Contents
1 Name of Instrument [see Note 1] 1
2 Rules 1
CHAPTER 1 2
Part 1.1 Introduction 2
Part 1.2 Key terms and concepts 2
CHAPTER 2 17
Part 2.1 Definition of ‘designated business group’ 17
CHAPTER 3 Correspondent Banking 27
Part 3.1 Entry into a correspondent banking relationship 27
CHAPTER 4 30
Part 4.1 Introduction 30
Part 4.2 Applicable customer identification procedure with respect to individuals 32
Part 4.3 Applicable customer identification procedure with respect to companies 35
Part 4.4 Applicable customer identification procedure with respect to trustees 40
Part 4.5 Applicable customer identification procedure with respect to partners 47
Part 4.6 Applicable customer identification procedure with respect to associations 49
Part 4.7 Applicable customer identification procedure with respect to registered co‑operatives 52
Part 4.8 Applicable customer identification procedure with respect to government bodies 54
Part 4.9 Verification from documentation 55
Part 4.10 Verification from reliable and independent electronic data 57
Part 4.11 Agents of customers 58
Part 4.12 Collection and Verification of Beneficial Owner information 60
Part 4.13 Collection and Verification of Politically Exposed Person information 63
Part 4.14 Exemptions relating to the identification of beneficial owners and politically exposed persons 65
Part 4.15 Procedure to follow where a customer cannot provide satisfactory evidence of identity 67
CHAPTER 5 70
Part 5.1 Special anti‑money laundering and counter‑terrorism financing (AML/CTF) program 70
Part 5.2 Applicable customer identification procedures in relation to special AML/CTF program 70
CHAPTER 6 Verification of identity 71
Part 6.1 Re-verification of KYC information 71
Part 6.2 Verification of identity of pre-commencement customers 71
Part 6.3 Verification of identity of low-risk service customers 72
CHAPTER 7 Reliance on third parties 73
Part 7.1 Reliance 73
Part 7.2 Ongoing reliance under an agreement or arrangement 73
Part 7.3 Case-by-case reliance 75
CHAPTER 8 78
Part 8.1 Part A of a standard anti‑money laundering and counter‑terrorism financing (AML/CTF) program 78
Part 8.2 AML/CTF risk awareness training program 80
Part 8.3 Employee due diligence program 80
Part 8.4 Oversight by boards and senior management 81
Part 8.5 AML/CTF Compliance Officer 81
Part 8.6 Independent review 81
Part 8.7 Incorporation of feedback and guidance on ML/TF risks from AUSTRAC 82
Part 8.8 Permanent establishments in a foreign country 82
Part 8.9 Reporting obligations 83
CHAPTER 9 84
Part 9.1 Part A of a joint anti‑money laundering and counter‑terrorism financing (AML/CTF) program 84
Part 9.2 AML/CTF risk awareness training program 86
Part 9.3 Employee due diligence program 86
Part 9.4 Oversight by boards and senior management 87
Part 9.5 AML/CTF Compliance Officer 87
Part 9.6 Independent review 87
Part 9.7 Incorporation of feedback and guidance on ML/TF risks from AUSTRAC 88
Part 9.8 Permanent establishments in a foreign country 88
Part 9.9 Reporting obligations 89
CHAPTER 10 90
Part 10.1 Casinos 90
Part 10.2 On‑course bookmakers and totalisator agency boards 91
Part 10.3 Gaming machines 93
Part 10.4 Accounts for online gambling services 93
CHAPTER 11 Compliance Report – reporting and lodgment periods 95
CHAPTER 12 Electronic funds transfer instructions 96
CHAPTER 13 Approved third‑party bill payment system 97
CHAPTER 14 Thresholds for certain designated services 98
CHAPTER 15 Ongoing customer due diligence 101
CHAPTER 16 Reportable details for international funds transfer instructions (items 1 and 2 in section 46) 105
CHAPTER 17 Reportable details for international funds transfer instructions under a designated remittance arrangement (items 3 and 4 in section 46) 111
CHAPTER 18 Reportable details for suspicious matters 122
CHAPTER 19 Reportable details for threshold transactions 132
CHAPTER 20 Record‑keeping obligations under section 114 143
CHAPTER 21 Issuing or selling a security or derivative 144
CHAPTER 22 Exemption of certain types of transactions relating to the over-the-counter derivatives market 148
CHAPTER 23 Anti-Money Laundering and Counter-Terrorism Financing Rules – persons specified as ‘non-financiers’ 153
CHAPTER 24 Anti-Money Laundering and Counter-Terrorism Financing Rules for reports about cross-border movements of monetary instrument 154
CHAPTER 27 Anti-Money Laundering and Counter-Terrorism Financing Rules for registrable details relating to the Register of Providers of Designated Remittance Services and the Remittance Sector Register 159
CHAPTER 28 Applicable customer identification procedures in certain circumstances – assignment, conveyance, sale or transfer of businesses 173
CHAPTER 29 Record-keeping obligations under section 107 176
CHAPTER 30 Disclosure certificates 178
CHAPTER 31 Exemption of certain types of transactions relating to currency exchange transactions 183
CHAPTER 32 Exemption of certain types of transactions relating to safe deposit boxes or similar facilities 185
CHAPTER 33 Applicable customer identification procedure for purchases and sales of bullion valued at less than $5,000 187
CHAPTER 34 Affixing of notices about cross-border movement reporting obligations 188
CHAPTER 35 Exemption from applicable customer identification procedures for correspondent banking relationships 190
CHAPTER 36 Exemption of certain designated services within a corporate structure 191
CHAPTER 37 Exemption from threshold transaction reporting for certain designated services 193
CHAPTER 38 Exemption from applicable customer identification procedures for the sale of shares for charitable purposes 194
CHAPTER 39 Exemption from applicable customer identification procedures - premium funding loans for a general insurance policy 196
CHAPTER 40 Definition of ‘exempt legal practitioner service’ 198
CHAPTER 41 Exemption from applicable customer identification procedures – cashing out of low value superannuation funds and for the Departing Australia Superannuation Payment 199
CHAPTER 42 Commodity warehousing of grain 201
CHAPTER 43 Friendly Society closed funds 203
CHAPTER 45 Debt Collection 204
CHAPTER 46 Special circumstances for the applicable customer identification procedure 206
CHAPTER 47 Risk-only life policy interests in a superannuation fund 208
CHAPTER 48 Exemption of salary packaging administration services from the AML/CTF Act 210
CHAPTER 49 International Uniform Give-Up Agreements 212
CHAPTER 50 Exemption from applicable customer identification procedure in certain circumstances 214
CHAPTER 51 AML/CTF Rules relating to certain definitions under the AML/CTF Act - Ordering and Beneficiary Institutions, Financial Institutions and Non-Financiers 218
CHAPTER 52 Persons who are licensed to operate no more than 15 gaming machines 220
CHAPTER 54 Reporting obligations of registered remittance affiliates 222
CHAPTER 55 Remittance Sector Register 223
CHAPTER 56 Information to be included in an application for registration as a remittance network provider, a remittance affiliate of the registered remittance network provider or an independent remittance dealer 224
CHAPTER 57 Matters to be considered by the AUSTRAC CEO in considering applications for registration 248
CHAPTER 58 Matters to be considered by the AUSTRAC CEO when deciding to cancel a registration 250
CHAPTER 59 Matters to be considered by the AUSTRAC CEO when deciding to suspend a registration 255
CHAPTER 60 Change in registration details regarding the person 261
CHAPTER 61 Reporting obligations of remittance affiliates 271
CHAPTER 62 Reporting Entities Roll 272
CHAPTER 63 Information to be provided or in relation to an application for enrolment as a reporting entity 274
CHAPTER 64 Changes in enrolment details in respect to a reporting entity 286
CHAPTER 65 Removal of entries from the Reporting Entities Roll 288
CHAPTER 66 Applicable customer identification procedures in certain circumstances – compulsory partial or total transfer of business made under the Financial Sector (Business Transfer and Group Restructure) Act 1999 292
CHAPTER 67 Warrants 295
CHAPTER 68 Anti-Money Laundering and Counter-Terrorism Financing Rules relating to records of identification procedures 297
CHAPTER 69 Casino licence holders – exemption from applying for registration on the Remittance Sector Register 298
CHAPTER 70 Renewal of registration 299
CHAPTER 71 Credit card reform - specifying persons under Items 1, 2 and 3 of Table 1 in subsection 6(2) of the AML/CTF Act 310
CHAPTER 72 Account-based money transfer systems 312
CHAPTER 73 Exemption for Registered Plan Management Providers 326
CHAPTER 74 Exemption for licensed trustee companies 327
CHAPTER 75 Law Enforcement Operations 329
CHAPTER 76 Digital Currency Exchange Register 332
CHAPTER 77 Exemption from the applicable customer identification procedure for the purposes of Schedule 13 to the Coronavirus Economic Response Package Omnibus Act 2020 339
CHAPTER 78 Wise Australia Pty Ltd 340
CHAPTER 79 Applicable customer identification procedure – special circumstances – account opening and deposit 341
CHAPTER 80 AML/CTF Rules relating to certain definitions under the AML/CTF Act – stored value card 343
CHAPTER 81 Financial institutions – Exemption from applying for registration on the Digital Currency Exchange Register 344
Notes to the Anti-Money Laundering and Counter-Terrorism Financing Rules Instrument 2007 (No. 1) 345
1 Name of Instrument [see Note 1]
This Instrument is the Anti‑Money Laundering and Counter‑Terrorism Financing Rules Instrument 2007 (No. 1).
2 Rules
The Anti‑Money Laundering and Counter‑Terrorism Financing Rules are set out in this Instrument.
CHAPTER 1
Part 1.1 Introduction
1.1.1 These Anti-Money Laundering and Counter-Terrorism Financing Rules (AML/CTF Rules) are made pursuant to section 229 of the Anti-Money Laundering and Counter-Terrorism Financing Act 2006 (AML/CTF Act). Section 229 of the AML/CTF Act empowers the AUSTRAC CEO to make rules prescribing matters required or permitted by the AML/CTF Act to be prescribed by AML/CTF Rules. This Chapter commences on 1 June 2014.
Part 1.2 Key terms and concepts
1.2.1 In these Rules:
accredited translator means:
(1) a person currently accredited by the National Accreditation Authority for Translators and Interpreters Ltd. (NAATI) at the level of Professional Translator, or above, to translate from a language other than English into English; or
(2) a person who currently holds an accreditation that is consistent with the standard specified in (1).
the AML/CTF Act means the Anti‑Money Laundering and Counter‑Terrorism Financing Act 2006.
AML/CTF program means an anti‑money laundering and counter‑terrorism financing program as defined in section 83 of the AML/CTF Act.
Australian Government Entity means:
(1) the Commonwealth, a State or a Territory; or
(2) an agency or authority of:
(a) the Commonwealth; or
(b) a State; or
(c) a local governing body established by or under a law of the Commonwealth, a State or Territory, other than a body whose sole or principal function is to provide a particular service, such as the supply of electricity or water;
beneficial owner:
(1) of a person who is a reporting entity, means an individual who owns or controls (directly or indirectly) the reporting entity;
(2) of a person who is a customer of a reporting entity, means an individual who ultimately owns or controls (directly or indirectly) the customer;
(3) In this definition: control includes control as a result of, or by means of, trusts, agreements, arrangements, understandings and practices, whether or not having legal or equitable force and whether or not based on legal or equitable rights, and includes exercising control through the capacity to determine decisions about financial and operating policies; and
(4) In this definition: owns means ownership (either directly or indirectly) of 25% or more of a person.
Note: The definition ‘control test’ does not apply to this definition.
certified copy means a document that has been certified as a true copy of an original document by one of the following persons:
(1) a person who, under a law in force in a State or Territory, is currently licensed or registered to practise in an occupation listed in Part 1 of Schedule 2 of the Statutory Declarations Regulations 2018;
(2) a person who is enrolled on the roll of the Supreme Court of a State or Territory, or the High Court of Australia, as a legal practitioner (however described);
(3) a person listed in Part 2 of Schedule 2 of the Statutory Declarations Regulations 2018. For the purposes of these Rules, where Part 2 uses the term ‘5 or more years of continuous service’, this should be read as ‘2 or more years of continuous service’;
(4) an officer with, or authorised representative of, a holder of an Australian financial services licence, having 2 or more years of continuous service with one or more licensees;
(5) an officer with, or a credit representative of, a holder of an Australian credit licence, having 2 or more years of continuous service with one or more licensees;
(6) a person in a foreign country who is authorised by law in that jurisdiction to administer oaths or affirmations or to authenticate documents.
Note: The Statutory Declarations Regulations 2018 are accessible through the Commonwealth of Australia law website, www.legislation.gov.au
certified extract means an extract that has been certified as a true copy of some of the information contained in a complete original document, by one of the persons described in paragraphs (1)-(6) of the definition of ‘certified copy’ in paragraph 1.2.1 of these Rules.
correspondent banking risk means the money laundering or terrorism financing risk a financial institution may reasonably face in respect of a correspondent banking relationship.
domestic company means a company that is registered under the Corporations Act 2001 (other than a registered foreign company).
domestic listed public company means a domestic company that is a listed public company.
domestic stock exchange means a financial market prescribed by regulations made for the purposes of the definition of ‘prescribed financial market’ in the Corporations Act 2001.
domestic unlisted public company means a domestic company that is not a listed public company.
foreign company means a body corporate of the kind described in paragraph (a) of the definition of ‘foreign company’ in the Corporations Act 2001.
foreign listed public company means a foreign company that is a listed public company.
KYC information means ‘know your customer information’ and may include information in relation to matters such as:
(1) In relation to a customer who is an individual:
(a) the customer’s name;
(b) the customer’s residential address;
(c) the customer’s date of birth;
(d) any other name that the customer is known by;
(e) the customer’s country(ies) of citizenship;
(f) the customer’s country(ies) of residence;
(g) the customer’s occupation or business activities;
(h) the nature of the customer’s business with the reporting entity – including:
(i) the purpose of specific transactions; or
(ii) the expected nature and level of transaction behaviour;
(i) the income or assets available to the customer;
(j) the customer’s source of funds including the origin of funds;
(k) the customer’s financial position;
(l) the beneficial ownership of the funds used by the customer with respect to the designated services; and
(m) the beneficiaries of the transactions being facilitated by the reporting entity on behalf of the customer including the destination of funds.
(2) In relation to a customer who is a company:
(a) the full name of the company as registered by ASIC;
(b) the full address of the company’s registered office;
(c) the full address of the company’s principal place of business (if any);
(d) the ACN issued to the company;
(e) whether the company is registered by ASIC as a proprietary company or a public company;
(f) the name of each director of the company;
(g) the full business name (if any) of the company as registered under any State or Territory business names legislation;
(h) the date upon which the company was registered by ASIC;
(i) the name of any company secretary;
(j) the nature of the business activities conducted by the company;
(k) (without limiting the possible application of other items in this definition to a registered foreign company) if the company is a registered foreign company:
(i) the full address of the company’s registered office in Australia;
(ii) the full address of the company’s principal place of business in Australia (if any) or the full name and address of the company’s local agent in Australia;
(iii) the ARBN issued to the company;
(iv) the country in which the company was formed, incorporated or registered;
(v) whether the company is registered by the relevant foreign registration body and if so whether it is registered as a proprietary or private company;
(vi) the name of the relevant foreign registration body;
(vii) any identification number issued to the company by the relevant foreign registration body upon the company’s formation, incorporation or registration;
(viii) the date upon which the company was formed, incorporated or registered in its country of formation, incorporation or registration;
(ix) the full address of the company in its country of formation, incorporation or registration as registered by the relevant foreign registration body;
(l) (without limiting the possible application of other items in this definition to an unregistered foreign company) if the company is an unregistered foreign company:
(i) the full name of the company;
(ii) the country in which the company was formed, incorporated or registered;
(iii) whether the company is registered by the relevant foreign registration body and if so:
(A) any identification number issued to the company by the relevant foreign registration body upon the company’s formation, incorporation or registration;
(B) the full address of the company in its country of formation, incorporation or registration as registered by the relevant foreign registration body; and
(C) whether it is registered as a proprietary or private company;
(iv) the full address of the company’s principal place of business in that country;
(v) the name of the relevant foreign registration body;
(vi) the date upon which the company was formed, incorporated or registered in its country of formation, incorporation or registration;
(vii) the full address of the company’s principal place of business in that country; and
(m) the name and address of any beneficial owner of the company.
(3) In relation to a customer who is a trustee of a trust:
(a) the full name of the trust;
(b) the full business name (if any) of the trustee in respect of the trust;
(c) the type of the trust;
(d) the country in which the trust was established;
(e) if any of the trustees is an individual – in respect of any of those individuals, the information required to be collected from an individual under the reporting entity’s customer identification program in respect of individuals;
(f) if any of the trustees is a company – in respect of any those companies, the information required to be collected from a company under the reporting entity’s customer identification program in respect of companies;
(g) the full name and address of any trustee in respect of the trust;
(h) the full name of any beneficiary in respect of the trust;
(i) if the terms of the trust identify the beneficiaries by reference to membership of a class – details of the class;
(j) the State or Territory in which the trust was established;
(k) the date upon which the trust was established;
(l) a certified copy or certified extract of the trust deed; and
(m) the full name of the trust manager (if any) or settlor (if any) in respect of the trust.
(4) In relation to a customer who is a partner of a partnership:
(a) the full name of the partnership;
(b) the full business name (if any) of the partnership as registered under any State or Territory business names legislation;
(c) the country in which the partnership was established;
(d) in respect of any partner ‑ the information required to be collected from an individual under the reporting entity’s customer identification program in respect of individuals;
(e) the full name and residential address of any partner;
(f) the respective share of each partner in the partnership;
(g) the business of the partnership;
(h) the State or Territory in which the partnership was established;
(i) the date upon which the partnership was established; and
(j) a certified copy or certified extract of the partnership agreement.
(5) In relation to a customer who is an incorporated association:
(a) the full name of the association;
(b) the full address of the association’s principal place of administration or registered office (if any) or the residential address of the association’s public officer or (if there is no such person) the association’s president, secretary or treasurer;
(c) any unique identifying number issued to the association upon its incorporation by the relevant registration body;
(d) the full name of the chairman, secretary and treasurer or equivalent officer in each case of the association;
(e) the State, Territory or country in which the association was incorporated;
(f) the date upon which the association was incorporated;
(g) the objects of the association;
(h) a certified copy or certified extract of the rules of the association;
(i) in respect of any member – the information required to be collected from an individual under the reporting entity’s customer identification program in respect of individuals; and
(j) the full business name, if any, of the association.
(6) In relation to a customer who is an unincorporated association:
(a) the full name of the association;
(b) the full address of the association’s principal place of administration (if any);
(c) the full name of the chairman, secretary and treasurer or equivalent officer in each case of the association;
(d) in respect of any member – the information required to be collected from an individual under the reporting entity’s customer identification program in respect of individuals;
(e) the objects of the association;
(f) a certified copy or certified extract of the rules of the association; and
(g) the full business name, if any, of the association.
(7) In relation to a customer who is a registered co‑operative:
(a) the full name of the co‑operative;
(b) the full address of the co‑operative’s registered office or principal place of operations (if any) or the residential address of the co‑operative’s secretary or (if there is no such person) the co‑operative’s president or treasurer;
(c) any unique identifying number issued to the co‑operative upon its registration by the relevant registration body;
(d) the full name of the chairman, secretary and treasurer or equivalent officer in each case of the co‑operative;
(e) in respect of any member – the information required to be collected from an individual under the reporting entity’s customer identification program in respect of individuals;
(f) the full business name, if any, of the co‑operative;
(g) the State, Territory or country in which the co‑operative is registered;
(h) the date upon which the co‑operative was registered;
(i) the objects of the co‑operative; and
(j) a certified copy or certified extract of the rules of the co‑operative.
(8) In relation to a customer who is a government body:
(a) the full name of the government body;
(b) the full address of the government body’s principal place of operations;
(c) whether the government body is an entity or emanation, or established under legislation, of a State, Territory, the Commonwealth or a foreign country and the name of that State, Territory or country;
(d) information about the ownership or control of a government body that is an entity or emanation or established under legislation of a foreign country; and
(e) the name of any legislation under which the government body was established.
listed public company means:
(1) in the case of a domestic company – a public company that is included in an official list of a domestic stock exchange;
(2) in the case of a registered foreign company –
(a) a public company that is included in an official list of a domestic stock exchange; or
(b) a public company whose shares, in whole or in part, are listed for quotation in the official list of any stock or equivalent exchange;
(3) in the case of an unregistered foreign company – a public company whose shares, in whole or in part, are listed for quotation in the official list of any stock or equivalent exchange.
ML/TF risk means the risk that a reporting entity may reasonably face that the provision by the reporting entity of designated services might (whether inadvertently or otherwise) involve or facilitate money laundering or the financing of terrorism.
Part A means Part A of a reporting entity’s AML/CTF program.
Part B means Part B of a reporting entity’s AML/CTF program.
on‑course bookmaker means a person who carries on a business of a bookmaker or a turf commission agent at a racecourse.
online gambling service means a designated service of a kind described in table 3 of section 6 of the AML/CTF Act that is provided to a customer using any of the means referred to in paragraph 5(1)(b) of the Interactive Gambling Act 2001 and includes an excluded wagering service as defined in section 8A of the Interactive Gambling Act 2001 but does not include a “telephone betting service” as defined in section 4 of the Interactive Gambling Act 2001.
politically exposed person means an individual:
(1) who holds a prominent public position or function in a government body or an international organisation, including:
(a) Head of State or head of a country or government; or
(b) government minister or equivalent senior politician; or
(c) senior government official; or
(d) Judge of the High Court of Australia, the Federal Court of Australia or a Supreme Court of a State or Territory, or a Judge of a court of equivalent seniority in a foreign country or international organisation; or
(e) governor of a central bank or any other position that has comparable influence to the Governor of the Reserve Bank of Australia; or
(f) senior foreign representative, ambassador, or high commissioner; or
(g) high-ranking member of the armed forces; or
(h) board chair, chief executive, or chief financial officer of, or any other position that has comparable influence in, any State enterprise or international organisation; and
(2) who is an immediate family member of a person referred to in paragraph (1), including:
(a) a spouse; or
(b) a de facto partner; or
(c) a child and a child's spouse or de facto partner; or
(d) a parent; and
(3) who is a close associate of a person referred to in paragraph (1), which means any individual who is known (having regard to information that is public or readily available) to have:
(a) joint beneficial ownership of a legal entity or legal arrangement with a person referred to in paragraph (1); or
(b) sole beneficial ownership of a legal entity or legal arrangement that is known to exist for the benefit of a person described in paragraph (1).
(4) In these Rules:
(a) domestic politically exposed person means a politically exposed person of an Australian government body;
(b) foreign politically exposed person means a politically exposed person of a government body of a foreign country;
(c) international organisation politically exposed person means a politically exposed person of an international organisation.
(5) In this definition international organisation means an organisation:
(a) established by formal political agreement by two or more countries and that agreement has the status of an international treaty; and
(b) recognised in the law of the countries which are members of the organisation.
Note: The term de facto partner is defined in the Acts Interpretation Act 1901 and the terms ‘foreign country’ and ‘government body’ are defined in the AML/CTF Act.
primary non‑photographic identification document includes:
(1) a birth certificate or birth extract issued by a State or Territory;
(2) a citizenship certificate issued by the Commonwealth;
(3) a citizenship certificate issued by a foreign government that, if it is written in a language that is not understood by the person carrying out the verification, is accompanied by an English translation prepared by an accredited translator;
(4) a birth certificate issued by a foreign government, the United Nations or an agency of the United Nations that, if it is written in a language that is not understood by the person carrying out the verification, is accompanied by an English translation prepared by an accredited translator;
(5) a concession card, as defined from time to time in the Social Security Act 1991, or an equivalent term which expresses the same concept in relation to concession holders.
primary photographic identification document includes:
(1) a licence or permit issued under a law of a State or Territory or equivalent authority of a foreign country for the purpose of driving a vehicle that contains a photograph of the person in whose name the document is issued;
(2) a passport issued by the Commonwealth;
(3) a passport or a similar document issued for the purpose of international travel, that:
(a) contains a photograph and either:
(i) the signature of the person in whose name the document is issued; or
(ii) any unique identifier of the person in whose name the document is issued;
(b) is issued by a foreign government, the United Nations or an agency of the United Nations; and
(c) if it is written in a language that is not understood by the person carrying out the verification ‑ is accompanied by an English translation prepared by an accredited translator;
(4) a card issued under a law of a State or Territory for the purpose of proving the person’s age which contains a photograph of the person in whose name the document is issued;
(5) a national identity card issued for the purpose of identification, that:
(a) contains a photograph and either:
(i) the signature of the person in whose name the document is issued; or
(ii) any unique identifier of the person in whose name the document is issued;
(b) is issued by a foreign government, the United Nations or an agency of the United Nations; and
(c) if it is written in a language that is not understood by the person carrying out the verification ‑ is accompanied by an English translation prepared by an accredited translator.
public company means a company other than a proprietary company.
racecourse means a place where a race meeting is held by a racing club, and includes adjacent land or premises to which persons attending the meeting have access in connection with the meeting.
reasonable measures means appropriate measures which are commensurate with the money laundering or terrorist financing risks.
registered co‑operative means a body registered under legislation as a co‑operative.
registered foreign company means a foreign company that is registered under Division 2 of Part 5B.2 of the Corporations Act 2001.
relevant foreign registration body means, in respect of a registered foreign company or an unregistered foreign company, any government body that was responsible for the formation, incorporation or registration of that company in its country of formation, incorporation or registration.
reliable and independent documentation includes but is not limited to:
(1) an original primary photographic identification document;
(2) an original primary non‑photographic identification document; and
(3) an original secondary identification document
Note: This is not an exhaustive definition. A reporting entity may rely upon other documents not listed in paragraphs (1) to (3) above as reliable and independent documents, where that is appropriate having regard to ML/TF risk.
secondary identification document includes:
(1) a notice that:
(a) was issued to an individual by the Commonwealth, a State or Territory within the preceding twelve months;
(b) contains the name of the individual and his or her residential address; and
(c) records the provision of financial benefits to the individual under a law of the Commonwealth, State or Territory (as the case may be);
(2) a notice that:
(a) was issued to an individual by the Australian Taxation Office within the preceding 12 months;
(b) contains the name of the individual and his or her residential address; and
(c) records a debt payable to or by the individual by or to (respectively) the Commonwealth under a Commonwealth law relating to taxation;
(3) a notice that:
(a) was issued to an individual by a local government body or utilities provider within the preceding three months;
(b) contains the name of the individual and his or her residential address; and
(c) records the provision of services by that local government body or utilities provider to that address or to that person.
(4) In relation to a person under the age of 18, a notice that:
(a) was issued to a person by a school principal within the preceding three months;
(b) contains the name of the person and his or her residential address; and
(c) records the period of time that the person attended at the school.
senior managing official means an individual who makes, or participates in making, decisions that affect the whole, or a substantial part, of the business of a customer of a reporting entity or who has the capacity to affect significantly the financial standing of a customer of a reporting entity.
totalisator agency board means a board or authority established, or a company holding a licence, under a law of a State or Territory for purposes that include the purpose of operating a betting service.
unregistered foreign company means a foreign company that is not a registered foreign company.
1.2.2 In these Rules, the terms ‘ABN’, ‘ACN’, ‘ARBN’, ‘Australian financial services licence’, ‘ASIC’, ‘managed investment scheme’, ‘proprietary company’, ‘registered office’ and ‘wholesale client’ have the same respective meanings as in the Corporations Act 2001.
1.2.3 In these Rules, the terms ‘Australian credit licence’ and ‘credit representative’ have the same respective meanings as in the National Consumer Credit Protection Act 2009.
Reporting entities should note that in relation to activities they undertake to comply with the AML/CTF Act, they will have obligations under the Privacy Act 1988, including the requirement to comply with the Australian Privacy Principles, even if they would otherwise be exempt from the Privacy Act. For further information about these obligations, please go to http://www.oaic.gov.au or call 1300 363 992.
CHAPTER 2
Part 2.1 Definition of ‘designated business group’
2.1.1 These Anti-Money Laundering and Counter-Terrorism Financing Rules (Rules) are made pursuant to section 229 of the Anti-Money Laundering and Counter-Terrorism Financing Act 2006 (AML/CTF Act) for the purposes of the definition of ‘designated business group’ in section 5 of the AML/CTF Act.
2.1.2 For the purposes of the definition of ‘designated business group’ in section 5 of the AML/CTF Act:
(1) an election will be made in accordance with the AML/CTF Rules if it is made on the approved election form and provided to AUSTRAC by the Nominated Contact Officer;
(2) a ‘designated business group’ is established when the approved form is provided to the AUSTRAC CEO by the Nominated Contact Officer or on such later date as is specified on that form; and
(3) the members of a designated business group must, by their Nominated Contact Officer, notify the AUSTRAC CEO, in writing, in the approved form, of any of the following:
(a) a withdrawal of a member from the designated business group; or
(b) an election of a new member; or
(c) the termination of the designated business group; or
(d) any other change in the details previously notified to the AUSTRAC CEO in respect of the Nominated Contact Officer or the designated business group;
no later than 14 business days from the date on which the withdrawal, election of the new member, termination or change takes effect.
(4) each member of the designated business group must be:
(a) related to each other member of the group within the meaning of section 50 of the Corporations Act 2001; and either
(i) a reporting entity; or
(ii) a company in a foreign country which if it were resident in Australia would be a reporting entity; or
(b) providing a designated service pursuant to a joint venture agreement, to which each member of the group is a party; or
(c) able to satisfy the following conditions:
be
(i) an accounting practice; or
(ii) a person, other than an individual, which the accounting practice in (i) controls; or
(iii) an accounting practice which is providing a designated service pursuant to a joint venture agreement, to which each member of the group is a party; or
(iv) a person that provides or assists in the provision of a designated service to the customers of the accounting practice;
and either:
(v) a reporting entity; or
(vi) an entity in a foreign country which, if it were resident in Australia would be a reporting entity; or
(d) able to satisfy the following conditions:
be
(i) a law practice; or
(ii) a person, other than an individual, which the law practice in (i) controls; or
(iii) a law practice which is providing a designated service pursuant to a joint venture agreement, to which each member of the group is a party; or
(iv) a person that provides or assists in the provision of a designated service to the customers of the law practice;
and either:
(v) a reporting entity; or
(vi) an entity in a foreign country which, if it were resident in Australia would be a reporting entity; or
(e) Subject to the requirements in paragraph 2.1.2A, be a reporting entity that provides a registrable designated remittance service, either:
(i) as a money transfer service provider; or
(ii) as a representative of a money transfer service provider pursuant to a representation agreement with a money transfer service provider; or
(iii) as a sub-representative of a money transfer service provider pursuant to a sub-representation agreement with the representative of the money transfer service provider.
