• Introduction
• All recent publications
• Funds Management - Real Estate & Superannuation publications
• Funds Management - Real Estate & Superannuation services

Focus: Anti-money Laundering – August 2006

Suspicious matter reporting and AUSTRAC's new powers under revised Anti-Money Laundering and Counter-Terrorism Financing Bill

In brief:  AUSTRAC has been given substantial new enforcement powers under the revised Exposure Draft Anti-Money Laundering and Counter-Terrorism Financing Bill. Also, the scope of the suspicious matter reporting regime has been significantly amended. Partners Peter Jones(view CV) and Anna Lenahan(view CV) and Senior Associate Judy Maguire report on the new regime.

• Introduction
• Suspicious matter reporting
• AUSTRAC's enforcement powers
• What to do next

Introduction

This Focus is the second in a series to be issued by AAR on the revised Exposure Draft Anti-Money Laundering (AML) and Counter-Terrorism Financing (CTF) Bill (the Bill). For a general background to the Bill and the reforms, see AAR's Focus: Anti-money Laundering – July 2006.

Suspicious matter reporting

The present suspicious transaction reporting regime is contained in the Financial Transaction Reports Act 1988 (Cth) (the FTRA). In essence, it requires 'cash dealers'¹ to report to the Australian Transaction Reports and Analysis Centre (AUSTRAC) details of transactions which the cash dealer has reasonable grounds to suspect are relevant to criminal activity, tax evasion, proceeds of crime or financing of terrorism.

The suspicious matter reporting obligation in the Bill is broader than the suspicious transaction reporting obligation under the FTRA, in that it applies not only to cash dealers but to reporting entities that provide a broad range of designated services. Also, the grounds for reporting have been significantly extended. Additionally, it does not apply when a transaction takes place, but where:

• the reporting entity starts to provide, or proposes to provide, a designated service to a person; or
• a person requests a designated service; or
• a person merely inquires whether the reporting entity would be willing or prepared to provide a designated service; and

at that time or later a suspicious matter reporting obligation arises. 

The obligation, therefore, may arise before there is any business relationship between the reporting entity and a potential customer.

A subjective rather than objective test

The Federal Government has recast the reporting regime in the Bill by limiting the scope of the obligation² to make a suspicious matter report to circumstances where a reporting entity (or a person authorised to carry out customer identification procedures under section 34 (a s34 authorised person) actually suspects on reasonable grounds that any one of the various circumstances (see below under 'The suspicious matter reporting obligation') has arisen. 

This subjective test replaces the objective test (ie the obligation to report when there are 'reasonable grounds to suspect') that applies in the FTRA and had been carried over to the original Draft Exposure Bill.

The fact that the new test applies where the suspicion arises 'on reasonable grounds' is, it is assumed, intended to prevent reporting entities from making unnecessary and defensive reports to AUSTRAC (as happened in UK where, because of defensive reporting, regulators were overwhelmed with reports)³.

Section 39(10) of the Bill indicates that the AML/CTF Rules may specify matters to be taken into account by a reporting entity when determining whether there are reasonable grounds for forming a suspicion. The Federal Government has indicated (in the table of Rules released with the Bill) that there is no need for rules in this area at this time, but it is anticipated that non-binding guidelines will be released by AUSTRAC. Query whether these guidelines will be similar to the prescriptive list of matters in the Draft AML/CTF Rule on Suspicious Matters issued with the original Bill.  

The removal of the objective test means that there will be an inconsistency between the Bill and the reporting requirements for 'cash dealers' in the FTRA. The Federal Government has not indicated how it intends to resolve this in the interim (ie until the FTRA is repealed. It may be that this is one of the provisions that will come into effect sooner rather than later.

The suspicious matter reporting obligation

The scope of the grounds which trigger suspicion has been significantly widened. The obligation to report arises when the reporting entity (or s34 authorised person) suspects on reasonable grounds that:

• the person who receives, or will receive, the designated service is not who they claim to be; or
• information re the provision, or the  prospective provision, of the designated service may be:
  • connected to a breach of a tax law;⁴
  • connected to a Commonwealth or state offence;
  • of assistance to a Proceeds of Crime Act 2002 (Cth) investigation; or
• the provision or the prospective provision of the designated service may be;
  • preparatory to a money laundering or terrorism financing offence;⁵ or
  • relevant to an investigation into a money laundering or terrorism financing offence.

