AML/CTF compliance guide for bookmakers


Full text


This guide will enable a bookmaker to assess and document information essential to complying with the Anti-Money Laundering and Counter-Terrorism Financing Act 2006. This guide is suitable for use by bookmakers who:

are sole traders, or have a small number of employees; and


only operate within Australia; and


do not transfer or receive money from overseas outside of the banking system.



and Counter-Terrorism Financing Act 2006. This guide is not suitable for all bookmakers (see ‘Overview’). It is not intended to be

comprehensive and does not constitute nor should it be treated as legal advice or opinion. The Commonwealth accepts no liability for any loss suffered as a result of reliance on this publication. AUSTRAC recommends that independent professional advice be sought. The information contained herein is current as at the date of this document.

Copyright notice

This guide is copyright. You may use and reproduce this material in an unaltered form only for your personal non-commercial use or use within your organisation. Apart from any use permitted under the Copyright Act 1968, all other rights are reserved. Requests and enquiries concerning reproduction and rights should be addressed to the Commonwealth Copyright Administration, Attorney-General’s Department, Robert Garran Offices, National Circuit, Barton, ACT 2600, or posted at



The purpose of this AML/CTF compliance guide is to help bookmakers meet the requirements of the Anti-Money Laundering and Counter-Terrorism Financing Act 2006 (AML/CTF Act) and the Anti-Money Laundering and Counter-Terrorism Rules Instrument 2007 (No. 1) (AML/CTF Rules).

Who should use this compliance guide?

This compliance guide is suitable for bookmakers who:

are sole traders or who have a small number of employees; and


only operate within Australia; and


do not transfer or receive money from overseas outside of the banking system.


Why are bookmakers covered by the AML/CTF Act and Rules?

The AML/CTF Act and AML/CTF Rules apply to bookmakers because bookmakers provide one or more of the designated services (i.e. gambling services) listed in the Act. These designated services have been identified because they are vulnerable to abuse by criminals for money laundering or terrorism financing purposes.

What is money laundering and terrorism financing?

Money laundering is the process whereby criminals attempt to hide the true origin or ownership of the proceeds of their criminal activities to avoid prosecution, conviction and confiscation of their criminal funds. Money laundering also refers to situations where a criminal chooses to spend money which is the proceeds of a crime (such as tax evasion or drug dealing).

In the past, bookmakers have been used by criminals to launder the proceeds of crime, as shown in the following example.

Example 1:

‘Members of the [tracksuit] gang are believed to buy winning tickets from successful punters by adding to the value of the ticket. If a punter wins $10,000 from a successful bet, for example, a gang member will gladly pay $12,000 for the uncollected ticket. In this way, they can explain away any cash by showing police a copy of the winning ticket. The gang have made it known in betting circles that winning quadrella tickets worth more than $15,000 carry a bonus of up to $2,500.’

(Bartley P, ‘Gang’s carnival “clean-up”’, The Age, 30 October 2003)

Terrorism financing includes receiving funds from, giving funds to, or collecting funds on behalf of terrorists and terrorist organisations. This includes where a person is unaware that the organisation is a terrorist organisation but is reckless as to whether the funds will be used to engage in a terrorist act.


What are the penalties for not complying with the AML/CTF Act or Rules?

The AML/CTF Act provides for civil and criminal penalties to be imposed where a business does not comply. The maximum civil penalty for a single contravention is up to $11 million for a corporation and up to $2.2 million for an individual. The penalties for criminal offences include imprisonment for up to 10 years and/or fines up to $1.1 million.

What is a risk-based approach to compliance?

The AML/CTF Act uses a risk-based approach to compliance. This means that the Act sets out your primary obligations and that within these obligations you have the flexibility to put in place the processes that match your level of risk.

What do you have to do?

In order to take advantage of this flexibility, it is essential that you can show that you have: diligently thought about your money laundering/terrorism financing (ML/TF) risks


recorded your plans and processes for managing these risks


followed your own plans and processes


reviewed and updated your plans and processes on a regular basis.


Documenting the steps that you are taking is is a way you can demonstrate your entity's willingness to comply. This guide is designed to help you to do this work.


How to use this guide

This compliance guide will help you perform the following activities:

Diligently consider the ML/TF risks

1. and the actions you need to complete to achieve compliance.

Record in your own words

2. in this compliance guide the processes and plans for how you will manage

your AML/CTF obligations.

