Guidance for outsourcing arrangements

06 June 2024

The Australian Transaction Reports and Analysis Centre (AUSTRAC) conducted a consultation on its recently released draft guidance around outsourcing arrangements. The deadline for submissions closed on 18 March 2024.

AUSTRAC has said that it will consider all submissions on the draft guidance and make changes as required. A final version of the guidance will be published on AUSTRAC’s website. We will report once the final guidance is released.

Reporting entities can engage an external provider to help them meet the following anti-money laundering and counter-terrorism financing (AML/CTF) obligations:

  • AUSTRAC reporting obligations including threshold transaction reports, international funds transfer instruction reports and suspicious matter reports;1
  • developing and maintaining an AML/CTF program;
  • carrying out an independent review of the AML/CTF program;
  • carrying out applicable customer identification procedures; and
  • employee due diligence, AML/CTF risk awareness training and transaction monitoring.

The guidance is intended to help reporting entities to:

  • comply with their AML/CTF obligations when outsourcing;
  • identify, mitigate and manage money laundering and terrorism financing (ML/TF) risks that could arise from outsourcing; and
  • take steps to ensure providers tailor outsourcing arrangements to your business and its specific ML/TF risks.

In summary, AUSTRAC recommends that entities engaging external providers in these arrangements should:

  • conduct due diligence on the external provider to ensure they can meet AML/CTF obligations and can tailor their services to unique ML/TF risks;
  • understand the restrictions on information sharing under the Act and Rules;
  • have in place a written legally enforceable agreement which covers performance, oversight and enforcement to ensure the provider meets (and continues to meet) AML/CTF obligations;
  • entities should be documenting how the board and senior management will:
    • be responsible for oversight, accountability and resourcing required to identify, mitigate and manage ML/TF risks;
    • receive reports on non-compliance and ML/TF risks arising from outsourcing arrangements on a risk basis; and
    • effectively resolve non-compliance with outsourcing agreements and adapt to changing ML/TF risks.

This article was written by Polat Siva, Partner, Vesa Prekazi, Special Counsel, and Gabriel Hawkins, Associate.


​1 For further details and information about reporting obligations please see AUSTRAC guidance on Reporting.

Subscribe to HWL Ebsworth Publications and Events

HWL Ebsworth regularly publishes articles and newsletters to keep our clients up to date on the latest legal developments and what this means for your business.

To receive these updates via email, please complete the subscription form and indicate which areas of law you would like to receive information on.

Contact us