View the PDF version of this policy:
- Policy objectives
- AUSTRAC's approach to monitoring
- Monitoring during concurrent application of the FTR Act and AML/CTF Act
- Monitoring powers and the methodology of employment
- Appendix One
This policy sets out AUSTRAC's approach to monitoring cash dealers (CDs) as defined in section 3 of the Financial Transaction Reports Act 1988 (FTR Act) and reporting entities (REs) as defined in section 5 of the Anti-Money Laundering and Counter-Terrorism Financing Act 2006 (AML/CTF Act). Cash dealers and reporting entities are collectively referred to hereafter as `regulated entities'.
AUSTRAC's regulated population ranges from large entities with highly sophisticated internal systems, to quite small entities with relatively simple office systems. Entities reading this policy statement should keep in mind that it has been kept general enough to span the entire spectrum of business sizes and types and should interpret the guidance it provides having regard to their own particular circumstances.
This document outlines AUSTRAC's policy for the use of its monitoring powers under both the FTR Act and the AML/CTF Act. It includes AUSTRAC's approach, the powers available for monitoring and how and when it intends to use them. AUSTRAC's expectations of regulated entities in complying with their obligations under the relevant legislation are listed. Expectations of AUSTRAC activity are also listed.
Primary responsibility for compliance with the requirements of the FTR Act and the AML/CTF Act rests with each reporting entity's own board (if they have one) and senior management. It is anticipated that most entities will seek to comply with their obligations. However, there will be some who do not comply with the law either through ignorance, failure of their systems, lack of effort or even, on occasion, a wilful or dishonest intention. As the regulator, AUSTRAC is responsible for promoting compliance with the legislative requirements. To this end, AUSTRAC has been given powers to monitor the level of compliance being achieved by entities. Through its monitoring activity AUSTRAC aims to foster an environment of continuous voluntary compliance. The agency also aims to identify the level and extent of any non-compliance for the purposes of formulating a rectification plan that is proportionate to and appropriate for the problem, and ensuring the integrity of the FTR Act and AML/CTF Act is upheld.
Monitoring activity will be conducted using a risk-based approach. Given the large number and wide diversity of regulated entities AUSTRAC is responsible for supervising, this will ensure the most effective and efficient use of limited resources. AUSTRAC will consider the risk that an entity will not meet its statutory obligations. This risk involves not only the likelihood of non-compliance but also the materiality of non-compliance; that is, the severity of the consequences of the non-compliance. Those entities assessed as being higher risk will be supervised with more intensity than those with lower risk.
In exercising monitoring powers AUSTRAC will uphold the equity principle and treat entities in similar circumstances in a similar way. This does not mean that all identified instances of non-compliance will be treated the same. Each case will have different facts and circumstances. AUSTRAC's response and any resulting referrals to enforcement will be based upon the circumstances of each case. For example, low severity instances of non-compliance may be noticed by AUSTRAC and brought to the attention of the regulated entity. Once this occurs, it is the communication between the regulator and the regulated entity that allows the situation to be rectified in the short term, avoiding further and possibly larger problems of non-compliance down the track. This approach is seen as educative, while fostering good relationships with regulated entities and encouraging greater levels of compliance.
Similarly, the same compliance breach by two different entities will be treated differently when the breach results from intentional behaviour in one case and unintentional behaviour in the other, especially when the level of severity is significant. Further, any breach that delivers an unfair competitive advantage will not be looked at favourably. In exercising monitoring powers, AUSTRAC will seek to balance the need to treat individual entities fairly and in a way that encourages their future compliance with the need to maintaining effective and resilient AML/CTF and FTR environments.
The AML/CTF Act will increasingly replace the FTR Act. The AML/CTF Act is being implemented in accordance with a staggered timetable and, as a result, various provisions of the FTR Act will remain in effect until such time as the AML/CTF Act has replaced them. During this period of transition, some regulated entities will have concurrent obligations to comply with provisions of both Acts. Those provisions in the FTR Act that are not explicitly replaced will remain in effect in future.
Monitoring provisions within the AML/CTF Act came into force on 13 December 2006. However AUSTRAC can only monitor those provisions of the Act that are also in force at a specific date, so effectively AUSTRAC's monitoring of compliance with the AML/CTF Act will take place according to the staggered implementation timetable. Any monitoring for compliance with the provisions of the FTR Act will still be conducted using the powers conferred under that Act. When non-compliance is detected and AUSTRAC decides to take enforcement action, it will be pursued under the relevant legislation and in line with any Policy Principles issued by the Minister for Justice and Customs. The policy set out in this paper is equally applicable to monitoring activity conducted under both Acts.
The powers available to AUSTRAC to monitor compliance with the FTR Act include the power to inspect records, systems and reports relating to the entity's obligations with that Act. Although a notice is issued to the entity requiring it to grant access to an authorised officer for such purposes, the FTR Act does not compel the entity to grant access. The AML/CTF Act broadens AUSTRAC's monitoring and information-gathering powers, and allows authorised officers to enter a reporting entity's premises under a monitoring warrant issued by a magistrate for the purposes of exercising monitoring powers.