3. Organise, list and attach other documents you may have that can be used to provide evidence of your

diligence in considering, planning and implementing your AML/CTF obligations.

We recommend that you consider and complete this guide to assist you in meeting your obligations.

You do not have to use this compliance guide. However, any documentation you compile in order to comply with the AML/CTF Act must at least reflect the level of care, diligence and detail represented within this guide. This compliance guide is organised into five modules. Each module introduces obligations that you must consider and explains how to document the steps you are taking to meet these obligations. If you need more room to respond to the directions in this guide you can attach separate documents.

Module 1:

Your business and money laundering and terrorism financing risks

Module 1 will help you consider the money laundering and terrorism financing risks your business reasonably faces

Page 4

Module 2:

AML/CTF program

Module 2 will help you plan and document your AML/CTF program

Page 9

Module 3:

Threshold transaction and suspicious matter reports

Module 3 will help ensure you are reporting to AUSTRAC when required

Page 21

Module 4:

Record keeping for AML/CTF

Module 4 will help you meet your AML/CTF record-keeping requirements

Page 23

Module 5:

AML/CTF compliance reports

Module 5 will help ensure you complete AML/CTF compliance reports when required

Page 24

Appendices Resources offering you further assistance in meeting

your obligations


Module 1: Your business and money

laundering and terrorism financing risks

To identify ML/TF risks and meet your obligations under the AML/CTF Act, you need to consider the nature of your business. This should involve considering your customers, the services you provide and your business practices and controls.

To assist you in doing this, please complete the following five steps.

Step 1:

Describe your business

Name of bookmaker:

Which state or territory are you licensed in?

… NSW … VIC … QLD … WA … SA … TAS … ACT … NT Which of the following does your licence(s) cover?

… Thoroughbred racing … Harness racing … Greyhound racing … Sports betting Where do you operate?

… Metropolitan races … Provincial races … Interstate races … Other:

How many days a week do you work as a bookmaker?


Step 2:

Establish the context

Bookmakers are required to consider three factors when performing an ML/TF risk assessment. These are customer types, designated services and methods of delivering the services.

A. List all customer types

List the customer types that you deal with. Typical customer types are individuals, companies, partnerships, associations and trusts.

You may wish to break down individuals into sub-categories such as face-to-face customers, account holders, interstate/overseas customers, and other bookmakers.

You may also want to include information about each customer type, such as their average and maximum bet size, their representation as a percentage of your customers, and whether they deal through an agent (including how often this occurs). This helps provide further context to your risk assessment.

Please describe the composition of your customer base: Which of the following customer types do you have? … Face-to-face customers

… Account customers … Other bookmakers

… Non-individual customers (e.g. a company or partnership) … Turf commission agents

… Other:

Describe your customer types and their betting patterns:


B. List designated services and methods of delivery

The designated services that a bookmaker provides will attract reporting and other obligations under the AML/CTF Act. The following, non-exhaustive list sets out the designated services that are commonly provided by a bookmaking business. Use the following table to indicate which services you provide and the delivery method used:

Designated service Delivery method

Face-to-face Telephone Internet I do not

provide this service

Accepting bets … … … …

Paying out winnings on bets … … … …

Opening betting accounts … … … …

Allowing transactions to be conducted on betting accounts

… … … …

Placing a bet on behalf of a person … … … …

Introducing a person who wishes to place a bet to a bookmaker willing to accept the bet


Step 3:

Identify ML/TF risks

The next step is to identify the ML/TF risks for your business when providing designated betting services. Simply put, identifying business risks means asking questions like ‘How could my business be used by criminals to launder money?’ or ‘What situations or customer behaviour might be suspicious?’.

Businesses often use a risk register (or similar document) to record risks. Identify the ML/TF risks and write them down in the ‘Risks’ column of the risk register on the following page. The risk register already contains a list of common risks for bookmakers. You should consider whether these apply to your business. Please note this list is not complete. You must also identify any other risks that are relevant to your business.

Step 4:

Treat ML/TF risks

The next step is to consider how you treat or manage the risks – in other words, what procedures and policies are available to reduce the likelihood or impact of the risks that you have identified.

Because every business is different there are many ways to treat risks. Keep in mind that many of your existing procedures (including those required under state regulations) may already help to reduce the risk of ML/TF. Some examples are:

staff training


state employee licensing


limits on cash payouts


state regulations that require recording and monitoring of all bets


refusing to accept bets from betting agents


not offering betting accounts


not allowing credit betting


maintaining relationships with long-standing customers.


