Go to top of page

Compliance Report 2018 Questions Preview

The following questions are provided to assist your business prepare for the 2018 compliance report.

These questions appear in the compliance report for 2018.  Not every business will be required to answer all questions.  If you give a 'no' answer, further questions about that topic may not be visible.

How and when - compliance report 2018

  • The report will be available through AUSTRAC Online from 2 January 2018.  Log into AUSTRAC Online, select 'Compliance Reports' and 'Open Compliance report 2018
  • You must complete and submit the compliance report between 2 January and 31 March 2019.
  • All questions refer to your business activities from 1 January 2018 to 31 December 2018, unless otherwise stated.

Key terms used in the questions

Explanation of bolded terms in the following questions is included in the column to the right.

Further information is available in AUSTRAC's compliance guide.


If you require any other assistance, please get in touch with the AUSTRAC Contact Centre:

Operating hours:  Monday to Friday - 8:30am to 5:00pm (AEST)
Telephone (within Australia): 1300 021 037
Email: contact@austrac.gov.au
Translation service: 131 450 and ask for 'AUSTRAC on 1300 021 037'
Teletypewriter (TTY) access (within Australia) National Relay Service
TTY/voice: 133 677 and ask for 1300 021 037
Speak and listen (SSR): 1300 555 727 and ask for 1300 021 037

 Preview of questions from Compliance Report 2018

Your business

Question Explanation of bolded term

Do you have less than 5 employees? (yes / no)

Employee:
includes full time, part time or casual staff paid under contract through wages or salary

What are your customer types(select all that apply)

  • Individual
  • Company
  • Trustee
  • Partnership
  • Association
  • Registered co-operative
  • Government body

Customer types:
different types of customer you have can trigger different customer due diligence obligations

How do you provide designated services (select all that apply)

  • ATM or IDM
  • Electronic gaming machines
  • Face to face
  • Mobile application
  • Remittance platform
  • Self-service gambling terminal
  • Telephone
  • Website
  • Other

IDM:
intelligence desposit machines

Mobile application: 
Mobile application is functional software, often called an “App” and is used on, e.g. a smartphone or tablet.

Self-service gambling terminal
Self-service gambling terminal does not mean an electronic gaming machine.

Do you outsource these functions? (yes / no)

  • Customer identification
  • Program development
  • Transaction monitoring
  • Transaction reporting

Outsourcing AML/CTF compliance functions:
You outsource when you enter into an agreement with a third party provider to conduct a function for you.

  • include outsourcing to any overseas business, whether it is related to your work or not.

Excludes using a domestic business that is related to your business.

Program development:

  • includes outsourcing the initial development of your program.
  • includes outsourcing changes or updates to your program.

If yes:

  • was the function outsourced to multiple providers?
  • Was the function undertaken in Australia?
  • Has this function been further outsourced to another provider?
  • What is the business name or ABN of the provider?

Multiple providers:

  • If you outsourced to a few providers, enter the name of the provider who performed the highest proportion of the function. 
  • If you outsourced to a large number of a type of provider (eg, Financial advisor, Mortgage originator etc) you can enter the type of provider instead of the business or legal name.

 Managing Your Program

Question Explanation of bolded term

When was your program most recently approved?  (select the relevant calendar year or not approved)

Approved program:

Approved means adoption of the initial program or approval of changes to your program by your board, senior management or equivalent.

Did you make changes to your program? (yes/no)  

If yes, what prompted these changes? (select at least 1)

  • Advice from external consultant or service provide
  • Advice from an industry body
  • AUSTRAC compliance assessment
  • AUSTRAC enforcement action
  • AUSTRAC feedback and guidance
  • Change of AML/CTF Compliance Officer
  • Changes to legislation
  • Changes to your ML/TF risk assessment
  • Independent review
  • Internal review of systems or procedures
  • Media reports
  • New designated service
  • New technology or delivery method
  • Newly identified risks
  • Regular scheduled review
  • Other 

ML/TF:
ML/TF means money laundering and terrorism financing.

Media reports:
For example, newspaper articles, news websites, social media etc.

Other:
If you enter more than one ‘other’ item, please separate them with a comma.

Have you reported internally on any of the following? (select all that apply)

  • AML/CTF risk awareness training statistics
  • AUSTRAC feedback and guidance
  • Independent review or remediation
  • Performance of outsourced functions
  • Newly identified risks
  • Staff non-compliance with AML/CTF program
  • Transaction monitoring information
  • Other
  • No reporting to board, senior management or equivalent

Reported internally:
Reported internally means informing your board, senior management or equivalent (eg, an email, a brief, attendance at a minuted meeting).

Other:
If you enter more than one ‘other’ item, please separate them with a comma.

