Part 1—Preliminary

This instrument is the Anti-Money Laundering and Counter-Terrorism Financing Rules 2025.

(1) Each provision of this instrument specified in column 1 of the table commences, or is taken to have commenced, in accordance with column 2 of the table. Any other statement in column 2 has effect according to its terms.

Commencement information
Column 1	Column 2	Column 3
Provisions	Commencement	Date/Details
1. The whole of this instrument	31 March 2026.	31 March 2026

Note: This table relates only to the provisions of this instrument as originally made. It will not be amended to deal with any later amendments of this instrument.

(2) Any information in column 3 of the table is not part of this instrument. Information may be inserted in this column, or information in it may be edited, in any published version of this instrument.

1‑3 Authority

This instrument is made under the Anti‑Money Laundering and Counter‑Terrorism Financing Act 2006.

1‑4 Definitions

Note: Expressions used in this instrument have the same meaning as in the Act (see paragraph 13(1)(b) of the Legislation Act 2003). Some examples are the following:

(a) designated service;

(b) financial institution;

(d) nested services relationship;

(e) reporting entity;

(f) senior manager;

(g) transfer of value.

In this instrument:

ABN has the meaning given by section 41 of the A New Tax System (Australian Business Number) Act 1999.

ACN has the meaning given by section 9 of the Corporations Act 2001.

Act means the Anti‑Money Laundering and Counter‑Terrorism Financing Act 2006.

ARBN has the meaning given by section 9 of the Corporations Act 2001.

ARSN has the meaning given by section 9 of the Corporations Act 2001.

Attorney‑General’s Department means the Department administered by the Attorney‑General.

BECS means the Bulk Electronic Clearing System administered by the Australian Payments Network.

BPAY means the electronic bill payment system known as BPAY.

card number includes a tokenised reference that allows the issuer of a credit card, debit card or stored value card to trace a payment to a payer’s card.

co‑operative means a body that, under a law of the Commonwealth, a State, a Territory or a foreign country, is registered as a co‑operative.

corporate group means a group of 2 or more bodies corporate, where each member of the group is a related body corporate of each other member of the group.

Defence Department means the Department administered by the Minister responsible for administering the Defence Act 1903.

DEFT (short for “Direct Electronic Funds Transfer”) means the electronic bill payment system known as DEFT.

director identification number has the meaning given by section 9 of the Corporations Act 2001.

domestic transfer of value: a transfer of value is a domestic transfer of value if the value to be transferred is in Australia and, as a result of the transfer, the value will be in Australia.

Note: See section 8‑9 for the circumstances in which the value is in a country.

earnings has the meaning given by subsection 3‑4(1).

eligible officer has the meaning given by section 1272B of the Corporations Act 2001.

Foreign Affairs Department means the Department administered by the Minister responsible for administering the Diplomatic Privileges and Immunities Act 1967.

foreign company has the same meaning as in the Corporations Act 2001.

Home Affairs Department means the Department administered by the Minister responsible for administering the Australian Border Force Act 2015.

independent evaluation report has the meaning given by paragraph 5‑10(2)(e).

key personnel of a person means each individual who is any of the following:

(a) either:

(i) for a person who is an individual—the individual; or

(ii) otherwise—the individual, or an individual in the group of individuals, with primary responsibility for the governance and executive decisions of the person;

(b) for a person other than an individual—a beneficial owner of the person;

(c) an individual who makes, or participates in making, decisions that affect the whole, or a substantial part, of the business of the person;

(d) an AML/CTF compliance officer of the person.

Note: For a person who is a reporting entity:

(a) paragraph (a) covers the reporting entity’s governing body (defined in section 5 of the Act); and

(b) paragraph (c) covers a senior manager (defined in section 5 of the Act) of the reporting entity.

leviable entity has the same meaning as in the Australian Transaction Reports and Analysis Centre Industry Contribution Act 2011.

merchant payment: a transfer of value is a merchant payment if:

(a) the value transferred is money; and

(b) the money is transferred to the payee in the payee’s capacity as a merchant; and

(i) a credit card;

(ii) a debit card;

(iii) a stored value card; and

(d) the ordering institution issued that card to the payer; and

(e) the beneficiary institution initiates the transfer by sending the payer’s instruction for the transfer to the ordering institution; and

(f) the beneficiary institution pays, or accepts liability to pay, the payee (either directly or through another person).

passport has the same meaning as in the Migration Act 1958.

payable‑through accounts has the meaning given by paragraph 7‑1(3)(g).

payer information, in relation to a transfer of value, means both of the following:

(a) the payer’s full name;

(b) information that is one or more of the following:

(i) a unique customer identification number given to the payer by the ordering institution;

(ii) a unique identifier for the payer;

(iii) if the payer is an individual—the payer’s date and place of birth;

(iv) the payer’s full business or residential address (not being a post box).

registered financial sector entity means an entity that is a registered entity within the meaning of the Financial Sector (Collection of Data) Act 2001.

registrable services means:

(a) in relation to registration or proposed registration of a person under Part 6 of the Act as a remittance network provider—registrable remittance network services; or

(b) in relation to registration or proposed registration of a person under Part 6 of the Act as an independent remittance dealer or a remittance affiliate of a registered remittance network provider—registrable remittance services; or

(c) in relation to registration or proposed registration of a person under Part 6A of the Act as a virtual asset service provider—registrable virtual asset services.

related body corporate has the same meaning as in the Corporations Act 2001.

super‑agent has the meaning given by subsection 4‑13(2).

tracing information, in relation to a transfer of value, means information that satisfies both of the following:

(a) the information:

(i) for a transfer from an account held by the payer with the ordering institution—enables the ordering institution to identify the account; or

(ii) for a transfer of a virtual asset from a custodial wallet—enables the ordering institution to identify the payer’s virtual asset holdings in the wallet (such as by providing the wallet address, including the destination tag or memo details, if applicable); or

(iii) for a transfer of a virtual asset from a self‑hosted virtual asset wallet—provides the address of the wallet; or

(iv) in any other case—provides a unique transaction reference number for the transfer of value;

(b) the information:

(i) for a transfer in circumstances where the value is to be made available to the payee by depositing it into an account held by the payee—enables the beneficiary institution to identify the account; or

(ii) for a transfer of a virtual asset in circumstances where the asset is to be made available to the payee by transferring it to a custodial wallet—enables the beneficiary institution to identify the payer’s virtual asset holdings in the wallet (such as by providing the wallet address, including the destination tag or memo details, if applicable); or

(iii) for a transfer of a virtual asset in circumstances where the value is to be made available to the payee by transferring it to a self‑hosted virtual asset wallet—provides the address of the wallet; or

(iv) in any other case—provides a unique transaction reference number for the transfer of value.

Note: An example of information to which subparagraphs (a)(i) and (b)(i) apply is a combination of a BSB and account number.

ultimate parent of a remitter, virtual asset service provider or financial institution means a body corporate that:

(a) controls the remitter, virtual asset service provider or financial institution; and

(b) is not itself controlled by another body corporate.

Note: For the meaning of control, see section 11 of the Act.

unique identifier for a person means:

(a) a unique identifier given to the person by an Australian government body (other than the person’s tax file number within the meaning of section 202A of the Income Tax Assessment Act 1936); or

(b) a unique identifier given to the person by a government body of a foreign country (together with information identifying the body); or

(c) a legal entity identifier given to the person by an organisation accredited by the Global Legal Entity Identifier Foundation (together with information identifying the organisation); or

(d) a connected business identifier code given to the person by the Society for Worldwide Interbank Financial Telecommunication.

unique transaction reference number, in relation to a transfer of value, means information to which both of the following paragraphs apply:

(a) the information is a combination of any or all of the following:

(i) letters;

(ii) digits;

(iii) characters;

(iv) symbols;

(b) the information distinguishes the transfer of value in a way that, either alone or in conjunction with any other information in the transfer message for the transfer of value, enables the ordering institution to associate the transfer of value with the payer, and the beneficiary institution to associate the transfer of value with the payee.

1‑5 Domestic politically exposed person

For the purposes of paragraph (a) of the definition of domestic politically exposed person in section 5 of the Act, the following offices and positions are specified:

(a) Governor‑General;

(b) Governor of a State;

(d) Justice of the High Court;

(e) Judge of the Federal Court of Australia;

(f) Judge of the Supreme Court of a State or Territory;

(g) accountable authority, or member of the accountable authority, of a Commonwealth entity within the meaning of the Public Governance, Performance and Accountability Act 2013;

(h) member of the governing body of a wholly‑owned Commonwealth company within the meaning of the Public Governance, Performance and Accountability Act 2013;

(i) head (however described) of:

(i) a Department of State of a State or Territory; or

(ii) an agency or authority of a State or Territory that has a prominent public function;

(j) head (however described) of a local government council in a State or Territory;

(k) any of the following offices of a company or other incorporated body that is wholly‑owned or majority‑owned by a State or Territory:

(i) chair of the board;

(ii) chief executive officer;

(iii) chief financial officer;

(l) Chief of the Defence Force, Vice Chief of the Defence Force, Chief of Navy, Chief of Army or Chief of Air Force;

(m) officer of the Navy of the rank of Vice Admiral or a higher rank;

(n) officer of the Army of the rank of Lieutenant General or a higher rank;

(o) officer of the Air Force of the rank of Air Marshal or a higher rank;

(p) any of the following offices of the Commonwealth in a foreign country, or to a public international organisation, to which appointments are made by the Governor‑General:

(i) Ambassador;

(ii) High Commissioner;

(iii) Consul‑General;

(iv) Australian Representative;

(v) Special Representative;

(vi) Representative;

(vii) Permanent Representative;

(viii) Chargé d’Affaires;

(q) member of the governing body of a political party represented in the legislature of the Commonwealth or a State or Territory.

1‑6 Enrolment details

For the purposes of the definition of enrolment details in section 5 of the Act, enrolment details in relation to a person are the information mentioned in sections 3‑2, 3‑3 and 3‑4 in relation to the person (as an applicant).

Note: Sections 3‑2, 3‑3 and 3‑4 set out the information that is required to be contained in an enrolment application regarding the applicant and its designated services.

1‑7 Registrable details

For the purposes of the definition of registrable details in section 5 of the Act, the following are the registrable details in relation to a person registered under Part 6 or 6A of the Act (which deal with the Remittance Sector Register and the Virtual Asset Service Provider Register):

(a) the full name of the person;

(b) any other names of the person under which the person provides or will provide its registrable services;

(d) a legal entity identifier for the person (if any) given by an organisation accredited by the Global Legal Entity Identifier Foundation (together with information identifying the organisation);

(e) the address of the principal place of business of the person in Australia (if applicable);

(f) the domain names for all websites through which the person provides or will provide its registrable services.

1‑8 Transfer of value—excluded transfers

(1) For the purposes of paragraph (b) of the definition of transfer of value in section 5 of the Act, a transfer covered by subsection (2) or (3) of this section is specified.

(2) This subsection covers a transfer of a security or derivative that is not a virtual asset.

(3) This subsection covers a transfer of money if:

(a) the transfer occurs in the course of a person performing administrative services for a client of the person that is an employer; and

(b) the administrative services relate to:

(i) payments, on behalf of the employer, of salary, wages or other benefits to its employees; or

(ii) arrangements between the employer and its employees under which employees forgo amounts of salary or wages in return for benefits of a similar cost; or

(iii) payments, on behalf of the employer, of superannuation contributions for its employees; and

(c) the transfer does not involve the receipt of physical currency from the payer or a person acting on behalf of the payer; and

(d) the transfer does not involve making physical currency available to the payee or to a person acting on behalf of the payee.

1‑9 Security—managed investment schemes

For the purposes of paragraph 7A(2)(a) of the Act, an interest in a managed investment scheme is specified as a security.

Part 2—Reporting groups

2‑1 Reporting group that is a business group

Conditions on group members

(1) For the purposes of subparagraph 10A(1)(a)(ii) of the Act, each member of the group must have agreed, in writing, as to which member is the lead entity of the reporting group (being a member that satisfies the requirements in subsection (2) of this section).

Lead entity

(2) For the purposes of subsection 10A(5) of the Act, the lead entity of a reporting group to which paragraph 10A(1)(a) of the Act applies must satisfy the following requirements:

(a) the member is the member of the reporting group that the other members of the group have agreed, in writing, will be the lead entity of the group;

(b) the member is not controlled by another member of the group that provides designated services;

(c) the member has the capacity to determine the outcome of decisions about the AML/CTF policies of the other members of the group;

(d) the member is one of the following:

(i) a body corporate incorporated in Australia;

(ii) a registered foreign company within the meaning of the Corporations Act 2001;

(iii) a trust that has at least one trustee that is a resident of Australia;

(iv) if the member is not a body corporate, foreign company or trust—a resident of Australia.

2‑2 Reporting group formed by election

Conditions on group members

(1) For the purposes of subparagraph 10A(1)(b)(iv) of the Act, each member of the group must be:

(a) a reporting entity; or

(b) a person who discharges obligations imposed on members of the reporting group by the Act, the regulations or the AML/CTF Rules; or

(2) A member of a business group is only permitted to be a member of a group to which paragraph 10A(1)(b) of the Act applies if all members of the business group are also members of the group to which paragraph 10A(1)(b) applies.

Note: If one member of a business group elects to leave a reporting group, the other members of the business group are no longer permitted to be members of the reporting group (and are taken to have elected to also leave—see subsection (9)).

Lead entity

(3) For the purposes of subsection 10A(5) of the Act, the lead entity of a reporting group to which paragraph 10A(1)(b) of the Act applies is the member of the group that satisfies the following requirements:

(a) the member is not controlled by another member of the reporting group that provides designated services;

(b) if the reporting group includes members of one or more business groups—the member is a member of one of those business groups;

(c) the other members of the group have agreed to the member having the capacity to determine the outcome of decisions about the AML/CTF policies of the other members;

(d) the member is one of the following:

(i) a body corporate incorporated in Australia;

(ii) a registered foreign company within the meaning of the Corporations Act 2001;

(iii) a trust that has at least one trustee that is a resident of Australia;

(iv) if the member is not a body corporate, foreign company or trust—a resident of Australia.

Election to join reporting group

(4) For the purposes of subparagraph 10A(1)(b)(ii) of the Act, a person electing to be a member of a reporting group that is already in operation must have obtained the consent of the lead entity of the reporting group.

Note 1: A person enrolled under Part 3A of the Act (Reporting Entities Roll) is required to advise of changes in the person’s enrolment details, including whether the person is a member of a reporting group—see subsection 51F(1) of the Act and subsection 3‑3(8) and section 3‑9 of this instrument.

Note 2: The AML/CTF policies of the lead entity of a reporting group must deal with recording changes of membership—see section 5‑16 of this instrument.

(5) For the purposes of subsection 10A(1B) of the Act, a member of a business group is not required to make an election in writing if another member of the business group has made an election on behalf of, and with the consent of, all members.

(6) For the purposes of subparagraph 10A(1)(b)(vi) and subsection 10A(1B) of the Act, if:

(a) a person becomes a member of a business group; and

(b) the existing members of the business group are members of a reporting group to which paragraph 10A(1)(b) of the Act applies;

the person also becomes a member of the reporting group.

Conditions for leaving group

(7) For the purposes of subparagraph 10A(1)(b)(vi) of the Act, a member of a reporting group (other than the lead entity) that elects to leave the reporting group must give the lead entity notice in writing.

Note 2: The AML/CTF policies of the lead entity of a reporting group must deal with recording changes of membership—see section 5‑16 of this instrument.

(8) For the purposes of subparagraph 10A(1)(b)(vi) of the Act, if the lead entity of a reporting group elects to leave the reporting group, the lead entity must give each other member of the group notice in writing.

Note: A person enrolled under Part 3A of the Act (Reporting Entities Roll) is required to advise of changes in the person’s enrolment details, including whether the person is a member of a reporting group—see subsection 51F(1) of the Act and subsection 3‑3(8) and section 3‑9 of this instrument.

(9) For the purposes of subparagraph 10A(1)(b)(vi) of the Act, if a member of a reporting group that elects to leave the group is also a member of a business group, all members of the business group are taken to have elected to leave the reporting group.

Condition for operation of group

(10) For the purposes of subparagraph 10A(1)(b)(vi) of the Act:

(a) a reporting group must not operate without a lead entity for a continuous period of more than 28 days; and

(b) during any such period, each member of the reporting group that is a reporting entity must continue to comply with the AML/CTF policies of the most recent lead entity of the group (the previous lead entity) that applied to the member immediately before the previous lead entity ceased to be the lead entity of the group.

Membership of more than one reporting group

(11) For the purposes of subsection 10(2A) of the Act, a person that is:

(a) a member of a reporting group to which paragraph 10A(1)(b) of the Act applies; and

(b) a member of a business group that is a reporting group to which paragraph 10A(1)(a) of the Act applies;

is taken for the purposes of the Act to be a member of only the former.

2‑3 Conditions for discharge of obligations by members of a reporting group

For the purposes of paragraph 236B(5)(c) of the Act, it is a condition for discharging an obligation imposed on a reporting entity that is a member of a reporting group that the reporting group has a lead entity.

2‑4 Conditions for discharge of obligations by members of a reporting group that are not reporting entities

(1) For the purposes of paragraph 236B(5)(c) of the Act, this section specifies conditions that apply when the member of the reporting group (the discharging member) that is to discharge an obligation of another member of the reporting group is not itself a reporting entity.

(2) The discharging member must have undertaken due diligence, in relation to persons who are employed or otherwise engaged and who perform functions relevant to discharging the obligation, that satisfies the requirements of the AML/CTF policies of the reporting entity included in those policies for the purposes of paragraph 26F(4)(d) of the Act.

(3) The discharging member must have provided training to those persons that satisfies the requirements of the AML/CTF policies of the reporting entity included in those policies for the purposes of paragraph 26F(4)(e) of the Act.

Part 3—Enrolment

Division 1—Application for enrolment

3‑1 Purpose of this Division

For the purposes of paragraph 51E(2)(b) of the Act, this Division sets out the information that must be contained in an application for enrolment as a reporting entity under subsection 51E(1) of the Act.

3‑2 Information about applicant’s designated services

(1) The application must contain the following information in relation to each kind of designated services provided or proposed to be provided by the applicant:

(a) a description of the designated services;

(b) the date the applicant commenced to provide, or proposes to provide, the designated services;

(i) the applicant provides, or proposes to provide, the designated services at or through a permanent establishment of the applicant in Australia;

(ii) the applicant is a resident of Australia and the designated services are provided, or proposed to be provided, at or through a permanent establishment of the applicant in a foreign country;

(iii) the applicant is a subsidiary of a company that is a resident of Australia and the designated services are provided, or proposed to be provided, at or through a permanent establishment of the applicant in a foreign country;

(d) information on the industry in which the applicant provides, or proposes to provide, the designated services.

(2) If designated services provided, or proposed to be provided, by the applicant are registrable remittance network services, registrable remittance services or registrable virtual asset services, the application must contain information about whether the applicant is, or whether an application has been or will be made for the applicant to be, any of the following:

(a) for registrable remittance network services—a registered remittance network provider;

(b) for registrable remittance services—a registered independent remittance dealer or a registered remittance affiliate of a registered remittance network provider;

(3) The application must contain information on whether section 233K of the Act:

(a) applies to the applicant; or

(b) will apply to the applicant if the applicant provides a designated service proposed to be provided by the applicant.

Note: Under section 233K of the Act, certain provisions of the Act do not apply to a reporting entity that provides certain gambling services in circumstances where the entity and any related entity that is a reporting entity are entitled to operate no more than 15 gaming machines under State or Territory licences.

(4) If all the designated services provided, or proposed to be provided, by the applicant are covered by item 54 of table 1 in section 6 of the Act, the application must contain a statement to that effect.

Note: Item 54 of table 1 in section 6 of the Act covers a holder of an Australian financial services licence who arranges for a person to receive a designated service.

3‑3 Information relating to the applicant

General information relating to the applicant

(1) The application must contain the following information relating to the applicant:

(a) the applicant’s full name, and any registered or other names under which the applicant provides or will provide its designated services;

(b) the applicant’s ABN, ACN, ARBN and ARSN (as applicable);

(c) a legal entity identifier for the applicant (if any) given by an organisation accredited by the Global Legal Entity Identifier Foundation (together with information identifying the organisation);

(d) the address of the applicant’s registered office (if applicable);

(e) the address of the applicant’s principal place of business or operations in Australia;

(f) if the applicant is not an individual—information about the legal form of the applicant (such as a partnership, company or trust);

(g) the names of any beneficial owners of the applicant;

(h) information on the number of employees employed by the applicant;

(i) if the applicant is an Australian resident (within the meaning of the Income Tax Assessment Act 1997)—whether the applicant was a small business entity (within the meaning of section 328‑110 of that Act) for the income year (within the meaning of that Act) corresponding to the previous financial year;

(j) information identifying one or more associations of which the applicant is a member (if any) that represent the interests of a particular industry, profession or trade;

(k) the applicant’s telephone number;

(l) the applicant’s email address;

(m) the full name, job title or position and email address of a contact person for the purposes of communications relating to the Australian Transaction Reports and Analysis Centre Industry Contribution (Collection) Act 2011;

(n) the domain names for all websites (if any) through which the applicant provides or will provide its designated services;

(o) a description of the applicant’s business or principal activity;

(p) the approximate annual turnover of the applicant for the most recent financial year.

Information for bodies corporate

(2) If the applicant is a body corporate, the application must contain the following information relating to the body corporate:

(a) the full name, and any former names, of each director;

(b) the date of birth of each director;

(d) the country in which the body corporate was incorporated and any countries in which it is registered;

(e) if the body corporate was incorporated or is registered in any foreign country—the address of the principal place of business of the body corporate in that foreign country.

(3) If the applicant is a body corporate that has an ultimate holding company (within the meaning of the Corporations Act 2001), the application must contain the following information relating to the ultimate holding company:

(a) the name of the ultimate holding company;

(b) the address of the principal place of business and the registered office of the ultimate holding company;

(d) a unique identifier for the ultimate holding company.

Information for government bodies

(4) If the applicant is a government body, the application must contain the following information relating to the applicant:

(a) whether the applicant is an Australian government body;

(b) if the applicant is not an Australian government body—the foreign country in which the applicant is established.

Note: For the meaning of Australian government body, see section 5 of the Act.

