Home / Checklists / Annual AML/CTF program review checklist (AU)
AU · Regulatory

Annual AML/CTF program review checklist (AU)

The AML/CTF regime is risk-based and rigorous — AUSTRAC expects an annual independent program review and a living risk assessment. This checklist covers the 12 program components a mature AML/CTF program should refresh each year.

In short

This is a 12-step annual AML/CTF program review checklist for Australian reporting entities. It covers the Part A (risk-based) and Part B (KYC) program components, ML/TF risk assessment, ECDD triggers, AUSTRAC reporting, board oversight, and readiness for Tranche 2 DNFBP obligations. Use it as an annual program review.

Run this checklist with Quillio — free trial
12-step checklist

The checklist

1

ML/TF risk assessment refresh

Refresh the ML/TF risk assessment covering customers, products, channels, and jurisdictions. Consider AUSTRAC sector risk products.

Anti-Money Laundering and Counter-Terrorism Financing Act 2006 (Cth) s 165
2

Board and senior management oversight

Confirm board and senior management approval of the AML/CTF program and risk assessment. Confirm the AMLCO is adequately resourced.

AML/CTF Rules r 8.4
3

Part A framework review

Review Part A framework — risk management, employee due diligence, training, independent review scheduling.

AML/CTF Rules Chapter 8
4

Part B — customer identification

Review KYC procedures — risk-based tiers, beneficial ownership verification, PEP and sanctions screening.

AML/CTF Rules Chapter 4
5

Enhanced customer due diligence

Audit ECDD triggers and the evidence requirements — high-risk customers, PEPs, unusual activity.

AML/CTF Act s 36
6

Ongoing customer due diligence

Confirm OCDD — transaction monitoring, periodic KYC refresh, trigger-based reviews.

AML/CTF Act s 36
7

SMR and TTR reporting

Audit suspicious matter report and threshold transaction report pipelines, timeliness, and quality.

AML/CTF Act ss 41, 43
8

IFTI and cross-border movement reporting

Audit IFTI-E and IFTI-DRA reporting where applicable.

AML/CTF Act s 45
9

Training completion

Confirm training completion rates — general awareness and role-specific — across staff and contractors.

10

Independent review

Plan or commission the independent review of Part A. Track remediation of prior independent review findings.

AML/CTF Rules r 8.6
11

Sanctions and financial crime integration

Confirm alignment between sanctions screening and AML program. Escalate hits through a single workflow.

Autonomous Sanctions Act 2011 (Cth)
12

Tranche 2 readiness

For DNFBPs (lawyers, accountants, real estate, trust and company service providers), scope the Tranche 2 reform transition.

When to use

When this checklist applies

Use this checklist annually — ahead of the AUSTRAC compliance report and board AML review. For Tranche 2 entities, use it now to scope readiness before the reforms take effect.

Common pitfalls

  • Risk assessment drifting out of date — product and channel risk changes not captured
  • ECDD trigger logic buried in procedure — no central visibility
  • SMR backlog or quality issues
  • Training completion rates below target and not tracked to role
  • Independent review findings carried year over year
Use with Quillio

Run this checklist on a real matter

Quillio runs an AML/CTF gap analysis, refreshes the ML/TF risk assessment, and drafts independent review work papers. See /practice-areas/commercial-lawyers or start a free trial.

This checklist is for authorised reporting entities. Tranche 2 obligations for lawyers, accountants, real estate, and TCSPs are subject to transition rules.

Use this checklist on your matter.

Quillio can run this checklist on a specific NSW conveyancing matter — confirm each item, calculate adjustments, and generate the supporting documents. The free trial requires no credit card.

Start your free trial