[fusion_builder_container type=”flex” hundred_percent=”no” equal_height_columns=”no” hide_on_mobile=”small-visibility,medium-visibility,large-visibility” background_position=”center center” background_repeat=”no-repeat” fade=”no” background_parallax=”none” parallax_speed=”0.3″ video_aspect_ratio=”16:9″ video_loop=”yes” video_mute=”yes” border_style=”solid” padding_left=”0px” padding_right=”1px”][fusion_builder_row][fusion_builder_column type=”1_1″ layout=”1_1″ align_self=”auto” content_layout=”column” align_content=”flex-start” valign_content=”flex-start” content_wrap=”wrap” spacing=”yes” center_content=”no” column_tag=”div” target=”_self” hide_on_mobile=”small-visibility,medium-visibility,large-visibility” sticky_display=”normal,sticky” order_medium=”0″ order_small=”0″ margin_top=”0px” margin_bottom=”0px” hover_type=”none” border_style=”solid” box_shadow=”no” box_shadow_blur=”0″ box_shadow_spread=”0″ z_index_subgroup=”regular” background_type=”single” gradient_start_position=”0″ gradient_end_position=”100″ gradient_type=”linear” radial_direction=”center center” linear_angle=”180″ lazy_load=”avada” background_position=”left top” background_repeat=”no-repeat” background_blend_mode=”overlay” sticky=”off” sticky_devices=”small-visibility,medium-visibility,large-visibility” absolute=”off” filter_type=”regular” filter_hover_element=”self” filter_hue=”0″ filter_saturation=”100″ filter_brightness=”100″ filter_contrast=”100″ filter_invert=”0″ filter_sepia=”0″ filter_opacity=”100″ filter_blur=”0″ filter_hue_hover=”0″ filter_saturation_hover=”100″ filter_brightness_hover=”100″ filter_contrast_hover=”100″ filter_invert_hover=”0″ filter_sepia_hover=”0″ filter_opacity_hover=”100″ filter_blur_hover=”0″ transform_type=”regular” transform_hover_element=”self” transform_scale_x=”1″ transform_scale_y=”1″ transform_translate_x=”0″ transform_translate_y=”0″ transform_rotate=”0″ transform_skew_x=”0″ transform_skew_y=”0″ transform_scale_x_hover=”1″ transform_scale_y_hover=”1″ transform_translate_x_hover=”0″ transform_translate_y_hover=”0″ transform_rotate_hover=”0″ transform_skew_x_hover=”0″ transform_skew_y_hover=”0″ transition_duration=”300″ transition_easing=”ease” animation_direction=”left” animation_speed=”0.3″ animation_delay=”0″ last=”true” border_position=”all” first=”true”][fusion_text content_alignment=”justify” hide_on_mobile=”small-visibility,medium-visibility,large-visibility” sticky_display=”normal,sticky” animation_direction=”left” animation_speed=”0.3″ animation_delay=”0″]
AUSTRAC Focussing on Crypto ATM Operator AML/CTF Compliance
INTRODUCTION
In December 2024, AUSTRAC (the regulator of Digital Currency Exchanges and Remittance Service Providers such as Crypto ATM providers) confirmed by press release that it will “crack down on Cyrpto ATM providers in Australia who don’t comply with the Country’s anti-money laundering regime” and made statements to the effect that “crypto ATMS who were found flouting the anti-money laundering laws would be subject to financial penalties”.
And so it should.
Recognising Crypto as a legitimate financial system, requires it to be held to the same standards as other financial systems. AUSTRAC has previously cracked down on other parts of the Australian financial system including Australian Banks, Bookmakers, Casinos and Online Betting entities. And AUSTRAC has in the past imposed individual fines as much as the $1.3 billion fine imposed on Westpac for AML/CTF breaches in 2020.
As Crypto ATMs (AUSTRAC refers to them as “CATMs”) accept cash payments for conversion to the major cryptocurrencies, they are an easy target for washing illegally gained monies, converting cash into cryptocurrencies like bitcoin that can be transferred to anywhere in the world in less than 10 minutes, or a means of collecting payments of cash under scams. Whilst the figures suggest that globally only about 1% of all money laundering is carried out with crypto and 99% by way of fiat currencies, any increase in impropriety by use of crypto will only slow down the adoption of a crypto financial system.
IT STARTED WITH FIAT
It is a good thing that AUSTRAC is not shy of taking pecuniary action for failure to meet AML/CTF requirements.
As examples (there are more):
- Between 2017 and 2020, AUSTRAC cracked down on the Australian banks resulting in the Commonwealth Bank paying a A$700 million settlement and Westpac paying a A$1.3 billion civil penalty to AUSTRAC for AML/CTF breaches.
- In 2022/2023, AUSTRAC undertook a supervisory campaign of entities within the corporate bookmaker sector particularly online gambling.
- On 11 July 2023 on AUSTRAC’s instigation, the Federal Court of Australia ordered Crown Casinos to pay the $450 million penalty for breaches of its AML/CTF obligations.