The requirement to report a suspicion that a customer is not who they claim to be goes beyond Recommendation 13 of the Financial Action Task Force (FATF) which only requires a report to be made if the regulated person suspects (or has reasonable grounds to suspect) that the funds are the proceeds of criminal activity or are related to terrorist financing.

Who must report

Another significant change from the original Bill is the extension of the reporting requirement to include persons who are authorised under s34 to carry out customer identification procedures.⁶ In effect, this means that anyone who carries out a customer identification procedure, whether they be an individual (such as employees of a reporting entity) or another legal entity (for example, an external agent or sub-agent) will be obliged to make suspicious matter reports and will face criminal and civil sanctions if they do not. This will catch financial planners if, for example, they are authorised under s34 (although they have been carved out from the rest of the Bill).

The Bill provides that s34 authorised persons must report either to AUSTRAC or, alternatively, to the reporting entity. 

A separate obligation arises under the Rules (at Chapter 5.2.3). This requires those s34 authorised persons who are carrying out customer identification procedures on behalf of a reporting entity (and who are not internal agents of the reporting entity) to notify the reporting entity if they have 'reasonable grounds for suspicion' that a suspicious matter obligation has arisen.⁷ There are some inconsistencies between the application of the Bill and the Rules, such as:

• the obligation in the Rule arises only where the s34 authorised person is actually carrying out a customer identification procedure. The obligation in the Bill is not so restricted;
• the obligation in the Rule arises if the s34 authorised person has 'reasonable grounds for suspicion', whereas the obligation in the Bill arises where there is an actual suspicion. Query why there are different tests.
• the obligation in the Bill requires a suspicious matter report to be made to either AUSTRAC or the reporting entity within three business days (or 24 hours for money laundering or terrorism financing offences). In contrast, the obligation in the Rule requires the s34 authorised person to notify and provide the reporting entity with sufficient information and within sufficient time so that the reporting entity can make a suspicious matter report to AUSTRAC.

A practical issue for s34 authorised persons (the first person) who are themselves sub-agents or subsub-agents of another s34 authorised person (the second person) is that the first person cannot report to, or notify their suspicion to, the second person. The report must be either to AUSTRAC or the reporting entity for whom they are carrying out the customer identification procedure and notification must be to that reporting entity.

Timing

The timing requirements (that is to lodge reports within three business days or 24 hours) have been tightened. Specifically, the Bill requires matters where the designated service is preparatory to the commission of, or relevant to, an investigation into a domestic money laundering offence or a terrorism financing offence to be reported within 24 hours. 

It is difficult to see why there is a need for a 24-hour time frame for money laundering offences (the original Bill only applied the 24 hour time frame to suspicious matters relating to terrorism financing offences).

Generally, industry had lobbied (it appears unsuccessfully) for the three business days and 24 hours reporting period to be relaxed in line with the FTRA which requires reports to be made 'as soon as is practicable'.⁸

A logistical problem also arises from the timing requirements. Reporting entities are required to report to AUSTRAC within three business days or 24 hours after the day on which the reporting entity or the s34 authorised person forms the suspicion.⁹ 

The s34 authorised person has the option of reporting directly to AUSTRAC or to the reporting entity (also within three business days or 24 hours). This seems sensible except that, if the s34 authorised person takes three days to make a report to the reporting entity, the reporting entity is still obliged to make a report to AUSTRAC within three days of the s34 authorised person forming the suspicion, not within three days of being notified of that suspicion. Presumably, this is a drafting oversight and will be corrected in the final version of the Bill.

Tipping off

Tipping off, that is the disclosure by reporting entities (and s34 authorised persons) of suspicious matter information¹⁰ to anyone other than AUSTRAC (or, in the case of the s34 authorised person, to the reporting entity), is prohibited. 

There are some exceptions. Reporting entities (and s34 authorised persons acting on behalf of a reporting entity) can disclose some (but oddly, not all) suspicious matter information to lawyers for the purpose of receiving legal advice. They can also share that information with other reporting entities in the same designated business group¹¹ with whom they have a joint AML/CTF program, if the information relates to a customer and the disclosure is in order to inform the other reporting entity about the risks associated with the customer.

It is arguable that the exceptions should go further to allow disclosure to other members of the group who are not themselves reporting entities, such as the parent entity or overseas members (so long as there are adequate precautions to prevent tipping off).

The effect on transactions

There is no specific provision in the Bill which requires reporting entities to discontinue a transaction that is the subject of a suspicious matter reporting obligation.¹² Indeed, the fact that making a suspicious matter report provides a defence to the money laundering offences in the Criminal Code Act 1995 (Cth) implies that transactions can proceed.

