New draft AML/CTF rules: what fund managers need to know
Fund managers, product issuers, and trustees of funds have been regulated by the Australian anti-money laundering and counter-terrorism financing (AML/CTF) framework since its introduction in 2006. Now, sweeping reforms to this regime are set to shake-up the way fund managers comply with AML/CTF laws, which will likely require existing reporting entities to adopt new or amend existing AML/CTF programs, implement new Know Your Customer (KYC) procedures and revisit existing procedures for making reports to the Australian Transaction Reports and Analysis Centre (AUSTRAC).
This article highlights key changes proposed in the AML/CTF Rules which will affect entities within the funds management industry.
Background
AUSTRAC has published the second exposure draft of the Anti-Money Laundering and Counter-Terrorism Financing Rules 2025 (Cth) (Draft Rules), alongside a consultation paper explaining how amendments to the Anti-Money Laundering and Counter-Terrorism Financing Act 2006 (Cth) (AML/CTF Act) will affect existing reporting entities – including existing fund managers, product issuers and trustees of managed investment schemes. The Draft Rules will replace the current Anti-Money Laundering and Counter-Terrorism Financing Rules Instrument 2007 (No. 1) (Cth).
For a general update on changes to the Draft Rules following the first consultation, read our article New Draft Rules shake up AML/CTF regime. For an update on how the changes to the Draft Rules will affect virtual asset service providers, read our article What the new AML/CTF draft rules mean for virtual asset service providers.
Recap of Draft Rules
The Draft Rules support obligations imposed on reporting entities under the AML/CTF Act. These include:
- Obligations to conduct initial and ongoing customer due diligence.
- What reporting entities will need to have in their AML/CTF Programs, including new rules regarding customer due diligence, independent evaluations of programs, and the requirement to include an ML/TF risk assessment (which will require existing reporting entities to replace, or at least amend, their existing AML/CTF Programs).
- How groups of reporting entities are to be organised or formed for the purpose of compliance with the AML/CTF Act (to replace the existing concept of ‘designated business groups’).
- Details to be provided to AUSTRAC upon application for enrolment under the AML/CTF Act.
- Details to be provided to AUSTRAC as part of the lodgement of a suspicious matter report.
Funds industry: rules amended following first consultation
Some of the guidance AUSTRAC has published as part of this consultation process is of particular concern to existing reporting entities within the funds management industry. Areas of concern include:
Customer due diligence
Day 2 Pep checks
As part of the reform process, industry practice of conducting ‘Day 2 PEP checks’ is now codified within the AML/CTF Act and Rules. Standard KYC procedures require reporting entities to collect and verify KYC information about a customer, including whether the customer, its agent(s) or beneficial owners are ‘politically exposed persons’ (PEPs).
As part of the Draft Rules, AUSTRAC has included an exemption which would allow a reporting entity to commence providing a designated service to a customer without verifying the customer’s PEP status, so long as it has otherwise conducted all necessary KYC checks on the customer. Previous requirements in the first exposure draft of the Rules made reliance on Day 2 PEP checks unfeasible, including the requirement to obtain, prior to providing designated services:
- Senior management approval in respect of a customer’s PEP status.
- Source of wealth and funds information if the customer was a PEP.
The Draft Rules have solved this issue by amending the requirements to obtain senior management approval and source of wealth and fund information. These requirements now only apply if the reporting entity believes on reasonable grounds that a customer is a PEP. Where the reporting entity does not believe, on reasonable grounds, that the customer is a PEP, senior manager approval is not required, and source of wealth and fund information need not be obtained.
This opens Day 2 PEP checks to reporting entities who have no reason to believe on reasonable grounds that their customer is a PEP. For example, if in the process of applying for interests in a managed investment scheme (Fund), a customer certifies in the relevant application form that they are not a PEP, it is likely the trustee of the Fund could provide designated services to that customer without verifying the customer’s PEP status, so long as it conducted all other relevant KYC checks on the customer prior to providing any designated services. The customer’s PEP status could be verified after designated services were provided.