You should document the controls you have in place for each identified risk. Write down the particular controls relevant to each risk in the ‘Treatment’ column of the risk register.

Step 5:

Allocate risk ratings

When you have identified what procedures and policies you have in place to treat the risks, you should rate each of the risks according to the likelihood of it occurring and the impact (such as the dollar value) each would cause if it occurred. As a guide, risks can be rated using a scale such as low, medium and high. Write down the rating for each ML/TF risk in the ‘Risk rating’ column of the risk register.

If you require further guidance on assessing the likelihood and impact of risks, AUSTRAC has published a guide on risk entitled ‘Risk management – A tool for small to medium-sized businesses’ which is available at



Step 3


tify risks

Step 4



t risks

Step 5



te risk



R isks T reatment (c ontr ols) R

isk rating (af

ter tr eatment) 1. A cust omer pr

esents false identification and v

e rification documents 2. A cust omer r equests t o

settle a bet in an unusual fashion


A cust

omer r

equests that a bet be

‘off the r ecor d ’ or not r ecor ded 4. A cust omer asks if y ou could g iv e

them old betting slips and r

eceipts , without placing a bet 5. A y oung cust

omer is placing lar

ge bets with no obvious explanation f

or their sour ce of w ealth 6. Cr

edit betting and settlement is struc


ed t



void the cash transac



ting thr



A cust

omer places sev

eral similar or identical bets below $10,000 t



oid the cash transac

tion r epor ting thr eshold 8. Ther e is appar

ent misuse of betting accounts (e

.g . t o transf er money bet w een accounts or a cust

omer using an account as a bank account)


A cust

omer is placing lar

ge bets but does not ha


a good understanding of

the racing industr

y 10. W innings ar e paid out t o a thir d par ty 11. A cust omer seeks t o withdra w money fr

om an online betting account pr

ior t o pr oviding cust omer v e rification inf or mation 12. 13. 14.


Module 2: AML/CTF program

Bookmakers are required to have a written AML/CTF program in place that will identify, minimise and manage ML/TF risks. The legal obligations that form part of your AML/CTF program are to:

appoint an AML/CTF compliance officer


implement a process to screen staff before they are employed


train staff on an ongoing basis so they understand their AML/CTF responsibilities


have procedures in place to collect and verify customer identification information


have procedures in place to monitor customers’ transactions


have developed a process to respond to feedback from AUSTRAC


have developed a process to monitor and review your AML/CTF program


ensure ongoing oversight of the AML/CTF program by the business owner


(or Chief Executive Officer/Board)

ensure approval of the AML/CTF program by the business owner


(or Chief Executive Officer/Board).

These obligations are described in more detail in the following eight steps. Complete each step as required.

Step 1:

Appoint an AML/CTF compliance officer

You must appoint someone from management or at a senior level (such as the business owner) to be the AML/CTF compliance officer.

The compliance officer should be the main point of contact for AUSTRAC and for your employees in relation to AML/CTF. You may also wish to nominate a back-up person for times when the compliance officer is not available.

Who is the AML/CTF compliance officer in your business? … You (the bookmaker)

… Another person (please write their name and job title)

What duties does the AML/CTF compliance officer have? … Approving the AML/CTF program and procedures

… Updating and maintaining the AML/CTF program and procedures … Updating and maintaining the ML/TF risk assessment

… Training staff about AML/CTF … Screening staff

… Responding to feedback from AUSTRAC

… Monitoring bets and customer activity to identify suspicious transactions … Conducting further enquiries on high-risk or suspicious customers … Sighting and recording identification for customers

… Reporting threshold transactions and suspicious matters to AUSTRAC … Keeping records of the AML/CTF program and customer identification … Submitting AML/CTF compliance reports to AUSTRAC


Step 2:

Describe your employee due diligence program

You are required to have an employee due diligence program. Simply put, this is a program to decide if, and how, you should screen your staff (including prospective employees) that are in a position to facilitate an ML/ TF offence. For example, you may check their identity and their background to satisfy yourself that they are of good character and are not presently involved with criminals or criminal activity.

An employee due diligence program must also contain appropriate procedures to manage staff who fail, without reasonable excuse, to comply with a system, control or procedure that relates to your AML/CTF program. If you do not have any employees, please indicate below.

How many employees do you have?

