Comparison of AML obligations imposed by US and Australian legislation
on regulated business 2
Financial agencies 3
AML laws 4
Reporting requirements 4
CTR and TTRs 5
Suspicious Activity Report (SAR) and Suspicious Matter Report (SMR) 6
Enrollment and Registration with AUSTRAC 8
AML Programs 9
Customer Identification Program 12
Customer Due Diligence 13
Enhanced due diligence and correspondence relationship 15
US legislation 17
Australian Legislation 17
Comparison of AML obligations imposed by US and Australian
legislation on regulated business
Money laundering is the activity of rendering illicitly procured profits seem legal by
ways of concealing the illicit sources1
. Money laundering has become a corrosive issue,
threatening the stability and integrity of financial institutions around the globe. To
effectively and efficiently prevent cases of money laundering, jurisdictions around the
globe have come to devise their own anti-money laundering frameworks. Granted, banks
and other institutions (i.e. entities) rendering financial services are usually involves in the
money laundering cases, these are the entities that fall within the ambit of anti-money
laundering legislation. Invariably, to prevent money laundering, governments have anti
money laundering legislation in place to imposing obligations on regulations business (i.e.
banks and other entities party to financial transactions) to ensure that they comply with
and report in compliance with anti-money laundering.
Both US and Australian legislation have come to develop and implement their very
own legal framework to prevent, identify and prosecute those who partake in money
laundering. Understanding the key anti money laundering legislation of each is
indispensable in juxtaposing them side by side for purposes of comparison.
FinCEN, History of Anti-Money Laundering Laws (2017) < https://www.fincen.gov/history-anti-money-
laundering-laws> accessed 20 December 2017
This particular essay aims to compare the anti-money laundering obligations imposed on
regulated business (i.e financial institutions) by both the US and Australian legislation. The
essay attempts to achieve the optimal juxtaposition by zeroing in on AML areas such as
reporting obligations, AML programs, CDD requirements and enhanced due diligence and
Institutions subject to AML laws in USA are referred to as financial institution and/or
covered financial institution. BSA 3 USC 5312 (a) (2)2 furnishes an exhaustive list of
various institutions which can qualify as a ‘financial institution’ for purposes of the
Bank Secrecy Act 1970. The list encompasses types of business rendering financial
services such as commercial bank, insured banks, credit union, brokers, dealers,
investment banks and etc3
. However, institutions subject to AML laws in Australia
are referred to as reporting entities in AML/CTF Act of 2006. Section 5 of AML/CTF
Act4 stipulates that a person rendering designated services (as provided for in
Tables, 1, 2 of 3 in Section 6 of AML/CTF Act) is a reporting entity.
Financial Crimes Enforcement Network, abbreviated as FinCEN, is a bureau of the
United States Department of the Treasury, which aims to ‘safeguard the financial system
from illicit use and combat money laundering and promote national security through the
collection, analysis, and dissemination of financial intelligence and strategic use of
. In USA, the FinCEN administers the Bank Secrecy Act and other
2 Bank Secrecy Act 1970, 3 USC 5312 (a) (2)
4 AML/CTF Act 2006, Section 5
5 FinCEN, What we do (2017) < https://www.fincen.gov/what-we-do> accessed 20 December 2017
AML laws, including the US PATRIOT Act of 2001. On the other hand, in Australia, the
main financial agency which prevents, detects, and prosecutes money laundering in
Australia is the Australian Transaction Reports and Analysis Centre, also referred to as
AUSTRAC. AUSTRAC assumes roles similar to that of FinCEN and administers the AML
legislation and regulations of Australia.
In the United States, the Financial Record-keeping and Reporting of Currency and
Foreign Transactions Act of 1970, also referred to as the Bank Secrecy Act, is a
cornerstone Act which was enacted in 1970. The Bank Secrecy Act, or BSA. Following
9/11, the BSA has been amended by the US PATRIOT Act of 2001. While the Anti-Money
laundering and Counter-Terrorism Financing Act of 2006 (i.e. AML/CTF 2006) is
considered the main AML law in Australia.