Independent Review of Your Program

Question Explanation of bolded term
When did your last independent review commence?  (select calendar year or ‘not reviewed’)  

If independently reviewed, what prompted the review?  (select at least one)

  • Advice from external consultant
  • Advice from industry body
  • AUSTRAC compliance assessment
  • AUSTRAC enforcement action
  • AUSTRAC feedback and guidance
  • Changes to legislation
  • Media reports
  • New designated service
  • New technology or delivery method
  • Newly identified risks
  • Regular scheduled review
  • Other

Media reports:
For example, newspaper articles, news websites, social media etc. 

Other:
If you enter more than one ‘other’ item, please separate them with a comma.

Who conducted your last independent review? (select internal, external or combination)
  • If external, what type of external provider?
  • What is the business legal name of provider?
 
If not independently reviewed, why has your program not been independently reviewed? (select most relevant)
  • Did not know this was required
  • No changes in risk environment or business operations
  • Not required for my business
 

 Assessing Your ML/TF Risk

Question Explanation of bolded term

Have you done an ML/TF risk assessment of your business? (yes/no)

Have you done’ a risk assessment:
Have you done means either in 2018 or prior.

ML/TF:
ML/TF means money laundering and terrorism financing.

If yes, is this risk assessment documented? (yes/no)
 
Do you have a documented process for conducting a risk assessment? (yes/no)  
If a risk assessment was done, have you made changes to your ML/TF risk assessment? (yes/no) ML/TF:
ML/TF means money laundering and terrorism financing.
If yes, what prompted the change? (select all that apply)
  • Advice from external consultant or service provider
  • Advice from industry body
  • AUSTRAC compliance assessment
  • AUSTRAC enforcement action
  • AUSTRAC feedback and guidance
  • Change of AML/CTF Compliance officer
  • Changes to legislation
  • Independent review
  • Media reports
  • New designated service
  • New technology or delivery method
  • New risk assessment methodology
  • Newly identified risks
  • Regularly scheduled review
  • Other
Media reports:
For example, newspaper articles, news websites, social media etc.
 
Other:
If you enter more than one ‘other’ item, please separate them with a comma.
 
Did you introduce any new designated services, delivery methods or technologies(yes/no)
New delivery methods:
New delivery methods means new methods of designated service delivery.
 
New technologies:
New technologies means new or developing technologies used for the provision of a designated service.
If yes, have you assessed the ML/TF risk of your new designated services, delivery methods or technologies? (yes/no) ML/TF:
ML/TF means money laundering and terrorism financing.

 Managing Your Employee Risk

Questions Explanation of bolded term
Did you assess the ML/TF risk for each employee’s role? (yes/no)
ML/TF:
ML/TF means money laundering and terrorism financing.
If yes, did you conduct different employee checks for roles with more ML/TF risk? (yes/no) ML/TF:
ML/TF means money laundering and terrorism financing.
What employee checks did you conduct? (select all that apply)
  • Check industry licencing
  • Other qualification checks
  • Open source searches
  • Police checks
  • Reference checks
  • Sanctions and PEP checks
  • Social media review
  • None of the above
Conducting a check:
You have also conducted a check if you use a third party provider for employee due diligence.  Select the check they undertake on your behalf.
 
PEP:
A PEP is a politically exposed person.
 

Have you updated your AML/CTF training program for any of these reasons?  (select all that apply)

  • Advice from external consultant or service provider
  • Advice from industry body
  • AUSTRAC compliance assessment
  • AUSTRAC enforcement action
  • Changes to legislation
  • Changes to your ML/TF risk assessment
  • Independent review
  • Internal review of systems or procedures
  • Media reports
  • New designated services
  • New technology or delivery method
  • Newly identified risks
  • No change in the reporting period
  • Other

Updates to your AML/CTF training program:
Includes updates to the content of training, the way in which the training was delivered, who it was delivered to or how frequently it was delivered.   

ML/TF:
ML/TF means money laundering and terrorism financing.

Media reports:
For example newspaper articles, news websites, social media etc.

Other:
If you enter more than one ‘other’ item, please separate them with a comma.

 Your Customers

Questions Explanation of bolded term

What would prompt you to update your customer’s KYC information? (select all that apply)

  • Any new transaction
  • Changes in transaction profile
  • Expiry of identification document
  • Notification of change of details
  • Request of new product or service
  • Transaction monitoring alert
  • Other

KYC information:
KYC is know your customer.

Other:
If you enter more than one ‘other’ item, please separate them with a comma.

How many of your customers are high risk or above? (number required) High risk customer:
Your AML/CTF program should set out what you consider to be a high risk customer.

How did you identify politically exposed persons (PEPs)?  (select all that apply)

  • Media review
  • Open source searches
  • Commercial database
  • Sanctions list
  • We do not perform PEP checks
  • Other

Identify politically exposed person (PEP):
Where your business uses a broader PEP definition than that prescribed by the AML/CTF Act, you may choose to answer based on that definition.

PEP:
A PEP is a politically exposed person.