2.1.2A The following conditions apply to a reporting entity that elects to form or vary a designated business group with other reporting entities pursuant to subparagraph 2.1.2(4)(e):
(1) a person who meets the criteria specified at subparagraph 2.1.2(4)(e)(i) may form or vary a designated business group with one of the following:
(a) a person or persons with whom they have a representation agreement; or
(b) (i) a person with whom they have a
representation agreement; and
(ii) a person or persons with whom the person described at subparagraph 2.1.2A(1)(b)(i) has a sub-representation agreement.
(2) a person who meets the criteria specified at subparagraph 2.1.2(4)(e)(ii) may form or vary a designated business group with one of the following:
(a) the person with whom they have a representation agreement; or
(b) (i) the person with whom they have a
representation agreement; and
(ii) a person or persons who have a representation agreement with the person described at subparagraph 2.1.2A(2)(b)(i); or
(c) (i) a person or persons who meet the conditions
specified at subparagraph 2.1.2(4)(e)(iii); and
(ii) with whom they have a sub-representation agreement; or
(d) (i) the person with whom they have a representation
agreement; and
(ii) (A) a person or persons who meet the
conditions specified at subparagraph 2.1.2(4)(e)(iii); and
(B) with whom they have a sub-representation agreement.
(3) a person who meets the conditions specified at subparagraph 2.1.2(4)(e)(iii) may form or vary a designated business group with one of the following:
(a) the person with whom they have a sub-representation agreement; or
(b) (i) the person with whom they have a
sub-representation agreement; and
(ii) a person or persons who have a sub-representation agreement with the same person described at subparagraph 2.1.2A(3)(a); or
(c) (i) the person with whom they have a
sub-representation agreement; and
(ii) the person with whom the person described at subparagraph 2.1.2A(3)(c)(i) has a representation agreement; or
(d) (i) the person with whom they have a
sub-representation agreement; and
(ii) the person with whom the person described at subparagraph 2.1.2A(3)(d)(i) has a representation agreement; and
(iii) a person or persons who have a sub-representation agreement with the same person described at subparagraph 2.1.2A(3)(d)(i).
2.1.3 In this Chapter:
(1) ‘approved election form’ means Form 1 attached to these Rules;
(2) ‘approved form’ for the purposes of sub-rule 2.1.2(2) means Form 2 attached to these Rules;
(3) ‘approved form’ for the purposes of sub-rule 2.1.2(3) means Form 3 attached to these Rules;
(4) ‘company’ has the same meaning as in the Corporations Act 2001;
(5) ‘Nominated Contact Officer’ means the holder from time to time of one of the following positions:
(a) an ‘officer’ as defined in the Corporations Act 2001, of a member of a designated business group; or
(b) the AML/CTF Compliance Officer of a member of a designated business group,
where that officer or compliance officer has been appointed by the designated business group to hold the position of the Nominated Contact Officer;
(6) ‘accounting practice’ means a business carried on by either of the following:
(a) an accountant (however described) that supplies professional accounting services; or
(b) a partnership or company that uses accountants (however described) to supply professional accounting services;
(7) ‘law practice’ means a business carried on by either of the following:
(a) a legal practitioner (however described) that supplies professional legal services; or
(b) a partnership or company that uses legal practitioners (however described) to supply professional legal services;
(8) ‘money transfer service’ means a service, provided under a single brand, trademark or business name through which registrable designated remittance services are carried out;
(9) ‘money transfer service provider’ means a person who under a representation agreement authorises a representative to offer the money transfer service on behalf of the money transfer service provider and to engage sub-representatives for the purposes of providing the money transfer service in Australia;
(10) ‘representation agreement’ means the written agreement between a money transfer service provider and a representative of the money transfer service provider that states the terms on which the representative offers the money transfer service within Australia;
(11) ‘representative of a money transfer service provider’ or ‘representative’ means a person who offers a money transfer service in accordance with a representation agreement with the money transfer service provider;
(12) ‘sub-representation agreement’ means the written agreement between a representative of a money transfer service provider and a sub-representative of a money transfer service provider that states the terms on which the sub-representative provides the money transfer service within Australia;
(13) ‘sub-representative of a money transfer service provider’ or ‘sub-representative’ means a person who is engaged by a representative of a money transfer service provider to provide a money transfer service in accordance with a sub-representation agreement.
Form 1
FORM FOR SUB-PARAGRAPH 2.1.2(1) OF THE RULES: ELECTION TO BE A MEMBER OF A DESIGNATED BUSINESS GROUP
For the purposes of the Anti-Money Laundering and Counter-Terrorism Financing Rules made pursuant to section 229 of the Anti-Money Laundering and Counter-Terrorism Financing Act 2006 (AML/CTF Act) and of the definition of ‘designated business group’ in section 5 of the AML/CTF Act:
I, [name and role/title of Y], hereby elect on behalf of Y, to be a member of [name of Designated Business Group]. I hereby confirm that:
(a) Y Pty Ltd, is a reporting entity related to each member of [name of Designated Business Group] within the meaning of section 50 of the Corporations Act 2001; or
(b) Y Pty Ltd, is providing a designated service pursuant to a joint venture agreement to which each member of [name of Designated Business Group] is a party; or
(c) Y Pty Ltd, is a foreign company which, if it were resident in Australia would be a reporting entity, and is, within the meaning of section 50 of the Corporations Act 2001, related to [name of related company] which is a member of [name of Designated Business Group] and which is a reporting entity; or
(d) Y is a reporting entity or is an entity in a foreign country, which if it were resident in Australia would be a reporting entity, and is:
(i) an accounting practice as defined in Rule 2.1.3(6); or
(ii) a person, other than an individual, which the accounting practice in (i) controls; or
(iii) an accounting practice which is providing a designated service pursuant to a joint venture agreement, to which each member of the [name of Designated Business Group] group is a party; or
(iv) a person that provides or assists in the provision of a designated service to the customers of the accounting practice; or
(e) Y is a reporting entity or is an entity in a foreign country, which if it were resident in Australia would be a reporting entity, and is:
(i) a law practice as defined in Rule 2.1.3(7); or
(ii) a person, other than an individual, which the law practice in (i) controls; or
(iii) a law practice which is providing a designated service pursuant to a joint venture agreement, to which each member of the [name of Designated Business Group] group is a party; or
(iv) a person that provides or assists in the provision of a designated service to the customers of the law practice; or
(f) Y is a reporting entity, and is a money transfer service provider as defined in Rule 2.1.3(9); or
(g) Y is a reporting entity, and is a representative of a money transfer service provider as defined in Rule 2.1.3(11); or
(h) Y is a reporting entity, and is a sub-representative of a money transfer service provider as defined in Rule 2.1.3(13).
DATE:
Form 2
FORM FOR SUB-PARAGRAPH 2.1.2(2) OF THE RULES: FORMATION OF A DESIGNATED BUSINESS GROUP
For the purposes of the Anti-Money Laundering and Counter-Terrorism Financing Rules made pursuant to section 229 of the Anti-Money Laundering and Counter-Terrorism Financing Act 2006 (AML/CTF Act) and of the definition of ‘designated business group’ in section 5 of the AML/CTF Act:
I, [name and role/title of X], notify AUSTRAC that [role/title of X] is the Nominated Contact Officer of [name of Designated Business Group]. I currently hold that position. My contact details are:
Address:
Phone number:
Fax number:
Email address:
I [name] as the Nominated Contact Officer of [name of Designated Business Group] hereby notify AUSTRAC of the establishment of [name of Designated Business Group].
The following have elected to be members of [name of Designated Business Group]:
[name of member]
[name of member]
DATE:
Form 3
FORM FOR SUB-PARAGRAPH 2.1.2(3) OF THE RULES: VARIATIONS
For the purposes of the Anti-Money Laundering and Counter-Terrorism Financing Rules made pursuant to section 229 of the Anti-Money Laundering and Counter-Terrorism Financing Act 2006 (AML/CTF Act) and of the definition of ‘designated business group’ in section 5 of the AML/CTF Act:
I, [Nominated Contact Officer of X], being the Nominated Contact Officer of [name of Designated Business Group] hereby advise the AUSTRAC CEO of the following variations to [name of Designated Business Group]:
(a) [withdrawal detail];
(b) [election detail];
(c) [termination];
(d) [any other change]
Election forms are attached.
DATE:
Reporting entities should note that in relation to activities they undertake to comply with the AML/CTF Act, they will have obligations under the Privacy Act 1988, including the requirement to comply with the Australian Privacy Principles, even if they would otherwise be exempt from the Privacy Act. For further information about these obligations, please go to http://www.oaic.gov.au or call 1300 363 992.
CHAPTER 3 Correspondent Banking
Part 3.1 Entry into a correspondent banking relationship
3.1.1 This Part is made for subsection 96(1) of the Act.
Carrying out an initial assessment
3.1.2 The first institution (the correspondent) must conduct due diligence to assess the money laundering, financing of terrorism or other serious crime risks associated with entry into a correspondent banking relationship with another financial institution (the respondent) that will involve a vostro account.
3.1.3 The correspondent must consider the following factors when assessing money laundering, financing of terrorism or other serious crime risks:
(1) the ownership, control and management structures of:
(a) the respondent; and
(b) the ultimate parent company of the respondent, if any;
(2) the nature, size, and complexity of the respondent’s business, including:
(a) its products, services, delivery channels and customer types; and
(b) the types of transactions carried out on behalf of underlying customers as part of the correspondent banking relationship and the services provided to underlying customers that relate to such transactions;
(3) the country or countries in which:
(a) the respondent operates or resides; and
(b) if the ultimate parent company of the respondent has group-wide anti-money laundering and counter-terrorism financing systems and controls, and the respondent operates within the requirements of those controls—the ultimate parent company operates or resides;
Note 1: Country has the meaning given by section 5 of the Act.
Note 2: A foreign country may include a region or regions. These regions may have a different risk profile to each other or the rest of the foreign country.
(4) the existence and quality of any anti-money laundering and counter-terrorism financing regulation and supervision in the country or countries identified under subparagraph (3) and the respondent’s compliance practices in relation to those regulations;
(5) the adequacy and effectiveness of the respondent’s anti-money laundering and counter-terrorism financing systems and controls;
(6) publicly-available information relating to the reputation of the respondent and any related bodies corporate, including whether the respondent has been the subject of:
(a) a regulatory investigation relating to implementation of anti-money laundering, counter-terrorism financing or sanctions obligations; or
(b) adverse regulatory action relating to implementation of anti-money laundering, counter-terrorism financing or sanctions obligations; or
(c) an investigation or criminal or civil proceedings relating to money laundering, financing of terrorism or other serious crimes;
(7) if the correspondent maintains vostro accounts that can be accessed directly by the customers of the respondent (payable-through accounts)—the respondent:
(a) conducts customer due diligence and ongoing customer due diligence in relation to those customers; and
(b) is able to provide to the correspondent, on request, the documents, data or other information obtained when conducting customer due diligence and ongoing customer due diligence in relation to those customers.
Requirement for senior officer approval
3.1.4 The senior officer of the correspondent (senior officer) must have regard to:
(1) the money laundering, financing of terrorism or other serious crime risks assessed in the written record of the due diligence assessment; and
(2) the adequacy and effectiveness of the correspondent’s anti-money laundering and counter-terrorism financing program to manage those risks;
before approving entry into a correspondent banking relationship.
3.1.5 If the correspondent maintains payable-through accounts, the senior officer must be satisfied that the respondent:
(1) verifies the identify of, and conducts ongoing customer due diligence in relation to, customers before they have access to those accounts; and
(2) is able to provide the correspondent, on request, the documents, data, or other information obtained when conducing customer due diligence and ongoing customer due diligence in relation to the customers that have access to those accounts.
Part 3.2 Ongoing assessments of a correspondent banking relationship
3.2.1 This Part is made for subsection 96(3) of the Act.
Carrying out ongoing assessments
3.2.2 The first institution (the correspondent) must conduct due diligence to assess the money laundering, financing of terrorism or other serious crime risks of a correspondent banking relationship with another financial institution (the respondent) that involves a vostro account.
3.2.3 The correspondent must consider the factors set out in subparagraphs 3.1.3(1)–(7) when assessing money laundering, financing of terrorism or other serious crime risks.
Timing of ongoing assessments
3.2.4 The correspondent must conduct assessments at times determined appropriate by the correspondent, based on consideration of:
(1) the level of money laundering, financing of terrorism or other serious crime risks of the correspondent banking relationship; and
(2) any material change in respect of those risks;
but in any event, at least every two years.
CHAPTER 4
Part 4.1 Introduction
4.1.1 These Rules are made pursuant to section 229 of the AML/CTF Act for the purposes of paragraphs 36(1)(b), 84(2)(c), 84(3)(b), 85(2)(c) and 85(3)(b), and sections 106, 107 and 108 of the AML/CTF Act. Sections 136 and 137 of the AML/CTF Act apply to each paragraph of this Chapter. They specify the requirements with which Part A or Part B of a reporting entity’s standard AML/CTF program or Part A or Part B of a reporting entity’s joint AML/CTF program must comply. The primary purpose of Part A of a standard or joint AML/CTF program is to identify, manage and mitigate money laundering or terrorism financing (ML/TF) risk a reporting entity may reasonably face in relation to the provision by the reporting entity of designated services at or through a permanent establishment in Australia. The sole or primary purpose of Part B is to set out the reporting entity’s applicable customer identification procedures.
Note: Reporting entities that collect information about a customer from a third party will need to consider their obligation under subclause 3.6 of the Australian Privacy Principles, which requires that personal information about an individual must be collected only from the individual unless it is unreasonable or impractical to do so and where it is reasonably necessary for the reporting entity’s functions or activities.
4.1.2 This Chapter does not apply to:
(1) a pre‑commencement customer; or
(2) a customer who receives a designated service covered by item 40, 42 or 44 of table 1 in section 6 of the AML/CTF Act.
Note: Subparagraph 4.1.2(1) relates to pre-commencement customers referred to in sections 28 and 29 of the AML/CTF Act.
4.1.3 For the purposes of these Rules, in identifying its ML/TF risk a reporting entity must consider the risk posed by the following factors:
(1) its customer types; including:
(a) beneficial owners of customers; and
(b) any politically exposed persons;
(2) its customers’ sources of funds and wealth;
(3) the nature and purpose of the business relationship with its customers, including, as appropriate, the collection of information relevant to that consideration;
(4) the control structure of its non-individual customers;
(5) the types of designated services it provides;
(6) the methods by which it delivers designated services; and
(7) the foreign jurisdictions with which it deals.
Different requirements with respect to different kinds of customers
4.1.4 These Rules specify different requirements for AML/CTF programs in relation to different kinds of customers. An AML/CTF program must comply with such requirements to the extent that a reporting entity has a customer of a particular kind. These Rules make provision in respect of the following kinds of customers:
(1) Individuals – Part 4.2 of these Rules;
(2) Companies – Part 4.3 of these Rules;
(3) Customers who act in the capacity of a trustee of a trust – Part 4.4 of these Rules;
(4) Customers who act in the capacity of a member of a partnership – Part 4.5 of these Rules;
(5) Incorporated or unincorporated associations – Part 4.6 of these Rules;
(6) Registered co‑operatives – Part 4.7 of these Rules;
(7) Government bodies – Part 4.8 of these Rules.
Requirements in respect to Beneficial Owners and Politically Exposed Persons
4.1.5 These Rules specify different requirements for AML/CTF programs in relation to beneficial owners and politically exposed persons:
(1) Beneficial Owners – Part 4.12 of these Rules;
(2) Politically Exposed Persons – Part 4.13 of these Rules.
4.1.6 A reporting entity is only required to apply the requirements specified in subparagraphs 4.4.3(5) and 4.4.5(5), and in Part 4.12 and Part 4.13 of these Rules to a person who becomes a customer after the commencement of those provisions on 1 June 2014.
Verification
4.1.7 These Rules also require an AML/CTF program to comply with the requirements of Part 4.9 of these Rules relating to document‑based verification and with the requirements of Part 4.10 of these Rules relating to verification from electronic data.
Agents of customers
4.1.8 An AML/CTF program must comply with the requirements of Part 4.11 of these Rules in relation to any agent who is authorised to act for or on behalf of a customer in relation to a designated service.
Part 4.2 Applicable customer identification procedure with respect to individuals
4.2.1 In so far as a reporting entity has any customer who is an individual, an AML/CTF program must comply with the requirements specified in Part 4.2 of these Rules.
4.2.2 An AML/CTF program must include appropriate risk‑based systems and controls that are designed to enable the reporting entity to be reasonably satisfied, where a customer is an individual, that the customer is the individual that he or she claims to be.
Collection of information
4.2.3 An AML/CTF program must include a procedure for the reporting entity to collect, at a minimum, the following KYC information about an individual (other than an individual who notifies the reporting entity that he or she is a customer of the reporting entity in his or her capacity as a sole trader):
(1) the customer’s full name;
(2) the customer’s date of birth; and
(3) the customer’s residential address.
4.2.4 An AML/CTF program must include a procedure for the reporting entity to collect at a minimum, the following KYC information about a customer who notifies the reporting entity that he or she is a customer of the reporting entity in his or her capacity as a sole trader:
(1) the customer’s full name;
(2) the customer’s date of birth;
(3) the full business name (if any) under which the customer carries on his or her business;
(4) the full address of the customer’s principal place of business (if any) or the customer’s residential address; and
(5) any ABN issued to the customer.
4.2.5 An AML/CTF program must include appropriate risk‑based systems and controls for the reporting entity to determine whether, in addition to the KYC information referred to in paragraph 4.2.3 or 4.2.4 above, any other KYC information will be collected about a customer.
Verification of information
4.2.6 An AML/CTF program must include a procedure for the reporting entity to verify, at a minimum, the following KYC information about a customer:
(1) the customer’s full name; and
(2) either:
(a) the customer’s date of birth; or
(b) the customer’s residential address.
4.2.7 An AML/CTF program must require that the verification of information collected about a customer be based on:
(1) reliable and independent documentation;
(2) reliable and independent electronic data; or
(3) a combination of (1) and (2) above.
4.2.8 An AML/CTF program must include appropriate risk‑based systems and controls for the reporting entity to determine whether, in addition to the KYC information referred to in paragraph 4.2.6 above, any other KYC information collected about the customer should be verified from reliable and independent documentation, reliable and independent electronic data or a combination of the two.
Responding to discrepancies
4.2.9 An AML/CTF program must include appropriate risk‑based systems and controls for the reporting entity to respond to any discrepancy that arises in the course of verifying KYC information collected about a customer so that the reporting entity can determine whether it is reasonably satisfied that the customer is the person that he or she claims to be.
Documentation‑based safe harbour procedure where ML/TF risk is medium or lower
4.2.10 Paragraph 4.2.11 sets out one procedure for documentation‑based verification which a reporting entity may include in an AML/CTF program to comply with its obligations under paragraphs 4.2.3 to 4.2.8, and 4.9.1 to 4.9.3 of these Rules where the relationship with the customer is of medium or lower ML/TF risk. Paragraph 4.2.11 does not preclude a reporting entity from meeting the requirements of paragraphs 4.2.3 to 4.2.8, and 4.9.1 to 4.9.3 of these Rules in another way where the relationship with the customer is of medium or lower ML/TF risk.
4.2.11 An AML/CTF program that requires the reporting entity to do the following will be taken to meet the requirements of paragraphs 4.2.3 to 4.2.8 and 4.9.2 to 4.9.3 of these Rules in respect of a customer, where a reporting entity determines that the relationship with that customer is of medium or lower risk:
(1) collect the KYC information described in paragraph 4.2.3 or 4.2.4 (as the case may be);
(2) verify the customer’s name and either the customer’s residential address or date of birth, or both, from:
(a) an original or certified copy of a primary photographic identification document; or
(b) both:
(i) an original or certified copy of a primary non‑photographic identification document; and
(ii) an original or certified copy of a secondary identification document; and
(3) verify that any document produced about the customer has not expired (other than in the case of a passport issued by the Commonwealth that expired within the preceding two years).
Electronic‑based safe harbour procedure where ML/TF Risk is medium or lower
4.2.12 Paragraph 4.2.13 sets out one procedure for electronic verification which a reporting entity may follow to comply with its obligations under paragraphs 4.2.3 to 4.2.8, and 4.10.1 of these Rules where the relationship with the customer is of medium or lower ML/TF risk. Paragraph 4.2.13 does not preclude a reporting entity from meeting the requirements of paragraphs 4.2.3 to 4.2.8, and 4.10.1 of these Rules in another way where the relationship with the customer is of medium or lower ML/TF risk.
4.2.13 Part B of an AML/CTF program that requires the reporting entity to do the following will be taken to meet the requirements of paragraphs 4.2.3 to 4.2.8 and 4.10.1 of these Rules in respect of a customer, where a reporting entity determines that the relationship with the customer is of medium or lower risk:
(1) collect the KYC information described in paragraph 4.2.3 or 4.2.4 (as the case may be) about a customer;
(2) verify, having regard to the matters set out in subparagraph 4.10.2(1):
(a) the customer’s name; and
(b) either:
(i) the customer’s residential address; or
(ii) the customer’s date of birth; or
(iii) both (i) and (ii); or
(c) that the customer has a transaction history for at least the past 3 years.
4.2.14 For subparagraphs 4.2.13(2)(a) and (b), verification must be undertaken by the reporting entity through the use of reliable and independent electronic data from at least two separate data sources.
Part 4.3 Applicable customer identification procedure with respect to companies
4.3.1 In so far as a reporting entity has any customer who is a domestic or a foreign company, an AML/CTF program must comply with the requirements specified in Part 4.3 of these Rules.
4.3.2 An AML/CTF program must include appropriate risk‑based systems and controls that are designed to enable the reporting entity to be reasonably satisfied, where a customer is a company, that:
(1) the company exists; and
(2) in respect to beneficial owners, the reporting entity has complied with the requirements specified in Part 4.12 of these Rules.
Existence of the company ‑ collection of minimum information
4.3.3 An AML/CTF program must include a procedure for the reporting entity to collect, at a minimum, the following KYC information about a company:
(1) in the case of a domestic company:
(a) the full name of the company as registered by ASIC;
(b) the full address of the company’s registered office;
(c) the full address of the company’s principal place of business, if any;
(d) the ACN issued to the company;
(e) whether the company is registered by ASIC as a proprietary or public company; and
(f) if the company is registered as a proprietary company, the name of each director of the company;
(2) in the case of a registered foreign company:
(a) the full name of the company as registered by ASIC;
(b) the full address of the company’s registered office in Australia;
(c) the full address of the company’s principal place of business in Australia (if any) or the full name and address of the company’s local agent in Australia, if any;
(d) the ARBN issued to the company;
(e) the country in which the company was formed, incorporated or registered;
(f) whether the company is registered by the relevant foreign registration body and if so whether it is registered as a private or public company or some other type of company; and
(g) if the company is registered as a private company by the relevant foreign registration body ‑ the name of each director of the company;
(3) in the case of an unregistered foreign company:
(a) the full name of the company;
(b) the country in which the company was formed, incorporated or registered;
(c) whether the company is registered by the relevant foreign registration body and if so:
(i) any identification number issued to the company by the relevant foreign registration body upon the company’s formation, incorporation or registration;
(ii) the full address of the company in its country of formation, incorporation or registration as registered by the relevant foreign registration body; and
(iii) whether it is registered as a private or public company or some other type of company by the relevant foreign registration body;
(d) if the company is registered as a private company by the relevant foreign registration body ‑ the name of each director of the company; and
(e) if the company is not registered by the relevant foreign registration body, the full address of the principal place of business of the company in its country of formation or incorporation.
4.3.4 An AML/CTF program must include appropriate risk‑based systems and controls for the reporting entity to determine whether, in addition to the KYC information referred to in paragraph 4.3.3, any other KYC information relating to the company’s existence will be collected in respect of a company.
Existence of company – verification of information
4.3.5 An AML/CTF program must include a procedure for the reporting entity to verify, at a minimum, the following information about a company:
(1) in the case of a domestic company:
(a) the full name of the company as registered by ASIC;
(b) whether the company is registered by ASIC as a proprietary or public company; and
(c) the ACN issued to the company;
(2) in the case of a registered foreign company:
(a) the full name of the company as registered by ASIC;
(b) whether the company is registered by the relevant foreign registration body and if so whether it is registered as a private or public company; and
(c) the ARBN issued to the company;
(3) in the case of an unregistered foreign company:
(a) the full name of the company; and
(b) whether the company is registered by the relevant foreign registration body and if so:
(i) any identification number issued to the company by the relevant foreign registration body upon the company’s formation, incorporation or registration; and
(ii) whether the company is registered as a private or public company.
4.3.6 An AML/CTF program must include appropriate risk‑based systems and controls for the reporting entity to determine whether, in addition to the KYC information referred to in paragraph 4.3.5, any other KYC information referred to in paragraph 4.3.3 or other KYC information relating to the company’s existence collected in respect of the company, should be verified.
4.3.7 In determining whether, and what, additional information will be collected and/or verified in respect of a company pursuant to paragraphs 4.3.4 and/or 4.3.6, the reporting entity must have regard to ML/TF risk relevant to the provision of the designated service.
4.3.8 If an AML/CTF program includes the simplified company verification procedure described below with respect to a company that is:
(1) a domestic listed public company;
(2) a majority owned subsidiary of a domestic listed public company; or
(3) licensed and subject to the regulatory oversight of a Commonwealth, State or Territory statutory regulator in relation to its activities as a company;
an AML/CTF program is taken to comply with the requirements of paragraphs 4.3.5, 4.3.6 and 4.3.7 of these Rules in so far as those customers are concerned.
Simplified Company Verification Procedure
The reporting entity must confirm that the company is:
(1) a domestic listed public company;
(2) a majority owned subsidiary of a domestic listed public company; or
(3) licensed and subject to the regulatory oversight of a Commonwealth, State or Territory statutory regulator in relation to its activities as a company;
by obtaining one or a combination of the following:
(4) a search of the relevant domestic stock exchange;
(5) a public document issued by the relevant company;
(6) a search of the relevant ASIC database;
(7) a search of the licence or other records of the relevant regulator.
4.3.9 (1) An AML/CTF program may include appropriate risk‑based systems and controls for the reporting entity to determine whether and in what manner to verify the existence of a foreign company by confirming that the foreign company is a foreign listed public company.
(2) If an AML/CTF program includes systems and controls of that kind, the AML/CTF program must include a requirement that, in determining whether and in what manner to verify the existence of a foreign listed public company in accordance with those systems and controls, the reporting entity must have regard to ML/TF risk relevant to the provision of the designated service, including the location of the foreign stock or equivalent exchange (if any).
(3) If an AML/CTF program includes systems and controls of that kind, an AML/CTF program is taken to comply with the requirements of paragraphs 4.3.5, 4.3.6 and 4.3.7 of these Rules in so far as those customers are concerned.
Methods of verification
4.3.10 Subject to paragraph 4.3.11, an AML/CTF program must require that the verification of information about a company be based as far as possible on:
(1) reliable and independent documentation;
(2) reliable and independent electronic data; or
(3) a combination of (1) and (2) above.
4.3.11 For the purposes of subparagraph 4.3.10(1), ‘reliable and independent documentation’ includes a disclosure certificate that verifies information about the beneficial owners of a company if a reporting entity is permitted to obtain a disclosure certificate as described in Chapter 30.
4.3.12 An AML/CTF program must include appropriate risk‑based systems and controls for the reporting entity to determine whether to rely on a disclosure certificate to verify information about a foreign company where such information is not otherwise reasonably available.
4.3.13 An AML/CTF program must include a requirement that, in determining whether to rely on a disclosure certificate to verify information in relation to a foreign company in accordance with the requirements of paragraph 4.3.12 above, the reporting entity must have regard to ML/TF risk relevant to the provision of the designated service, including the jurisdiction of incorporation of the foreign company as well as the jurisdiction of the primary operations of the foreign company and the location of the foreign stock or equivalent exchange (if any).
Responding to discrepancies
4.3.14 An AML/CTF program must include appropriate risk‑based systems and controls for the reporting entity to respond to any discrepancy that arises in the course of verifying information about a company, so that the reporting entity can determine whether it is reasonably satisfied about the matters referred to in subparagraphs 4.3.2(1) and (2).
Part 4.4 Applicable customer identification procedure with respect to trustees
4.4.1 In so far as a reporting entity has any customer who acts in the capacity of a trustee of a trust, an AML/CTF program must comply with the requirements specified in Part 4.4 of these Rules.
4.4.2 Subject to paragraph 4.4.18, an AML/CTF program must include appropriate risk‑based systems and controls that are designed to enable the reporting entity to be reasonably satisfied, where a person notifies the reporting entity that the person is a customer of the reporting entity in the person’s capacity as the trustee of a trust, that:
(1) the trust exists; and
(2) the name of each trustee and beneficiary, or a description of each class of beneficiary, of the trust has been provided.
Existence of the trust ‑ collection and verification of information
4.4.3 An AML/CTF program must include a procedure for the reporting entity to collect, at a minimum, the following KYC information about a customer:
(1) the full name (if any) of the trust;
(2) the full business name (if any) of the trustee in respect of the trust;
(3) the type of the trust;
(4) the country in which the trust was established;
(5) the full name of the settlor of the trust, unless:
(a) the material asset contribution to the trust by the settlor at the time the trust is established is less than $10,000; or
(b) the settlor is deceased; or
(c) the trust is verified using the simplified trustee verification procedure under paragraph 4.4.8 of these Rules; or
(d) the customer is a custodian.
Note: ‘Custodian’ is defined in subparagraph 4.4.19(1) of these Rules.
(6) if any of the trustees is an individual, then in respect of one of those individuals – the information required to be collected about an individual under the applicable customer identification procedure with respect to individuals set out in an AML/CTF program;
(7) if any of the trustees is a company, then in respect of one of those companies – the information required to be collected about a company under the applicable customer identification procedure with respect to companies set out in an AML/CTF program; and
(8) if the trustees comprise individuals and companies then in respect of either an individual or a company – the information required to be collected about the individual or company (as the case may be) under the applicable customer identification with respect to the individual or company set out in an AML/CTF program.
4.4.4 An AML/CTF program must include appropriate risk‑based systems and controls for the reporting entity to determine whether, in addition to the KYC information referred to in paragraph 4.4.3, any other KYC information relating to the trust’s existence will be collected in respect of a trust.