AML legal mechanisms (i.e AML legislation) involve reporting to various government
agencies (in USA, usually FinCEN, and AUSTRAC in Australia) involved in preventing and
prosecuting money laundering crimes. US and Australian legislations both impose
reporting obligations on covered financial institutions (in USA) and reporting entity (in
Australia). This part will analyze the reporting obligations of each legislation and analyze
areas where they overlap and where they do not.
This paragraph will analyze the reporting obligations imposed by each US and Australian
jurisdiction and juxtapose them for comparison.
CTR and TTRs
Pursuant to Bank Secrecy Act, banks in USA are required to report transactions
amounting to or over $10000 using Currency Transaction Report, also referred to as
CTR, to FinCEN. CTR reports are required to be filed by bank representatives.
Nonetheless, the US law, specifically the FinCEN Guidance on Determining Eligibility for
Exemption from Currency Transaction Reporting Requirements provides for a specific
criteria for exempt customers from CTR requirements under Bank Secrecy Act6
exemption guidelines provide for two categories of exempt customers under US
legislation- Phase One and Phase Two (as provided for in Money Laundering Suppression
Act of 1994)
. Phase One customers encompass banks, companies traded on major
stocks, government entities. Phase Two encompasses non-listed business and payroll
customers, provided that they meet certain requirements contained in the FinTech
Guidelines. FinCEN also provides for a number of categories of business which cannot be
granted exemption from CTR ( in 31 CFR 1020.315(e)(8)8
On the other hand, such transactions are referred to as threshold transaction in
Australian AML/CTF Act. The legal definition of threshold transactions is provided in
Division 3 of Part 3 of the AML/CTF Act9
6 FinCEN Guidance on Determining Eligibility for Exemption from Currency Transaction Reporting
7 Money Laundering Suppression Act of 1994 (MLSA)
31 CFR 1020.315(e)(8)
9 AML/CTF Act 2006, Chapter 19
transaction relating to the transfer of physical currency, where the transfer is $10,000 or
more, or a transaction involving the transfer of money in the form of e-currency, where the
total amount of e-currency which is transferred is $10,000 or more.
Transactions greater than 10000 AUD are referred to as threshold transactions
under The Anti-Money Laundering and Counter-Terrorism Financing Rules (AML/CTF
Rules). Pursuant to AML/CTF Rules, reporting entities have 10 business days to provide
the threshold transaction report to the AUSTRAC. Chapter 19 of the AML/CTF Rules
specify the details to be included in the Threshold Transaction Report10. AML/CTF Rules
provides for a number of exemptions, just like the US legislation. The applicability of such
obligations are determined by the guidelines issued by AUSTRAC.
Unlike the US legislation (Bank Secrecy Act & USA PATRIOT Act11), 47(2) of AML
CTF Act12 requires reporting entities in Australia to furnish AUSTRAC with a AML/CTF
compliance report on an annual basis.
Suspicious Activity Report (SAR) and Suspicious Matter Report
11 USA PATRIOT Act 2001
12 AML/CTF Act 2006, s 47 (2)
The US legislation, specifically the Bank Secrecy Act also requires the so-called
Suspicious Activity Report (i.e. SAR) to be filed with the FinCEN by financial
institutions following 30 days after the reporting institutions determine that peculiar
transaction gives ground to suspicious activity13. The purpose of SARs is to ensure
that transactions which do not ordinarily fall within the ambit of Currency Report
Transactions (i.e CTRs) are reported in compliance with the objectives of the Bank
Secrecy Act. Such transactions can involve structuring, which is modifying the
structure of the transaction with a view to avoid any CTR reporting and etc.
Under Bank Secrecy Act, the reporting institutions filing SAR cannot inform the customer
of the fact that a SAR has been filed with FinCEN14.
On the other hand, when reporting entities form suspicion as to a particular customer or a
transaction on ‘reasonable grounds’ suspicious transaction which can usually in
Australia are filed in Suspicious Matter Report (SMR) to AUSTRAC. Chapter 18 of
AML/CTF outlines specific details to be included in the Suspicious Matter Report15.
