How will proposed reforms to Australia’s AML/CTF regime affect crypto, digital asset and remittance providers?

By John Bassilios and Max Ding

On 2 May 2024, the Commonwealth Attorney-General’s Department (Department) released a second series of consultation papers presenting detailed proposals for reforming Australia’s anti-money laundering and counter-terrorism financing (AML/CTF) regime.

Of the five consultation papers released, Paper 4: Further information for digital currency exchange providers (DCEPs), remittance service providers and financial institutions (Paper 4) is especially significant for the digital asset and remittance sector. Paper 4 builds on the first stage’s proposed crypto-specific amendments, which we unpacked in our previous article. We explore everything you need to know about Paper 4’s proposed reforms.

Overview

Broadly, Paper 4 proposes to:

  • expand the activities under which a digital asset service provider will be subject to AML/CTF obligations in Australia (Proposed Reform 1);
  • replace the current term ‘digital currency’ in the Anti-Money Laundering and Counter-Terrorism Financing Act (Cth) (AML/CTF Act) (Proposed Reform 2) with the terminology of ‘digital asset’;
  • ensure the integrity of remittance providers and digital asset service providers (Proposed Reform 3);
  • streamline the framework for regulating transfers of value across borders (Proposed Reform 4);
  • update and extend the travel rule obligations to digital assets (Proposed Reform 5); and
  • simplify reporting obligations on international funds transfer instructions (IFTIs) (Proposed Reform 6).

We discuss each of these proposed reforms below.

Proposed Reform 1: introducing additional categories of regulated digital asset services

The Department puts forward a number of ‘designated services’ to be amended or inserted into the AML/CTF Act. Currently, the AML/CTF Act only regulates the designated service of the exchange of digital currencies with fiat currencies, and vice versa. The Department proposes to introduce the following additional designated services applying to crypto and digital asset service providers:

Activity to be regulated
The Department’s proposed designated service definition
What you need to know
Exchanges between one or more forms of digital assets Exchanging, or making arrangements for the exchange of, one digital asset for another where the exchange is provided in the course of carrying on a digital asset business.

The customer is the person whose digital asset is exchanged.

This proposed designated service would apply to any digital asset service provider, regardless of the role they play in the process.

A digital asset service provider would not have to provide every element of the exchange to be captured by the regime.

Transfers of digital assets This reform proposal is discussed in more detail under the ‘Proposed Reform 4: streamlining value transfer service regulation’ heading below. This service is proposed to be captured in the streamlined value transfer services and would also require registration as a digital asset business.
Safekeeping and administration of digital assets Providing custodial services of a digital asset or a private key on behalf of a person, where the services are provided in the course of carrying on a digital asset business.

The customer is the person whose digital asset or private key is held in custody.

This proposed designated service is intended to apply to any entity that has custody over digital assets, including the ability to hold, trade, transfer or spend the digital asset on a customer’s behalf.

Custodial services could include persons having custody of, for example, a private key associated with another person’s digital asset, or smart contracts to which they are not a party.

Participation in and provision of financial services related to an issuer’s offer and/or sale of a digital asset Providing a financial service (defined as a designated service in Table 1 of the AML/CTF Act) relating to an issuer’s offer or sale of a digital asset, where the service is provided in the course of carrying on a digital asset business participating in the offer or sale.

The customer is defined in the relevant item in Table 1 of section 6 of the AML/CTF Act.

This service refers to those providing financial services in the context of initial coin offerings and similar arrangements, and would be limited to businesses participating in the issuer’s offer or sale of digital asset.
Proposed amendment to Item 50A of Table 1 in section 6 of the AML/CTF Act: Exchanging or making arrangements for the exchange of a digital asset for money (or vice versa) where the exchange is provided in the course of carrying on a digital asset business.

The customer is the person whose digital asset or money is exchanged.

The proposed change adopts minor additional wording to capture regulation of the participation in, and provision of, financial services related to an issuer’s offer and sale of a digital asset.

 

Under the proposals, if an entity provides any of the above designated services and the services have a geographical link to Australia, it will qualify as a reporting entity and have a range of AML/CTF obligations under the AML/CTF Act, including enrolling and registering with the Australian Transaction Reports and Analysis Centre (AUSTRAC) as a digital asset service provider.

Proposed Reform 2: replacing the terminology of ‘digital currency’ with ‘digital asset’ in the AML/CTF Act

The Department proposes to adopt the terminology of ‘digital asset’, ‘crypto asset’ or ‘virtual asset’ in place of the current term ‘digital currency’ in the AML/CTF Act. This will help address the current regulatory gaps by bringing in a broader range of digital assets within the AML/CTF regime, including a wider coverage of stablecoins and potentially non-fungible tokens.

