Resources

The layman's guide to AML/CTF Rules 2025: Part 9 - Reporting

Disclaimer: The content on this website is general and is not legal advice. Before you make a decision or take a particular action based on the content on this website, you should check its accuracy, completeness, currency and relevance for your purposes. You may wish to seek independent professional advice.


 

A note on Suspicious Matter Reports (SMRs) and Threshold Transaction Reports (TTRs)

There is significant overlap in the information needed when submitting SMRs and TTRs. The key difference is the trigger and focus:

  • Suspicious Matter Reports (SMRs, part 9-4) are lodged when you suspect something is off (fraud, tax evasion, ML/TF, unusual behaviour). The report digs into why you’re suspicious and the context.
  • Threshold Transaction Reports (TTRs, part 9-8) are lodged whenever a large cash/physical currency transaction hits the threshold (AUD $10,000+), regardless of whether anything looks suspicious. The report is much more about facts of the transaction: who, when, where, how much.

Division 1 - Reports of suspicious matters

9-2 Reports of suspicious matters - general information

When you suspect a client or transaction might involve money laundering, terrorism financing, sanctions breaches, or other serious crime, you must file a Suspicious Matter Report (SMR) with AUSTRAC.

General details

  • Your business name and AUSTRAC ID.
  • The date you submit the SMR.
  • The date you first suspected something was wrong.
  • If legal privilege delayed your reporting (special rule for lawyers).
  • Links to any earlier reports you’ve already lodged on the same matter.

Who lodged the report

  • Name, job title, and contact details of the person completing the report.
  • Contact details of another person in your business who can explain how and why the suspicion was formed.

If you already told another agency

  • Which agency you reported to (e.g. police, regulator).
  • The unit/contact person, reference number, and date of report (if known).
  • A summary of what you told them.

9-3 Reports of suspicious matters - information about persons

For each individual, you must include:

  1. Full legal name.
  2. Any other names they are commonly known by (e.g. previous names, business names, anglicised names).
  3. Date of birth.
  4. Gender.
  5. Citizenship(s).
  6. Country or countries of tax residence.
  7. Contact details (residential, postal, and if relevant, business address; phone number; email address).
  8. Occupation, business, or main activity.
  9. Unique identifier for the individual (if available).
  10. Details of the reliable and independent data (if any) used to verify their identity (e.g. government-issued ID, registry check).
  11. Reference number (if any) provided by an accredited Digital ID provider under the Digital ID Act 2024.
  12. If the person’s identity cannot be fully established:
    • A description of the individual, and
    • Whether the reporting entity holds any image, video, or recording of them.

For each non-individual (e.g. company, trust, partnership, association), you must include:

  1. Full legal name.
  2. Any other names used (such as previous names or trading names).
  3. Country or countries of incorporation, formation, or registration.
  4. Country or countries of tax residence.
  5. Registered office address.
  6. Principal place of business address.
  7. Postal address.
  8. Contact details (phone number, email address).
  9. Description of business or principal activity.
  10. Legal form of the entity (e.g. company, partnership, trust, association).
  11. Details of beneficial owners.
  12. For a body corporate:
    • Full name of each director or person with primary responsibility for governance and executive decisions, and
    • Their director ID (if applicable).
  13. For an express trust:
    • Type of trust (discretionary, unit, bare, etc.),
    • Details of the trustee(s),
    • Details of settlors, appointors, guardians, or protectors (if any),
    • For trusts with 10 or fewer identifiable beneficiaries: details of each beneficiary,
      For trusts with more than 10 beneficiaries: description of each class of beneficiary.
  14. Unique identifier for the entity (if available).
  15. Details of the reliable and independent data (if any) used to verify the entity’s identity.