Likewise, the Australian legislation, namely section 123 of AML/CTF act bars the
reporting entity from disclosing that they had lodged a SMR on their transaction to
other than AUSTRAC. Nor can reporting entities disclose that they had formed
suspicious about a particular customer. Should they omit to comply with s123, such
disclosure amounts to ‘tipping off’ and is considered an offense for the purposes of
AML/CT. Therefore, reporting obligations imposed by both jurisdictions bar
financial institutions (i.e. reporting entities) from disclosing the lodging of a SAR,
thereby, comparing favorably.
13 31 C.F.R. § 103.18
14 31 U.S.C. § 5318(g)(2)(A)
15 AML/CTF Act 2006, Chapter 18
Enrollment and Registration with AUSTRAC
As much as the reporting obligations imposed on regulated business (i.e financial
institutions in USA and reporting entity in Australia tend to be favorably comparable,
the Australian legislation, namely, AML/CTF Act imposes the so-called enrollment
obligation on reporting entities16. Moreover, in Australia, pursuant to AML/CTF Act
2006, all businesses rendering ‘designated services’ that fall within the ambit of
Section 6 of AML/CTF Act and all businesses rendering remittance services are
required to be enrolled on AUSTRAC’s Reporting Entities Roll. Enrollment on
AUSTRAC Reporting Entities Roll fall within the remit of Chapter 4 of AML/CTF
Act17. Furthermore, the Australian legislation requires remittance service providers
to register as such. On the other hand, US legislation, neither Bank Secrecy Act nor
US PATRIOT Act requires financial institutions covered to either enroll or register
with the FinCEN.
Overall, the transaction reporting obligations imposed by both Bank Secrecy Act 1970 of
USA, and AML/CTF Rules 2007 of Australia are favorably comparable in terms of the
Currency Report Transaction (in US jurisdiction) or Threshold Transaction Report (in
Australian jurisdiction), the threshold amount of the transactions is almost the same, being
10000 USD and 10 000 AUD respectively. Even though both legislations provide for
exemptions from reporting, the criteria to establish such exemption are different. However,
Australian AML law has the enrollment and registration obligation, whereas, the US AML
law omits to introduce such obligation.
16 AML/CTF Act 2006, Chapter 4
Both legislations require covered financial institutions (or reporting entities) to formulate
and maintain AML programs. AML programs can be loosely defined as a set of
mechanism devised and implement with a view to protect the financial firm from
being used to launder money.
Such programs are regarded as the indispensable component of a financial institution’s
compliance with obligations imposed by relevant jurisdiction. Both US and
Australian anti money laundering legislation require financial institutions and entities
covered by the legislations to formulate and implement such programs.
Nevertheless, when each of the programs required by each of the jurisdictions are
juxtaposed, it becomes evident that as much as the objective of AML programs are
the same, there is clear yet subtle differences between the two.
AML programs requirements in USA fall within the scope of 352 of US PATRIOT Act,
which requires all financial institutions to formulate and implement anti- money
laundering programs, also referred to as AMLP18. Section 352 of US
US PATRIOT Act provides for that an AML program, at least have to incorporate the
1. the development of internal policies, procedures and controls
2. designation of a compliance officer
3. an ongoing employee training program
4. an independent audit function to test programs
18 USA PATRIOT Act 2001, Section 352
These requirements will be examined below while juxtaposing with the
requirements imposed by the AML/CTF Act in Australia19.
AML/CTF Act compartmentalizes the AML/CTF program programs into three
categories: a standard AML/CTF program, a joint AML/CTF program,
a special AML/CTF program, while the US legislation (USA PATRIOT Act) omits to
categorize such AML programs. Specifically, Part 7 of AML/CTF Act requires that
reporting entities (i.e. banks, financial institutions and etc.) to develop and maintain
an AML/CTF programs20.
The AML program required by the Australian AML/CTF Act is divided into two parts-
Part A and Part B and are set out in Chapter 6 of the AML/CTF Act. The minimum
requirements of a Part B program will be
1. ML/TF risk assessment
2. Designation of a compliance officer
3. Employee due diligence program
4. Risk awareness training program
5. Independent Review of AML programs
6. Implementation of AUSTRAC feedback
listed below, and analyzed with comparison to that of the US AML program requirements.