Proposed Reform 3: ensuring the integrity of remittance providers and digital asset service providers

At present, AUSTRAC has no power to restrict or ban individuals from key personnel roles with remittance service providers or digital asset service providers, and these sectors are not subject to comprehensive fit-and-proper person regulation.

To address this regulatory gap, the Department proposes to empower the AUSTRAC CEO to prohibit a person from:

  • providing remittance services or digital asset services; or
  • controlling, or performing functions involved in carrying on, a remittance or digital asset service business (including as an officer, manager, employee, contractor or in some other capacity).

Alongside this, in making registration, suspension and cancellation of registration decisions, the AUSTRAC CEO would have the power to consider:

  • the capability of a remittance service provider or a digital asset service provider and its key personnel to comply with the AML/CTF Act and Rules; and
  • whether key personnel connected with the applicant are fit and proper.

Any decision by the AUSTRAC CEO to prohibit or restrict an individual from involvement in a remittance service provider or digital asset service provider would be subject to procedural fairness obligations and reviewable.

Proposed Reform 4: streamlining value transfer service regulation

The current framework for transfers of value across borders is seen to be relying on an outdated distinction between the transfers of value undertaken by financial institutions and those undertaken by remittance service providers. Furthermore, the current definition of a ‘designated remittance arrangement’ in section 10 of the AML/CTF Act is considered overly broad, capturing arrangements for transferring money or property where the transfer of money is merely incidental to the provision of another service.

To streamline value transfer service regulation, the Department proposes to bring the regulation of remittance service providers, digital asset transfer providers, and other value transfer services under a single conceptual umbrella of ‘value transfer services’.

To do this, the Department proposes to remove the definitions of ‘electronic funds transfer instruction’ and ‘designated remittance arrangement’ in the AML/CTF Act, as well as remove designated services in items 29, 30, 31, and 32 of Table 1 of the AML/CTF. These will be replaced with a streamlined concept of a ‘value transfer service’, which would involve the addition of the following 'value transfer services’ as designed services applying to remittance providers, digital asset service providers and financial institutions that provide remittance-type services as part of their core business:

Proposed designated service
What you need to know
In the capacity of an ordering institution, accepting an instruction to transfer value on behalf of a payer. The customer is the payer. These proposed designated services are intended to capture the transfer of money or other stores of value, including digital assets.

Consistent with the existing funds transfer and remittance designated services, these would exclude the transfer of physical assets such as cash or bullion on a customer’s behalf, or payments using cheques or other negotiable instruments drawn by the payer on the ordering institution.

In the capacity of a beneficiary institution, making transferred value available to a payee. The customer is the payee.
In the capacity of an intermediary institution, passing on a message in a value transfer chain to another intermediary institution or the beneficiary institution. The customer is the ordering institution or intermediary institution from which the message was received. As intermediary institutions do not have a direct business relationship with either the payer or payee in a value transfer, the Department considers that it may be appropriate to exempt them from a range of AML/CTF obligations when providing the designated service alone.  This would include exemption from customer due diligence and ongoing customer due diligence obligations (other than transaction monitoring). This proposed reform will be supported by a definition of an intermediary institution, discussed below.

 

These new designated services would be supported by an updated concept of a ‘value transfer chain’, which would define the terms ‘ordering institution’, ‘intermediary institution’ and ‘beneficiary institution’ by reference to their role in the value transfer chain:

Defined term
Proposed meaning
‘Ordering institution’
  • Each of these definitions exclude non-financial institutions that transfer value incidentally, such as entities that provide car fleet management services or other services in which value is passed on behalf of a customer incidentally to another service.
‘Beneficiary institution’
‘Intermediary institution’
  • Means a business that receives and passes on a message on behalf of the ordering or beneficiary institution.
  • Excludes any business solely providing messaging infrastructure to allow the transmission of messages as part of a value transfer chain.

 

Importantly, the ordering institution, any intermediary institutions and beneficiary institution as defined above would form a value transfer chain for the purposes of the travel rule and IFTI reporting reforms (discussed below).

Proposed Reform 5: updating the travel rule

The travel rule is an FATF record-keeping and data transmission standard requiring AML/CTF-regulated entities to obtain and share payer and payee information alongside a transfer of value as it is transmitted from one entity to another. Under the current AML/CTF Regime, only financial institutions are subject to the travel rule and only information about the payer is required to be transmitted or received. However, the FATF Standards require:

  • the travel rule to be applied also to remittance providers and digital asset service providers; and
  • information about both the payer and payee to be transmitted or received, and the payer information to be verified by the ordering institution.

To align the operation of the travel rule with the FATF Standards, the Department puts forward the following detailed proposals:

Proposal topic
What you need to know
Travel rule trigger The Department proposes that the new streamlined value transfer services outlined above would trigger the travel rule record-keeping and transmission obligations.