Information for partnerships

(5) If the applicant is a partnership, the application must contain the following information in relation to each partner:

(a) for a partner that is an individual (other than a trustee) and who has, or is a member of a group of individuals who have, primary responsibility for the governance and executive decisions of the partnership:

(i) the individual’s full name, and any former names of the individual; and

(ii) the individual’s residential address; and

(iii) the individual’s date of birth; and

(iv) a unique identifier for the individual given by an Australian government body or a government body of a foreign country;

(b) for a partner that is a body corporate (other than a trustee)—the information mentioned in paragraphs (2)(a) to (e), in relation to the partner;

(d) for a partner that is a trustee of a trust:

(i) the name of the trust; and

(ii) the information mentioned in paragraphs (6)(a) to (d), in relation to the trust.

Information for trusts

(6) If the applicant is a trust, the application must contain the following information relating to the trust:

(a) the kind of trust (such as discretionary trust, bare trust or unit trust);

(b) any former names of the trust;

(c) for any trustee that is an individual—the information mentioned in subparagraphs (5)(a)(i) to (iv), in relation to the trustee;

(d) for any trustee that is a body corporate—the information mentioned in paragraphs (2)(a) to (e), in relation to the trustee.

Information for associations or co‑operatives

(7) If the applicant is an incorporated association, an unincorporated association or a co‑operative, the application must contain the information mentioned in subparagraphs (5)(a)(i) to (iv) in relation to the individual, or each member of a group of individuals, with primary responsibility for the governance and executive decisions of the association or co‑operative.

Information relating to reporting group

(8) The application must contain the following information:

(a) whether the applicant is a member of a reporting group;

(b) whether the applicant is the lead entity of a reporting group;

(c) if the applicant is the lead entity of a reporting group—the following information about the members of the reporting group that are reporting entities:

(i) the name of the reporting entity;

(ii) the identifier assigned to the reporting entity by AUSTRAC (if any);

(iii) another unique identifier for the reporting entity;

(d) if the applicant is a member of a reporting group but not the lead entity of the reporting group—the following information about the lead entity:

(i) the name of the lead entity;

(ii) the identifier assigned to the lead entity by AUSTRAC (if any);

(iii) another unique identifier for the lead entity.

3‑4 Information relating to earnings

(1) The earnings of a person for a period has the meaning given by the following table.

Definition of earnings
Item	Type of person	Is the person a foreign company or a subsidiary of a foreign company?	Definition of earnings of the person for a period
1	An ADI or registered financial sector entity, or a related body corporate of an ADI or registered financial sector entity	No	The total profit of the person for the period before tax, depreciation and amortisation
2	An ADI or registered financial sector entity, or a related body corporate of an ADI or registered financial sector entity	Yes	The total profit of the person for the period derived from operations in Australia, before tax, depreciation and amortisation
3	A person not covered by item 1 or 2	No	The total earnings of the person for the period before tax, interest, depreciation and amortisation
4	A person not covered by item 1 or 2	Yes	The total earnings of the person for the period derived from operations in Australia, before tax, interest, depreciation and amortisation

(2) Subject to subsection (3), the application must contain:

(a) if the applicant is not a member of a corporate group—the earnings of the applicant for a period of 12 months; or

(b) if the applicant is a member of a corporate group—the total earnings, for a period of 12 months, of the applicant and all other members of the group that are leviable entities for the financial year in which the period ends.

Note: A leviable entity does not include a person who is an “exempt entity” within the meaning of the Australian Transaction Reports and Analysis Centre Industry Contribution Act 2011.

(3) Subsection (2) does not apply if the earnings or total earnings, as the case may be, are less than $100,000,000.

3‑5 Information about the person completing the application and declaration

Information about the individual completing the enrolment application

(1) The application must contain the following information relating to the individual completing the application:

(a) the individual’s full name;

(b) the individual’s job title or position;

(d) the individual’s telephone number;

(e) the individual’s email address.

Declaration by the individual completing the application

(2) The application must contain a declaration by the individual completing the application that the information contained in the application is true and correct.

Division 2—Correction and removal of enrolment details

3‑6 Correction of entries in the Reporting Entities Roll

For the purposes of paragraph 51C(4)(a) of the Act, if the AUSTRAC CEO reasonably believes that there is an error in, or an omission from, an entry in the Reporting Entities Roll, the AUSTRAC CEO may correct the error or omission.

3‑7 Removal of name and enrolment details on AUSTRAC CEO’s own initiative

For the purposes of paragraph 51C(4)(b) of the Act, the AUSTRAC CEO may remove a person’s name and enrolment details from the Reporting Entities Roll on the AUSTRAC CEO’s own initiative if the AUSTRAC CEO reasonably believes that the person has ceased to provide designated services or has not commenced to provide designated services.

3‑8 Request to remove entry from Reporting Entities Roll—required information

For the purposes of paragraph 51G(2)(b) of the Act, a request by a person under subsection 51G(1) of the Act to remove the person’s name and enrolment details from the Reporting Entities Roll must contain the following information:

(a) the person’s full name;

(b) whether the person has ceased to provide designated services, and if so, the date on which the person ceased to provide designated services;

(c) whether the person intends to provide a designated service in the next financial year to begin after the request is given;

(d) whether the person has any outstanding obligations to provide a report under any of the following provisions of the Act, and if so, information on the outstanding obligations:

(i) section 43 (reports of threshold transactions);

(ii) section 46 (reports of international value transfer services);

(iii) section 46A (reports of transfers of value involving unverified self‑hosted virtual asset wallets);

(iv) section 47 (AML/CTF compliance reports).

Division 3—Changes in enrolment details

3‑9 Changes in enrolment details to be advised

(1) For the purposes of subsection 51F(1) of the Act, a change in a person’s enrolment details that are information mentioned in section 3‑2 or 3‑3 is specified.

(2) For the purposes of subsection 51F(1) of the Act, a change in a person’s enrolment details that is information mentioned in subsection 3‑4(2) for each succeeding period of 12 months is specified.

Part 4—Registration

Division 1—Management of the Remittance Sector Register and the Virtual Asset Service Provider Register

4‑1 Correction of entries

(1) This section is made for the purposes of paragraphs 75(4)(a) and 76B(4)(a) of the Act.

(2) If the AUSTRAC CEO reasonably believes that there is an error in, or omission from, an entry in the Remittance Sector Register or the Virtual Asset Service Provider Register, the AUSTRAC CEO may correct the error or omission.

(3) As soon as reasonably practicable after making a correction of an entry under this section, the AUSTRAC CEO must give notice of the correction to:

(a) the person whose registration the entry relates to; and

(b) if the registration is of a person as a remittance affiliate of a registered remittance network provider—the provider.

4‑2 Publication of register information

(1) For the purposes of subsections 75(4) and 76B(4) of the Act, the AUSTRAC CEO must publish the following on AUSTRAC’s website:

(a) the details mentioned in paragraphs 75A(1)(a), (b), (c) and (f) of the Act on the Remittance Sector Register;

(b) the details mentioned in paragraphs 76C(a) and (d) of the Act on the Virtual Asset Service Provider Register;

(c) information mentioned in section 4‑24 of this instrument (register entry in relation to suspension of registration) on the Remittance Sector Register and the Virtual Asset Service Provider Register.

(2) If the AUSTRAC CEO considers it appropriate to do so, the AUSTRAC CEO may publish on AUSTRAC’s website one or more conditions, mentioned in paragraph 75A(1)(d) or 76C(b) of the Act, to which the registration of a person is subject.

Division 2—Information requirements for registration applications

4‑3 Purpose of this Division

For the purposes of paragraphs 75B(3)(b) and 76D(2)(b) of the Act, this Division sets out the information that must be contained in the following:

(a) an application by a person under subsection 75B(1) of the Act for registration as a remittance network provider, an independent remittance dealer or a remittance affiliate of a registered remittance network provider;

(b) an application by a registered remittance network provider under subsection 75B(2) of the Act for another person to be registered as a remittance affiliate of the registered remittance network provider;

4‑4 Application—general information

(1) The application must contain the following information relating to the person (the candidate) proposed to be registered:

(a) the candidate’s full name;

(b) both of the following:

(i) any other names the candidate is commonly known by;

(ii) any names under which the candidate will provide its registrable services;

(d) a legal entity identifier for the candidate (if any) given by an organisation accredited by the Global Legal Entity Identifier Foundation (together with information identifying the organisation);

(e) if the candidate is registered in, or holds a licence issued in, a foreign country to provide services that are of the same, or a similar, kind as registrable services (whether or not there is a connection to Australia or a resident of Australia)—details of that registration or licence;

(f) the address of the principal place of business or operations of the candidate in Australia (if applicable);

(g) the address of the candidate’s registered office (if applicable);

(h) the addresses of any other places at or from which the candidate proposes to provide its registrable services;

(i) information about the legal form of the candidate (such as an individual or a partnership, company or trust);

(j) in relation to any individual who is a beneficial owner of the candidate:

(i) the individual’s full name; and

(ii) any other names the individual is commonly known by; and

(iii) any former names of the individual; and

(iv) the individual’s residential address; and

(v) the individual’s date and place of birth; and

(vi) a unique identifier for the individual given by an Australian government body or the government of a foreign country;

(k) the candidate’s telephone number;

(l) the candidate’s email address;

(m) the domain names for any website through which the candidate will provide its registrable services;

(n) a description of the candidate’s business or principal activity;

(o) whether there are any permanent establishments of the candidate in Australia, and if so, information on those permanent establishments;

(p) information on the expected turnover of the candidate in respect of the provision of its registrable services for the period of 12 months following registration;

(q) if the provision of the candidate’s registrable services will involve dealing with customers or other persons located in foreign countries—information identifying those foreign countries.

Information relating to completion of the application and declaration

(2) The application must contain the following information about the individual completing the application:

(a) the individual’s full name;

(b) the individual’s job title or position;

(c) if the individual is not the candidate—information on the individual’s role or relationship in relation to the candidate;

(d) the individual’s date of birth;

(e) the individual’s telephone number;

(f) the individual’s email address;

(g) the individual’s postal address.

(3) The application must contain a declaration by the individual completing the application that the information contained in the application is true and correct.

Information relating to the candidate—body corporate

(4) If the candidate is a body corporate, the application must contain the following information relating to the body corporate:

(a) the full name of each director;

(b) for each director:

(i) any other names the director is commonly known by; and

(ii) any former names of the director;

(d) the director identification number (if any) of each eligible officer of the body corporate;

(e) the country in which the body corporate was incorporated and any countries in which it is registered;

(f) if the body corporate was incorporated or is registered in any foreign country—the address of the principal place of business of the body corporate in that foreign country.

Information relating to the candidate—partnership

(5) If the candidate is a partnership, the application must contain information setting out the terms of the partnership agreement (if any), and the following information relating to each partner:

(a) for a partner that is an individual (other than a trustee):

(i) the individual’s full name;

(ii) any other names the individual is commonly known by;

(iii) any former names of the individual;

(iv) the individual’s residential address and most recent former residential address; and

(v) the individual’s date and place of birth; and

(vi) a unique identifier for the individual;

(b) for a partner that is a body corporate (other than a trustee)—the information mentioned in paragraphs (4)(a) to (e), in relation to the partner;

(d) for a partner that is a trustee of a trust:

(i) the name of the trust; and

(ii) the information mentioned in paragraphs (6)(a) to (d), in relation to the trust.

Information relating to the candidate—trusts

(6) If the candidate is a trust, the application must contain the following information relating to the trust:

(a) the kind of trust (such as discretionary trust, bare trust or unit trust);

(b) any former names of the trust;

(c) for any trustee, beneficiary, settlor, appointer, guardian or protector of the trust that is an individual—the information mentioned in subparagraphs (5)(a)(i) to (vi), in relation to the individual;

(d) for any trustee, beneficiary, settlor, appointer, guardian or protector of the trust that is a body corporate—the information mentioned in paragraphs (4)(a) to (f), in relation to the body corporate.

Information relating to the candidate—associations or co‑operatives

(7) If the candidate is an incorporated association, unincorporated association or a co‑operative, the application must contain the information mentioned in subparagraphs (5)(a)(i) to (vi) in relation to the individual, or each member of the group of individuals, with primary responsibility for the governance and executive decisions of the association or co‑operative.

4‑5 Information relating to ML/TF risks

The application must contain the following information:

(a) information identifying the key risks of money laundering, financing of terrorism and proliferation financing that the candidate has assessed it may reasonably face in providing its registrable services;

(b) information on the risks of money laundering, financing of terrorism and proliferation financing associated with the following:

(i) the kinds of customers to whom the candidate will provide its registrable services;

(ii) any foreign countries in which the candidate will operate in providing its registrable services;

(iii) the products and services the candidate will provide in relation to its registrable services;

(iv) the delivery channels by which the candidate’s registrable services will be provided;

(v) the kinds of transactions the candidate will undertake in providing its registrable services;

(c) information on the candidate’s process for reviewing and updating its ML/TF risk assessment (see section 26D of the Act).

4‑6 Information relating to AML/CTF policies

(1) The application must contain information setting out the AML/CTF policies that the candidate has in relation to the following matters:

(a) appropriately managing and mitigating the risks of money laundering, financing of terrorism and proliferation financing that the candidate may reasonably face in providing its registrable services;

(b) ensuring the candidate complies with the obligations imposed by the Act, the regulations and the AML/CTF Rules on the candidate;

(c) undertaking due diligence in relation to persons who are, or will be, employed or otherwise engaged by the candidate and who perform, or will perform, functions relevant to the candidate’s obligations under the Act;

(d) providing training to persons who are employed or otherwise engaged by the candidate and who perform, or will perform, functions relevant to the candidate’s obligations under the Act in relation to:

(i) the risk of money laundering, financing of terrorism and proliferation financing that the candidate may reasonably face in providing its registrable services; and

(ii) the obligations imposed by the Act, the regulations and the AML/CTF Rules on the candidate;

(e) reviewing and updating the AML/CTF policies;

(f) carrying out customer due diligence in accordance with Part 2 of the Act, including:

(i) complying with obligations under that Part in relation to politically exposed persons; and

(ii) any use of distributed ledger technology for the purposes of carrying out that due diligence.

(2) The application must include the full name and business address of any training provider used to deliver training mentioned in paragraph (1)(d) within the period of 12 months before the application is made.

4‑7 Information relating to accounts with financial institutions

The application must contain the following information in relation to each account with a financial institution that the candidate will use in providing its registrable services:

(a) the full name, and the date of birth, of each individual who is the holder of, or a signatory to, the account;

(b) the country within which the account is held;

4‑8 Information relating to other persons assisting

The application must contain the following information:

(a) whether the candidate has entered or will enter into an agreement or arrangement for another person to perform, or assist with the performance of, functions relevant to the candidate’s obligations under the Act, and if so, information on those functions;

(b) whether any of those functions would be performed or assisted with by that person in any foreign countries, and if so, which foreign countries;

(c) information on what quality controls the candidate will use regarding the other person’s performance of, or assistance with, those functions.

4‑9 Information relating to key personnel and past unlawful activity etc.

(1) The application must contain the following information regarding each of the candidate’s key personnel:

(a) the individual’s full name;

(b) the individual’s date of birth;

(d) the individual’s telephone number;

(e) the individual’s email address;

(f) the individual’s residential address.

Note: For key personnel, see section 1‑4.

(2) The application must contain the following information:

(a) whether the candidate or any of its key personnel has been charged or convicted of an offence against the Act, or of an offence against a law of the Commonwealth, a State or Territory or a foreign country of any of the following kinds:

(i) money laundering;

(ii) financing of terrorism;

(iii) proliferation financing;

(iv) people smuggling;

(v) fraud (including scams);

(vi) a serious offence of any other kind;

(b) whether the candidate or any of its key personnel has been found by a court to have contravened the Act, the regulations or the AML/CTF Rules;

(c) whether the candidate or any of its key personnel has been the subject of civil or criminal proceedings, or a regulatory or disciplinary process in Australia or a foreign country that:

(i) related to the management of an entity, or commercial or professional activity; and

(ii) involved an adverse finding as to the competence, diligence, judgement, honesty or integrity of the candidate or the key personnel (as applicable);

(d) what steps the candidate has taken to establish the matters mentioned in paragraphs (a) to (c) in relation to its key personnel;

(e) if any of the circumstances mentioned in paragraphs (a) to (c) exist—details of each of the circumstances;

(f) whether any of the candidate’s key personnel has ever applied, or has been a beneficial owner of a person (other than an individual) that has applied, for registration under Part 6 or 6A of the Act (which deal with the Remittance Sector Register and the Virtual Asset Service Provider Register), and if so, information about that application;

(g) whether any of the candidate’s key personnel is, has applied to be, or is intending to apply for registration, licensing or approval (however described) in any country to conduct regulated activity in the financial sector, and if so, details of the country and the kind of regulated activity the key personnel is involved in;

(h) details of any training the candidate’s key personnel has received within the period of 12 months before the application is made in relation to providing registrable services, including the full name and business address of any training provider used to deliver the training.

4‑10 Additional requirements for application by remittance network provider for registration of an affiliate

If the application is by a registered remittance network provider, under subsection 75B(2) of the Act, for the candidate to be registered as a remittance affiliate of the registered remittance network provider, the application must contain the following information:

(a) whether the provider has assessed the suitability of the candidate to be a remittance affiliate of the provider, taking into account the related risks of money laundering, financing of terrorism and proliferation financing that the provider may reasonably face if the candidate is registered as a remittance affiliate of the provider;

(b) if such an assessment has been made—whether the candidate was found to be suitable;

(c) whether the candidate has consented to the making of the application and, if so, information on when the consent was given.

4‑11 Additional requirements for application by independent remittance dealer for registration as a remittance affiliate

If the application is under paragraph 75B(1)(c) of the Act for registration as a remittance affiliate of a registered remittance network provider, the application must contain information on whether the registered remittance network provider has consented to the making of the application and, if so, when the consent was given.

4‑12 Additional requirements for application for registration as an independent remittance dealer or a remittance affiliate of network provider

If the application is for the candidate to be registered as an independent remittance dealer, or as a remittance affiliate of a registered remittance network provider, the application must contain the following information:

(a) information on whether offsetting arrangements or third party remittance arrangements will be involved in the provision of the candidate’s registrable services;

(b) details of the delivery channels by which the candidate’s registrable services will be provided;

(c) information on the ways the candidate’s customers will, for transfers of value to which its registrable services relate, be able to make value available for transfer or receive value transferred;

(d) information on the expected average number of designated services covered by each of items 29 and 30 of table 1 in section 6 of the Act that are registrable services the candidate would provide each month over the first 12 months following registration;

(e) information on the expected average total monetary value of the money and property (but not virtual assets) that, in relation to designated services covered by each of items 29 and 30 of table 1 in section 6 of the Act that are registrable services it would provide, would be transferred per month over the first 12 months following registration;

(f) whether any of the candidate’s key personnel has ever been a beneficial owner of, or operated or been involved in the management of, a person (the other provider) who provides, or has provided, services of the same, or a similar, kind as the registrable services (whether or not there is a connection to Australia or a resident of Australia), and if so:

(i) the full name of the other provider; and

(ii) the key personnel’s role in, or relationship with, the other provider; and

(iii) the period for which the key personnel was a beneficial owner of, or operated or was involved in the management of, the other provider.

Note: For additional requirements in relation to registration as a virtual asset service provider, see section 4‑14.

4‑13 Additional requirements for application for registration as a remittance affiliate of network provider

(1) If the application is for the candidate to be registered as a remittance affiliate of a registered remittance network provider, the application must contain the following information:

(a) whether the candidate is to be represented by a super‑agent in its dealings with the network provider;

(b) whether the candidate intends for a senior manager of the candidate to approve the registered remittance network provider’s ML/TF risk assessment and AML/CTF policies as mentioned in subsection 26S(4) of the Act.

(2) A super‑agent is a person who, in the course of carrying on a business:

(a) provides administrative services to a registered remittance network provider to assist with the control or management of the remittance network operated by the provider; and

(b) as part of providing those services, represents the interests of remittance affiliates of the provider in their dealings with the provider.

4‑14 Additional requirements for application for registration as a virtual asset service provider

If the application is under subsection 76D(1) of the Act for registration as a virtual asset service provider, the application must contain the following information:

(a) information on the kind of virtual assets in relation to which the candidate will provide its registrable services;

(b) details of the delivery channels by which the registrable services are intended to be provided;

(c) information on the methods by which customers’ virtual assets or money may be used in any exchanges relating to the registrable services;

(d) whether the candidate will implement any transaction or time limits on the amounts of virtual assets or money that customers can use in any exchanges relating to the registrable services, and if so, details of what limits will apply;

(e) information on:

(i) the expected average number of designated services covered by each of items 29, 30, 46A, 50A, 50B and 50C of table 1 in section 6 of the Act that are registrable services the candidate would provide per month over the first 12 months following registration; and

(ii) the expected average total monetary value of customers’ money, virtual assets and property with which the candidate would deal, in relation to designated services covered by each of items 29, 30, 46A, 50A, 50B and 50C of table 1 in section 6 of the Act that are registrable services, per month over the first 12 months following registration;

(f) for each virtual asset wallet controlled by the candidate:

(i) the kinds of virtual assets the wallet can store; and

(ii) the address of the wallet.

Division 3—Registration decisions

4‑15 Registration decisions—other matters

For the purposes of paragraphs 75C(2)(b) and 76E(2)(b) of the Act, in deciding whether to register a person (the candidate) in accordance with an application made under section 75B or 76D of the Act, the following matters are specified:

(a) any offences of which any of the following have been charged or convicted under the law of the Commonwealth, a State or Territory or a foreign country:

(i) the candidate;

(ii) the key personnel of the candidate;

(b) any compliance or non‑compliance by any of the following with the Act or any other law of the Commonwealth, a State or Territory or a foreign country:

(i) the candidate;

(ii) if the candidate is not an individual—any beneficial owner of the candidate;

(iii) if the candidate is a body corporate—any related body corporate (within the meaning of the Corporations Act 2001) of the candidate;

(iv) if the registration would be as a remittance affiliate of a registered remittance network provider—the registered remittance network provider;

(c) for an application made under subsection 75B(2) by a registered remittance network provider for the candidate to be registered as a remittance affiliate of the registered remittance network provider—whether the consent of the candidate has been obtained;

(d) whether the candidate and its key personnel have experience that is appropriate, having regard to:

(i) the nature, size and complexity of the candidate’s business; and

(ii) the risks of money laundering, financing of terrorism and proliferation financing that the candidate may reasonably face in providing its registrable services;

(e) the likelihood of the candidate conducting a business involving the provision of the registrable services;

(f) the operational readiness of the candidate in relation to the proposed registration, including its ability to comply with the Act, the regulations and the AML/CTF Rules following registration;

(g) the proposed resourcing (including personnel resourcing) of the candidate in relation to the provision of its registrable services.