4.4.5 An AML/CTF program must include a procedure for the reporting entity to verify, at a minimum:
(1) the full name (if any) of the trust;
(2) if any of the trustees is an individual, then in respect of one of those individuals – information about the individual in accordance with the applicable customer identification procedure with respect to individuals set out in an AML/CTF program;
(3) if any of the trustees is a company, then in respect of one of those companies – information about the company in accordance with the applicable customer identification procedure with respect to companies set out in an AML/CTF program;
(4) if the trustees comprise individuals and companies then in respect of either an individual or a company – the information about the individual or company (as the case may be) in accordance with the applicable procedures with respect to the individual or company set out in an AML/CTF program; and
(5) the full name of the settlor of the trust, unless:
(a) the material asset contribution to the trust by the settlor at the time the trust is established is less than $10,000; or
(b) the settlor is deceased; or
(c) the trust is verified using the simplified trustee verification procedure under paragraph 4.4.8 of these Rules; or
(d) the customer is a custodian.
Note: ‘Custodian’ is defined in subparagraph 4.4.19(1) of these Rules.
4.4.6 An AML/CTF program must include appropriate risk‑based systems and controls for the reporting entity to determine whether and to what extent, in addition to the KYC information referred to in paragraph 4.4.5, any other KYC information relating to the trust’s existence collected in respect of the trust should be verified.
4.4.7 In determining whether, and what, additional information will be collected and/or verified in respect of a trust pursuant to paragraphs 4.4.4 and/or 4.4.6, the reporting entity must have regard to ML/TF risk relevant to the provision of the designated service.
4.4.8 If an AML/CTF program includes the simplified trustee verification procedure described below with respect to a trust that is:
(1) a managed investment scheme registered by ASIC;
(2) a managed investment scheme that is not registered by ASIC and that:
(a) only has wholesale clients; and
(b) does not make small scale offerings to which section 1012E of the Corporations Act 2001 applies;
(3) registered and subject to the regulatory oversight of a Commonwealth statutory regulator in relation to its activities as a trust; or
(4) a government superannuation fund established by legislation;
an AML/CTF program is taken to comply with the requirements of paragraphs 4.4.5, 4.4.6 and 4.4.7 of these Rules in so far as those customers are concerned.
Simplified Trustee Verification Procedure
The reporting entity must verify that the trust is:
(1) a managed investment scheme registered by ASIC;
(2) a managed investment scheme that is not registered by ASIC and that:
(a) only has wholesale clients; and
(b) does not make small scale offerings to which section 1012E of the Corporations Act 2001 applies;
(3) registered and subject to the regulatory oversight of a Commonwealth statutory regulator in relation to its activities as a trust; or
(4) a government superannuation fund established by legislation.
Trustees and beneficiaries– collection and verification of information
4.4.9 Subject to paragraph 4.4.18, an AML/CTF program must include a procedure for the reporting entity to collect, at a minimum, the following KYC information about a customer (other than a trustee in respect of a trust to which paragraph 4.4.13 or 4.4.14 applies):
(1) the full name and address of each trustee in respect of the trust; and
(2) either:
(a) the full name of each beneficiary in respect of the trust; or
(b) if the terms of the trust identify the beneficiaries by reference to membership of a class – details of the class.
4.4.10 An AML/CTF program must include appropriate risk‑based systems and controls for the reporting entity to determine whether, in addition to the KYC information referred to in paragraph 4.4.9, any other KYC information relating to the trustees, or beneficiaries will be collected in respect of the trust.
4.4.11 An AML/CTF program must include appropriate risk‑based systems and controls for the reporting entity to determine whether and, if so, in what manner to verify the name of any or each trustee or beneficiary, or details of any or each class of beneficiaries, or any other KYC information collected pursuant to a procedure of the kind described in paragraph 4.4.9, from the sources described in paragraph 4.4.15.
4.4.12 An AML/CTF program must include a requirement that, in determining whether and what KYC information will be collected and/or verified in respect of a trust and the extent to which any KYC information is verified, pursuant to a procedure of the kind described in paragraphs 4.4.10 and/or 4.4.11, the reporting entity must have regard to ML/TF risk relevant to the provision of the designated service.
4.4.13 An AML/CTF program need not include the requirements specified in paragraphs 4.4.9 to 4.4.12 in relation to a trust that is:
(1) a managed investment scheme registered by ASIC;
(2) a managed investment scheme that is not registered by ASIC and that:
(a) only has wholesale clients; and
(b) does not make small scale offerings to which section 1012E of the Corporations Act 2001 applies; or
(3) a government superannuation fund established by legislation.
4.4.14 An AML/CTF program need not include the requirements specified in paragraph 4.4.9 in relation to a trust that is registered and subject to the regulatory oversight of a Commonwealth statutory regulator in relation to its activities as a trust.
Methods of verification
4.4.15 Subject to paragraph 4.4.16, an AML/CTF program must require that the verification of information about a trust be based on:
(1) a trust deed, certified copy or certified extract of a trust deed;
(2) reliable and independent documents relating to the trust;
(3) reliable and independent electronic data; or
(4) a combination of (1) to (3) above.
4.4.16 For the purposes of subparagraph 4.4.15(2), ‘reliable and independent documents relating to the trust’ includes a disclosure certificate that verifies information about a trust where:
(1) the verification is for the purposes of a procedure of the kind described in paragraphs 4.4.6 or 4.4.11 of these Rules; and
(2) the information to be verified is not otherwise reasonably available from the sources described in paragraph 4.4.15.
Responding to discrepancies
4.4.17 An AML/CTF program must include appropriate risk‑based systems and controls for the reporting entity to respond to any discrepancy that arises in the course of verifying information about a customer so that the reporting entity can determine whether it is reasonably satisfied about the matters referred to in subparagraphs 4.4.2(1) and (2).
Trustees who are custodians
4.4.18 An AML/CTF program need not include the requirements specified in the following AML/CTF Rules in relation to the provision by the reporting entity of designated services to a customer who is a custodian:
(1) subparagraph 4.4.2(2); and
(2) subparagraph 4.4.9(2); and
(3) in so far as they relate to the collection, verification, updating or review (as applicable) of information on the underlying customers to whom the custodian is providing a custodial or depository service:
(a) Parts 4.12 and 4.13; and
(b) paragraphs 15.2 and 15.3; and
(c) subparagraphs 15.9(2), 15.10(1)(b), 15.10(1)(c), 15.10(2) and 15.10(4).
Note 1: The requirements in Parts 4.12 and 4.13 of the AML/CTF Rules continue to apply to reporting entities in relation to the collection and verification of information on the custodian customer.
Note 2: The requirements in paragraphs 15.2 and 15.3 and subparagraphs 15.9(2), 15.10(1)(b), 15.10(1)(c), 15.10(2) and 15.10(4) of the AML/CTF Rules continue to apply to reporting entities in relation to the collection, verification, re-verification, clarification, updating, review and detailed analysis of:
(a) KYC information of customers that are custodians; and
(b) beneficial owner information, other than information relating to the underlying customers of custodians.
4.4.19 For the purpose of Part 4.4 of these AML/CTF Rules:
(1) ‘custodian’ means a company that:
(a) is acting in the capacity of a trustee; and
(b) is providing a custodial or depository service of the kind described in item 46 of table 1 in subsection 6(2) of the Anti-Money Laundering and Counter-Terrorism Financing Act 2006 (AML/CTF Act); and
(c) either:
(i) holds an Australian financial services licence authorising it to provide custodial or depository services under the Corporations Act 2001; or
(ii) is exempt under the Corporations Act 2001 from the requirement to hold such a licence; and
(d) either:
(i) satisfies one of the ‘geographical link’ tests in subsection 6(6) of the AML/CTF Act; or
(ii) has certified in writing to the relevant reporting entity that its name and enrolment details are entered on the Reporting Entities Roll; and
(e) has certified in writing to the relevant reporting entity that it has carried out all applicable customer identification procedures and ongoing customer due diligence requirements in accordance with Chapter 15 of the AML/CTF Rules in relation to its underlying customers prior to, or at the time of, becoming a customer of the reporting entity.
(2) ‘IDPS’ has the same meaning as in ASIC Class Order [CO 13/763] – Investor directed portfolio services, or any legislative instrument that replaces that class order.
(3) ‘MDA service’ has the same meaning as in the ASIC Corporations (Managed Discretionary Account Services) Instrument 2016/968, or any legislative instrument that replaces that instrument.
(4) ‘providing a custodial or depository service’ has the same meaning as in section 5 of the Anti-Money Laundering and Counter-Terrorism Financing Act 2006 and includes providing a custodial or depository service as part of an IDPS or MDA service.
(5) ‘Reporting Entities Roll’ has the meaning given by section 51C of the Anti-Money Laundering and Counter-Terrorism Financing Act 2006.
Part 4.5 Applicable customer identification procedure with respect to partners
4.5.1 In so far as a reporting entity has any customer who acts in the capacity of a partner in a partnership, an AML/CTF program must comply with the requirements specified in Part 4.5 of these Rules.
4.5.2 An AML/CTF program must include appropriate risk‑based systems and controls that are designed to enable the reporting entity to be reasonably satisfied, where a person notifies the reporting entity that the person is a customer of the reporting entity in the person’s capacity as a partner in a partnership, that:
(1) the partnership exists; and
(2) the name of each of the partners in the partnership has been provided in accordance with subparagraph 4.5.3(5).
Collection and verification of information
4.5.3 An AML/CTF program must include a procedure for the reporting entity to collect, at a minimum, the following KYC information and documentation about a customer:
(1) the full name of the partnership;
(2) the full business name (if any) of the partnership as registered under any State or Territory business names legislation;
(3) the country in which the partnership was established;
(4) in respect of one of the partners ‑ the information required to be collected about an individual under the applicable customer identification procedure with respect to individuals set out in an AML/CTF program; and
(5) the full name and residential address of each partner in the partnership except where the regulated status of the partnership is confirmed through reference to the current membership directory of the relevant professional association.
4.5.4 An AML/CTF program must include appropriate risk‑based systems and controls for the reporting entity to determine whether, in addition to the information referred to in paragraph 4.5.3, any other KYC information will be collected in respect of a partnership.
4.5.5 An AML/CTF program must include a procedure for the reporting entity to verify at a minimum:
(1) the full name of the partnership from the partnership agreement, certified copy or certified extract of the partnership agreement, reliable and independent documents relating to the partnership or reliable and independent electronic data; and
(2) information about one of the partners in accordance with the applicable customer identification procedure with respect to individuals set out in an AML/CTF program.
4.5.6 An AML/CTF program must include appropriate risk‑based systems and controls for the reporting entity to determine whether, and to what extent, in addition to the KYC information referred to in paragraph 4.5.5, any other KYC information collected in respect of the partnership should be verified.
Methods of verification
4.5.7 Subject to paragraph 4.5.8, an AML/CTF program must require that the verification of information about a partnership be based on:
(1) a partnership agreement, certified copy or certified extract of a partnership agreement;
(2) a certified copy or certified extract of minutes of a partnership meeting;
(3) reliable and independent documents relating to the partnership;
(4) reliable and independent electronic data; or
(5) a combination of (1) to (4) above.
4.5.8 For the purposes of subparagraph 4.5.7(3), ‘reliable and independent documents relating to the partnership’ includes a disclosure certificate that verifies information about a partnership where:
(1) the verification is for the purposes of a procedure of the kind described in paragraph 4.5.6 of these Rules; and
(2) the information to be verified is not otherwise reasonably available from the sources described in paragraph 4.5.7.
Responding to discrepancies
4.5.9 An AML/CTF program must include appropriate risk‑based systems and controls for the reporting entity to respond to any discrepancy that arises in the course of verifying information about a customer so that the reporting entity can determine whether it is reasonably satisfied about the matters referred to in subparagraphs 4.5.2(1) and (2).
Part 4.6 Applicable customer identification procedure with respect to associations
4.6.1 In so far as a reporting entity has any customer who is an incorporated or unincorporated association, an AML/CTF program must comply with the requirements specified in Part 4.6 of these Rules.
4.6.2 An AML/CTF program must include appropriate risk‑based systems and controls that are designed to enable the reporting entity to be reasonably satisfied, where a customer notifies the reporting entity that it is an incorporated or unincorporated association, that:
(1) the association exists; and
(2) the names of any members of the governing committee (howsoever described) of the association have been provided.
Collection and verification of information
4.6.3 An AML/CTF program must include a procedure for the reporting entity to collect, at a minimum, the following KYC information about an incorporated or unincorporated association:
(1) if the customer notifies the reporting entity that it is an incorporated association:
(a) the full name of the association;
(b) the full address of the association’s principal place of administration or registered office (if any) or the residential address of the association’s public officer or (if there is no such person) the association’s president, secretary or treasurer;
(c) any unique identifying number issued to the association upon its incorporation by the State, Territory or overseas body responsible for the incorporation of the association; and
(d) the full name of the chairman, secretary and treasurer or equivalent officer in each case of the association; and
(2) if the person notifies the reporting entity that he or she is a customer in his or her capacity as a member of an unincorporated association:
(a) the full name of the association;
(b) the full address of the association’s principal place of administration (if any);
(c) the full name of the chairman, secretary and treasurer or equivalent officer in each case of the association; and
(d) in respect of the member – the information required to be collected about an individual under the applicable customer identification procedure with respect to individuals set out in an AML/CTF program.
4.6.4 An AML/CTF program must include appropriate risk‑based systems and controls for the reporting entity to determine whether, in addition to the KYC information referred to in paragraph 4.6.3, any other KYC information will be collected in respect of an association.
4.6.5 An AML/CTF program must include a procedure for the reporting entity to at a minimum:
(1) if the customer is an incorporated association ‑ verify from information provided by ASIC or by the State, Territory or overseas body responsible for the incorporation of the association or from the rules or constitution of the association or from a certified copy or certified extract of the rules or constitution of the association or from reliable and independent documents relating to the association or from reliable and independent electronic data:
(a) the full name of the incorporated association; and
(b) any unique identifying number issued to the incorporated association upon its incorporation; and
(2) if the customer notifies the reporting entity that he or she is a customer in his or her capacity as a member of an unincorporated association:
(a) verify the full name (if any) of the association from the rules or constitution of the association or from a certified copy or certified extract of the rules or constitution of the association or from reliable and independent documents relating to the association or from reliable and independent electronic data; and
(b) verify information about the member in accordance with the applicable customer identification procedure with respect to individuals set out in an AML/CTF program.
4.6.6 An AML/CTF program must include appropriate risk‑based systems and controls for the reporting entity to determine whether and to what extent, in addition to the KYC information referred to in paragraph 4.6.5, any other KYC information collected in respect of the association should be verified.
Methods of verification
4.6.7 Subject to paragraph 4.6.8, an AML/CTF program must require that the verification of information about an association be based on:
(1) the constitution or rules of the association or a certified copy or certified extract of the constitution or rules of the association;
(2) the minutes of meeting of the association or a certified copy or certified extract of minutes of meeting of the association;
(3) in the case of an incorporated association, information provided by ASIC or by the State, Territory or overseas body responsible for the incorporation of the association;
(4) reliable and independent documents relating to the association;
(5) reliable and independent electronic data; or
(6) a combination of (1)–(5) above.
4.6.8 For the purposes of subparagraph 4.6.7(4), ‘reliable and independent documents relating to the association’ includes a disclosure certificate that verifies information about an association where:
(1) the verification is for the purposes of a procedure of the kind described in paragraph 4.6.6 of these Rules; and
(2) the information to be verified is not otherwise reasonably available from the sources described in paragraph 4.6.7.
Responding to discrepancies
4.6.9 An AML/CTF program must include appropriate risk‑based systems and controls for the reporting entity to respond to any discrepancy that arises in the course of verifying information about an association so that the reporting entity can determine whether it is reasonably satisfied about the matters referred to in subparagraphs 4.6.2(1) and (2).
Part 4.7 Applicable customer identification procedure with respect to registered co‑operatives
4.7.1 In so far as a reporting entity has any customer who is a registered co‑operative, an AML/CTF program must comply with the requirements specified in Part 4.7 of these Rules.
4.7.2 An AML/CTF program must include appropriate risk‑based systems and controls that are designed to enable the reporting entity to be reasonably satisfied, where a customer notifies the reporting entity that it is a registered co‑operative, that:
(1) the co‑operative exists; and
(2) the names of the chairman, secretary or equivalent officer in each case of the co‑operative have been provided.
Collection and verification of information
4.7.3 An AML/CTF program must include a procedure for the reporting entity to collect, at a minimum, the following KYC information about a registered co‑operative:
(1) the full name of the co‑operative;
(2) the full address of the co‑operative’s registered office or principal place of operations (if any) or the residential address of the co‑operative’s secretary or (if there is no such person) the co‑operative’s president or treasurer;
(3) any unique identifying number issued to the co‑operative upon its registration by the State, Territory or overseas body responsible for the registration of the co‑operative; and
(4) the full name of the chairman, secretary and treasurer or equivalent officer in each case of the co‑operative.
4.7.4 An AML/CTF program must include appropriate risk‑based systems and controls for the reporting entity to determine whether, in addition to the information referred to in paragraph 4.7.3, any other KYC information will be collected in respect of a registered co‑operative.
4.7.5 An AML/CTF program must include a procedure for the reporting entity to, at a minimum, verify from information provided by ASIC or by the State, Territory or overseas body responsible for the registration of the co‑operative or from any register maintained by the co‑operative or a certified copy or certified extract of any register maintained by the co‑operative or from reliable and independent documents relating to the co‑operative or from reliable and independent electronic data:
(1) the full name of the co‑operative; and
(2) any unique identifying number issued to the co‑operative upon its registration.
4.7.6 An AML/CTF program must include appropriate risk‑based systems and controls for the reporting entity to determine whether and to what extent, in addition to the KYC information referred to in paragraph 4.7.5, any other KYC information relating to the registered co‑operative should be verified.
Methods of verification
4.7.7 Subject to paragraph 4.7.8, an AML/CTF program must require that the verification of information about a registered co‑operative be based on:
(1) any register maintained by the co‑operative or a certified copy or certified extract of any register maintained by the co‑operative;
(2) any minutes of meeting of the co‑operative or a certified copy or certified extract of any minutes of meeting of the co‑operative;
(3) information provided by the State, Territory or overseas body responsible for the registration of the co‑operative;
(4) reliable and independent documents relating to the co‑operative;
(5) reliable and independent electronic data; or
(6) a combination of (1)–(5) above.
4.7.8 For the purposes of subparagraph 4.7.7(4), ‘reliable and independent documents relating to the co‑operative’ includes a disclosure certificate that verifies information about a registered co‑operative where:
(1) the verification is for the purposes of a procedure of the kind described in paragraph 4.7.7 of these Rules; and
(2) the information to be verified is not otherwise reasonably available from the sources described in paragraph 4.7.7.
Responding to discrepancies
4.7.9 An AML/CTF program must include appropriate risk‑based systems and controls for the reporting entity to respond to any discrepancy that arises in the course of verifying information about a registered co‑operative so that the reporting entity can determine whether it is reasonably satisfied about the matters referred to in subparagraphs 4.7.2(1) and (2).
Part 4.8 Applicable customer identification procedure with respect to government bodies
4.8.1 In so far as a reporting entity has any customer who is a government body an AML/CTF program must comply with the requirements specified in Part 4.8 and (in so far as they are applicable) Parts 4.9 and 4.10.
4.8.2 An AML/CTF program must include appropriate risk‑based systems and controls that are designed to enable the reporting entity to be reasonably satisfied, where a customer notifies the reporting entity that it is a government body, that:
(1) the government body exists; and
(2) in the case of certain kinds of government bodies – information about the beneficial owners of the government body has been provided, where sought by the reporting entity.
Collection and verification of information
4.8.3 An AML/CTF program must include a procedure for the reporting entity to collect, at a minimum, the following KYC information about a government body:
(1) the full name of the government body;
(2) the full address of the government body’s principal place of operations;
(3) whether the government body is an entity or emanation, or is established under legislation, of the Commonwealth; and
(4) whether the government body is an entity or emanation, or is established under legislation, of a State, Territory, or a foreign country and the name of that State, Territory or country.
4.8.4 An AML/CTF program must include appropriate risk‑based systems and controls for the reporting entity to determine whether, in addition to the KYC information referred to in paragraph 4.8.3 above, any other KYC information will be collected in respect of a government body.
4.8.5 An AML/CTF program must include a procedure for the reporting entity to verify the information collected under paragraph 4.8.3 from reliable and independent documentation, reliable and independent electronic data or a combination of both.
4.8.6 An AML/CTF program must include appropriate risk‑based systems and controls for the reporting entity to determine whether, in addition to carrying out the procedure described in paragraph 4.8.5, any KYC information collected under paragraph 4.8.4 should be verified.
Beneficial ownership in respect of foreign government entities
4.8.7 An AML/CTF program must include appropriate risk‑based systems and controls for the reporting entity to determine whether to collect any KYC information about the ownership or control of a government body that is an entity or emanation, or is established under legislation, of a foreign country.
4.8.8 An AML/CTF program must include appropriate risk‑based systems and controls for the reporting entity to determine whether to verify any KYC information collected pursuant to a procedure of the kind described in paragraph 4.8.7 from reliable and independent documentation, reliable and independent electronic data or a combination of both.
Responding to discrepancies
4.8.9 An AML/CTF program must include appropriate risk‑based systems and controls for the reporting entity to respond to any discrepancy that arises in the course of verifying information about a government body so that the reporting entity can determine whether it is reasonably satisfied about the matters referred to in subparagraphs 4.8.2(1) and (2).
Part 4.9 Verification from documentation
Verification with respect to individuals
4.9.1 In so far as an AML/CTF program provides for the verification of KYC information about an individual by means of reliable and independent documentation, an AML/CTF program must comply with the requirements specified in paragraphs 4.9.2 and 4.9.3.
4.9.2 An AML/CTF program must require that the reporting entity be satisfied that any document from which the reporting entity verifies KYC information about an individual has not expired (other than in the case of a passport issued by the Commonwealth that expired within the preceding two years).
4.9.3 An AML/CTF program must include appropriate risk‑based systems and controls for the reporting entity to determine:
(1) what reliable and independent documentation the reporting entity will require for the purpose of verifying the individual’s name and date of birth and/or residential address (as the case may be);
(2) if any other KYC information about an individual is to be verified – what reliable and independent documentation may be used to verify that information;
(3) whether, and in what circumstances, the reporting entity is prepared to rely upon a copy of a reliable and independent document;
(4) in what circumstances a reporting entity will take steps to determine whether a document produced about an individual may have been forged, tampered with, cancelled or stolen and, if so, what steps the reporting entity will take to establish whether or not the document has been forged, tampered with, cancelled or stolen;
(5) whether the reporting entity will use any authentication service that may be available in respect of a document; and
(6) whether, and how, to confirm KYC information about an individual by independently initiating contact with the person that the individual claims to be.
Verification with respect to persons other than individuals
4.9.4 In so far as an AML/CTF program provides for the verification of KYC information about a customer who is not an individual by means of reliable and independent documentation, an AML/CTF program must comply with the requirements specified in paragraph 4.9.5.
4.9.5 An AML/CTF program must include appropriate risk‑based systems and controls for the reporting entity to determine:
(1) what and how many reliable and independent documents the reporting entity will use for the purpose of verification;
(2) whether a document is sufficiently contemporaneous for use in verification;
(3) whether, and in what circumstances, the reporting entity is prepared to rely upon a copy of a reliable and independent document;
(4) in what circumstances the reporting entity will take steps to determine whether a document produced about a customer may have been cancelled, forged, tampered with or stolen and, if so, what steps the reporting entity will take to establish whether or not the document has been cancelled, forged, tampered with or stolen;
(5) whether the reporting entity will use any authentication service that may be available in respect of a document; and
(6) whether, and how, to confirm information about a customer by independently initiating contact with the customer.
Part 4.10 Verification from reliable and independent electronic data
4.10.1 In so far as an AML/CTF program provides for the verification of KYC information collected about a customer by means of reliable and independent electronic data, an AML/CTF program must comply with the requirements specified in paragraph 4.10.2.
4.10.2 An AML/CTF program must include appropriate risk‑based systems and controls for the reporting entity to determine:
(1) whether the electronic data is reliable and independent, taking into account the following factors:
(a) the accuracy of the data;
(b) how secure the data is;
(c) how the data is kept up‑to‑date;
(d) how comprehensive the data is (for example, by reference to the range of persons included in the data and the period over which the data has been collected);
(e) whether the data has been verified from a reliable and independent source;
(f) whether the data is maintained by a government body or pursuant to legislation; and
(g) whether the electronic data can be additionally authenticated; and
(2) what reliable and independent electronic data the reporting entity will use for the purpose of verification;
(3) the reporting entity’s pre‑defined tolerance levels for matches and errors; and
(4) whether, and how, to confirm KYC information collected about a customer by independently initiating contact with the person that the customer claims to be.
Part 4.11 Agents of customers
Agents of customers who are individuals
4.11.1 For the purposes of paragraph 89(1)(b) and 89(2)(b) of the AML/CTF Act, paragraphs 4.11.2 to 4.11.4 of these Rules apply in relation to an agent of a customer who is an individual where that agent is authorised to act for or on behalf of the customer in relation to a designated service.
4.11.2 An AML/CTF program must include a procedure for the reporting entity to collect, at a minimum, the following information and documentation (if any) about the customer:
(1) the full name of each individual who purports to act for or on behalf of the customer with respect to the provision of a designated service by the reporting entity; and
(2) evidence (if any) of the customer’s authorisation of any individual referred to in subparagraph 4.11.2(1).
4.11.3 An AML/CTF program must include appropriate risk‑based systems and controls for the reporting entity to determine whether, and to what extent, it should verify the identity of any of the individuals referred to in subparagraph 4.11.2(1).
4.11.4 An AML/CTF program must require the reporting entity to have regard to the ML/TF risk relevant to the provision of the designated service for the purposes of determining whether, and to what extent, it should verify the identity of any of the individuals referred to in paragraph 4.11.2(1).
4.11.5 For the purposes of paragraph 89(1)(b) and 89(2)(b)of the AML/CTF Act, paragraphs 4.11.6 to 4.11.8 of these Rules apply in relation to an agent of a customer who is not acting in his or her capacity as an individual where that agent is authorised to act for or on behalf of the customer in relation to a designated service.
4.11.6 An AML/CTF program must include a procedure for the reporting entity to collect, at a minimum, the following information and documentation about the customer:
(1) the full name of each individual who purports to act for or on behalf of the customer with respect to the provision of a designated service by the reporting entity; and
(2) evidence of the customer’s authorisation of any individual referred to in subparagraph 4.11.6(1).
4.11.7 An AML/CTF program must include appropriate risk‑based systems and controls for the reporting entity to determine whether, and to what extent, it should verify the identity of any of the individuals referred to in subparagraph 4.11.6(1).
4.11.8 An AML/CTF program must require the reporting entity to have regard to the ML/TF risk relevant to the provision of the designated service for the purposes of determining whether, and to what extent, it should verify the identity of any of the individuals referred to in subparagraph 4.11.6(1).
Verifying officers and agents of non‑natural customers
4.11.9 An AML/CTF program may provide for an agent of a customer who is a non‑natural person to be identified by the customer’s verifying officer, provided the requirements in paragraphs 4.11.12 to 4.11.13 are met.
4.11.10 In so far as:
(1) an AML/CTF program provides for an agent of a non‑natural customer to be identified by a verifying officer; and
(2) the requirements in paragraphs 4.11.12 to 4.11.13 of these Rules are met;
an AML/CTF program need not apply the requirements in 4.11.6 to 4.11.8 of these Rules in relation to that agent.
Appointment of a verifying officer
4.11.11 A verifying officer is a person appointed by a customer to act as a verifying officer for the purposes of these Rules. A person may be appointed as a verifying officer if he or she is an employee, agent or contractor of the customer.
Identification by a verifying officer
4.11.12 Where an AML/CTF program provides for an agent to be identified by a verifying officer, an AML/CTF program must include a requirement for:
(1) the agent to be identified by the customer’s verifying officer in accordance with paragraph 4.11.13 of these Rules;
(2) the verifying officer to be identified and verified by the reporting entity in accordance with the requirements specified in Chapter 4 of these Rules;
(3) the reporting entity to be provided with evidence of the customer’s authorisation of the verifying officer to act as a verifying officer;
(4) the verifying officer to make and for the customer to retain, a record of all matters collected pursuant to paragraph 4.11.13; and
(5) the verifying officer to provide the following to the reporting entity:
(a) the full name of the agent; and
(b) a copy of the signature of the agent.
4.11.13 A verifying officer will be taken to have identified an agent if he or she has collected the following:
(1) the full name of the agent;
(2) the title of the position or role held by the agent with the customer;
(3) a copy of the signature of the agent; and
(4) evidence of the agent’s authorisation to act on behalf of the customer.
Part 4.12 Collection and Verification of Beneficial Owner information
4.12.1 An AML/CTF program must include appropriate systems and controls for the reporting entity to determine the beneficial owner of each customer and carry out the following, either before the provision of a designated service to the customer or as soon as practicable after the designated service has been provided:
(1) collect, (including from the customer, where applicable) and take reasonable measures to verify:
(a) each beneficial owner’s full name, and
(b) the beneficial owner’s date of birth; or
(c) the beneficial owner’s full residential address.
4.12.2 The requirements of paragraph 4.12.1 may be modified:
(1) for a customer who is an individual, the reporting entity may assume that the customer and the beneficial owner are one and the same, unless the reporting entity has reasonable grounds to consider otherwise;
(2) for a customer who is:
(a) a company which is verified under the simplified company verification procedure under paragraph 4.3.8 of these Rules;
(b) a trust which is verified under the simplified trustee verification procedure under paragraph 4.4.8 of these Rules;
(c) an Australian Government Entity; or
(d) a foreign listed public company, or a majority-owned subsidiary of such a company, subject to disclosure requirements (whether by stock exchange rules or through law or enforceable means) that ensure transparency of beneficial ownership;
then,
(e) paragraph 4.12.1 need not be applied.
Note: The terms ‘foreign company’, ‘listed public company’ and ‘foreign listed public company’ are defined in Chapter 1 of the AML/CTF Rules.
4.12.3 An AML/CTF program must include appropriate risk-based systems and controls for the reporting entity to determine whether, in addition to the information referred to in paragraph 4.12.1 above, any other information will be collected and verified about any beneficial owner.
Note: Reporting entities should consider the requirements in the Privacy Act 1988 relating to the collection and handling of information about beneficial owners.