This would result in responsibilities for all entities in the value transfer chain, including the:

  • collection of travel rule information and verifying payer details for the ordering institution;
  • keeping records of travel rule information, screening value transfer messages for missing travel rule information and taking appropriate action for all institutions, and
  • transmitting travel rule information for ordering and intermediary institutions.
Travel rule information The Department proposes that full travel rule information would be required to be included with domestic and cross-border value transfers of money or property, except in the following situations:

  • domestic value transfers where the ordering institution can provide full travel rule information to the beneficiary institution and authorities on request; or
  • incoming cross-border value transfers where full travel rule information cannot be transmitted to the beneficiary institution due to technical limitations in existing Australian payment systems (eg the Bulk Electronic Clearing System).

In these circumstances, a subset of information sufficient to trace the transaction through the value transfer chain may be transmitted instead.

Travel rule as it relates to digital asset transfers In line with the FATF standards, the Department proposes that full travel rule obligations would apply to all digital asset transfers where digital assets are transferred from one financial institution or digital asset service provider to another. The exceptions outlined above for transfers of money or property would not apply.

Where there is a transfer of digital assets to a self-hosted wallet, limited travel rule obligations would apply. Under this approach, financial institutions and digital asset service providers involved in these transfers would be required to undertake counterparty due diligence to determine whether the destination of the transfer is a custodial wallet held with a regulated financial institution or digital asset service provider.

For transfers to and from self-hosted wallets, financial institutions and digital asset service providers would be required to:

  • collect travel rule information from their own customer and, if the financial institution or digital asset service provider is the ordering institution, verify the payer information; and
  • keep records of travel rule information,

but there would be no requirement to transmit, receive or screen for missing travel rule information.

Travel rule exemptions The Department is considering whether the current exemptions from the travel rule contained in section 67 of the AML/CTF Act remain appropriate or whether there are opportunities to clarify them in line with the FATF Standards.

To streamline the legislation, exemptions from the travel rule reporting obligations and exemptions to the IFTI reporting obligations would be aligned where possible.

Travel rule thresholds and the ‘sunrise issue’ Different countries have different monetary thresholds that trigger the travel rule.  Furthermore, travel rule information may be missing or incorrect where a counterparty provider is based in a country that has not yet implemented the travel rule and does not have a solution in place to send or receive travel rule information (referred to as the ‘sunrise issue’).

To counter these issues, the Department proposes:

  • to maintain a zero threshold in Australia for all value transfers in line with existing requirements for financial institutions, rather than having the travel rule apply only above a certain monetary threshold; and
  • that financial institutions, remittance providers and digital asset service providers would be required to take a risk-based approach to determining whether to make value available to the payee for incoming transfers lacking travel rule information.

The Department will consider how to manage travel rule information for transfers of digital assets if there are concerns about the data security and privacy protections implemented by a counterparty.

Proposed Reform 6: simplifying reporting obligations on IFTIs

An IFTI involves either an instruction that is accepted in Australia for money or property to be made available in another country, or an instruction that is accepted in another country for money or property to be made available in Australia.

Currently, IFTI reporting obligations only apply to the sender of an instruction to transfer funds out of Australia, or the recipient of an instruction sent into Australia, whether or not the payer or payee is its customer.

The current framework for submitting IFTI reports has been criticised as being outdated and increasingly complex to apply to modern payment services, and has also resulted in data quality problems.

To combat these inadequacies, the Department proposes to modernise and streamline IFTIs’ reporting obligations as follows:

Proposal
What you need to know?
The reporting entity closest to the Australian customer should report IFTIs The Department proposes that the obligation to report IFTIs should rest with Australian institutions that initiate the outgoing transaction, or make the incoming payment available, for their customers.

However, to mitigate regulatory burden on small businesses, correspondent banks or remittance network providers would be allowed to report IFTIs on small businesses’ behalf. The small business would remain responsible for any non-compliance with IFTI reporting obligations, but defences would be available where the small business exercises due diligence.

IFTI reports should relate to the movement of value rather than movement of instructions The Department proposes IFTI reporting obligations be amended so that an IFTI report is triggered by a reporting entity acting on an instruction:

  • for outgoing IFTIs, the ordering institution’s reporting obligation would be triggered by initiating the transfer; or
  • for incoming IFTIs, the beneficiary institution’s reporting obligation would be triggered by making the transferred value available to the payee.

This would minimise the possibility of cancelled and aborted IFTIs triggering the reporting requirement. IFTIs would still need to be reported within 10 days.

