In this article, we outline key insights from Australias regulation landscape focusing on recent updates on Australia’s Anti-Money Laundering and Counter-Terrorism Financing (AML/CTF), online age verification, and the Australian Securities and Investments Commission (ASIC) expectations regarding scam prevention, detection, and response.

AML and identity regulation

AML/CTF Tranche 2 Reforms:

The Commonwealth Attorney-General’s Department has initiated the implementation of proposed reforms to Australia’s AML/CTF regime. This move aims to align the country’s AML laws with standards recommended by the Financial Action Task Force (FATF). The reforms have far-reaching implications for various sectors, including real estate, accounting, and legal professionals. Law firms and other regulated businesses will now be required to take a more active role in deterring money laundering and terrorist financing activities.

The reforms are likely to require accountants, real estate agents, and other professionals to implement risk management programs and to conduct due diligence on clients. This will include verifying the identity of clients, assessing the risk of money laundering or terrorist financing, and monitoring transactions for suspicious activity. Failure to comply with these requirements may result in significant civil penalties.

The reforms also aim to:

  1. Modernise and clarify the regime in line with international standards and best practice.
  2. Reduce complexity and regulatory burden on the industry.
  3. Ensure the regime remains fit for purpose.
  4. Harden Australian businesses and sectors against exploitation by serious organised criminals.
Attorney-General’s Department Consultation:

On April 20, 2023, the Commonwealth Attorney-General’s Department released the first of two consultation papers on modernising Australia’s AML/CTF regime.

Part 1 of the consultation paper addresses the need to simplify and modernise the operation of the regime to streamline AML/CTF obligations, which was recommended by the 2016 Statutory Review of the Anti-Money Laundering and Counter-Terrorism Financing Act 2006. The review found that the regime was too complex, making it difficult for regulated entities to comply with their obligations. This will be of interest to both existing and proposed reporting entities.

Part 2 seeks feedback on extending the AML/CTF regime to high-risk professions, including lawyers, accountants, trust and company service providers, real estate agents, and dealers in precious metals and stones. Australia is currently one of only five jurisdictions in the FATF Global Network that do not regulate these entities.

For law firms and other regulated businesses, this means implementing rigorous client due diligence, ongoing monitoring of transactions, and reporting any suspicious activities to the relevant authorities. Verify 365’s digital onboarding platform can assist businesses in streamlining their compliance processes while ensuring adherence to the updated AML/CTF regulations.

Online Age Verification ‘Roadmap’ with the Federal Government:

The eSafety Commissioner has delivered a roadmap charting a way forward on Australia’s proposed mandatory age verification regime for online pornography to the federal government after almost two years of development. The age verification roadmap was handed to the Albanese government on Friday, coinciding with the deadline on the final draft of the online safety codes that have been developed by the tech industry.

The roadmap was requested by the former Coalition government in June 2020 as part of its response to the bipartisan parliamentary inquiry into age verification for online wagering and online pornography. As part of its response, the former government also gave in principle support to a recommendation that the government’s digital identity scheme be used to verify the ages of people accessing pornography.

eSafety Commissioner Julie Inman Grant emphasised that any age verification scheme would need to “strike the right balance” between safety, security, and privacy. Various options for age verification were explored during the development of the roadmap, including digital identity apps, physical age tokens, database checks, credit card checks, and facial recognition or other biometric data. Most of these options were flagged in submissions as having privacy and security risks or presenting surveillance concerns.

The eSafety Commissioner is also planning to address children’s access to “high-impact content that can be harmful to children,” including pornography, through the second phase of the mandatory industry-developed online safety codes. The first phase of the codes developed by local tech industry associations were due on Friday, but it is far from clear whether they will be registered by the eSafety Commissioner, who was still working through “red line” with the industry last week.

For law firms and other regulated businesses operating in the online space, this development underscores the importance of implementing robust age verification measures to protect minors and vulnerable individuals from accessing adult content.

Verify 365’s platform can support businesses in their compliance efforts, enabling them to implement age verification processes seamlessly.

Combatting Scams: ASIC’s Expectations and Strategic Priorities

The Australian Securities and Investment Commission (ASIC) has identified combatting scams as a strategic project in its latest corporate plan, with disrupting investment scams being an enforcement priority. To this end, ASIC has conducted a review of the scam identification and response strategies of the four major banks (CBA, ANZ, NAB, and Westpac), releasing its findings in REP 761.

ASIC’s key message is that banks “can and should do more to protect Australians from the financial loss of scams.” The report also has broader relevance beyond the major banks, as ASIC Deputy Chair Sarah Court believes that combatting scams is a critical task for all of corporate Australia, including financial institutions, telecommunication providers, digital platforms, and other organizations.

Key takeaways from the report, with a focus on the ‘improvement opportunities’ identified by the regulator, include:

  1. Scam strategy and governance: ASIC found that banks’ overall approach to scams strategy and governance was ‘variable and overall less mature than expected.’ To strengthen banks’ overall approach, ASIC suggests that banks should have a bank-wide, documented scams strategy in place, provide regular reporting to the board and senior management on a ‘broad range’ of scam-related matters, and undertake regular reviews of scam prevention, detection, and response activities to ensure their ongoing effectiveness.
  2. Scam prevention: The report found that there was a great deal of variability in the steps being undertaken by the banks to help prevent their customers from becoming the victim of a scam. Improvement opportunities identified include implementing a continuous improvement approach to scam awareness activities, monitoring the effectiveness of deliberately introduced points of ‘friction’ in the payments process, protecting against scammers impersonating banks, and implementing ‘innovative’ scam prevention measures.
  3. How banks detect and stop scam payments: The report concludes that banks are detecting and stopping a low proportion of scam payments, and that the capability to detect and stop scam transactions varies both across and within banks. To improve detection and stopping of scam payments, ASIC suggests that banks should have capabilities implemented across all payment types and channels that allow them to detect, hold, and assess potential scam transactions.

ASIC’s report emphasises the importance of a robust, comprehensive, and innovative approach to scam prevention, detection, and response for banks and other organisations.

By implementing the suggested improvement opportunities, banks can better protect their customers from the financial losses associated with scams.