The first compliance reports (for the period from 13 December 2006 to 31 December 2007) are due by Monday 31 March.
These reports are mandatory and will be important guidance for Austrac on the success of its education program and to identify compliance difficulties.
In his address to the Australian Bankers’ Association Anti-Money Laundering Forum (text) (pdf) (slides) (pdf) on 14 March the Acting Austrac CEO discussed the issue of backcapture of customer identification:
Some entities have indicated that they were not fully compliant with the ‘know your customer’ (KYC) provisions as at 12 December 2007, but advise that they will be fully compliant at some future date prior to expiry of the 15-month period – i.e. prior to 12 March 2009.
So an important issue that has arisen in this context, is to clarify a reporting entity’s obligation, in respect of the capture of know your customer (KYC) information for new customers who are provided with a designated service after 12 December 2007, but before the reporting entity has reached full compliance.
Our response has been to remind reporting entities that the Minister’s Policy Principles do not alter the commencement dates that were within the AML/CTF Act itself. The Act sets down the legal requirements, which include that all new customers were to be identified in accordance with the AML/CTF Act provisions from 12 December 2007. To avoid the possibility of enforcement action – including civil penalty orders, a reporting entity must by 12 March 2009, at the very latest, have undertaken KYC procedures on all customers for which there is a legal requirement from 12 December 2007. This applies regardless of the date during the 15-month period at which the reporting entity reaches full compliance. This means that the reporting entity which is delayed in achieving compliance, will need to backdate its data capture for these new customers to cover the period from 12 December 2007 to the date that full compliance is achieved.
However, he observed that:
AUSTRAC has advised reporting entities that are concerned with our approach to backcapture, that it is open for them to make confidential and case-by-case submissions on alternative approaches, that the entity may consider are practical and cognisant of their commercial circumstances, and which would be acceptable to AUSTRAC in terms of reasonable steps to meet compliance…
should an entity elect to continue customer identification that is based on systems and processes applicable prior to the AML/CTF Act coming into effect, then we would generally take the view that reasonable steps had been taken. Though the previous system for customer identification under the Financial Transaction Reports Act 1988 is limited to ‘account-based customers’, if these processes were also applied to customers seeking other designated services under the AML/CTF Act, then we would also generally take the view that in those circumstances, reasonable steps had been taken.
Complying businesses will already be looking ahead to 12 December 2008
when the final obligations covering ongoing customer due diligence and
the new reporting requirements on suspicious matters, international
funds transfer instructions and threshold transactions come into force.