However, the suspicious matter reporting obligation triggers a re-verification requirement for existing and low-risk service customers. Consequently, reporting entities must 'not continue to provide' designated services (that is, must not complete the transaction or provide another designated service) to those customers until appropriate customer identification procedures have been satisfactorily completed. This will have serious practical implications. Many existing or low-risk customers will never have been identified or verified and it may take some time to carry out the appropriate customer identification procedure, during which the transaction will be delayed.

Additionally, identifying or verifying, or re-verifying, the identity of the customer may, in some circumstances, require direct contact with the customer and could therefore amount to tipping off.  In those circumstances, the 'not continue to provide until' requirement will amount to a requirement to discontinue the relevant transaction or provide another designated service.  Also query how one does not 'continue to provide' a loan or a deposit account – must the loan be immediately repaid in full or the account closed?

AUSTRAC's enforcement powers

The revised Bill has provided AUSTRAC with new enforcement powers. AUSTRAC can now:

• appoint external auditors to assess reporting entities' risk management and compliance;
• require annual compliance reports;
• issue remedial directions to reporting entities; and
• enter into enforceable undertakings with reporting entities.

An analysis of the enforcement regime contained in the original Bill (which regime remains basically unchanged) can be found in the AAR Focus: Anti-money Laundering – December 2005.

Compliance reports

Section 43B of the Bill introduces a new concept, that is a reporting entity must provide to AUSTRAC a report on its compliance with the AML/CTF Act, regulations and Rules during 'a reporting period'. What a reporting period will be, and the form and content of the report, will be specified by the AML/CTF Rules. As yet there are no Rules and a footnote to the section invites public comment on the section.

A person cannot refuse to provide a report on the grounds that it might incriminate him, but - as a safeguard - the report (or information obtained as a result of the report) cannot be used in civil or criminal proceedings against that person except where those proceedings relate to a contravention of s43B.

Industry is concerned as to the practical effect of this section. The obligation applies to individual reporting entities and there is no mechanism whereby a 'designated business group' can report on a group basis. It is not clear what the section aims to achieve (other than to overload AUSTRAC with information) and how it will operate.

Compliance reporting is not a specific FATF requirement and is not required in comparable jurisdictions such as the United Kingdom, Hong Kong or the United States. Given the AML/CTF Program Rules require reporting entities to keep appropriate records so they can document to AUSTRAC that their AML/CTF program is compliant, it is difficult to see why this extra procedure is necessary.

External auditors

In another new initiative, the Bill (at s129A) provides that AUSTRAC, if it has reasonable grounds to suspect a reporting entity is not taking appropriate action to comply with the requirement to identify, mitigate and manage it's ML/TF risk, can notify the reporting entity that it must appoint an external auditor to audit and report (to the reporting entity and to AUSTRAC) on the reporting entity's capacity for, and attempts at, compliance.

The notice will set out the type of report and matters to be covered. These can include (but are not limited to) an assessment of the reporting entity's ML/TF risk and what it needs to do to identify, mitigate and manage that risk.

External auditors can also be appointed to audit and report where AUSTRAC has reasonable grounds to suspect a reporting entity has, is or is proposing to contravene the AML/CTF Act, regulations or Rules. Matters to be covered by the audit will be specified in the notice to the reporting entity and the Bill suggests the matters could include the reporting entity's capacity to comply with the Act, regulations and Rules and what it needs to do to comply. 

There does not appear at this stage to be any mechanism requiring AUSTRAC to advise a reporting entity of the grounds on which the suspicion is based or allowing the reporting entity to appeal against the terms of the notice or decline to have an auditor appointed. 

Remedial directions

If a reporting entity has contravened, or is contravening, a civil penalty provision, AUSTRAC can direct the reporting entity to take specified action to prevent any contravention occurring at that time or in the future. It is not clear how this will be triggered. Will AUSTRAC be required to establish the contravention for the direction to be effective? If a reporting entity does not accept that a contravention has or is occurring, can they decline to take the remedial action required?

It is assumed this power will be used as an alternative to taking civil proceedings for a penalty, although this is not specifically stated.

The Bill contemplates that the remedial directions might include:

• directions that an effective administrative system for monitoring compliance with a civil penalty provision be implemented; or
• directions that a system be implemented to ensure internal and external agents have a reasonable knowledge of the requirements of a civil penalty provision, insofar as they are affected by them.

