Resources & Blog
Reform Fatigue vs. Regulatory Focus: Getting Back to the Why
Regulatory Focus
“We are shifting our regulatory approach from just looking at compliance, to focus on outcomes and, specifically, the harms resulting from businesses failing to manage money laundering risks.”
— Brendan Thomas, AUSTRAC CEO – 23 June 2025
In the rush to prepare for AML/CTF reform and the expansion of Tranche 2 obligations, the profession risks losing sight of the fundamentals. Policies, frameworks, and deadlines matter, but they are not the end goal.
Customer Risk Ratings: Why Your CRA Model Only Tells Half the Story
Most customer risk assessment models look great on paper. They meet regulatory expectations, pass audits, and generate neat reports that group customers into low, medium, or high-risk categories.
But beneath the surface, many of these models only tell half the story. That blind spot is costing Reporting Entities both operational efficiency and meaningful insight into customer risk.
The missing piece? Residual risk.
You Know Your Biggest Spender’s Favourite Machine and Drink. But Do You Know Where Their Cash Comes From?
It’s Thursday night. Your regular walks in, carrying large amounts of cash. He’s on a first-name basis with your bar staff. Plays the same high-value machine. Drinks the same top-shelf scotch. Generous tips. A “good guy”.
He plays big, often runs the credit out, and receives the VIP treatment.
It might seem harmless. Perhaps even good for business. But if that cash comes from crime (including tax evasion), your venue could be enabling money laundering.
If you’ve never asked where his cash comes from or how he made his money, your pub or club might be missing something important, and when the regulator knocks, you’ll be asked to explain why.
The Enemy Within: Why Tranche 2 Entities Must Act on Employee Due Diligence Now
When we think about anti-money laundering and counter terrorism financing (AML/CTF) risks, our minds often jump to suspicious customers, shady transactions, and complex criminal networks. But there’s another, more insidious threat: one that wears a staff ID badge, attends meetings, and shares morning coffees with us.
Debanking: Are We Managing Risk or Pushing It Underground?
If, as a society, we are serious about stopping the migration of financial crime underground, we need more than regulatory tweaks. We need structural, even radical, solutions.
Banks, under pressure from regulators, have been unofficially deputised as gatekeepers of financial access, but without sufficient infrastructure to manage the risks they are asked to bear.
Stuck in the Middle: The Screening Dilemma for AML Teams
You’re caught in a no-win scenario.
Calibrate too tightly, and you miss a critical alert, regulators ask why.
Calibrate too loosely, and you drown in false positives, your team’s buried, morale drops, and the real risk gets missed anyway.
Somewhere in between is a setting that might work, but the system won’t tell you what that is. And neither will the vendor.
When the Regulator Brings a Microscope: Lessons from AUSTRAC v Entain
You can almost feel the regulator’s exasperation in AUSTRAC’s Statement of Claim (SoC) against Entain. This isn’t a case about complex breaches — the allegations are about failures in the fundamentals: basic compliance and ML/TF risk management.
Assurance That Gets It: Making Findings That Matter
The most common mistake in AML/CTF assurance? Findings that read well — but change nothing. Too often, assurance reviews become mechanical exercises. Walkthroughs, document reviews, control testing — all technically correct, but disconnected from the actual...
Risk-Based KYC: Bowling without the bumpers
For years, clear rules, box-ticking procedures, and safe harbour provisions made customer due diligence feel manageable—even comfortable. We believed prescription kept us safe. As we prepare for the new reforms, that comfort is quickly fading—replaced by a more fluid,...