The Evolution of Australia’s Anti-Money Laundering and Sanctions Laws

Key changes to the AML/CTF Rules

In its public consultation into the draft Rules AUSTRAC received a total of 229 submissions across the two rounds. The four key areas of focus from the feedback and subsequent Rule changes are:

• Reporting groups
• Customer due diligence (CDD)
• AML/CTF programs
• Value transfer and the travel rule

We have dealt with each of these areas below, noting that the changes in the Rules extend beyond what is referenced. This is not an exhaustive review.

Reporting Groups

For business groups, there is a new condition requiring written agreement on who is the lead entity. Rule 2-1 requires that all members of the business group (including members of the group that are not reporting entities) must agree in writing on which member is the lead entity of the reporting group.

For elected groups, Rule 2-2 requires that if a member of a business group joins an elected reporting group, all members of that business group must also join. Conversely, if one business group member leaves, all are taken to have left.

Customer Due Diligence

Part 6 of the Rules relates to CDD. The changes to CDD are significant and more prescriptive compared to the earlier drafts of the Rules. This partly reflects the desire of industry bodies and their members for greater clarity around AUSTRAC’s expectations, and particularly for new Tranche 2 entities to have sufficient detail to apply the requirements. Relevantly, there are now dedicated Rules for conducting CDD on the following:

• Sole traders (Rule 6-1)
• Bodies corporate, partnerships, or unincorporated associations (Rule 6-2)
• Trusts or foreign equivalents (Rule 6-3)
• Government bodies (Rule 6-4)

Additionally, Rules have been introduced for establishing the identity of persons associated with the customer (Rule 6-5), beneficial owners of the customer (Rule 6-7), and beneficial owners and senior manager for particular entities (Rule 6-8).

Significantly the definition for domestic politically exposed persons (PEP) no longer includes councillors generally, but rather at Rule 1-5(j) it specifies: “head (however described) of a local government council in a State or Territory”.

Given the volume of change to the earlier draft versions of the Rules, existing and new reporting entities will need to be mindful of how they assess and apply these new requirements, given the changes will impact onboarding processes and systems, and the technology that underpins them.

AML/CTF program, policies and procedures

There have been a number of changes in relation to financial sanctions, as well as identification where a person was previously a political exposed person.

Rule 5‑3 requires reporting entities to develop and maintain AML/CTF policies to ensure that in providing their designated services they do not contravene targeted financial sanctions, including asset freezing obligations, required by the Autonomous Sanctions Act 2011 (Cth) or the Charter of the United Nations Act 1945 (Cth). This Rule complements the requirement in the Act to establish whether a customer, any beneficial owner of a customer, any beneficiary or any agent, is a person designated for targeted financial sanctions. Relevantly in making this assessment, Rule 5-3 now refers to“any assets” instead of “money, property or virtual assets”.

Rule 5‑2 will require reporting entities to consider the triggers for obtaining more CDD information from customers, to enable the entity to appropriately mitigate and manage money laundering and terrorism financing risk. This includes Rule 5-2(5) which requires the reporting entity to deal with circumstances where a customer, beneficial owner, or person acting on their behalf was previously a PEP. As stated in the Explanatory Memorandum, the rationale for this is that the former PEP may continue to retain material influence over public policy and expenditure decisions.

Transfer of Value and the Travel Rule

There is significant additional information in the Rules about the transfer of value and the travel rule. The Explanatory Memorandum states that the requirements in Part 8 of the Rules have been drafted to align with Financial Action Taskforce (FATF) recommendations 15 and 16. These recommendations set out the minimum information that needs to be collected, verified and passed on, in a transfer of value about both the payer and payee, and the responsibilities for the ordering, intermediary and beneficiary institutions in a value transfer chain in relation to that information.

FATF recommendation 16 sets out the information that needs to travel with the transfer of value to provide payment transparency, and aid traceability and preventative measures such as sanctions screening and financial crime monitoring. FATF recommendation 15 extends the requirement, with some specific requirements, to transfers for virtual assets.

Given the volume and specificity of these changes, detailed analysis will be required to assess the implications for the contents of policies and procedures, and the system and technology changes required to deliver this. Reporting entities will need to assess both when they need to obtain information, as well as what information is required to passed when a transfer of value occurs. Further, reporting entities should consider an implementation plan if system changes are unlikely be achieved by 31 March 2026.

Australian Sanctions Office – Advisory Note on Sanctions and Proliferation

The Australian Sanctions Office (ASO) has also recently released a ‘New advisory note on sanctions and proliferation financing’ (Advisory Note). Proliferation financing refers to the act of providing financial support for the manufacture, acquisition or transport of nuclear, chemical, biological or radiological weapons.

This Advisory Note is designed to guide regulated entities on how to identify, assess and manage the risks associated with proliferation financing. The Advisory Note highlights high-risk sectors such as virtual asset providers, trust and company service providers, and businesses involved in the maritime sector, which are vulnerable to exploitation by proliferators. It also acts as an important tool for understanding known proliferation financing methodologies, and ‘red flags’ to consider in sanctions compliance programs, as well as the AML/CTF policies and procedures.

The release of this Advisory Note also comes at a critical moment, as proliferation financing risk management will become a formal requirement under the AML/CTF Act from 31 March 2026. Regulated entities will need to ensure proliferation financing risks are considered in their risk assessments and embedded throughout CDD practices.

Furthermore, this comes at a time of greater geopolitical uncertainty as well as the increasing use of international sanctions as a foreign policy tool. It also signifies a greater emphasis on supervision and enforcement both by the AUSTRAC and the ASO. The Advisory Note encourages proactive compliance and vigilance, ensuring Australia’s financial system remains resilient against illicit finance.

The ASO’s suite of guidance material can be accessed here. Organisations are encouraged to consult these resources to develop and update their sanctions compliance framework, especially given the AML/CTF changes.

Next Steps

Given these recent amendments to the Rules by AUSTRAC and the announcement of the ASO guidance on sanctions and proliferation financing, existing and new reporting entities should start considering how to comply, by 31 March 2026 and 1 July 2026 respectively.

Norton Rose Fulbright will be updating its Tranche 2 and AML/CTF Reforms Hub regularly so subscribe here to stay up to date.