Last Updated: 11/02/2009


Australian Transaction Reports and Analysis Centre (AUSTRAC).


No other institutions are involved in Anti-Money Laundering regulation or supervision.


Lawyers are covered by Section 15A of the Financial Transaction Reports Act 1988 (FTRA).

At this stage lawyers are only regulated as reporting entities under the Anti-Money Laundering and Counter-Terrorism Financing Act 2006 (the AML/CTF Act) to the extent that they provide services that are in direct competition with the financial sector.

The Federal Government has released a set of draft amendments to the AML/CTF Act which, if implemented, would extend the application of the AML/CTF Act to a range of services ordinarily provided by lawyers and other professionals. The Federal Government is currently consulting with various bodies, including the Law Council of Australia, in relation to these amendments.



The Australian AML/CTF regime is contained in the following:


The FTRA was enacted in 1988 to provide for reporting of certain transactions, verification of customers and the establishment of a Financial Intelligence Unit (AUSTRAC).The FTRA imposes obligations on 'cash dealers' to;

  • Report cash transactions of AUD 10,000 or more;
  • Report suspicious transactions;
  • Report international telegraphic transfers;
  • Report transactions that might be preparatory to, the commission of, or relevant to an investigation into a financing of, a terrorism offence; and 
  • Verify the identity of new account holders.

Lawyers are not 'cash dealers' for the purposes of the FTRA. However, lawyers must report significant cash transactions. Section 15A of the FTRA requires that:

  1. If a significant cash transaction is entered into by or on behalf of a solicitor, a solicitor corporation, or a partnership of solicitors, in the course of practising as a solicitor or solicitors, the solicitor, corporation or partnership must, before the end of the reporting period: (a) prepare a report of the transaction; and (b) communicate the information in the report to the AUSTRAC CEO;

  2. The report must: (a) be prepared in the approved form; (b) contain the reportable details of the transaction; and (c) be signed, or otherwise authenticated in an approved way, by the solicitor, a member of the corporation, or a member of the partnership, as the case may be;

  3. The communication must be made to the AUSTRAC CEO (a) by giving the AUSTRAC CEO a copy of the report; or (b) in any other manner and form approved in relation to the solicitor, the solicitor corporation or the partnership or in relation to solicitors generally.

Section 15A will no longer impose any obligations on a lawyer after 12 December 2008, where the lawyer is a reporting entity under the AML/CTF Act and the transaction is a designated service under that Act. In those circumstances the obligation to report will be replaced by section 43 of the AML/CTF Act.

The Australian Government has introduced a bill into Parliament to allow reporting entities who currently report to AUSTRAC under the FTRA to continue to report in the same way during their transition to the new reporting format. This applies to threshold transactions, international funds transfer instructions, or suspicious matter reports made after 12 December 2008, until such a time as such entities are compliant with the AML/CTF Act reporting requirements, but not later than 11 March 2010.1

Failure to report is a criminal offence and may attract fines of up to AUD 165,000 for corporations and fines of up to AUD 33,00 and/or 5 years imprisonment for individuals.

Lawyers are not required to report suspicious transactions under the FTRA.




The AML/CTF Act received Royal Assent in December 2006. It was subsequently amended by the Anti-Money Laundering and Counter-Terrorism Financing Amendment Act 2007 (references herein to the AML/CTF Act are to the Act as amended).

The AML/CTF Act makes a number of improvements to Australia's anti-money laundering and counter-terrorism financing regime, bringing it in line with international standards issued by the Financial Action Task Force on Money Laundering (FATF).

The AML/CTF Act constitutes the first tranche of AML/CTF reforms intended to cover services provided by the financial sector (or lawyers, accountants and others that provide services in direct competition with the financial sector), the gambling sector and by bullion dealers.

The Federal Government has said that it intends to introduce a second tranche of reforms that will extend AML/CTF obligations to others (including lawyers, accountants and real estate agents) when they provide specified non-financial services. This process has already commenced with the issue of a set of draft amendments to the AML/CTF Act and the commencement of a public consultation process.

The description of the AML/CTF Act and regime described below does not yet apply to lawyers unless they are providing services in direct competition with the financial sector. However, once the amendments are approved, the description below may apply to legal professionals acting in the traditional role of a legal professional.

The AML/CTF regime

In essence, the AML/CTF Act imposes obligations on entities (reporting entities) that provide certain financial services that are listed in the Act (designated services).

