AML/CTF in Australia: What Businesses Can Expect

What is an AML and CTF Audit

In Australia, businesses that are subject to the Anti-Money Laundering and Counter-Terrorism Financing (AML/CTF) Act 2006 are required to undergo regular audits to ensure compliance with the legislation. These audits are conducted by the Australian Transaction Reports and Analysis Centre (AUSTRAC), the regulatory body responsible for enforcing AML/CTF in Australia. In this blog post, we will discuss what businesses can expect during this audit in Australia.

What is an AML/CTF Audit?

It is a process of reviewing a business’s compliance with the AML/CTF legislation. The purpose of the audit is to point out any flaws in a business’s AML/CTF program and to provide recommendations for improvement. AUSTRAC conducts audits on businesses that are considered high-risk or that have been identified as non-compliant.

Preparing for an AML/CTF Audit

Businesses that are subject to these audits should ensure that they have a robust AML/CTF program in place. This program should include policies and procedures for identifying, managing, and mitigating money laundering and terrorism financing risks. Businesses should also ensure that they have appointed a compliance officer and that their staff has received appropriate training in this compliance.

During an AML/CTF Audit

During this audit, an AUSTRAC auditor will review a business’s AML/CTF program to ensure that it meets the requirements of the legislation. The auditor may also conduct interviews with staff to assess their understanding of AML/CTF requirements and to identify any weaknesses in the business’s AML/CTF program.

Areas of Focus During an AML/CTF Audit

During this audit, AUSTRAC will focus on several key areas to assess a business’s compliance with the legislation. These areas include:

Risk Assessment

AUSTRAC will examine your risk assessment to ensure it meets the requirements outlined in their Guideline for Preparing a Customer Identification Program. The purpose of this guideline is to help businesses create a robust risk assessment process that will inform their customer due diligence efforts. This includes understanding your customers’ products, services, and any associated risks with them.

Customer Due Diligence (CDD)

The AML/CTF Act requires businesses to collect information about their customers’ identities, including their names, address, and occupation. AUSTRAC will assess whether these data elements are sufficient for conducting CDD and whether additional information must be collected from your clients. In some cases,

Suspicious Matter Reporting (SMR):

The SMR system is one of the most important parts of the AML/CTF regime, as it allows banks and other financial institutions to report transactions that may be suspicious. In addition, AUSTRAC will consider whether businesses have provided adequate training for their staff members on how to complete the SMRs correctly.


Another key area of focus during an AML audit is record-keeping. For example, if you’re a financial institution that provides money remittance services, then AUSTRAC will want to ensure that you’re keeping records such as receipts and transaction details for each transaction performed.

Staff Training

Staff training is another important aspect of an effective AML/CTF program because it helps employees understand what is required under the law, including how they should identify, report, and manage suspicious activity. AUSTRAC will assess whether businesses have trained their employees on matters such as:

  • The main types of suspicious activity;
  • How to identify suspicious transactions; and
  • The importance of reporting suspected criminal activities to AUSTRAC

Outcomes of an AML/CTF Audit

After conducting this audit, AUSTRAC will provide a report outlining the results of the audit and any recommendations for improvement. Businesses may be required to implement these recommendations and demonstrate that they have addressed any weaknesses identified during the audit.


Conducting AML/CTF audits is a crucial component of achieving compliance with AML/CTF in Australia. Businesses that are subject to such audits must ensure that they have a well-established AML/CTF program in place and that their employees have received sufficient training to ensure compliance. During the audit process, AUSTRAC assesses various key areas to determine a business’s compliance with the legislation. By familiarizing themselves with the audit process, businesses can better equip themselves to prepare for and respond to an audit.