Verification
4.12.4 An AML/CTF program must require that the verification of information collected about each beneficial owner of a customer be based on:
(1) reliable and independent documentation;
(2) reliable and independent electronic data; or
(3) a combination of (1) and (2) above.
Safe harbour procedure where ML/TF risk of the beneficial owner is medium or lower
4.12.5 Paragraph 4.12.7 sets out one procedure for documentation‑based verification (subparagraphs 4.12.7(2) and (3)) and electronic verification (subparagraph 4.12.7(4)) which a reporting entity may include in its AML/CTF program to comply with its obligations under paragraph 4.12.1 of these Rules where the customer and the beneficial owner of the customer is of medium or lower ML/TF risk. Paragraph 4.12.7 does not preclude a reporting entity from meeting the verification requirements of paragraph 4.12.1 of these Rules in another way where the beneficial owners of the customer are of medium or lower ML/TF risk.
4.12.6 Paragraph 4.12.7 is not applicable if any beneficial owner is a foreign politically exposed person.
4.12.7 An AML/CTF program that requires the reporting entity to do the following will be taken to meet the requirements of paragraph 4.12.1 of these Rules in respect of the beneficial owners of a customer, where a reporting entity determines that the relationship with that customer and the beneficial owner is of medium or lower risk:
(1) collect the information described in paragraph 4.12.1 in regard to each beneficial owner;
Documentation-based safe harbour procedure
(2) verify each beneficial owner’s full name and either the beneficial owner’s full residential address or date of birth, or both, from:
(a) an original or certified copy of a primary photographic identification document; or
(b) both:
(i) an original or certified copy of a primary non‑photographic identification document; and
(ii) an original or certified copy of a secondary identification document; and
(3) verify the document produced by the customer in regard to each beneficial owner has not expired (other than in the case of a passport issued by the Commonwealth that expired within the preceding two years);
Electronic-based safe harbour procedure
(4) verify each beneficial owner’s full name and either the beneficial owner’s full residential address or date of birth, or both, using reliable and independent electronic data from at least two separate data sources.
Responding to discrepancies
4.12.8 An AML/CTF program must include appropriate risk-based systems and controls for the reporting entity to respond to any discrepancy that arises in the course of verifying information collected about each beneficial owner so that the reporting entity can determine that it is reasonably satisfied that each beneficial owner is the person that the customer claims they are.
Procedure to follow where unable to determine the identity of the beneficial owner
4.12.9 If the reporting entity is unable to ascertain a beneficial owner, the reporting entity must identify and take reasonable measures to verify:
(1) for a company (other than a company which is verified under the simplified company verification procedure under paragraph 4.3.8 of these Rules) or a partnership, any individual who:
(a) is entitled (either directly or indirectly) to exercise 25% or more of the voting rights, including a power of veto, or
(b) holds the position of senior managing official (or equivalent);
(2) for a trust (other than a trust which is verified under the simplified trustee verification procedure under paragraph 4.4.8 of these Rules), any individual who holds the power to appoint or remove the trustees of the trust;
(3) for an association or a registered co-operative, any individual who:
(a) is entitled (either directly or indirectly) to exercise 25% or more of the voting rights including a power of veto, or
(b) would be entitled on dissolution to 25% or more of the property of the association or registered co-operative, or
(c) holds the position of senior managing official (or equivalent).
Note: In addition to the verification procedures set out in Part 4.12, a reporting entity may be able to use a disclosure certificate. Details regarding disclosure certificates are set out in Chapter 30 of the AML/CTF Rules.
Part 4.13 Collection and Verification of Politically Exposed Person information
4.13.1 An AML/CTF program must include appropriate risk-management systems to determine whether a customer or beneficial owner is a politically exposed person. The determination must occur either before the provision of a designated service to the customer or as soon as practicable after the designated service has been provided. If it is determined that the customer or beneficial owner is a politically exposed person, the reporting entity must carry out the applicable steps in this Part.
4.13.2 An AML/CTF program must include appropriate risk-management systems for the reporting entity to undertake each of the following steps for domestic politically exposed persons and international organisation politically exposed persons:
(1) in the case of a beneficial owner, comply with the identification requirements specified in paragraphs 4.2.3 to 4.2.9 of these Rules as if the politically exposed person was the customer; and
(2) determine whether the person is of high ML/TF risk; and
(3) if the person is determined to be of high ML/TF risk, then, in addition to the action specified in subparagraph 4.13.2(1), carry out the actions specified in subparagraphs 4.13.3(2), (3) and (4).
4.13.3 An AML/CTF program must include appropriate risk-management systems for the reporting entity to undertake each of the following steps for foreign politically exposed persons and for high ML/TF risk domestic or international organisation politically exposed persons:
(1) in the case of a beneficial owner, comply with the identification requirements specified in paragraphs 4.2.3 to 4.2.9 of these Rules as if the politically exposed person was the customer; and
(2) obtain senior management approval before establishing or continuing a business relationship with the individual and before the provision, or continued provision, of a designated service to the customer;
(3) take reasonable measures to establish the politically exposed person’s source of wealth and source of funds; and
(4) comply with the obligations in Chapter 15 of these Rules.
4.13.4 An AML/CTF program must include appropriate risk-based systems and controls for the reporting entity to respond to any discrepancy that arises in the course of verifying information collected about a politically exposed person, so that the reporting entity can be reasonably satisfied that the politically exposed person is the person that he or she claims to be.
Note: Reporting entities should consider the requirements in the Privacy Act 1988 relating to the collection and handling of sensitive information about politically exposed persons.
Part 4.14 Exemptions relating to the identification of beneficial owners and politically exposed persons
4.14.1 The requirements in Parts 4.12 and 4.13 of these Rules do not apply to a reporting entity which:
(1) provides a designated service of the type specified in Column 1; and
(2) is exempt from Division 4 of Part 2 of the AML/CTF Act in accordance with the circumstances and conditions of the AML/CTF Act or AML/CTF Rules specified in Column 2;
of the following table:
Column 1 – Relevant designated service in subsection 6(2), 6(3) or 6(4) of the AML/CTF Act | Column 2 – AML/CTF Act and AML/CTF Rules references relevant to the exemptions |
| Multiple tables – Financial Services, Bullion and Gambling services | |
| Any of the designated services in tables 1, 2 or 3 | Chapter 28 – Applicable customer identification procedures in certain circumstances – assignment, conveyance, sale or transfer of businesses |
| Any of the designated services in tables 1, 2, or 3 | Chapter 50 – Exemption from applicable customer identification procedure in certain circumstances |
| Item 50 of table 1 or item 14 of table 3 | Paragraph 14.4 in Chapter 14 – Thresholds for certain designated services |
| Table 1 – Financial Services | |
| Any of the designated services | Chapter 66 – Applicable customer identification procedures in certain circumstances – compulsory partial or total transfer of business made under the Financial Sector (Business Transfer and Group Restructure) Act 1999 |
| Items 40, 42 or 44 | Subsection 39(6) |
| Items 2 or 3 | Chapter 35 – Exemption from applicable customer identification procedures for correspondent banking relationships |
| Items 6 or 7 | Chapter 39 – Exemption from applicable customer identification procedures – premium funding loans for a general insurance policy |
| Items 6, 7, 8, 31 and 32 | Chapter 45 – Debt collection |
| Item 17 | Paragraph 14.2 in Chapter 14 – Thresholds for certain designated services |
| Items 25 or 26 | Paragraph 14.3 in Chapter 14 – Thresholds for certain designated services |
| Item 33 | Chapter 38 – Exemption from applicable customer identification procedures for the sale of shares for charitable purposes |
| Item 33 | Chapter 49 – International Uniform Give-Up Agreements |
| Items 35 or 46 | Chapter 67 – Warrants |
| Item 43(a) | Part 41.2 in Chapter 41 – Exemption from applicable customer identification procedures – cashing out of low value superannuation funds and for the Departing Australia Superannuation Payment |
| Items 43 or 45 | Part 41.3 in Chapter 41 – Exemption from applicable customer identification procedures – cashing out of low value superannuation funds and for the Departing Australia Superannuation Payment |
| Table 2 – Bullion | |
| Items 1 or 2 | Chapter 33 – Applicable customer identification procedure for purchases and sales of bullion valued at less than $5000 |
| Table 3 – Gambling services | |
| Items 5, 6, 9 and 10 | Chapter 52 – Persons who are licensed to operate no more than 15 gaming machines |
Part 4.15 Procedure to follow where a customer cannot provide satisfactory evidence of identity
Reporting entities may rely on Part 4.15 in limited and exceptional cases where a person does not possess, and is unable to obtain, the necessary information or evidence of identity. This may include: individuals whose birth was not registered, people who are homeless, those who are experiencing or have experienced family and domestic violence, undocumented arrivals in Australia, people living in remote areas, people who are transgender or intersex, people affected by natural disasters, people with limited access to identity documents (for example because they were raised in institutional or foster care), people with limited participation in society, and young people or those over 18 who have not established a ‘social footprint’ in the community.
Reporting entities may also rely on Part 4.15 where a person possesses, but is unable to produce or provide, the necessary information or evidence of identity due to measures implemented or recommended by government, or reasonable measures that a person or reporting entity has adopted, to prevent the spread of COVID-19. This may include customers who are in self‑isolation, businesses that have temporarily shut down, and reporting entities that have closed offices/branches and restricted customer visits to limit face‑to‑face interaction with customers.
4.15.1 If a reporting entity is unable to establish the identity of a customer using the applicable customer identification requirements specified in Chapter 4 of the AML/CTF Rules because the customer does not possess, and is unable to obtain, the necessary information or evidence of identity, then it may use alternative identity proofing processes, in accordance with its risk-based systems and controls, to do so.
Alternative identity proofing processes during the COVID-19 Pandemic
4.15.1A If a reporting entity is unable to establish the identity of a customer using the applicable customer identification requirements specified in Chapter 4 of the AML/CTF Rules because the customer possesses, but is unable to produce or provide, the necessary information or evidence of identity due to COVID-19 Pandemic measures, then it may use alternative identity proofing processes, in accordance with its risk-based systems and controls, to do so.
Note: Alternative identify proofing processes could include, but are not limited to, acceptance of multiple types of secondary identification documents where normally a primary identification document would be required.
4.15.2 If a reporting entity is unable to establish the identity of a customer in accordance with paragraph 4.15.1 or 4.15.1A, then it may accept a self-attestation from the customer certifying that the information provided in relation to their identity is true and correct.
4.15.3 A reporting entity must apply appropriate levels of ongoing customer due diligence in order to identify, mitigate and manage any ML/TF risk associated with customer identities established using self-attestation.
4.15.4 A reporting entity must not rely on a self-attestation if it knows or has reason to believe that it is incorrect or misleading.
Note: Customers and reporting entities seeking to rely on self-attestation to establish identity should be aware that criminal or civil penalties may apply under Part 12 of the AML/CTF Act for providing false or misleading information, producing false or misleading documents, and for providing or receiving a designated service using a false customer name.
Alternative verification processes during the COVID-19 Pandemic
4.15.5 If a reporting entity is required, in accordance with its applicable customer identification procedure, to verify information based on the original, or a certified copy or certified extract, of a document but cannot do so because of COVID-19 Pandemic measures, then it may rely on a copy of the document in accordance with its risk-based systems and controls.
4.15.6 In this Part, ‘COVID‑19 Pandemic measures’ means any:
(1) measures implemented or recommended by an Australian government body;
(2) reasonable measures adopted by a reporting entity; or
(3) reasonable measures adopted by a person;
to prevent the spread of COVID-19.
Note: ‘Reasonable measures’ include those adopted in a foreign country where the person, or a permanent establishment of a reporting entity or subsidiary, is located.
Reporting entities should note that in relation to activities they undertake to comply with the AML/CTF Act, they will have obligations under the Privacy Act 1988, including the requirement to comply with the Australian Privacy Principles, even if they would otherwise be exempt from the Privacy Act. For further information about these obligations, please go to http://www.oaic.gov.au or call 1300 363 992.
CHAPTER 5
Part 5.1 Special anti‑money laundering and counter‑terrorism financing (AML/CTF) program
5.1.1 These Anti‑Money Laundering and Counter‑Terrorism Financing Rules (Rules) are made pursuant to section 229 of the Anti‑Money Laundering and Counter‑Terrorism Financing Act 2006 (AML/CTF Act) for the purposes of paragraphs 36(1)(b) and 86(1)(c) and sections 106, 107 and 108 of that Act. They specify the requirements with which a special AML/CTF program must comply. This Chapter commences on 1 June 2014.
5.1.2 A reporting entity must have a special AML/CTF program where all of the designated services it provides are covered by item 54 of table 1 in section 6 of the AML/CTF Act. The sole or primary purpose of a special program is to set out the reporting entity’s applicable customer identification procedures. Chapter 5 does not apply to pre‑commencement customers.
Part 5.2 Applicable customer identification procedures in relation to special AML/CTF program
5.2.1 The requirements with which a special AML/CTF program must comply are the requirements that are specified in the Rules in Chapter 4 for an AML/CTF program.
5.2.2 For the avoidance of doubt, the requirements specified in the Rules in Chapter 4 apply with respect to a special AML/CTF program as if any reference in those paragraphs to an AML/CTF program includes a reference to ‘a special AML/CTF program’.
5.2.3 Paragraphs 4.11.1 and 4.11.5 of the Rules in Chapter 4 apply with respect to a special AML/CTF Program as if the rule were made under paragraph 89(3)(b) of the AML/CTF Act.
Reporting entities should note that in relation to activities they undertake to comply with the AML/CTF Act, they will have obligations under the Privacy Act 1988, including the requirement to comply with the Australian Privacy Principles, even if they would otherwise be exempt from the Privacy Act. For further information about these obligations, please go to http://www.oaic.gov.au or call 1300 363 992.
CHAPTER 6 Verification of identity
Part 6.1 Re-verification of KYC information
6.1.1 This Part is made for subparagraph 35(1)(b) and subsection 35(2) of the Act.
6.1.2 A reporting entity must take the action set out in paragraph 6.1.3 if:
(1) the reporting entity suspects on reasonable grounds that the customer is not the person that customer claims to be; or
(2) the reporting entity has doubts about the veracity or adequacy of documents or information previously obtained for the purpose of identifying or verifying:
(a) the customer; and
(b) the beneficial owner of the customer (if any); and
(c) a person purporting to act on behalf of the customer (if any).
6.1.3 The reporting entity must, as soon as practicable, take reasonable measures to:
(1) obtain and verify additional KYC information; or
(2) update and verify existing KYC information;
so that the reporting entity is reasonably satisfied that the customer, beneficial owner or person purporting to act on behalf of the customer is the person that the customer, beneficial owner or person purporting to act on behalf of the customer claims to be.
Note: A reporting entity is not required to take any measures that would contravene the tipping off offence in section 123 of the Act.
Part 6.2 Verification of identity of pre-commencement customers
6.2.1 This Part is made for subsection 29(2) of the Act.
6.2.2 If a suspicious matter reporting obligation arises for a pre-commencement customer, the reporting entity must take one or more of the following actions as appropriate:
(1) carry out the applicable customer identification procedure unless the reporting entity has previously carried out, or been deemed to have carried out, that procedure or a comparable procedure;
(2) collect additional KYC information about the customer;
(3) verify the KYC information obtained under subparagraph (2) from reliable and independent sources;
so that the reporting entity is reasonably satisfied that the customer is the person that the customer claims to be.
6.2.3 The reporting entity must take the required action or actions as soon as practicable after the day on which the suspicious matter reporting obligation arose.
Note: A reporting entity is not required to take any measures that would contravene the tipping off offence in section 123 of the Act.
Part 6.3 Verification of identity of low-risk service customers
6.3.1 This Part is made for subsection 31(2) of the Act.
6.3.2 If a suspicious matter obligation arises for a low-risk service customer, the reporting entity must take one or more of the following actions as appropriate:
(1) carry out the applicable customer identification procedure unless the reporting entity has previously carried out, or been deemed to have carried out, that procedure or a comparable procedure;
(2) collect additional KYC information about the customer;
(3) verify the KYC information obtained under subparagraph (2) from reliable and independent sources;
so that the reporting entity is reasonably satisfied that the customer is the person that the customer claims to be.
6.3.3 The reporting entity must take the required action or actions as soon as practicable after the day on which the suspicious matter reporting obligation arose.
Note: A reporting entity is not required to take any measures that would contravene the tipping off offence in section 123 of the Act.
CHAPTER 7 Reliance on third parties
Part 7.1 Reliance
7.1.1 This Part is made for paragraphs 37A(1)(a) and 38(b) of the Act.
Other procedures that may be relied on for customer identification
7.1.2 The procedures in paragraph 7.1.3 are prescribed.
7.1.3 Customer due diligence procedures (however described) that comply with one or more laws of a foreign country giving effect to the FATF Recommendations relating to customer due diligence and record-keeping and require the other person to:
(1) identify the customer and verify the customer’s identity using reliable and independent sources, so that the other person is satisfied that it knows who the customer is; and
(2) identify the beneficial owner of the customer and take reasonable measures to verify the identity of the beneficial owner, so that the other person is satisfied that it knows who the beneficial owner is; and
(3) identify a person acting on behalf of the customer and take reasonable steps to verify the person’s identity and authority to act on behalf of the customer, so that the other person is satisfied that it knows who the person is and that the person has authority to act on behalf of the customer.
Note 1: Country has meaning given by section 5 of the Act.
Note 2: A foreign country may include a region or regions. These regions may have a different risk profile to each other or the rest of the foreign country.
Part 7.2 Ongoing reliance under an agreement or arrangement
7.2.1 This Part is made for paragraph 37A(1)(b) and subsection 37B(1) of the Act.
Requirements relating to agreements or arrangements for reliance
7.2.2 The following requirements are prescribed:
(1) the written agreement or arrangement must:
(a) document the responsibilities of the first entity and the other person; and
(b) enable the first entity to obtain all required KYC information relating to the identity of:
(i) the customer; and
(ii) the beneficial owner of the customer (if any); and
(iii) a person acting on behalf of the customer (if any);
before commencing to provide a designated service to the customer; and
(c) enable the first entity to obtain a record of the applicable customer identification procedures or the other procedures (as specified in this paragraph) carried out by the other person to verify the identity of the customer, the beneficial owner of the customer or a person acting on behalf of the customer, and all relevant documents, data and information obtained by the other person in the course of carrying out those procedures (verification information):
(i) immediately, in accordance with terms of the agreement or arrangement relating to the management of relevant documents and electronic data relating to identification and verification; or
(ii) as soon as practicable following a request from the first entity to the other person; and
(d) be approved by the governing board or a senior managing official of the first entity;
(2) the first entity must determine:
(a) the type and level of money laundering, financing of terrorism or other serious crime risks that the first entity may reasonably be expected to face in its provision of designated services; and
(b) the nature, size, and complexity of the other person’s business, including its products, services, delivery channels, and customer types; and
(c) the level of money laundering, financing of terrorism or other serious crime risks in the country or countries in which the other person operates or resides;
(3) the other person must be:
(a) a reporting entity; or
(b) a foreign entity regulated by one or more laws of a foreign country giving effect to the FATF Recommendations relating to customer due diligence and record-keeping (equivalent CDD and record-keeping obligations);
(4) if the other person is a reporting entity, the other person must have measures in place to comply with their obligations under Parts 2 and 10 of the Act;
(5) if the other person is a foreign entity, the other person must have measures in place to comply with the equivalent CDD and record-keeping obligations.
Note: Paragraph 37A(2)(d) and section 32 require the first entity to obtain the KYC information referred to in subparagraph 7.2.2(1)(b) from the other person before commencing to provide a designated service.
Regular assessments of agreements or arrangements for reliance
7.2.3 The first entity must carry out regular assessments of the requirements prescribed by paragraph 7.2.2 to ensure that the other person is continuing to meet those requirements.
7.2.4 The assessments must be carried out by the first entity at regular intervals, having regard to:
(1) the type and level of money laundering, financing of terrorism or other serious crime risks faced by the first entity; and
(2) any material change in respect of a matter prescribed by subparagraphs 7.2.2(2)–(5);
but in any event, at least every two years.
Note: If the assessment conducted under paragraph 7.2.3 identifies that the requirements are not being met, the first entity cannot rely on procedures carried out by the other person until the first entity believes on reasonable grounds that the requirements of paragraph 7.2.2 are being met.
Part 7.3 Case-by-case reliance
7.3.1 This Part is made for paragraph 38(e) of the Act.
7.3.2 The first entity may rely on applicable customer identification procedures or other procedures (as prescribed by paragraph 7.1.2) carried out by the other person if:
(1) the other person satisfies the requirements in subparagraphs 7.2.2(3)–(5); and
(2) the other person has obtained all required KYC information relating to the identity of:
(a) the customer; and
(b) the beneficial owner of the customer (if any); and
(c) a person acting on behalf of the customer (if any);
before the first entity commences to provide a designated service to the customer; and
(3) the first entity has reasonable grounds to believe that the verification information will be:
(a) immediately available to the first entity under an agreement in place for the management of relevant documents and electronic data relating to identification and verification; or
(b) otherwise made available to the first entity as soon as practicable following receipt by the other person of a written request from the first entity, but in any event within 7 calendar days of the request being received.
Note : Subsection 38(c) and section 32 require the first entity to obtain the KYC information referred to in subparagraph 7.3.2(2) from the other person before commencing to provide a designated service.
7.3.3 A belief formed under paragraph 7.3.2 will only be reasonable if the first entity has considered the following factors:
(1) the type and level of money laundering, financing of terrorism or other serious crime risks that the first entity may reasonably be expected to face in its provision of the designated services to the customer;
(2) the level of money laundering, financing of terrorism or other serious crime risks in the country or countries in which the other person operates or resides;
(3) the nature, size, and complexity of the other person’s business, including its products, services, delivery channels, and customer types.
7.3.4 The first entity must make a written record that sets out how the first entity met the requirements in paragraphs 7.3.2 and 7.3.3.
Deemed compliance—reliance within a corporate or designed business group
7.3.5 The first entity is taken to comply with the requirements of paragraphs 7.3.2 and 7.3.3 if the following conditions are met:
(1) the first entity relies on the applicable customer identification procedures or other procedures (as specified in paragraph 7.1.2) carried out by another person who is a member of the same corporate group or designated business group;
(2) the first entity and the other person:
(a) apply a joint anti-money laundering and counter terrorism-financing program (AML/CTF program) or other group-wide measures relating to customer due diligence and record keeping; and
(b) have implemented a joint AML/CTF program or other group-wide anti-money laundering and counter terrorism-financing risk-based systems and controls consistent with the requirements of the relevant FATF Recommendations;
(3) any higher money laundering, financing of terrorism or serious crime risks in the country or countries in which the other person operates or resides are adequately identified, mitigated and managed by the joint AML/CTF program and risk-based systems and controls of the corporate group or designated business group;
(4) the implementation of the risk-based system and controls mentioned in subparagraphs (2) and (3) are supervised or monitored at a group-level by a body empowered by law to supervise and enforce equivalent CDD and record-keeping obligations.
Note 1: If the first entity relies on applicable customer identification procedures or other procedures (as prescribed by paragraph 7.1.2) undertaken by another person under Part 7.3, the first entity retains ultimate responsibility for ensuring that all relevant obligations relating to customer identification and verification, and ongoing due diligence under the Act and Rules are met.
Note 2: Reporting entities that collect information about a customer, beneficial owner of a customer, or person acting on behalf of a customer, from a third party will need to consider their obligation under Australian Privacy Principle (APP) 3. An APP entity must only collect personal information which is reasonably necessary for one or more of the entity’s functions or activities (see APP 3.8).
CHAPTER 8
Part 8.1 Part A of a standard anti‑money laundering and counter‑terrorism financing (AML/CTF) program
8.1.1 These Anti-Money Laundering and Counter-Terrorism Financing Rules (Rules) are made pursuant to section 229 and (in relation to these Rules in Parts 8.1 to 8.7 and 8.9) for the purposes of paragraphs 36(1)(b) and 84(2)(c) of the Anti-Money Laundering and Counter-Terrorism Financing Act 2006 (AML/CTF Act). Part 7 of the AML/CTF Act obliges a reporting entity to adopt and maintain an AML/CTF program relating to the provision of designated services. A standard AML/CTF program is a program that applies to a particular reporting entity. Standard AML/CTF programs are divided into Parts A and B.
8.1.2 The primary purpose of Part A of a standard AML/CTF program is to identify, manage and mitigate money laundering or terrorism financing (ML/TF) risk a reporting entity may reasonably face in relation to the provision by the reporting entity of designated services at or through a permanent establishment in Australia. These Rules set out the requirements with which Part A of a standard AML/CTF program must comply.
The risk‑based approach and ML/TF risk
8.1.3 Some of the requirements specified in these Rules may be complied with by a reporting entity putting in place appropriate risk‑based systems or controls. When determining and putting in place appropriate risk‑based systems or controls, the reporting entity must have regard to the nature, size and complexity of its business and the type of ML/TF risk that it might reasonably face.
8.1.4 For the purposes of these Rules, in identifying its ML/TF risk a reporting entity must consider the risk posed by the following factors:
(1) its customer types, including any politically exposed persons;
(2) the types of designated services it provides;
(3) the methods by which it delivers designated services; and
(4) the foreign jurisdictions with which it deals.
8.1.5 Part A must be designed to enable the reporting entity to:
(1) understand the nature and purpose of the business relationship with its customer types, including, as appropriate, the collection of information relevant to that understanding; and
(2) understand the control structure of non-individual customers;
(3) identify significant changes in ML/TF risk for the purposes of its Part A and Part B programs, including:
(a) risks identified by consideration of the factors in paragraph 8.1.4; and
(b) risks arising from changes in the nature of the business relationship, control structure, or beneficial ownership of its customers; and
(4) recognise such changes in ML/TF risk for the purposes of the requirements of its Part A and Part B programs; and
(5) identify, mitigate and manage any ML/TF risk arising from:
(a) all new designated services prior to introducing them to the market;
(b) all new methods of designated service delivery prior to adopting them;
(c) all new or developing technologies used for the provision of a designated service prior to adopting them; and
(d) changes arising in the nature of the business relationship, control structure or beneficial ownership of its customers.
8.1.6 Part A must include a requirement that, in determining what is an appropriate risk‑based procedure for inclusion in Part B of the reporting entity’s standard AML/CTF program, the reporting entity must have regard to ML/TF risk relevant to the provision of the designated service.
Application
8.1.7 Unless otherwise provided in the AML/CTF Act or these Rules, a reporting entity must apply Part A to all areas of its business that are involved in the provision of a designated service, including in relation to any function carried out by a third party.
Part 8.2 AML/CTF risk awareness training program
8.2.1 Part A must include an AML/CTF risk awareness training program that meets the requirements of paragraphs 8.2.2 to 8.2.3 below.
8.2.2 The AML/CTF risk awareness training program must be designed so that the reporting entity gives its employees appropriate training at appropriate intervals, having regard to ML/TF risk it may reasonably face.
8.2.3 The AML/CTF training program must be designed to enable employees to understand:
(1) the obligations of the reporting entity under the AML/CTF Act and Rules;
(2) the consequences of non‑compliance with the AML/CTF Act and Rules;
(3) the type of ML/TF risk that the reporting entity might face and the potential consequences of such risk; and
(4) those processes and procedures provided for by the reporting entity’s AML/CTF program that are relevant to the work carried out by the employee.
Part 8.3 Employee due diligence program
8.3.1 Part A must include an employee due diligence program that meets the requirements of paragraphs 8.3.2 to 8.3.4 of these Rules.
8.3.2 The employee due diligence program must put in place appropriate risk‑based systems and controls for the reporting entity to determine whether to, and in what manner to, screen any prospective employee who, if employed, may be in a position to facilitate the commission of a money laundering or financing of terrorism offence in connection with the provision of a designated service by the reporting entity.
8.3.3 The employee due diligence program must include appropriate risk‑based systems and controls for the reporting entity to determine whether to, and in what manner to, re‑screen an employee where the employee is transferred or promoted and may be in a position to facilitate the commission of a money laundering or financing of terrorism offence in connection with the provision of a designated service by the reporting entity.
8.3.4 The employee due diligence program must establish and maintain a system for the reporting entity to manage any employee who fails, without reasonable excuse, to comply with any system, control or procedure established in accordance with Part A or Part B.
Part 8.4 Oversight by boards and senior management
8.4.1 A reporting entity’s Part A program must be approved by its governing board and senior management. Part A must also be subject to the ongoing oversight of the reporting entity’s board and senior management. Where the reporting entity does not have a board, Part A must be approved and overseen by its chief executive officer or equivalent.
Part 8.5 AML/CTF Compliance Officer
8.5.1 Part A must provide for the reporting entity to designate a person as the ‘AML/CTF Compliance Officer’ at the management level. The AML/CTF Compliance Officer may have other duties.
Part 8.6 Independent review
8.6.1 Part A must be subject to regular independent review.
8.6.2 The frequency of the review should take into account the nature, size and complexity of a reporting entity’s business, and the type and level of ML/TF risk it might face.
8.6.3 While the review may be carried out by either an internal or external party, the person appointed to conduct the review must not have been involved in undertaking any of the functions or measures being reviewed, including:
(1) the design, implementation, or maintenance of Part A of a reporting entity’s AML/CTF program; or
(2) the development of a reporting entity’s risk assessment or related internal controls.
8.6.4 The reporting entity must be able to demonstrate the independence of the reviewer.
8.6.5 The purpose of the review should be to:
(1) assess the effectiveness of the Part A program having regard to the ML/TF risk of the reporting entity;
(2) assess whether the Part A program complies with these Rules;
(3) assess whether the Part A program has been effectively implemented; and
(4) assess whether the reporting entity has complied with its Part A program.
8.6.6 The results of the review, including any report prepared, must be provided to senior management and, where applicable, the governing board of the reporting entity.
Part 8.7 Incorporation of feedback and guidance on ML/TF risks from AUSTRAC
8.7.1 In developing and updating Part A of an AML/CTF program, a reporting entity must take into account:
(1) any applicable guidance material disseminated or published by AUSTRAC; and
(2) any feedback provided by AUSTRAC in respect of the reporting entity or the industry it operates in,
that is relevant to the identification, mitigation, and management of ML/TF risk arising from the provision of a designated service by that entity.
Part 8.8 Permanent establishments in a foreign country
8.8.1 The Rules in part 8.8 are made pursuant to section 229 of the AML/CTF Act for the purposes of paragraph 84(2)(b) of that Act. The Rules in part 8.8 apply to a reporting entity in respect of any permanent establishment in a foreign country at or through which it provides designated services.