Full-time Part-time Casual

Describe any state/territory licensing requirements for these employees:

What other checks do you perform on new staff before they work for you? (e.g. speak with previous employers, personal reference checks, work history checks, etc.)

How do you supervise staff to ensure they are following AML/CTF procedures?


Step 3:

Describe your AML/CTF risk awareness training program

You are required to educate your staff (if any) about the risk of ML/TF being facilitated through your business, and to train staff in your AML/CTF procedures.

You must have a risk awareness training program, that covers:

your obligations under the AML/CTF Act and AML/CTF Rules, and the consequences


of non-compliance

the type of ML/TF risk your business may face and the potential consequences of such risk


the processes and procedures in your AML/CTF program that are relevant to the work


carried out by employees.

You may wish to look at AUSTRAC’s eLearning courses, which can be found online at These online courses provide a general understanding of AML/CTF.

Who receives the training?

How often do staff receive training? (tick all that apply) … On commencement

… Every 6 months … Every 12 months … Every 24 months … Other: Who delivers the training?

How is the training delivered (e.g. on-the-job, short group sessions, online training)?

What topics are covered in your training?

Do you keep records of employee training? (if yes, please describe)

How are staff tested on their understanding of AML/CTF after training?


Step 4:

How will you respond to AUSTRAC feedback?

You must have procedures that you will follow if AUSTRAC instructs you to improve your AML/CTF compliance.

Who is responsible for responding to AUSTRAC feedback?

What steps will you follow if AUSTRAC instructs you to improve your AML/CTF processes?

What timeframe have you set for responding to AUSTRAC feedback? … Within 2 weeks … Within 4 weeks … Within 6 weeks … Other:


Step 5:

Establish regular independent reviews of your AML/CTF program

Your AML/CTF program must be regularly reviewed by an independent party. Many businesses choose to review their program annually and when business practices change or if a serious ML/TF incident occurs. While the review can be conducted by an internal or external person, the reviewer must be independent; that is, the reviewer must not have been involved in designing or implementing the program.

For example, your AML/CTF compliance officer would not be independent and is not an appropriate person to conduct a review.

You may wish to base your review on the 'AUSTRAC small business checklist'


Who conducts the independent review?

How often will the review be conducted?

… Every 12 months … Every 24 months … Other:


Step 6:

Collect and verify know your customer information

Generally speaking, bookmakers must identify a customer:

when opening a betting account

r 1

before paying out winnings (although payouts of less than $10,000 by on-course bookmakers


are exempt)2

when introducing a person who wishes to place a bet to another bookmaker willing to accept


the bet

if the customer is considered to be a high-risk customer


if at any time the bookmaker has a suspicion about the customer or doubts the customer is who


they claim to be

at any other time the bookmaker’s enhanced customer due diligence program requires the


bookmaker to collect and verify further know your customer (KYC) information about a customer. You are not required to identify pre-commencement customers (i.e. customers you had before 12 December 2007) unless they are suspicious (see Module 3 for suspicious matter reporting). You may identify customers for smaller transactions if you choose to do so.

Keep in mind that corporations and other customer types have separate identification requirements. AUSTRAC has published a customer identification ready reckoner, which can be downloaded from:

Identification is divided into two parts: collection and verification. Generally speaking, collection involves asking a customer to state their details, and verification involves confirming those details against identification documents such as a drivers license.

A. Collection

The minimum identification information that needs to be collected for an individual is: the full name of the customer


their date of birth


their residential address (not a post office box).


What information do you collect from a customer? … Full name … Residential address … Date of birth … Phone number … Email address … Other:

You may need to collect additional identification details about a customer in situations where the customer is unable to provide sufficient or satisfactory identification documents or when a customer is assessed as having a high ML/TF risk rating. For example, asking for a customer’s occupation or their source of funds can often provide further context to their betting activity and helps reduce the ML/TF risk for that customer.

1 Note: there are special conditions permissible for online (internet) betting accounts. You can read about these special conditions in Appendix 1 of this guide.

2 Strictly speaking, the AML/CTF Rule which exempts payouts under $10,000 from the identification requirements applies to an ‘on-course bookmaker’, defined as ‘a person who carries on a business of a bookmaker or a turf commission agent at a racecourse’. If a bookmaker is not covered by this definition then he or she will have to identify customers for all payouts regardless of the amount.


What additional information would you ask a high-risk or suspicious customer to provide? (e.g. ask about their occupation, their motivation/strategy for betting, etc.)

