Building a compliant AML/CTF program requires a comprehensive set of documents. Here's what AUSTRAC expects to see if they audit your business.
The Core 13 Documents
1. AML/CTF Program (Part A) Your overarching compliance framework. This document describes your business's approach to identifying, mitigating, and managing money laundering and terrorism financing risks. It must be tailored to your specific business activities, customers, and risk profile.
2. AML/CTF Program (Part B) — Customer Identification Detailed procedures for verifying customer identity before providing designated services. Must cover individuals, companies, trusts, partnerships, and foreign entities. Includes acceptable identification documents and verification methods.
3. ML/TF Risk Assessment A systematic evaluation of the money laundering and terrorism financing risks your business faces. Considers your customer types, services, delivery channels, geographic factors, and transaction patterns.
4. Customer Due Diligence (CDD) Procedures Step-by-step processes for conducting customer due diligence at onboarding and throughout the relationship. Includes standard, simplified, and enhanced due diligence triggers.
5. Enhanced Customer Due Diligence (ECDD) Procedures Additional measures for high-risk customers, including PEPs (Politically Exposed Persons), customers from high-risk jurisdictions, complex ownership structures, and unusual transactions.
6. Suspicious Matter Reporting (SMR) Procedures Procedures for identifying, escalating, and reporting suspicious matters to AUSTRAC within the required timeframes (24 hours for terrorism-related, 3 business days for other matters).
7. Threshold Transaction Reporting (TTR) Procedures Processes for reporting cash transactions of $10,000 or more (or foreign currency equivalent) to AUSTRAC within 10 business days.
8. Record-Keeping Policy Document retention procedures ensuring all customer identification records, transaction records, and compliance documentation are retained for at least 7 years.
9. Employee Training Program A structured training program ensuring all staff understand their AML/CTF obligations, can identify suspicious activity, and know how to escalate concerns.
10. Compliance Officer Role Description Formal appointment of a compliance officer with appropriate seniority, authority, and resources to oversee the AML/CTF program.
11. Independent Review Framework Procedures for conducting regular independent reviews of your AML/CTF program to ensure it remains current and effective. Reviews should occur at least every two years.
12. Sanctions & PEP Screening Procedures Processes for screening customers against sanctions lists (DFAT, UN, EU, OFAC) and identifying PEPs, including ongoing monitoring.
13. Correspondent Banking / Third-Party Due Diligence Procedures for assessing and managing risks associated with third-party relationships and correspondent banking arrangements (where applicable).
Key Principles
All documents must be: - Tailored to your specific business, not generic templates - Current and regularly reviewed - Approved by senior management - Accessible to all relevant staff - Tested through regular compliance reviews