Regulatory Compliance glossary
Regulatory compliance in Australia spans financial services, privacy, anti-money laundering, workplace, and environmental regulation. This glossary covers 40 commonly used terms across these areas.
This is a glossary of 40 key terms used in Australian regulatory compliance practice. Each entry has a plain-English definition and, where relevant, a citation to the governing Commonwealth statute.
Definitions
AFS licence
An Australian Financial Services Licence issued by ASIC authorising the holder to carry on a financial services business.
AML/CTF program
A documented program required of reporting entities under the AML/CTF Act, consisting of Part A (risk-based systems) and Part B (customer identification).
ASIC enforceable undertaking
A legally binding promise given by a person to ASIC to take specified action, accepted as an alternative to administrative or court-based enforcement.
Australian Privacy Principles (APPs)
The 13 principles in Schedule 1 of the Privacy Act that govern the handling of personal information by APP entities.
Breach reporting
The obligation on AFS licensees to report reportable situations to ASIC, typically within 30 calendar days.
Cartel conduct
Agreements between competitors to fix prices, restrict output, allocate markets, or rig bids — prohibited by the Competition and Consumer Act.
Continuous disclosure
The obligation on listed entities to immediately disclose price-sensitive information to the market.
Customer identification procedure (KYC)
The verification process required by the AML/CTF Act before a designated service is provided to a customer.
Design and Distribution Obligations (DDO)
Obligations on issuers and distributors of financial products to take a consumer-centric approach to designing products for appropriate target markets.
Designated service
A service listed in Table 1, 2, or 3 of section 6 of the AML/CTF Act that triggers reporting entity obligations.
Eligible data breach
A data breach involving personal information that is likely to result in serious harm, triggering notification obligations under the Notifiable Data Breaches scheme.
Enforceable undertaking
A written undertaking given to a regulator and accepted by it, breach of which can be enforced by the court.
Environmental approval
An approval required under Commonwealth or state legislation for actions that may have a significant impact on the environment.
EPBC Act
The Environment Protection and Biodiversity Conservation Act 1999 (Cth) — the primary Commonwealth environmental law.
Ethical wall
Information barriers put in place within an organisation to prevent conflicts of interest and inadvertent disclosure of confidential information.
FIRB
The Foreign Investment Review Board — advises the Treasurer on foreign investment applications under the Foreign Acquisitions and Takeovers Act.
General conduct obligations
The obligations on AFS licensees to do all things necessary to ensure financial services are provided efficiently, honestly, and fairly.
Infringement notice
A notice issued by a regulator imposing a fixed penalty for a specified contravention, as an alternative to court enforcement.
Internal dispute resolution (IDR)
The formal process required of financial firms to handle and resolve complaints from retail clients before escalation to AFCA.
Know Your Customer (KYC)
The processes used to identify and verify the identity of customers, particularly in the context of AML/CTF obligations.
Market manipulation
The prohibition on creating a false or misleading appearance of active trading or of the market price of financial products.
Misleading or deceptive conduct
Conduct in trade or commerce that is misleading or deceptive or likely to mislead or deceive, prohibited by the Australian Consumer Law.
Modern slavery statement
An annual statement required of large entities under the Modern Slavery Act reporting on the risks of modern slavery in their operations and supply chains.
Notifiable data breach (NDB)
A data breach that must be notified to the OAIC and affected individuals under Part IIIC of the Privacy Act.
OAIC
The Office of the Australian Information Commissioner — the independent agency responsible for privacy regulation and freedom of information oversight.
PDS
A Product Disclosure Statement — a document required to be given to retail clients before they acquire certain financial products.
Personal information
Information or an opinion about an identified individual, or an individual who is reasonably identifiable, whether true or not.
Reportable situation
A breach, likely breach, or other matter that an AFS licensee must report to ASIC under the breach reporting regime.
Reporting entity
An entity that provides designated services under the AML/CTF Act and is subject to AML/CTF obligations.
Responsible manager
A person nominated by an AFS licensee as having management responsibility for financial services covered by the licence.
Sanctions
Restrictions imposed under the Autonomous Sanctions Act and UN sanctions regimes prohibiting dealings with specified persons or countries.
Serious financial hardship
A situation in which a client is unable to meet reasonable living expenses, triggering specific obligations on financial firms to provide assistance.
Significant risk of harm
A threshold in the Notifiable Data Breaches scheme — whether serious harm is likely following unauthorised access to or disclosure of personal information.
Suspicious matter report (SMR)
A report lodged with AUSTRAC when a reporting entity forms a suspicion that a transaction is related to an offence.
Target market determination (TMD)
A document describing the class of retail clients for whom a financial product is likely to be appropriate, required under the DDO regime.
Threshold transaction report (TTR)
A report lodged with AUSTRAC for cash transactions of AUD 10,000 or more, or equivalent foreign currency.
Unconscionable conduct
Conduct in trade or commerce that is against good conscience, prohibited by sections 20 and 21 of the Australian Consumer Law.
Whistleblower protection
Protections in the Corporations Act and Taxation Administration Act for eligible whistleblowers who make protected disclosures.
Work health and safety (WHS)
The regulation of workplace health and safety under the harmonised WHS Acts in most jurisdictions, imposing duties on persons conducting a business or undertaking.
Workplace policy
An internal policy document setting out rules and procedures applying to employees, used to demonstrate compliance with regulatory requirements.
Research these terms in context
Quillio helps compliance lawyers draft policies, breach reports, and regulator correspondence in Australian format. See /practice-areas/commercial-lawyers or visit /free-trial.
This glossary is a general reference for practitioners — not legal advice. Always verify against the current legislation and regulator guidance.
Research these terms with citations.
Quillio gives you the term, the current authority, and a clickable citation — all in one place. The free trial requires no credit card and no sales call.
Start your free trial