The AML/CTF Act - what does it mean for me?
The Australian anti-money laundering regime under the Anti-Money Laundering and Counter-Terrorism Financing Act 2006 (Cth) (AML/CTF Act) is unique and highly complex. But what does it mean for you, and for the day to day operation of your business?
In this article, we examine a core concept of the AML/CTF Act: Know Your Customer (KYC) and identity verification. Not only will we address some of your requirements and obligations under the AML/CTF Act, we will also show that by adopting the right controls, you can achieve practical effectiveness of technical AML/CTF requirements in your business.
What is the AML/CTF Act about?
The AML/CTF Act imposes a number of obligations on reporting entities when they provide designated services. These include obligations with respect to customer identification and verification of identity, record keeping, establishing and maintaining an AML/CTF program, and ongoing customer due diligence and reporting.
The AML/CTF Act covers the financial sector, gambling sector, bullion dealers and other professionals or businesses (‘reporting entities’) that provide particular ‘designated services’ and it is relevant to mortgage brokers. Additionally, lenders are reporting entities and pass on their regulatory requirements under the AML/CTF Act to Connective to perform on their behalf.
Identify verification – what’s all the fuss about?
Identity verification is a fundamental part of any credit application process. A first step in assessing the eligibility of an individual for credit is to establish the identity of that individual. When you submit a deal to a lender, you must be reasonably satisfied that an individual customer is who they claim to be and that you understand the customer’s financial activities. For a non-individual customer, you must satisfy yourself that the customer exists and their beneficial ownership details are known.
What should I be doing?
Identity verification is about knowing your customer. By knowing your customers you should be better able to identify and mitigate AML/CTF risks, particularly where the activity or transactions are unusual or uncharacteristic.
A simple way to ensure you are meeting minimum requirements is to put in place a Know Your Customer (KYC) Policy. The basic objective of a KYC policy is to obtain an understanding of the risk a customer poses to your business. Essentially, a KYC policy is about:
- Ensuring that only legitimate customers are accepted
- Identifying customers to understand the potential risks they may pose
- Verifying the identity of customers using reliable and independent documentation
- Sighting original customer identification
- Sighting original supporting documents
- Implementing processes to effectively manage the risks posed by customers trying to misuse facilities
- Conducting ongoing customer due diligence, particularly where you consider that customer relationships may be high-risk.
Customer Identification – what identification should I be asking for?
It is important that clients provide you with clear and current identification. The identification provided should include one form of current photo identification (Driver’s License or Passport) and other supporting identification, such as a bank card, Medicare card, birth certificate, citizenship certificate, or recent utility bills.
Customer verification – checking that customer identification is accurate.
Merely collecting customer information is not enough to satisfy the requirements under the AML/CTF Act. It is essential for you to cross check and verify your customers and their identification. Verification is the process that you use to confirm that the customer information provided by, or about, a customer is accurate. It is also important to remember that customer identification and verification requirements will differ depending on whether the customer is a:
- individual (including beneficial owners)