The Australian Communications and Media Authority has similar powers to give remedial directions under the Telecommunications Act 1997 (Cth) and the Interactive Gambling Act 2001 (Cth). However, there is a significant difference in that both of those Acts provide that those affected by the direction can apply for review to the Administrative Appeals Review Tribunal. There is no such provision for review in the AML/CTF Bill.

Enforceable undertakings

Section 160A of the Bill introduces another enforcement mechanism, whereby AUSTRAC can accept written undertakings from a person that the person giving the undertaking will take specific action (or refrain from taking specific action) in order to comply with the AML/CTF Act, Rules or regulations.  

Any such undertaking (which AUSTRAC may publish on its website) can be cancelled by written notice by AUSTRAC or, conversely, can be withdrawn or cancelled, but only with AUSTRAC's consent. Breach of an undertaking can result in an application by AUSTRAC to the Federal Court for various orders, including:

• an order directing the person to comply with the undertaking;
• an order directing the person to pay the Commonwealth the amount of any financial benefit obtained as a result of the breach;
• an order for compensation to be paid to any person who suffered loss or damage as a result of the breach; or
• any other order the court considers appropriate.

The financial services sector is already familiar with the concept of enforceable undertakings. The Australian Securities and Investments Commission and the Australian Prudential Regulatory Authority use them as an alternative to taking civil proceedings or administrative action.¹³ It is anticipated (although this has not been specifically stated) that the intention is that AUSTRAC will administer them in the same way.

What to do next

Given the extent of government/industry consultation to date, it is unlikely that the Bill will be significantly amended before its introduction to Federal Parliament (which the Federal Government has indicated will be in the next session). That being the case, and given implementation is likely to be sooner rather than later, your organisation (if it has not already done so) should now plan and organise resources for the significant changes that will be required to bring it into compliance with the new regime.

AAR's expert AML team, which has been closely involved in the consultative process between the Federal Government and the financial services industry through our membership of the IFSA AML Industry Guidelines Working Group, can provide efficient legal services at every stage of your AML project.

The Revised Bill and Rules can be found at the Attorney General's website.

Footnotes

1. Who are defined more narrowly than 'reporting entities' in the Bill.
2. Section 39 of the Bill.
3. But note the recent UK case of K Ltd v National Westminster Bank plc (2006) EWCA Civ 1039 confirms that under the UK Proceeds of Crime Act 2002 there is no legal requirement that there should be 'reasonable grounds' for suspicion (at clause 21).
4. This is much broader than the corresponding provision in the original Bill that had been carried over from the FTRA.
5. For the purposes of s39, 'money laundering' and 'terrorism financing' offences only include offences committed in Australia, although this can include money laundering (in Australia) the proceeds of a crime committed overseas.
6. Intermediaries were not caught under the suspicious transaction reporting requirements in the FTRA unless they were 'cash dealers' themselves.
7. This obligation does not apply where the reasonable grounds for suspicion are that the provision, or the prospective provision, of the designated service may be preparatory to a money laundering or terrorism financing offence.
8. This is line with overseas requirements.  The United Kingdom and Hong Kong reporting regimes require reports to be made 'as soon as is practicable'. The US allows a period of 30 days.
9. If the s34 person reports directly to AUSTRAC the obligation to report does not extend to the reporting entity.
10. Which would include the fact a report has been made, a suspicion formed, or any information from which this could be inferred.
11. Defined as a group of two or more companies where each is related to each other company in the group (within the meaning of the Corporations Act 2001 (Cth) or a group of a kind specified in the AML/CTF Rules.
12. Unlike UK where the transaction must not proceed without authorisation.
13. Practice Note 69 issued by ASIC provides guidance (in some detail) as to ASIC's use of enforceable undertakings.
     

For further information, please contact:

• Peter JonesPartner, Sydney
  Ph: +61 2 9230 4987
  Peter.Jones@aar.com.au
• Anna LenahanPartner, Sydney
  Ph: +61 2 9230 4132
  Anna.Lenahan@aar.com.au
• Judy MaguireSenior Associate, Sydney
  Ph: +61 2 9230 4835
  Judy.Maguire@aar.com.au
• Stephen SpargoPartner, Melbourne
  Ph: +61 3 9613 8861
  Stephen.Spargo@aar.com.au
• John BeckinsalePartner, Brisbane
  Ph: +61 7 3334 3520
  John.Beckinsale@aar.com.au

Bookmark with What are these?