Streamline IFTI-E and IFTI-DRA reports in a single IFTI report There are two types of IFTIs under the current regime:

  • IFTI-Es (IFTI-electronic) relate to cross-border electronic funds transfer instructions that are sent or received between financial institutions on behalf of customers.
  • IFTI-DRAs (IFTI-designated remittance arrangements) are instructions to transfer money or property under a designated remittance arrangement where one of the entities involved is not a financial institution.

The Department proposes to merge the two report types into a single IFTI report. This would enable IFTI reporting to adapt to current and emerging payment services and reduce regulatory burden and complexity for businesses.

Extend IFTI reporting to digital asset transfers The Department proposes to extend IFTI reporting to transfers of digital assets; however, this would be limited to where the financial institution or digital asset service provider transfers digital assets to, or receives from, a counterparty based overseas on behalf of a customer.

The Department is also considering whether IFTI reporting and other risk mitigation should be triggered by transfers of digital assets to or from self-hosted wallets whose ownership is unverified by the digital asset service provider or financial institution.

Apply IFTI reporting to certain incidental remittances Although the current definition of a ‘designated remittance arrangement’ is criticised as being overly broad (as noted above), the Department considers that the provision of some incidentally captured services should continue to carry an IFTI reporting requirement due to identified ML/TF risk.

The Department proposes the AML/CTF Act be amended to expressly provide that IFTI obligations are triggered where a reporting entity, in providing a foreign currency conversion service contained in Item 50 of Table 1, or a gambling service contained in Table 3:

  • transfers, or arranges to transfer value, out of Australia on behalf of the payer, or
  • makes available, or arranges with the payee to make available, value transferred into or out of Australia to a payee.

Additional proposed reforms

The Department is not proposing to change the current cross-border movement reporting framework, as it is compliant with the FATF Standards. However, the Department does propose to reduce the impost associated with cross-border movement reporting of bearer negotiable instruments (BNIs) by amending the BNI definition in section 17 of the AML/CTF Act. Specifically, the amendment would clarify that the definition only covers instruments that are truly bearer negotiable in nature, namely instruments that are in bearer form, endorsed without restriction, made out to a fictitious payee or otherwise in such form that title to the instrument passes to the recipient upon delivery.

In addition, the Department does not propose to create a bespoke correspondent due diligence obligation for remittance providers and digital asset service providers that are involved in relationships similar to correspondent banking relationships.  Instead, an Australian entity would be required to conduct enhanced due diligence where it provides services to a foreign counterparty remittance provider or digital asset service provider, which the counterparty would then use to provide services to its own customers. This enhanced due diligence would include understanding the nature of the counterparty’s business, its reputation, regulatory status and AML/CTF controls.

On top of the proposed reforms in Paper 4, Paper 5: Broader reforms to simplify, clarify and modernise the regime presents detailed proposals in relation to the extensive changes envisaged to be made to the AML/CTF regime, namely:

  • simplifying and clarifying whole-of-regime obligations for AML/CTF programs;
  • clarifying core CDD obligations;
  • updating the ‘tipping off’ offence to be more outcomes-focused; and
  • repealing the Financial Transaction Reports Act 1988 (Cth).

These changes would apply to digital asset service providers to the extent they are captured under the AML/CTF regime as reporting entities.

You can read more about these changes and other proposed reforms relating to the tranche two sectors in our other recently published article.

Next steps

You can submit feedback on the proposed reforms via the Department’s Consultation Hub by 5.00 pm AEST Thursday, 13 June 2024.

The Department will conduct roundtable discussions with key stakeholders.  Engagement with industry will be undertaken on sector-specific issues as required.

The final design of the proposed reforms will be subject to government consideration and parliamentary scrutiny.

If Paper 4’s proposed reforms become law, digital asset service providers, remittance service providers and financial institutions would be given time to make necessary arrangements and prepare before being regulated. AUSTRAC would work closely with regulated entities to help them understand and meet their AML/CTF obligations, including developing comprehensive guidance material.

If you require assistance with making a submission or would like to discuss the proposed reforms, please contact John Bassilios.

This article was written with the assistance of Wilson Lee, Law Graduate.

Contact

John Bassilios

John Bassilios

Partner & Fintech and Blockchain Lead

John has broad experience in financial services, funds management, blockchain, crypto, web3 and corporate law.

Related practices

You might be also interested in...

Fintech | 3 May 2024

Treasury’s draft ‘Buy Now, Pay Later’ legislative package: what you need to know

The package aims to regulate BNPL arrangements as low-cost credit contracts (LCCC), imposing fee restrictions and licensing requirements on BNPL providers.

Fintech | 15 Mar 2024

Landmark decision in ASIC versus Finder Wallet: exploring legal boundaries of crypto-assets

We analyse this ruling to help you gain a deeper understanding of the implications.