phased approach acknowledges the varying complexities and operational adjustments required across different sectors.

Current Status: Not Yet Subject to Requirements (Unless Already Providing Designated Services)

Currently, businesses within the Tranche 2 categories—such as lawyers, accountants, and real estate agents—are not yet subject to the new AML/CTF requirements unless they are already providing other designated services that trigger existing AML/CTF obligations.

As outlined above, the new obligations will commence in 2026. Therefore, while the legislative framework is now in place, the actual obligations for Tranche 2 entities and virtual asset service providers are not yet active. Businesses in these sectors should use this interim period to familiarise themselves with the upcoming changes and prepare for compliance, which will be mandatory from 2026.

Designated Services: Determining if Your Business is Regulated

What Constitutes a Designated Service?

Designated services are business activities that the Australian government has identified as carrying a higher risk of money laundering and terrorism financing. These services are specifically listed under the AML/CTF Act 2006 (Cth). If your business provides a designated service that has a geographical link to Australia, it will be considered a reporting entity and become regulated under Australian law.

Providing a designated service means your business is obligated to comply with AML/CTF rules. These obligations include enrolling with the AUSTRAC, the regulatory body that ensures businesses meet their compliance responsibilities regarding money laundering and terrorism financing.

Examples of Designated Services Under AML/CTF Laws

The AML/CTF laws regulate various sectors, with designated services spanning financial services (Tranche 1 entities), gambling, bullion, and digital currency exchange industries. Examples of designated services include:

• Financial Services: Opening bank accounts, providing loans, and trading in shares are considered designated services.
• Bullion Dealing: Buying and selling bullion, such as gold and silver.
• Gambling: Services provided by casinos, racetracks, and gaming machine venues.
• Digital Currency Exchange: Exchanging digital currencies like cryptocurrency.

These services include activities that, by their nature, may be susceptible to money laundering and terrorism financing risks. Therefore, businesses that provide designated services are classified as reporting entities and must undertake certain obligations to mitigate and manage these risks. 

Reporting Entities: Who Needs to Enrol or Register with AUSTRAC?

Defining ‘Reporting Entity’ Under the AML/CTF Act 2006 (Cth)

Under the AML/CTF Act 2006 (Cth), a reporting entity is defined as an individual, business, or organisation that provides a designated service with a geographical link to Australia. If your business provides a designated service that has a geographical connection to Australia, it will be classified as a reporting entity. This classification means your organisation is regulated under Australian law and must comply with AML/CTF rules.

As a reporting entity, your organisation is obligated to enrol with AUSTRAC. AUSTRAC is the regulatory body responsible for ensuring compliance with AML/CTF regulations and overseeing reporting entities. Enrolment is a mandatory first step for businesses that provide designated services, ensuring that AUSTRAC can effectively supervise and monitor these regulated entities.

Enrolment vs. Registration: Understanding the Requirements

While all reporting entities must enrol with AUSTRAC, certain types of businesses have additional registration requirements. The key difference lies in the level of regulatory oversight and the specific services offered.

• Enrolment: This is a basic requirement for all reporting entities. It involves providing AUSTRAC with essential information about your business through the Australian Business Profile Form. Enrolment is necessary to become part of the Australian AML/CTF regulatory framework.
• Registration: In addition to enrolment, businesses providing specific designated services considered higher risk, such as remittance service providers and digital currency exchange service providers, are required to register with AUSTRAC. This additional step involves a more detailed application process and ensures closer scrutiny by AUSTRAC. Registration for these entities is necessary before they can legally offer these designated services.

For instance, businesses dealing with digital currency exchange must not only enrol with AUSTRAC, but also apply for registration and receive confirmation before providing these services. This dual requirement reflects the increased risk of money laundering and terrorism financing associated with certain types of financial services.

The Enrolment and Registration Process with AUSTRAC

Steps to Enrol with AUSTRAC

To commence the enrolment process with AUSTRAC, reporting entities are required to complete the Australian Business Profile Form. This form is essential for providing AUSTRAC with key details about your business.

The enrolment process generally involves the following steps:

• Accessing the Australian Business Profile Form: This form is available on the AUSTRAC website and serves as the primary tool for enrolment.
• Providing Business Information: You will need to supply comprehensive information about your organisation. This includes details about your business structure, the designated services you offer, key personnel within your organisation, and contact information.
• Submitting the Form to AUSTRAC: Once completed, the Australian Business Profile Form must be submitted to AUSTRAC.

