Will Your AML/CTF Compliance Officer Meet AUSTRAC’s High Standards? By Jenny Willcocks | February 2008 Area of Expertise | Superannuation & Financial Services
Summary On 19 December 2007 AUSTRAC released a draft guidance note on the role of an AML/CTF compliance officer (the draft Guidance Note). The appointment of an AML/CTF compliance officer is a requirement under Part A of the AML/CTF Compliance Program (Program) and applies from 12 December 2007. This draft Guidance Note is the first detailed indication of how AUSTRAC regards this role and what it will look for when conducting an audit. It is clear that AUSTRAC sees this role as significant and pivotal to a reporting entity’s approach to compliance and not one that can be taken on by a junior member of staff or a person lacking the skills and expertise required.
Who Does This Impact? Organisations that are reporting entities under the AML/CTF Act.
What Action Should Be Taken? If an AML/CTF compliance officer has not been appointed this should be done as soon as possible. A review of the role for those already appointed against the requirements of the Guidance Note would be prudent.
On 19 December 2007 AUSTRAC released a draft Guidance Note on the role of an AML/CTF compliance officer (the draft Guidance Note). Part 8.5 of the Anti-Money Laundering and Counter-Terrorism Financing Rules Instrument 2007 (No. 1) (the Rules) requires a reporting entity to designate under Part A of its AML/CTF compliance program (Program) a person to be its AML/CTF compliance officer and for that person to be at “management level”. Additional information concerning this requirement is provided in the AUSTRAC Guidance Note – Risk Management and AML/CTF Programs and indicates that an AML/CTF compliance officer should: •
be independent;
•
have appropriate seniority;
•
be accountable;
•
have appropriate reporting lines;
•
have access to the executive and Board of the reporting entity; and
•
possess the relevant skills and experience of the position.1
The draft Guidance Note provides additional information to assist reporting entities to identify the duties to be undertaken by an AML/CTF compliance officer and the qualities and experience needed to perform those duties.
1
T U R K S L E G AL
TU R K A L E R T
Will Your AML/CTF Compliance Officer Meet AUSTRAC’s High Standards? by Jenny Willcocks
Meaning of “Management Level” The draft Guidance Note indicates that although the Rules require the AML/CTF compliance officer to be at “management level”, based on the different sizes, complexity and nature of the businesses subject to the Anti-Money Laundering and Counter-Terrorism Financing Act 2006 (AML/CTF Act), the term “management level” can be given a broad interpretation to mean the person responsible for handling the direction or control of compliance with the AML/CTF Act its regulations and Rules (the AML/CTF Legislation) within a particular reporting entity. This broad interpretation provides some flexibility particularly for reporting entities which are small businesses.2 The draft Guidance Note confirms the attributes outlined in AUSTRAC Guidance Note – Risk Management and AML/CTF Programs referred to above, and indicates that the need to possess relevant skills and experience includes knowledge of the business of the reporting entity as well as the requirements of the AML/CTF Legislation.
Authority and Resources The draft Guidance Note emphasises the need to ensure that the AML/CTF compliance officer has the necessary authority and resources to discharge their responsibilities. This should include access to: •
all relevant areas of the reporting entity’s operations; and
•
relevant staff at all levels,
and the power to take corrective action where necessary.3
Designated Business Groups An AML/CTF compliance officer cannot perform the role for more than one reporting entity unless the entities are operating as a designated business group. Consequently, a group of companies that are reporting entities who have not established a designated business group have to appoint a separate AML/CTF compliance officer for each reporting entity. Reporting entities operating under a designated business group can have an AML/CTF compliance officer appointed from one of the members of that group to represent the whole group. The AML/CTF compliance officer may also act as the Nominated Contact Officer for the designated business group.
What Will AUSTRAC Consider When Conducting a Compliance Audit? The draft Guidance Note indicates that a compliance audit by AUSTRAC will look at the overall internal systems and controls of the reporting entity, including:
2
•
whether there has been an appropriate appointment of an AML/CTF compliance officer;
•
the effectiveness of that AML/CTF officer in fulfilling his or her responsibilities under the Program or other documentation of the reporting entity;
T U R K S L E G AL
TU R K A L E R T
Will Your AML/CTF Compliance Officer Meet AUSTRAC’s High Standards? by Jenny Willcocks
•
how the AML/CTF compliance officer contributes to identifying, mitigating and managing money laundering and terrorism financing risks that the relevant reporting entity may reasonably face.
What are the Duties of an AML/CTF Compliance Officer? The Rules do not provide detailed information on the duties of an AML/CTF compliance officer. The draft Guidance note sets out examples of what AUSTRAC considers appropriate duties to be performed by an AML/CTF compliance officer.4 These duties are very comprehensive and reflect the fact that those performing this role must possess a high level of expertise and be prepared to accept considerable responsibility. Details are set out in paragraph 4.1 of the draft Guidance Note and include the following: •
Subject to the on-going oversight of the Board and senior management, ensure ongoing compliance with the AML/CTF legislation, including: • • • • •
•
Acting as contact officer for AUSTRAC including reporting on: • • • • • •
•
AML/CTF Risk awareness training for staff; employee due diligence program; liaising with Board and or senior management on AML/CTF issues; arranging independent reviews of Part A of the Program; and dealing with AUSTRAC feedback.
suspicious matters; international fund transfer instructions; threshold transactions; urgent reporting; compliance audits; or requests for information or documents.
