Every AUSTRAC requirement,covered.

Every business needs a process for determining each customer's risk rating, and then based on that risk score, performing appropriate due diligence checks.

• Automatically calculates customer risk scores based on multiple factors
• Determines which due diligence checks are required based on the risk score
• Automatically runs due diligence checks (or use your preferred third-party provider)

All businesses must verify the identity of customers who are individuals. This ensures you know exactly who you're dealing with.

• Use Instant Compliance's automated KYC system or your preferred third-party provider - no lock in
• Instant Compliance's KYC tools are built to support 🇦🇺 AUSTRAC requirements and customers can complete the process in under one minute
• Automatically captures and verifies identity documents through a secure, mobile-optimised portal
• Real-time status updates and completion notification workflow

You must perform document verification and biometric checks for individual customers. This confirms they are who they say they are.

• Built to support 🇦🇺 AUSTRAC identity verification requirements, with automated verification of tax bills, utility bills, bank statements from 220+ countries and territories.
• Biometric facial recognition and liveness detection to match the customer to their identity document
• Supports over 14,000+ ID types worldwide

You must confirm your customers' residential and business addresses. This helps verify their identity and detect potential fraud.

• Automatically verifies customer addresses by cross-referencing against official government databases, utility records, and postal services
• Checks documents for authenticity, image integrity, and data validity, including expiration dates and address existence.
• Lightning-fast user geolocation checks on devices that allow it.

Your customer onboarding must identify Politically Exposed Persons (PEPs) and their associates. These individuals may present higher compliance risks due to their public roles.

• Flags which customers may require PEP screening based on their risk assessment
• Screens high risk customers against comprehensive global databases of Politically Exposed Persons (PEPs), their relatives, and close associates
• Provides ongoing, real-time monitoring for any changes in a customer's PEP status
• Automated customer risk assessments and recommended actions for identified PEP matches

For higher-risk customers, you must have a process that confirms the legitimate origin of their funds. This helps prevent money laundering.

• Automatically detects which customers require source of funds verification based on their risk score
• Detects Enhanced Customer Due Diligence (ECDD) triggers when abnormal customer or transaction patterns are identified
• Guides customers through structured questionnaires to document the source and nature of their funds
• Automatically requests and verifies supporting documentation based on declared fund sources

All businesses must verify the identity of customers who are businesses. This ensures you're dealing with legitimate, registered entities.

• Verify business customers through Instant Compliance's automated system or use your preferred third-party provider
• Connects directly to government business registries to verify company registration details
• Automate company verification by letting counterparties verify in a few clicks
• Verify shareholder data and personal documents fast, in any language

You must check your business customers' entity registration and legal status. This confirms they are properly established and authorised to operate.

• Automatically performs real-time lookups against official business registries to confirm legal entity status

You must identify the ultimate beneficial owners of your business customers (anyone with 25% or more ownership). This reveals who really controls the business.

• Automatically analyses corporate structures to surface individuals with 25% or greater ownership for your review
• Maps complex ownership chains through multiple corporate layers

You must analyse complex ownership and control structures when you encounter them. This helps you understand hidden relationships and potential risks.

• Creates visual representations of corporate ownership structures and control relationships
• Identifies potential risks in complex corporate arrangements
• Flags unusual structures that may indicate money laundering or tax avoidance schemes

You must understand why your customers are using your services and what types of transactions they'll conduct. This helps you spot unusual or suspicious activity.

• Captures essential information about why customers are using your services and their expected transaction patterns through simple questionnaires
• Automatically integrates responses into risk assessment algorithms to provide more accurate customer risk scoring

Every business needs a process for determining each employee's risk rating based on their role, and then performing appropriate due diligence checks based on that risk score.

• Automatically assigns risk scores to employees based on defined role categories and responsibilities
• Considers factors such as customer interaction, system access levels, and decision-making authority
• Updates risk assessments dynamically when employee roles or responsibilities change

All employees require risk-based background checks. The level of checking depends on their role and access to sensitive information or systems.

• Automatically determines which background checks each employee needs based on their risk level
• Provides a list of certified partners to conduct background checks
• Maintains secure records of all background check results
• Automated renewal schedules based on risk level

Higher-risk employees require national police checks. This helps ensure staff with access to customer data or funds have no criminal history.