Division 4—Suspension of registration

4‑16 Purpose of this Division

This Division is made for the purposes of sections 75H and 76K of the Act.

4‑17 Suspension of registration

The AUSTRAC CEO may suspend a person’s registration under Part 6 or 6A of the Act if the AUSTRAC CEO reasonably suspects that:

(a) the person, any of its key personnel or any associate of the person or its key personnel, has been charged or convicted of an offence against the Act, or of an offence against a law of the Commonwealth, a State or Territory or a foreign country of any of the following kinds:

(i) money laundering;

(ii) terrorism or financing of terrorism;

(iii) proliferation financing;

(iv) people smuggling;

(v) fraud (including scams);

(vi) a serious offence of any other kind; or

(b) the person or any of its key personnel has been found by a court to have contravened the Act, the regulations or the AML/CTF Rules; or

(c) the person or any of its key personnel has been the subject of civil or criminal proceedings, or a regulatory or disciplinary process in Australia or a foreign country that:

(i) related to the management of an entity, or commercial or professional activity; and

(ii) involved an adverse finding as to the competence, diligence, judgement, honesty or integrity of the person or the key personnel (as applicable); or

(d) the person or any of its key personnel is committing, continuing or repeating a contravention of the Act, the regulations or the AML/CTF Rules; or

(e) the continued registration of the person involves, or may involve, a significant money laundering, financing of terrorism or other serious crime risk; or

(f) the person has breached a condition of the person’s registration; or

(g) the person does not have the operational capability necessary to comply with the obligations imposed by the Act, the regulations and the AML/CTF Rules on the person; or

(h) the person or the person’s key personnel no longer have experience that is appropriate, having regard to the nature of the person’s business and the ML/TF risks of the person’s customers, in functions relevant to:

(i) the person’s obligations under the Act; or

(ii) providing registrable services; or

(i) any information given by the person, or if the registration is as a remittance affiliate of a registered remittance network provider, the provider, for the purposes of Part 6 or 6A of the Act in connection with that registration:

(i) is false or misleading in a material particular; or

(ii) omits any matter or thing without which the information is misleading in a material particular.

4‑18 Effect of suspension—renewal and advising of certain matters

While a person’s registration under Part 6 or 6A of the Act is suspended, the person is taken to be registered for the purposes of the following provisions despite that suspension:

(a) Division 6 of this Part (which deals with renewal of registration);

(b) sections 75M and 76P of the Act (which deal with advising of material changes in circumstance etc.), as applicable.

4‑19 Period of suspension

(1) A suspension of a registration under Part 6 or 6A of the Act by the AUSTRAC CEO has effect for a period determined by the AUSTRAC CEO, which may be up to 3 months.

(2) The AUSTRAC CEO may extend the period of the suspension by a further period of up to 3 months if the AUSTRAC CEO is satisfied it is appropriate to do so, having regard to whether the AUSTRAC CEO continues to reasonably suspect a matter mentioned in section 4‑17.

(3) The AUSTRAC CEO must not extend the period of a suspension under subsection (2) more than once.

4‑20 Notice of suspension decision

(1) If the AUSTRAC CEO decides to suspend a person’s registration under Part 6 or 6A of the Act, the AUSTRAC CEO must, as soon as practicable after the decision is made, give written notice of the suspension to:

(a) the person; and

(b) if the suspension is of the registration of a registered remittance network provider—each registered remittance affiliate of that provider; and

(c) if the suspension is of the registration of a registered remittance affiliate of a registered remittance network provider—the provider.

(2) The notice must contain:

(a) information setting out the effect of the suspension; and

(b) the date the suspension takes effect; and

(d) information on the power of the AUSTRAC CEO to extend the period of the suspension.

4‑21 Notice of extension of suspension

(1) If the AUSTRAC CEO extends the period of the suspension of a person’s registration under subsection 4‑19(2), the AUSTRAC CEO must, as soon as practicable after the suspension is extended, give written notice of the extension to:

(a) the person; and

(b) if the suspension is of the registration of a registered remittance network provider—each registered remittance affiliate of that provider; and

(c) if the suspension is of the registration of a registered remittance affiliate of a registered remittance network provider—the provider.

(2) The notice must contain:

(a) information setting out the effect of the extension; and

(b) the date the suspension, as extended, ceases.

4‑22 Revocation of suspension of registration

(1) The AUSTRAC CEO may decide to revoke the suspension of a person’s registration under Part 6 or 6A of the Act if the AUSTRAC CEO is satisfied that it is appropriate to do so, having regard to the information (if any) given to the AUSTRAC CEO by the person after the suspension of the person’s registration.

(2) Subsection (1) applies whether or not the suspension of a person’s registration has been extended under subsection 4‑19(2).

4‑23 Notice of decision to revoke suspension of registration

(1) If the AUSTRAC CEO decides, under subsection 4‑22(1), to revoke the suspension of a person’s registration under Part 6 or Part 6A, the AUSTRAC CEO must, as soon as practicable after the decision, give written notice of the decision to:

(a) the person; and

(b) if the suspension was of the registration of a registered remittance network provider—each registered remittance affiliate of that provider; and

(c) if the suspension was of the registration of a registered remittance affiliate of a registered remittance network provider—the provider.

(2) The notice must specify the date that the suspension of registration ceased.

4‑24 Register entry in relation to suspension of registration

(1) If the AUSTRAC CEO suspends the registration of a person under Part 6 or 6A of the Act, or extends such a suspension, the AUSTRAC CEO must enter on the Remittance Sector Register or the Virtual Asset Service Provider Register, respectively, information identifying that the person’s registration is or remains suspended.

(2) The AUSTRAC CEO must remove that information from the Remittance Sector Register or the Virtual Asset Service Provider Register as soon as practicable after:

(a) the suspension is revoked under subsection 4‑22(1); or

(b) the period of the suspension ceases.

Division 5—Cancellation of registration

4‑25 Cancellation of registration—other matters

For the purposes of paragraphs 75G(1)(c) and 76J(1)(c) of the Act, the following matters are specified:

(a) whether the person, any of its key personnel or any associate of the person or its key personnel, has been charged or convicted of an offence against the Act, or of an offence against a law of the Commonwealth, a State or Territory or a foreign country of any of the following kinds:

(i) money laundering;

(ii) terrorism or financing of terrorism;

(iii) proliferation financing;

(iv) people smuggling;

(v) fraud (including scams);

(vi) a serious offence of any other kind;

(b) whether the person or any of its key personnel has been found by a court to have contravened the Act, the regulations or the AML/CTF Rules;

(c) whether the person or any of its key personnel has been the subject of civil or criminal proceedings, or a regulatory or disciplinary process in Australia or a foreign country that:

(i) related to the management of an entity, or commercial or professional activity; and

(ii) involved an adverse finding as to the competence, diligence, judgement, honesty or integrity of the person or the key personnel (as applicable);

(d) whether the person is carrying on a business that involves providing registrable services;

(e) whether the person continues to have the operational capability necessary to comply with the obligations imposed on the person by the Act, the regulations and the AML/CTF Rules;

(f) whether the person and the person’s key personnel continue to have experience that is appropriate, having regard to the nature of the person’s business and the ML/TF risks of the person’s customers, in functions relevant to:

(i) the person’s obligations under the Act; and

(ii) providing registrable services;

(g) whether any information given by the person, or if the registration is as a remittance affiliate of a registered remittance network provider, the provider, for the purposes of Part 6 or 6A of the Act in connection with that registration:

(i) is false or misleading in a material particular; or

(ii) omits any matter or thing without which the information is misleading in a material particular.

4‑26 Publication of cancellation information

For the purposes of subsections 75G(3) and 76J(4) of the Act, the names and dates mentioned in those subsections may be published:

(a) on AUSTRAC’s website; or

(b) on the Remittance Sector Register or the Virtual Asset Service Provider Register (as relevant); or

Division 6—Renewal of registration

4‑27 Purpose of this Division

This Division is made for the purposes of sections 75J and 76L of the Act.

4‑28 Application for renewal of registration

(1) A person registered under Part 6 or 6A of the Act as any of the following may apply in writing to the AUSTRAC CEO for renewal of that registration:

(a) a remittance network provider;

(b) an independent remittance dealer;

(c) a remittance affiliate of a registered remittance network provider that applied for registration on its own behalf (see paragraph 75B(1)(c) of the Act);

(d) a virtual asset service provider.

(2) A registered remittance network provider that applied, under subsection 75B(2) of the Act, for registration of another person as a remittance affiliate of the provider under Part 6 of the Act may apply in writing to the AUSTRAC CEO for renewal of that other person’s registration.

(3) An application under this section:

(a) must be in the approved form; and

(b) must contain the information required by the approved form, which may include information regarding whether section 75M or 76P of the Act (as applicable) has been complied with in relation to the registration.

4‑29 Period within which renewal applications may be made

An application for renewal of a person’s registration under Part 6 or 6A of the Act may be made within the period of 90 days ending on the day on which the registration would otherwise cease.

Note 1: Registrations are in effect for a period of 3 years (see paragraphs 75F(1)(c) and 76H(1)(c) of the Act, and section 4‑31 of this instrument).

Note 2: Registration of a person may continue in effect after the expiry of the 3 year registration period if a decision on the person’s application for renewal under this section has not been made before the end of the period (see section 4‑33).

4‑30 Determining renewal application

If an application for renewal of a person’s registration is made in accordance with sections 4‑28 and 4‑29 of this instrument, the AUSTRAC CEO must decide to renew the registration if the AUSTRAC CEO is satisfied that it is appropriate to do so, having regard to:

(a) whether the renewed registration of the person would involve a significant money laundering, financing of terrorism or other serious crime risk; and

(b) whether section 75M or 76P of the Act (as applicable) has been complied with in relation to the registration, and whether the person’s enrolment details and registrable details, as advised to the AUSTRAC CEO, are correct and up‑to‑date; and

(i) is false or misleading in a material particular; or

(ii) omits any matter or thing without which the information is misleading in a material particular; and

(d) whether the person is carrying on a business that involves providing registrable services; and

(e) whether the person continues to have the operational capability necessary to comply with the Act, the regulations and the AML/CTF Rules.

4‑31 Period for which renewed registrations have effect

A renewed registration under Part 6 or 6A of the Act has effect for a period of 3 years.

4‑32 Decision on renewal application is a reviewable decision

For the purposes of section 233B of the Act, a decision of the AUSTRAC CEO under section 4‑30 of this instrument not to renew a person’s registration is a reviewable decision.

4‑33 Continuation of registration pending decision on renewal application

(1) This section applies if:

(a) the registration of a person under Part 6 or 6A of the Act would otherwise cease at the end of the period of 3 years commencing on the day on which the registration took effect; and

(b) before the end of that period, an application for renewal of the registration is made in accordance with sections 4‑28 and 4‑29 of this instrument.

(2) The person’s registration continues in effect after the end of the 3‑year period until the AUSTRAC CEO’s decision on the renewal application takes effect.

Division 7—Matters registered persons required to advise

4‑34 Matters registered persons required to advise

(1) For the purposes of paragraphs 75M(1)(e) and (2)(b), and 76P(1)(b), of the Act, this section specifies matters that a person registered under Part 6 or 6A of the Act must advise to the AUSTRAC CEO under those paragraphs.

(2) The person must advise the following matters:

(a) a change in the person’s registrable details;

(b) a change in the matters mentioned in paragraphs 4‑9(2)(a), (b) or (c) in relation to the person or its key personnel (which deal with certain criminal or civil proceedings);

(c) a change in information mentioned in section 4‑8 (which deals with information regarding other persons assisting) in relation to the person;

(d) a change in any details mentioned in paragraph 4‑4(1)(e) (which deals with foreign country registrations or licences) in relation to the person;

(e) the person ceasing to provide registrable services;

(f) a change in the information mentioned in paragraph 4‑4(1)(j) (which deals with details of any beneficial owners) in relation to the person;

(g) a change in the information mentioned in paragraph 4‑4(1)(q) (which deals with dealing with persons located in foreign countries) in relation to the person;

(h) for a person registered as a remittance network provider—a removal by the provider of a remittance affiliate of the provider from its remittance network.

(3) The person must advise if the person becomes aware that information given to the AUSTRAC CEO was incomplete or inaccurate, and of the correction or clarification required in relation to the information, in circumstances where the information was given:

(a) by the person in connection with the registration; or

(b) if the registration is as a remittance affiliate of a registered remittance network provider—by the provider in connection with the registration; or

(c) if the registration is as a remittance network provider—by the provider in connection with the registration of a remittance affiliate of the provider.

Division 8—Other matters

4‑35 Spent convictions

Nothing in this Part affects the operation of Part VIIC of the Crimes Act 1914 (which includes provisions that, in certain circumstances, relieve persons from the requirement to disclose spent convictions and require persons aware of such convictions to disregard them).

Part 5—AML/CTF programs

Division 1—ML/TF risk assessment

5‑1 Review of ML/TF risk assessment

(1) For the purposes of subparagraph 26D(1)(a)(iii) of the Act, a reporting entity must review its ML/TF risk assessment if an independent evaluation report contains adverse findings in relation to the ML/TF risk assessment.

(2) For the purposes of paragraph 26D(2)(d) of the Act, the review must be undertaken as soon as practicable after the governing body of the reporting entity receives the independent evaluation report.

Division 2—AML/CTF policies related to ML/TF risk mitigation

5‑2 Carrying out customer due diligence

(1) For the purposes of paragraph 26F(7)(a) of the Act, this section specifies requirements in relation to the matter mentioned in paragraph 26F(3)(b) of the Act (carrying out customer due diligence in accordance with Part 2 of the Act).

(2) The AML/CTF policies of the reporting entity must set out the circumstances in which the reporting entity will, for the purposes of undertaking initial customer due diligence in accordance with section 28 of the Act:

(a) collect kinds of KYC information relating to a customer; or

(b) both collect and verify kinds of KYC information relating to a customer;

including but not limited to the circumstances in which the reporting entity will collect, or collect and verify, information on the customer’s source of wealth and source of funds.

(3) The AML/CTF policies of the reporting entity must set out the circumstances in which the reporting entity will, as part of undertaking ongoing customer due diligence of customers in accordance with section 30 of the Act:

(a) collect kinds of additional KYC information relating to a customer; or

(b) both collect and verify kinds of additional KYC information relating to a customer;

including but not limited to the circumstances in which the reporting entity will collect, or collect and verify, information on the customer’s source of wealth and source of funds.

5‑3 Policies relating to targeted financial sanctions

For the purposes of paragraph 26F(3)(e) of the Act, the AML/CTF policies of a reporting entity must deal with ensuring that, in providing its designated services, the reporting entity:

(a) does not make any assets available to, or available for the benefit of, a person designated for targeted financial sanctions, in contravention of the Autonomous Sanctions Act 2011 or the Charter of the United Nations Act 1945; and

(b) does not use or deal with, or allow or facilitate the use of or dealing with, any assets owned or controlled (directly or indirectly) by a person designated for targeted financial sanctions, in contravention of either of those Acts.

5‑4 Reviewing and updating AML/CTF policies following independent evaluation

For the purposes of subparagraph 26F(3)(c)(ii) of the Act, the AML/CTF policies of a reporting entity must deal with reviewing and updating the AML/CTF policies in response to an independent evaluation report that contains adverse findings in relation to the AML/CTF policies.

5‑5 Actions requiring approval or that senior manager be informed

Approval of senior manager

(1) For the purposes of paragraph 26F(3)(e) of the Act, the AML/CTF policies of a reporting entity must ensure that the approval of a senior manager of the reporting entity is obtained before the reporting entity does any of the following:

(a) commences to provide a designated service to a customer, if the reporting entity has established on reasonable grounds that the customer, any beneficial owner of the customer or any person on whose behalf the customer is receiving the service is a foreign politically exposed person;

(b) commences to provide a designated service to a customer, if:

(i) the reporting entity has established on reasonable grounds that the customer, any beneficial owner of the customer or any person on whose behalf the customer is receiving the service is a domestic politically exposed person; and

(ii) the ML/TF risk of the customer is high;

(d) continues a business relationship with a customer if the reporting entity establishes on reasonable grounds that the customer, any beneficial owner of the customer or any person on whose behalf the customer is receiving a designated service:

(i) has become a foreign politically exposed person; or

(ii) has become a domestic politically exposed person, or an international organisation politically exposed person, in circumstances where the ML/TF risk of the customer is high;

(e) commences to provide a designated service as part of a nested services relationship;

(f) enters into an agreement or arrangement of the kind referred to in paragraph 37A(1)(a) of the Act as the first entity.

(2) A foreign politically exposed person is to be treated as a domestic politically exposed person for the purposes of subsection (1) if:

(a) the designated service is being provided to the customer at or through a permanent establishment in a foreign country; and

(b) the foreign politically exposed person has that status because of the person’s connection to the same foreign country.

Informing senior manager

(3) For the purposes of paragraph 26F(3)(e) of the Act, the AML/CTF policies of a reporting entity must ensure that a senior manager of the reporting entity is informed before the reporting entity commences to provide a designated service covered by item 39 of table 1 in section 6 of the Act to a customer if the ML/TF risk of the customer is high.

Other actions requiring approval

(4) For the purposes of paragraph 26F(3)(e) of the Act, the AML/CTF policies of a reporting entity must deal with:

(a) circumstances (other than the circumstances mentioned in subsection (1)) in which approval is required relating to:

(i) the reporting entity commencing to provide a designated service to a customer; or

(ii) whether the reporting entity is to continue a business relationship with a customer; and

(b) who is authorised to give the required approval in each of those circumstances.

(5) Without limiting subsection (4), the polices must deal with circumstances in which the approval of a senior manager of the reporting entity is required if the customer, any beneficial owner of the customer or any person on whose behalf the customer is receiving a designated service was previously a politically exposed person.

Division 3—AML/CTF policies related to governance and compliance management

5‑6 Provision of information to governing body

For the purposes of paragraph 26F(4)(g) of the Act, the AML/CTF policies of a reporting entity must deal with the provision of information to the governing body of the reporting entity to enable the governing body to fulfil its responsibilities under subsection 26H(1) of the Act.

5‑7 Reporting from AML/CTF compliance officer to governing body

Requirements

(1) For the purposes of paragraph 26F(4)(g) of the Act, the AML/CTF policies of a reporting entity must deal with ensuring its governing body receives reports from its AML/CTF compliance officer about the following matters:

(a) the reporting entity’s compliance with its AML/CTF policies;

(b) the extent to which the reporting entity’s AML/CTF policies are appropriately managing and mitigating the risks of money laundering, financing of terrorism and proliferation financing that the reporting entity may reasonably face in providing its designated services;

(2) The AML/CTF policies of a reporting entity must provide for the reporting mentioned in subsection (1) to occur regularly, with a frequency of at least once every 12 months.

Exception

(3) Subsections (1) and (2) do not apply to a reporting entity if:

(a) the reporting entity is an individual; or

(b) the AML/CTF compliance officer of the reporting entity is the same individual who is the governing body of the reporting entity.

5‑8 Undertaking personnel due diligence

(1) For the purposes of paragraph 26F(7)(a) of the Act, this section specifies requirements in relation to the matter mentioned in paragraph 26F(4)(d) of the Act (undertaking due diligence in relation to persons who are, or will be, employed or otherwise engaged by the reporting entity).

(2) The AML/CTF policies of the reporting entity must require the reporting entity, as part of undertaking that due diligence, to assess, both before a person’s employment or engagement and during a person’s employment or engagement:

(a) the person’s skills, knowledge and expertise relevant to the particular responsibilities of the person under the AML/CTF policies; and

(b) the person’s integrity.

5‑9 Providing personnel training

(1) For the purposes of paragraph 26F(7)(a) of the Act, this section specifies requirements in relation to the matter mentioned in paragraph 26F(4)(e) of the Act (providing training to persons who are employed or otherwise engaged by the reporting entity).

(2) The AML/CTF policies of the reporting entity must deal with both initial training upon a person’s employment or engagement and ongoing training during a person’s employment or engagement.

(3) The AML/CTF policies of the reporting entity must require that the training provided to a person:

(a) is appropriate having regard to:

(i) the particular function performed by the person; and

(ii) the particular risks of money laundering, financing of terrorism and proliferation financing that are relevant to the person’s function; and

(iii) the particular responsibilities of the person under the AML/CTF policies; and

(b) is readily understandable by the person.

5‑10 Independent evaluations

(1) For the purposes of paragraph 26F(7)(a) of the Act, this section specifies requirements in relation to the matter mentioned in paragraph 26F(4)(f) of the Act (the conduct of independent evaluations of the reporting entity’s AML/CTF program).

(2) The AML/CTF policies of the reporting entity must require the following as part of the conduct of an independent evaluation:

(a) evaluation of the steps taken by the reporting entity when undertaking or reviewing the reporting entity’s ML/TF risk assessment, against the requirements of the Act, the regulations and the AML/CTF Rules;

(b) evaluation of the design of the reporting entity’s AML/CTF policies, against the requirements of the Act, the regulations and the AML/CTF Rules;

(d) testing and evaluation of whether the reporting entity is appropriately identifying, assessing, managing and mitigating the risks of money laundering, financing of terrorism and proliferation financing that the reporting entity may reasonably face in providing its designated services;

(e) production of a written report (an independent evaluation report) containing findings on the matters mentioned in paragraphs (a) to (d);

(f) delivery of the independent evaluation report to the governing body of the reporting entity and to any senior manager responsible for approvals under section 26P of the Act.

(3) The AML/CTF polices of the reporting entity must deal with how the reporting entity will respond to an independent evaluation report.

5‑11 Fulfilling reporting obligations

For the purposes of paragraph 26F(4)(g) of the Act, the AML/CTF policies of a reporting entity must deal with ensuring that information reported by the entity under sections 41, 43, 46 and 46A of the Act is complete, accurate and free from unauthorised change.

5‑12 Assessment of potential suspicious matters

For the purposes of paragraph 26F(4)(g) of the Act, the AML/CTF policies of a reporting entity must deal with the following:

(a) enabling timely review of material that is relevant to matters that may need to be reported under section 41 of the Act;

(b) ensuring determination, as soon as practicable, of whether the reporting entity suspects on reasonable grounds any of the matters referred to in paragraphs 41(1)(d) to (j) of the Act.

5‑13 Prevention of tipping off

For the purposes of paragraph 26F(4)(g) of the Act, the AML/CTF policies of a reporting entity must deal with establishing safeguards to prevent any contravention of subsection 123(1) of the Act by the reporting entity or an officer, employee or agent of the reporting entity, including by ensuring the confidentiality and appropriate use of information disclosed by the reporting entity to persons employed or otherwise engaged by the reporting entity.

