Latest Products

Free Article: Chatting with Paddy Oliver

Friday 6 March 2020

* This article will be published in the GRC Professional March 2020 Edition of the magazine

The GRC Professional Magazine caught up with AML Experts Managing Director & Legal Practitioner Paddy Oliver, who will be one of the speakers at the upcoming at AML & Financial Crime Summit at the end of April. 


Can you tell me a little about what your presentation at the AML & Financial Crime Summit will be focused on?

AML/CTF Program governance is finally being taken seriously, both by AUSTRAC and reporting entities. The presentation will focus on four themes: what is AML/CTF Program governance; what are the actual governance obligations; the link between AML/CTF Program governances and directors’ duties; and key elements of a good AML/CTF Program governance framework.

It felt like everyone was braced for Australia to get a poor grade from FATF. I think there were even a few AFR articles that anticipated a poor rating. Then, nothing happened.  What actually did happen?

Yes, there was an expectation in the AML compliance community that Australia would receive non compliances with key FATF recommendations—notably the failure to include designated non-financial business and professions (i.e. lawyers, accountants etc.) and on several other technical areas. Rather fortuitously, Australia has benefited from FAFT deciding to postpone the current round of mutual evaluations and follow-up evaluations. The reason being is that this will allow FAFT time to re-design the evaluation criteria.

Why do you think AUSTRAC’s governance messages are an important focus?

Without governance, there is no accountability. And without accountability there can be no certainty that an AML/CTF Program is properly designed, maintained, and resourced. If AUSTRAC’s governance message can reach more directors, boards, and governing authorities of non-corporations, that can only be a positive.

Do you think there might be some unanticipated consequences arising from this messaging from AUSTRAC that reporting entities may not have already factored into their risk assessments?

Probably. Wearing both my AML advisory hat and my Independent Reviewer hat, I have never seen AML/CTF Program governance addressed in a risk assessment, although failure of governance is a key risk.

We have seen examples now of APRA and ASIC investigation on the back of AUSTRAC enforcement actions. Is this the new normal?

I would very much think so, especially for ADIs and larger financial services organisations. Both APRA and ASIC now take an interest in potential in AML/CTF Program governance failures that give rise to serious AML Act breaches. With more resources, ASIC could bring a focus onto the wider reporting entity community with regard to AML/CTF Program governance and director’s duties. However, as ASIC is currently heavily engaged in post-Hayne Royal Commission investigations and enforcement, it probably will only focus on major breaches of the AML Act.

Do you see anything coming on the horizon in terms of more enforcement action or even future amendments and regulation?

With regard to enforcement action, I have no doubt that AUSTRAC are continually considering enforcement action against those reporting entities that have breached their AML Act obligations and meet the threshold for enforcement action. Remember, AUSTRAC has a wide suite of enforcement tools available to it, and enforcement action may not be made public. So, whilst there is no new public enforcement action at the time of writing, this could change overnight. As for new amendments or regulation, there is the proposed amendment to the AML Act currently making its way through Parliament. This bill deals with technical areas not touching any governance requirements. I do not see any need to amend the Act with regard to governance requirements. Some additional detailed guidance would be advantageous.