The FinCrime Connection Global: June 2025

Welcome to The FinCrime Connection Global, where we unpack the most significant stories in financial crime.

This month, we highlight three key developments from across Australia, the UK, and New Zealand that financial crime professionals should be aware of.

Story 1: Australia's Enhanced SMR Requirements Set to Transform Reporting Landscape

AUSTRAC's second consultation on new AML/CTF Rules is reshaping how Australian firms will report Suspicious Matter Reports (SMRs), with the consultation period closing on 27 June 2025.

The proposed changes introduce significantly more comprehensive and standardised data fields, representing a significant evolution from current reporting practices.

The new requirements are particularly detailed when it comes to virtual assets, requiring firms to capture wallet addresses, including destination tags/memo details for custodial wallets, and virtual asset specifics, including kind, backing asset, units, and AUD value. For traditional transactions, firms will need to provide unique identifiers for individuals and detailed information about key personnel for non-individual customers.

This consultation builds on feedback from the first round that closed in February 2025, addressing the growing complexity of financial crime involving digital assets and sophisticated transaction structures. AUSTRAC has updated the draft AML/CTF Rules to address feedback received in the first round of consultation, including allowing more flexibility in customer due diligence procedures.

What This Means for Financial Institutions

The scale of change cannot be overstated - these aren't minor tweaks to existing requirements but a fundamental overhaul of how suspicious activity is reported to AUSTRAC. The enhanced data requirements will enable the production of better-quality intelligence, but will require significant changes to systems and processes.

If you're preparing for these changes, consider:

• Reviewing your current SMR processes against the proposed new data requirements to identify gaps
• Assessing technology capabilities to capture and submit the enhanced data fields, particularly for virtual asset transactions
• Engaging early with the consultation process to provide feedback on practical implementation challenges
• Planning for staff training on the new requirements, especially around virtual asset reporting obligations

The virtual asset focus is particularly significant, reflecting AUSTRAC's assessment that virtual asset services were deemed to have a medium-high vulnerability to money laundering and are highly vulnerable to misuse for terrorism financing. With virtual asset services coming under full regulation from 31 March 2026, early preparation is crucial.

Financial institutions should watch for AUSTRAC's final rules publication, expected in August 2025, and begin planning system upgrades and process changes now.

Read more about the consultation at AUSTRAC

Story 2: UK Fraud Figures Reveal Criminal Adaptation in Action

The UK Finance Annual Fraud Report 2025 presents a complex picture of progress and new challenges. While APP fraud cases dropped by 20%, remote purchase fraud surged by 22% to nearly 2.6 million cases, accounting for 78% of all unauthorised fraud incidents.

The UK experienced 3.31 million fraud cases in 2024, a 12% increase from 2023, with total losses exceeding £1.1 billion. The statistics reveal how criminals quickly adapt their tactics - as APP fraud controls tightened, criminals shifted to exploiting vulnerabilities in remote purchase fraud, driven by the compromise of one-time passwords used to register digital wallets.

The introduction of mandatory reimbursement rules by the Payment Systems Regulator in October 2024 provided some relief for victims, with £267.1 million being returned to APP fraud victims, covering approximately 59% of losses. However, the data also show the emergence of more sophisticated investment scams, resulting in £144.4 million in losses, a 34% year-on-year increase.

The Prevention Paradox Challenge

This data perfectly illustrates what we might call the "prevention paradox" - success in preventing one type of fraud often leads criminals to exploit other vulnerabilities. The banking sector's investment in APP fraud prevention has clearly paid off, but criminals have responded by focusing on remote purchase fraud and more sophisticated investment schemes.

The human cost extends beyond financial losses. Fraud victims suffer confidence loss and psychological damage that can persist long after any financial reimbursement.  The emotional trauma underscores why prevention remains far more valuable than cure.

Financial crime teams should:

• Recognise criminal adaptation patterns and avoid tunnel vision on any single fraud type
• Invest in comprehensive monitoring that can detect emerging threats across all channels
• Strengthen customer education about new fraud tactics, particularly around remote purchase fraud
• Collaborate across sectors - banks alone cannot solve this problem without better engagement from social media platforms, telecoms, and other industries where fraud originates

The report emphasises that this is not just a banking problem - it requires coordinated action across multiple industries to address fraud at its source before it reaches financial institutions.

Read more at UK Finance

Story 3: New Zealand Delivers Strong Message with NZ$1.125 Million Money Remitter Fine

Auckland-based foreign exchange and money remittance company Qian DuoDuo Limited, trading as Lidong Foreign Exchange, has been convicted and fined NZ$1.125 million for significant breaches of New Zealand's Anti-Money Laundering and Countering Financing of Terrorism Act (AML/CFT Act). The Department of Internal Affairs (DIA) investigation found that the company failed to report 197 international transactions to China between June 2018 and September 2019, totalling over NZ$19.14 million.