• Automatically determines which employees require police checks based on their risk level and role
• Provides a list of ACIC-accredited partners to conduct police checks

Higher-risk employees require financial probity checks. This is particularly important for roles involving access to company or customer funds.

• Automatically determines which employees require financial probity checks based on their risk level and role
• Provides a simple workflow to complete credit history and financial probity assessments

You must have a system that determines and monitors data access levels based on each employee's risk level, role, and responsibilities. This ensures sensitive information is protected.

• Automatically recommends and implements appropriate access levels to compliance information on the platform for each role based on their risk assessment
• Provides a standardised system to manage access controls that scales with your business
• Maintains audit trails of all access level changes and approvals

You must flag unusual transaction volume patterns. This helps identify customers who suddenly start making many more (or fewer) transactions than normal.

• Continuously monitors transaction volumes against established customer profiles and industry benchmarks
• Automatically flags significant increases or decreases in transaction activity
• Provides trend analysis and risk scoring for volume-based anomalies

You must flag transactions with unusual values. This includes both unusually large and unusually small amounts for a particular customer.

• Monitors all transactions against configurable value thresholds and customer risk profiles
• Automatically generates alerts for transactions exceeding established limits
• Tracks cumulative transaction values over specified time periods

You must consider geography when determining transaction risk levels. Some countries present higher money laundering or terrorism financing risks.

• Applies enhanced scrutiny to all international transactions based on destination country risk ratings
• Screens against sanctions lists and high-risk jurisdiction databases
• Provides detailed reporting on cross-border transaction patterns and risks

You must lodge Threshold Transaction Reports (TTRs) for cash transactions of $10,000 or more. This is a legal requirement with strict deadlines.

• Implements enhanced monitoring and reporting for all cash transactions
• Automatically generates Threshold Transaction Reports (TTRs) for cash transactions above $10,000
• Tracks cash transaction patterns to identify potential structuring activities

You must identify transactions that deviate from normal customer behaviour. This helps spot potential money laundering or fraud.

• Monitors transaction frequency against established customer behaviour patterns
• Identifies rapid-fire transactions that may indicate automated or suspicious activity
• Provides statistical analysis of transaction timing and frequency anomalies

You must have a process that identifies attempts to avoid reporting requirements. This includes breaking up large transactions into smaller ones to stay under reporting thresholds.

• Uses advanced algorithms to detect potential structuring activities across multiple transactions
• Identifies patterns where customers may be deliberately staying below reporting thresholds
• Provides detailed analysis and evidence packages for suspected structuring cases

All transactions must be checked against sanctions and watch lists. This ensures you're not dealing with prohibited individuals, entities, or countries.

• Screens all transaction parties against comprehensive global sanctions and watch lists in real-time
• Provides immediate blocking of prohibited transactions with detailed compliance reporting
• Maintains up-to-date sanctions databases with automatic updates from official sources

You must monitor significant changes in customer acquisition patterns or service usage. Sudden changes can indicate emerging risks.

• Tracks customer acquisition rates and identifies unusual spikes or declines in new customer onboarding
• Monitors changes in customer demographics, risk profiles, and service usage patterns
• Provides early warning alerts for potential business model or market changes that may affect ML/TF risk

You must monitor transaction volumes and investigate unusual increases or decreases that could indicate money laundering or fraud.

• Instant Compliance continuously monitors aggregate transaction volumes across the business and identifies significant deviations
• Provides automated alerts when transaction volumes exceed or fall below established thresholds
• Generates detailed reports on volume trends and their potential compliance implications

You must identify transactions that deviate from normal customer behaviour. This helps spot potential money laundering or fraud.

• Uses machine learning algorithms to identify transactions that deviate from normal customer behaviour
• Provides risk scoring and detailed analysis of unusual transaction characteristics
• Generates automated alerts and investigation workflows for suspicious patterns

You must monitor for customers who repeatedly fail identity verification or require extra checks. This helps identify potential fraud or attempts to avoid compliance.

