Privacy impact assessments
Draft privacy guidance relating to Chapter 4 of the AML/CTF Rules
The Privacy Impact Assessment of the amendments to Chapter 4 of the AML/CTF Rules recommended that AUSTRAC issue guidance to industry, which:
- discusses the amendments that allow reporting entities to collect information ‘about’ a customer rather than ‘from’ the customer
- explains the interaction with Australian Privacy Principle (APP) 3 (and other APPs generally)
- highlights the importance of complying with APP 3.6 when collecting information from sources other than the individual concerned.
AUSTRAC welcomes stakeholder comments on the draft guidance. It is noted that once the guidance is finalised it will be incorporated into the AUSTRAC Compliance Guide.
A public consultation period is open from 11 November to 9 December 2016.
How to make a submission
Submissions on the draft guidance should be sent to:
PO Box 5516
West Chatswood NSW 1515
By email: firstname.lastname@example.org
By fax: (03) 8636 0501
Please note that all submissions may be made public except those marked 'confidential'.
Privacy Impact Assessment - Amendments to Chapter 4 of the AML/CTF Rules
In November 2015, AUSTRAC released the draft Privacy Impact Assessment (PIA) – Amendments to Chapter 4 of the Anti-Money Laundering and Counter-Terrorism Financing Rules in order to seek stakeholder feedback both on the potential privacy impacts of the proposed amendments and the preliminary recommendations.
Currently, Chapter 4 requires reporting entities to collect and verify customer identification information ‘from’ their customers. The proposed amendments will allow reporting entities the discretion to collect identification information ‘about’ customers rather than directly from the customer.
Public consultation on the draft PIA closed on 9 December 2015. The submissions, from a number of stakeholder perspectives, provided valuable input into completing the PIA.
- PIA - Amendments to Chapter 4 of the AML/CTF Rules (Word, 275 KB)
- PIA - Amendments to Chapter 4 of the AML/CTF Rules (PDF, x183KB)
Privacy Impact Assessment - Customer due diligence (CDD)
A privacy impact assessment (PIA) has been undertaken in relation to the new CDD requirements. The PIA was conducted in accordance with PIA Guidelines issued by the Office of the Australian Information Commissioner. The new Australian Privacy Principles, which commenced on 12 March 2014, formed the basis for analysis in the PIA.
- PIA - Enhanced Customer Due Diligence (CDD) Requirements) (Word, 323KB)
- PIA - Enhanced Customer Due Diligence (CDD) Requirements (PDF, 311KB)
A number of recommendations in the PIA resulted in changes to the final form of the AML/CTF Rules.
- Enrolment and remitter registration
- Obligations and compliance
- Important information for industry
- AUSTRAC Online
- Consultation with industry
- Exemptions and modifications
- Start-up businesses and financial services
- AUSTRAC industry contribution