Other delayed verification exemptions - the identity of persons other than the customer
Outside of a customer’s PEP status, AUSTRAC is allowing delayed verification of other ‘KYC information’. KYC information includes information about a customer, but also the identity of persons other than the customer – for example, beneficial owners or beneficiaries of a trust.
This ‘delayed verification’ exemption would allow a reporting entity to provide designated services even if it has not verified KYC information on persons other than the customer, so long as it has conducted full KYC checks on information about the customer/s itself/themselves.
Subject to certain conditions, this means a reporting entity could provide designated services to a customer before it has verified details, such as:
- The identity of beneficiaries of the customer.
- The identity of the customer’s beneficial owners.
- Where the customer is a trustee of a trust - the kind of trust, full name of any settlor and the identity of any appointor of the trust.
- Where the customer is not an individual and there are no beneficial owners - the identity of the individual(s) responsible for the governance and executive decisions of the customer.
- Where the customer is a body corporate - the full name and director identification number of each eligible officer.
A reporting entity cannot fully rely on this ‘delayed verification’ exemption and the ‘Day 2 PEP check’ exemption. This is because this ‘delayed verification’ exemption requires the reporting entity to verify the customer’s PEP status.
Exemptions from obtaining beneficial ownership information
As part of these Draft Rules, AUSTRAC has introduced relief broader than the current simplified company and trustee verification procedures – allowing reporting entities to forego beneficial ownership checks for customers assessed as posing a low ML/TF risk. The exemption applies where:
- The reporting entity establishes a customer is, or is controlled by:
- A government body.
- An entity that is subject to oversight by a prudential, insurance, or investor protection regulator through registration or licensing requirements.
- A corporation or association of homeowners in a strata title or community title scheme.
- A listed public company subject to public disclosure requirements (however imposed) that ensure transparency regarding the identity of any beneficial owners.
- The ML/TF risk of the customer is low and none of the triggers for enhanced customer due diligence under section 32 of the amended AML/CTF Act apply.
This would exempt reporting entities from conducting beneficial ownership checks on any customer which holds an Australian financial services licence (AFSL), is subject to Australian Prudential Regulatory Authority (APRA) oversight, is a public listed company, or is a subsidiary of any of these entities.
It is currently unclear whether this exemption would apply to self-managed superannuation funds and early-stage venture capital limited partnerships/venture capital limited partnerships. We expect AUSTRAC will receive submissions in support of exempting these entities from having to undergo beneficial ownership checks.
AUSTRAC comments on designated services provided by investment managers (item 33 designated services)
As part of the first consultation paper for the AML/CTF Rules, the industry requested clarification from AUSTRAC as to whether an investment manager with authority to invest for an underlying fund could be treated as the ‘customer’ when requesting the provision of designated services in their capacity as investment manager. For example, an investment manager of a fund may apply for interests in a managed investment scheme, and in doing so would be requesting another trustee provide item 35 designated services.
Submissions stated that where the underlying fund is the ‘customer’ of the designated service, and the investment manager is the agent of the underlying fund, the investment manager encounters practical difficulties in providing relevant KYC information in respect of the underlying fund. These submissions pointed to jurisdictions, such as the United Kingdom, where the investment manager is treated as the ‘customer’ receiving the relevant service. Submissions requested similar treatment under the Australian AML/CTF Act and Rules.
In the second consultation paper for these Draft Rules, AUSTRAC responded and confirmed its expectation that in all instances both the investment manager and its underlying fund will need to be identified in accordance with standard KYC procedures, as follows:
- The ‘underlying fund’ (more specifically, its trustee) is the customer, whose identity must be established under both the AML/CTF Act and the Rules.