Division 4—AML/CTF compliance officers

5‑14 AML/CTF compliance officer requirements—matters to have regard to in determining whether a fit and proper person

(1) For the purposes of subsection 26J(4) of the Act, a reporting entity must have regard to the following matters in determining whether an individual is a fit and proper person for the purposes of paragraph 26J(3)(b) of the Act:

(a) whether the individual possesses the necessary competence, skills, knowledge, diligence, expertise and soundness of judgement to properly perform the duties of the AML/CTF compliance officer for the reporting entity (also having regard to the nature, size and complexity of the reporting entity);

(b) whether the individual has the attributes of good character, honesty and integrity;

(d) whether the individual has been the subject of civil or criminal proceedings, or a regulatory or disciplinary process in Australia or a foreign country that:

(i) related to the management of an entity, or commercial or professional activity; and

(ii) involved an adverse finding as to the individual’s competence, diligence, judgement, honesty or integrity;

(e) whether the individual is an undischarged bankrupt under the law of Australia or a foreign country;

(f) whether the individual has executed a personal insolvency agreement under Part X of the Bankruptcy Act 1966 or a similar law of a foreign country;

(g) whether the individual has a conflict of interest that will create a material risk that the individual will fail to properly perform the duties of the AML/CTF compliance officer for the reporting entity.

(2) Paragraph (1)(c) of this section does not affect the operation of Part VIIC of the Crimes Act 1914 (which includes provisions that, in certain circumstances, relieve persons from the requirement to disclose spent convictions and require persons aware of such convictions to disregard them).

Division 5—AML/CTF program documentation

5‑15 Time period for AML/CTF program documentation

(1) For the purposes of subsection 26N(1) of the Act, a reporting entity must document:

(a) the ML/TF risk assessment undertaken by the reporting entity under section 26C of the Act; and

(b) the AML/CTF policies developed by the reporting entity under section 26F of the Act;

within the period ending immediately before the reporting entity first commences providing a designated service to a customer.

(2) For the purposes of subsection 26N(1) of the Act, if a reporting entity:

(a) updates its ML/TF risk assessment under section 26D of the Act; or

(b) updates its AML/CTF policies;

the reporting entity must document its AML/CTF program (as updated) within 14 days after the update occurs.

Division 6—AML/CTF policies related to lead entities

5‑16 Record‑keeping by lead entity of reporting group

For the purposes of paragraph 26F(6)(d) of the Act, the AML/CTF policies of a reporting entity that is the lead entity of a reporting group must deal with keeping up‑to‑date records about the membership of the reporting group (including recording changes of membership).

Division 7—AML/CTF policies related to transfers of value

5‑17 Policies relating to the obligations of ordering institutions

Scope

(1) This section applies if a reporting entity is to provide a designated service covered by item 29 of table 1 in section 6 of the Act as an ordering institution.

Policies relating to all transfers of value

(2) For the purposes of paragraph 26F(4)(g) of the Act, the AML/CTF policies of the reporting entity must set out systems and controls to enable the reporting entity to comply with its obligation under subsection 64(5) of the Act to provide information to another institution in the value transfer chain as soon as practicable after receiving a request.

(3) For the purposes of paragraph 26F(7)(b) of the Act, the AML/CTF policies of a reporting entity are taken to comply with the matters mentioned in subsection (2) in relation to the provision of information if they require provision of the information within 3 business days after receiving sufficient information from the other institution to process the request.

Policies relating to merchant payments

(4) Subsection (5) applies if:

(a) the designated service relates to a merchant payment; and

(b) the designated service is provided at or through a permanent establishment of the reporting entity in Australia.

(5) For the purposes of paragraph 26F(1)(d) of the Act, the AML/CTF policies of a reporting entity must enable the reporting entity to provide the following information to another institution in the value transfer chain within 3 business days after receiving a request from the institution for that information:

(a) the reporting entity’s full name;

(b) the permanent establishment at or through which it provided the designated service.

Policies relating to virtual asset transfers

(6) For the purposes of paragraph 26F(3)(e) of the Act, the AML/CTF policies of a reporting entity must deal with the following if the designated service relates to the transfer of a virtual asset:

(a) how the reporting entity will undertake due diligence to determine, for the purposes of subsection 66A(2) of the Act:

(i) whether the wallet to which the virtual asset is being transferred is a custodial wallet or a self‑hosted wallet; and

(ii) if the wallet is a custodial wallet—whether the person who controls the wallet is required to be licensed or registered under a law that gives effect to the FATF Recommendations, and, if the person is so required, whether the person is so licensed or registered;

(b) if the person who controls the wallet is a person licensed or registered under a law that gives effect to the FATF Recommendations, or a person not required to be so licensed or registered—how the reporting entity will determine whether the beneficiary institution is capable of:

(i) securely receiving the information that the reporting entity is required to pass on under subsection 64(3) of the Act; and

(ii) safeguarding the confidentiality of that information;

(c) if the wallet is a self‑hosted wallet—how the reporting entity will identify the payee and any steps the reporting entity will take to verify the person who controls the wallet;

(d) how the reporting entity will manage and mitigate the ML/TF risk of transferring the virtual asset if the person who controls the wallet is:

(i) the payee (in a case where the person who controls the wallet has not been verified); or

(ii) a person not required to be licensed or registered under a law that gives effect to the FATF Recommendations.

Note: Subsection 66A(4) of the Act prohibits provision of the designated service if the transfer of value involves passing on a transfer message to a person who is required to be licensed or registered under a law that gives effect to the FATF Recommendations, but is not so licensed or registered.

5‑18 Policies relating to the obligations of beneficiary institutions

Scope

(1) This section applies if a reporting entity is to provide a designated service covered by item 30 of table 1 in section 6 of the Act as a beneficiary institution to a payee.

Policies relating to all transfers of value

(2) For the purposes of paragraph 26F(3)(e) of the Act, the AML/CTF policies of a reporting entity must deal with the following:

(a) the steps that the reporting entity will take to monitor:

(i) whether the reporting entity has received the information specified in section 8‑4 of this instrument relating to the transfer of value; and

(ii) whether the information received about the payee is accurate;

(b) determining whether to make the transferred value available to the payee in the circumstances described in subsection 65(3) of the Act;

(c) determining whether to request further information from another institution in the value transfer chain in the circumstances described in subsection 65(3) of the Act.

Note: Subsection 66A(6) of the Act prohibits a beneficiary institution from providing the designated service in relation to the transfer of a virtual asset if it has not received or otherwise obtained all of the information, unless the exception in subsection 66A(10) applies.

Policies relating to virtual asset transfers

(3) The AML/CTF policies of the reporting entity must also deal with the following if the designated service is to be provided in relation to the transfer of a virtual asset:

(a) how the reporting entity will undertake due diligence to determine, for the purposes of subsection 66A(2) of the Act:

(i) whether the wallet from which the virtual asset is being transferred is a custodial wallet or a self‑hosted wallet; and

(b) if the person who controls the wallet is a person who is licensed or registered under a law that gives effect to the FATF Recommendations, or a person not required to be so licensed or registered—how the reporting entity will determine whether the ordering institution, and any intermediary institution, is capable of securely passing on the information specified in section 8‑4 of this instrument relating to the transfer of value;

(c) if the wallet is a self‑hosted wallet—how the reporting entity will identify the payer, and any steps the reporting entity will take to verify the person who controls the wallet;

(d) how the reporting entity will manage and mitigate the ML/TF risk of transferring the virtual asset if the person who controls the wallet is:

(i) the payer (in a case where the person who controls the wallet has not been verified); or

(ii) a person not required to be licensed or registered under a law that gives effect to the FATF Recommendations; or

(iii) a person licensed or registered under a law that gives effect to the FATF Recommendations, in a case where the ordering institution or any intermediary institution is not capable of securely passing on information.

Note: Subsection 66A(7) of the Act prohibits provision of the designated service if the person who controls the wallet is required to be licensed or registered under a law that gives effect to the FATF Recommendations, but is not so licensed or registered.

Policies relating to merchant payments

(4) Subsection (5) applies if:

(a) the designated service provided by a reporting entity relates to a merchant payment; and

(b) the designated service is provided at or through a permanent establishment of the reporting entity in Australia.

(5) For the purposes of paragraph 26F(1)(d) of the Act, the AML/CTF policies of the reporting entity must enable the reporting entity to provide the following information to another institution in the value transfer chain within 3 business days after receiving a request from the institution for that information:

(a) the reporting entity’s full name;

(b) the permanent establishment at or through which it provided the designated service.

5‑19 Policies relating to the obligations of intermediary institutions

Scope

(1) This section applies if a reporting entity is to provide a designated service covered by item 31 of table 1 in section 6 of the Act, as an intermediary institution, for a transfer of value.

Policies relating to all transfers of value

(2) For the purposes of paragraph 26F(3)(e) of the Act, the AML/CTF policies of a reporting entity must deal with the following:

(a) the steps that the reporting entity will take to monitor whether the reporting entity has received the information specified in section 8‑5 of this instrument relating to the transfer of value;

(b) determining whether to pass on a transfer message for the transfer of value in the circumstances described in subsection 66(3) of the Act;

(c) determining whether to request further information from another institution in the value transfer chain in the circumstances described in subsection 66(3) of the Act.

(3) For the purposes of paragraph 26F(4)(g) of the Act, the AML/CTF policies of the reporting entity must set out systems and controls to enable the reporting entity to comply with its obligations under subsection 66(5) of the Act to provide information to another institution in the value transfer chain as soon as practicable after receiving a request.

(4) For the purposes of paragraph 26F(7)(b) of the Act, the AML/CTF policies of a reporting entity are taken to comply with the matters mentioned in subsection (3) of this section if they require provision of the information within 3 business days after receiving sufficient information from the institution to process the request.

Division 8—AML/CTF policies related to real estate transactions

5‑20 Policies relating to customer due diligence for real estate transactions

For the purposes of paragraph 26F(3)(e) of the Act, the AML/CTF policies of a reporting entity that:

(a) is to provide a designated service covered by item 1 of table 5 or item 1 of table 6 in section 6 of the Act; and

(b) is a participant in an arrangement of the kind described in paragraph 6‑33(f) of this instrument;

must deal with how the reporting entity will verify the KYC information the reporting entity has collected in relation to a customer before the settlement of a sale, purchase or transfer of real estate, if the reporting entity does not obtain KYC information and data used for verification in relation to the customer from another reporting entity as described in paragraph 6‑33(g) of this instrument.

Part 6—Customer due diligence

Division 1—Initial customer due diligence

6‑1 Customer is sole trader

(1) This section applies in relation to complying with the obligation imposed on a reporting entity under subsection 28(1) of the Act in relation to a customer, if:

(a) the customer is an individual; and

(b) the provision of a designated service is proposed to relate to the customer’s conduct of a business; and

(c) a designated service is proposed to be provided by the reporting entity to the customer at or through a permanent establishment of the reporting entity in Australia.

(2) For the purposes of paragraph 28(6)(a) of the Act, in establishing on reasonable grounds the matter mentioned in paragraph 28(2)(a) of the Act (the identity of the customer), the reporting entity must collect at least the following KYC information:

(a) the customer’s full name;

(b) any business name used for the conduct of the business;

(d) a unique identifier for the business or, if none has been given, a unique identifier for the customer (if any has been given);

(e) the address of the principal place of business of the customer.

(3) For the purposes of paragraph 28(6)(a) of the Act, in establishing on reasonable grounds the matter mentioned in paragraph 28(2)(f) of the Act (the nature and purpose of the business relationship or occasional transaction), the reporting entity must collect at least KYC information about the nature of the customer’s business.

6‑2 Customer is body corporate, partnership or unincorporated association

(1) This section applies in relation to complying with the obligation imposed on a reporting entity under subsection 28(1) of the Act in relation to a customer, if:

(a) the customer is a body corporate, a partnership or an unincorporated association; and

(b) a designated service is proposed to be provided by the reporting entity to the customer at or through a permanent establishment of the reporting entity in Australia.

(2) For the purposes of paragraph 28(6)(a) of the Act, in establishing on reasonable grounds the matter mentioned in paragraph 28(2)(a) (the identity of the customer), the reporting entity must collect at least the following KYC information:

(a) the customer’s full name;

(b) any business names of the customer;

(d) a unique identifier for the customer (if any has been given);

(e) the address of the principal place of business or operations of the customer;

(f) the address of any registered office of the customer;

(g) evidence of the customer’s existence;

(h) information about the powers that bind and govern the customer;

(i) the full name, and if applicable director identification number, of the individual, or each member of the group of individuals, with primary responsibility for the governance and executive decisions of the customer.

(3) For the purposes of paragraph 28(6)(a) of the Act, in establishing on reasonable grounds the matter mentioned in paragraph 28(2)(d) of the Act (the identity of any beneficial owners of the customer), the reporting entity must collect at least KYC information about the ownership and control structure of the customer.

(4) For the purposes of paragraph 28(6)(a) of the Act, in establishing on reasonable grounds the matter mentioned in paragraph 28(2)(f) of the Act (the nature and purpose of the business relationship or occasional transaction), the reporting entity must collect at least KYC information about the nature of the customer’s business or operations.

6‑3 Customer is trust or foreign equivalent

(1) This section applies in relation to complying with the obligation imposed on a reporting entity under subsection 28(1) of the Act in relation to a customer, if:

(a) the customer is a trust, or an equivalent foreign legal arrangement such as a fiducie, waqf, treuhand or fideicomiso; and

(b) a designated service is proposed to be provided by the reporting entity to the customer at or through a permanent establishment of the reporting entity in Australia.

(a) the customer’s full name;

(b) the kind of trust or equivalent (such as discretionary trust, bare trust or unit trust);

(d) any other names the customer is commonly known by;

(e) a unique identifier for the customer (if any has been given);

(f) the address of the principal place of business or operations of the customer;

(g) evidence of the customer’s existence;

(h) information about the powers that bind and govern the customer;

(i) the full name of the individual, or each member of the group of individuals, with primary responsibility for the governance and executive decisions of the customer.

(3) For the purposes of paragraph 28(6)(a) of the Act, in establishing on reasonable grounds the matter mentioned in paragraph 28(2)(b) of the Act (the identity of any person on whose behalf the customer is receiving the designated service), the reporting entity must collect at least KYC information about:

(a) the identity of each beneficiary of the trust or equivalent; or

(b) if the nature of the trust or equivalent means it is not possible to identify each beneficiary, a description of each class of beneficiary.

(4) For the purposes of paragraph 28(6)(a) of the Act, in establishing on reasonable grounds the matter mentioned in paragraph 28(2)(c) of the Act, the reporting entity must collect at least KYC information about the identity of the trustees of the trust.

(5) For the purposes of paragraph 28(6)(a) of the Act, in establishing on reasonable grounds the matter mentioned in paragraph 28(2)(d) of the Act (the identity of any beneficial owners of the customer), the reporting entity must collect at least the following KYC information:

(a) the control structure of the customer;

(b) the identity of any settlor, appointor, guardian or protector of the trust or equivalent.

(6) For the purposes of paragraph 28(6)(a) of the Act, in establishing on reasonable grounds the matter mentioned in paragraph 28(2)(f) of the Act (the nature and purpose of the business relationship or occasional transaction), the reporting entity must collect at least KYC information about the nature of the customer’s business or operations.

6‑4 Customer is government body

(1) This section applies in relation to complying with the obligation imposed on a reporting entity under subsection 28(1) of the Act in relation to a customer, if:

(a) the customer is a government body; and

(b) a designated service is proposed to be provided by the reporting entity to the customer at or through a permanent establishment of the reporting entity in Australia.

(a) the customer’s full name;

(b) any other names the customer is commonly known by;

(d) a unique identifier for the customer (if any has been given);

(e) the address of the principal place of business or operations of the customer;

(f) evidence of the customer’s existence;

(g) the full name, of the individual, or each member of the group of individuals, with primary responsibility for the governance and executive decisions of the customer.

6‑5 Establishing the identity of persons associated with the customer

(1) For the purposes of paragraph 28(6)(a) of the Act, this section specifies requirements in relation to establishing on reasonable grounds the identity of:

(a) any person on whose behalf a customer is receiving a designated service, if the person is not an individual; or

(b) any person acting on behalf of a customer, if the person is not an individual.

(2) A reporting entity must collect at least the information relating to the identity of the person that would be required under whichever of subsections 6‑2(2), 6‑3(2) or 6‑4(2) would apply to the person as a customer.

6‑6 Person on whose behalf the customer is receiving the designated service

Customer other than trust or foreign equivalent

(1) For the purposes of paragraph 28(6)(b) of the Act, a reporting entity is taken to have established on reasonable grounds the matter mentioned in paragraph 28(2)(b) of the Act in relation to a customer if:

(a) the customer is not a trust or an equivalent foreign legal arrangement such as a fiducie, waqf, treuhand or fideicomiso; and

(b) the designated service proposed to be provided by the reporting entity to the customer is not covered by item 37 or 38 of table 1 in section 6 of the Act (services relating to a life policy or sinking fund policy); and

(c) the reporting entity has established on reasonable grounds the identity of the customer as required by paragraph 28(2)(a) of the Act.

Note: For a rule relating to providing a designated service covered by item 37 or 38 of table 1, see Division 10 of this Part.

Customer is trust or foreign equivalent and designated service provided in foreign country

(2) For the purposes of paragraph 28(6)(b) of the Act, a reporting entity is taken to have established on reasonable grounds the matter mentioned in paragraph 28(2)(b) of the Act in relation to a customer if:

(a) the customer is a trust or an equivalent foreign legal arrangement such as a fiducie, waqf, treuhand or fideicomiso; and

(b) the designated service proposed to be provided by the reporting entity to the customer is to be provided at or through a permanent establishment of the reporting entity in a foreign country; and

(i) the identity of the beneficiaries of the trust or equivalent; or

(ii) if the nature of the trust or equivalent means that it is not possible to identify each beneficiary—a description of each class of beneficiary.

6‑7 Beneficial owners of the customer

(1) For the purposes of paragraph 28(6)(b) of the Act, a reporting entity is taken to have established on reasonable grounds the matter mentioned in paragraph 28(2)(d) of the Act (the identity of any beneficial owners of the customer) in relation to the customer if the reporting entity has established on reasonable grounds that:

(a) the customer is a listed public company; and

(b) the customer is subject to public disclosure requirements (however imposed) that ensure transparency regarding the identity of any beneficial owners.

(2) In circumstances where subsection (1) applies, the reporting entity is also taken to have established on reasonable grounds, for the purposes of paragraph 28(2)(e) of the Act, whether any beneficial owner of the customer is a politically exposed person or a person designated for targeted financial sanctions.

6‑8 Beneficial owners and senior manager, for bodies corporate, partnerships and unincorporated associations

If reporting entity is unable to establish the identity of any beneficial owners

(a) the customer is a body corporate, partnership or unincorporated association; and

(b) the reporting entity has taken all reasonable steps to establish the identity of any beneficial owners of the customer, but has been unable to do so; and

(c) the reporting entity has recorded the steps taken and any difficulties encountered in attempting to establish the identity of any beneficial owners; and

(d) the reporting entity has collected information about the identity of the individual who is the chief executive officer (or equivalent) of the customer; and

(e) the reporting entity has verified, using reliable and independent data, such of that information as is appropriate to the ML/TF risk of the customer.

If reporting entity establishes there are no beneficial owners

(2) For the purposes of paragraph 28(2)(g) of the Act, the matter in subsection (3) of this section is specified in relation to a customer if:

(a) the customer is a body corporate, partnership or unincorporated association; and

(b) the reporting entity establishes on reasonable grounds that the customer does not have any beneficial owners.

(3) The matter is the identity of the individual who is the chief executive officer (or equivalent) of the customer.

6‑9 The nature and purpose of the business relationship or occasional transaction

For the purposes of paragraph 28(6)(b) of the Act, a reporting entity is taken to have established on reasonable grounds the matter mentioned in paragraph 28(2)(f) of the Act (the nature and purpose of the business relationship or occasional transaction) in relation to the customer if:

(a) the reporting entity is not required to apply enhanced customer due diligence measures in relation to the customer; and

(b) if the customer is an individual—the reporting entity has taken reasonable steps to establish that the customer is the person the customer claims to be; and

(c) the reporting entity has identified the ML/TF risk of the customer, based on KYC information about the customer that is reasonably available to the reporting entity before commencing to provide the designated service; and

(d) the reporting entity has collected KYC information about the customer relating to the matter mentioned in paragraph 28(2)(f) of the Act that is appropriate to the ML/TF risk of the customer.

Note: For when enhanced customer due diligence measures must be applied in relation to a customer, see section 32 of the Act and Division 4 of this Part.

6‑10 Individual cannot provide satisfactory evidence regarding a matter

For the purposes of paragraph 28(6)(b) of the Act, a reporting entity is taken to have established on reasonable grounds a matter mentioned in subsection 28(2) that relates to establishing the identity of a person if:

(a) the person is an individual; and

(b) the person is unable to provide the information or evidence of identity necessary for the reporting entity to establish the matter because:

(i) the person is unable to obtain the information or evidence; or

(ii) the person is unable to access the information or evidence due to circumstances beyond the person’s control; and

(d) if the person is the customer—the reporting entity has done all of the following:

(i) identified the ML/TF risk of the customer, based on KYC information about the customer that is reasonably available to the reporting entity before commencing to provide the designated service;

(ii) collected KYC information about the customer that is appropriate to the ML/TF risk of the customer;

(iii) taken reasonable steps to verify, using data reasonably available to the reporting entity, such of the KYC information referred to in subparagraph (ii) as is appropriate to the ML/TF risk of the customer; and

(e) the reporting entity has AML/CTF policies to mitigate and manage any additional ML/TF risk arising from the lack of the information or evidence.