Currently, AUSTRAC has applications for civil penalties against:
- The currently embattled Star Entertainment Group in 2024, for A$150 million in fines and penalties.
- Entain Group (Ladbrokes, Neds and other online betting brands) for “alleged serious and systemic non-compliance with Australia’s AML/CTF laws”.
IS IT BECOMING PERSONAL?
On 6 December 2024, an AUSTRAC instigated investigation resulted in two men being sentenced to jail for laundering more than $63 million using fiat currency ATMs in Melbourne. One laundered close to $33.7 million in cash, while the second dealt with just over $30 million. They were sentenced to five-and-a-half years and three-and-a-half year’s imprisonment respectively.
It is open for AUSTRAC, ASIC and the Federal Police to take criminal and civil action against Directors and Officers of CATM Operators (Operators). However, whilst AUSTRAC Investigations have been undertaken against Directors and Officers in the past, no personal prosecutions have resulted. The standards required for AUSTRAC to act against Directors and Officers is high, in that AUSTRAC would need to be satisfied that the person has enabled ML/CTF “intentionally, negligently or recklessly”. But ASIC has been doing prosecuting Directors and Officers for years applying a similar standard to Corporations Act breaches.
AML/CTF REGULATORY REQUIREMENTS
Operators must be registered with AUSTRAC. To do so, they must have an Anti-Money Laundering and Counter Terrorism Funding (AML/CTF) Policy approved by AUSTRAC, a registered Compliance Officer who is personally responsible for compliance with AUSTRAC requirements and its AML/CTF Policy, and an online registration with AUSTRAC to meet their reporting requirements.
Reporting requirements particularly involve the Compliance Officer lodging Suspicious Matter Reports (SMRs) within 24 hours if the suspicion relates to terrorism financing and 3 business days if the suspicion related to money laundering.
AUSTRAC Current Actions
The crackdown on CATMs follows extensive investigations since August 2023.
In October/November 2024, AUSTRAC formed an internal Task Force to investigate and close off AML/CTF leakages through CATMs.
In December 2024, AUSTRAC issued subpoena type s167 Notices to every Operator seeking documents and information on all past activities and current compliance.
The Task Force is also:
- Meeting regularly with Operators to ensure they are aware of their KYC/KYB and AML/CTF obligations and have effective compliance processes in place.
- Updating and encouraging Compliance Officers and other company officers to undergo AUSTRAC’s web based training programs.
- Issuing proposed amendments to previously approved AML/CTF programs and proposing new legislation to enhance AML/CTF programs and compliance.
- Considering taking enforcement action against current Crypto Kiosk operators who have enabled and/or underreported AML/CTF activity.
The Task Force has recently issued to all Operators, a set of draft conditions to apply likely from early March 2025. These include documented, automated systems that ensure:
- Customers cannot purchase more than A$10,000 in crypto in any single transaction.
- Customers cannot withdraw more than $2,500 in cash from any one Operator’s CATMs in relation to a single transaction or over more than one transaction conducted in any 24 hour period.
- Operators must complete enhanced customer due diligence (ECDD) on any customers who deposit greater than A$50,000 in any seven day period, or if the customer is 55 years or older.
- Operators must not allow the sale or purchase of cryptocurrencies that provide enhanced anonymity by obscuring the amount, destination or origin of transaction.
- Operators must collect occupation details of its customers before allowing transactions.
- Operators must take reasonable measures to identify the source of wealth and source of funds for ECDD customers.
- Operators must have the capability to conduct both off-chain and on-chain monitoring of its customers’ transactions including the capability to conduct analysis of digital currency wallets and to identify known adverse wallets.
- Operators must prior to executing a deposit transaction, screen the destination wallet for known AML/CTF or other serious crime exposure.
- CATMs must have warnings displayed in its user interface, prior to accepting any funds, notifying customers of the risks relating to CATM involvement in romance, payment, impersonation and other common types of scams.
- Operators must not allow new customers to transact through its CATMs until 24 hours after Operator has completed that customer’s applicable customer identification procedures.
ACTION TO TAKE NOW
On our best read of where matters are heading, highest calibre compliance will include:
- Day to day control of and responsibility for compliance being located in Australia and not overseas.
- Operators having 2-3 Australians in C-Suite positions.
- That the C-Suite officers and the Compliance Officer are people who have reputations of being highly ethical.
- Potentially, updates of current AML/CTF programs that ensure pragmatic and effective compliance monitoring systems.
CONCLUSION
CATM Operators might like to run their own compliance audit to ensure their systems and processes are in line with their AUSTRAC obligations.
The concept of Blockchain is to create a financial system that is transparent to everyone and can be trusted by everyone, more than our current fiat financial system. That trust will only be established and maintained as long as regulatory requirements are upheld to a high standard by all participants in the Australian crypto industry.
Darren Fooks is the Leader of the Corporate and Commercial Group of Salerno Law, specialising in all aspects of Digital Assets. Darren is also a Founder and Director of CoinSafe Limited, an Australia-based company with bitcoin mining businesses around the world.
Author Darren Fooks