B. Verification

The minimum identification information that needs to be verified for an individual is: the customer’s name; and



r their date of birth or residential address.

Again please note you may need to verify additional identification details about a customer in situations where the customer is unable to provide sufficient or satisfactory identification documents or when a customer is assessed as having a high ML/TF risk rating.

While there are many ways to verify the minimum information for individuals, the AML/CTF Rules provide one method (the ‘safe harbour procedure’) which, if used for low to medium risk customers, will meet the verification requirements.

Documentation-based safe harbour procedure

After collecting the customer information:

verify the customer information using an original or certified copy of a primary photographic


document (e.g. current drivers licence or passport, or some other identity card containing a photograph of the customer)


verify the customer information using both:


an original or certified copy of a primary non-photographic document (e.g. a birth certificate,

a citizenship certificate or a pension card issued by Centrelink); and

an original or certified copy of a secondary identification document (e.g. a telephone bill).

A certified copy is a copy of a document certified as a true copy of the original document by an authorised person, such as a legal practitioner, Justice of the Peace, or police officer (see Appendix 2).

You must also check that the documents have not expired (although a passport issued by the Commonwealth that expired within the preceding two years is acceptable).

List the procedures you undertake when collecting and verifying information about your customers. You should also list what details are recorded, and what identification documents (or combination of documents) are sufficient to prove a customer’s identity to you.


What primary photographic documents (or certified copies) will you accept as proof of identity on their own?

… Drivers license … Passport … Proof-of-age card … Other government-issued photographic ID:

What combination of primary non-photographic and secondary documents (or certified copies) will you accept as proof of identity?

Primary non-photographic:

… Birth certificate … Citizenship certificate … Centrelink pension card … Other primary non-photographic document:


… Centrelink statement … Tax assessment notice … Rates notice … Other secondary document:

Describe how you record details of the identification process and documents (e.g. writing down the drivers license number):

If you have non-individual customers (such as companies), describe your identification and verification procedures for these customers:


Step 7:

Ongoing customer due diligence

You must have processes in place to update and collect further customer information and to monitor your customers and their transactions on an ongoing basis. This is called ongoing customer due diligence and involves:

collecting any further information about your customers and determining the circumstances in


which your existing information about a customer should be updated or verified (see A below) ongoing monitoring of customers and their transactions (see B below)


enhanced scrutiny of high-risk and suspicious customers (see C below).


A. Describe under what circumstances you update and re-verify

customer information

In what circumstances would you update and/or re-verify an existing customer’s information? … You find out your customer has changed his/her name

… Your customer mentions he/she has moved address

… Mail you have sent to a customer is returned marked ‘not at this address’ … You find out your customer has a new phone number

… Other:

B. Describe your transaction monitoring program

You must have a transaction monitoring program in place to identify any transactions that appear to be suspicious. This includes:

complex, unusually large transactions


unusual patterns of transactions


transactions with no apparent economic or visibly lawful purpose.


Who conducts the transaction monitoring for your business?

Are your employees trained to refer unusual or large bets and transactions to the bookmaker for approval before they are accepted?

Does the bookmaker actively monitor customer activity during the racing meet?

When do you review your betting records looking for suspicious patterns of activity? … Every week … Every month … Every 6 months … Every year … Never … After every meet (as part of an exercise to spot incorrect bets/accounting errors) … In response to unusual customer activity observed by the bookmaker

… Other:

What would you consider to be a large, unusual transaction or pattern of transactions? (i.e. what do you look for when monitoring transactions?)

C. Describe your enhanced customer due diligence procedures

You must have an enhanced customer due diligence program in place that sets out your procedures for situations where there is a high ML/TF risk, or when a suspicious matter reporting obligation arises. In these situations, you must consider whether to:

seek further information from a customer or third party sources in order to clarify or update the


customer’s information where there is a high ML/TF risk

undertake more detailed analysis of the customer’s information


verify or re-verify the customer’s information


undertake more detailed analysis and monitoring of the customer’s past and present transactions


report the suspicious matter to AUSTRAC.


For example, if a pre-existing customer sounds different on the telephone and/or their betting activity is out of the ordinary, you may wish to confirm their identity. Or, for example, if a letter sent to a customer’s address is returned you may wish to re-verify the customer’s address.

Keep in mind that in some circumstances it may not be appropriate to obtain further information from a customer or a third party, such as when you cannot do so without tipping-off the customer or a third party to your suspicions.

