About the Author: Naomi Fink
Do you have a suspicious mind?
Submitting suspicious matter reports to
AUSTRAC
One important obligation of companies and businesses bound by the
AML/CTF Act is the requirement to lodge suspicious matter reports with
AUSTRAC.
A client of ours was recently the subject of an AUSTRAC desk audit. The
client was showing AUSTRAC how accounts were opened, including a list
of new accounts. One new account was in the name of “Joe Bloggs”.
When questioned by AUSTRAC, our client advised that the account was
merely “a competitor testing our on-boarding process”. AUSTRAC then
asked our client “did you lodge a suspicious matter report? You should
have.” Read on to find out why.
AUSTRAC has a multi-faceted role as an overseer of compliance, as well
as a financial intelligence unit. AUSTRAC analyses reports to uncover
patterns of criminal activity including money laundering or terrorism
financing (ML/TF), and people smuggling. The resulting financial
intelligence is disseminated to partner agencies for use in criminal
investigations and other operations. AUSTRAC also analyses transaction
reports to identify risk indicators for use in its compliance functions.
Naomi‟s expertise is in providing
commercial advice in the areas of
employment, occupational health and
safety, leasing, franchising, financial
services and privacy. She also works in the
trade practices and intellectual property
areas.
Naomi has worked with several companies
to create and implement trade practices
compliance programs, and also assists
some clients on an on-going basis, by
chairing their monthly Compliance
Committee meetings. Naomi provides
advice on anti-money laundering
obligations, and has also prepared tailored
anti-money laundering programs for clients.
Other members of our financial
services team
What is a suspicious matter?
According to section 41 of the AML/CTF Act, a suspicious matter report
should be lodged with AUSTRAC if an entity bound by the AML/CTF Act
(reporting entity) forms a suspicion on reasonable grounds that:

a person (or their agent) is not who they claim to be (this should
include Joe Bloggs);

the reporting entity has received information from a person that
may be:
o relevant to investigate or prosecute that person for:
 evasion or attempted evasion of a tax law; or
 an offence against a Commonwealth, state or territory law;
or
o of assistance in enforcing:
 the Proceeds of Crime Act 2002; or
 a state or territory law that corresponds to that Act or its
regulations;