The AML/CTF Act is supplemented by Regulations which are mainly technical in nature and AML/CTF Rules (the Rules) which contain the practical, operational detail of how to comply with the obligations in the AML/CTF Act. The Rules have legislative force.

AUSTRAC has also issued a number of Guidance Notes and other material to assist reporting entities to comply with their obligations.

The risk-based approach

Generally, the AML/CTF Act and Rules adopt a risk based approach that allows reporting entities to assess and mitigate their money laundering and terrorism financing (ML/TF) risk and concentrate their resources on areas where their ML/TF risk is determined to be higher.

There is no provision in the AML/CTF Act specifically requiring reporting entities to conduct a ML/TF risk assessment on their business. However, AUSTRAC can, where it is satisfied that a reporting entity has not carried out an ML/TF risk assessment, or that its assessment is out of date or inadequate, compel it do so and report to AUSTRAC.

Additionally, as a practical matter, it will generally be necessary for a reporting entity to carry out an ML/TF risk assessment to enable it to develop and implement an AML/CTF program that is suitable for its business (and meets the requirements set out in the AML/CTF Act and the Rules).

There are some specific obligations under the AML/CTF Act that are prescriptive, eg, the obligation to collect and verify minimum customer identification information before providing a financial service to a customer, but other obligations, such as the requirement to obtain additional know your customer (KYC) information, reflect the risk-based approach 


The AML/CTF Act is being implemented in stages over two years as follows:

  • 13 December 2006 – obligations relating to:
  1. Electronic fund transfer instructions (EFTIs) and records about EFTIs;
  2. Maintaining records relating to transactions, customer provided transaction documents and transferred accounts;
  3. Registration of designated remittance arrangers; and
  4. Reports on cross border movements of currency and bearer negotiable instruments.
  • 12 June 2007 – obligations relating to:
  1. Correspondent banking and records relating to correspondent banking.
  • 12 December 2007 obligations relating to
  1. Customer identification and records of identification procedures;
  2. AML/CTF programs.
  • 31 March 2008 - obligations relating to:
  1. Compliance reporting.
  • 12 December 2008 - obligations relating to:
  1. Ongoing customer due diligence; and suspicious matter and threshold reporting; and
  2. Suspicious matter and threshold reporting.

AA 15-month prosecution free period applies in respect of each of the stages outlined above. The Policy (Civil Penalty Orders) Principles 2006 (the Policy Principles) provide that during the relevant 15 month period AUSTRAC will only take enforcement action against a reporting entity for a contravention of a provision where the AUSTRAC CEO is reasonably satisfied that the reporting entity has failed to take reasonable steps to comply with that provision.

The Policy Principles state that in making that decision the AUSTRAC CEO will take into account all relevant matters, including:

  • Whether the reporting entity has previously failed to take such steps;
  • Any steps that the reporting entity has taken to comply with its obligations under the AML/CTF Act; 
  • Whether the reporting entity complied with any obligations it may have had under the FTRA; 
  • Any discussions and agreements that the reporting entity has had with staff of AUSTRAC; and 
  • Any explanation given by the reporting entity to AUSTRAC.

Core obligations

Core obligations under the AML/CTF Act include enhanced customer due diligence, transaction monitoring, threshold and suspicious matter reporting, fund transfer requirements, record keeping, correspondent banking controls, the implementation of an anti-money laundering and counter-terrorism financing program and compliance reporting.

Customer due diligence

In general, reporting entities must not provide a designated service to a new customer without having first collected and verified identification information about that customer. This obligation does not apply to customers (existing customers) who were provided with a designated service by the reporting entity prior to 12 December 2007.

The customer identification and verification requirements (also referred to as KYC requirements) are set out in the Rules. The level of due diligence to be undertaken depends on a number of factors, including the type of customer.

For example, there are different requirements for individuals, corporations, trusts, partnerships, associations, co-operatives and government bodies.

Simplified verification procedures are available for domestic listed companies and some regulated trusts. For other types of companies and trusts, more detailed information (including information on directors, beneficial owners and trust beneficiaries) may be required.

In certain circumstances, e.g., where a suspicious matter arises, it may be necessary for a reporting entity to carry out a customer identification procedure on an existing customer or to re-verify a customer that has already been the subject of a customer identification procedure. 