Enrolment is a mandatory step for all reporting entities and serves as a foundational requirement for compliance with AML/CFT rules.

Registration Requirements for Specific Businesses

While enrolment is a universal requirement for all reporting entities, registration is an additional obligation that applies specifically to certain types of businesses providing designated services considered to be at a higher risk of money laundering and terrorism financing. These businesses primarily include:

• Remittance service providers: Entities that offer services for transferring money, both domestically and internationally, on behalf of customers.
• Digital currency exchange service providers: Businesses that facilitate the exchange of digital currencies, such as cryptocurrencies, for traditional fiat currencies or other digital currencies.

For these specific categories of service providers, the registration process entails a more detailed and rigorous application compared to standard enrolment. Registration for remittance and digital currency exchange service providers involves:

• A more detailed application process: Beyond basic enrolment, these entities must complete a comprehensive registration application.
• Closer scrutiny by AUSTRAC: AUSTRAC conducts a thorough assessment of these businesses due to the inherently higher risks associated with their services.
• Registration before providing services: Critically, businesses offering remittance or digital currency exchange services are legally required to be registered with AUSTRAC before they can commence providing these designated services. Operating these services without prior registration confirmation from AUSTRAC is unlawful.

Consequences of Failing to Enrol or Register and AML/CTF Non-Compliance

Penalties for Non-Enrolment and Non-Registration

Failure to enrol with AUSTRAC when your business is obligated as a reporting entity can lead to significant penalties. AUSTRAC takes non-compliance seriously and has various enforcement actions at its disposal. For failing to enrol, AUSTRAC may issue infringement notices.

These notices can result in financial penalties, with fines up to:

• AUD 42,000 for individuals per breach
• AUD 210,000 for corporations per violation

In addition to infringement notices, AUSTRAC can pursue civil penalty orders through the courts, imposing even larger fines for non-compliance.

In serious cases of non-enrolment or non-registration, criminal penalties may also apply. For example, operating a remittance service without being registered with AUSTRAC is a criminal offence, which can lead to substantial fines and even imprisonment for the individuals involved.

Broader Consequences of AML/CTF Non-Compliance

Beyond the immediate penalties for failing to enrol or register, broader AML/CTF non-compliance can have severe repercussions for businesses. AUSTRAC has a range of enforcement tools to address non-compliance with the AML/CTF Act 2006 (Cth). These actions extend beyond just monetary fines.

Regulated entities that fail to meet their AML/CTF obligations may face:

• Enforceable undertakings: AUSTRAC can require a reporting entity to commit to a series of actions to rectify compliance failures.
• Remedial directions: AUSTRAC can issue legally binding directions requiring specific steps to improve AML/CTF compliance.
• Suspension or cancellation of registration: AUSTRAC can suspend or cancel the registration of remittance and digital currency exchange service providers, effectively halting their ability to operate.

Furthermore, AML/CTF non-compliance can lead to significant reputational damage. Allegations of money laundering or terrorism financing failings can erode public trust and confidence in a business. Maintaining public trust is paramount in sectors like financial services and gambling. Negative publicity from non-compliance can severely impact customer relationships and business sustainability.

Directors and senior officers can also face personal liability for AML/CTF non-compliance, in addition to regulatory and reputational consequences. Under the Banking Executive Accountability Regime (BEAR) and the Financial Accountability Regime (FAR), senior figures are held accountable for ensuring AML/CTF compliance within their organisations.

Directors may face civil penalty proceedings for breaches of their duties related to managing money laundering and terrorism financing risks. This personal accountability further underscores the critical importance of robust AML/CTF compliance frameworks within regulated entities.

Conclusion

Businesses that provide designated services in Australia are obligated to comply with anti-money laundering and counter-terrorism financing rules (AML/CTF rules). This article has underscored the critical importance of understanding these key obligations, especially concerning enrolment with the Australian Transaction Reports and Analysis Centre (AUSTRAC) for reporting entities. Compliance is not merely procedural; it is essential to mitigate the risk of money laundering and terrorism financing and avoid significant penalties for non-compliance.

Given the complexities of AML/CTF regulations, ensuring full compliance can be challenging. To confidently navigate these requirements and safeguard your organisation from potential penalties, contact AML House now. Our team offers unparalleled expertise to help your business understand its obligations and implement effective AML/CTF programs.

Frequently Asked Questions