6‑11 Previous compliance in a foreign country

For the purposes of paragraph 28(6)(b) of the Act, a reporting entity is taken to have established on reasonable grounds a matter mentioned in subsection 28(2) in relation to a customer if:

(a) the designated service is proposed to be provided by the reporting entity to the customer at or through a permanent establishment of the reporting entity in Australia; and

(b) the reporting entity or another member of the reporting group of the reporting entity has previously commenced to provide a service (whether or not a designated service) to the customer at or through a permanent establishment in a foreign country; and

(c) laws of the foreign country giving effect to the FATF Recommendations relating to customer due diligence and record‑keeping applied in relation to the provision of the service; and

(d) either:

(i) the reporting entity or other member of the reporting group was not required to establish the matter under those laws in relation to the provision of the service on the basis that the risks of money laundering, financing of terrorism and proliferation financing associated with the provision of the service to the customer were low; or

(ii) the reporting entity or other member of the reporting group established the matter in relation to the provision of the service as required by those laws; and

(e) either:

(i) the reporting entity holds the KYC information collected on the customer, and the reliable and independent data used to verify the KYC information, in connection with the provision of the service; or

(ii) the reporting entity has in place an arrangement permitting immediate access to the KYC information collected on the customer by the other member of the reporting group, and the reliable and independent data used to verify the KYC information, in connection with the provision of the service.

Division 2—Providing services before completion of initial customer due diligence

6‑12 Delayed verification—various designated services provided in Australia

Permitted circumstances

(1) For the purposes of paragraph 29(a) of the Act, a reporting entity may commence to provide a designated service to a customer (subject to the requirements of section 29 of the Act and this section) if the designated service is provided at or through a permanent establishment of the reporting entity in Australia.

(2) However, subsection (1) does not apply in circumstances where section 6‑13, 6‑14 or 6‑32 applies to the provision of the designated service.

Requirements

(3) For the purposes of paragraph 29(f) of the Act, it is a requirement for commencing to provide any such designated service that the reporting entity:

(a) if the customer is an individual—has taken reasonable steps to establish that the customer is the person the customer claims to be; and

(b) has identified the ML/TF risk of the customer, based on KYC information about the customer that is reasonably available to the reporting entity; and

(c) has collected KYC information about the customer relating to all matters mentioned in subsection 28(2) of the Act, other than the matters specified in subsection 6‑23(2) of this instrument, that is appropriate to the ML/TF risk of the customer; and

(d) has established on reasonable grounds the matters in paragraphs 28(2)(a) and (c) of the Act.

Note: Section 29 of the Act requires that the reporting entity also determines on reasonable grounds that commencing to provide the service is essential to avoid interrupting the ordinary course of business, and that any additional risk of money laundering, terrorism financing or proliferation financing is low, and the reporting entity has and implements AML/CTF policies relating to completing initial customer due diligence and mitigating and managing risks.

(4) For the purposes of paragraph 29(f) of the Act, it is a further requirement for commencing to provide any such designated service that the reporting entity must not, before complying with subsection 28(1) of the Act:

(a) transfer, or allow or facilitate the transfer of, money, property or virtual assets for or on behalf of the customer; or

(b) otherwise make money, property or virtual assets available to the customer (other than holding the money, property or virtual assets in an account or otherwise on deposit from the customer).

Specified period

(5) For the purposes of subparagraph 29(c)(ii) of the Act, the specified period is the period ending 20 business days after commencing to provide the designated service to the customer.

Note: In all cases, paragraph 29(c) of the Act requires a reporting entity to have AML/CTF policies to comply with subsection 28(1) of the Act as soon as reasonably practicable after commencing to provide the designated service to the customer.

6‑13 Delayed verification—opening an account and deposit

Permitted circumstances

(a) one of the following applies to the designated service:

(i) the designated service is covered by item 1 of table 1 in section 6 of the Act;

(ii) the designated service is covered by item 3 of table 1 in section 6 of the Act, and the transaction is a deposit made to the account;

(iii) provision of the designated service is reasonably incidental to the provision of a designated service mentioned in subparagraph (i) or (ii); and

(b) the designated service is provided at or through a permanent establishment of the reporting entity in Australia.

Requirements

(2) For the purposes of paragraph 29(f) of the Act, it is a further requirement for commencing to provide any such designated service that the reporting entity must not, before complying with subsection 28(1) of the Act:

(a) transfer, or allow or facilitate the transfer of, money, property or virtual assets for or on behalf of the customer; or

(b) otherwise make money, property or virtual assets available to the customer (other than holding the money, property or virtual assets in an account or otherwise on deposit from the customer).

6‑14 Delayed verification—certain financial market transactions

Permitted circumstances

(a) the designated service is covered by item 33 of table 1 in section 6 of the Act; and

(b) the acquisition or disposal is of a security, derivative or foreign exchange contract on a declared financial market (within the meaning of the Corporations Act 2001); and

(c) the acquisition or disposal must be performed rapidly due to financial market conditions relevant to the transaction; and

(d) the designated service is provided at or through a permanent establishment of the reporting entity in Australia.

Requirements

(2) For the purposes of paragraph 29(f) of the Act, further requirements for commencing to provide any such designated service are:

(a) the designated service must not involve the acquisition of an interest in a managed investment scheme to which section 1019B of the Corporations Act 2001 applies; and

(b) the reporting entity must not do any of the following before complying with subsection 28(1) of the Act:

(i) accept physical currency or virtual assets to fund the designated service;

(ii) permit the customer to transfer, or otherwise part with, proceeds from a disposal of an asset to which the designated service relates;

(iii) resell, transfer, or otherwise part with an asset to which the designated service relates that has been acquired on behalf of the customer;

(iv) allow the customer to be recredited with, or obtain a refund of, the purchase price.

Specified period

(3) For the purposes of subparagraph 29(c)(ii) of the Act, the specified period is the period ending 5 business days after commencing to provide the designated service to the customer.

Note: Paragraph 29(c) of the Act requires a reporting entity to have AML/CTF policies to comply with subsection 28(1) of the Act as soon as reasonably practicable after commencing to provide the designated service to the customer.

6‑15 Delayed initial customer due diligence—service provided in foreign country

(a) the service is provided at or through a permanent establishment of the reporting entity in a foreign country; and

(b) the law of that country that gives effect to the FATF Recommendations permits the reporting entity to establish a matter or matters in subsection 28(2) of the Act after providing the service.

(2) For the purposes of paragraph 29(f) of the Act, it is a requirement for commencing to provide any such designated service that the reporting entity has complied with the law of the foreign country relating to collection and verification of KYC information in relation to providing the service.

Division 3—Simplified customer due diligence

6‑16 Simplified customer due diligence requirements generally

For the purposes of paragraph 31(c) of the Act, for a reporting entity to apply simplified customer due diligence measures, the AML/CTF policies of the reporting entity must deal with the application of those measures.

6‑17 Simplified initial customer due diligence for certain matters

For the purposes of paragraph 28(6)(b) of the Act, a reporting entity is taken to have established on reasonable grounds a matter mentioned in paragraph 28(2)(b), (c) or (d) of the Act in relation to a customer if:

(a) section 31 of the Act permits the reporting entity to apply simplified customer due diligence measures in relation to the customer; and

(b) if the customer is an individual—the reporting entity has taken reasonable steps to establish that the customer is the person the customer claims to be; and

(d) the reporting entity has collected KYC information about the customer relating to the matter that is appropriate to the ML/TF risk of the customer; and

(e) there are no reasonable grounds for the reporting entity to doubt the adequacy or veracity of that KYC information.

6‑18 Simplified initial customer due diligence for identity of beneficial owners

(1) For the purposes of paragraph 28(6)(b) of the Act, a reporting entity is taken to have established on reasonable grounds the matter mentioned in paragraph 28(2)(d) of the Act in relation to a customer if:

(a) section 31 of the Act permits the reporting entity to apply simplified customer due diligence measures in relation to the customer; and

(b) the reporting entity has established on reasonable grounds that the customer is, or is controlled by:

(i) a government body; or

(ii) an entity that is subject to oversight by a prudential, insurance, or investor protection regulator through registration or licensing requirements; or

(iii) a corporation or association of homeowners in a strata title or community title scheme.

6‑19 Person acting on behalf of customer

For the purposes of paragraph 28(6)(b) of the Act, a reporting entity is taken to have established on reasonable grounds, for the purposes of paragraph 28(2)(c) of the Act, the identity of a person acting on behalf of the customer and their authority to do so if:

(a) the customer is not an individual; and

(b) the reporting entity has established on reasonable grounds the authority of the person to act on behalf of the customer; and

(c) the reporting entity determines on reasonable grounds that any additional risk of money laundering, terrorism financing or proliferation financing associated with the person acting on behalf of the customer is low; and

(d) has collected KYC information about the customer, relating to the person acting on behalf of the customer, that is appropriate to the ML/TF risk of the customer; and

(e) there are no reasonable grounds for the reporting entity to doubt the adequacy or veracity of that KYC information.

Division 4—Enhanced customer due diligence

6‑20 Enhanced customer due diligence required when customer seeks unusual services

For the purposes of paragraph 32(f) of the Act, enhanced customer due diligence measures must be applied to a customer who requests the provision of designated services that:

(a) have no apparent economic or legal purpose; or

(b) would involve unusually complex or large transactions; or

6‑21 Establishing source of wealth and source of funds when enhanced due diligence required in certain circumstances

(1) For the purposes of paragraph 28(2)(g) of the Act, a matter in subsection (3) of this section is specified in relation to a customer if:

(a) the reporting entity must apply enhanced customer due diligence measures in relation to the customer because paragraph 32(a), (b) or (d) of the Act applies to the customer; and

(b) the matter is relevant to the nature of the ML/TF risk of the customer.

(2) For the purposes of paragraph 30(2)(e) of the Act, a reporting entity must, in the course of reviewing, updating and reverifying KYC information as required by paragraph 30(2)(c) of the Act, ensure that it holds information on a matter in subsection (3) of this section if:

(a) the reporting entity must apply enhanced customer due diligence measures in relation to the customer because paragraph 32(a), (b) or (d) of the Act applies to the customer; and

(b) the matter is relevant to the nature of the ML/TF risk of the customer.

(3) The matters are:

(a) the source of the customer’s wealth; and

(b) the source of the customer’s funds.

6‑22 Enhanced customer due diligence requirements for certain virtual asset services

(1) For the purposes of paragraph 32(f) of the Act, enhanced customer due diligence must be applied to a customer who deposits or receives physical currency in the course of receiving a designated service covered by item 50A of table 1 in section 6 of the Act.

(2) For the purposes of paragraph 30(2)(e) of the Act, a reporting entity must collect and verify information about the source of funds of a customer who deposits or receives physical currency in the course of receiving a designated service covered by item 50A of table 1 in section 6 of the Act.

(3) For the purposes of paragraph 30(2)(e) of the Act, a reporting entity must, in the course of reviewing, updating and reverifying KYC information as required by paragraph 30(2)(c) of the Act, ensure that it holds information on the source of a customer’s wealth if the reporting entity must apply enhanced customer due diligence measures in relation to the customer because of subsection (1) of this section.

Division 5—Politically exposed persons

6‑23 Matters for initial customer due diligence—politically exposed person

(1) For the purposes of paragraph 28(2)(g) of the Act, the matters in subsection (2) of this section are specified in relation to a customer if:

(a) the reporting entity has established on reasonable grounds that the customer, any beneficial owner of the customer or any person on whose behalf the customer is receiving the designated service is a foreign politically exposed person; or

(b) both:

(i) the reporting entity has established on reasonable grounds that the customer, any beneficial owner of the customer or any person on whose behalf the customer is receiving the designated service is a domestic politically exposed person; and

(ii) the ML/TF risk of the customer is high; or

(i) the reporting entity has established on reasonable grounds that the customer, any beneficial owner of the customer or any person on whose behalf the customer is receiving the designated service is an international organisation politically exposed person; and

(ii) the ML/TF risk of the customer is high.

(2) The matters are:

(a) the source of the politically exposed person’s wealth; and

(b) the source of the politically exposed person’s funds.

(3) A foreign politically exposed person is to be treated as a domestic politically exposed person for the purposes of subsection (1) if:

(a) the designated service is being provided to the customer at or through a permanent establishment in a foreign country; and

(b) the foreign politically exposed person has that status because of the person’s connection to the same foreign country.

6‑24 Ongoing customer due diligence—politically exposed person

(1) For the purposes of subparagraph 30(2)(c)(ii) of the Act, the reporting entity must review, and where appropriate, update and reverify KYC information relating to the customer if:

(a) the customer, a beneficial owner of the customer or a person on whose behalf the customer is receiving the designated service becomes a foreign politically exposed person; or

(b) both:

(i) the customer, a beneficial owner of the customer or a person on whose behalf the customer is receiving the designated service becomes a domestic politically exposed person; and

(ii) the ML/TF risk of the customer is high; or

(i) the customer, a beneficial owner of the customer or a person on whose behalf the customer is receiving the designated service becomes an international organisation politically exposed person; and

(ii) the ML/TF risk of the customer is high.

(2) A foreign politically exposed person is to be treated as a domestic politically exposed person for the purposes of subsection (1) if:

(a) the designated service is being provided to the customer at or through a permanent establishment in a foreign country; and

(b) the foreign politically exposed person has that status because of the person’s connection to the same foreign country.

Division 6—Nested services relationships

6‑25 Matters for initial customer due diligence—nested services relationship

For the purposes of paragraph 28(2)(g) of the Act, the following matters are specified in relation to a customer of a reporting entity when a designated service is proposed to be provided to the customer as part of a nested services relationship:

(a) the ownership, control and management structures of:

(i) the customer; and

(ii) the ultimate parent of the customer (if any);

(b) the nature, size and complexity of the customer’s business, including:

(i) the products and services offered by the customer, and the delivery channels by which it provides services; and

(ii) the kinds of customers that the customer of the reporting entity has; and

(iii) the kinds of transactions that would be carried out on behalf of the customer’s own customers as part of the nested services relationship and the services that would be provided to those customers that relate to such transactions;

(i) in which the customer operates or of which it is a resident; and

(ii) if the ultimate parent of the customer (if any) has group‑wide anti‑money laundering and counter‑terrorism financing policies, procedures, systems and controls, and the customer operates within those group‑wide requirements—in which the ultimate parent operates or of which it is a resident;

(d) the existence and quality of any anti‑money laundering and counter‑terrorism financing regulation and supervision in the country or countries identified under paragraph (c) and the customer’s compliance practices in relation to those regulations;

(e) the appropriateness of the customer’s anti‑money laundering and counter‑terrorism financing systems and controls;

(f) the reputation, based on publicly available information, of the customer and the members (if any) of the business group of which the customer is a member that are a remitter, virtual asset service provider or financial institution, including whether the customer or any of those members has been the subject of:

(i) a regulatory investigation relating to implementation of anti‑money laundering, counter‑terrorism financing or sanctions obligations; or

(ii) adverse regulatory action relating to implementation of anti‑money laundering, counter‑terrorism financing or sanctions obligations; or

(iii) an investigation or criminal or civil proceedings relating to money laundering, financing of terrorism or other serious crimes;

(g) whether the customer of the reporting entity:

(i) would undertake initial customer due diligence and ongoing customer due diligence in relation to its own customers who would be provided services as part of the nested services relationship; and

(ii) would be able to provide to the reporting entity, on request, information collected when the customer of the reporting entity undertakes initial customer due diligence and ongoing customer due diligence in relation to its own customers, and the reliable and independent data used to verify the information;

(h) whether the customer allows shell banks to receive services;

(i) whether the customer of the reporting entity ensures that it does not provide services to its own customers in circumstances where those customers have a nested services relationship or correspondent banking relationship with a shell bank.

6‑26 Ongoing customer due diligence—nested services relationship

(1) For the purposes of subparagraph 30(2)(b)(iii) of the Act, the reporting entity must review, and where appropriate, update the reporting entity’s identification and assessment of the ML/TF risk of a customer if:

(a) the reporting entity provides designated services to the customer as part of a nested services relationship; and

(b) 2 years have elapsed since the reporting entity last identified and assessed the ML/TF risk of the customer.

(2) For the purposes of subparagraph 30(2)(c)(ii) of the Act, the reporting entity must review and, where appropriate, update and reverify KYC information relating to a customer if:

(a) the reporting entity provides designated services to the customer as part of a nested services relationship; and

(b) 2 years have elapsed since the reporting entity last collected or reviewed the KYC information relating to the customer.

(3) For the purposes of subparagraph 30(2)(c)(ii) of the Act, the reporting entity must review, and where appropriate, update and reverify KYC information relating to the customer if:

(a) the reporting entity commences to provide a designated service to the customer as part of a nested services relationship; and

(b) the reporting entity has not previously provided that kind of designated service to the customer as part of such a relationship.

Division 7—Transferred customers

6‑27 Initial customer due diligence—transferred customer

(a) the customer became a customer of the reporting entity as a result of any of the following events occurring:

(i) another reporting entity (the prior entity) has assigned, conveyed, sold or transferred the whole or a part of its business to the reporting entity;

(ii) all or part of the assets and liabilities of another reporting entity (the prior entity) have become the assets and liabilities of the reporting entity as a result of a voluntary transfer that has taken effect under Part 3 of the Financial Sector (Transfer and Restructure) Act 1999;

(iii) all or part of the assets and liabilities of another reporting entity (the prior entity) have become the assets and liabilities of the reporting entity as a result of a compulsory transfer that has taken effect under an Act; and

(b) the reporting entity has obtained copies of the records that the prior entity kept under sections 107, 108, 111 and 114 of the Act in relation to the customer.

Note: This section relates to initial customer due diligence under section 28 of the Act. The reporting entity is also required to undertake ongoing customer due diligence under section 30 of the Act.

6‑28 Ongoing customer due diligence—transferred pre‑commencement customer

(1) For the purposes of paragraph 30(3)(b) of the Act, a reporting entity is taken to comply with the matters mentioned in paragraphs 30(2)(b) and (c) of the Act in relation to a customer if:

(a) the customer became a customer of the reporting entity as a result of any of the following events occurring:

(i) another reporting entity (the prior entity) has assigned, conveyed, sold or transferred the whole or a part of its business to the reporting entity;

(b) immediately before that event, the customer was a pre‑commencement customer of the prior entity; and

(c) the reporting entity has obtained copies of the records that the prior entity kept under sections 107, 108, 111 and 114 of the Act in relation to the customer; and

(d) the reporting entity monitors for significant changes in the nature and purpose of the reporting entity’s business relationship with the customer that may result in the ML/TF risk of the customer being medium or high.

(2) However, subsection (1) ceases to apply in relation to the customer if:

(a) a suspicious matter reporting obligation arises for the reporting entity in relation the customer; or

(b) there is a significant change in the nature and purpose of the business relationship with the customer which results in the ML/TF risk of the customer being medium or high.

Division 8—Reliance on collection and verification of KYC information

6‑29 Requirements for agreement or arrangement on collection and verification of KYC information

(1) For the purposes of paragraph 37A(1)(b) of the Act, the following requirements are prescribed in relation to an agreement or arrangement of the kind referred to in paragraph 37A(1)(a) of the Act:

(a) the other party to the agreement or arrangement must be:

(i) a reporting entity; or

(ii) a person regulated by one or more laws of a foreign country that give effect to the FATF Recommendations relating to customer due diligence and record‑keeping;

(b) the agreement or arrangement must be appropriate to the risks of money laundering, financing of terrorism and proliferation financing that the first entity may reasonably face in providing its designated services, taking into account the matters mentioned in subsection (2) of this section;

(c) the agreement or arrangement must enable the first entity to obtain all of the KYC information collected by the other person in accordance with paragraph 28(3)(c) of the Act:

(i) before the first entity commences to provide a designated service; or

(ii) if section 29 of the Act applies to the provision of a designated service—within the period mentioned in paragraph 29(c) of the Act;

(d) the agreement or arrangement must enable the first entity to obtain copies of the data used by the other person to verify KYC information in accordance with paragraph 28(3)(d) of the Act immediately or as soon as practicable following a request from the first entity;

(e) the agreement or arrangement must document the responsibilities of each party, including responsibilities for record‑keeping.

(2) For the purposes of paragraph (1)(b), the matters are as follows:

(a) the nature, size and complexity of the other person’s business, including:

(i) the products and services offered by the other person, and the delivery channels by which it provides services; and

(ii) the kinds of customers that the other person has;

(b) the country or countries in which the other person operates or of which the other person is a resident.

6‑30 Regular assessment of agreement or arrangement

(1) For the purposes of paragraph 37B(1)(a) of the Act, a reporting entity carrying out an assessment of an agreement or arrangement must assess whether the agreement or arrangement continues to meet the requirements of section 6‑29 of this instrument.

(2) For the purposes of paragraph 37B(1)(b) of the Act, a reporting entity must carry out assessments of an agreement or arrangement at intervals:

(a) that take into account the type and level of risks of money laundering, financing of terrorism and proliferation financing that the reporting entity may reasonably face in providing its designated services; and

(b) of not more than 2 years.

(3) A reporting entity must also carry out an assessment if there is a significant change in circumstances that may affect whether the agreement or arrangement continues to meet the requirements of section 6‑29 of this instrument.

6‑31 Requirements for reliance on collection and verification of KYC information

For the purposes of paragraph 38(e) of the Act, the following requirements are prescribed:

(a) the other person must be:

(i) a reporting entity; or

(ii) a person regulated by one or more laws of a foreign country that give effect to the FATF Recommendations relating to customer due diligence and record‑keeping;

(b) reliance on that procedure must be appropriate to the risks of money laundering, financing of terrorism and proliferation financing that the first entity may reasonably face in providing its designated services, taking into account:

(i) the nature, size and complexity of the other person’s business; and

(ii) the kinds of services provided by the other person; and

(iii) the kinds of customers to whom the other person’s services are provided; and

(iv) the delivery channels by which the other person’s services are provided; and

(v) the level of the risks of money laundering, financing of terrorism and proliferation financing in the country or countries in which the other person operates or of which the other person is a resident;

(c) for compliance with paragraph 28(3)(c) of the Act—the first entity has reasonable grounds to believe that it can obtain all of the KYC information collected by the other person in accordance with that paragraph:

(i) before the first entity commences to provide a designated service; or

(ii) if section 29 of the Act applies to the provision of a designated service—within the period mentioned in paragraph 29(c) of the Act;

(d) for compliance with paragraph 28(3)(d) of the Act—the first entity has reasonable grounds to believe that it can obtain copies of the data used by the other person to verify KYC information in accordance with that paragraph immediately or as soon as practicable following a request from the first entity;

(e) the first entity documents the reasons for the first entity concluding that the requirements of paragraphs (b) to (d) of this section are met.

Division 9—Real estate transactions

6‑32 Delayed initial customer due diligence—real estate transactions

Permitted circumstances

(a) the designated service is covered by item 1 of table 5 in section 6 of the Act (brokering the sale, purchase or transfer of real estate); and

(b) the customer is the buyer or transferee of the real estate; and

(d) the reporting entity has commenced to provide a designated service covered by item 1 of table 5 in section 6 of the Act to the seller or transferor of the real estate.