Other:
If you enter more than one ‘other’ item, please separate them with a comma.

How many of your customers are PEPs? (number required) PEPs:
A PEP is a politically exposed person.

Managing Your Customer Risk

Questions Explanation of bolded term

How did your staff report unusual or potentially suspicious activity? (select all that apply)

  • Email
  • Online form
  • Paper form
  • Submit SMR to AUSTRAC
  • Other

Your staff report:
Your staff may report unusual or potentially suspicious activity by escalating the matter to a specified person or area within your business or by submitting an SMR directly to AUSTRAC.

Online form:
Online form means either via internet or intranet.

SMR:
SMR means suspicious matter report.

Other:
If you enter more than one ‘other’ item, please separate them with a comma.

How often do you review your transaction monitoring program (TMP) rules? (select most relevant)

  • Monthly
  • Quarterly
  • Every 6 months
  • Every year
  • Every 2 years
  • No regular scheduled review
  • Rules have never been reviewed
  • No TMP in place
  • Other

TMP Rules:
TMP rules means any rules, logic or thresholds that are used to identify unusual or potentially suspicious behaviour. 

TMP:
TMP means transaction monitoring program.
 

What prompts you to review your TMP rules (select all that apply)

  • Advice from external consultant or service provider
  • Advice from Industry body
  • AUSTRAC compliance assessment
  • AUSTRAC enforcement action
  • AUSTRAC feedback and guidance
  • Change of AML/CTF Compliance Officer
  • Changes to legislation
  • Changes to ML/TF risk assessment
  • High ratio of false positives
  • Independent review
  • Media reports
  • New designated services
  • New technology or delivery method
  • Newly identified risks
  • Regular scheduled review
  • No TMP in place
  • Other

TMP Rules:
TMP rules means any rules, logic or thresholds that are used to identify unusual or potentially suspicious behaviour.  

ML/TF:
ML/TF means money laundering and terrorism financing.

High rate of false-positives:
High ratio of false-positives means a significant proportion of the matters identified through a particular rule or threshold are deemed not to be suspicious.

Media reports:
For example, newspaper articles, news websites social media etc.

TMP:
TMP means transaction monitoring program.

Other:
If you enter more than one ‘other’ item, please separate them with a comma.

Did you review the matters detected by your TMP in any order of priority?  (yes/no) TMP:
TMP means transaction monitoring program

If yes, what factors were given priority? (select all that apply)

  • Customer risk
  • Jurisdiction
  • ML/TF risk
  • Product risk
  • Transaction value
  • What rule or threshold was hit
  • Other

Jurisdiction risk:
Jurisdiction risk means the risk associated with doing business with a customer located in, or transacting with, a foreign country.

ML/TF:
ML/TF means money laundering and terrorism financing.

Other:
If you enter more than one ‘other’ item, please separate them with a comma.

How do you conduct enhanced customer due diligence (ECDD)?  (select at least one)

  • Extra information gathered
  • More analysis of KYC information
  • Verify or re-verify KYC information
  • Verify or re-verify beneficial owner information
  • More detailed analysis and transaction monitoring
  • Senior management approval
  • Consider whether to process transaction
  • No ECDD program in place
  • Other

Extra information gathered:
Extra information gathered from the customer or third party sources to clarify already collected KYC or beneficial owner information, or to identify the source of wealth and funds of a customer and beneficial owners.

KYC:
KYC is know your customer.

Senior management approval:
Senior management approval for continuing the business relationship and the provision of a designated service to the customer.

ECDD:
ECDD means enhanced due diligence.

Other:

If you enter more than one ‘other’ item, please separate them with a comma.

Your reporting and AUSTRAC feedback

Questions Explanation of bolded term

How do you ensure your reports were submitted on time?  (select all that apply)

  • Automated reporting system
  • Regular monitoring and checks
  • Scheduled reporting times
  • Specialised reporting function
  • System alerts or warnings
  • Other

Reports:
Reports mean threshold transaction reports (TTR), suspicious matter reports (SMR), international funds transfer instructions (IFTI) and compliance reports.

On time:
On time means within the timeframes specified in the AML/CTF Act and Rules.

Specialised reporting function:
Specialised reporting function means transaction reporting is undertaken by a specific team or person who is not the AML/CTF Compliance Officer.

Other:
If you enter more than one ‘other’ item, please separate them with a comma.

Did you review any AUSTRAC feedback or guidance (yes/no)  
If yes, what did you do in response to this?  (select all that apply)
  • Communicated or escalated feedback internally
  • Conducted training
  • Increased AML/CTF resourcing
  • Reviewed or changed AML/CTF program
  • Review or changed TMP rules
  • Back-captured transaction reports
  • No action required
  • Other
TMP
TMP means transaction monitoring program.
 
Other
If you enter more than one ‘other’ item, please separate them with a comma.

 

Last modified: 15/10/2018 15:30