Describe your procedures for dealing with situations where the ML/TF risk is high, or where you form a suspicion that must be reported under the AML/CTF Act.


Who is responsible for conducting enhanced customer due diligence?

If you had a suspicion about a customer, what would you do? (tick all that apply) … Engage the customer in conversation to find out more about them

… Interview staff to hear their version of events

… Review information held about the customer’s identity

… Talk to other bookmakers (in a way that does not advertise your suspicions to them) about the customer … Ask the customer for ID or re-verify the customer’s ID

… Review the customer’s bets and transactions looking for suspicious patterns … Record the findings of your enhanced customer due diligence

… Submit a Suspicious Matter Report to AUSTRAC if you still have doubts about the customer’s activity … Other:


Step 8:

Adopt the AML/CTF program and ensure ongoing oversight

You must approve the AML/CTF program and record the adoption of the program. You must also oversee the program on an ongoing basis.

… I approve this AML/CTF program.

Signed: Date:



Module 3: Threshold transaction and

suspicious matter reports

You must submit threshold transaction reports (TTRs) and suspicious matter reports (SMRs) to AUSTRAC. The information must be in the approved form and contain specified information. AUSTRAC prefers that the reports be submitted electronically via AUSTRAC Online, which is accessible through the AUSTRAC website ( If you do not have the technical means to submit reports electronically, you may use the paper form developed by AUSTRAC, which can be obtained by calling the AUSTRAC Help Desk on 1300 021 037.

Threshold transaction reporting

If you undertake cash transactions of $10,000 or more for designated services you provide (such as accepting a bet or paying out winnings), they must be reported. This is done on a TTR form which must be submitted to AUSTRAC within 10 business days after the day on which the transaction took place.

Questions to consider to assist in determining your obligations:

Do you accept cash payments of $10,000 or more? … Yes … No

Would you ever pay out an amount of $10,000 or more in cash? … Yes … No

If you undertake cash transactions of $10,000 or more, answer the following questions: Who is responsible for filling in the TTR form?

Who is responsible for submitting the TTR to AUSTRAC?

How do you ensure the TTR is submitted to AUSTRAC within the required timeframe?

Do you report via the internet or a paper-based form? … Internet (AUSTRAC Online) … Paper

Where do you keep copies of the TTR form? (if applicable)

If a customer places several cash bets under the $10,000 threshold, they may be intentionally trying to avoid threshold reporting. In that case, you should also consider submitting an SMR to AUSTRAC (see suspicious matter reporting, below).


Suspicious matter reporting

You are required to report certain suspicious matters to AUSTRAC in connection with a designated service (e.g. accepting a bet) that you provide, propose to provide or have been asked to provide to a person, whether or not you actually provide that service to that person.

You are obliged to submit an SMR to AUSTRAC if you form a suspicion on reasonable grounds that: the person (or their agent) is not who they claim to be


information you have may be:


relevant to the investigation or prosecution of a person for:

an evasion (or attempted evasion) of a tax law (including that of a state or territory)

an offence against a Commonwealth, state or territory law of assistance in enforcing: the

Proceeds of Crime Act 2002 (or regulations under that Act)

a state or territory law that corresponds to that Act or its regulations

providing a designated service (e.g. accepting a bet, paying winnings or opening and account)


may be:

preparatory to the commission of an offence related to ML/TF

relevant to the investigation or prosecution of a person for an offence related to ML/TF.

In summary, you must submit an SMR if, at any time while dealing with a customer, you form a suspicion that a matter may be related to an offence, tax evasion, or the proceeds of crime or financing of terrorism. You must complete an SMR and submit it to AUSTRAC within 24 hours if your suspicion relates to terrorism financing, and within 3 business days if your suspicion relates to money laundering.

Examples of suspicious matters may include:

a customer placing multiple cash bets under $10,000 to avoid threshold transaction reporting


persons collecting cash winnings when they did not place the bet


non-account customers placing cash bets on someone’s behalf


requests from customers to pay amounts to another person


customer’s betting activity does not match the expected income for their stated occupation


customer’s source of funds is known, or suspected to be, linked to criminal activities.


Who do your staff inform when they think a customer or matter is suspicious?

Who is responsible for completing enhanced customer due diligence and reporting SMRs to AUSTRAC?

How do you ensure that SMRs are submitted within the required timeframes?

