Resources & Blog

AUSTRAC Compliance Reports: Practical Tips

Mar 3, 2025

Compliance reporting can feel as daunting as tax season, especially with new questions and heightened scrutiny from AUSTRAC in 2024. However, a proactive approach can transform this task from a headache into an opportunity to strengthen your compliance program.

Whether you’re a small reporting entity or a large financial institution, these practical tips will help you navigate your 2024 compliance report with confidence.

  1. Start Early: Download and Compare the Questions
    If you haven’t done so yet, download the 2024 questions today from within AUSTRAC Online, or get them from the AUSTRAC website and compare them to last year’s questions. Look out for:
  • New questions: These often indicate areas AUSTRAC is focusing on.
  • Modified questions: Pay extra attention to questions with new wording or requirements.

For example, in 2024, AUSTRAC has introduced a new question about whether your business provides digital currency exchange (DCE) services to other DCEs, reflecting increased regulatory focus on business-to-business crypto transactions. Additionally, while previous reports asked which blockchain tools were used, the 2024 version shifts focus to how businesses are using blockchain technology, reinforcing AUSTRAC’s interest in the practical application of these tools.

Other key changes include expanded outsourcing questions, now specifically tracking whether businesses outsource Enhanced Customer Due Diligence (ECDD) and AML/CTF training, as well as a greater emphasis on board and senior management oversight of AML programs. If your business outsources any of these areas, ensure you document how the provider tailors their approach to your ML/TF risks.

Tip: Highlight any new or changed questions in a separate document to prioritise them during your preparation.

  1. Stay Organised and Track Your Responses
    Staying organised is half the battle when completing the compliance report. We found that preparing a structured spreadsheet was the most effective way to track responses, but you might choose a different approach that better suits your business. The key is to have a system that allows you to capture and review responses efficiently.

If using a spreadsheet, consider including columns for:

  • Question: The exact wording of each question for 2024.
  • Proposed Response: Your draft answers, keeping character limits in mind.
  • Material Changes from Last Year’s responses: A note if your response differs from 2023.
  • Rationale for Changes: Why your response has changed (e.g., updated risk assessments).
  • Evidence: Document the internal evidence or attestation that supports the proposed response.
  • Evidence Provider: The team member responsible for supplying supporting evidence.

Tip: Colour coding questions can assist with quickly identifying responses that need more information or clarification.

  1. Mind the Character Limits
    Many questions have strict character limits. To make the most of this space:
  • Be concise and factual. Avoid unnecessary details.
  • Prioritise key points if you can insert all text, get the key points in first and finish the response with words to the effect of (further information available upon request).
  • Draft responses in a word processor to track character counts easily.

Tip: The final questions focus on what AUSTRAC did well and areas where it could improve. This presents an opportunity to clarify any additional information that could not be included due to character limits.

  1. Perform a Four-Eye Review
    A four-eye review is an essential step for ensuring accuracy and detecting errors. Depending on your organisation’s size, this process could involve a review by another senior compliance team member, an executive, or an external advisor. A fresh perspective often helps identify inconsistencies or gaps.

Tip: Schedule your review at least a week before the deadline to allow time for adjustments. Pay particular attention to any material changes from last year’s responses and flag them for the four-eye review to ensure accuracy.

  1. Check Your AUSTRAC Online Access
    Before you even begin drafting your responses, ensure that:
  • Your AUSTRAC Online login details work properly.
  • Your contact information is up to date.
  • You have access to all necessary sections in the portal.

If your previous administrator has left, you will need to appoint a new administrator using the AUSTRAC Online user access form. You can find this on the ‘Manage your account’ page.

Tip: Test your login early to avoid last-minute surprises.

  1. Keep Supporting Evidence Handy
    AUSTRAC may request additional information after you submit your report. To prepare:
  • Gather documents such as risk assessments, training records, and internal audit reports.
  • Ensure that each response in your report can be backed up by the evidence you have.
  • Organise files systematically for easy access if AUSTRAC requests them.

Tip: Cross-reference each answer in your spreadsheet with specific evidence for a smoother submission process.

  1. Address Common Challenges Transparently
    If your organisation faced compliance challenges, don’t gloss over them. AUSTRAC values transparency. In your report:
  • Acknowledge any breaches and detail the corrective actions taken. Ideally the Annual Compliance Report would not be the first time AUSTRAC are hearing of these issues, however if that is the case, consider if a supporting letter would be appropriate.
  • Explain any gaps in compliance and how you plan to address them in the coming year.

Tip: If you feel an answer could be misinterpreted, follow up separately with AUSTRAC—either through your usual AUSTRAC contact or via the “Contact Us” form on their website. Always keep a copy of any correspondence for your records.

  1. Don’t Leave It to the Last Minute!
    The deadline of 31 March 2025 may seem far away, but last-minute issues can lead to rushed responses or mistakes. To avoid this—and the risk of penalties—consider the following:
  • Set internal deadlines: Break down the report into sections with specific completion dates.
  • Allow extra time: Plan for a review and revisions well ahead of the deadline.
  • Submit early: Aim to submit at least a week in advance to avoid system delays or unexpected queries from AUSTRAC.

Tip: Submitting early also gives you time to manage any follow-up requests from AUSTRAC promptly.

Conclusion
Preparing your AUSTRAC compliance report doesn’t have to be stressful. By starting early, staying organised, and following these practical tips, you can ensure a smooth and timely submission. This year’s new and modified questions reflect AUSTRAC’s continued focus on addressing emerging risks across various sectors, particularly around business-to-business digital currency exchange services, increased scrutiny on outsourcing practices, and oversight of AML/CTF programs. A well-prepared report not only meets regulatory requirements but also strengthens your organisation’s compliance framework.

Need help preparing your compliance report, understanding new obligations, or responding to AUSTRAC enquiries? Contact us for support.