(2) For the purposes of paragraph 29(a) of the Act, a reporting entity may commence to provide a designated service to a customer (subject to the requirements of section 29 of the Act and this section) if:

(a) the designated service is covered by item 1 of table 5 in section 6 of the Act (brokering the sale, purchase or transfer of real estate); and

(b) the customer is the seller or transferor of the real estate; and

(d) the reporting entity has commenced to provide a designated service covered by item 1 of table 5 in section 6 of the Act to the buyer or transferee of the real estate.

(3) For the purposes of paragraph 29(a) of the Act a reporting entity may commence to provide a designated service to a customer (subject to the requirements of section 29 of the Act and this section) if:

(a) the designated service is covered by item 1 of table 6 in section 6 of the Act (assisting a person in a transaction to sell, buy or otherwise transfer real estate); and

(b) the customer is or is to be the buyer or transferee in the transaction; and

Specified period

(4) For the purposes of subparagraph 29(c)(ii) of the Act, in each of the circumstances mentioned in subsections (1) to (3) of this section the specified period is the period ending at the earlier of:

(a) 15 days after the exchange of contracts for the sale, purchase or transfer; and

(b) settlement of the sale, purchase or transfer of the real estate.

6‑33 Initial customer due diligence—real estate transactions

For the purposes of paragraph 28(6)(b) of the Act, a reporting entity is taken to have established on reasonable grounds a matter mentioned in paragraph 28(2)(b), (d), (e) or (g) of the Act in relation to a customer if:

(a) the only kind of designated service the reporting entity is proposing to provide to the customer is a designated service covered by:

(i) item 1 of table 5 in section 6 of the Act (brokering the sale, purchase or transfer of real estate); or

(ii) item 1 of table 6 in section 6 of the Act (assisting a person in a transaction to sell, buy or otherwise transfer real estate); and

(b) the designated service is proposed to be provided by the reporting entity to the customer at or through a permanent establishment of the reporting entity in Australia; and

(c) where the customer is an individual—the reporting entity has taken reasonable steps to establish that the customer is the person the customer claims to be; and

(d) the reporting entity has identified the ML/TF risk of the customer, based on KYC information about the customer that is reasonably available to the reporting entity before commencing to provide the designated service; and

(e) the reporting entity has collected KYC information about the customer relating to the matter that is appropriate to the ML/TF risk of the customer; and

(f) the reporting entity is a participant in an arrangement in which another participating reporting entity that will provide a designated service related to the sale, purchase or transfer of the real estate will be able to collect and verify KYC information about the customer in accordance with paragraphs 28(3)(c) and (d) of the Act no later than 15 days after the exchange of contracts for the sale, purchase or transfer; and

(g) the arrangement enables the reporting entity to obtain the KYC information collected by another participating reporting entity, and copies of the data used by the other entity to verify the KYC information, before the settlement of the sale, purchase or transfer; and

(h) the arrangement documents the responsibilities of each participant, including responsibilities for record‑keeping.

Note: Section 5‑20 of this instrument requires the AML/CTF policies of the reporting entity to deal with how the reporting entity will verify KYC information, if it does not obtain KYC information and data under the arrangement.

Division 10—Life policies and sinking fund policies

6‑34 Initial customer due diligence—life policies and sinking fund policies

For purposes of paragraph 28(6)(b) of the Act, a reporting entity is taken to have established on reasonable grounds the matter mentioned in paragraph 28(2)(b) of the Act in relation to a customer if:

(a) the designated service proposed to be provided by the reporting entity to the customer is covered by item 37 or 38 of table 1 in section 6 of the Act (services relating to a life policy or sinking fund policy); and

(b) the reporting entity has:

(i) collected the full name of any person who may be entitled to receive a payment under the policy; or

(ii) if the nature of the policy means that it is not possible to identify each such person—collected information describing each class of persons that may be entitled to a payment under the policy.

Division 11—Ongoing customer due diligence

6‑35 Monitoring for unusual transactions and behaviours

For the purposes of paragraph 30(3)(b) of the Act, a reporting entity is taken to comply with the matter mentioned in paragraph 30(2)(a) of the Act if:

(a) the reporting entity monitors its customers in relation to the provision of its designated services for unusual transactions and behaviours that may give rise to a suspicious matter reporting obligation because of the operation of paragraphs 41(1)(d) to (j) of the Act (other than subparagraph 41(1)(f)(iii)); and

(b) the reporting entity monitors its customers in relation to the provision of its designated services for unusual transactions and behaviours that may give rise to a suspicious matter reporting obligation because of the operation of subparagraph 41(1)(f)(iii) of the Act in relation to an offence against the Act, the regulations, or a law of the Commonwealth or of a State or Territory of any of the following kinds:

(i) money laundering;

(ii) financing of terrorism;

(iii) proliferation financing and other offences relating to the breach of sanctions;

(iv) participation in organised crime or racketeering;

(v) terrorism;

(vi) human trafficking or people smuggling;

(vii) sexual exploitation (including exploitation of children);

(viii) trafficking of illicit substances;

(ix) arms trafficking;

(x) other goods trafficking (including stolen goods);

(xi) corruption;

(xii) bribery;

(xiii) counterfeiting currency;

(xiv) fraud (including identity theft and scams);

(xv) counterfeiting or piracy of products;

(xvi) crimes relating to taxation;

(xvii) extortion;

(xviii) forgery;

(xix) piracy;

(xx) insider trading and market manipulation;

(xxi) environmental crime;

(xxii) robbery or theft;

(xxiii) kidnapping, illegal restraint or taking hostages;

(xxiv) smuggling (including offences in relation to customs and excise);

(xxv) murder or grievous bodily harm;

(xxvi) cybercrime;

(xxvii) any other kind of offence that the reporting entity has identified in its AML/CTF program as presenting a high risk in relation to the occurrence of money laundering.

Note: Subparagraph 41(1)(f)(iii) of the Act refers to the reporting entity suspecting on reasonable grounds that information it has may be relevant to investigation of, or prosecution of a person for, an offence against a law of the Commonwealth or of a State or Territory.

Division 12—Keep open notices

6‑36 Senior member of agency—superintendent

For the purposes of subparagraph 39B(3)(c)(iii) of the Act, the position of superintendent of either of the following is prescribed:

(a) the Australian Federal Police;

(b) the police force or police service of a State or the Northern Territory.

6‑37 Prescribed agencies

For the purposes of paragraph 39B(4)(g) of the Act, the following Commonwealth, State or Territory agencies are prescribed:

(a) the Independent Broad‑based Anti‑corruption Commission of Victoria;

(b) the Crime and Corruption Commission of Queensland.

6‑38 Form of keep open notice

For the purposes of paragraph 39B(5)(a) of the Act, Form 1 in Schedule 1 to this instrument is prescribed as the form for a keep open notice.

6‑39 Information and documents required to be contained in or to accompany keep open notice

(1) For the purposes of paragraph 39B(5)(b) of the Act, this section sets out the information required to be contained in, and the documents required to accompany, a keep open notice issued by a senior member of an agency mentioned in subsection 39B(3) of the Act to a reporting entity.

(2) The keep open notice must contain the following information:

(a) the name of the agency;

(b) the senior member’s full name and position;

(d) for each customer in relation to whom the keep open notice is issued:

(i) the customer’s full name; and

(ii) the customer’s date of birth, or an ACN or ABN of the customer (if known); and

(iii) any other known details of the customer that the senior member considers are necessary to provide to assist the reporting entity to identify the customer;

(e) a day specified for the purposes of paragraph 39B(6)(a) of the Act as the day on which the notice commences;

(f) a declaration by the senior member stating that the senior member reasonably believes that the provision of a designated service by the reporting entity to the customer or customers would assist in the investigation by the agency of a serious offence.

Note: For subparagraph (d)(iii), details that may assist the reporting entity to identify the customer could include:

(a) the customer’s address; and

(b) bank account details of the customer; and

(3) The keep open notice must be accompanied by any documents that the senior member considers are necessary to provide to assist the reporting entity to identify the customer or customers.

6‑40 Extension notices

For the purposes of subsection 39B(7) of the Act, Form 2 in Schedule 1 to this instrument is prescribed as the form for an extension notice.

6‑41 Further extension application

For the purposes of paragraph 39B(8)(b) of the Act, Form 3 in Schedule 1 to this instrument is prescribed as the form for an application to the AUSTRAC CEO for a notice under paragraph 39B(8)(d).

Division 13—Transitional

6‑42 Initial customer due diligence—previous carrying out of applicable customer identification procedure

For the purposes of paragraph 28(6)(b) of the Act, a reporting entity is taken to have established on reasonable grounds each of the matters mentioned in subsection 28(2) in relation to a customer if the reporting entity had, before 31 March 2026, carried out the applicable customer identification procedure (within the meaning of the Act as in force immediately before that date) in respect of the customer or in respect of the trustee of the customer.

6‑43 Initial customer due diligence—service provided in a foreign country

(a) a designated service is proposed to be provided by the reporting entity to the customer at or through a permanent establishment of the reporting entity in a foreign country; and

(b) the reporting entity had, before 31 March 2026, complied with the laws of that country giving effect to the FATF Recommendations relating to customer due diligence and record‑keeping in relation to that customer.

Part 7—Correspondent banking

Division 1—Due diligence assessment for entry into correspondent banking relationship

7‑1 Requirements for due diligence assessment

(1) For the purposes of paragraph 96(1)(a) of the Act, this section sets out requirements for the due diligence assessment to be carried out by a financial institution (the correspondent) in relation to an entry into a correspondent banking relationship with another financial institution (the respondent) that will involve a vostro account.

(2) The due diligence assessment required to be carried out is an assessment of the risks of money laundering, financing of terrorism, proliferation financing and other serious crimes associated with the entry into the correspondent banking relationship.

(3) In carrying out the due diligence assessment, the correspondent must consider the following matters:

(a) the ownership, control and management structures of:

(i) the respondent; and

(ii) the ultimate parent of the respondent (if any);

(b) the nature, size and complexity of the respondent’s business, including:

(i) the products and services offered by the respondent, and the delivery channels by which it provides services; and

(ii) the kinds of customers that the respondent has; and

(iii) the kinds of transactions that would be carried out on behalf of the respondent’s customers as part of the correspondent banking relationship and the services that would be provided to the respondent’s customers that relate to such transactions;

(i) in which the respondent operates or of which it is a resident; and

(ii) if the ultimate parent of the respondent (if any) has group‑wide anti‑money laundering and counter‑terrorism financing systems and controls, and the respondent operates within the requirements of those controls—in which the ultimate parent operates or of which it is a resident;

(d) the existence and quality of any anti‑money laundering and counter‑terrorism financing regulation and supervision in the country or countries identified under paragraph (c) and the respondent’s compliance practices in relation to those regulations;

(e) the appropriateness of the respondent’s anti‑money laundering and counter‑terrorism financing policies, procedures, systems and controls;

(f) publicly available information relating to the reputation of the respondent and the members (if any) of the business group of which the respondent is a member that are a remitter, virtual asset service provider or financial institution, including whether the respondent or any of those members has been the subject of:

(i) a regulatory investigation relating to implementation of anti‑money laundering, counter‑terrorism financing or sanctions obligations; or

(ii) adverse regulatory action relating to implementation of anti‑money laundering, counter‑terrorism financing or sanctions obligations; or

(iii) an investigation or criminal or civil proceedings relating to money laundering, financing of terrorism or other serious crimes;

(g) if the correspondent is to maintain vostro accounts that can be accessed directly by the customers of the respondent (payable‑through accounts)—whether the respondent:

(i) would undertake initial customer due diligence and ongoing customer due diligence in relation to those customers; and

(ii) would be able to provide to the correspondent, on request, information collected when the respondent undertakes initial customer due diligence and ongoing customer due diligence in relation to those customers and the reliable and independent data used to verify the information.

7‑2 Matters to which a senior officer must have regard before giving approval

(1) For the purposes of paragraph 96(1)(b) of the Act, this section sets out the matters that a senior officer of a financial institution (the correspondent) must have regard to before approving the entry by the correspondent into a correspondent banking relationship with another financial institution (the respondent) that will involve a vostro account.

(2) The senior officer must have regard to:

(a) the risks of money laundering, financing of terrorism, proliferation financing and other serious crimes assessed in the written record of the due diligence assessment carried out in relation to the entry into the correspondent banking relationship; and

(b) the appropriateness of the correspondent’s AML/CTF program to manage and mitigate those risks.

(3) If the correspondent is to maintain payable‑through accounts, the senior officer must also have regard to the following:

(a) whether the senior officer is satisfied that the respondent will undertake initial customer due diligence and ongoing customer due diligence in relation to customers that have access to the payable‑through accounts;

(b) whether the senior officer is satisfied that the respondent would be able to provide the correspondent, on request, information collected when the respondent undertakes initial customer due diligence and ongoing customer due diligence in relation to the customers that have access to the payable‑through accounts and the reliable and independent data used to verify the information.

Division 2—Requirements for ongoing due diligence assessments

7‑3 Requirements for ongoing due diligence assessments

(1) For the purposes of paragraph 96(3)(a) of the Act, this section sets out the requirements for the due diligence assessments that a financial institution (the correspondent) must carry out if it is in a correspondent banking relationship with another financial institution (the respondent) that involves a vostro account.

(2) The due diligence assessments required to be carried out are assessments of the risks of money laundering, financing of terrorism, proliferation financing and other serious crimes associated with the correspondent banking relationship.

(3) In carrying out the due diligence assessments, the correspondent must consider the matters set out in paragraphs 7‑1(3)(a) to (g).

Note: Paragraphs 7‑1(3)(a) to (g) set out matters that the correspondent must consider in carrying out a due diligence assessment in relation to an entry into a correspondent banking relationship with the respondent that will involve a vostro account.

7‑4 Timing of ongoing due diligence assessments

(1) For the purposes of paragraph 96(3)(b) of the Act, this section sets out when a financial institution (the correspondent) must carry out due diligence assessments if it is in a correspondent banking relationship with another financial institution that involves a vostro account.

(2) The correspondent must carry out due diligence assessments:

(a) at times determined appropriate by the correspondent, based on consideration of:

(i) the level of risk of money laundering, financing of terrorism, proliferation financing and other serious crimes associated with the correspondent banking relationship; and

(ii) any material change in respect of those risks; and

(b) in any event—at least every 2 years.

Part 8—Transfers of value

Division 1—Ordering institutions and beneficiary institutions

8‑1 Determination of who is an ordering institution

(1) For the purposes of subsection 63A(1) of the Act, this section provides for the determination of whether a person is an ordering institution.

Note: Subsection 63A(4) of the Act sets out circumstances in which a person is not an ordering institution.

(2) A person is an ordering institution if:

(a) the person accepts an instruction for a transfer of value on behalf of a payer; and

(b) the person does so in the course of carrying on a business.

(3) Circumstances in which a person may be an ordering institution under subsection (2) of this section include the following:

(a) the person receives, from the payer or a person acting on behalf of the payer, the value that is to be transferred;

(b) the person holds the value to be transferred in an account provided to the payer or otherwise on deposit from the payer (including in a virtual asset wallet);

(c) the person is authorised under an arrangement with the payer to transfer the value from a third‑party deposit‑taker or credit provider;

(d) the person arranges for the transfer of value from the payer under an offsetting arrangement with the beneficiary institution.

(4) To avoid doubt, subsection (3) does not affect the requirement for a person to satisfy subsection (2) to be an ordering institution.

8‑2 Determination of who is a beneficiary institution

(1) For the purposes of subsection 63A(5) of the Act, this section provides for the determination of whether a person is a beneficiary institution.

Note: Subsection 63A(8) of the Act sets out circumstances in which a person is not a beneficiary institution.

(2) A person is a beneficiary institution if:

(a) the person, in relation to a transfer of value, makes the value transferred available to a payee; and

(b) the person does so in the course of carrying on a business.

(3) Circumstances in which a person may be a beneficiary institution under subsection (2) of this section include the following:

(a) the person makes the transferred value available to the payee directly, or to a person acting on behalf of the payee;

(b) the person makes the transferred value available to the payee by depositing the value into an account held by the payee with the person (including in a virtual asset wallet), or otherwise holding the value on deposit for the payee;

(c) the person makes the transferred value available to the payee, under an arrangement with the payee, by depositing the value with a third‑party deposit‑taker or credit provider;

(d) the person arranges for the transferred value to be made available to the payee under an offsetting arrangement with the ordering institution.

(4) To avoid doubt, subsection (3) does not affect the requirement for a person to satisfy subsection (2) to be a beneficiary institution.

Division 2—Transfers of value

8‑3 Obligations of ordering institutions—collecting, verifying and passing on information

If the circumstances mentioned in column 1 of an item in the following table apply in relation to a transfer of value:

(a) for the purposes of paragraph 64(2)(a) of the Act, the information that the ordering institution must collect is such information as is set out in column 2 of the item; and

(b) for the purposes of paragraph 64(2)(b) of the Act, the ordering institution must verify such information as is set out in column 3 of the item in accordance with sections 28 and 30 of the Act (as applicable); and

(c) for the purposes of subsection 64(3) of the Act, the information that the ordering institution must pass on to the next institution in the value transfer chain is such information as is set out in column 4 of the item.

Obligations of ordering institutions—collecting, verifying and passing on information
Item	Column 1	Column 2	Column 3	Column 4
	Circumstances	Information to be collected	Information to be verified	Information to be passed on
1	none of the circumstances mentioned in items 2 to 7 apply	(a) payer information; and (b) the payee’s full name	payer information	(a) payer information; and (b) the payee’s full name; and (c) tracing information
2	(a) the transfer of value is a domestic transfer of value; and (b) the ordering institution passes on the transfer message for the transfer of value through BECS, BPAY or DEFT	(a) payer information; and (b) the payee’s full name	payer information	tracing information
3	(a) the transfer message for the transfer of value contains information relating to multiple transfers of value from a payer; and (b) the circumstances mentioned in item 2 do not apply	(a) payer information; and (b) the payee’s full name	payer information	(a) payer information; and (b) for each transfer of value in the transfer message: (i) the payee’s full name; and (ii) tracing information
4	the transfer of value is a merchant payment	not applicable	not applicable	card number of the card the payer used in relation to the merchant payment
5	the transfer of value is a refund of a merchant payment	not applicable	not applicable	card number of the card the payer used in relation to the merchant payment that is refunded
6	the instruction for the transfer of value is given by the use of an ATM	the payer’s full name	the payer’s full name	card number of the card the payer used in relation to the withdrawal
7	the value is being transferred to a self‑hosted virtual asset wallet	(a) payer information; and (b) the payee’s full name	payer information	not applicable

Note 1: For columns 2 and 3 of items 4 and 5 of the table, subsection 8‑8(5) provides that paragraphs 64(2)(a) and (b) of the Act do not apply to a transfer of value that is a merchant payment.

Note 2: For column 4 of item 7 of the table, subsection 8‑8(6) provides that subsection 64(2)(b) of the Act does not apply to a transfer of value if the value is being transferred to a self‑hosted virtual asset wallet.

Note 3: Obligations on reporting entities also arise under sections 28 (initial customer due diligence) and 30 (ongoing customer due diligence) of the Act.

8‑4 Obligations of beneficiary institutions—monitoring for receipt of information

For the purposes of paragraph 65(2)(a) of the Act, if the circumstances mentioned in column 1 of an item of the following table apply in relation to a transfer of value, the information that the beneficiary institution must take reasonable steps to monitor whether it has received is such information relating to the transfer of value as is set out in column 2 of the item.

Obligations of beneficiary institutions—monitoring for receipt of information
Item	Colum 1	Column 2
	Circumstances	Information to monitor
1	none of the circumstances mentioned in items 2 to 8 apply	(a) payer information; and (b) the payee’s full name; and (c) tracing information
2	(a) the transfer of value is a domestic transfer of value; and (b) the beneficiary institution receives the transfer message for the transfer of value through BECS, BPAY or DEFT	tracing information
3	(a) the transfer message for the transfer of value contains information relating to multiple transfers of value from a payer; and (b) the circumstances mentioned in item 2 do not apply	(a) payer information; and (b) for each transfer of value in the transfer message: (i) the payee’s full name; and (ii) tracing information
4	the transfer of value is a merchant payment	card number of the card the payer used in relation to the merchant payment
5	the transfer of value is a refund of a merchant payment	card number of the card the payer used in relation to the merchant payment that is refunded
6	the instruction for the transfer of value is given by the use of an ATM	card number of the card the payer used in relation to the withdrawal
7	(a) the value being transferred is money; and (b) the money is in a foreign country and, as a result of the provision of an international value transfer service, the money will be in Australia; and (c) the beneficiary institution receives the transfer message for the transfer of value through BECS	tracing information
8	the value is transferred from a self‑hosted virtual asset wallet	(a) payer information; and (b) the payee’s full name; and (c) tracing information

8‑5 Obligations of intermediary institutions—monitoring for receipt of information and passing on information

If the circumstances mentioned in column 1 of an item in the following table apply in relation to a transfer of value:

(a) for the purposes of subsection 66(2) of the Act, the information that an intermediary institution must take reasonable steps to monitor whether it has received is such information relating to the transfer of value as is set out in column 2 of the item; and

(b) for the purposes of paragraph 66(4)(a) of the Act, the information the intermediary institution must include is such information set out in column 3 of the item as is received from the previous institution in the value transfer chain.

Obligations of intermediary institutions—monitoring for receipt of information and passing on information
Item	Column 1	Column 2	Column 3
	Circumstances	Information to monitor	Information to pass on
1	none of the circumstances mentioned in items 2 to 7 apply	(a) payer information; and (b) the payee’s full name; and (c) tracing information	(a) payer information, and (b) the payee’s full name; and (c) tracing information
2	(a) the transfer of value is a domestic transfer of value; and (b) the transfer message for the transfer of value is passed on through BECS, BPAY or DEFT	tracing information	tracing information
3	(a) the transfer message for the transfer of value contains information relating to multiple transfers of value from a payer; and (b) the circumstances mentioned in item 2 do not apply	(a) payer information, and (b) for each transfer of value in the transfer message: (i) the payee’s full name; and (ii) tracing information	(a) payer information, and (b) for each transfer of value in the transfer message: (i) the payee’s full name; and (ii) tracing information
4	the transfer of value is a merchant payment	card number of the card the payer used in relation to the merchant payment	card number of the card the payer used in relation to the merchant payment
5	the transfer of value is a refund of a merchant payment	card number of the card the payer used in relation to the merchant payment that is refunded	card number of the card the payer used in relation to the merchant payment that is refunded
6	the instruction for the transfer of value is given by the use of an ATM	card number of the card the payer used in relation to the withdrawal	card number of the card the payer used in relation to the withdrawal
7	(a) the value being transferred is money; and (b) the money is in a foreign country and, as a result of the provision of an international value transfer service, the money will be in Australia; and (c) the intermediary institution passes on the transfer message for the transfer of value through BECS	(a) payer information; and (b) the payee’s full name; and (c) tracing information	tracing information

8‑6 Payment transparency—transition to revised FATF Recommendations

(1) In complying with an obligation in relation to payer information under section 8‑3, 8‑4 or 8‑5, a reporting entity may do so using all of the following information in to relation the payer:

(a) the payer’s full name;

(b) if the payer is a body corporate—a unique identifier for the payer (if any);

(d) the payer’s full business or residential address (not being a post box).

