Welcome to 'The FinCrime Connection', where we unpack the most significant stories in financial crime.
This month, we examine AUSTRAC’s evolving regulatory stance — and why it's more than just a change in wording.
AUSTRAC’s Regulatory Evolution — From Compliance to Outcomes
AUSTRAC has signalled a significant shift in its regulatory stance, moving from a compliance-driven focus to an outcomes-based approach. This change in approach, described by AUSTRAC CEO Brendan Thomas as a “major evolution in our regulatory approach,” represents a fundamental reframe for reporting entities (REs): from simply demonstrating adherence to obligations, to proving that their AML/CTF programs are effectively detecting and disrupting financial crime.
A Clearer Focus on Outcomes
Historically, many REs have concentrated on meeting prescriptive requirements—addressing identified risks, implementing controls, and reducing false positives. Under the new direction, AUSTRAC is placing greater emphasis on whether those controls are delivering meaningful results aligned with the regime’s purpose: detecting money laundering and countering the harms of serious and organised crime.
This means AML/CTF programs will need to demonstrate their effectiveness in producing real-world outcomes. Compliance remains important—but it is no longer enough on its own.
Transaction Monitoring: A Practical Opportunity
One key area where this change will be felt is in transaction monitoring. Traditionally, rule tuning efforts have focused on reducing alert volumes and minimising false positives. While this remains an important goal, AUSTRAC’s shift signals that REs must also optimise monitoring rules to improve the detection of suspicious activity.
For example, threshold-based rules should not be treated as static. If reportable activity is occurring close to an existing threshold, revisiting and adjusting that threshold could lead to the identification of previously undetected suspicious transactions. Effective rule tuning should balance the need to reduce noise with the imperative to uncover financial crime.
What’s Coming: Timelines and Expectations
The updated regulatory approach will be supported by new rules, expected to be released in August 2025 following two rounds of public consultation. These rules will give further clarity on how the outcomes-based approach will be operationalised.
Key compliance dates have already been confirmed:
- Tranche 1 REs: Required to comply by 31 March 2026
- Tranche 2 REs: Required to comply by 1 July 2026
AUSTRAC is expected to offer guidance and support during the transition but has made it clear that wilful non-compliance will not be tolerated. Entities should use the lead time to thoroughly review their programs, enhance detection-focused controls, and ensure they are well-positioned to meet the new expectations.
Compliance Still Matters
It’s worth noting that AUSTRAC has not abandoned the importance of compliance. The language used—“from just looking at compliance”—reinforces that minimum standards must still be met. AUSTRAC has continued to publish enforcement outcomes across a broad range of sectors and entity sizes, demonstrating a willingness to act where significant failures are identified.
The takeaway is clear: compliance is still foundational, but regulators are now looking beyond the paperwork to assess the real-world effectiveness of AML/CTF programs.
Now is the time for REs to review their programs, revisit their detection strategies, and prepare for what lies ahead.
Strengthening Detection Through Partnership
Alongside regulatory expectations, there are practical challenges that can limit the effectiveness of transaction monitoring. One of the most common—and often overlooked—pitfalls is treating AML software providers purely as technology vendors, rather than as strategic partners.
This idea is explored further in our recent blog, Five Transaction Monitoring Pitfalls That Keep FinCrime Teams Up at Night. The blog highlights how relying solely on the tool, without leveraging the expertise and support behind it, can hold teams back from achieving meaningful detection outcomes.
Technology alone doesn’t drive results. It’s the combination of subject matter expertise, platform knowledge, tailored training, and collaborative tuning that helps reporting entities detect more financial crime while managing false positives effectively.
By working closely with your vendor, you can better align system performance with your detection goals—an essential step in meeting both operational and regulatory expectations.
Join us next month for more insights from The FinCrime Connection, brought to you by Jade ThirdEye.
This blog is based on the July episode of The FinCrime Connection AU, hosted by Colin Dixon and Jamie Muir from Jade ThirdEye. Colin, AML Solution Specialist, has been with Jade ThirdEye since its inception in 2012 and works closely with clients to help them get the most from the platform. Jamie, Head of Customer Success, has over a decade of experience supporting clients, including four years based in the UK.