providing a designated service to that person may be:
o preparatory to committing an ML/TF offence; or
o relevant to the investigation or prosecution of a person for an
ML/TF offence.
You can pass this on, subject to a Creative
Commons Licence:
creativecommons.org/licenses/bynd/2.5/au/.
The Author is Holley Nethercote
Commercial & Financial Services Lawyers:
hnlaw.com.au. This article is not legal
advice and is current at May 2015.
Holley Nethercote Commercial & Financial Services Lawyers
The obligation to report a suspicious matter
arises when a reporting entity commences or
even proposes to provide a service to a
person. This means that the obligation to
report suspicious matters include situations
where the person is not yet your client, or has
simply lodged an application with your
company, or provided your company with
information, and you have not yet performed
any services or processed any transactions.
2
o
o
o
unusual business dealings in
circumstances that are difficult to
explain;
customers who are resident in high
risk or secrecy jurisdictions; or
complex customer structures which
have no commercial basis.
How do you report a suspicious
matter?
Reporting a suspicious matter does not mean
that you need to know or be able to prove the
exact nature of any possible or potential
criminal offence, nor do you need to show
that particular funds or property have been
acquired via criminal or unlawful means. You
are not required to step into the shoes of law
enforcement or the Australian Federal Police.
Once a suspicious matter has been identified,
it must be reported to AUSTRAC within:
Rather, the suspicion must simply be based
on reasonable grounds, that is, based on all
of the circumstances and information
available, that a reasonable person must
have a real suspicion of the relevant matters,
and the suspicion must be based on matters
or evidence that support the truth of the
suspicion.
The time of forming the suspicion is not when
the employee alerts management of the
potentially suspicious behaviour. AUSTRAC
accepts that the suspicion may be „formed‟
after the AML/CTF compliance officer has
investigated the matter, which may include
undertaking additional KYC checks.
How do you identify a suspicious
matter?
The AML/CTF Act and Rules require
reporting entities to have in place an
AML/CTF Program which sets out the entity‟s
risk-based systems and controls to identify,
assess and control the risk of its business
being used to facilitate ML and TF. These
systems and controls should enable the entity
to identify and investigate suspicious activity
and behaviour, and also to ensure that this
behaviour is reported to AUSTRAC.
The AML/CTF Program should include
indicators which are relevant and applicable
for the entity‟s business, which would or could
alert the business that a suspicious matter
has arisen.
Examples of triggers or indicators include:
o
o
using aliases, or becoming aware that
false ID has been used;
comments by the customer about tax
evasion or other illegal activity;
o
o
24 hours after forming the relevant
suspicion, if the suspicion relates to
terrorism financing; or
3 business days after forming the
suspicion, in all other cases.
Ideally, the AML/CTF Program should include
details of the escalation process (that is, the
process by which suspicions are escalated
through the organisation), as well as details
of the investigation process, and the steps to
be taken once the AML/CTF compliance
officer has formed an opinion regarding the
reporting of the suspicious matter.
The report must be in the prescribed format,
and AUSTRAC may require you to provide
additional information about a suspicious
matter report even after it has been lodged
with AUSTRAC.
What are the penalties for failing
to report a suspicious matter?
AUSTRAC can apply to the Federal Court for
a penalty to be ordered against a company or
a non-corporate entity for failing to lodge a
suspicious matter report, or for lodging one
late. The maximum penalty payable by a
company is $17 million, and for a noncorporate entity is $3.4 million.
Holley Nethercote Commercial & Financial Services Lawyers
(Although not as a result of failing to lodge a
suspicious matter report, in February 2015
and in 20 May 2015, AUSTRAC fined
Moneygram Payment Systems Inc $122,400
and $336,000 respectively, for providing
money remittance services through
unregistered remittance businesses. This is
just one example of AUSTRAC‟s increasing
willingness to act against entities who do not
comply with the AML/CTF Act).
The prohibition on tipping-off
This is really important. The reporting entity
must not disclose to any person (other than
AUSTRAC) that it has formed a suspicion
about a customer or lodged a suspicious
matter report. Thus, care must be taken not
to alert the customer that the suspicious
matter report has been lodged or even that a
suspicion has been formed. The entity
cannot even disclose specific details about
suspicious matter reports to its external
independent reviewer.
However, if the reporting entity is part of a
designated business group, the members of
the group can share suspicious matter
reporting information. Also, if the disclosure
complies with requirements under another
law of the Commonwealth, state or territory,
or if it is to an Australian government body
responsible for law enforcement, then the
tipping-off prohibition does not apply.
Further, entities can disclose suspicious
matter reports to their legal practitioners for
the purpose of obtaining legal advice. We
sometimes find that large corporate groups
are breaching their obligations by sharing this
kind of information with other parts of the
group who are not part of a designated
business group.
Can you continue to provide
services to a customer after a
suspicious matter report about
them has been lodged with
AUSTRAC?
This can be a dilemma for companies. As
noted above, the obligation not to tip-off the
customer about your suspicions means that
even once the report is lodged with
AUSTRAC, you should often continue to
provide your services to the customer.
However, the forming of a suspicion about a
customer, or the lodging of a suspicious
matter report, will trigger an obligation for
reporting entities to conduct enhanced
customer due diligence.
Practically, this means that in order to comply
with your Program, and with the requirements
of the AML/CTF legislation, appropriate
additional KYC checks and procedures must
be conducted before you can continue to
provide services (which could mean
completing the transaction or providing
another service). Further, care must be taken
to ensure that the enhanced due diligence
procedures do not in themselves tip-off the
customer that a suspicion has arisen.
What if you have never reported
a suspicious matter?
Our extensive experience with assisting
clients to respond to an AUSTRAC
Compliance Assessment has taught us that
AUSTRAC takes a dim view of reporting
entities that have never lodged a suspicious
matter report. In AUSTRAC‟s view, failure to
lodge any suspicious matter reports is an
indicator that the entity‟s systems and
controls are not effective in identifying and
prompting an investigation into suspicious
matters, which could lead to the lodging of
suspicious matter reports.
We conduct independent reviews of
companies bound by the AML/CTF regime.
As part of the reviews, we come across
examples of different client types (including
fund managers, remitters and financial
planners) who have not lodged any
suspicious matter reports with AUSTRAC.
When some clients are questioned and
provide information as part of the review, it
becomes clear that the failure to lodge
suspicious matter reports was not because
no suspicious matter have arisen – rather,
that the AML/CTF compliance officer was
unsure whether the matter was suspicious,
and was also concerned about the
reputational risk and damage to the customer
relationship if the suspicion was investigated
3
Holley Nethercote Commercial & Financial Services Lawyers
and enhanced customer due diligence
procedures were followed.
For example, when a financial planner
obtains detailed financial information from a
customer or a potential customer as part of
providing a Statement of Advice, they may
have questions about the source of a
customer‟s funds or a particular transaction or
beneficiary relationship.
4
not accept that person as a customer. This is
an acceptable risk-based control – however,
the company remains bound by the obligation
to report the suspicious matter to AUSTRAC
(without tipping-off the customer).
Paul Derham and Naomi Fink have been
authorised by AUSTRAC as external
auditors.
Author: Naomi Fink
Another example was the story at the
beginning of this article - where an online
CFD provider suspects that a person is not
who they claim to be (they are operating
under an alias), as a competitor who tries to
open an account for the purpose of testing
the CFD provider‟s system.
These suspicions should be referred to the
AML/CTF compliance officer for consideration
in accordance with the procedure outlined in
the company‟s AML/CTF Program, and a
decision whether or not to lodge a suspicious
matter report must be made within the above
timeframes. It is not enough for the financial
planner, fund manager or CFD provider to
simply „turn a blind eye‟ to the potential
suspicion. Often, a company‟s response is
to simply decline to accept that person as a
client, and no further action is taken.
We understand that companies are loathe to
damage customer relationships by asking
questions that seem to go beyond the scope
of the services they are providing (or intend to
provide), or by acting as an unofficial arm of
the regulator and „passing judgment‟ on a
customer‟s activities by lodging a suspicious
matter report with AUSTRAC. Also,
companies are worried that by continuing to
provide services to a customer where a
suspicion exists, that they will facilitate money
laundering or terrorism financing.
However, we emphasise that reporting
entities are bound to comply with the
AML/CTF laws, which include having a riskbased system and controls to identify, assess
and control the risk of its business being used
to facilitate money laundering and terrorism
financing. It may be that its system and
controls are calibrated so that if a suspicion is
formed about a customer, the company will
The law is current as at May 2015.
Author: Naomi Fink
Please note that this paper is a summary of the law only
and is not a substitute for legal advice. Holley Nethercote
is able to assist companies in meeting their obligations in
this area by providing practical and prompt legal advice.
Training and creation of compliance programs are also
available via an associated business, Compact Compliance & Training.
We invite you to contact Holley Nethercote:
Tel
Fax
+613 9670 8200
+613 9670 5499
Email
Web
[email protected]
www.hnlaw.com.au