AUSTRAC urges businesses to update risk assessments, following FATF reports

The Australian anti-money laundering regulator has urged reporting entities to review their risk assessments and compliance controls in the context of two new reports from the Financial Action Task Force (FATF).

The Australian Transaction Reports and Analysis Centre (AUSTRAC) said the reports from the international standard setter have updated the money laundering and terrorism financing (ML/TF) risk landscape.

FATF’s reports set out the jurisdictions that pose a risk to the international financial system. The FATF ” call to action” for North Korea and Iran remains in effect. In addition, the ” grey list” of countries under increased monitoring has been expanded to include Haiti, Malta, the Philippines and South Sudan. The “call to action” covers the two countries on the prohibited “black list”: Iran and North Korea. For these jurisdictions, the FATF has urged all other countries to apply enhanced due diligence or counter-measures to protect the international financial system from the money laundering, terrorist financing and proliferation financing.

FATF has postponed the review process for countries in the “black list” because of the COVID-19 pandemic.

“While the statement may not necessarily reflect the most recent status of Iran and the Democratic People’s Republic of Korea’s AML/CFT regimes, FATF’s call for action on these high-risk jurisdictions remains in effect,” the agency said. The expansion of the “grey list” includes the four new countries that have strategic deficiencies in their AML/CTF regimes and are actively working with the FATF to address them.

“Reporting entities should be aware of countries that pose a higher risk of money laundering or terrorism financing and use this information to help guide ML/TF risk assessments, compliance programs and decisions about submitting suspicious matter reports to AUSTRAC,” AUSTRAC said.

In a recent interview, Sonja Marsic, senior executive lawyer with the Australian Government Solicitor, said failing to update risk assessments in the face of new information was a common failing for reporting entities.


“We all know the external environment can be dynamic. But I often see that businesses are not creating feedback loops to ensure that trends identified through transaction monitoring or internal intelligence are then considered when updating risk assessments,” Marsic said.

“I would expect to see processes set out in the Part A Program to ensure appropriate information flows so that business divisions aren’t operating in silos. And this is very much part of appropriate governance and oversight.”

Neil Jeans, consultant with Initialism in Melbourne, said managing ML/TF risk for any reporting entity is not a “set and forget” process.

“Most reporting entities operate in dynamic external environments. However, it should also be recognised that the internal environment can be equally dynamic and can result in significant change in the ML/TF risks faced,” Jeans said.

“In my experience, AML/CTF non-compliance is frequently predicated on an out-of-date understanding of the ML/TF risks faced.”  

AUSTRAC has stressed that, as part of an AML/CTF program and reporting obligations, businesses need to be aware of which countries, regions and groups may pose an elevated ML/TF risk.

“Customers from any of these places, and transactions to or from these places, require careful monitoring. You should have risk-based systems and controls in place for these customers and transactions,” AUSTRAC said.

This article first appeared on Thomson Reuters Regulatory Intelligence.

Nathan Lynch is an experienced writer, public speaker, manager and technology enthusiast in the field of financial regulation and risk management. At Thomson Reuters, Nathan leads a team of experts who provide breaking news, deep analysis and practical guidance to risk practitioners in the global financial services sector.
Nathan manages Thomson Reuters’ award-winning Regulatory Intelligence team across the Asia-Pacific region, tracking developments in financial services law, regulation, financial crime and risk management.
Nathan has been involved in building innovative, tech-based businesses in the financial services “regtech” sector — including Complinet Australia and the Thomson Reuters Risk business.

Leave a Reply

Subscribe to Business Insight

Discover best practice and keep up-to-date with insights on the latest industry trends.