- The ‘investment manager’ is the agent, whose identity must be established pursuant to the provisions in the legislation and Rules requiring a reporting entity to establish the identity of agents of customers.
AUSTRAC notes that simplified customer due diligence may be able to be applied in these circumstances. We also note that both an investment manager and the trustee of an underlying fund may not need to undergo beneficial ownership checks, either because:
- Both the trustee of the underlying fund, and its investment manager, hold AFSLs.
- The trustee holds an AFSL and has appointed the investment manager as its corporate authorised representative.
Updates to the 'lead entity' definition
AUSTRAC has also responded to submissions from the first exposure draft Rules about how ‘reporting groups’ (replacing the current concept of ‘designated business groups’) are to be formed.
A ‘business group’ is defined in the AML/CTF Act as a group of two or more persons where one person in the group controls each other person in the group. A ‘reporting group’ is any business group where one of the entities in the group provides designated services. A reporting group will have a ‘lead entity’ that is responsible for oversight of the reporting group’s compliance with the AML/CTF Act and will itself be deemed a ‘reporting entity’ under the AML/CTF Act.
The Draft Rules now contain a new test that a ‘lead entity’ of a reporting group can be determined by agreement between the members, so long as that entity meets certain requirements (e.g. is not controlled by another member that provides designated services). This allows reporting entities and groups a degree of flexibility and discretion in determining which entity would be most appropriate to be the ‘lead entity’ and to oversee the group’s compliance with the AML/CTF Act.
AUSTRAC has stated they welcome further feedback in submissions regarding the applicability of the new test for determining a reporting group’s ‘lead entity’. We expect there to be a number of submissions about the ‘lead entity’ definition, which may include submissions on the following issues:
Whether it is appropriate for both business groups and reporting groups to be formed automatically based on the current definitions under the AML/CTF Act, given:
Large institutions, including financial services institutions, often operate through different business arms, which operate independently of each other, and which face different money laundering and terrorism financing risks, and in these circumstances, it may not be appropriate for a ‘reporting group’ to form automatically which covers all of the entities within different business arms.
More broadly, the organisational structure and treatment of entities within a corporate group may be inconsistent with the business/reporting groups that are formed automatically for the purposes of the AML/CTF Act.
Whether it is AUSTRAC’s intention that an offshore entity that directly controls a reporting entity (eg an offshore parent of a funds management group) is expected to enrol with AUSTRAC and to comply with AML/CTF obligations even if it does not otherwise conduct business in Australia.
A new home for AML/CTF exemptions
AUSTRAC will be separating the current AML/CTF Rules into two separate legislative instruments – the Draft Rules and the Class Exemption Rules. These Class Exemption Rules are carried over from the current exemptions from the Act, or certain provisions of the Act, in certain circumstances. AUSTRAC has carried over some existing exemptions into the Class Exemption Rules, including:
Current Chapter 21, which exempts the application of the AML/CTF Act where a person provides item 35 designated services (issuing or selling a security or derivative) on a financial market.
Current Chapter 47, which exempts the application of the AML/CTF Act where a person provides services to a risk-only life policy member of a superannuation fund under certain conditions.
It should also be noted that Chapter 36 (exempting the application of the AML/CTF Act), which applies where financial services are provided to a related body corporate, has not been carried into the Class Exemption Rules. However, the AML/CTF Act includes a provision with the same effect, where a service is deemed not to be a designated service if it is provided by a member of a business group to another member of the same group.
What should fund managers do now?
With these reforms approaching, fund managers should:
- Review current AML/CTF programs.
- Assess where delayed verification or beneficial ownership exemptions may apply.
- Prepare for operational changes to customer onboarding.
- Monitor AUSTRAC’s evolving guidance.
The HW Funds team can support you in reviewing your current practices and preparing for implementation. For tailored advice, contact us directly or explore our broader expertise in AML/CTF compliance here.
This article was prepared with the assistance of Roger Miyumo, Law Graduate.
Contacts