8.8.2 Subject to 8.8.3 below, Part A of a reporting entity’s AML/CTF program must include systems and controls that meet the obligations under the AML/CTF Act that apply to the provision by the reporting entity of designated services at or through a permanent establishment of the reporting entity in a foreign country.
8.8.3 Where a reporting entity’s permanent establishment in a foreign jurisdiction is regulated by anti‑money laundering and counter‑terrorism financing laws comparable to Australia, only minimal additional systems and controls need to be considered.
8.8.4 The requirements in parts 8.4 to 8.7 of these Rules apply in relation to a permanent establishment in a foreign country at or through which a reporting entity provides designated services. The requirements in parts 8.1 to 8.3 of these Rules do not apply in relation to a permanent establishment in a foreign country at or through which a reporting entity provides designated services.
Part 8.9 Reporting obligations
8.9.1 Part A of a reporting entity’s AML/CTF program must include:
(1) the obligations that apply to the reporting entity under sections 41, 43, 45 and 47 of the AML/CTF Act (reporting obligations); and
(2) appropriate systems and controls of the reporting entity designed to ensure compliance with the reporting obligations of the reporting entity; and
(3) the obligations that apply to the reporting entity under section 51F of the AML/CTF Act and Chapter 64 of the AML/CTF Rules; and
(4) where the reporting entity is a remittance dealer, the obligations that apply to the remittance dealer under section 75M of the AML/CTF Act (as applicable) to advise:
(a) the AUSTRAC CEO of material changes in circumstances and other specified circumstances under subsections 75M(1) and 75M(3) of the AML/CTF Act; or
(b) the registered remittance network provider of material changes in circumstances and other specified circumstances under subsection 75M(2) of the AML/CTF Act.
Note: Remittance dealers should also refer to Chapter 60 of the AML/CTF Rules which specifies the material changes to registration details which must be reported to the AUSTRAC CEO.
Reporting entities should note that in relation to activities they undertake to comply with the AML/CTF Act, they will have obligations under the Privacy Act 1988, including the requirement to comply with the Australian Privacy Principles, even if they would otherwise be exempt from the Privacy Act. For further information about these obligations, please go to http://www.oaic.gov.au or call 1300 363 992.
CHAPTER 9
Part 9.1 Part A of a joint anti‑money laundering and counter‑terrorism financing (AML/CTF) program
9.1.1 These Anti-Money Laundering and Counter-Terrorism Financing Rules (Rules) are made pursuant to section 229 and (in relation to these Rules in Parts 9.1 to 9.7 and 9.9) for the purposes of paragraphs 36(1)(b) and 85(2)(c) of the Anti-Money Laundering and Counter-Terrorism Financing Act 2006 (AML/CTF Act). Part 7 of the AML/CTF Act obliges a reporting entity to adopt and maintain an AML/CTF program relating to the provision of designated services. A joint AML/CTF program is a program that applies to each reporting entity that from time to time belongs to a designated business group. Joint AML/CTF programs are divided into Parts A and B.
9.1.2 The primary purpose of Part A of a joint AML/CTF program is to identify, manage and mitigate ML/TF risk faced by each reporting entity (in a designated business group) in relation to the provision by the reporting entity of designated services at or through a permanent establishment in Australia. These Rules set out the requirements with which Part A of a joint AML/CTF program must comply.
The risk‑based approach and ML/TF risk
9.1.3 Some of the requirements specified in these Rules may be complied with by putting in place appropriate risk‑based systems and controls. In determining and putting in place appropriate risk‑based systems and controls, Part A must have regard to the following factors in relation to each reporting entity in the designated business group:
(1) the nature, size and complexity of business; and
(2) the type of ML/TF risk that might be reasonably faced.
9.1.4 For the purposes of these Rules, in identifying the ML/TF risk, Part A must take account of the risk posed by the following factors in relation to each reporting entity in the designated business group:
(1) the customer types, including any politically exposed persons;
(2) the types of designated services provided;
(3) the methods by which designated services are delivered; and
(4) the foreign jurisdictions dealt with.
9.1.5 Part A must be designed to enable the group to:
(1) understand the nature and purpose of the business relationship with its customer types, including, as appropriate, the collection of information relevant to that understanding; and
(2) understand the control structure of non-individual customers;
(3) identify significant changes in ML/TF risk for the purposes of the group’s Part A and Part B programs, including:
(a) risks identified by consideration of the factors in paragraph 9.1.4; and
(b) risks arising from changes in the nature of the business relationship, control structure or beneficial ownership of its customers; and
(4) such changes in ML/TF risk to be recognised for the purposes of the requirements of the group’s Part A and Part B programs; and
(5) identify, mitigate and manage any ML/TF risk arising from:
(a) all new designated services prior to introducing them to the market;
(b) all new methods of designated service delivery prior to adopting them;
(c) all new or developing technologies used for the provision of a designated service prior to adopting them; and
(d) changes arising in the nature of the business relationship, control structure or beneficial ownership of its customers.
9.1.6 Part A must include a requirement that, in determining what is an appropriate risk‑based procedure for inclusion in Part B of the reporting entity’s joint AML/CTF program, the reporting entity must have regard to ML/TF risk relevant to the provision of the designated service.
Application
9.1.7 Unless otherwise provided in the AML/CTF Act or these Rules, each reporting entity in the designated business group must apply Part A to all areas of its business that are involved in the provision of a designated service, including in relation to any function carried out by a third party.
Part 9.2 AML/CTF risk awareness training program
9.2.1 Part A must include an AML/CTF risk awareness training program that meets the requirements of paragraphs 9.2.2 and 9.2.3 below.
9.2.2 The AML/CTF risk awareness training program must be designed so that each reporting entity gives its employees appropriate training at appropriate intervals, having regard to ML/TF risk it may reasonably face.
9.2.3 The AML/CTF training program must be designed to enable employees to understand:
(1) the obligations of the reporting entity under the AML/CTF Act and Rules;
(2) the consequences of non‑compliance with the AML/CTF Act and Rules;
(3) the type of ML/TF risk that the reporting entity might face and the potential consequences of such risk; and
(4) those processes and procedures provided for by the reporting entity’s AML/CTF program that are relevant to the work carried out by the employee.
Part 9.3 Employee due diligence program
9.3.1 Part A must include an employee due diligence program that meets the requirements of paragraphs 9.3.2 to 9.3.4 of these Rules.
9.3.2 The employee due diligence program must put in place appropriate risk‑based systems and controls for each reporting entity to determine whether to, and in what manner to, screen any prospective employee who, if employed, may be in a position to facilitate the commission of a money laundering or financing of terrorism offence in connection with the provision of a designated service by the reporting entity.
9.3.3 The employee due diligence program must include appropriate risk‑based systems and controls for each reporting entity to determine whether to, and in what manner to, re‑screen an employee where the employee is transferred or promoted and may be in a position to facilitate the commission of a money laundering or financing of terrorism offence in connection with the provision of a designated service by the reporting entity.
9.3.4 The employee due diligence program must establish and maintain a system for each reporting entity to manage any employee who fails, without reasonable excuse, to comply with any system, control or procedure established in accordance with Part A or Part B.
Part 9.4 Oversight by boards and senior management
9.4.1 Except where paragraph 9.4.2 applies, the Part A program must be approved by the governing board and senior management of each reporting entity in the designated business group. Part A must also be subject to the ongoing oversight of each reporting entity’s board and senior management. Where the reporting entity does not have a board, Part A must be approved and overseen by its chief executive officer or equivalent.
9.4.2 Where each member of a designated business group is related to the other members, the Part A program may be approved by and subject to the ongoing oversight of the governing board and senior management of the main holding company of the group.
Part 9.5 AML/CTF Compliance Officer
9.5.1 Part A program must provide for the designated business group to designate a person as the ‘AML/CTF Compliance Officer’ at the management level. The AML/CTF Compliance Officer may have other duties.
Part 9.6 Independent review
9.6.1 Part A must be subject to regular independent review.
9.6.2 The frequency of the review should take into account the nature, size and complexity of each reporting entity’s business, and the type and level of ML/TF risk it might face.
9.6.3 While the review may be carried out by either an internal or external party, the person appointed to conduct the review must not have been involved in undertaking any of the functions or measures being reviewed, including:
(1) the design, implementation, or maintenance of Part A of the joint AML/CTF program; or
(2) the development of any of the reporting entities’ risk assessments or related internal controls.
9.6.4 The designated business group must be able to demonstrate the independence of the reviewer.
9.6.5 The purpose of the review should be to:
(1) assess the effectiveness of the Part A program having regard to the ML/TF risk of each reporting entity in the designated business group;
(2) assess whether the Part A program complies with these Rules;
(3) assess whether the Part A program has been effectively implemented; and
(4) assess whether each reporting entity in the designated business group has complied with its Part A program.
9.6.6 The result of the review, including any report prepared, must be provided to senior management and, where applicable the governing board of each reporting entity in the designated business group.
Part 9.7 Incorporation of feedback and guidance on ML/TF risks from AUSTRAC
9.7.1 In developing and updating Part A of a joint AML/CTF program, a reporting entity must take into account:
(1) any applicable guidance material disseminated or published by AUSTRAC; and
(2) any feedback provided by AUSTRAC in respect of the reporting entity or the industry it operates in,
that is relevant to the identification, mitigation, and management of ML/TF risk arising from the provision of a designated service by that entity.
Part 9.8 Permanent establishments in a foreign country
9.8.1 The Rules in 9.8 are made pursuant to section 229 of the AML/CTF Act for the purposes of paragraph 85(2)(b) of that Act. The Rules in 9.8 apply to those reporting entities in the designated business group that provide designated services at or through a permanent establishment in a foreign country.
9.8.2 Subject to 9.8.3, Part A of a reporting entity’s AML/CTF program must include systems and controls that meet the obligations under the AML/CTF Act that apply to the provision by the reporting entity of designated services at or through a permanent establishment of the reporting entity in a foreign country.
9.8.3 Where a reporting entity’s permanent establishment in a foreign jurisdiction is regulated by anti‑money laundering and counter‑terrorism financing laws comparable to Australia, only minimal additional systems and controls need to be considered.
9.8.4 The requirements in parts 9.4 to 9.7 of these Rules apply in relation to a permanent establishment in a foreign country at or through which a reporting entity provides designated services. The requirements in parts 9.1 to 9.3 of these Rules do not apply in relation to a permanent establishment in a foreign country at or through which a reporting entity provides designated services.
Part 9.9 Reporting obligations
9.9.1 Part A must include:
(1) the obligations that apply to each of the reporting entities under sections 41, 43, 45 and 47 of the AML/CTF Act (reporting obligations); and
(2) appropriate systems and controls of each of the reporting entities designed to ensure compliance with the reporting obligations of the reporting entity; and
(3) the obligations that apply to each of the reporting entities under section 51F of the AML/CTF Act and Chapter 64 of the AML/CTF Rules; and
(4) where a reporting entity in the designated business group is a remittance dealer, the obligations that apply to the remittance dealer under section 75M of the AML/CTF Act (as applicable) to advise:
(a) the AUSTRAC CEO of material changes in circumstances and other specified circumstances under subsections 75M(1) and 75M(3) of the AML/CTF Act; or
(b) the registered remittance network provider of material changes in circumstances and other specified circumstances under subsection 75M(2) of the AML/CTF Act.
Note: Remittance dealers should also refer to Chapter 60 of the AML/CTF Rules which specifies the material changes to registration details which must be reported to the AUSTRAC CEO.
Reporting entities should note that in relation to activities they undertake to comply with the AML/CTF Act, they will have obligations under the Privacy Act 1988, including the requirement to comply with the Australian Privacy Principles, even if they would otherwise be exempt from the Privacy Act. For further information about these obligations, please go to http://www.oaic.gov.au or call 1300 363 992.
CHAPTER 10
Part 10.1 Casinos
10.1.1 This Part is made for subsections 39(4), 118(2) and 118(4) of the Act.
10.1.2 This Part applies to designated services provided by a casino other than online gambling services.
Customer identification
10.1.3 Division 4 of Part 2 of the Act, subject to paragraph 10.1.5, does not apply to a designated service that:
(1) is of a kind described in items 1, 2, 4, 6, 7, 8 or 9 of table 3 in subsection 6(4) of the Act; and
(2) involves an amount less than $10,000.
10.1.4 Division 4 of Part 2 of the Act, subject to paragraph 10.1.5, does not apply to a designated service that is of a kind described in items 1, 2, 4, 6 or 9 of table 3 in subsection 6(4) of the Act where the service:
(1) involves an amount of $10,000 or more; and
(2) involves the customer giving or receiving only gaming chips or tokens.
10.1.5 An exemption does not apply if the reporting entity determines that it must obtain and verify any KYC information about a customer in accordance with its enhanced customer due diligence program and customer identification program.
Verification of identity
10.1.6 Chapter 6 is modified as follows:
(1) the specified action in paragraph 6.1.3 must be taken:
(a) within 14 days starting after the day on which the circumstance specified in paragraph 6.1.2 comes into existence; or
(b) before the reporting entity commences to provide another designated service to the customer to which Part 2 of the Act applies;
(2) the specified action in paragraph 6.2.2 must be taken:
(a) within 14 days starting after the day on which the suspicious matter reporting obligation arose; or
(b) before the reporting entity commences to provide another designated service to the customer to which Part 2 of the Act applies;
(3) the specified action in paragraph 6.3.2 must be taken:
(a) within 14 days starting after the day on which the suspicious matter reporting obligation arose; or
(b) before the reporting entity commences to provide another designated service to the customer to which Part 2 of the Act applies;
(4) paragraphs 6.2.3 and 6.3.3 do not apply.
Record‑keeping
10.1.7 Sections 106 and 107 of the Act do not apply to a designated service of a kind described in:
(1) items 1, 2, or 6 of table 3 in subsection 6(4) of the Act; or
(2) item 4 of table 3 in subsection 6(4) to the extent that the customer is only given gaming chips or tokens when the service is provided.
Part 10.2 On‑course bookmakers and totalisator agency boards
10.2.1 This Part is made for subsections 39(4), 118(2) and 118(4) of the Act.
10.2.2 This Part applies to designated services provided by a reporting entity that is an on‑course bookmaker or a totalisator agency board.
Customer identification
10.2.3 Division 4 of Part 2 of the Act, subject to paragraph 10.2.5, does not apply to a designated service of a kind described in items 1 or 2 of table 3 in subsection 6(4) of the Act.
10.2.4 Division 4 of Part 2 of the Act, subject to paragraph 10.2.5, does not apply to a designated service that:
(1) is of a kind described in items 4, 7 or 8 of table 3 in subsection 6(4); and
(2) involves an amount less than $10,000.
10.2.5 An exemption does not apply if the reporting entity determines that it must obtain and verify any KYC information about a customer in accordance with its enhanced customer due diligence program and customer identification program.
Verification of identity
10.2.6 Chapter 6 is modified as follows:
(1) the specified action in paragraph 6.1.3 must be taken:
(a) within 14 days starting after the day on which the circumstance specified in paragraph 6.1.2 comes into existence; or
(b) before the reporting entity commences to provide another designated service to the customer to which Part 2 of the Act applies;
(2) the specified action in paragraph 6.2.2 must be taken:
(a) within 14 days starting after the day on which the suspicious matter reporting obligation arose; or
(b) before the reporting entity commences to provide another designated service to the customer to which Part 2 of the Act applies;
(3) the specified action in paragraph 6.3.2 must be taken:
(a) within 14 days starting after the day on which the suspicious matter reporting obligation arose; or
(b) before the reporting entity commences to provide another designated service to the customer to which Part 2 of the Act applies;
(4) paragraphs 6.2.3 and 6.3.3 do not apply.
Record‑keeping
10.2.7 Sections 106 and 107 of the Act do not apply to a designated service of a kind described in:
(1) items 1, 2, or 6 of table 3 in subsection 6(4) of the Act; or
(2) items 7 or 8 of table 3 in subsection 6(4) of the Act where that service involves an amount less than $10,000.
Part 10.3 Gaming machines
10.3.1 This Part is made for subsection 39(4) of the Act.
10.3.2 This Part applies to designated services provided by a reporting entity by way of a gaming machine other than designated services provided at a casino.
Customer identification
10.3.3 Division 4 of Part 2 of the Act, subject to paragraph 10.3.5, does not apply to a designated service of a kind described in items 5 or 6 of table 3 in subsection 6(4) of the Act.
10.3.4 Division 4 of Part 2 of the Act, subject to paragraph 10.3.5, does not apply in respect of a designated service that:
(1) is of a kind described in items 9 or 10 of table 3 in subsection 6(4); and
(2) involves an amount less than $10,000.
10.3.5 An exemption does not apply if the reporting entity determines that it must obtain and verify any KYC information about a customer in accordance with its enhanced customer due diligence program and customer identification program.
Part 10.4 Accounts for online gambling services
10.4.1 This Part is made for paragraphs 33(a) and (b) and subparagraph 34(1)(d)(i) of the Act.
Special circumstances that justify carrying out the applicable identification procedure after commencement of the provision of a designated service
10.4.2 Online gambling services, subject to the conditions specified in paragraph 10.4.3, are specified for the purposes of paragraph 33(a) of the Act.
10.4.3 The special circumstances are only available to the reporting entity if:
(1) the customer is required to open an account in order to obtain the service; and
(2) the reporting entity does not permit the customer to withdraw any funds from the account prior to carrying out the applicable customer identification procedure.
The period ascertained in accordance with subparagraph 34(1)(d)(i) of the Act
10.4.4 The period is 72 hours commencing when the reporting entity opens the account in the name of the customer.
CHAPTER 11 Compliance Report – reporting and lodgment periods
11.1 These Rules are made under section 229 of the AML/CTF Act for the purposes of subsections 47(1), 47(2) and 247(4) of that Act.
Reporting and lodgment periods
11.2 A reporting period is specified to be each successive period of 12 months beginning on 1 January and ending on 31 December.
11.3 The lodgment period is specified to be the period of 3 months beginning at the end of each successive reporting period.
Exemption from compliance reporting
11.4 For the purposes of subsection 247(4) of the AML/CTF Act, subsections 47(1) and 47(2) of that Act do not apply in circumstances where the reporting entity:
(1) only provided designated services during the reporting period of the kind set out in items 31 and 32 of the table in subsection 6(2) of the AML/CTF Act as a registered remittance affiliate; and
(2) did not provide any other designated service.
Reporting entities should note that in relation to activities they undertake to comply with the AML/CTF Act, they will have obligations under the Privacy Act 1988, including the requirement to comply with the Australian Privacy Principles, even if they would otherwise be exempt from the Privacy Act. For further information about these obligations, please go to http://www.oaic.gov.au or call 1300 363 992.
CHAPTER 12 Electronic funds transfer instructions
12.1 These Anti‑Money Laundering and Counter‑Terrorism Financing Rules (Rules) are made pursuant to section 229 of the Anti‑Money Laundering and Counter‑Terrorism Financing Act 2006 (AML/CTF Act) for subparagraph 70(a)(i) of that Act.
12.2 For subparagraph 70(a)(i) of the AML/CTF Act, the following kind of transfer instruction is specified:
(1) a transfer instruction where money is to be paid by use of a credit card.
Reporting entities should note that in relation to activities they undertake to comply with the AML/CTF Act, they will have obligations under the Privacy Act 1988, including the requirement to comply with the Australian Privacy Principles, even if they would otherwise be exempt from the Privacy Act. For further information about these obligations, please go to http://www.oaic.gov.au or call 1300 363 992.
CHAPTER 13 Approved third‑party bill payment system
13.1 These Anti‑Money Laundering and Counter‑Terrorism Financing Rules (Rules) are made pursuant to section 229 of the Anti‑Money Laundering and Counter‑Terrorism Financing Act 2006 (AML/CTF Act) for the definition of ‘approved third‑party bill payment system’ in section 5 of that Act.
13.2 For the definition of ‘approved third‑party bill payment system’ in section 5 of the AML/CTF Act, the following bill payment systems are prescribed:
(1) BPAY;
(2) DEFT; and
(3) The Australian Payments Clearing Association Limited’s direct entry system.
13.3 In these Rules:
(1) ‘BPAY’ means a national bill payment service provided by banks, building societies and credit unions registered with the BPAY scheme, that is accessed by a registered business’ customer via the telephone or internet and which enables the registered business to collect payments from their customers electronically.
(2) ‘DEFT’ means direct electronic funds transfer which is a payment, collection, receipting and reconciliation service that enables the payment of bills by customers registered with the DEFT scheme through the internet, BPAY, Australia Post offices, telephone or mail.
Reporting entities should note that in relation to activities they undertake to comply with the AML/CTF Act, they will have obligations under the Privacy Act 1988, including the requirement to comply with the Australian Privacy Principles, even if they would otherwise be exempt from the Privacy Act. For further information about these obligations, please go to http://www.oaic.gov.au or call 1300 363 992.
CHAPTER 14 Thresholds for certain designated services
14.1 These Anti‑Money Laundering and Counter‑Terrorism Financing Rules (Rules) are made under section 229 of the Anti‑Money Laundering and Counter‑Terrorism Financing Act 2006 (AML/CTF Act) for subsection 39(4) of that Act.
14.2 Subject to paragraph 14.5 below, Division 4 of Part 2 of the AML/CTF Act does not apply to a designated service that:
(1) involves issuing a cheque that an ADI, bank or other institution draws on itself as described in the definition of ‘bill of exchange’ in section 5 of the Act as described in item 17 of table 1 in section 6; and
(2) meets either of the following requirements:
(a) the face value of the cheque is less than $5,000 (Australian or the foreign equivalent) and the cheque is drawn from an account held at the issuing:
(i) ADI; or
(ii) building society; or
(iii) bank; or
(iv) credit union; or
(v) a representative office of a foreign bank; and
(vi) the cheque contains details of a payee; or
(b) where subparagraph 14.2(2)(a) does not apply:
(i) the face value of the cheque is less than $1,000 (Australian or the foreign equivalent); and
(ii) the cheque is funded by physical currency.
14.3 Subject to paragraph 14.5 below, Division 4 of Part 2 of the AML/CTF Act does not apply to a designated service that:
(1) involves issuing, cashing or redeeming a traveller’s cheque or traveller’s cheques as described in items 25 or 26 of table 1 in section 6; and
(2) the total sum of the face value of the traveller’s cheques issued, cashed or redeemed in any one transaction is less than $1,000 (Australian or the foreign equivalent).
14.4 Subject to paragraph 14.5 below, Division 4 of Part 2 of the AML/CTF Act does not apply to a designated service that:
(1) is of a kind described in item 50 of table 1 or item 14 of table 3 in section 6; and
(2) meets either of the following requirements:
(a) the value of the currency is less than $1,000 (Australian or the foreign equivalent) into or out of an account, and the account provider is:
(i) an ADI; or
(ii) a building society; or
(iii) a bank; or
(iv) a credit union; or
(v) a representative office of a foreign bank; or
(b) where subparagraph 14.4(2)(a) does not apply:
(i) the value of the currency is less than $1000 (Australian or the foreign equivalent); and
(ii) the proceeds and/or funding source of the service described in item 50 of table 1 or item 14 of table 3 are in the form of physical currency.
14.5 The exemptions in paragraphs 14.2 to 14.4 of these Rules do not apply where a reporting entity determines in accordance with its enhanced customer due diligence program that it should obtain and verify any KYC information about a customer in accordance with its customer identification program.
14.6 In these Rules:
(1) ‘KYC information’ has the meaning given by Chapter 1 of Anti‑Money Laundering and Counter‑Terrorism Financing Rules Instrument 2007 (No. 1); and
(2) ‘representative office of a foreign bank’ is an office of the foreign bank in Australia in respect of which the foreign bank has obtained written consent to establish the representative office in Australia under section 67 of the Banking Act 1959 from the Australian Prudential Regulation Authority.
Reporting entities should note that in relation to activities they undertake to comply with the AML/CTF Act, they will have obligations under the Privacy Act 1988, including the requirement to comply with the Australian Privacy Principles, even if they would otherwise be exempt from the Privacy Act. For further information about these obligations, please go to http://www.oaic.gov.au or call 1300 363 992.
CHAPTER 15 Ongoing customer due diligence
15.1 These Anti-Money Laundering and Counter-Terrorism Financing Rules (Rules) are made under section 229 of the Anti-Money Laundering and Counter-Terrorism Financing Act 2006 (the AML/CTF Act) for paragraphs 36(1)(b), 84(2)(c) and 85(2)(c) of that Act. Sections 136 and 137 of the AML/CTF Act apply to each paragraph of this Chapter. The requirements set out in these Rules do not apply in relation to a permanent establishment in a foreign country at or through which a reporting entity provides designated services. This Chapter commences on 1 June 2014.
KYC information and Beneficial Owner Information
Note: Reporting entities that provide designated services to customers who are custodians are exempt from the requirements specified in paragraphs 15.2 and 15.3 of these Rules in relation to certain beneficial owner information. These exemptions are set out in paragraph 4.4.18 of Chapter 4 of these Rules.
15.2 A reporting entity must include in Part A of its AML/CTF program appropriate risk-based systems and controls to enable a reporting entity to determine in what circumstances further KYC information or beneficial owner information should be collected or verified in respect of customers or beneficial owners of customers to enable the review and update of KYC information and beneficial owner information for ongoing customer due diligence purposes.
Note: ‘Beneficial owner information’ is the information referred to in Part 4.12 of Chapter 4 of these Rules.
15.3 A reporting entity must undertake reasonable measures to keep, update and review the documents, data or information collected under the applicable customer identification procedure (particularly in relation to high risk customers) and the beneficial owner identification requirements specified in Chapter 4 of these Rules.
Transaction monitoring program
15.4 A reporting entity must include a transaction monitoring program in Part A of its AML/CTF program.
15.5 The transaction monitoring program must include appropriate risk‑based systems and controls to monitor the transactions of customers.
15.6 The transaction monitoring program must have the purpose of identifying, having regard to ML/TF risk, any transaction that appears to be suspicious within the terms of section 41 of the AML/CTF Act.
15.7 The transaction monitoring program should have regard to complex, unusual large transactions and unusual patterns of transactions, which have no apparent economic or visible lawful purpose.
Enhanced customer due diligence program
Note: Reporting entities that provide designated services to customers who are custodians are exempt from the requirements specified in subparagraphs 15.9(2), 15.10(1)(b), 15.10(1)(c), 15.10(2) and 15.10(4) of these Rules in relation to underlying customers of custodians. These exemptions are set out in paragraph 4.4.18 of Chapter 4 of these Rules.
15.8 A reporting entity must include an enhanced customer due diligence program in Part A of its AML/CTF program.
15.9 Subject to paragraph 4.4.18, the reporting entity must apply the enhanced customer due diligence program when:
(1) it determines under its risk‑based systems and controls that the ML/TF risk is high; or
Note: Reporting entities should consider whether any beneficial owner of a customer, including domestic or international organisation politically exposed persons, should be considered high risk.
(2) a designated service is being provided to a customer who is or who has a beneficial owner who is, a foreign politically exposed person; or
(3) a suspicion has arisen for the purposes of section 41 of the AML/CTF Act; or
(4) the reporting entity is entering into or proposing to enter into a transaction and a party to the transaction is physically present in, or is a corporation incorporated in, a prescribed foreign country.
15.10 The enhanced customer due diligence program must include appropriate risk-based systems and controls so that, in cases where one or more of the circumstances in paragraph 15.9 arises, a reporting entity must undertake measures appropriate to those circumstances, including a range of the measures in subparagraphs 15.10(1) to (7):
(1) seek information from the customer or from third party sources in order to undertake one or more of the following as specified in subparagraphs 15.10(1)(a) – (d):
(a) clarify or update KYC information already collected from the customer;
(b) subject to paragraph 4.4.18, clarify or update beneficial owner information already collected from the customer;
(c) subject to paragraph 4.4.18, obtain any further KYC information or beneficial owner information, including, where appropriate, taking reasonable measures to identify:
(i) the source of the customer’s and each beneficial owner’s wealth; and
(ii) the source of the customer’s and each beneficial owner’s funds;
(d) clarify the nature of the customer’s ongoing business with the reporting entity;
(2) undertake more detailed analysis of the customer’s KYC information and, subject to paragraph 4.4.18, beneficial owner information, including, where appropriate, taking reasonable measures to identify:
(a) the source of the customer’s and each beneficial owner’s wealth; and
(b) the source of the customer’s and each beneficial owner’s funds;
(3) verify or re-verify KYC information in accordance with the customer identification program;
(4) subject to paragraph 4.4.18, verify or re-verify beneficial owner information in accordance with the beneficial owner identification requirements specified in Chapter 4 of these Rules;
(5) undertake more detailed analysis and monitoring of the customer’s transactions – both past and future, including, but not limited to:
(a) the purpose, reasons for, or nature of specific transactions; or
(b) the expected nature and level of transaction behaviour, including future transactions;
(6) seek senior management approval for:
(a) continuing a business relationship with a customer; and
(b) whether a designated service should continue to be provided to the customer;
(7) consider whether a transaction or particular transactions should be processed.
15.11 If the circumstances in subparagraph 15.9(2) arise, in addition to any other appropriate measures in paragraph 15.10, a reporting entity must undertake the measures in subparagraphs 15.10(2) and 15.10(6).
Reporting entities should note that in relation to activities they undertake to comply with the AML/CTF Act, they will have obligations under the Privacy Act 1988, including the requirement to comply with the Australian Privacy Principles, even if they would otherwise be exempt from the Privacy Act. For further information about these obligations, please go to http://www.oaic.gov.au or call 1300 363 992.
CHAPTER 16 Reportable details for international funds transfer instructions (items 1 and 2 in section 46)
16.1 These Anti‑Money Laundering and Counter‑Terrorism Financing Rules (Rules) are made under section 229 of the Anti‑Money Laundering and Counter‑Terrorism Financing Act 2006 (AML/CTF Act) for paragraph 45(3)(b) of that Act.