(2) A reporting entity that uses subsection (1) must, in complying with an obligation to provide the payee’s full name under section 8‑3, 8‑4 or 8‑5, collect, verify, pass on or monitor (as applicable) the following information:

(a) the payee’s full name;

(b) if the payee is an individual:

(i) the town or locality in which the payee ordinarily resides; and

(ii) the country in which the payee ordinarily resides;

(i) the town or locality of the payee’s place of business or operations; and

(ii) the country of the payee’s place of business or operations; and

(iii) a unique identifier for the payee (if any).

Note: This section relates to payer information and the obligation to provide the payee’s full name only. It does not affect an obligation on a reporting entity to collect, verify, pass on or monitor other information specified in section 8‑3, 8‑4 or 8‑5 (such as tracing information).

Division 3—Exemptions from obligations relating to transfers of value

8‑7 Exemptions—designated services provided at or through foreign permanent establishments

(1) This section is made for the purposes of paragraph 67(1)(a) of the Act.

Designated services provided at or through foreign permanent establishments

(2) Part 5 of the Act does not apply to a designated service if:

(a) the service is covered by item 29, 30 or 31 of table 1 in section 6 of the Act; and

(b) the service relates to a transfer of money or property (but not a virtual asset); and

(d) the service is provided in accordance with a law of the foreign country that give effect to the FATF Recommendations that apply in the place where the permanent establishment is located; and

(e) either:

(i) the value to be transferred is in a foreign country that is a Member State of the European Economic Area and, as a result of the provision of the service, the value will be in a foreign country that is a Member State of the European Economic Area; or

(ii) in any other case—the value to be transferred is in a foreign country and, as a result of the provision of the service, the value will be in that foreign country.

8‑8 Exemptions—transfers of value occurring in specified circumstances

(1) This section is made for the purposes of paragraph 67(1)(b) of the Act.

Inter‑financial institution transfers

(2) Part 5 of the Act does not apply to a transfer of value if the payer and the payee are:

(a) financial institutions; and

(b) acting on their own behalf.

(3) Part 5 of the Act does not apply to a transfer of value if:

(a) the transfer message for the transfer of value is sent using the Society for Worldwide Interbank Financial Telecommunication payment delivery system; and

(b) the payer and the payee are:

(i) Supervised Financial Institutions within the meaning of the document titled SWIFT Corporate Rules, published by the Society for Worldwide Interbank Financial Telecommunication, as that document exists at the commencement of this instrument; and

(ii) acting on their own behalf.

Note: The SWIFT Corporate Rules could in 2025 be viewed on the Society for Worldwide Interbank Financial Telecommunication website (https://www.swift.com).

Cheques

(4) Part 5 of the Act does not apply to a transfer of value if:

(a) the instruction for the transfer of value is given to the ordering institution by way of a cheque; and

(b) the cheque is drawn on the ordering institution.

Merchant payments—ordering institution obligations

(5) Paragraphs 64(2)(a) and (b) and (5)(a) of the Act do not apply to a transfer of value if the transfer of value is:

(a) a merchant payment; or

(b) a refund of a merchant payment.

Pre‑commencement customers—ordering institution obligations

(6) Paragraph 64(2)(b) of the Act does not apply to a transfer of value if:

(a) a reporting entity provides a designated service covered by item 29 of table 1 in section 6 of the Act, as an ordering institution for the transfer of value; and

(b) the reporting entity provides the service to a pre‑commencement customer; and

(c) there are no reasonable grounds for the reporting entity to doubt the adequacy or veracity of the payer information in relation to the transfer of value.

Certain existing customers—ordering institution obligations

(7) Paragraph 64(2)(b) of the Act does not apply to a transfer of value if:

(a) a reporting entity provides a designated service covered by item 29 of table 1 in section 6 of the Act, as an ordering institution for the transfer of value; and

(b) the reporting entity provides the service to a customer to whom section 6‑42 or 6‑43 applies; and

(d) there are no reasonable grounds for the reporting entity to doubt the adequacy or veracity of the payer information in relation to the transfer of value.

Transfers to a self‑hosted virtual asset wallet

(8) Subsection 64(3) of the Act and paragraph 64(5)(b) of the Act do not apply to a transfer of value if the value is being transferred to a self‑hosted virtual asset wallet.

Division 4—International value transfer services

8‑9 When value is in a country

For the purposes of subsection 45(2) of the Act, each of the following is a circumstance in which value, in relation to a transfer of value, is in a country:

(a) the payer provides the value to the ordering institution at or through a permanent establishment of the ordering institution in the country;

(b) the ordering institution holds the value to be transferred in an account provided to the payer or otherwise on deposit for the payer (including in a virtual asset wallet) at or through a permanent establishment of the ordering institution in the country;

(c) the ordering institution is authorised under an arrangement with the payer to transfer the value from another person at or through a permanent establishment of the other person in the country;

(d) the ordering institution or beneficiary institution initiates an offsetting arrangement that includes transferring the value within the country;

(e) the beneficiary institution makes the value available to the payee:

(i) at or through a permanent establishment of the beneficiary institution in the country; or

(ii) by depositing the value with a person at or through a permanent establishment of the person in the country; or

(iii) by depositing the value into an account held by the payee with the beneficiary institution or otherwise holding the value on deposit for the payee (including in a virtual asset wallet) at or through a permanent establishment of the beneficiary institution in the country.

Part 9—Reporting

Division 1—Reports of suspicious matters

9‑1 Purpose of this Division

For the purposes of paragraph 41(3)(b) of the Act, this Division sets out the information that must be contained in a report under subsection 41(2) of the Act in relation to a suspicious matter reporting obligation that has arisen for a reporting entity in relation to a person.

Note: There are transitional arrangements relating to reports of suspicious matters (see sections 12‑1 and 12‑2 of this instrument).

9‑2 Reports of suspicious matters—general information

(1) The report must contain the following information:

(a) the reporting entity’s full name and the identifier assigned to the entity by AUSTRAC;

(b) the date the report is given to the AUSTRAC CEO;

(d) whether paragraph 41(2)(aa) of the Act (which deals with the timeframe for giving a report in certain circumstances relating to legal professional privilege) applies in relation to the report;

(e) if the reporting entity considers that a report it has previously given to the AUSTRAC CEO under the Act (the previous report) is relevant to the matter—the following information about the previous report:

(i) the date the previous report was given to the AUSTRAC CEO;

(ii) the identifier given to the previous report by AUSTRAC (if any).

Information about the individual completing the report

(2) The report must contain the following information about the individual completing the report:

(a) the individual’s full name;

(b) the individual’s position with the reporting entity;

Information about an individual with information about the formation of the suspicion

(3) The report must contain the following information about an individual who can provide information about the reporting entity forming the suspicion mentioned in any of paragraphs 41(1)(d) to (j) of the Act that apply to the matter:

(a) the individual’s full name;

(b) the individual’s position with the reporting entity;

Information about report to Commonwealth, State or Territory agencies

(4) If the matter has been reported to a Commonwealth, State or Territory agency, the report must include the following information:

(a) the name of the agency;

(b) the part of, or unit in, the agency the matter was reported to (to the extent that the information is known);

(d) the full name and contact details of an individual at the agency who can be contacted in relation to the report made to the agency (to the extent that the information is known, and subject to the agency’s requirements about disclosure of these details);

(e) a description of the information about the matter provided to the agency;

(f) the date the matter was reported to the agency.

9‑3 Reports of suspicious matters—information about persons

Reportable information—individuals

(1) A reference in this section to reportable information means, in relation to an individual, the following information:

(a) the individual’s full name;

(b) any other names the individual is commonly known by (such as an Anglicised name, former name or business name);

(d) the individual’s gender;

(e) the country or countries of which the individual is a citizen;

(f) the country or countries the individual is treated as being a resident of for the purposes of that country’s tax laws;

(g) the individual’s residential address;

(h) the individual’s postal addresses;

(i) if the individual is a sole trader—the individual’s business addresses;

(j) the individual’s telephone number;

(k) the individual’s email address;

(l) information on the individual’s occupation, business or principal activity;

(m) a unique identifier for the individual;

(n) a description of the reliable and independent data, if any, used by the reporting entity to verify KYC information relating to the individual in accordance with paragraph 28(3)(d) of the Act;

(o) a reference number, if any, associated with the individual provided by an accredited entity (within the meaning of the Digital ID Act 2024) in the course of verifying KYC information relating to the individual in accordance with paragraph 28(3)(d) of the Act;

(p) if the individual’s identity cannot be established by the reporting entity—the following information:

(i) a description of the individual;

(ii) whether any still or moving image or any recording of the individual is held by the reporting entity.

Reportable information—non‑individuals

(2) A reference in this section to reportable information means, in relation to a person who is not an individual, the following information:

(a) the person’s full name;

(b) other names used by the person (such as a former name or business name);

(d) the country or countries the person is treated as being a resident of for the purposes of that country’s tax laws;

(e) the address of the person’s registered office;

(f) the address at which the person’s business or principal activity is conducted;

(g) the person’s postal address;

(h) the person’s telephone number;

(i) the person’s email address;

(j) information on the person’s business or principal activity;

(k) information about the legal form of the person (such as a partnership, company or trust);

(l) the details of the person’s beneficial owners;

(m) if the person is a body corporate—the full name and, if applicable, director identification number of the individual, or each member of the group of individuals, with primary responsibility for the governance and executive decisions of the body corporate;

(n) if the person is an express trust, the following information:

(i) the kind of trust (such as discretionary trust, bare trust or unit trust);

(ii) the details of the trustee;

(iii) the details of any settlor, appointor, guardian or protector of the trust;

(iv) for a trust with no more than 10 identifiable beneficiaries—the details of the beneficiaries of the trust;

(v) for a trust with more than 10 beneficiaries—a description of each type or class of beneficiary;

(o) a unique identifier for the person;

(p) a description of the reliable and independent data, if any, used by the reporting entity to verify KYC information relating to the person in accordance with paragraph 28(3)(d) of the Act.

Content of suspicious matter reports

(3) The report must contain the following information, to the extent it is applicable and known to the reporting entity:

(a) reportable information about the person in relation to whom the suspicious matter reporting obligation arose for the reporting entity;

(b) information on the person’s involvement in the matter.

(4) If the report is required to contain the details of another person (for example, a beneficial owner or trust) as part of the reportable information under subsection (1) or (2), then the report must also contain:

(a) reportable information about that other person; and

(b) if the application of paragraph (a) requires the report to contain the details of any other individual or non‑individual—reportable information about that other individual or non‑individual.

Information about involved persons

(5) Each of the following persons is an involved person in relation to the provision of a designated service for the purposes of subsections (6) and (7):

(a) a person (other than the person in relation to whom the suspicious matter reporting obligation arose) who is involved in facilitating, funding, contributing to, or benefitting from, the matter the subject of the report;

(b) a person who is adversely affected or impacted by the matter;

(d) a person acting on behalf of the customer in relation to the designated service.

(6) The report must contain reportable information about the involved person to the extent that:

(a) the information is applicable and known to the reporting entity; and

(b) the information has not already been reported under subsection (3) or (4).

(7) The report must also contain, to the extent it is known to the reporting entity, a description of the relationship between the involved person and the person in relation to whom the suspicious matter reporting obligation arose.

9‑4 Reports of suspicious matters—information about the matter

(1) The report must contain the following information about the matter:

(a) a description of the circumstances in paragraphs 41(1)(a) to (c) of the Act that apply to the matter;

(b) a description of the conditions in paragraphs 41(1)(d) to (j) of the Act that are satisfied in respect of the matter, and how those conditions relate to the persons about whom information is included in the report;

(i) if paragraph 41(1)(a) of the Act applies in relation to the matter—the date and time the reporting entity commenced to provide, or proposed to provide, the designated service to the first person;

(ii) if paragraph 41(1)(b) of the Act applies in relation to the matter—the date and time the first person requested the reporting entity to provide the designated service to the first person;

(iii) if paragraph 41(1)(c) of the Act applies in relation to the matter—the date and time the first person inquired of the reporting entity whether the reporting entity would be willing or prepared to provide the designated service to the first person;

(d) if the conditions in subparagraph 41(1)(f)(iii) of the Act are satisfied in respect of the matter—information on the offence against a law of the Commonwealth or of a State or Territory that is relevant to the matter;

(e) any addresses or locations that are relevant to the matter;

(f) the reporting entity’s reference number relating to the provision or proposed provision of the designated service to which the matter relates.

Information about designated services

(2) The report must contain a description of each designated service that relates to the matter.

Information about an account

(3) If the matter involves an account provided by the reporting entity or another person, the report must contain the following information about the account (as applicable and to the extent that the information is known):

(a) the full name of the person providing the account;

(b) the information about the account holder that would be required under subsection 9‑3(3) if the account holder were the person in relation to whom the suspicious matter reporting obligation arose;

(d) the unique identification details assigned to the account (such as the BSB and account number);

(e) for each signatory to whom the matter relates—the information that would be required under subsection 9‑3(3) if the signatory were the person in relation to whom the suspicious matter reporting obligation arose;

(f) the full name of the other signatories to the account or, if there are more than 10 signatories, a description of each type or class of signatory;

(f) the date the account was opened;

(g) the balance of the account on dates relevant to the matter.

Information about transactions

(4) If the matter involves transactions, the report must contain the following information about each transaction (as applicable and to the extent that the information is known):

(a) a description of the transaction;

(b) the value associated with the transaction (in Australian dollars or a foreign currency, as appropriate);

(c) if the transaction involved foreign currency—the kind and amount of the foreign currency involved and the exchange rate used;

(d) if the transaction involves products or instruments—the following information:

(i) a description of the products or instruments;

(ii) the value of the products or instruments (in Australian dollars or a foreign currency, as appropriate);

(iii) for each payer or transferor of the products or instruments—the information that would be required under subsection 9‑3(3) if the payer or transferor were the person in relation to whom the suspicious matter reporting obligation arose;

(vi) where the issuer of the products or instruments is not the reporting entity—the full name of the issuer and the address or location where the products or instruments were issued;

(e) for each payee, transferee or beneficiary of the transaction—the information that would be required under subsection 9‑3(3) if that person were the person in relation to whom the suspicious matter reporting obligation arose;

(f) the date and time when the transaction took place;

(g) if the transaction is a transfer of value—the following information:

(i) the value of the money, virtual assets or property that is the subject of the transfer of value (in Australian dollars or a foreign currency, as appropriate);

(ii) a unique transaction reference number.

Note: Examples of products and instruments include the following:

(a) a cheque or travellers cheque;

(b) a stored value card;

(d) a gaming chip or token.

Information about transfers of property

(5) If the matter involves a transfer of property, the report must contain the following information about the transfer (as applicable and to the extent that the information is known):

(a) any unique reference number applicable to the transfer provided by the reporting entity or another person;

(b) the value of the property (in Australian dollars or a foreign currency, as appropriate);

(c) for each person involved in the transfer—the information that would be required under subsection 9‑3(3) if the person were the person in relation to whom the suspicious matter reporting obligation arose;

(d) details of the property, including any unique identification details for the property.

Note: Examples of unique identification details include:

(a) for real estate—the plan and lot numbers for the real estate; and

(b) for bullion—the serial number on the bullion.

Information about virtual assets

(6) If the matter involves virtual assets, the report must contain the following information about the virtual assets (as applicable and to the extent that the information is known):

(a) information on the kind of virtual assets, including details of the backing asset (if any);

(b) the full name of any person who controls, or controlled, the virtual asset (including a decentralised autonomous organisation, if applicable);

(d) the number of virtual asset units;

(e) the value of the virtual assets in Australian dollars;

(f) the exchange rate used in determining the value;

(g) the unique transaction reference number, including a transaction hash;

(h) any virtual asset wallet addresses, including destination tags or memo details.

Information about another person providing a designated service

(7) If a person other than the reporting entity provided or proposed to provide a designated service that relates to the matter, the report must contain the following information about the person (to the extent that the information is known):

(a) the full name of the person;

(b) the address or location where the person provided or proposed to provide a designated service that relates to the matter;

Information about online activity

(8) If the matter involves online activity by any person involved in the matter, including for the purpose of providing a designated service, the report must contain the following information about the online activity (as applicable and to the extent that the information is known):

(a) unique network identification numbers for the networks used by the person, such as an Internet Protocol (IP) address;

(b) the date and time that online activity was recorded occurring, if different from the date and time when a transaction took place as reported under subsection (4);

(c) unique identification numbers for the relevant devices involved, such as an International Mobile Equipment Identity (IMEI);

(d) a description of the software or application being used by the person;

(e) the full name, and any user name, used by the person for the purposes of the software or application.

Division 2—Reports of threshold transactions

9‑5 Purpose of this Division

For the purposes of paragraph 43(3)(b) of the Act, this Division sets out the information that must be contained in a report made by a reporting entity under subsection 43(2) of the Act in relation to a threshold transaction.

Note: There are transitional arrangements relating to reports of threshold transactions (see sections 12‑3 and 12‑4 of this instrument).

9‑6 Reports of threshold transactions—general information

(1) The report must contain the following information:

(a) the reporting entity’s full name and the identifier assigned to the entity by AUSTRAC;

(b) the date the report is given to the AUSTRAC CEO.

(2) The report must contain the following information about the individual completing the report:

(a) the individual’s full name;

(b) the individual’s position with the reporting entity;

9‑7 Reports of threshold transactions—information about the customer and other persons

Reportable information—individuals

(1) A reference in this section to reportable information means, in relation to an individual, the following information:

(a) the individual’s full name;

(b) any other names the individual is commonly known by (such as an Anglicised name, former name or business name);

(d) the individual’s gender;

(e) the country or countries of which the individual is a citizen;

(f) the country or countries the individual is treated as being a resident of for the purposes of that country’s tax laws.

(g) the individual’s residential address;

(h) the individual’s business addresses and postal addresses;

(i) the individual’s telephone number;

(j) the individual’s email address;

(k) information on the individual’s occupation, business or principal activity;

(l) a unique identifier for the individual;

(m) a description of the reliable and independent data, if any, used by the reporting entity to verify KYC information relating to the individual in accordance with paragraph 28(3)(d) of the Act;

(n) a reference number, if any, associated with the individual provided by an accredited entity (within the meaning of the Digital ID Act 2024) in the course of verifying KYC information relating to the individual in accordance with paragraph 28(3)(d) of the Act.

Reportable information—non‑individuals

(2) A reference to reportable information in this section means, in relation to a person who is not an individual, the following information:

(a) the person’s full name;

(b) other names used by the person (such as a former name or business name);

(d) the country or countries the person is treated as being a resident of for the purposes of that country’s tax laws;

(e) the address of the customer’s registered office;

(f) the address at which the person’s business or principal activity is conducted;

(g) the person’s postal address;

(h) the person’s telephone number;

(i) the person’s email address;

(j) information on the person’s business or principal activity;

(k) information about the legal form of the person (such as a partnership, company or trust);

(l) the details of the person’s beneficial owners;

(n) if the person is an express trust, the following information:

(i) the kind of trust (such as discretionary trust, bare trust or unit trust);

(ii) the details of the trustee;

(iii) the details of any settlor, appointor, guardian or protector of the trust;

(iv) for a trust with no more than 10 identifiable beneficiaries—the details of the beneficiaries of the trust;

(v) for a trust with more than 10 beneficiaries—a description of each type or class of beneficiary;

(o) a unique identifier for the person;

(p) a description of the reliable and independent data, if any, used by the reporting entity to verify KYC information relating to the customer in accordance with paragraph 28(3)(d) of the Act.

Content of threshold transaction reports

(3) The report must contain reportable information, to the extent it is applicable and known to the reporting entity, about the following persons:

(a) the customer to whom the designated service was provided;

(b) the transferor or transferee in the transaction (if different to the customer);

(a) reportable information about that other person; and

Information about other persons acting on behalf of the customer

(5) If the customer was represented in relation to the provision of the designated service by another person authorised to act on behalf of the customer, the report must (subject to subsections (6) and (7)) contain the following information:

(a) a description of the relationship between the person and the customer;

(b) a description of the authority for the person to act on behalf of the customer;

(6) Subsection (5) does not apply if the customer was represented by a person in the following circumstances:

(a) the threshold transaction was a deposit in circumstances where there was no personal contact (such as using an automated teller machine or express deposit facility);

(b) the transaction did not involve a virtual asset;

(c) the person was acting in the course of a business of collecting, holding or delivering physical currency (such as payroll or cash courier services, but not including collection of donations for a registered charity).

(7) If subsection (5) does not apply because the designated service occurred in the circumstances mentioned in subsection (6), the report must contain a statement as to the circumstances of the designated service.

9‑8 Reports of threshold transactions—information about the transaction

Standard information

(1) The report must contain the following information about the threshold transaction:

(a) the date and time when the transaction took place;

(b) the address or location where the transaction took place;

(c) for each person in relation to whom information is reportable under section 9‑7—the person’s role in the transaction (to the extent known);

(d) a description of the purpose of the transaction (to the extent known);

(e) the kind of designated service that was provided and that involved the transaction;

(f) the reporting entity’s reference number relating to the provision of the designated service that involved the transaction (including, but not limited to, a transaction reference number);

(g) the value, in Australian dollars, of the physical currency involved in the transaction;

(h) if the transaction involves foreign currency—the kind and amount of the foreign currency involved and the exchange rate used.

Information about an account

(2) If the threshold transaction involves an account provided by the reporting entity or another person, the report must contain the following information about the account (as applicable and to the extent the information is known):

(a) the full name of the person providing the account;

(b) the full name of each account holder;

(d) the unique identification details assigned to the account (such as the BSB and account number);

(e) the full name of the signatory to the account who is conducting the transaction;

(f) the date the account was opened.