Do you report via the internet or a paper-based form? … Internet (AUSTRAC Online) … Paper


Module 4: AML/CTF compliance reports

You must submit an AML/CTF compliance report as required by the AML/CTF Rules. The compliance report requires you to provide information on your compliance with the AML/CTF Act, regulations and AML/CTF Rules.

Currently, compliance reports are required to be submitted annually by 31 March. If you have access to the internet you may complete the report through AUSTRAC Online ( ). Businesses with no internet access can contact the AUSTRAC Help Desk on 1300 021 037 and request a paper form.

Who is responsible for completing AML/CTF compliance reports?


Module 5: Record keeping

You are obliged to keep records of certain things under the AML/CTF Act.

You need to retain records of customer identification for seven years after the relationship with the customer ends. For example, if a customer holds an account with your business for 15 years, you need to store records for the 15-year relationship plus seven years after the relationship ends (22 years in total).

You must also retain a copy of your AML/CTF program and a record of the adoption of the program for seven years after the program ceases to have effect. For example, if you modify your AML/CTF program, you must keep a copy of the old program for seven years after the date it is superseded.

Customer identification records:

How do you store records of customer identification?

How do you ensure these records are kept for seven years after the relationship with the customer ends?

AML/CTF program:

How do you store records of your AML/CTF program?


Appendix 1

Identification requirements for online betting accounts

If a betting account is used only for face-to-face and/or telephone betting, a bookmaker must identify the customer (collect and verify information about the customer) before allowing the customer to use the account.

However, if the account is used for online (internet) gambling:

the customer can open an account and start betting without verifying their identity, but they must


be identified within 90 days from the date of opening the betting account

you must not allow the customer to withdraw any funds (winnings or otherwise) from the account


until the customer has been identified

if the customer has not been identified within 90 days, you must freeze the account (i.e. you must


not allow the customer to operate the account to place bets, deposit or withdraw funds, or any other transaction) until the customer has been identified.

Appendix 2

Persons who can certify documents:

a person who, under a law in force in a State or Territory, is currently licensed or registered to practise (1)

in an occupation listed in Part 1 of Schedule 2 of the Statutory Declarations Regulations 1993

a person who is enrolled on the roll of the Supreme Court of a State or Territory, or the High Court of (2)

Australia, as a legal practitioner (however described) a person listed in Part 2 of Schedule 2 of the

(3) Statutory Declarations Regulations 1993. For the purposes

of these Rules, where Part 2 uses the term ‘5 or more years of continuous service’, this should be read as ‘2 or more years of continuous service’

an officer with, or authorised representative of, a holder of an Australian financial services licence, (4)


Appendix 3

Assistance and resources

For any enquiries, please call the AUSTRAC Help Desk:

telephone: 1300 021 037 (local call cost within Australia)




Relevant legislation includes:

AML/CTF Act: Subsection 6(4), Table 3 (Gambling Services)

AML/CTF Rules: Part 10.2 – On-course bookmakers and totalisator agency boards Useful AUSTRAC resources include:

AUSTRAC e-news


AUSTRAC Regulatory Guide

r Information brochures r AML/CTF programs Compliance reports Customer identification

Getting started with AUSTRAC Online

Ongoing customer due diligence

Ready reckoner (minimum identification and verification for low-risk customers)

Reporting requirements

AUSTRAC e-learning courses


Self Assessment Questionnaire


Small business checklist


Typologies and case studies reports.


All materials are available on the AUSTRAC website ( or by contacting the AUSTRAC Help Desk.



The Australian Transaction Reports and Analysis Centre (AUSTRAC) is a government agency that was

established in 1989. AUSTRAC plays an important role in the global fight against crime and works to support an Australian community that is hostile to money laundering and the financing of terrorism.

AUSTRAC is Australia’s financial intelligence unit. AUSTRAC collects financial transaction reports, analyses the information and disseminates financial intelligence which plays an important role in the prevention, detection and prosecution of crime. It assists authorities to trace the trail of illicit money and combat money laundering and other serious crimes.

AUSTRAC is also Australia’s anti-money laundering and counter-terrorism financing (AML/CTF) regulator. AUSTRAC regulates businesses which provide financial, gambling and other services specified under legislation. In implementing Australia’s AML/CTF regulatory framework, AUSTRAC assists businesses to fulfil their AML/CTF obligations and guard against attempts to misuse their services for money laundering or terrorism financing.






Related subjects :