Contributing to design, implementation and maintenance of internal AML/CTF compliance manuals, policies, procedures and systems including where applicable: • • • • • • • •
procedures for approving new designated services or delivery channels; measuring AML/CTF compliance and rewarding where appropriate through performance reviews; process to allow staff to report breaches of the Program on a confidential basis to the AML/CTF compliance officer or to an alternative person where the AML/CTF compliance officer is involved in the breach; keeping the Board, senior management and staff up to date on money laundering and terrorism financing risks specific to the reporting entity, and changes and developments relating to Anti-Money Laundering and Counter-Terrorism Financing; taking a leadership role and developing a compliance culture within the reporting entity; conducting initial due diligence, and ongoing evaluation, of compliance by third party service providers involved in delivery of the designated services; act as Nominated Contact Officer if the reporting entity is part of a designated business group; maintain records as required by Part 10 of the AML/CTF Act.
The above provides guidance on what should be included in the job description of an AML/CTF compliance officer. Any person accepting this role must be made aware of his or her duties and the proper performance of those duties should form part of the performance review
3
T U R K S L E G AL
TURKALERT
Will Your AML/CTF Compliance Officer Meet AUSTRAC’s High Standards? by Jenny Willcocks
of that employee or independent contractor.
Who can be an AML/CTF Compliance Officer? While the AML/CTF compliance manager must be at “management level” there is nothing in the AML/CTF Legislation requiring them to be an employee of the reporting entity. Therefore it is possible for the AML/CTF compliance officer to be an independent contractor if they are able to meet the broad requirements specified by the Rules. While possible it is not necessarily desirable. The draft Guidance Note makes it clear that AUSTRAC prefers an employee in this role rather than an independent contractor. This is because an employee has a connection with the reporting entity, while an independent contractor will not have such a close relationship.5 However, the draft Guidance Note suggests that there may be circumstances where the appointment of an independent contractor may be appropriate such as where there is an actual or perceived conflict of interest which could be overcome by appointing a person outside of the reporting entity. The draft Guidance Note draws attention to the requirements of section 123 of the AML/CTF Act dealing with the tipping-off offence and how it would relate to an independent contractor acting as an AML/CTF compliance officer. Section 123 provides that where a suspicious matter reporting obligation arises and the reporting entity has communicated information to AUSTRAC it must not disclose to someone other than AUSTRAC the information that has been communicated. Therefore, in appointing an independent contractor, a reporting entity would have to consider potential breaches of confidentiality including commission of a tipping-off offence by the independent contractor for which the reporting entity would be held liable.
Penalties A breach of the obligation under Sections 81 and 82 of the AML/CTF Act to maintain a Program, including the appointment of an AML/CTF compliance officer under Part A, will give rise to a civil penalty.
Conclusion It is important for a reporting entity to recognise the importance of the role of its AML/CTF compliance officer and the need to appoint a person with the appropriate experience, skills and seniority within the organisation to satisfy the requirements of the AML/CTF Legislation. This is not a role that can be delegated to a junior member of staff. An AML/CTF compliance officer can perform other duties but must have the capacity and resources to be able to give an “appropriate level of attention” to this role. While the draft Guidance Note is not legally binding it gives a clear insight into AUSTRAC’s approach to this area of compliance with the AML/CTF legislation. It provides guidance for reporting entities to assist them in:
4
•
selecting an appropriate person to take on this role;
•
identifying the duties to be performed;
•
determining how the AML/CTF compliance officer should interact with the board, senior management, staff and external service providers; and
T U R K S L E G AL
TURKALERT
Will Your AML/CTF Compliance Officer Meet AUSTRAC’s High Standards? by Jenny Willcocks
•
the role of the AML/CTF compliance officer in acting as a liaison officer between the reporting entity and AUSTRAC.
These Guidance Notes are still in draft form and therefore subject to change. However, as the requirement to appoint an AML/CTF compliance officer came into operation on 12 December 2007 they provide a timely indication of AUSTRAC’s approach to this aspect of compliance.
Endnotes 1
Paragraph 8.3 AUSTRAC Guidance Note – Risk Management and AML/CTF programs Paragraph 3.1 draft Guidance Note 3 Paragraph 3.3 draft Guidance Note 4 Paragraph 4.1 of the draft Guidance Note 5 Paragraph 5.2 of the draft Guidance Note. 2
Turkslegal can provide assistance with all aspects of compliance with the AML/CTF Legislation including review of Programs, developing employee due diligence policies and risk awareness training programs. All enquiries should be directed to Jenny Willcocks, Partner on 03 8600 5001 or at jenny.willcocks@turkslegal.com.au.
For more information, please contact: Jenny Willcocks Partner T: 03 8600 5001 jenny.willcocks@turkslegal.com.au
Sydney | Level 29, Angel Place, 123 Pitt Street, Sydney, NSW 2000 | T: 02 8257 5700 | F: 02 9239 0922 Melbourne | Level 10 (North Tower) 459 Collins Street , Melbourne, VIC 3000 | T: 03 8600 5000 | F: 03 8600 5099 Business & Property | Commercial Disputes | Insurance & Financial Services | Workers Compensation | Workplace Relations
www.turkslegal.com.au This Tur kAler t is cur rent at i t s d ate o f p u b l i c at i o n . Wh i l e eve r y c a re h a s b e e n t a k e n i n t h e p re p a rat i o n o f t h i s Tu r k Aler t it do es not constitute legal advice a n d s h o u l d n o t b e re l i e d u p o n fo r t h i s p u r p o s e. Sp e c i f i c l e g a l a dv i ce s h o u l d b e s o u g ht o n p ar ticular matters. Tur ksLegal do es not ac ce p t re s p o n s i b i l i t y fo r a ny e r ro r s i n o r o m i s s i o n s f ro m t h i s Tu r k Al e r t . Th i s Tu r k Al e r t i s co py r i ght and no par t may b e repro duced in a ny fo r m w i t h o u t t h e p e r m i s s i o n o f Tu r k s Le g a l . Fo r a ny e n q u i r i e s, p l e a s e co nt a c t t h e a u t h o r o f this Tur kAler t.