Ongoing customer due diligence

Reporting entities are also required to monitor their provision of designated services (to ensure that they identify and mitigate their ML/TF risk on a continuous basis). This means that reporting entities need to implement KYC systems, transaction monitoring and enhanced customer due diligence as part of their AML/CTF programs.

Reporting requirements

The AML/CTF Act requires reporting entities to report suspicious matters, transactions above a certain threshold and international funds transfer instructions to AUSTRAC.

Suspicious matter reporting

The suspicious matter reporting requirements require reporting entities to make a report to AUSTRAC if they suspect on reasonable grounds that:

  1. A customer or potential customer (or customer's agent) is not who they claim to be;

  2. Information about the provision of a designated service may be:

    1. Relevant to an investigation into or the prosecution of a person for:

      • Tax evasion (or attempted tax evasion) of a Commonwealth, state or territory taxation law;
      • An offence against Commonwealth, state or territory law;

    2. Of assistance in the enforcement of proceeds of crime legislation;
    3. Relevant to an investigation into, or the prosecution of a person for, a Commonwealth, state or territory money laundering or terrorism financing offence; or
    4. Preparatory to the commission of a Commonwealth, state or territory money laundering or terrorism financing offence.

A suspicion and the grounds on which it is based must be reported to AUSTRAC within 3 business days of forming the suspicion (or 24 hours if the suspicion relates to terrorism financing).

Legal professional privilege overrides the requirement to make a report to AUSTRAC.

Tipping off is an offence. However, disclosure to a lawyer to obtain legal advice is permitted and disclosure by a lawyer, accountant or other person specified in the Rules is also permitted if the information relates to the affairs of a customer and is made for the purpose of dissuading the customer from tax evasion or a criminal offence. 

Threshold reporting

Reporting entities who commence to provide or provide a designated service that involves a threshold transaction must report the transaction to AUSTRAC within 10 business days of it occurring. A threshold transaction is a transaction that involves the transfer of physical currency where the total amount of the physical currency transferred is not less than AUD$10,000, or a transaction which involves the transfer of money in the form of e-currency where the total amount of the e-currency transferred is not less than AUD$10,000.

International funds transfer instructions

Consistent with a long-standing obligation under the FTRA, a reporting entity that sends or receives any International Funds Transfer Instructions (IFTIs) must report all such instructions, regardless of the amount, to AUSTRAC within 10 business days after the instruction was sent or received.

Reporting as a defence

If a person provides information to AUSTRAC in accordance with a suspicious matter, threshold or IFTI reporting obligation, that person is taken not to have been in possession of that particular information at any time (therefore providing the person with a defence to the substantive money laundering and terrorism financing offences in the Criminal Code (Cth)).

Electronic funds transfer instructions

Part 5 of the AML/CTF Act is intended to implement FATF SR VII (wire transfers). It does so by providing that electronic funds transfer instructions (EFTIs) must include certain information about the origin of the transferred money.

The obligation applies to ADIs, banks, building societies, credit unions or other persons specified in the Rules.

Register of providers of Designated Remittance Services

Reporting entities are expressly prohibited from providing a registrable designated remittance service unless they have provided AUSTRAC with their names and details. The information provided will be included in a register to be maintained by AUSTRAC. The broad definition of a 'designated remittance arrangement' means any entity, other than those excluded by the AML/CTF Act or the Rules, which accepts money or property from one party to transfer to another where the money or property is received in one jurisdiction and paid out in another.

The AML/CTF program

A reporting entity must put in place and maintain an AML/CTF program. Generally an AML/CTF program must be divided into two distinct parts – Parts A and B.

Part A: the general program

The primary purpose of Part A (the general part) is to identify, mitigate and manage the risk that a reporting entity may reasonably face that the provision of designated services at, or through, a permanent establishment in Australia might (inadvertently or otherwise) involve or facilitate:

  • Money laundering; or
  • Terrorism financing.

Part A must include risk awareness training and employee due diligence programs, procedures for board and senior management oversight, independent auditing and the appointment of a Money Laundering Compliance Officer.

Some general principles apply to the implementation of an AML/CTF program.

  • It can be implemented using a risk-based approach involving risk-based systems and controls. However, these risk-based systems and controls must have regard to the nature, size and complexity of the reporting entity's business and the type of ML/TF risk it might reasonably face. 