Instructions transmitted out of Australia
16.2 A report about an international funds transfer instruction (the instruction), within the meaning of item 1 of the table in section 46 of the AML/CTF Act, must contain:
(1) for an instruction to which paragraph 70(b) or 70(c) of the AML/CTF Act applies – the complete payer information defined by section 71 of the AML/CTF Act;
(2) for an instruction to which paragraph 70(a) of the AML/CTF Act applies – the tracing information defined by section 72 of the AML/CTF Act;
(3) the name or identity of the ordering institution;
(4) where applicable, the name or identity of any branch or department of the ordering institution which the payer requested to transmit the instruction;
(5) the name or identity of the institution (the sender) transmitting the instruction to the beneficiary institution, if different from subparagraph 16.2(3);
(6) where applicable, the name or identity of the sender’s branch or department which transmitted the instruction, if different from subparagraph 16.2(4);
(7) the date on which the sender transmits, or is to transmit, the instruction to the beneficiary institution;
(8) the name or identity of the beneficiary institution;
(9) the name or identity of the branch or department of the beneficiary institution at which the funds will be made available to the payee;
(10) the name of the payee;
(11) one or more of the following details:
(a) the number of any account held by the payee with the beneficiary institution through which the transferred money is to be made available to the payee:
(b) the payee’s full business or residential address (not being a post box address);
(c) where applicable, the type and number of identification relating to the payee;
(12) the following details as appear in the instruction:
(a) any information or directions provided by the payer to the payee in relation to the instruction;
(b) the name or identity of any interposed institution in the funds transfer chain;
(c) the name or identity and account number of any institution through which the beneficiary institution will be reimbursed;
(d) any information or directions provided by the ordering institution or interposed institution to another institution in the funds transfer chain under subsection 64(2) of the AML/CTF Act;
(e) any other details relating to the instruction;
(13) the amount referred to in the instruction;
(14) the currency of the amount referred to in the instruction; and
(15) the date on which the transferred money becomes available to the payee.
Instructions transmitted into Australia
16.3 A report about an international funds transfer instruction (the instruction), within the meaning of item 2 of the table in section 46 of the AML/CTF Act, must contain:
(1) the name of the payer;
(2) the name or identity of the institution (the sender) transmitting the instruction to the beneficiary institution;
(3) the following details as appear in the instruction:
(a) for an instruction to which paragraph 70(b) or 70(c) of the AML/CTF Act applies:
(i) one of the following:
(A) the payer’s full business or residential address (not being a post box address);
(B) a unique identification number given to the payer by the Commonwealth or an authority of the Commonwealth (for example, an Australian Business Number or an Australian Company Number);
(C) a unique identification number given to the payer by the government of a foreign country;
(D) the identification number given to the payer by the ordering institution;
(E) if the payer is an individual—the payer’s date of birth, country of the payer’s birth and the town, city or locality of the payer’s birth;
(ii) if the money is, or is to be, transferred from a single account held by the payer with the ordering institution in Australia—the account number for the account;
(iii) if subparagraph 16.3(3)(a)(ii) does not apply—either:
(A) a unique reference number for the transfer instruction; or
(B) if the money is, or is to be, transferred from a single account held by the payer with the ordering institution—the account number for the account;
(b) for an instruction to which paragraph 70(a) of the AML/CTF Act applies – the tracing information defined by section 72 of the AML/CTF Act;
(c) the name or identity of the ordering institution, if different from subparagraph 16.3(2);
(d) where applicable, the name or identity of any branch or department of the ordering institution which the payer requested to transmit the instruction, if different from subparagraph 16.3(3)(e);
(e) where applicable, the name or identity of the sender’s branch or department which transmitted the instruction;
(f) the identification code assigned to the instruction by the sender;
(g) the name or identity of the beneficiary institution;
(h) the name or identity of any branch or department of the beneficiary institution at which the funds will be made available to the payee;
(i) the date on which the beneficiary institution received the instruction;
(j) the name of the payee;
(k) the payee’s full business or residential address (not being a post box address);
(l) the number of any account held by the payee with the beneficiary institution through which the transferred money is to be made available to the payee;
(m) the name or identity of any interposed institution in the funds transfer chain;
(n) the name or identity and account number of any institution through which the beneficiary institution will be reimbursed;
(o) any information or directions provided by the payer to the payee in relation to the instruction;
(p) any information or directions provided by the ordering institution or interposed institution to another institution in the funds transfer chain under subsection 64(2) of the AML/CTF Act;
(q) any other details relating to the instruction;
(4) the amount referred to in the instruction;
(5) the currency of the amount referred to in the instruction; and
(6) the date on which the transferred money becomes available to the payee.
Copies of funds transfer messages
16.4 A copy of the funds transfer message transmitted out of or into Australia may be given as a report of an electronic international funds transfer instruction in accordance with the applicable approved form. The copy:
(1) must contain the information required under subparagraphs 16.2 or 16.3; and
(2) may contain information giving effect to the international funds transfer as required:
(a) by message format standards;
(b) by message usage guidelines; or
(c) to complete the transfer including, but not limited to:
(i) who initiated the transfer on behalf of the payer;
(ii) additional contact information for the payer and payee;
(iii) remittance information about the invoice or garnishment administration.
16.5 A report under subsection 45(2) of the AML/CTF Act must contain the following details about the person completing the report:
(1) Full name;
(2) Job title or position;
(3) Telephone number; and
(4) Email address.
Note: Under subsection 8WA(1) and section 8WB of the Taxation Administration Act 1953, AUSTRAC is prohibited from requesting, making a record of, or maintaining a record of a person’s Tax File Number, as defined in section 202A of the Income Tax Assessment Act 1936, unless it is otherwise permitted to comply with an obligation imposed by a taxation law or another relevant law of the Commonwealth. This Chapter does not require reporting entities to disclose a person’s Tax File Number to AUSTRAC.
Reporting entities should note that in relation to activities they undertake to comply with the AML/CTF Act, they will have obligations under the Privacy Act 1988, including the requirement to comply with the Australian Privacy Principles, even if they would otherwise be exempt from the Privacy Act. For further information about these obligations, please go to http://www.oaic.gov.au or call 1300 363 992.
CHAPTER 17 Reportable details for international funds transfer instructions under a designated remittance arrangement (items 3 and 4 in section 46)
(Rules commencing on 12 December 2008)
17.1 These Anti‑Money Laundering and Counter‑Terrorism Financing Rules (Rules) are made under section 229 of the Anti‑Money Laundering and Counter‑Terrorism Financing Act 2006 (AML/CTF Act) for paragraph 45(3)(b) of that Act.
Instructions transmitted out of Australia
17.2 A report about an international funds transfer instruction (the instruction), within the meaning of item 3 of the table in section 46 of the AML/CTF Act, must contain:
(1) if the transferor entity is an individual:
(a) the transferor entity’s full name;
(b) any other name used by the transferor entity, if known;
(c) the transferor entity’s date of birth;
(d) the transferor entity’s full residential address (not being a post box address);
(e) the transferor entity’s postal address, if different from subparagraph 17.2(1)(d), if known;
(f) the transferor entity’s telephone number, if known;
(g) the transferor entity’s email address, if known;
(h) the transferor entity’s occupation, business or principal activity and ABN, if known;
(i) a description of the reliable and independent documentation and/or electronic data source(s) relied upon to verify the identity of the transferor entity, if applicable;
(j) the identification number assigned to the transferor entity, if applicable;
(2) if the transferor entity is a non‑individual:
(a) the name of the transferor entity and any business name under which the transferor entity is operating;
(b) a description of the legal form of the transferor entity and any business structure it is a part of, for the purposes of its main business activities, if known (for example, partnership, trust or company);
(c) the business or principal activity of the transferor entity, if known;
(d) the full address (not being a post box address) of the transferor entity at which the entity carries on business, or its principal place of business;
(e) the transferor entity’s postal address, if different from subparagraph 17.2(2)(d), if known;
(f) where the transferor entity has an ACN or ARBN – that number;
(g) where the transferor entity has an ABN – that number;
(h) the transferor entity’s telephone number, if known;
(i) the transferor entity’s email address, if known;
(j) a description of the reliable and independent documentation and/or electronic data source(s) relied upon to verify the identity of the transferor entity, if applicable;
(k) the identification number assigned to the transferor entity, if applicable;
(3) the identifier (if applicable), and/or the name and address (not being a post box address) of a non-financier (sender) that accepts the instruction from the transferor entity, for the transfer of money or property under the designated remittance arrangement;
(4) the date on which the non-financier accepts the instruction from the transferor entity;
(5) the name and address (not being a post box address) of the person at which money or property is accepted from the transferor entity, if different from subparagraph 17.2(3);
(5A) the number of the transferor entity’s account held with the person which accepts the instruction from the transferor entity, if applicable;
(6) where a person (other than the person referred to in subparagraph 17.2(3)) transmits the instruction for the transfer of money or property under the designated remittance arrangement (transmitter):
(a) if the transmitter is an individual:
(i) the transmitter’s full name;
(ii) any other name used by the transmitter, if known;
(iii) the transmitter’s date of birth, if known;
(iv) the transmitter’s address (not being a post box address);
(v) the transmitter’s postal address, if different from subparagraph 17.2(6)(a)(iv), if known;
(vi) the transmitter’s telephone number, if known;
(vii) the transmitter’s email address, if known;
(viii) the transmitter’s occupation, business or principal activity, if known;
(b) if the transmitter is a non‑individual:
(i) the name of the transmitter and any business name under which the transmitter is operating;
(ii) a description of the legal form of the transmitter and any business structure it is a part of, for the purposes of its main business activities, if known (for example, partnership, trust or company);
(iii) the business or principal activity of the transmitter, if known;
(iv) the address (not being a post box address) of the transmitter at which the transmitter carries on business, or its principal place of business;
(v) the transmitter’s postal address, if different from subparagraph 17.2(6)(b)(iv), if known;
(vi) where the transmitter has an ACN or ARBN – that number;
(vii) where the transmitter has an ABN – that number;
(viii) the transmitter’s telephone number, if known;
(ix) the transmitter’s email address, if known;
(6A) the name and address of the person in the foreign country to which the sender and/or transmitter sent the instruction for the transfer of money or property;
(7) the identifier (if applicable), and/or the name and address of a person (disbursing entity) who arranges for the money or property to be made available or at which the money or property is, or is to be, made available to the ultimate transferee entity;
(8) the date on which the money or property becomes accessible for the disbursing entity to make available to the ultimate transferee entity, if known;
(9) if the ultimate transferee entity is an individual, the ultimate transferee entity’s:
(a) full name;
(b) date of birth, if known;
(c) address (not being a post box address);
(d) postal address, if different from subparagraph 17.2(9)(c), if known;
(e) telephone number, if known;
(f) email address, if known;
(10) if the ultimate transferee entity is a non‑individual:
(a) the name of the ultimate transferee entity and any business name under which the ultimate transferee entity is operating;
(b) a description of the legal form of the ultimate transferee entity and any business structure it is a part of, for the purposes of its main business activities, if known (for example, partnership, trust or company);
(c) the business or principal activity of the ultimate transferee entity, if known;
(d) the address (not being a post box address) of the ultimate transferee entity at which it carries on business, or its principal place of business;
(e) the ultimate transferee entity’s postal address if different from subparagraph 17.2(10)(d), if known;
(f) the ultimate transferee entity’s telephone number, if known;
(g) the ultimate transferee entity’s email address, if known;
(11) if money is to be transferred:
(a) the amount referred to in the instruction;
(b) the currency of the amount referred to in the instruction;
(12) if property is to be transferred (transferred property):
(a) a description of the transferred property referred to in the instruction;
(b) the value of the transferred property referred to in the instruction;
(c) the currency used to value the transferred property referred to in the instruction;
(12A) if money is to be made available to the ultimate transferee entity by a person in a foreign country depositing or arranging for the money to be deposited into an account held by the ultimate transferee entity with that person, whether or not held jointly with any other person or persons:
(a) the account number of that account, if applicable;
(b) the name in which the account is held, if applicable; and
(c) the name and location of the institution at which the account is held;
(12B) any reference number allocated by the non-financier to the instruction;
(13) any information given in the instruction about the reason for transferring the money or property.
Instructions transmitted into Australia
17.3 A report about an international funds transfer instruction (the instruction), within the meaning of item 4 in the table in section 46 of the AML/CTF Act, must contain:
(1) if the transferor entity is an individual:
(a) the transferor entity’s name;
(b) any other name used by the transferor entity, if known;
(c) the transferor entity’s date of birth, if known;
(d) the transferor entity’s address (not being a post box address);
(e) the transferor entity’s postal address, if different from subparagraph 17.3(1)(d), if known;
(f) the transferor entity’s telephone number, if known;
(g) the transferor entity’s email address, if known;
(h) the transferor entity’s occupation, business or principal activity, if known;
(2) if the transferor entity is a non‑individual:
(a) the name of the transferor entity and any business name under which the transferor entity is operating;
(b) a description of the legal form of the transferor entity and any business structure it is a part of, for the purposes of its main business activities, if known (for example, partnership, trust or company);
(c) the business or principal activity of the transferor entity, if known;
(d) the address (not being a post box address) of the transferor entity at which it carries on business, or its principal place of business;
(e) the transferor entity’s postal address, if different from subparagraph 17.3(2)(d), if known;
(f) the transferor entity’s telephone number, if known;
(g) the transferor entity’s email address, if known;
(3) for a person in a foreign country who accepts the instruction from the transferor entity for the transfer of money or property (foreign entity):
(a) if the foreign entity is an individual:
(i) the foreign entity’s full name;
(ii) any other name used by the foreign entity, if known;
(iii) the foreign entity’s date of birth, if known;
(iv) the foreign entity’s address (not being a post box address);
(v) the foreign entity’s postal address, if different from subparagraph 17.3(3)(a)(iv), if known;
(vi) the foreign entity’s telephone number, if known;
(vii) the foreign entity’s email address, if known;
(viii) the foreign entity’s occupation, business or principal activity, if known;
(b) if the foreign entity is a non‑individual:
(i) the name of the foreign entity and any business name under which the foreign entity is operating;
(ii) a description of the legal form of the foreign entity and any business structure it is a part of, for the purposes of its main business activities, if known (for example, partnership, trust or company);
(iii) the business or principal activity of the foreign entity, if known;
(iv) the address (not being a post box address) of the foreign entity at which it carries on business, or its principal place of business;
(v) the foreign entity’s postal address, if different from subparagraph 17.3(3)(b)(iv), if known;
(vi) the foreign entity’s telephone number, if known;
(vii) the foreign entity’s email address, if known;
(4) the date on which the foreign entity accepts the instruction from the transferor entity, if known;
(5) the identifier (if applicable), and/or the name and address (not being a post box address) of the foreign entity at which it accepts the instruction from the transferor entity, if applicable and known;
(5A) the number of the transferor entity’s account held with the foreign entity which accepts the instruction from the transferor entity, if applicable;
(6) where a person (other than the foreign entity) transmits the instruction for the transfer of money or property under the designated remittance arrangement (transmitter):
(a) if the transmitter is an individual:
(i) the transmitter’s full name, if known;
(ii) any other name used by the transmitter, if known;
(iii) the transmitter’s date of birth, if known;
(iv) the transmitter’s address (not being a post box address), if known;
(v) the transmitter’s postal address, if different from subparagraph 17.3(6)(a)(iv), if known;
(vi) the transmitter’s telephone number, if known;
(vii) the transmitter’s email address, if known;
(viii) the transmitter’s occupation, business or principal activity, if known;
(b) if the transmitter is a non‑individual:
(i) the name of the transmitter and any business name under which the transmitter is operating, if known;
(ii) a description of the legal form of the transmitter and any business structure it is a part of, for the purposes of its main business activities, if known (for example, partnership, trust or company);
(iii) the business or principal activity of the transmitter, if known;
(iv) the address (not being a post box address) of the transmitter at which it carries on business, or its principal place of business, if known;
(v) the transmitter’s postal address, if different from subparagraph 17.3(6)(b)(iv), if known;
(vi) the transmitter’s telephone number, if known;
(vii) the transmitter’s email address, if known;
(6A) the name and address of the entity in Australia to which the instruction for the transfer of money or property was sent by the transmitter;
(7) the date on which the non-financier arranges for the money or property to be made available or makes or is to make the money or property available to the ultimate transferee entity;
(8) the name and full address (not being a post box address) of the non-financier (receiver) who arranges for the money or property to be made available or that makes or is to make the money or property available to the ultimate transferee entity in Australia;
(9) the identifier (if applicable), and/or the name and address (not being a post box address) of the person, if different from subparagraph 17.3(8), at which the money or property is made or is to be made available to the ultimate transferee entity in Australia;
(10) if the ultimate transferee entity is an individual, the ultimate transferee entity’s:
(a) full name;
(b) date of birth, if known;
(c) full residential address (not being a post box address), if known;
(d) postal address, if different from subparagraph 17.3(10)(c), if known;
(e) telephone number, if known;
(f) email address, if known;
(g) occupation, business or principal activity and ABN, if known;
(11) if the ultimate transferee entity is a non‑individual:
(a) the name of the ultimate transferee entity and any business name under which the ultimate transferee entity is operating;
(b) a description of the legal form of the ultimate transferee entity and any business structure it is a part of, for the purposes of its main business activities, if known (for example, partnership, trust or company);
(c) the business or principal activity of the ultimate transferee entity, if known;
(d) the full address (not being a post box address) of the ultimate transferee entity at which it carries on business, or its principal place of business, if known;
(e) the ultimate transferee entity’s postal address, if different from subparagraph 17.3(11)(d), if known;
(f) where the ultimate transferee entity has an ACN or ARBN – that number;
(g) where the ultimate transferee entity has an ABN – that number;
(h) the ultimate transferee entity’s telephone number, if known;
(i) the ultimate transferee entity’s email address, if known;
(12) if money is to be transferred:
(a) the amount referred to in the instruction;
(b) the currency of the amount referred to in the instruction;
(13) if property is to be transferred (transferred property):
(a) a description of the transferred property referred to in the instruction;
(b) the value of the transferred property referred to in the instruction;
(c) the currency used to value the transferred property referred to in the instruction;
(13A) if money is to be made available to the ultimate transferee entity by a person in Australia depositing or arranging for the money to be deposited into an account held by the ultimate transferee entity with that person, whether or not held jointly with any other person or persons:
(a) the account number of that account, if applicable;
(b) the name in which the account is held, if applicable; and
(c) the name and location of the institution at which the account is held;
(13B) any reference number allocated by the reporting entity to the instruction;
(14) any information given in the instruction about the reason for transferring the money or property.
17.4 A report under subsection 45(2) of the AML/CTF Act must contain the following details about the person completing the report:
(1) Full name;
(2) Job title or position;
(3) Telephone number; and
(4) Email address.
17.5 In this Chapter:
(1) ‘identifier’ means a Bank Identifier Code (BIC), a Bank-State-Branch identifying code (BSB) or Branch Registration Number (BRN) previously registered with AUSTRAC.
Reporting entities should note that in relation to activities they undertake to comply with the AML/CTF Act, they will have obligations under the Privacy Act 1988, including the requirement to comply with the Australian Privacy Principles, even if they would otherwise be exempt from the Privacy Act. For further information about these obligations, please go to http://www.oaic.gov.au or call 1300 363 992.
CHAPTER 18 Reportable details for suspicious matters
(Rules commencing on 12 December 2008)
18.1 These Anti‑Money Laundering and Counter‑Terrorism Financing Rules (Rules) are made under section 229 of the Anti‑Money Laundering and Counter‑Terrorism Financing Act 2006 (AML/CTF Act) for paragraph 41(3)(b) of that Act.
18.2 A suspicious matter report must contain the following information:
(1) a statement of whether the person (first person) is a customer of the reporting entity;
(2) a statement of whether the first person has requested the reporting entity to provide a designated service to the first person and that service is of a kind ordinarily provided by the reporting entity;
(3) a statement of whether the first person enquired of the reporting entity whether it would be willing or prepared to provide the designated service to the first person and that service is of a kind ordinarily provided by the reporting entity;
(4) a statement of whether the reporting entity has commenced to provide or proposes to provide the designated service to the first person;
(5) a description of any conditions in paragraphs 41(1)(d) to (j) of the AML/CTF Act that relate to the provision or prospective provision of the designated service by the reporting entity (suspicious matter);
(6) a description of any designated service to which the suspicious matter relates;
(7) a description of the reasonable grounds for suspicion relating to the suspicious matter;
Individual
(8) if the first person is an individual:
(a) the full name of the first person, if known;
(b) the telephone number of the first person, if known;
(c) the full address of the first person (not being a post box address), if known;
(d) the postal address of the first person, if different from subparagraph 18.2(8)(c), if known;
(e) the date of birth of the first person, if known;
(f) the country of citizenship of the first person, if known;
(g) the occupation, business or principal activity and ABN of the first person, if known;
(h) any other name used by the first person, if known;
(i) the email address of the first person, if known;
(j) a description of the reliable and independent documentation and/or electronic data source(s) relied upon to verify the identity of the first person, if applicable;
Individual – where identity cannot be established
(9) if the first person is an individual whose identity cannot be established; for example, where the provision or prospective provision of the designated service to which the suspicious matter relates occurred in a face‑to‑face circumstance:
(a) a description of the first person;
(b) a statement of whether any relevant documentation exists including a video or photograph, if known and held by the reporting entity;
(c) a description of any such relevant documentation relating to the first person, if known;
(d) the address of the first person (not being a post box address), if known;
(e) the email address of the first person, if known;
Non‑individual
(10) if the first person is not an individual:
(a) the name of the first person and any business name under which the first person is operating, if known;
(b) a description of the legal form of the first person and any business structure it is a part of, for the purposes of its main business activities, if known (for example, partnership, trust or company);
(c) the business or principal activity of the first person, if known;
(d) the full address of the first person (not being a post box address), at which the person carries on business, or principal place of business, if known;
(e) the postal address of the first person, if different from subparagraph 18.2(10)(d), if known;
(f) the telephone number of the first person, if known;
(g) where the first person has an ACN or ARBN – that number, if known;
(h) where the first person has an ABN – that number, if known;
(i) a description of any documentation relating to the first person to which the suspicious matter relates, if known;
(j) the name(s) of the beneficial owner(s) of the first person, if known;
(k) the name(s) of the office holder(s) of the first person, if known;
(l) the country at which the first person was incorporated, formed or registered, if known;
(m) the email address of the first person, if known;
(n) a description of the reliable and independent documentation and/or electronic data source(s) relied upon to verify the identity of the first person, if applicable;
Agent
(11) a statement of whether a person dealing with the reporting entity in relation to the provision or proposed provision of the designated service to which a suspicious matter relates, is an agent of the first person (agent);
(12) Where subparagraph 18.2(11) applies:
(a) a statement of whether the agent is a customer of the reporting entity;
(b) a description of the relationship between the agent and the first person, if known;
(c) a description of any evidence of the first person’s authorisation of the agent, if known;
Agent – individual
(13) If the agent is an individual:
(a) the full name of the agent, if known;
(b) the date of birth of the agent, if known;
(c) the full address of the agent (not being a post box address), if known;
(d) the postal address of the agent, if different from subparagraph 18.2(13)(c), if known;
(e) the telephone number of the agent, if known;
(f) the email address of the agent, if known;
(g) the country of citizenship of the agent, if known;
(h) the occupation, business or principal activity and ABN of the agent, if known;
(i) any other name(s) used by the agent, if known;
(j) a description of any reliable and independent documentation and/or electronic data source(s) relied upon to verify the identity of the agent, if applicable;
Agent – where identity cannot be established – individual
(14) if the agent’s identity cannot be established; for example, where the provision or prospective provision of the designated service to which the suspicious matter relates occurred in a face‑to‑face circumstance:
(a) a description of the agent, if applicable;
(b) a statement of whether any relevant documentation exists including a video or photograph, if known and held by the reporting entity;
(c) a description of any such relevant documentation relating to the agent, if known;
(d) the address of the agent (not being a post box address), if known;
(e) the email address of the agent, if known;
Agent – non‑individual
(15) if the agent is not an individual:
(a) the name of the agent and any business name(s) under which the agent is operating, if applicable;
(b) a description of the legal form of the agent and any business structure it is a part of, for the purposes of its main business activities, if known (for example, partnership, trust or company);
(c) the business or principal activity of the agent, if applicable;
(d) the full address of the agent (not being a post box address), at which the person carries on business, or principal place of business, if known;
(e) the postal address of the agent, if different from subparagraph 18.2(15)(d), if known;
(f) where the agent has an ACN or ARBN – that number, if known;
(g) where the agent has an ABN – that number, if known;
(h) a description of any documentation relating to the agent to which the suspicious matter relates, if known;
(i) the telephone number of the agent, if known;
(j) the email address of the agent, if known;
(k) the country in which the agent was incorporated, formed or registered, if known;
(l) the name(s) of beneficial owner(s) of the agent, if known;
(m) the name(s) of office holder(s) of the agent, if known;
(n) a description of any reliable and independent documentation and/or electronic data source(s) relied upon to verify the identity of the agent, if applicable;
Other relevant information
(16) the date(s) on which any of the following occurs in respect of the designated service to which the suspicious matter relates:
(a) the reporting entity commences to provide or proposes to provide the designated service to the first person; or
(b) the first person requests the reporting entity to provide the designated service, of a kind ordinarily provided by the reporting entity, to the first person; or
(c) the first person enquires of the reporting entity whether it would be willing or prepared to provide the designated service, of a kind ordinarily provided by the reporting entity, to the first person; or
(d) the agent deals with the reporting entity in relation to the provision or prospective provision of the designated service;
(17) the reporting entity’s identifier number (where applicable) or reference number relating to the provision or prospective provision of the designated service to which the suspicious matter relates;
(18) where an account provided by a reporting entity or another person relates to the designated service to which the suspicious matter relates:
(a) the name appearing on the account;
(b) the name of the provider of the account, if known;
(c) a description of the account, if known;
(d) the account number, if known;
(e) the name(s) of signatory(ies) to the account, if known;
(f) the BSB number of the account, if applicable and known;
(g) the date on which the account was opened, if known;
(h) a description of any documentation relating to the account, if known;
(i) the balance(s) of the account on the date(s) to which a suspicious matter relates, if known;
(19) the total amount related to the designated service to which the suspicious matter relates, in Australian dollars and/or foreign currency;
(20) where the total amount consists of components, for such of the components which relate to the grounds for the suspicion, if applicable and known:
(a) a description of each of the components;
(b) the amount of each of the components in Australian dollars;
(c) the type of foreign currency and amount of the foreign currency, where applicable, in relation to each of the components;
(d) the name of the drawer or issuer of each of the components, if applicable;
(e) the name and branch of the institution or foreign financial institution at which each of the components is, or was, drawn or issued, if applicable;
(f) the country in which the branch referred to in subparagraph 18.2(20)(e) is located;
(g) the name of the payee of each of the components, where applicable;
(h) if the payee of each of the components is not the beneficiary, the full name of the beneficiary, if known;
(i) the date on which each of the components occurs;
(21) if applicable, where money or property is transferred or is to be transferred under the provision or prospective provision of the designated service to which the suspicious matter relates:
(a) the full name of the sender;
(b) the full address of the sender (not being a post box address);
(c) the postal address of the sender, if different from subparagraph 18.2(21)(b), if known;
(d) the telephone number of the sender, if known;
(e) the email address of the sender, if known;
(f) a statement of whether the money was transferred or is to be transferred;
(g) a statement of whether the property was transferred or is to be transferred;
(h) a description of the property which is or is to be transferred;
(i) the account number of the sender from which money or property is transferred or is to be transferred, or where an account does not exist, a unique reference number relating to the transfer of money or property;
(j) the name of the institution or entity that issued the account referred to in subparagraph 18.2(21)(i);
(k) the full name of any payee, if known;
(l) if the payee is not the beneficiary, the full name of the beneficiary, if known;
(m) the full address of the payee and/or beneficiary (not being a post box address), if known;
(n) the postal address of the payee and/or beneficiary, if different from subparagraph 18.2(21)(m), if known;
(o) the account number of the beneficiary and/or payee;
(p) the name of the institution or entity that issued the account referred to in subparagraph 18.2(21)(o);
(q) the country in which the institution or entity referred to in subparagraph 18.2(21)(p) is located;
(r) the date on which the money or property is transferred or is to be transferred;
(21A) where the designated service involves digital currency:
(a) the denomination or code of the digital currency and the number of digital currency units;
(b) the value of the digital currency involved in the transaction, expressed in Australian dollars, if known;
(c) a description of the digital currency including details of the backing asset or thing, if known;
(d) the Internet Protocol (IP) address information of the first person, if known;
(e) the social media identifiers of the first person, if known;
(f) the unique identifiers relating to the digital currency wallet(s) of the first person, if known; and
(g) the unique device identifiers of the first person relating to or arising from the transaction, if known;
(22) if another institution, entity or intermediary was involved in the reporting entity’s provision or prospective provision of the designated service to which the suspicious matter relates:
(a) the full name of the other institution, entity or intermediary;
(b) the branch name or country of the other institution, entity or intermediary;
(c) the country of the branch of the other institution, entity or intermediary, if the country is not Australia;
(23) the name of the reporting entity;
(24) the full address and branch of the reporting entity (not being a post box address), at which any of the following applies:
(a) the reporting entity commences to provide or proposes to provide the designated service (to which the suspicious matter relates) to the first person; or
(b) the first person requests the reporting entity to provide the designated service (to which the suspicious matter relates), of a kind ordinarily provided by the reporting entity, to the first person; or
(c) the first person enquires of the reporting entity whether it would be willing or prepared to provide the designated service (to which the suspicious matter relates), of a kind ordinarily provided by the reporting entity, to the first person; or
(d) the agent deals with the reporting entity in relation to the provision or the prospective provision of the designated service (to which the suspicious matter relates);
(27) if a suspicious matter has been reported or is to be reported to an Australian government body that has responsibility for law enforcement referred to in paragraph 123(9)(b) of the AML/CTF Act:
(a) a description of the Australian government body;
(b) the address of the Australian government body;
(c) a description of the information which was provided to the Australian government body;
(d) the date on which the suspicious matter is to be, or was, reported;
(28) where a suspicious matter reporting obligation has previously arisen for the reporting entity in relation to the first person and was previously reported to AUSTRAC under section 41 of the AML/CTF Act:
(a) the date on which the suspicious matter was reported, if known;
(b) any identifier number or reference number given by the reporting entity to the previous report, if known.
18.3 A report under subsection 41(2) of the AML/CTF Act must contain the following details about the person completing the report:
(1) full name;
(2) job title or position;
(3) telephone number; and
(4) email address.
18.4 In this Chapter:
(1) ‘Digital currency wallet’ means any service that allows a person to send, request, receive, or store digital currency.
(2) ‘Unique device identifiers’ includes Media Access Control (MAC) addresses, International Mobile Equipment Identity (IMEI), International Mobile Subscriber Identity (IMSI) numbers, and secure element ID (SEID) numbers.
Reporting entities should note that in relation to activities they undertake to comply with the AML/CTF Act, they will have obligations under the Privacy Act 1988, including the requirement to comply with the Australian Privacy Principles, even if they would otherwise be exempt from the Privacy Act. For further information about these obligations, please go to http://www.oaic.gov.au or call 1300 363 992.
