Fighting financial fraud in today’s digital age is a global concern. In Australia, irrespective of the industry, all businesses must comply with Know Your Customer (KYC) and Anti Money Laundering (AML) regulations.
At its core, KYC refers to verifying their customer’s details to ensure that they are who they claim to be and ensuring that they are not listed on any sanctions lists before providing any services. KYC and AML policies in Australia are regulated by the Australian Transaction Reports and Analysis Centre (AUSTRAC).
Compliance isn’t a suggestion – the penalty for failing to do so can cost a business as much as $1.3 billion as levied against Australian bank, Westpac in 2020.
Let’s dive into the steps businesses in Australia must take to comply with these regulations.
The AML/CTF Act in Australia was passed in 2006. It has since been enhanced several times to regulate business activities in the financial services, digital currency exchange, bullion and gambling sectors.
These activities are known as designated services and are known to have a high risk of money laundering, terror financing and other criminal activities. Any business that provides such designated services is known as a reporting entity and must fulfill the following requirements:
These businesses need to design customer identification procedures based on:
KYC procedures have different goals for individual customers and entities such as companies, associations, trusts, etc. However, the reference source used for customer identification procedures must meet the same standards. They must be:
KYC and AML for Individuals
Complying with KYC norms for individuals involves collecting and verifying personal details such as the individual’s full name, residential address and date of birth. These details can be verified through documents or an electronic verification tool. The documents that can be used to verify customer identities include:
Businesses that offer regulated services involving financial transactions must also take steps to assess the customer’s risk profile. A customer’s risk profile will depend on many factors including the industry he/she operates in, the average transaction value, nationality, subjectivity to sanctions, political exposure, history of financial crime and so on.
KYC and AML for Entities
When it comes to entities, AUSTRAC requires businesses to have enough information to be reasonably satisfied that the company/ trust/ association actually exists and must know details of the entity’s beneficial owners. KYC compliance includes the collection and verification of:
In addition, there are certain other details that need to be verified based on the type of company
Businesses that do not comply with AUSTRAC KYC/AML regulations risk facing enforcement actions and having to pay penalties. For example, in May 2023, Crown Melbourne Ltd and Burswood Nominees Ltd were ordered to pay $450 million for breaching the AML/CTF Act. In addition to the financial penalty, businesses may need to offer an enforceable undertaking setting out specific actions to be taken/ not taken in the future to comply with the Act.
The impact of such penalties is not limited to the company’s finances. Brand reputation also suffers and businesses could lose their customer’s trust.
Summing it up
Given the serious consequences of non-compliance, businesses in all sectors need to make a determined effort to verify customer identities before providing them with any services. That said, inconveniencing the customer in any way can cost businesses the customer’s loyalty. This brings about the need for automated identity and address verification tools. These tools can deliver real-time results by comparing customer data with reliable third-party databases and scanning them against global watchlists, PEP databases, sanctions lists and more. Leverage these tools and build your KYC process today.