• Tracks customers who repeatedly require enhanced due diligence measures or fail standard verification
• Identifies patterns that may indicate systematic attempts to circumvent CDD requirements
• Provides risk-based recommendations for customer relationship management

You must monitor external threat intelligence and emerging financial crime trends. This helps you stay ahead of new money laundering techniques.

• Integrates with external threat intelligence feeds to stay current on emerging financial crime typologies
• Provides regular updates on new money laundering and terrorism financing methods
• Automatically updates monitoring rules and risk assessments based on emerging threats

You must track regulatory changes and geopolitical events. These can significantly impact your compliance obligations and risk profile.

• Monitors regulatory announcements and guidance from 🇦🇺 AUSTRAC and other relevant authorities
• Tracks geopolitical events that may affect sanctions, country risk ratings, or compliance requirements
• Provides automated notifications and impact assessments for relevant external changes

You must monitor and respond to 🇦🇺 AUSTRAC alerts and guidance. Staying informed helps you maintain compliance as requirements evolve.

• Automatically monitors 🇦🇺 AUSTRAC communications, alerts, and guidance updates
• Provides structured workflows for responding to 🇦🇺 AUSTRAC requests and implementing new guidance
• Maintains comprehensive records of all 🇦🇺 AUSTRAC communications and organisational responses

Every year, you must perform a comprehensive review of all risk assessments and controls. This ensures your programme stays current with your business.

• Automates the annual ML/TF risk assessment process with structured questionnaires and data analysis
• Generates comprehensive risk assessment reports with recommendations for control improvements
• Tracks implementation of risk assessment recommendations and control enhancements

Important events must trigger reviews, such as regulation changes or significant business changes. This ensures your programme adapts to new circumstances.

• Automatically initiates risk reviews when predefined trigger events occur (e.g., regulatory changes, significant incidents)
• Provides structured workflows for conducting event-driven risk assessments
• Generates updated risk profiles and control recommendations based on triggering events

You must regularly review external factors that could affect your money laundering and terrorism financing risks, such as changes in country risks, industry trends, and regulations.

• Instant Compliance schedules regular reviews of external risk factors including country risks, industry trends, and regulatory changes
• Provides structured assessment frameworks for evaluating external risk impacts
• Updates risk ratings and control requirements based on periodic review findings

You must perform risk evaluations following compliance incidents or security breaches. This helps you learn from issues and prevent recurrence.

• Automatically triggers comprehensive risk reviews following compliance incidents or control failures
• Provides root cause analysis frameworks and corrective action planning
• Tracks implementation of incident-based improvements and control enhancements

You must categorise information based on sensitivity and apply appropriate access controls. This ensures the right level of protection for different data types.

• Automatically classifies all compliance data based on sensitivity levels and regulatory requirements
• Implements data labelling and handling procedures based on classification levels
• Provides regular reviews and updates of data classification schemes

You must ensure only authorised personnel can access sensitive data. This prevents unauthorised viewing or modification of customer and compliance information.

• Implements comprehensive role-based access controls with regular review and certification processes
• Provides automated provisioning and deprovisioning of system access based on employee roles
• Maintains detailed audit logs of all data access and modification activities

You must keep a comprehensive log of all compliance activities. This creates an auditable record of every action taken within your compliance programme.

• Maintains immutable audit trails of all system activities, data access, and modifications
• Provides comprehensive search and reporting capabilities for audit trail analysis
• Ensures audit trail integrity and availability for regulatory examinations

You must retain all compliance data for 7 years. This is a legal requirement to support potential investigations or audits.

• Automatically manages data retention schedules based on regulatory requirements (7 years for AML/CTF records)
• Provides secure data disposal processes when retention periods expire
• Maintains comprehensive records of data retention and disposal activities

You must report suspicious matters to 🇦🇺 AUSTRAC within 24 hours. This is a legal obligation when you have reasonable grounds for suspicion.

• Helps you prepare and submit Suspicious Matter Reports to 🇦🇺 AUSTRAC
• Provides structured investigation workflows and evidence collection for suspicious activity
• Tracks SMR submission status and maintains comprehensive reporting records

You must report cash transactions of $10,000 or more to 🇦🇺 AUSTRAC within 72 hours. This applies to both single transactions and multiple linked transactions.