CHAPTER 19 Reportable details for threshold transactions
19.1 This Chapter commences on 1 October 2011.
Note: For obligations and liabilities under the Rules in Chapter 19 as in force on 30 September 2011, see subsection 7(2) of the Acts Interpretation Act 1901.
19.2 These Rules are made under section 229 of the Anti‑Money Laundering and Counter-Terrorism Financing Act 2006 (AML/CTF Act) for paragraph 43(3)(b) of that Act.
19.3 Subject to paragraph 19.4, a report under subsection 43(2) of the AML/CTF Act must contain the following details about a threshold transaction:
(1) if the customer of the designated service is an individual:
(a) the customer’s full name;
(b) any other name used by the customer, if known;
(c) any business name(s) under which the customer operates, if known;
(d) the customer’s date of birth;
(e) the customer’s full address (not being a post box address);
(f) the postal address of the customer if different from that in 19.3(1)(e), if known;
(g) the customer’s telephone number, if known;
(h) the ABN of the customer, if known;
(i) if the person conducting the threshold transaction is not the customer, the details of the person specified in subparagraph 19.3(15)(a) and if applicable, 19.3(15)(b) and 19.3(15)(c), of these Rules;
(2) if the customer who is conducting the transaction is a signatory to the account but not the account holder, only the following details are required:
(a) full name;
(b) any other name used by the signatory, if known;
(c) date of birth;
(d) full address (not being a post box address);
(e) the postal address of the signatory if different from that in 19.3(2)(d);
(f) telephone number, if known;
Note: Where 19.3(2) applies, the details of the customer who is the account holder must be supplied under subparagraphs 19.3(1) or 19.3(3).
(3) if the customer of the designated service is not an individual:
(a) the name of the customer and any business name(s) under which the customer operates;
(b) a description of the legal form of the customer and any business structure it is a part of, for the purposes of its main business activities, if known (for example: partnership, trust or company);
(c) the full address of the customer’s principal place of business (not being a post box address), if applicable;
(d) the postal address of the customer if different from that in 19.3(3)(c), if known;
(e) the ACN, ARBN and/or ABN of the customer, if known;
(f) the customer’s telephone number, if known;
(g) the details of the person conducting the threshold transaction specified in subparagraph 19.3(15)(a) and if applicable, 19.3(15)(b) and 19.3(15)(c), of these Rules;
(4) the occupation, business or principal activity of the customer or the relevant industry or occupation code(s) that applies to the customer’s business or occupation, if known, such as (without limitation):
(a) the Australian Bureau of Statistics in the Australian and New Zealand Standard Industrial Classification (ANZSIC) 2006 (as amended); or
(b) the relevant industry code that applies to the customer’s business as published by the Australian Bureau of Statistics in the Australian Standard Classification of Occupations (ASCO) (as amended from time to time);
(5) the date of the threshold transaction;
(6) a description of the designated service provided or commenced to be provided by the reporting entity to the customer which involves the threshold transaction;
(7) where applicable, the total of each of the following amounts, and the sum of these amounts, provided to or received from the customer relating to the threshold transaction:
(a) money, including the total of each component thereof, and the type and total of each currency where a component is physical currency;
(b) international funds transfers;
(c) subject to 19.3(7)(f), cheques;
(d) subject to 19.3(7)(f), bank cheques;
(e) subject to 19.3(7)(f), bank drafts;
(f) if the amount of 19.3(7)(c), (d) or (e) cannot be ascertained individually, the sum of those amounts;
(g) traveller’s cheques;
(h) money or postal orders;
(i) hire purchase or finance lease payments;
(j) negotiable debt instruments;
(k) benefit payments or payouts;
(l) contributions or premiums;
(m) derivatives or futures;
(n) securities;
(o) bullion;
(p) stored value cards (including whether the card was issued or topped up);
(q) gambling chips or tokens;
(r) electronic gaming machine payouts;
(s) winning tickets from wagering;
(t) buying into a game (for a gambling service);
(u) placing a bet; and
(v) any other value;
(8) all of the following details, as applicable to the threshold transaction:
(a) where the threshold transaction involves physical currency:
(i) the total amount in Australian dollars;
(ii) if the amount involves foreign currency, a description and amount of the currency;
(iii) the name(s) of the recipient(s);
(iv) the full address(es) of the recipient(s) (not being a post box address), if known;
(v) the date(s) of birth of the recipient(s), if known;
(vi) a description of the purpose of the transfer(s);
(vii) if the purpose of the transfer(s) is to:
(a) enable a cheque to be provided to the customer using all or part of the physical currency transferred by the customer; or
(b) enable the customer to receive physical currency in exchange for all or part of a cheque produced by the customer to the reporting entity;
the following details:
(c) the name of the drawer;
(d) the name of the drawee; and
(e) the amount of the cheque;
(b) where the threshold transaction involves digital currency:
(i) the denomination or code of the digital currency and the number of digital currency units;
(ii) the value of the digital currency involved in the transaction, expressed in Australian dollars, if known;
(iii) a description of the digital currency including details of the backing asset or thing, if known;
(iv) the name(s) of the recipient(s);
(v) the full address(es) of the recipient(s) (not being a post box address), if known;
(vi) the date(s) of birth of the recipient(s), if known;
(vii) a description of the purpose of the transfer(s);
(viii) if the purpose of the transfer(s) is to:
(a) enable a cheque to be provided to the customer using all or part of the digital currency transferred by the customer; or
(b) enable the customer to receive digital currency in exchange for all or part of a cheque produced by the customer to the reporting entity;
the following details:
(c) the name of the drawer;
(d) the name of the drawee; and
(e) the amount of the cheque;
(ix) the Internet Protocol (IP) address information of the customer and the recipient(s), if known;
(x) the email address of the customer and the recipient(s), if known;
(xi) the mobile phone number of the customer and the recipient(s), if known;
(xii) the social media identifiers of the customer and the recipient(s), if known;
(xiii) the unique identifiers relating to the digital currency wallet(s) of the customer and the recipient(s), if known;
(xiv) the unique device identifiers of the customer and the recipient(s), if known;
(c) where the threshold transaction is of a kind specified in the regulations involving money:
(i) the total amount in Australian dollars;
(ii) if the amount involves foreign currency, a description and amount of the currency;
(iii) a description of the type of specified transaction;
(iv) the name(s) of the recipient(s);
(v) the full address(es) of the recipient(s) (not being a post box address), if known;
(vi) the date(s) of birth of the recipient(s), if known;
(vii) a description of the purpose of the transfer(s);
(viii) if the purpose of the transfer(s) is to:
(a) enable a cheque to be provided to the customer using all or part of the money transferred by the customer; or
(b) enable the customer to receive money in exchange for all or part of a cheque produced by the customer to the reporting entity;
the following details:
(c) the name of the drawer;
(d) the name of the drawee; and
(e) the amount of the cheque;
(d) where the threshold transaction is of a kind specified in the regulations involving the transfer of property:
(i) a description of the type of specified transaction;
(ii) the value of the transferred property in Australian dollars;
(iii) if value of the transferred property involves foreign currency, a description and amount of the currency;
(iv) the name(s) of the recipient(s);
(v) the full address(es) of the recipient(s) (not being a post box address), if known;
(vi) the date(s) of birth of the recipient(s), if known;
(vii) a description of the purpose of the transfer(s);
(viii) if the purpose of the transfer(s) is to:
(a) enable a cheque to be provided to the customer using all or part of the property transferred by the customer; or
(b) enable the customer to receive property in exchange for all or part of a cheque produced by the customer to the reporting entity;
the following details:
(c) the name of the drawer;
(d) the name of the drawee; and
(e) the amount of the cheque;
(9) a description of any account opened by the reporting entity that involves the threshold transaction including the account’s identifying number;
(10) the name and if applicable, identifying number of the reporting entity;
(11) the name and if applicable, identifying number of the reporting entity at which the threshold transaction was conducted;
(12) the address of the reporting entity at which the threshold transaction was conducted;
(13) any identifying or transaction number assigned to the threshold transaction;
(14) a description of the reliable and independent documentation and/or electronic data source(s) relied upon to verify the identity of the customer, if applicable;
Individual conducting the threshold transaction is not the customer
(15) subject to 19.3(17), all of the following details, where applicable, of the threshold transaction conducted by an individual who is not the customer:
(a) if the person conducting the threshold transaction is an individual:
(i) the individual’s full name;
(ii) any other name used by the person, if known;
(iii) the individual’s date of birth, if known;
(iv) the individual’s full address (not being a post box address), if known;
(v) the postal address of the individual if different from that in 19.3(15)(a)(iv), if known;
(vi) the individual’s telephone number, if known;
(vii) a description of evidence of agency authorisation of the individual, if any and known;
(viii) unless 19.3(15)(b)(ii) or 19.3(15)(c)(iv) applies, the person’s occupation or principal activity, if known;
(b) if the individual is an employee acting on behalf of the customer, the following details in addition to those specified in subparagraph 19.3(15)(a):
(i) a statement of whether the person is conducting the transaction as an employee of the customer;
(ii) the individual’s title, role or position held with the customer, if known;
(c) if the individual is acting on behalf of a non-individual entity that is not the customer, the following details in addition to those specified in subparagraph 19.3(15)(a):
(i) the full name of the entity or business name under which the entity operates, if known;
(ii) the full address of the non-individual entity (not being a post box address), if known;
(iii) a description of evidence of agency authorisation of the non-individual entity to act on behalf of the customer, if any and known;
(iv) the individual’s title, role or position held with the non-individual entity, if known;
(v) the ACN, ARBN and/or ABN of the non-individual entity, if known;
(vi) a statement of whether the person who is conducting the transaction is acting on behalf of the non-individual entity;
(16) a description of the reliable and independent documentation and/or reliable and independent electronic data relied upon to verify the identity of the individual referred to in subparagraph 19.3(15), if applicable;
Information required in certain circumstances
19.3 (17) (a) where a threshold transaction occurs in the circumstances specified in subparagraph 19.3(15) but the transaction:
(i) involves a deposit service carried out in non-face to face circumstances by the individual; or
(ii) relates to the provision of a service of collecting, holding, or delivery (including of pay-rolls) of physical currency, collected from, held on behalf of, or delivered to a person in the course of carrying on a business of collecting, holding, or delivering physical currency, and the physical currency was not collected:
(A) by the provider of the service as consideration for the supply of goods or services (within the meaning of the Competition and Consumer Act 2010) other than the service of collecting or holding physical currency; or
(B) as a donation to a registered charity; then
(b) the provision of the following details, in addition to the details in 19.3(1)-(14), only:
(i) a statement that the circumstances in 19.3(17)(a)(i) or (ii) apply.
Note: Where a reporting entity is unable to ascertain whether the circumstances in 19.3(17)(a) applies, the reporting entity can assume that the transaction was carried out by the customer.
19.4 If the threshold transaction arises under a designated service that is of a kind described in item 3 of table 1 in subsection 6(2) of the AML/CTF Act, the reference to ‘customer’ in subparagraphs 19.3(2) to 19.3(14) inclusive will be taken, in the first instance, to refer only to the holder of the account and the signatory (if any) conducting the transaction in relation to the account, provided that:
(1) if there are other signatories to the account, the AUSTRAC CEO may require the reporting entity to give to the AUSTRAC CEO, in the form of a supplement to the subsection 43(2) report, the same information that was submitted for the signatory conducting the transaction set out in subparagraphs 19.3(2)(a) to (f) in respect of the other signatories; and
(2) nothing in paragraph 19.4 prevents a person (including the AUSTRAC CEO) from exercising his or her power under the AML/CTF Act (including under section 49) to obtain further information or documents, including information or documents about the other signatories (if any) to the account.
19.5 A report under subsection 43(2) of the AML/CTF Act must contain the following details about the person completing the report:
(1) full name;
(2) job title or position;
(3) telephone number; and
(4) email address.
19.6 In this Chapter:
(1) ‘Digital currency wallet’ means any service that allows a person to send, request, receive, or store digital currency.
(2) ‘Non-face to face circumstances’ includes the use of an automated teller machine or night or express deposit facility.
(3) ‘Unique device identifiers’ includes Media Access Control (MAC) addresses, International Mobile Equipment Identity (IMEI), International Mobile Subscriber Identity (IMSI) numbers, and secure element ID (SEID) numbers.
Reporting entities should note that in relation to activities they undertake to comply with the AML/CTF Act, they will have obligations under the Privacy Act 1988, including the requirement to comply with the Australian Privacy Principles, even if they would otherwise be exempt from the Privacy Act. For further information about these obligations, please go to http://www.oaic.gov.au or call 1300 363 992.
CHAPTER 20 Record‑keeping obligations under section 114
20.1 These Anti‑Money Laundering and Counter‑Terrorism Financing Rules (Rules) are made under section 229 of the Anti‑Money Laundering and Counter‑Terrorism Financing Act 2006 (AML/CTF Act) for the purposes of subsection 247(4) of that Act.
20.2 Pursuant to subsection 247(4) of the AML/CTF Act, subsections 114(2), 114(3) and 114(5) of that Act do not apply to a designated service which is, or is to be, provided in circumstances described in paragraphs 114(1)(a), 114(1)(b) and 114(1)(c), if the second reporting entity has:
(1) access to records of identification procedures made by the first reporting entity in accordance with subsection 112(2), under an agreement in place for the management of identification records; and
(2) determined that it is appropriate for it to rely upon the applicable customer identification procedure carried out by the first reporting entity having regard to the ML/TF risk faced by the second reporting entity relevant to the provision of the designated service to the customer.
20.3 In this Chapter:
(1) ‘first reporting entity’ means the reporting entity referred to in paragraph 114(1)(a) of the AML/CTF Act; and
(2) ‘second reporting entity’ means the reporting entity referred to in paragraph 114(1)(b) of the AML/CTF Act.
Reporting entities should note that in relation to activities they undertake to comply with the AML/CTF Act, they will have obligations under the Privacy Act 1988, including the requirement to comply with the Australian Privacy Principles, even if they would otherwise be exempt from the Privacy Act. For further information about these obligations, please go to http://www.oaic.gov.au or call 1300 363 992.
CHAPTER 21 Issuing or selling a security or derivative
Anti-Money Laundering and Counter-Terrorism Financing Rules for issuing or selling a security or derivative
21.1 These Anti-Money Laundering and Counter-Terrorism Financing Rules (Rules) are made under section 229 of the Anti-Money Laundering and Counter-Terrorism Financing Act 2006 (AML/CTF Act) for paragraph (d) of item 35 of table 1 in subsection 6(2) and subsection 247(3) of that Act.
21.2 For paragraph (d) of item 35 of table 1 in subsection 6(2) of the AML/CTF Act, the condition applies that the service is not a disposal of a security or derivative through an agent who is doing so in the course of carrying on a business of disposing of securities or derivatives in the capacity of agent, within the terms of item 33 of table 1 in subsection 6(2) of that Act.
21.3 For subsection 247(3) of the AML/CTF Act, the following designated services provided in any of the following circumstances are specified:
(1) a person issuing or selling a security or derivative to another person (transaction) under item 35 of table 1 in subsection 6(2) of the AML/CTF Act and the transaction occurs:
(a) on a prescribed financial market; or
(b) on a financial market in a foreign jurisdiction where:
(i) the financial market uses a proprietary system to facilitate the transaction; and
(ii) as a result of the use of that proprietary system, it is not reasonably practicable to conduct the applicable customer identification procedure on the customer in that jurisdiction; or
(2) an issue of an interest in a managed investment scheme (including an option to acquire an interest in a managed investment scheme) where the managed investment scheme is quoted on a prescribed financial market, in the following circumstances:
(a) the issue is in accordance with relevant requirements in the Corporations Act 2001 pursuant to a dividend or distribution plan (also known as a distribution reinvestment plan); and
(b) the interest is to be quoted on a prescribed financial market; or
(3) an issue of an interest in a managed investment scheme (including an option to acquire an interest in a managed investment scheme) where the managed investment scheme is quoted or to be quoted on a prescribed financial market, in the following circumstances:
(a) the issue is in accordance with relevant requirements in the Corporations Act 2001 pursuant to fundraising (including an initial public offering and a rights issue); and
(b) the interest is to be quoted on a prescribed financial market.
(4) an issue (but not sale, transfer or redemption) of an interest in a registered managed investment scheme (except for an interest which forms part of a stapled security) covered by item 35 of table 1 in subsection 6(2) of the AML/CTF Act (item 35 designated service) by a reporting entity (first reporting entity) in the following circumstances:
(a) the processing and settlement of the issue of the interest in the registered managed investment scheme occurs through a MIS service operated:
(i) only by:
(A) a prescribed financial market; or
(B) the operator of a financial market in respect of which an Australian market licence exemption has been made; or
(ii) only by both of the persons specified in subparagraphs 21.3(4)(a)(i)(A) and (B);
(b) the interest in the registered managed investment scheme is not quoted on a financial market; and
(c) the customer of the item 35 designated service has also been provided or will be provided with a designated service covered by item 33 of table 1 in subsection 6(2) of the AML/CTF Act by another reporting entity (second reporting entity); and
(d) the second reporting entity:
(i) is a participant;
(ii) has carried out the applicable customer identification procedure in respect to the customer; and
(iii) has confirmed, through the MIS service, to the first reporting entity, that the applicable customer identification procedure has been carried out for that customer by the second reporting entity; and
(e) prior to the first reporting entity issuing the interest in the registered managed investment scheme to the customer, the first reporting entity has received, through the MIS service, confirmation from the second reporting entity that the applicable customer identification procedure has been carried out in respect to the customer.
21.4 In this Chapter:
(1) ‘Australian market licence exemption’ means an exemption from the financial market licensing provisions in Part 7.2 of the Corporations Act 2001 granted pursuant to section 791C of that Act;
(2) ‘dividend or distribution plan’ has the meaning given by Chapter 19 of the ASX Listing Rules issued, as in force on 22 April 2008, by ASX Limited trading as the Australian Securities Exchange;
(3) ‘initial public offering’ in the context of an interest in a managed investment scheme is an offering of that interest by a reporting entity, for the first time, to an applicant who subscribes for that interest, before the interest is quoted on a prescribed financial market;
(4) ‘interest’ in a managed investment scheme includes a stapled security whereby one or more financial products are transferred together;
(5) ‘managed investment scheme’ has the meaning given in section 9 of the Corporations Act 2001;
(6) ‘MIS service’ means an electronic facility which:
(a) is solely used to receive, process and settle issues, sales, transfers and redemptions of interests in managed investment schemes (and associated receipts and payments); and
(b) for an issue of a new interest in a managed investment scheme – requires the applicable customer identification procedure in relation to a customer to be carried out by the second reporting entity; and
(c) requires the second reporting entity to, through the MIS service, advise the first reporting entity when the applicable customer identification procedure has been carried out in relation to the customer to whom the interest is to be issued prior to the issue of that interest;
(7) ‘participant’ has the meaning given by section 761A of the Corporations Act 2001;
(8) ‘prescribed financial market’ has the meaning given by section 9 of the Corporations Act 2001 and includes the Australian Securities Exchange Limited (ACN 000 943 377);
(9) ‘registered managed investment scheme’ means a managed investment scheme that is registered under section 601EB of the Corporations Act 2001;
(10) ‘proprietary system’ means a system or systems for the electronic trading, clearing and settlement of transactions relating to securities or derivatives;
(11) ‘rights issue’ has the meaning given by section 9A of the Corporations Act 2001.
Reporting entities should note that in relation to activities they undertake to comply with the AML/CTF Act, they will have obligations under the Privacy Act 1988, including the requirement to comply with the Australian Privacy Principles, even if they would otherwise be exempt from the Privacy Act. For further information about these obligations, please go to http://www.oaic.gov.au or call 1300 363 992.
CHAPTER 22 Exemption of certain types of transactions relating to the over-the-counter derivatives market
22.1 These Anti-Money Laundering and Counter-Terrorism Financing Rules (Rules) are made under section 229 for subsection 247(3) of the Anti-Money Laundering and Counter-Terrorism Financing Act 2006 (AML/CTF Act).
22.2 Subject to paragraph 22.3, the AML/CTF Act does not apply to a designated service that:
(1) is of a kind described in item 35 of table 1 in section 6 of the AML/CTF Act; and
(2) relates to the over-the-counter derivatives market in Australia in respect of one or more of the following commodities or products:
(a) electricity; or
(b) gas; or
(c) environmental products; or
(d) coal, oil, diesel or other form of fuel used in the generation of electricity by either:
(i) the provider of the designated service; or
(ii) the customer; or
(e) interest rate derivative products; or
(f) weather index or scale products relating to precipitation, temperature, wind, humidity or solar exposure; or
(g) foreign exchange derivative products; or
(h) oil derivative products linked to gas supply contracts.
22.3 The exemption in paragraph 22.2 only applies if:
(1) the person who provides the designated service:
(a) is registered as a Registered Participant under the National Electricity Rules; or
(b) is a Generator who under Rule 2.9.3 of the National Electricity Rules is exempt from registration; or
(c) is registered as a Rule Participant under the Wholesale Electricity Market Rules; or
(d) in a registrable capacity set out in Rule 135A, is registered as a Registered Participant under Rule 135AE of the National Gas Rules; or
(e) in a registrable capacity set out in Rule 135ABA, is registered as a Registered Participant under Rule 135AE of the National Gas Rules; and
(f) one of the following applies:
(i) the person holds an AFS licence that authorises that person to provide the designated service; or
(ii) the person acts through an agent that holds an AFS licence which authorises that agent to provide the designated service on behalf of the person, or is appointed as an authorised representative under section 916A of the Corporations Act 2001 to provide the designated service on behalf of the person; or
(iii) the person is, by regulation made under section 134 of the Electricity Industry Act 2004 (WA), exempt from the requirement to hold an AFS licence which authorises that person to provide the designated service; and
(2) the person who is the customer of the designated service:
(a) is registered as a Registered Participant under the National Electricity Rules; or
(b) is a Generator who under Rule 2.9.3 of the National Electricity Rules is exempt from registration; or
(c) is registered as a Rule Participant under the Wholesale Electricity Market Rules; or
(d) in a registrable capacity set out in Rule 135A, is registered as a Registered Participant under Rule 135AE of the National Gas Rules; or
(e) in a registrable capacity set out in Rule 135ABA, is registered as a Registered Participant under Rule 135AE of the National Gas Rules; or
(f) is acting on behalf of a person specified in subparagraphs 22.3(2)(a)-(e).
22.4 Subject to paragraph 22.5, the AML/CTF Act does not apply to a designated service that:
(1) is of a kind described in item 33 of table 1 in section 6 of the AML/CTF Act; and
(2) relates to the over-the-counter derivatives market in Australia in respect of one or more of the following commodities or products:
(a) electricity; or
(b) gas; or
(c) environmental products; or
(d) coal, oil, diesel or other form of fuel used in the generation of electricity by either:
(i) the provider of the designated service; or
(ii) the customer; or
(e) interest rate derivative products; or
(f) weather index or scale products relating to precipitation, temperature, wind, humidity or solar exposure; or
(g) foreign exchange derivative products; or
(h) oil derivative products linked to gas supply contracts.
22.5 The exemption in paragraph 22.4 only applies if:
(1) the person who provides the designated service:
(a) is acting in the capacity of an agent of a person who is registered as a Registered Participant under the National Electricity Rules; or
(b) is acting in the capacity of an agent of a person who is a Generator who under Rule 2.9.3 of the National Electricity Rules is exempt from registration; or
(c) is acting in the capacity of an agent of a person who is registered as a Rule Participant under the Wholesale Electricity Market Rules; or
(d) is acting in the capacity of an agent of a person who in a registrable capacity set out in Rule 135A, and is registered as a Registered Participant under Rule 135AE of the National Gas Rules; or
(e) is acting in the capacity of an agent of a person in a registrable capacity set out in Rule 135ABA, and is registered as a Registered Participant under Rule 135AE of the National Gas Rules; and
(f) one of the following applies:
(i) the person holds an AFS licence that authorises that person to provide the designated service; or
(ii) the person is appointed as an authorised representative under section 916A of the Corporations Act 2001 to provide the designated service; or
(iii) the person is, by regulation made under section 134 of the Electricity Industry Act 2004 (WA), exempt from the requirement to hold an AFS licence that authorises that person to provide the designated service; and
(2) the person who is the customer of the designated service:
(a) is registered as a Registered Participant under the National Electricity Rules; or
(b) is a Generator who under Rule 2.9.3 of the National Electricity Rules is exempt from registration; or
(c) is registered as a Rule Participant under the Wholesale Electricity Market Rules; or
(d) in a registrable capacity set out in Rule 135A, is registered as a Registered Participant under Rule 135AE of the National Gas Rules; or
(e) in a registrable capacity set out in Rule 135ABA, is registered as a Registered Participant under Rule 135AE of the National Gas Rules; or
(f) is acting in the capacity of an agent of a person specified in subparagraphs 22.5(2)(a)-(e).
22.6 In this Chapter:
(1) ‘AFS licence’ refers to an Australian financial services licence granted under section 913B of the Corporations Act 2001;
(2) ‘environmental products’ are transferable instruments created or recognised under Commonwealth, State or Territory laws which are intended to enhance environmental sustainability, reduce greenhouse gas emissions, increase the generation of electricity from renewable sources or encourage the efficient use of energy and including any emissions trading or other scheme;
(3) ‘National Electricity Rules’ refers to the Rules made pursuant to the National Electricity Law set out in the Schedule to the National Electricity (South Australia) Act 1996 (SA);
(4) ‘National Gas Rules’ refers to the Rules made pursuant to the National Gas Law set out in the Schedule to the National Gas (South Australia) Act 2008;
(5) ‘Wholesale Electricity Market Rules’ refers to the market rules made under the Electricity Industry (Wholesale Electricity Market) Regulations 2004 (WA).
Reporting entities should note that in relation to activities they undertake to comply with the AML/CTF Act, they will have obligations under the Privacy Act 1988, including the requirement to comply with the Australian Privacy Principles, even if they would otherwise be exempt from the Privacy Act. For further information about these obligations, please go to OAIC or call 1300 363 992.
CHAPTER 23 Anti-Money Laundering and Counter-Terrorism Financing Rules – persons specified as ‘non-financiers’
23.1 These Anti-Money Laundering and Counter-Terrorism Financing Rules are made under section 229 of the Anti-Money Laundering and Counter-Terrorism Financing Act 2006 (AML/CTF Act) for the purpose of paragraph (e) of the definition of ‘non-financier’ in section 5 of the AML/CTF Act.
23.2 For paragraph (e) of the definition of ‘non-financier’ in section 5 of the AML/CTF Act, the following persons are specified:
(1) a person carrying on an accounting practice; or
(2) a person carrying on a law practice.
23.3 In this Chapter:
(1) ‘accounting practice’ means a business carried out by either of the following:
(a) an accountant (however described) that supplies professional accounting services; or
(b) a partnership or company that uses accountants (however described) to supply professional accounting services;
(2) ‘law practice’ means a business carried out by either of the following:
(a) a legal practitioner (however described) that supplies professional legal services; or
(b) a partnership or company that uses legal practitioners (however described) to supply professional legal services.
Reporting entities should note that in relation to activities they undertake to comply with the AML/CTF Act, they will have obligations under the Privacy Act 1988, including the requirement to comply with the Australian Privacy Principles, even if they would otherwise be exempt from the Privacy Act. For further information about these obligations, please go to http://www.oaic.gov.au or call 1300 363 992.
CHAPTER 24 Anti-Money Laundering and Counter-Terrorism Financing Rules for reports about cross-border movements of monetary instrument
24.1 These Rules are made for the purposes of the following provisions of the Anti‑Money Laundering and Counter‑Terrorism Financing Act 2006 (the Act):
(a) paragraph 53(7)(b);
(b) paragraph 53(7)(d);
(c) paragraph 54(4)(b).
Report about moving monetary instruments into or out of Australia
(1) If a person moves a monetary instrument into or out of Australia, a report under section 53 of the Act (reports about movements of monetary instruments into or out of Australia) must:
(a) contain the information specified in subsection (2) (to the extent the information is known); and
(b) be given in accordance with the applicable timing rule specified in subsection (3).
Note: The report must also be given in the approved form (see paragraph 53(7)(a) of the Act).
(2) For the purposes of paragraph (1)(a), the information is as follows:
(a) if the person is an individual:
(i) the person’s full name; and
(ii) the person’s date and place of birth; and
(iii) the country or countries of which the person is a citizen; and
(iv) the person’s residential address; and
(v) the person’s telephone number; and
(vi) whether the person is an Australian resident; and
(vii) if the person is bringing the monetary instrument into Australia and is not an Australian resident—the person’s address and telephone number while in Australia; and
(viii) the person’s occupation, business or principal activity; and
(ix) the person’s ABN (if any);
(b) if the person is not an individual:
(i) the person’s full name; and
(ii) the person’s business or principal activity; and
(iii) the address at which the person’s business or principal activity is conducted; and
(iv) the person’s telephone number; and
(v) if the person is registered in Australia—the person’s ABN, ACN and ARBN (as applicable);
(c) if the person is moving the monetary instrument on behalf of another person (the other person)—the following details of the other person:
(i) if the other person is an individual—the details mentioned in subparagraphs (a)(i), (iv), (v), (viii) and (ix);
(ii) if the other person is not an individual—the details mentioned in subparagraphs (b)(i) to (v);
(d) if the person is delivering the monetary instrument to another person (the other person)—the following details of the other person:
(i) if the other person is an individual—the details mentioned in subparagraphs (a)(i), (iv), (v), (viii) and (ix);
(ii) if the other person is not an individual—the details mentioned in subparagraphs (b)(i) to (v);
(e) whether the monetary instrument is being moved into or out of Australia;
(f) the kind of monetary instrument being moved into or out of Australia;
(g) the monetary instrument amount being moved into or out of Australia;
(h) the currency of the monetary instrument being moved into or out of Australia;
(i) if the monetary instrument is a bearer negotiable instrument:
(i) the issuer or drawer of the monetary instrument; and
(ii) the payee, favouree or beneficiary of the monetary instrument; and
(iii) the name of the bearer of the monetary instrument; and
(iv) the city and country of issue of the monetary instrument; and
(v) any reference numbers of the monetary instrument;
(j) if the person is an individual and is bringing the monetary instrument into Australia or taking the instrument out of Australia:
(i) whether the person is travelling into or out of Australia; and
(ii) the town or city at which the person is entering or leaving Australia; and
(iii) the person’s date of arrival in or departure from Australia; and
(iv) the number and country of issue of the passport on which the person is travelling; and
(v) where practicable—the number of each other passport held by the person and the country of issue for each passport; and
(vi) the number of the flight or name of the vessel on which the person is bringing in or taking out the instrument; and
(vii) if the person is taking the monetary instrument out of Australia—the city and country to which the monetary instrument is being taken; and
(viii) if the person is bringing the monetary instrument into Australia—the city and country from which the monetary instrument is being brought;
(k) if the monetary instrument is being sent into or out of Australia:
(i) the means by which the monetary instrument is being sent; and
(ii) the name, address and telephone number of the individual or service provider carrying the monetary instrument into or out of Australia; and
(iii) if the monetary instrument is to be shipped—the name of the vessel on which it is to be shipped; and
(iv) the city and country from which the monetary instrument is being sent; and
(v) the city and country to which the monetary instrument is being sent; and
(vi) the date the monetary instrument is being sent;
(l) if the monetary instrument is being sent into or out of Australia—the following details of the person to whom the monetary instrument is being sent:
(i) the person’s full name;
(ii) the person’s telephone number;
(iii) if the person is an individual—the person’s residential address;
(iv) if the person is not an individual—the address at which the person’s business or principal activity is conducted;
(v) if the person is not an individual and is registered in Australia—the person’s ABN, ACN and ARBN (as applicable);
(m) a declaration that the information provided in the approved form is true, accurate and complete.