  • In identifying its ML/TF risk, a reporting entity must consider the risks posed by the following factors:

    • its customer types, including any politically exposed persons;
    • the types of designated services it provides;
    • the methods by which it delivers designated services;
    • the foreign jurisdictions with which it deals; and 
    • the provision of designated services by any permanent establishment of the reporting entity overseas. 

  • It must be designed to identify and recognise significant changes in ML/TF risk and assess the ML/TF risk posed by all new designated services and delivery methods and technologies (before they are adopted).

  • It must be applied to all areas of the reporting entity's business that are involved in the provision of a designated service, including any function carried out by a third party.

Part B: customer identification procedures

Part B of an AML/CTF program sets out a reporting entity's customer identification procedures. Some general principles apply.

  • The program must have appropriate risk-based systems and controls so that the reporting entity can be reasonably sure the customer is who it claims to be.

  • Whether any further KYC information is required or verified will depend on the ML/TF risk relevant to the provision of the designated service (and the KYC information itself will vary depending on the type of customer). 

  • The program must be able to respond (on a risk basis) to any discrepancies in information that arise so the reporting entity can be reasonably satisfied the customer is who it claims to be. 

  • Verification can be from reliable and independent documentation, electronic data or a combination of both.

Record keeping

Generally, reporting entities will be required to retain records (or copies of records) for seven years. The record keeping obligations apply to:

  • Transaction and customer-generated documents which are related to the provision of a designated service;
  • Records of customer identification procedures;
  • Records relating to AML/CTF programs; and 
  • Records relating to transferred ADI accounts, electronic funds transfer instructions and correspondent banking.

Compliance reporting

Reporting entities are required to file an annual Compliance Report with AUSTRAC.

The Rules

  • 'Designated business group' definition;
  • Correspondent banking;
  • Customer identification;
  • AML/CTF programs;
  • Gambling services;
  • AML/CTF compliance reports (reporting and lodgment periods);
  • Electronic funds transfer instructions (involving use of a credit card);
  • 'Approved third-party bill payment system' definition;
  • Monetary thresholds for certain designated services;
  • Ongoing customer due diligence;
  • International funds transfer instruction reportable details;
  • Suspicious matter reportable details;
  • Threshold transaction reportable details;
  • Record keeping obligations;
  • Movements of bearer negotiable instruments;
  • Movements of physical currency into or out of Australia;
  • Receipts of physical currency from outside Australia;
  • Register of Providers of Designated Remittance Services;
  • Issuing or selling a security or derivative;
  • Over-the-counter derivatives; and
  • Designated remittance arrangements.

There are a number of draft rules undergoing consultation.


The money laundering offences are contained in Part 10.2 of the Schedule to the Criminal Code Act.

The offences apply to all persons including lawyers.

Sections 400.3 to 400.8 of the Criminal Code make it an offence to deal with money or property that is either the proceeds of, or may become an instrument of, crime.

A person deals with money or other property if they:

  • Receive, possess, conceal or dispose of money or other property;
  • Import into or export from Australia money or property; or
  • Engage in banking transactions relating to money or other property.

And the money or other property is the proceeds of crime or could become an instrument of crime, in relation to a Commonwealth, State, Australian Capital Territory, Northern Territory or foreign indictable offence.

A foreign indictable offence is an offence against a law of a foreign country which, if it had occurred in Australia, would be a Commonwealth offence or a law of an Australian state or territory connected with the offence and may be dealt with on indictment.

Sections 400.3-400.8 of the Criminal Code set out a sliding scale of six money laundering offences structured according to the value of the money or property involved. Section 400.3 applies where the value of the money or property is worth $1 million or more. At the bottom end of the scale section 400.8 applies to offences where the money or property is of any value.

Each section is further structured according to the element of fault involved. The most serious offence is committed where the money or property is, and the person believes it to be, the proceeds of crime, or intends that it will be become an instrument of crime. The mid-level offence is committed in circumstances where the money or property is the proceeds of crime or there is a risk that it will become an instrument of crime and the person is reckless as to those facts. The lowest level offence is committed where the person is negligent as to the facts.

Penalties are on a sliding scale according to the value of the money or property and the seriousness of the fault element. The maximum penalty is 25 years imprisonment or a fine of AUD165,000 penalty points or both.

Section 400.9 of the Criminal Code creates the offence of receiving, possessing, concealing, or disposing or bringing into or taking out of Australia any money or other property that may reasonably be suspected of being the proceeds of an indictable offence.