The scale of the compliance failures was substantial. Of the unreported transactions, 26 (valued at NZ$4.72 million) were identified as "objectively suspicious," while 171 transactions (valued at NZ$14.42 million) were prescribed transactions requiring mandatory reporting under the Act. Most concerning, at least NZ$4.72 million was later linked to criminal actors.

The consequences extended beyond regulatory penalties. Two individuals who completed transactions through Qian DuoDuo, Xiaoyu Lu and Musubayoufa Fuati, were subsequently convicted of criminal offences. Lu was convicted of providing unregistered financial services and multiple counts of money laundering, while Fuati was convicted of structuring transactions to avoid anti-money laundering laws.

The District Court found that Qian DuoDuo's activities enabled and emboldened drug trafficking, causing massive harm to communities in New Zealand and overseas through the peddling of illegal drugs.

A Strong Regulatory Message

This penalty represents a significant escalation in New Zealand's AML/CFT enforcement approach. While previous large fines were typically related to broader systemic breaches, this case focused on specific reporting failures, yet still resulted in a substantial penalty. The DIA's message is clear: even focused compliance failures can result in million-dollar consequences.

The NZ$1.125 million fine takes on additional significance when viewed against the maximum penalties available. For criminal offences under the AML/CFT Act, businesses can face fines of up to NZ$5 million, indicating that regulators view this as serious non-compliance that warrants substantial deterrent action.

DIA Regulatory Assurance Manager Martin Sablyak noted that Qian DuoDuo had "a history of non-compliance," with the Department having taken civil action against the company in 2017 for previous AML/CFT breaches. This pattern of repeated failures likely contributed to the severity of the penalty.

Essential Lessons for Compliance Teams

The Qian DuoDuo case offers critical lessons for money remitters and other reporting entities:

1. Treat Every Transaction Above Threshold Seriously -The failure to report prescribed transactions demonstrates the importance of robust transaction monitoring systems. Compliance cannot be selective - every transaction meeting reporting thresholds must be appropriately identified and reported.
2. Automate or Audit Reporting to Ensure Completeness - The scope of unreported transactions (197 over 15 months) suggests systematic gaps in the reporting process. Either implement automated systems to capture all reportable transactions or establish comprehensive auditing procedures to verify the completeness of reporting.
3. Train Staff to Recognise Suspicious Behaviour Patterns - The presence of 26 "objectively suspicious" transactions that went unreported highlights the need for ongoing staff education about red flags and suspicious behaviour patterns, particularly in high-risk sectors like money remittance.
4. CDD Should Evolve with Customer Activity - The connection between unreported transactions and subsequently convicted customers suggests inadequate ongoing monitoring. Customer due diligence must be dynamic, evolving as customer activity patterns change or new risk indicators emerge.

The Qian DuoDuo case demonstrates that compliance failures in money remittance can have far-reaching consequences, enabling serious criminal activity that harms communities. For compliance officers and directors, the case highlights the crucial importance of robust, properly audited AML/CFT systems and the substantial reputational and financial risks associated with getting it wrong.

Read more at 1News

Stay Vigilant

These stories from across our key markets reveal clear themes related to regulatory evolution and the severe consequences of compliance failures.

• Australia's enhanced SMR requirements will provide better intelligence to combat evolving threats, particularly in the growing virtual asset space.
• The UK's fraud data shows both the success of targeted prevention and the need for comprehensive approaches as criminals adapt their tactics.
• New Zealand's significant penalty for Qian DuoDuo reinforces that reporting failures can enable serious criminal activity, from drug trafficking to money laundering, and result in substantial financial and reputational consequences.

The organisations that succeed will be those that anticipate regulatory changes, invest in comprehensive monitoring systems, ensure complete and accurate reporting, and maintain dynamic risk assessment processes.

Financial crime prevention isn't just about meeting regulatory obligations - it's about protecting customers, preventing criminal exploitation of financial systems, and contributing to safer communities. The consequences of getting it wrong, as demonstrated across all three jurisdictions, are simply too significant to ignore.

Join us next month for more insights from The FinCrime Connection Global, brought to you by Jade ThirdEye.

This blog is based on the Global FinCrime Connection podcast, hosted by Jing and Jamie from Jade ThirdEye. Jing represents our Sydney-based team, helping clients efficiently battle financial crimes, while Jamie brings extensive financial crime expertise to help our community stay ahead of emerging threats.