top of page
FAQ Penalties & Enforcement_1920x800px.jpg

FAQs - AML Penalties & Enforcement

What are the penalties for non-compliance of AML/CTF laws? 

If your firm does not meet its obligations under the Anti‑Money Laundering and Counter‑Terrorism Financing Act 2006 (“AML/CTF Act”) then AUSTRAC can take enforcement action. 

This can include civil penalty orders, infringement notices, remedial directions or enforceable undertakings.

For example:

  • Civil penalties for corporations have been up to around A$33 million per breach (based on 100,000 penalty units) under current guidance.

  • The “tipping-off” offence (where someone discloses that a report has been made or is being made) carries a possible penalty of up to 2 years imprisonment or 120 penalty units (or both).

 

So, even if you’re a small firm, non-compliance should not be treated lightly, your obligations, once in scope, bring real risk.

Has anyone in Australia been fined for AML/CTF breaches?

Yes. There have been significant enforcement actions. For example:

  • Westpac Banking Corporation was ordered to pay a civil penalty of A$1.3 billion after admitting breaches of the AML/CTF Act.

  • Others include Commonwealth Bank of Australia (penalty about A$700 million) and Tabcorp Holdings Ltd (about A$45 million) in earlier years.

 

These are large cases, often in the financial or gambling sectors. They show the seriousness of enforcement. While your small firm may not be in exactly the same situation, the same legislation applies once you’re in scope.

Will AUSTRAC inspect my law firm? 

Yes. AUSTRAC has the power to inspect or audit firms that are reporting entities under the AML/CTF Act or will become reporting entities under the upcoming reforms. They can issue notices requiring information, documents or copies of documents.

So even if you think you’re small and just starting out, the takeaway is: assume you may be subject to review, and prepare your systems accordingly (in particular your AML/CTF Program, records, training, risk assessment).

What happens during an AUSTRAC audit? 

An audit or inspection by AUSTRAC may include:

  • A request or notice for your AML/CTF Program and all supporting documentation (risk assessment, policies, procedures, training records).

  • Review of whether you’ve done what you said you’d do: e.g. client due diligence (CDD/ECDD), ongoing monitoring, suspicious matter reporting, record-keeping.

  • Evaluation of whether your program is operating effectively (not just theoretically). Commentators highlight that design + operational effectiveness will be inspected.

  • If deficiencies are found, you may receive a remedial direction (you must fix what’s wrong), an enforceable undertaking, or further enforcement action (civil penalties, etc).

 

It’s therefore wise to treat the audit possibility as a trigger to get your house in order now,  especially ahead of the reforms that will bring more firms into scope.

 

Please DO NOT wait 3 years from 1 July 2026 to do your independent evaluation. There might be a shortage of independent evaluators and AUSTRAC won’t accept this in mitigation. They’ll expect your firm to have prepared and planned for their inspection well in advance. 

Need Answers to More Questions?

Need Experts on Your Side?

Get in touch with our experts today to find out how we can help you.

bottom of page