The underlying predicate offences on which the money laundering offences are founded are all offences which are indictable offences. Section 400.13 of the Criminal Code provides that the prosecution does not have to prove what the underlying offence was, or who committed it, in order to obtain a money laundering conviction.

Persons that:

  • Aid, abet, counsel, procure the commission of a money laundering offence; or
  • Urge the commission of a money laundering offence; or
  • Conspire to commit a money laundering offence,

will be guilty of the principal money laundering offence. 



Anti-Money Laundering and Counter-Terrorism Financing Act 2006 - Tranche 2

In August 2007, the Federal Government released for consultation a document entitled "Proposed Amendments to the Anti-Money Laundering and Counter-Terrorism Financing Act 2006” inserting additional designated services tables in order to comply with FATF Recommendations 12 and 16.

Subsequently, there has been consultation between government and the primary bodies representing the various affected professions, including the Law Council of Australia.


Law Council of Australia


Under section 16A of the FTRA lawyers must report significant cash transactions.

It is anticipated that lawyers will be required to report threshold transactions and suspicious matters under Tranche 2 of the AML/CTF Act but subject to legal professional privilege.


Lawyers who provide services in direct competition with the financial sector, and are therefore reporting entities, face the full rigour of the enforcement provisions of the AML/CTF Act. The main class of remedy available to AUSTRAC under the Act is the civil penalty provisions, which provide for pecuniary penalties of up to $11 million for a body corporate and $2.2 million for individuals.

Many of the obligations in the Act are described as 'civil penalty provisions', including the obligations to:

  • Not provide a designated service to a customer before carrying out an applicable customer identification procedure;

  • Carry out ongoing customer due diligence;

  • Report suspicious matters, threshold transactions or IFTIs;

  • Not provide a designated service without having adopted an AML/CTF program (and to maintain that program);

  • Not enter into a correspondent banking relationship with a shell bank or to carry out due diligence on correspondent banking relationships; and

  • Keep records.

Where breach of such an obligation occurs, AUSTRAC can apply to the Federal Court for a 'civil penalty order' and, if the court is satisfied that a person has contravened a civil penalty provision, it may order the person to pay a pecuniary penalty to the Federal Government.

Where the person is a body corporate, the penalty must not exceed $11 million and in all other cases it must not exceed $2.2 million. In considering the amount of any pecuniary penalty, a court must take into account certain criteria, including:

  • The nature and extent of the contravention;
  • The nature and extent of any loss suffered as a result of the contravention;
  • The circumstances in which the contravention took place; andW
  • Whether the person has been found:
  • By a federal, state or foreign court to have engaged in similar conduct; or
  • By a court in proceedings under the FTRA to have engaged in similar conduct.

To establish a contravention of a civil penalty provision:

  • it is only necessary to establish on the balance of probabilities that a person contravened a civil penalty provision (i.e. the civil standard of proof will apply) ; and
  • It is not necessary to prove any fault element (eg knowledge or recklessness) on the part of the person (for example that a person intended to breach a civil penalty provision).

The Act extends liability for contraventions of civil penalty provisions to persons other than reporting entities. These ancillary contraventions (similar to those in the Criminal Code Act) mean that that any person (natural or legal) who:

  • Attempts to breach a civil penalty provision;
  • Aids, abets, counsels, procures such a breach;
  • Induces such a breach;
  • Is knowingly concerned in such a breach; or
  • Conspires to effect such a breach,

will itself be in breach of the Act and liable for a pecuniary penalty.


The FTRA does not require lawyers to identify and verify clients.

The AML/CTF Act does not currently require lawyers to identify and verify clients (unless they are regulated as reporting entities to the extent that they provide services that are in direct competition with the financial sector).

It is anticipated that the customer identification and verification obligations contained in the AML/CTF Act will apply to lawyers (at least to some extent) when they are regulated under Tranche 2 of the AML/CTF Act (see above under the heading FUTURE AML/CTF REQUIREMENTS FOR LAWYERS).


No information available


FATF evaluated Australia's compliance with the 40+9 recommendations in March 2005 (see the Third Mutual Evaluation Report dated 14 October 2005). As now, at that time Australia did not have mandatory customer due diligence, record keeping and other obligations required by the relevant FATF recommendations for lawyers.

Click here for the summary of the report

Click here for the full report.

Information provided by:

Peter Jones, Partner, Allens Arthur Robinson Sydney
Telephone +61 2 9230 4987