19 AML/CTF Act 2006, Chapter 6, Part A
20 AML/CTF Act 2006, Part 7
Firstly, ML/TF risk assessment of the business undertaken by the reporting entity,
which is ordinarily used to refer to a process, whereby risks are identified, and further
policies are formulated and implement to mitigate such risks21. Moreover, the Part A of
AML/CTF program provides that an independent review of the AML program’s
compliance, as with the independent audit required by Section 352 of USA PATRIOT Act.
Even though the US legislation (USA PATRIOT Act) does not require the so-called
employee due diligence program (vetting employees who might be susceptible to aid and
abet in either money laundering offenses or terrorism funding) to be incorporated into the
AML program, the Part A of AML/CTF program requires such programs to be included in
the reporting entity AML program.
Secondly, the Part A of AML/CTF program also requires the designation of a
AML/CTF compliance officer, just like the compliance officer as required by Section 352
of USA PATRIOT Act22, which is a testament to how both AML laws compare favorably in
terms of this particular element of an AML program.
Thirdly, Part A of AML/CTF also requires AML/CTF risk awareness training
program to the employees. Section 352 of the USA PATRIOT Act provides for highly
comparable requirements, which is employee training as to the BSA and other AML
regulation to ensure that the employees stay up to date on the current AML laws.
Fourthly, Part A of an AML also provides that an AML program of a reporting entity
has to implemented the procedure whereby the AUSTRAC feedback furnished by
AUSTRAC as to how a reporting entity is complying with the AML laws, has to be
21 AML/CTF Act 2006, Chapter 6, Part A
22 US PATRIOT Act 2001, Section 352
incorporated into the AML program. USA PATRIOT Act omits to provide for such
Finally, Australian legislation (i.e. AML/CTF Act) requires that the Ongoing
Customer Due Diligence program to be included in the Part A of the AML/CTF program,
while such requirement in US legislation is dealt with in Customer Due Diligence program
as required by FinCEN guidelines, which will be explored below. Thus, the OCDD
requirements both are required by the US and Australian legislation, testifying to how
comparable they are in this particular OCDD aspect.
Overall, there are key differences between the two AML laws when it comes to AML
program requirements. Nonetheless, predicated upon the above analysis, both the
AML laws tend to compare well.
Customer Identification Program
Pursuant to Section 326 of the USA PATRIOT Act, banks, credit unions, insurance
companies, trusts, private banks and other various financial institutions are required to
formulate and develop the so-called Customer Identification Program (CIPs)23,
appropriate to the business type and size. Moreover, Customer Identification Programs
required by the USA PATRIOT Act require these programs to be in written form and
approved by the board of the implementing institution. The equivalent for such CIP in
Australian legislation is provided for in Part B of AML/CTF Act. Nonetheless, such CIP
requirement has been incorporated into Customer Due Diligence requirement, which will
be discussed below.
23 US PATRIOT ACT, Section 326
Customer Due Diligence
Customer Due Diligence requirement tends to be a core element in virtually all AML
legislation, since they enable the financial institutions (or reporting entities in Australia) to
procure and retain valuable insight as to a customer’s identification and transaction
history, affording the financial institutions (i.e. reporting entities in Australia) to identify,
minimize, and manage risks posed by their customers. This part will analyze both
Customer Due Diligence (i.e CDD) requirement imposed by each of the US and Australian
legislation, and shed light on areas where they are in harmony and where they are not.
AML/CTF Act requires reporting entities to have in place risk-based Customer Due
Diligence procedures, which are dealt with in Part B of AML/CTF Program24.
Moreover, just like the US FinCEN guidelines do, AML/CTF Act requires reporting
entities to include the CDD procedures in their AML/CTF programs. AUSTRAC
provides for that the primary objective of CDD procedure requirement is that the
reporting entity is knowledgeable about its customers and their financial activities.
Furthermore, as with the US legislation, AML/CTF act provides for that each
reporting entity to formulate and implement their own CDD procedures, which is to
to be predicated upon a number of factors, which can include customer type,
customer’s source of funds, and etc25.