In the normal course, AUSTRAC expects that entities receiving on-site visits will voluntarily provide access to their premises and records, so that the regulator will have no need to invoke its formal powers. Such visits would be pre-arranged through cooperative liaison between the regulator and the entity. Entities should be aware, however, that formal access powers do exist as a statutory backup should AUSTRAC ever encounter persistent and unreasonable resistance to its on-site visit requests.
A range of monitoring activities is available to AUSTRAC under both Acts to achieve compliance. These include education visits, signing of acknowledgement forms, remote monitoring of compliance and data quality, general compliance monitoring, focused compliance monitoring, negotiation of mutually agreed enforceable undertakings, monitoring warrants and escalation to enforcement. Powers under monitoring warrants include the power to search premises for compliance records, reports under the AML/CTF Act, and systems used for preparing records and reports, and in certain circumstances to secure something found on the premises for 24 hours. Under a monitoring warrant AUSTRAC can also require persons on premises to answer questions or produce documents relating to the operation of the Act, the Regulations, or the Rules.
Again, AUSTRAC expects to conduct the majority of its monitoring activity on the basis that entities will be open and cooperative, and to invoke its formal enquiry and enforcement powers only in unusual circumstances and on infrequent occasions.
AUSTRAC will exercise monitoring powers appropriate to the perceived level of risk of the entity. AUSTRAC's risk assessment system for this purpose will take a number of relevant factors into account, including an entity's business type, size and complexity, and its previous compliance history.
The type of monitoring conducted (for example field or remote), the frequency, and the focus of the monitoring will be determined by AUSTRAC, having regard to the potential impact of the identified risk on the integrity of the financial system, and the likelihood of that impact materialising in practice.
You can expect that AUSTRAC will:
- abide by our Guiding Principles which are efficiency, equity, integrity and transparency as set out in our Supervisory Framework Policy;
- adopt a 'no surprises' approach, including explaining in advance our proposed course of action, and giving entities adequate opportunity to remedy weaknesses prior to any decision by AUSTRAC to invoke its formal powers under the legislation;
- use monitoring powers fairly and reasonably, with a response proportionate to the situation;
- comply with the provisions of the FTR Act and the AML/CTF Act in the use of our monitoring powers, and in the event of any escalation to the enforcement policy; and
- review this policy regularly to ensure it remains current as the AML/CTF Act is implemented.
AUSTRAC expects that you will:
- understand and comply with your obligations under the relevant legislation;
- adopt an honest, open and cooperative approach in your dealings with AUSTRAC during the course of its monitoring activity; and
- take adequate and timely action to rectify non-compliance issues identified.
AUSTRAC's monitoring powers are set out in part 13 of the AML/CTF Act and may only be exercised by an authorised officer.1
In accordance with section 147 of the AML/CTF Act, an authorised officer may enter a reporting entity's business premises either with consent or under a monitoring warrant 2 at any reasonable time of the day and exercise the monitoring powers set out in section 148. These monitoring powers enable an authorised officer to:
- search the reporting entity's premises for any:
- compliance records;
- system used by a reporting entity at the premises for record keeping;
- reports under the Act that are retained at, or accessible from the premises;
- system used by a reporting entity in connection with preparing, sending or retaining reports under the AML/CTF Act;
- other thing on the premises that may be relevant to the obligations of a reporting entity under this Act, the Regulations or the AML/CTF Rules;
- examine any:
- activity conducted on the reporting entity's premises that may relate to information provided under this Act, the Regulations or the AML/CTF Rules;
- thing on the reporting entity's premises that may relate to information provided under this Act, the Regulations or the AML/CTF Rules;
- take photographs or make video or audio recordings or sketches on the reporting entity's premises of any such activity or thing;
- inspect any document on the reporting entity's premises that may relate to information provided under this Act, the Regulations or the AML/CTF Rules; and take extracts from, or make copies of, any such document;
- take onto the reporting entity's premises such equipment and materials as the authorised officer requires for the purpose of exercising powers in relation to the premises;
- secure a thing for no more than 24 hours;
- equipment at the premises to see whether the equipment or data storage device that is at the premises and can be used with the equipment or is associated with it, contains information that is relevant to assessing the correctness of information provided under this Act;
- facilities at the reporting entity's premises to put the information in documentary form and copy the documents so produced;
- facilities at the premises to transfer the information to a disk, tape or other storage device that is brought to the premises for the exercise of the power or is at the premises and the use of which for the purpose has been agreed in writing by the occupier of the premises;
- remove from the premises a disk, tape or other storage device to which the information has been transferred.
Section 150 of the AML/CTF Act also enables an authorised officer entering premises by consent or under a monitoring warrant to ask the occupier to answer any questions or produce any documents relating to the operation of the AML/CTF Act, Regulations or AML/CTF Rules. The penalty for non compliance with section 150 is imprisonment for 6 months or 30 penalty units or both.
As defined under Section 5 of the AML/CTF Act an authorised officer is "the AUSTRAC CEO; or a person for whom an appointment as an authorised officer is in force under section 145".
 Section 5 of the AML/CTF Act states that a monitoring warrant means a warrant issued under section 159.
 Subject to the criteria established under subsection 148(2) of the AML/CTF Act.
 In exercise of the power under section 148(4)(b).