• Automatically flags transactions above $10,000 and prepares the TTR for submission to 🇦🇺 AUSTRAC within required timeframes
• Provides comprehensive transaction data collection and validation for TTR submissions
• Maintains detailed records of all threshold transaction reporting activities

You must report international fund transfers to 🇦🇺 AUSTRAC within 72 hours. This helps track cross-border money movements.

• Automatically captures international funds transfer instructions and prepares them for reporting to 🇦🇺 AUSTRAC
• Provides comprehensive data validation and enrichment for IFTI submissions
• Tracks reporting compliance and maintains detailed IFTI reporting records

You must create regular compliance status reports. This keeps senior management informed of your compliance programme's health.

• Generates comprehensive compliance dashboards and reports for senior management review
• Provides key performance indicators and trend analysis for compliance program effectiveness
• Schedules regular management reporting with automated distribution and acknowledgment tracking

You must document compliance breaches. This creates a record of issues and the corrective actions taken.

• Provides structured incident reporting workflows with automated escalation procedures
• Maintains comprehensive incident databases with root cause analysis and corrective actions
• Tracks incident resolution and implements lessons learned across the compliance program

You must track key compliance indicators and control effectiveness. This helps you measure and improve your programme over time.

• Monitors key performance indicators for compliance program effectiveness and efficiency
• Provides trend analysis and benchmarking against industry standards and regulatory expectations
• Generates regular performance reports with recommendations for program improvements

You must have a process that allows all employees to escalate suspicious matters. This ensures concerns reach the right people quickly.

• Implements automated escalation workflows for high-risk events and compliance issues
• Provides structured communication templates and tracking for escalation activities
• Maintains comprehensive records of all escalation activities and resolutions

You must provide comprehensive onboarding training for new compliance officers, employees, directors, and third-party service providers. This ensures everyone starts with a solid understanding of their obligations.

• Delivers comprehensive AML/CTF training to all new employees before they commence duties
• Provides role-specific training modules tailored to individual responsibilities and risk exposure
• Tracks training completion and competency assessments with automated reminders and escalation

You must provide regular training and ongoing education based on roles and employee risk levels. This keeps knowledge current as threats and regulations evolve.

• Schedules and delivers regular refresher training based on 🇦🇺 AUSTRAC requirements and role-specific risk levels
• Provides updated training content reflecting regulatory changes and emerging threats
• Tracks training effectiveness and employee competency over time

Training must be tailored based on responsibilities and risk exposure. Different roles need different levels of compliance knowledge.

• Automatically assigns training modules based on employee roles and 🇦🇺 AUSTRAC-defined responsibilities
• Delivers customised content for different role categories (compliance officers, customer-facing staff, senior management)
• Provides scenario-based exercises relevant to specific job functions and risk exposures

Training must be provided when compliance policies and regulations change. This ensures your team stays informed of new requirements.

• Automatically delivers training on new regulatory requirements and 🇦🇺 AUSTRAC guidance updates
• Provides impact assessments and implementation guidance for regulatory changes
• Tracks employee understanding and compliance with new regulatory requirements

Executive training on governance responsibilities

• Delivers specialised training for senior management on AML/CTF governance responsibilities
• Provides comprehensive coverage of regulatory expectations for board and executive oversight
• Tracks senior management training compliance and competency assessments

Training must be monitored and measured to ensure effectiveness. This helps you identify knowledge gaps and improve your programme.

• Monitors training success rates and continuously improves training content to ensure effectiveness

You must provide compliance training to external service providers, contractors, and consultants who perform work on your behalf.

• Instant Compliance allows you to add external contractors and service providers so they can complete streamlined, role-specific compliance training

You must keep comprehensive training documentation for 7 years. This demonstrates your compliance with training obligations during audits.

• Maintains comprehensive records of all training activities, completions, and assessments
• Provides detailed reporting on training compliance and effectiveness across the organisation
• Ensures training records are available for regulatory examinations and audits

You must keep employees informed about compliance requirements, emerging risks, and regulatory changes through ongoing communication. This ensures your team stays aware of their responsibilities.

• Automatically manages compliance awareness requirements with minimal employee disruption