The Customer Due Diligence requirements imposed by AML/CTF Act encompass26
24 AML/CTF Act 2006, Chapter 6, Part B
26 AML/CTF Act 2006, Chapter 6, Part B
1. procuring and verifying customer identification information
2. identifying and verifying the beneficial owner(s) of a customer realized
in 2014 changes to AML/CTF Act)
1. determining if a customer is a PEP, and ensuring that the reporting
entity is knowledgeable about the source of funds (realized in 2014
changes to AML/CTF Act)
2. procuring more information as to the purpose and intended nature of
FinCEN issued updated rules within the ambit of the Bank Secrecy Act27. Unlike in
Australia, where the 2nd CDD requirement- identifying and verifying the beneficial owner
of a customer was in effect, such requirement was not present in US AML legislation until
the issuance of the updated final rule. FinCEN cites that there are four core elements of
an efficient and effective AML program, and they include:
1. customer identification and verification
2. beneficial ownership identification and verification
3. understanding the nature and purpose of customer relationships to
develop a customer risk profile
4. ongoing monitoring for reporting suspicious transactions and, on a risk-
basis, maintaining and updating customer information.
27Federal Reserve, Customer Due Diligence Requirements for Financial Institutions- A rule by Financial
Crimes Enforcement Network (2016) < https://www.federalregister.gov/documents/2016/05/11/2016-
10567/customer-due-diligence-requirements-for-financial-institutions> accessed 15 December, 2017
In terms of similarities, AML legislation of both countries- USA and Australia provide for
that when determining beneficial ownership, the minimum threshold of customer
ownership is 25%28.
In general, with US AML regulations and rules omitting to include the ‘identification and
verification of the beneficial owner’ requirement into the AML program requirement,
the CDD requirements of each legislation used to differ. Even though such
requirement in Australian legislation (i.e. AML/CTF rules) were amended in 2014.
With the updated FinCEN rule of 2016, such difference between the two of the
legislation when it comes to CDD is further rendered less nebulous.
Enhanced due diligence and correspondence relationship
Both legislations have in place mechanism whereby the so-called enhanced due
diligence requirements are imposed. In US AML legislation, section 312 of USA
PATRIOT Act imposes enhanced CDD requirement on covered US financial
institutions, which operate correspondence accounts for foreign financial
institutions. Moreover, section 313 of USA PATRIOT Act29 prohibits US banks from
operating correspondence accounts for foreign shell banks, which lack a physical
presence. On the other hand, Section 95 of the AML/CTF Act30 provides that a
financial institution in Australia must not enter into a correspondence relationship
28 CML/CTF Act 2006, Chapter 6, Part B
29 US PATRIOT Act 2001, Section 313
30 AML/CTF Act 2006, Section 95
with foreign shell bank, which is defined in Section 15 of the AML/CTF Act31. AML
legislations of both require their financial institutions undertake due diligence when
entering into such correspondence relationship, testifying to how comparable the
two are when it comes to the financial institutions maintaining correspondence
accounts for foreign shell banks.
To conclude, it is crystal clear that both of the AML laws have some AML areas where they
overlap, and where they don’t. Regarding enhanced due diligence and AML programs, the
AML laws of each seem to be in harmony, while there prevail areas of difference in
reporting obligations and AML programs. Both espouse a risk-based approach when it
comes to risk. Nevertheless, the key differences, AML laws of USA and Australia tend to
31 AML/CTF Act 2006. Section 15
• USA PATRIOT Act 2001
• Bank Secrecy Act 1970
• 31 U.S.C. § 5318(g)(2)(A)
• 31 C.F.R. § 103.18
• 31 CFR 1020.315(e)(8)
• Money Laundering Suppression Act of 1994 (MLSA)
• FinCEN, History of Anti-Money Laundering Laws (2017) <
https://www.fincen.gov/history-anti-money-laundering-laws> accessed 20 December
• Federal Reserve, Customer Due Diligence Requirements for Financial Institutions- A
rule by Financial Crimes Enforcement Network (2016) <
diligence-requirements-for-financial-institutions> accessed 15 December, 2017
• FinCEN, What we do (2017) < https://www.fincen.gov/what-we-do> accessed 20
• Anti-Money Laundering and Counter Terrorism Financing Act 2006