Information about products or instruments

(3) If the threshold transaction involves products or instruments, the report must contain a description of the products or instruments and their value (in Australian dollars or a foreign currency, as appropriate).

Note: Examples of products and instruments include the following:

(a) a cheque or travellers cheque;

(b) a stored value card;

(d) a gaming chip or token.

Information about transfers of property

(4) If the threshold transaction relates to a transfer of property, the report must contain the following information about the transfer (as applicable and to the extent that the information is known):

(a) any unique reference number applicable to the transfer provided by the reporting entity or another person;

(b) the value of the property (in Australian dollars or a foreign currency, as appropriate);

Note: Examples of unique identification details include:

(a) for real estate—the plan and lot numbers for the real estate; and

(b) for bullion—the serial number on the bullion.

Information about virtual assets

(5) If the threshold transaction relates to virtual assets, the report must contain the following information about the virtual assets (as applicable and to the extent that the information is known):

(a) information on the kind of virtual assets, including details of the backing asset (if any);

(b) the full name of any person who controls, or controlled, the virtual asset (including a decentralised autonomous organisation, if applicable);

(d) the number of virtual asset units;

(e) the value of the virtual assets in Australian dollars;

(f) the exchange rate used in determining the value;

(g) the unique transaction reference number, including a transaction hash;

(h) any virtual asset wallet addresses, including destination tags or memo details.

Information about another person providing a designated service

(6) If the threshold transaction relates to a person other than the reporting entity providing a designated service, the report must contain the following information about the person:

(a) the full name of the person;

(b) the address or location where the person was involved in the provision of the designated service;

Information about online activity

(7) If the threshold transaction relates to, or involves, the provision of a designated service online, the report must contain the following information about the online activity (as applicable and to the extent that the information is known):

(a) unique network identification numbers for the networks used by the person, such as an Internet Protocol (IP) address;

(b) the date and time that online activity was recorded occurring, if different from the date and time when the transaction took place as reported under subsection (1);

(c) unique identification numbers for the relevant devices involved, such as an International Mobile Equipment Identity (IMEI);

(d) a description of the software or application being used by the person;

(e) the full name, and any user name, used by the person for the purposes of the software or application.

Division 3—AML/CTF compliance reports

9‑9 Reporting and lodgement periods for AML/CTF compliance reports

For the purposes of section 47 of the Act:

(a) each calendar year is a reporting period; and

(b) the period of 3 months beginning at the end of a reporting period is the lodgement period for that reporting period.

Division 4—Registered remittance affiliates

9‑10 Reporting obligations of registered remittance affiliates

(1) This section is made for the purposes of section 49A of the Act.

Reports of suspicious matters

(2) An obligation imposed by subsection 41(2) of the Act (which deals with reports of suspicious matters) upon a registered remittance affiliate of a registered remittance network provider to give a report may be discharged by the network provider if there is a written agreement between the affiliate and the network provider that provides for the network provider to do so.

Reports of threshold transactions or international funds transfer instructions

(3) An obligation imposed by subsection 43(2) of the Act (which deals with reports of threshold transaction) or subsection 46(2) of the Act (which deals with reports of international funds transfer instructions) upon a registered remittance affiliate of a registered remittance network provider to give a report is taken instead to be an obligation imposed on the network provider.

Division 5—Cross‑border movement reports

9‑11 Purpose of this Division

This Division is made for the purposes of the following provisions of the Act:

(a) paragraph 53(7)(b);

(b) paragraph 53(7)(d);

(d) paragraph 61(1)(b);

(e) paragraph 61(2)(b).

9‑12 Reports about moving monetary instruments into or out of Australia

(1) If a person moves a monetary instrument into or out of Australia, a report under section 53 of the Act (reports about movements of monetary instruments into or out of Australia) must:

(a) contain the information specified in subsection (2) (to the extent the information is known); and

(b) be given in accordance with the applicable timing rule specified in subsection (3).

Note: The report must also be given in the approved form (see paragraph 53(7)(a) of the Act).

(2) For the purposes of paragraph (1)(a), the information is as follows:

(a) if the person is an individual:

(i) the person’s full name; and

(ii) the person’s date and place of birth; and

(iii) the country or countries of which the person is a citizen; and

(iv) the person’s residential address; and

(v) the person’s telephone number; and

(vi) whether the person is an Australian resident; and

(vii) if the person is bringing the monetary instrument into Australia and is not an Australian resident—the person’s address and telephone number while in Australia; and

(viii) the person’s occupation, business or principal activity; and

(ix) the person’s ABN (if any);

(b) if the person is not an individual:

(i) the person’s full name; and

(ii) the person’s business or principal activity; and

(iii) the address at which the person’s business or principal activity is conducted; and

(iv) the person’s telephone number; and

(v) the person’s ABN, ACN and ARBN (as applicable);

(c) if the person is moving the monetary instrument on behalf of another person (the other person)—the following details of the other person:

(i) if the other person is an individual—the details mentioned in subparagraphs (a)(i), (iv), (v), (viii) and (ix);

(ii) if the other person is not an individual—the details mentioned in subparagraphs (b)(i) to (v);

(d) if the person is delivering the monetary instrument to another person (the other person)—the following details of the other person:

(i) if the other person is an individual—the details mentioned in subparagraphs (a)(i), (iv), (v), (viii) and (ix);

(ii) if the other person is not an individual—the details mentioned in subparagraphs (b)(i) to (v);

(e) whether the monetary instrument is being moved into or out of Australia;

(f) the kind of monetary instrument being moved into or out of Australia;

(g) the monetary instrument amount being moved into or out of Australia;

(h) the currency of the monetary instrument being moved into or out of Australia;

(i) if the monetary instrument is a bearer negotiable instrument:

(i) the issuer or drawer of the monetary instrument; and

(ii) the payee, favouree or beneficiary of the monetary instrument; and

(iii) the full name of the bearer of the monetary instrument; and

(iv) the city and country of issue of the monetary instrument; and

(v) any reference numbers of the monetary instrument;

(j) if the person is an individual and is bringing the monetary instrument into Australia or taking the instrument out of Australia:

(i) whether the person is travelling into or out of Australia; and

(ii) the town or city at which the person is entering or leaving Australia; and

(iii) the person’s date of arrival in or departure from Australia; and

(iv) the number and country of issue of the passport on which the person is travelling; and

(v) where practicable—the number of each other passport held by the person and the country of issue for each passport; and

(vi) the number of the flight or name of the vessel on which the person is bringing in or taking out the instrument; and

(vii) if the person is taking the monetary instrument out of Australia—the city and country to which the monetary instrument is being taken; and

(viii) if the person is bringing the monetary instrument into Australia—the city and country from which the monetary instrument is being brought;

(k) if the monetary instrument is being sent into or out of Australia:

(i) the means by which the monetary instrument is being sent; and

(ii) the full name, address and telephone number of the individual or service provider carrying the monetary instrument into or out of Australia; and

(iii) if the monetary instrument is to be shipped—the name of the vessel on which it is to be shipped; and

(iv) the city and country from which the monetary instrument is being sent; and

(v) the city and country to which the monetary instrument is being sent; and

(vi) the date the monetary instrument is being sent;

(l) if the monetary instrument is being sent into or out of Australia—the following details of the person to whom the monetary instrument is being sent:

(i) the person’s full name;

(ii) the person’s telephone number;

(iii) if the person is an individual—the person’s residential address;

(iv) if the person is not an individual—the address at which the person’s business or principal activity is conducted;

(v) if the person is not an individual—the person’s ABN, ACN and ARBN (as applicable);

(m) a declaration that the information provided in the approved form is true and correct.

(3) For the purposes of paragraph (1)(b):

(a) if the person moves a monetary instrument into Australia by bringing the instrument into Australia—the report must be given:

(i) no later than when the person reaches the place at which customs officers examine baggage; or

(ii) if there is no such place, at the first opportunity that the person has to give the report after arrival in Australia; and

(b) if the person moves a monetary instrument into Australia by sending the instrument into Australia—the report must be given before the movement of the instrument takes place; and

(c) if the person moves a monetary instrument out of Australia by taking the instrument out of Australia—the report must be given:

(i) no later than when the person reaches the customs officer who is to examine the person’s passport in relation to the person leaving Australia; or

(ii) if there is no such examination, at any time before the last opportunity that the person has to give the report before leaving Australia; and

(d) if the person (the first person) moves a monetary instrument out of Australia by sending the instrument out of Australia by consignment, either through the post to a place outside Australia or to another person for carriage to a place outside Australia—the report must be given before the time when the instrument is irrevocably committed by the first person to a postal service or to the other person (as the case may be).

9‑13 Reports about receiving monetary instruments moved into Australia

If a person receives a monetary instrument moved into Australia, a report under section 54 of the Act (reports about receipts of monetary instruments moved into Australia) must contain the following information (to the extent the information is known):

(a) if the person is an individual—the details mentioned in subparagraphs 9‑12(2)(a)(i) to (ix);

(b) if the person is not an individual—the details mentioned in subparagraphs 9‑12(2)(b)(i) to (v);

(c) if the person received the monetary instrument on behalf of another person (the other person)—the following details of the other person:

(i) if the other person is an individual—the details mentioned in subparagraphs 9‑12(2)(a)(i), (iv), (v), (viii) and (ix);

(ii) if the other person is not an individual—the details mentioned in subparagraphs 9‑12(2)(b)(i) to (v);

(d) if the person is delivering the monetary instrument to another person (the other person)—the following details of the other person:

(i) if the other person is an individual—the details mentioned in subparagraphs 9‑12(2)(a)(i), (iv), (v), (viii) and (ix);

(ii) if the other person is not an individual—the details mentioned in subparagraphs 9‑12(2)(b)(i) to (v);

(e) the kind of monetary instrument moved into Australia;

(f) the monetary instrument amount moved into Australia;

(g) the currency of the monetary instrument;

(h) if the monetary instrument is a bearer negotiable instrument:

(i) the issuer or drawer of the monetary instrument; and

(ii) the payee, favouree or beneficiary of the monetary instrument; and

(iii) the full name of the bearer of the monetary instrument; and

(iv) the city and country of issue of the monetary instrument; and

(v) any reference numbers of the monetary instrument;

(i) the means by which the monetary instrument was moved into Australia;

(j) the full name of the individual or service provider who moved the monetary instrument into Australia;

(k) if the monetary instrument was sent into Australia—the following details of the person who sent the monetary instrument (the sender) to the person:

(i) the sender’s full name;

(ii) the sender’s telephone number;

(iii) if the sender is an individual—the sender’s residential address;

(iv) if the sender is not an individual—the address at which the sender’s business or principal activity is conducted;

(v) if the sender is not an individual—the sender’s ABN, ACN and ARBN (as applicable);

(l) the city and country from which the monetary instrument was moved;

(m) the city, town or port in which the monetary instrument was received by the person;

(n) the date the monetary instrument was received by the person;

(o) a declaration that the information provided in the approved form is true and correct.

Note: The report must be given in the approved form before the end of 5 business days beginning on the day of receipt (see paragraphs 54(4)(a) and (d) of the Act).

9‑14 Affixing of notices about cross‑border movement reporting obligations

(1) This section applies to a written notice that relates to reporting obligations under Part 4 of the Act (reports about cross‑border movements of monetary instruments).

(2) The written notice:

(a) must be in one of the following forms:

(i) a self‑standing sign;

(ii) a digital or electronic sign;

(iii) a sign in any other material form; and

(b) must contain the following content (with or without the inclusion of any other words):

Australian Government

Australian Transaction Reports and Analysis Centre

Carrying $10,000 or more into or out of Australia?

You must report: cash, traveller’s cheques, cheques, money orders, or other bearer negotiable instruments

These are monetary instruments. By law you must report the movement of monetary instruments if the sum of the monetary instrument amount is AUD$10,000 or more (or foreign currency equivalent). Note there is no limit to the sum of monetary instruments amounts you can carry in and out of Australia.

(3) The written notice may be affixed at:

(a) any port, airport, wharf, or boarding station that is appointed under section 15 of the Customs Act 1901; or

(b) a place to which section 234AA of the Customs Act 1901 applies that is not a place, or a part of a place, referred to in paragraph (a).

Part 10—Secrecy and access

10‑1 Disclosure of AUSTRAC information to foreign countries or agencies

For the purposes of paragraph 127(2)(a) of the Act, the following Commonwealth, State or Territory agencies are prescribed:

(a) the Attorney‑General’s Department;

(b) the Foreign Affairs Department;

(d) that part of the Defence Department known as the Australian Geospatial‑Intelligence Organisation, and includes any part of the Defence Force that performs functions on behalf of that part of the Department;

(e) that part of the Defence Department known as the Defence Intelligence Organisation, and includes any part of the Defence Force that performs functions on behalf of that part of the Department;

(f) the Australian Crime Commission;

(g) the Australian Federal Police;

(h) the Australian Prudential Regulation Authority;

(i) the Australian Secret Intelligence Service;

(j) the Australian Securities and Investments Commission;

(k) the Australian Security Intelligence Organisation;

(l) the Australian Signals Directorate;

(m) the Australian Taxation Office;

(n) the National Anti‑Corruption Commission;

(o) the Office of National Intelligence.

Part 11—Other matters

11‑1 False or misleading information or documents

For the purposes of subparagraphs 136(1)(c)(ii) and 137(1)(c)(ii) of the Act, sections 136 and 137 of the Act (which deal with giving or producing false or misleading information or documents) apply in relation to a provision of this instrument in the following:

(a) Part 3 (enrolment);

(b) Part 4 (registration);

(d) Part 8 (transfers of value);

(e) Part 9 (reporting).

Part 12—Application, saving and transitional provisions

12‑1 Transitional—reports of suspicious matters to be in old form for first 3 months after commencement

(1) Subsections (2) and (3) apply if:

(a) a suspicious matter reporting obligation arises for a reporting entity in relation to a person; and

(b) the reporting entity is required under subsection 41(2) of the Act to give a report about the matter to the AUSTRAC CEO at any time in the period:

(i) beginning at the commencement of this instrument; and

(ii) ending on 30 June 2026.

(2) The report must:

(a) be in the form that was the approved form for the purposes of paragraph 41(3)(a) of the Act immediately before the commencement of this instrument; and

(b) comply with Chapter 18 of the Anti‑Money Laundering and Counter‑Terrorism Financing Rules Instrument 2007 (No. 1), as in force immediately before the commencement of this instrument.

(3) A report that complies with subsection (2) is taken to include the information that must, under Division 1 of Part 9 of this instrument, be contained in a report under subsection 41(2) of the Act in relation to the suspicious matter reporting obligation.

12‑2 Transitional—reports of suspicious matters by entities on Reporting Entities Roll at commencement

(1) Subsection (2) applies if:

(a) at the commencement of this instrument, a reporting entity is entered on the Reporting Entities Roll; and

(b) a suspicious matter reporting obligation arises for the reporting entity in relation to a person; and

(c) the reporting entity gives a report about the matter that complies with Chapter 18 of the Anti‑Money Laundering and Counter‑Terrorism Financing Rules Instrument 2007 (No. 1), as in force immediately before the commencement of this instrument; and

(d) the report is given on or after 1 July 2026 and before the earlier of:

(i) 30 March 2029; or

(ii) the day specified in an instrument made under subsection (3).

(2) The report is taken to include the information that must, under Division 1 of Part 9 of this instrument, be contained in a report under subsection 41(2) of the Act in relation to the suspicious matter reporting obligation.

(3) The AUSTRAC CEO may, by notifiable instrument, specify a day for the purposes of subparagraph (1)(d)(ii).

12‑3 Transitional—reports of threshold transactions to be in old form for first 3 months after commencement

(1) Subsections (2) and (3) apply if:

(a) a reporting entity commences to provide, or provides, a designated service to a customer; and

(b) the provision of the service involves a threshold transaction; and

(c) the reporting entity is required under subsection 43(2) of the Act to give the AUSTRAC CEO a report of the transaction at any time during the period:

(i) beginning at the commencement of this instrument; and

(ii) ending on 30 June 2026.

(2) The report must:

(a) be in the form that was the approved form for the purposes of paragraph 43(3)(a) of the Act immediately before the commencement of this instrument; and

(b) comply with Chapter 19 of the Anti‑Money Laundering and Counter‑Terrorism Financing Rules Instrument 2007 (No. 1), as in force immediately before the commencement of this instrument.

(3) A report that complies with subsection (2) is taken to include the information that must, under Division 2 of Part 9 of this instrument, be contained in a report under subsection 43(2) of the Act in relation to the threshold transaction.

12‑4 Transitional—reports of threshold transactions by entities on Reporting Entities Roll at commencement

(1) Subsection (2) applies if:

(a) at the commencement of this instrument, a reporting entity is entered on the Reporting Entities Roll; and

(b) the reporting entity commences to provide, or provides, a designated service to a customer; and

(d) the reporting entity gives a report about the threshold transaction that complies with Chapter 19 of the Anti‑Money Laundering and Counter‑Terrorism Financing Rules Instrument 2007 (No. 1), as in force immediately before the commencement of this instrument; and

(e) the report is given on or after 1 July 2026 and before the earlier of:

(i) 30 March 2029; or

(ii) the day specified in an instrument made under subsection (3).

(2) The report is taken to include the information that must, under Division 2 of Part 9 of this instrument, be contained in a report under subsection 43(2) of the Act in relation to the threshold transaction.

(3) The AUSTRAC CEO may, by notifiable instrument, specify a day for the purposes of subparagraph (1)(e)(ii).

12‑5 Transitional—keep open notices

(1) Subsections (2) and (3) apply if an exemption granted to a reporting entity in respect of a customer under Chapter 75 of the Anti‑Money Laundering and Counter‑Terrorism Financing Rules Instrument 2007 (No. 1) was in force immediately before the commencement of this instrument.

(2) Subject to subsection (3), the exemption continues in force on and after that commencement, and may be dealt with, as if it were a keep open notice issued under subsection 39B(1) of the Act by a senior member of the eligible agency that requested the exemption.

(3) The exemption continues in force until the earlier of the following:

(a) the expiry of:

(i) the period for which the exemption was granted; or

(ii) if that period was extended under section 75.9 of the Anti‑Money Laundering and Counter‑Terrorism Financing Rules Instrument 2007 (No. 1)—the expiry of that period as extended;

(b) the time the agency that requested the exemption notifies the reporting entity and the AUSTRAC CEO that the relevant investigation has ended.

(4) To avoid doubt, subsections 39B(7) and (8) of the Act (which deal with extensions) apply to an exemption continued in force under this section.

1	This keep open notice (Notice) is issued pursuant to subsection 39B(1) of the Anti‑Money Laundering and Counter‑Terrorism Financing Act 2006 (AML/CTF Act).
2	A senior member of an agency of the kind listed in subsection 39B(3) of the AML/CTF Act reasonably believes that the provision of a designated service by the reporting entity to whom this Notice is issued to the customer(s) specified in this Notice would assist in the investigation by the agency of a serious offence.
3	Pursuant to subsection 39A(2) of the AML/CTF Act, the reporting entity is exempt from section 26G, 28 or 30 of the AML/CTF Act in respect of the provision of a designated service to a customer specified in this Notice to the extent that the reporting entity reasonably believes that compliance with that section would or could reasonably be expected to alert the customer to the existence of a criminal investigation.
4	If the exemption referred to in paragraph 3 applies in relation to the provision by the reporting entity of a designated service to the customer, section 139 of the AML/CTF Act (providing a designated service using a false customer name or customer anonymity) does not apply in relation to the provision by the reporting entity of that designated service to the customer.
5	This Notice remains in force for the period starting on the commencement date specified in this Notice (Commencement Date) and ending on the earlier of the following: (a) the day that is 6 months after the Commencement Date; (b) the day that the agency that issued the Notice notifies the reporting entity and the AUSTRAC CEO that the relevant investigation has ended.
6	The AUSTRAC CEO has been sent a copy of this Notice.
7	This Notice does not compel a reporting entity to provide a designated service to the customer specified in this Notice.
8	A suspicious matter reporting obligation does not arise for a reporting entity in relation to a customer upon the receipt of this Notice. However, a suspicious matter reporting obligation may otherwise arise for the reporting entity in relation to the customer in accordance with section 41 of the AML/CTF Act.

Details of the customer(s) to whom this Notice applies
Full name of customer(s)	Date of birth or Australian Business Number/Australian Company Number (if known)	Additional details of customer(s) to whom this Notice applies (if known)

Details of senior member
Full name
Position
Agency

1	This extension notice is issued pursuant to subsection 39B(7) of the Anti‑Money Laundering and Counter‑Terrorism Financing Act 2006 (AML/CTF Act).
2	This extension notice extends the period that a keep open notice remains in force for a further period of 6 months.
3	This extension notice must be issued to the reporting entity to whom the keep open notice was issued before the expiry of the keep open notice.
4	A senior member of the agency of the kind listed in subsection 39B(3) of the AML/CTF Act reasonably believes that the continued provision of a designated service by the reporting entity to the customer(s) specified in the keep open notice would assist in the investigation by the agency of a serious offence.
5	Pursuant to subsection 39A(2) of the AML/CTF Act, the reporting entity continues to be exempt from section 26G, 28 or 30 of the AML/CTF Act in respect of the continued provision of a designated service to a customer specified in the keep open notice to the extent that the reporting entity reasonably believes that compliance with that section would or could reasonably be expected to alert the customer to the existence of a criminal investigation.
6	If the exemption referred to in paragraph 5 applies in relation to the continued provision by the reporting entity of a designated service to the customer, section 139 of the AML/CTF Act (providing a designated service using a false customer name or customer anonymity) does not apply in relation to the continued provision by the reporting entity of that designated service to the customer.
7	The AUSTRAC CEO has been sent a copy of this extension notice.
8	This extension notice does not compel the reporting entity to continue to provide a designated service to a customer specified in this extension notice.
9	A suspicious matter reporting obligation does not arise for a reporting entity in relation to a customer upon the receipt of this extension notice. However, a suspicious matter reporting obligation may otherwise arise for the reporting entity in relation to the customer in accordance with section 41 of the AML/CTF Act.
10	The period for which the keep open notice remains in force may be extended for a further period of 6 months if a senior member of the issuing agency issues an extension notice under subsection 39B(7) of the AML/CTF Act.

Details of senior member
Full name
Position
Agency

Details of the customer(s) to whom the keep open notice applies [List all customers included in the keep open notice]
Full name of customer(s)	Date of birth or Australian Business Number/Australian Company Number (if known)

Previous applications to the AUSTRAC CEO
How many notices have been given by the AUSTRAC CEO under paragraph 39B(8)(d) of the AML/CTF Act in relation to the keep open notice?