(3) For the purposes of paragraph (1)(b):
(a) if the person moves a monetary instrument into Australia by bringing the instrument into Australia—the report must be given:
(i) no later than when the person reaches the place at which customs officers examine baggage; or
(ii) if there is no such place, at the first opportunity that the person has to give the report after arrival in Australia; and
(b) if the person moves a monetary instrument into Australia by sending the instrument into Australia—the report must be given before the movement of the instrument takes place; and
(c) if the person moves a monetary instrument out of Australia by taking the instrument out of Australia—the report must be given:
(i) no later than when the person reaches the customs officer who is to examine the person’s passport in relation to the person leaving Australia; or
(ii) if there is no such examination, at any time before the last opportunity that the person has to give the report before leaving Australia; and
(d) if the person (the first person) moves a monetary instrument out of Australia by sending the instrument out of Australia by consignment, either through the post to a place outside Australia or to another person for carriage to a place outside Australia—the report must be given before the time when the instrument is irrevocably committed by the first person to a postal service or to the other person (as the case may be).
Report about receiving monetary instruments moved into Australia
(4) If a person receives a monetary instrument moved into Australia, a report under section 54 of the Act (reports about receipts of monetary instruments moved into Australia) must contain the following information (to the extent the information is known):
(a) if the person is an individual—the details mentioned in subparagraphs (2)(a)(i) to (ix);
(b) if the person is not an individual—the details mentioned in subparagraphs (2)(b)(i) to (v);
(c) if the person received the monetary instrument on behalf of another person (the other person)—the following details of the other person:
(i) if the other person is an individual—the details mentioned in subparagraphs (2)(a)(i), (iv), (v), (viii) and (ix);
(ii) if the other person is not an individual—the details mentioned in subparagraphs (2)(b)(i) to (v);
(d) if the person is delivering the monetary instrument to another person (the other person)—the following details of the other person:
(i) if the other person is an individual—the details mentioned in subparagraphs (2)(a)(i), (iv), (v), (viii) and (ix);
(ii) if the other person is not an individual—the details mentioned in subparagraphs (2)(b)(i) to (v);
(e) the kind of monetary instrument moved into Australia;
(f) the monetary instrument amount moved into Australia;
(g) the currency of the monetary instrument;
(h) if the monetary instrument is a bearer negotiable instrument:
(i) the issuer or drawer of the monetary instrument; and
(ii) the payee, favouree or beneficiary of the monetary instrument; and
(iii) the name of the bearer of the monetary instrument; and
(iv) the city and country of issue of the monetary instrument; and
(v) any reference numbers of the monetary instrument;
(i) the means by which the monetary instrument was moved into Australia;
(j) the name of the individual or service provider who moved the monetary instrument into Australia;
(k) if the monetary instrument was sent into Australia—the following details of the person who sent the monetary instrument (the sender) to the person:
(i) the sender’s full name;
(ii) the sender’s telephone number;
(iii) if the sender is an individual—the sender’s residential address;
(iv) if the sender is not an individual—the address at which the sender’s business or principal activity is conducted;
(v) if the sender is not an individual and is registered in Australia—the sender’s ABN, ACN and ARBN (as applicable);
(l) the city and country from which the monetary instrument was moved;
(m) the city, town or port in which the monetary instrument was received by the person;
(n) the date the monetary instrument was received by the person;
(o) a declaration that the information provided in the approved form is true, accurate and complete.
Note: The report must be given in the approved form before the end of 5 business days beginning on the day of receipt (see paragraphs 54(4)(a) and (d) of the Act).
24.2 In this Chapter:
‘passport’ means:
(a) a passport issued by the Commonwealth; or
(b) a passport or a similar document issued for the purpose of international travel, that:
(i) contains a photograph and the signature of the person in whose name the document is issued; and
(ii) is issued by a foreign government, the United Nations or an agency of the United Nations.
CHAPTER 27 Anti-Money Laundering and Counter-Terrorism Financing Rules for registrable details relating to the Register of Providers of Designated Remittance Services and the Remittance Sector Register
27.1 For the purposes of section 5 of the Anti-Money Laundering and Counter-Terrorism Financing Act 2006 the registrable details:
(A) in relation to the Register of Providers of Designated Remittance Services (old Register), are:
(1) any business name under which the person is operating;
(2) a description of whether the person is operating as a sole trader, company, partnership, trust or through any other legal structure;
(3) the full street address at which the person provides registrable designated remittance services, including the full street address of each branch of the person;
(4) if the person has an ACN or ARBN – that number;
(5) if the person has an ABN – that number;
(6) if the person holds an Australian financial services licence (AFSL) – the number of that licence;
(7) the person’s telephone number at its principal place of business;
(8) the person’s facsimile number at its principal place of business;
(9) the person’s email address at its principal place of business;
(10) the full name, date of birth, residential address and residential telephone number of:
(a) if the person is a sole trader – that individual; or
(b) if the person comprises a partnership – each partner;
(c) in any other case, except if the person is a company – each individual who has effective control of the business;
(11) for the individual who is, or is to be, the primary contact for any dealings with AUSTRAC, the individual’s:
(a) full name; and
(b) position or title; and
(c) telephone number; and
(d) facsimile number; and
(e) email address;
(12) a description of business carried on by the person including:
(a) the main destination(s) where money or property is to be received or is likely to be received as a result of a transfer by the person under a designated remittance arrangement;
(b) the main destination(s) from which money or property is to be transferred or is likely to be transferred by the person under a designated remittance arrangement; and
(c) the nature of any other business carried on by the person at the address(es) referred to in paragraph 27.1(A)(3);
(13) if the person provides a registrable designated remittance service through an agent:
(a) if the agent is an individual – the full name, date of birth, residential address, telephone number and facsimile number of the agent;
(b) if the agent is not an individual – the full name and business name of the agent, the ACN or ARBN and ABN (if applicable), and the address, telephone number and facsimile number of the agent’s registered office or principal place of business;
(14) the date on which the person commenced or is to commence offering registrable designated remittance services.
(B) in relation to the Remittance Sector Register, are:
If the person is registered as a remittance network provider
(1) The business name(s) under which the person is carrying on a business, or proposes to carry on a business, of providing a registrable designated remittance service;
(2) a description of whether the person is operating as an individual, company, partnership, trust or through any other legal structure;
(3) the full street address of the person’s principal place of business at which the person provides or proposes to provide a designated service, not being a branch of that person;
(4) if the person has an ACN or ARBN – that number;
(5) if the person has an ABN – that number;
(6) if the person holds an Australian financial services licence (AFSL) – the number of that licence;
(7) if the person holds an Australian credit licence – the number of that licence;
(8) the foreign equivalent of the ACN, ABN, ARBN, AFSL or Australian credit licence number, together with the country in which the number was issued;
(9) if the person is registered or licensed in a foreign country to provide remittance services – details of that registration or licence;
(10) the person’s telephone number at its principal place of business;
(11) the person’s facsimile number at its principal place of business (if applicable);
(12) the person’s email address at its principal place of business (if applicable);
(13) the full name and business address (not being a post box address), and, where applicable, any business registration number(s) of:
(a) if the person is an individual – that individual;
(b) if the person comprises a partnership – the full name and address (not being a post box address) of each partner of the partnership;
(c) if the person is a trust – the name of each trustee;
(d) if the person is a company – the beneficial owner(s) of the company;
(14) in respect of the authorised individual and each of the key personnel, those individuals’:
(a) full name;
(b) date of birth;
(c) position or title;
(d) business telephone number;
(e) business facsimile number (if applicable);
(f) business email address (if applicable); and
(g) full business address (not being a post box address);
(15) a description of the business carried on or proposed to be carried on by the person;
(16) the date on which the person commenced or is to commence offering registrable designated remittance services;
(17) whether the person or any of its key personnel:
(a) has been charged, prosecuted and/or convicted in relation to money laundering, financing of terrorism, terrorism, people smuggling, fraud, a serious offence, an offence under the AML/CTF Act, or an offence under the Financial Transaction Reports Act 1988 (FTR Act);
(b) has been subject to a civil penalty order made under the AML/CTF Act;
(c) has been the subject of civil or criminal proceedings or enforcement action, in relation to the management of an entity, or commercial or professional activities, which were determined adversely to the person or any of its key personnel (including by the person or any of its key personnel consenting to an order or direction, or giving an undertaking, not to engage in unlawful or improper conduct) and which reflected adversely on the person’s competence, diligence, judgement, honesty or integrity;
and if so, the details of each instance as the case may be, for the person and each of its key personnel.
Note: The above does not affect the operation of Part VIIC of the Crimes Act 1914, which means that certain convictions that are spent convictions are not required to be disclosed under these AML/CTF Rules.
(18) Details of whether the person is:
(a) a subsidiary of another entity or entities; or
(b) controlled by another entity or entities; and
if so
(c) the full names, addresses, positions and titles of the directors of the other entity or entities; and
(d) the ACN, ABN, ARBN (or foreign equivalent) of the other entity or entities (as applicable);
(19) the business contact details of the individual who completed the application for registration, comprising:
(a) full name;
(b) position or title;
(c) date of birth (optional);
(d) telephone number;
(e) facsimile number (if applicable);
(f) email address; and
(g) postal address.
If the person is registered as a remittance affiliate of a registered remittance network provider
(20) The business name(s) under which the remittance affiliate is carrying on a business, or proposes to carry on a business, of providing a registrable designated remittance service;
(21) a description of whether the remittance affiliate is operating as an individual, company, partnership, trust or through any other legal structure;
(22) the full street address of the remittance affiliate’s principal place of business at which the remittance affiliate provides or proposes to provide a designated service, not being a branch of that person;
(23) if the remittance affiliate has an ACN or ARBN – that number;
(24) if the remittance affiliate has an ABN – that number;
(25) if the remittance affiliate holds an Australian financial services licence (AFSL) – the number of that licence;
(26) if the remittance affiliate holds an Australian credit licence – the number of that licence;
(27) the foreign equivalent of the ACN, ABN, ARBN, AFSL or Australian credit licence number, together with the country in which the number was issued;
(28) if the remittance affiliate is registered or licensed in a foreign country to provide remittance services – details of that registration or licence;
(29) the remittance affiliate’s telephone number at its principal place of business;
(30) the remittance affiliate’s facsimile number at its principal place of business (if applicable);
(31) the remittance affiliate’s email address at its principal place of business (if applicable);
(32) the full name and business address (not being a post box address), and, where applicable, any business registration number(s) of:
(a) if the remittance affiliate is an individual – that individual;
(b) if the remittance affiliate comprises a partnership – the full name and address (not being a post box address) of each partner of the partnership;
(c) if the remittance affiliate is a trust – the name of each trustee;
(d) if the remittance affiliate is a company – the beneficial owner(s) of the company;
(33) in respect of the authorised individual and each of the key personnel, those individuals’:
(a) full name;
(b) date of birth;
(c) position or title;
(d) business telephone number;
(e) business facsimile number (if applicable);
(f) business email address (if applicable); and
(g) full business address (not being a post box address);
(34) a description of the business carried on or proposed to be carried on by the remittance affiliate;
(35) the date on which the remittance affiliate commenced or is to commence offering registrable designated remittance services;
(36) whether the remittance affiliate or any of its key personnel:
(a) has been charged, prosecuted and/or convicted in relation to money laundering, financing of terrorism, terrorism, people smuggling, fraud, a serious offence, an offence under the AML/CTF Act, or an offence under the Financial Transaction Reports Act 1988 (FTR Act);
(b) has been subject to a civil penalty order made under the AML/CTF Act;
(c) has been the subject of civil or criminal proceedings or enforcement action, in relation to the management of an entity, or commercial or professional activities, which were determined adversely to the remittance affiliate or any of its key personnel (including by the remittance affiliate or any of its key personnel consenting to an order or direction, or giving an undertaking, not to engage in unlawful or improper conduct) and which reflected adversely on the remittance affiliate’s competence, diligence, judgement, honesty or integrity;
and if so, the details of each instance as the case may be, for the remittance affiliate and each of its key personnel.
Note: The above does not affect the operation of Part VIIC of the Crimes Act 1914, which means that certain convictions that are spent convictions are not required to be disclosed under these AML/CTF Rules.
(37) Details of whether the remittance affiliate is:
(a) a subsidiary of another entity or entities; or
(b) controlled by another entity or entities; and
if so
(c) the full names, addresses, positions and titles of the directors of the other entity or entities; and
(d) the ACN, ABN, ARBN (or foreign equivalent) of the other entity or entities (as applicable);
(38) the business contact details of the individual who completed the remittance affiliate’s application for registration, comprising:
(a) full name;
(b) position or title;
(c) date of birth (optional);
(d) telephone number;
(e) facsimile number (if applicable);
(f) email address; and
(g) postal address.
If the person is registered as an independent remittance dealer or if a person is an independent remittance dealer who is also registered as a remittance affiliate
(39) The business name(s) under which the person is carrying on a business, or proposes to carry on a business, of providing a registrable designated remittance service;
(40) a description of whether the person is operating as an individual, company, partnership, trust or through any other legal structure;
(41) the full street address of the person’s principal place of business at which the person provides or proposes to provide a designated service, not being a branch of that person;
(42) if the person has an ACN or ARBN – that number;
(43) if the person has an ABN – that number;
(44) if the person holds an Australian financial services licence (AFSL) –the number of that licence;
(45) if the person holds an Australian credit licence – the number of that licence;
(46) the foreign equivalent of the ACN, ABN, ARBN, AFSL or Australian credit licence number, together with the country in which the number was issued;
(47) if the person is registered or licensed in a foreign country to provide remittance services – details of that registration or licence;
(48) the person’s telephone number at its principal place of business;
(49) the person’s facsimile number at its principal place of business (if applicable);
(50) the person’s email address at its principal place of business (if applicable);
(51) the full name and business address (not being a post box address), and, where applicable, any business registration number(s) of:
(a) if the person is an individual – that individual;
(b) if the person comprises a partnership – the full name and address (not being a post box address) of each partner of the partnership;
(c) if the person is a trust – the name of each trustee;
(d) if the person is a company – the beneficial owner(s) of the company;
(52) in respect of the authorised individual and each of the key personnel, those individuals’:
(a) full name;
(b) date of birth;
(c) position or title;
(d) business telephone number;
(e) business facsimile number (if applicable);
(f) business email address (if applicable); and
(g) full business address (not being a post box address);
(53) a description of the business carried on or proposed to be carried on by the person;
(54) the date on which the person commenced or is to commence offering registrable designated remittance services;
(55) whether the person or any of its key personnel:
(a) has been charged, prosecuted and/or convicted in relation to money laundering, financing of terrorism, terrorism, people smuggling, fraud, a serious offence, an offence under the AML/CTF Act, or an offence under the Financial Transaction Reports Act 1988 (FTR Act);
(b) has been subject to a civil penalty order made under the AML/CTF Act;
(c) has been the subject of civil or criminal proceedings or enforcement action, in relation to the management of an entity, or commercial or professional activities, which were determined adversely to the person or any of its key personnel (including by the person or any of its key personnel consenting to an order or direction, or giving an undertaking, not to engage in unlawful or improper conduct) and which reflected adversely on the person’s competence, diligence, judgement, honesty or integrity;
and if so, the details of each instance as the case may be, for the person and each of its key personnel.
Note: The above does not affect the operation of Part VIIC of the Crimes Act 1914, which means that certain convictions that are spent convictions are not required to be disclosed under these AML/CTF Rules.
(56) Details of whether the person is:
(a) a subsidiary of another entity or entities; or
(b) controlled by another entity or entities; and
if so
(c) the full names, addresses, positions and titles of the directors of the other entity or entities; and
(d) the ACN, ABN, ARBN (or foreign equivalent) of the other entity or entities (as applicable);
(57) the business contact details of the individual who completed the application for registration, comprising:
(a) full name;
(b) position or title;
(c) date of birth (optional);
(d) telephone number;
(e) facsimile number (if applicable);
(f) email address; and
(g) postal address.
Note: Section 75A of the AML/CTF Act specifies that the following details must be entered on the Remittance Sector Register if the AUSTRAC CEO decides to register a person under subsection 75C(2): ‘the name of the person’, ‘whether the person is registered as (i) a remittance network provider, (ii) an independent remittance dealer, or (iii) a remittance affiliate of a registered remittance network provider’, ‘if the person is registered as a remittance affiliate of a registered remittance network provider – the name of the registered remittance network provider’, ‘any conditions to which the registration of the person is subject’, and ‘the date on which the registration takes effect’.
27.2 In this Chapter:
(1) ‘authorised individual’ means a natural person who is:
(a) a beneficial owner; or
(b) an officer as defined in section 9 of the Corporations Act 2001 or;
(c) is an employee of the person registered on the Remittance Sector Register who has been authorised in writing by the registered person to act in this capacity;
(2) ‘beneficial owner’ has the same meaning as in Chapter 1 of these AML/CTF Rules;
(3) ‘company’ has the same meaning as in the Corporations Act 2001;
(4) ‘control’ has the meaning given by section 50AA of the Corporations Act 2001;
(5) ‘destination’ includes country and a city or town of that country;
(6) ‘enforcement action’ includes any action of a corrective or punitive nature in respect of an alleged breach of a law taken by a regulatory body of the Commonwealth or a State or Territory, or a government body;
(7) ‘entity’ has the same meaning as in section 9 of the Corporations Act 2001;
(8) ‘fraud’ means dishonestly obtaining a benefit by deception or other means;
(9) ‘key personnel’ means:
(a) in the case of a company, corporation sole or body politic, is a natural person that is;
(i) a beneficial owner; or
(ii) an officer as defined in section 9 of the Corporations Act 2001, or an employee or agent of the body corporate with duties of such responsibility that his or her conduct may fairly be assumed to represent the body corporate's policy;
(b) in the case of an individual, trust or partnership, is a natural person that is an employee or agent of the individual, trust or partnership with duties of such responsibility that his or her conduct may fairly be assumed to represent the policy of the individual, trust or partnership;
(10) ‘old Register’ means the Register of Providers of Designated Remittance Services within the meaning of the Anti-Money Laundering and Counter-Terrorism Financing Act 2006, as in force immediately before the registration commencement day.
Note: The registration commencement day was 1 November 2011.
(11) ‘people smuggling’ means conduct that amounts to:
(a) an offence against Division 73 of the Criminal Code; or
(b) an offence against Subdivision A, Division 12, Part 2 of the Migration Act 1958; or
(c) an offence against a law of a foreign country or of a part of a foreign country that corresponds:
(i) to an offence referred to in paragraph (a) or (b); or
(ii) with the Protocol against the Smuggling of Migrants by Land, Sea and Air, supplementing the United Nations Convention against Transnational Organized Crime;
(12) ‘person’ has the same meaning as in the AML/CTF Act;
(13) ‘serious offence’ means an offence which is:
(a) an offence against a law of the Commonwealth, or a law of a State or Territory, punishable on indictment by imprisonment for life or 2 or more years, that may be dealt with as an indictable offence (even if it may, in some circumstances, be dealt with as a summary offence) regardless of whether the offence proceeds summarily or on indictment; or
(b) an offence against a law of a foreign country constituted by conduct that, if it had occurred in Australia, would have constituted a serious offence.
A ‘serious offence’ in relation to a person other than an individual means an offence which would have been a serious offence if the person had been an individual;
(14) ‘subsidiary’ has the same meaning as in the Corporations Act 2001;
(15) ‘terrorism’ means conduct that amounts to:
(a) an offence against Division 101 or 102 of the Criminal Code; or
(b) an offence against a law of a State or Territory that corresponds to an offence referred to in paragraph (a); or
(c) an offence against a law of a foreign country or of a part of a foreign country that corresponds to an offence referred to in paragraph (a).
Reporting entities should note that in relation to activities they undertake to comply with the AML/CTF Act, they will have obligations under the Privacy Act 1988, including the requirement to comply with the Australian Privacy Principles, even if they would otherwise be exempt from the Privacy Act. For further information about these obligations, please go to http://www.oaic.gov.au or call 1300 363 992.
CHAPTER 28 Applicable customer identification procedures in certain circumstances – assignment, conveyance, sale or transfer of businesses
28.1 These Anti-Money Laundering and Counter-Terrorism Financing Rules (Rules) are made under section 229 for subsection 39(4) of the Anti-Money Laundering and Counter-Terrorism Financing Act 2006 (AML/CTF Act).
28.2 Subject to paragraphs 28.4 and 28.5, Division 4 of Part 2 of the AML/CTF Act does not apply to a designated service that is provided in the circumstances specified in paragraph 28.3.
28.3 The specified circumstances for the purposes of paragraph 28.2 are that:
(1) either:
(a) reporting entity one has assigned, conveyed, sold or transferred the whole or a part of its business to reporting entity two, excluding a compulsory transfer of business which takes effect under Part 4 of the Financial Sector (Business Transfer and Group Restructure) Act 1999 (FSA); or
(b) all or part of the assets and liabilities of reporting entity one have become the assets and liabilities of reporting entity two as a result of a transfer effected pursuant to a certificate of transfer issued by the Australian Prudential Regulation Authority (APRA) under section 18 of the FSA; and
(2) the designated service is provided to a transferring customer; and
(3) prior to the assignment, conveyance, sale or transfer, or all or part of the assets and liabilities of reporting entity one becoming the assets and liabilities of reporting entity two, reporting entity two has reasonably determined:
(a) the ML/TF risk it faces in providing the designated service to the transferring customers as a group; and
(b) that it has in place appropriate risk-based systems and controls to identify, manage and mitigate the ML/TF risk it faces in providing the designated service to the transferring customers as a group; and
(c) based on the assessed ML/TF risk and its risk-based systems and controls, it is reasonable for it to either:
(i) rely upon the applicable customer identification procedure of reporting entity one as an appropriate means to identify and verify the identification of a transferring customer; or
(ii) treat a transferring customer who was a pre-commencement customer of reporting entity one as if the customer was a pre-commencement customer of reporting entity two.
28.4 Reporting entity two must, within 14 days after any of the circumstances specified in paragraph 28.5 comes into existence, take one or more of the actions specified below:
(1) carry out the applicable customer identification procedure, unless reporting entity two has previously carried out that procedure or a comparable procedure; or
(2) collect any KYC information in respect of the customer; or
(3) verify, from a reliable and independent source, KYC information that has been obtained in respect of the customer, as is appropriate to the ML/TF risk relevant to the provision of the designated service by reporting entity two;
for the purpose of enabling reporting entity two to be reasonably satisfied that the customer is the person that he or she claims to be.
28.5 For the purposes of paragraph 28.4 the following circumstances are specified:
(1) a suspicious matter reporting obligation arises in relation to a transferring customer; or
(2) reporting entity two reasonably suspects that reporting entity one did not carry out the applicable customer identification procedure when required; or
(3) a significant increase has occurred in the level of ML/TF risk as assessed under the AML/CTF program of reporting entity two, in relation to the provision of a designated service by reporting entity two to a transferring customer.
28.6 In this Chapter:
(1) ‘reporting entity one’ means the reporting entity that either:
(a) assigns, conveys, sells or transfers a whole or a part of the business; or
(b) is to transfer, or has transferred, all or part of its assets or liabilities pursuant to Part 3 of the FSA;
(2) ‘reporting entity two’ means the reporting entity to which reporting entity one either:
(a) assigns, conveys, sells or transfers a whole or a part of the business, excluding compulsory transfers of business effected pursuant to Part 4 of the FSA; or
(b) is to transfer, or has transferred, all or part of its assets or liabilities pursuant to Part 3 of the FSA;
(3) ‘transferring customer’ means a customer who is a customer of reporting entity two in relation to a designated service solely because of the transfer of all or part of the assets or liabilities of reporting entity one to reporting entity two or the assignment, conveyance, sale or transfer of the whole or a part of the business from reporting entity one.
Reporting entities should note that in relation to activities they undertake to comply with the AML/CTF Act, they will have obligations under the Privacy Act 1988, including the requirement to comply with the Australian Privacy Principles, even if they would otherwise be exempt from the Privacy Act. For further information about these obligations, please go to http://www.oaic.gov.au or call 1300 363 992.
CHAPTER 29 Record-keeping obligations under section 107
29.1 These Anti-Money Laundering and Counter-Terrorism Financing Rules (Rules) are made under section 229 of the Anti-Money Laundering and Counter-Terrorism Financing Act 2006 (AML/CTF Act) for paragraph 107(1)(b) of that Act.
29.2 For paragraph 107(1)(b) of the AML/CTF Act the following records are declared to be exempt:
(1) customer-specific documents (such as account statements), correspondence and publicly-available statements, forms and documents which a reporting entity routinely provides to its customers, such as disclosure statements, financial or investment analysis or summary reports;
(2) product or service information, which replicate information retained as a record by the reporting entity;
(3) general correspondence with customers, such as, but not limited to, promotional materials and general correspondence relating to fees, service charges, interest rate changes, terms and conditions, technology changes and legislative changes which are not specific to a particular customer;
(4) overdrawn notices and accompanying correspondence;
(5) information provided to a customer of a reporting entity on the methods by which a designated service is to be delivered;
(6) correspondence or similar documents provided by a reporting entity to a customer which relate to, or otherwise document, product or service enquiries or comments from customers, such as customer experience records or requests for information on a product;
(7) records of interviews or conversations with customers, such as recordings of phone conversations where instructions are received from the customer unless the information contained in such interviews or conversations relates to a reporting obligation under the AML/CTF Act;
(8) a record of information created by the use of an optical surveillance device;
(9) an electronic file created solely for the purpose of submitting electronic reports to AUSTRAC in a manner and form approved by the AUSTRAC CEO for the purposes of paragraph 244(2)(b) of the AML/CTF Act.
29.3 In this Chapter:
(1) ‘optical surveillance device’ has the same meaning as in the Surveillance Devices Act 2004.
Reporting entities should note that exemptions declared by this Chapter only affect record-keeping obligations derived from the AML/CTF Act and do not affect reporting entities’ record-keeping obligations under any other legislation.
Reporting entities should note that in relation to activities they undertake to comply with the AML/CTF Act, they will have obligations under the Privacy Act 1988, including the requirement to comply with the Australian Privacy Principles, even if they would otherwise be exempt from the Privacy Act. For further information about these obligations, please go to http://www.oaic.gov.au or call 1300 363 992.
CHAPTER 30 Disclosure certificates
30.1 These Anti-Money Laundering and Counter-Terrorism Financing Rules (Rules) are made under section 229 of the Anti-Money Laundering and Counter-Terrorism Financing Act 2006 (AML/CTF Act) for subparagraphs 91(1)(d)(ii), 91(2)(d)(ii) and 91(3)(d)(ii) of that Act, to specify requirements for paragraphs 84(3)(b), 85(3)(b) and 86(1)(c) of that Act. To avoid doubt, disclosure certificates may be used for the purposes of subsection 36(1) of the AML/CTF Act and to the extent necessary to enable that use, these Rules are also made for paragraph 36(1)(b) of the AML/CTF Act.
30.2 Part B of a standard, joint or special anti-money laundering and counter-terrorism financing program, may provide that a reporting entity may request that a customer of the type specified in paragraphs 30.6 to 30.12 provide a disclosure certificate, but only in the following circumstances:
(1) the reporting entity has determined that the information cannot otherwise be reasonably obtained or verified;
(2) the information to be provided or verified is reasonably required under the AML/CTF program applying to the reporting entity;
(3) the reporting entity has applied the relevant procedures and requirements in its AML/CTF program, but has been unable to obtain or verify the information; and
(4) the information is one or more of the items of information specified in paragraphs 30.6 to 30.12.
30.3 Reporting entities may accept disclosure certificates that are certified by an appropriate officer of the customer for the purposes of paragraphs 30.6 to 30.12.
30.4 An ‘appropriate officer’ in regard to the customer is determined by the reporting entity in accordance with its risk-based systems and controls.
30.5 A reporting entity must not rely on a disclosure certificate if it knows or has reason to believe that the information contained in the certificate is incorrect or unreliable.
Domestic Companies
30.6 For paragraph 4.3.11, a disclosure certificate for a domestic company must contain:
(1) the full name and full residential address of each beneficial owner of the company;
(2) the full name of the appropriate officer;
(3) a certification by the appropriate officer that the information contained in the disclosure certificate is true, accurate and complete; to the best of their knowledge and belief; and
(4) the date of certification by the appropriate officer.
Foreign companies
30.7 For paragraphs 4.3.12 and 4.3.13, a disclosure certificate for a foreign company registered in Australia must contain:
(1) the full name of the company;
(2) information about whether the company is registered by the relevant foreign registration body and if so, whether it is registered as a private or public company or some other type of company;
(3) the full name and full residential address of each beneficial owner;
(4) the full name of the appropriate officer;
(5) certification by the appropriate officer that the information contained in the disclosure certificate is true, accurate, and complete, to the best of their knowledge and belief; and
(6) the date of certification by the appropriate officer.
30.8 For a foreign company not registered in Australia a disclosure certificate must contain:
(1) the full name of the company;
(2) information about whether the company is registered by the relevant foreign registration body and if so:
(a) any identification number issued to the company by the relevant foreign registration body upon the company’s formation, incorporation or registration;
(b) whether it is registered as a private or public company or some other type of company by the relevant foreign registration body;
(c) the jurisdiction of incorporation of the foreign company as well as the jurisdiction of the primary operations of the foreign company and the location of the foreign stock or equivalent exchange (if any); and
(d) contain the full name and full residential address of each beneficial owner;
(3) the full name of the appropriate officer;
(4) certification by the appropriate officer that the inf