Nicole Rose, CEO of AUSTRAC, spoke yesterday at the 2018 AFR Banking & Wealth Summit, about the need for data and self-reporting obligations in Australia’s Anti-Money Laundering and Counter Terrorism Financing (AML CTF) Laws. Her speech provided us with some interesting food for thought regarding the future of AML CTF compliance in Australia, and prompted us to ask some further questions about the possible impacts, and potential conundrums facing reporting entities.
The effect of a new CEO
We have previously commented on the appointment of Nicole Rose, who is ex Australian Federal Police (AFP), as a continuation of the regulator’s preference for law enforcement experience as the primary criterion for selection of an AUSTRAC CEO. As it turned out, Ms Rose specifically referred to this, commenting on the Government’s choice of a ‘law-enforcer’ in that position, and reflecting that Money Laundering and Terrorism Financing continue to be a significant threat in Australia. The role of AUSTRAC as a federal intelligence and crime fighting agency is also apparent looking at the difference between the government’s intention when structuring AUSTRAC as compared to prudential or conduct regulators such as APRA and ASIC. In particular, AUSTRAC has been brought under the ‘home affairs’ portfolio recently, which encompasses AUSTRAC, the AFP, ASIO, Australian Border Force and the Australian Criminal Intelligence Commission, it is also a member of the Australian Intelligence Community. It is apparent to us that AUSTRAC will continue to be an active regulator, with a focus on law enforcement as its first priority.
Call for ‘partnerships’
It is clear that AUSTRAC is keen to be a ‘partner’ with financial services providers. Ms Rose pointed out that AUSTRAC only has around 300 employees so relies on data coming in from its partners, particularly in the financial services sector. In particular Ms Rose made statements to the effect that to fight financial crime there needs to be an ‘open and honest relationship’ between financial services and AUSTRAC, and that this does have risks, including litigation, but the risk of financial crime to Australia is much higher. While this should be a relationship of trust, the regulator is prepared to act if it perceives that industry may have betrayed that trust. Ms Rose mentioned that there will be some changes in legislation and policy to support AUSTRAC to move beyond the traditional regulator-industry relationship, including changes to self-reporting and data sharing (we had expected that a requirement to self-report breaches might be in the pipeline, given the 2017 reporting requirement was waived).
After this was discussed, a question was asked about whether AUSTRAC would be expanding the protections provided to its partners engaging in this kind of information sharing. Ms Rose acknowledged that this was a ‘live issue’ and that AUSTRAC is considering how the legislation could be changed to allow financial services partners to report and share information, particularly in relation to reporting of suspicious matters. We will be watching this closely with a view to providing further comments on the practicalities of any new obligations and associated protections that are suggested.