9-4 Reports of suspicious matters - information about the matter

When filing a SMR, you must describe:

  1. Why the suspicion arose
    • Identity concerns (customer or their agent not who they claim).
    • Possible tax evasion.
    • Possible serious offence or proceeds of crime.
    • Possible terrorism financing.
    • Possible money laundering.
  2. Key circumstances
    • When you provided, were asked to provide, or were asked about providing the service.
    • How the suspicion links to the service.
  3. Relevant details
    1. Any addresses or locations connected to the suspicious matter (e.g. property address, business premises, offshore location).
    2. Your internal reference number for the transaction, matter, or file the suspicion relates to.
Information about designated services

Describe which designated service(s) were involved in the matter (e.g. property sale, legal service, account service, money transfer).

Information about an account

Provide the following (if known and relevant):

  • The name of the person or business providing the account (bank, firm, etc.).
  • Information about the account holder (as if they were the subject of the SMR).
  • The type of account (savings, loan, credit card, etc.).
  • Account identifiers (such as BSB and account number).
  • Details of any signatories linked to the suspicious activity (as if they were the subject of the SMR).
  • The names (or, if there are more than 10, a description of each type or class of signatory) of all other signatories.
  • When the account was opened.
  • The account balance at dates relevant to the matter.
Information about transactions

Provide the following (if known and relevant):

  • A description of each transaction.
  • The transaction value (AUD or foreign currency).
  • For foreign currency: the currency type, amount and exchange rate.
  • If products/instruments are involved (e.g. cheque, stored value card, bullion, gaming chip):
    • Description of the item.
    • Value of the item.
    • Details of payer/transferor (as if they were the subject of the SMR).
    • If issued by someone else, the issuer’s name and location.
  • For each payee, transferee, or beneficiary: details (as if they were the subject of the SMR).
  • Date and time of the transaction.
  • For transfers of value:
    • Value of the money, assets, or property transferred.
    • Unique transaction reference number.
Information about transfers of property

Provide the following (if known and relevant):

  • Any unique reference number for the transfer as applied by the reporting entity or other.
  • The value of the property (AUD or foreign currency).
  • Details of each person involved (as if they were the subject of the SMR).
  • Details of the property, including any unique identifiers. E.g.
    • For real estate: lot and plan numbers.
    • For bullion: serial number.
Information about virtual assets

If the suspicious matter involves virtual assets (like cryptocurrency), include:

  • The type of virtual asset and whether it has a backing asset (e.g. stablecoin backed by cash).
  • The full name of anyone who controls or controlled the asset (including decentralised autonomous organisations if relevant).
  • The full name of anyone in whose name the assets are / were held.
  • The number of units involved.
  • The value in AUD.
  • The exchange rate used to determine the value.
  • The unique transaction reference number (including transaction hash).
  • Any wallet addresses (with destination tags or memo details if relevant).
Information about another person providing a designated service

If another business (not you) provided or proposed to provide a designated service connected to the matter, include:

  • Their full name.
  • The address/location where the service was or would be provided.
  • The kind of designated service they provided or proposed to provide.
Information about online activity

If online activity is linked to the suspicious matter, include (as known):

  • Unique network numbers, such as IP address.
  • Date and time of the online activity (if different from the transaction time).
  • Unique device identifiers, such as International Mobile Equipment Identity (IMEI).
  • The software or application being used.
  • The person’s full name and any usernames linked to that software/application.

Division 2 - Reports of threshold transactions

9-5 Purpose of this Division

This part sets out what information must be included when reporting a threshold transaction (Threshold Transaction Report / TTR) which is a large cash or similar transaction) to AUSTRAC.

9-6 Reports of threshold transactions - general information

Your report must include:

  • Your business name and AUSTRAC identifier.
  • The date you submit the report.
  • Details of the staff member completing the report (name, role, contact details).

9-7 Reports of threshold transactions - information about the customer and other persons

Individuals

  • Use the same details required under SMRs (see Division 1).

Non-individuals (companies, trusts, partnerships, etc.)

  • Also use the same details as SMRs (see Division 1).
Content of threshold transaction reports

You must include reportable information (if known and applicable) about:

  • The customer who received the service.
  • The transferor or transferee (if different from the customer).
  • Any person on whose behalf the service was received.
  • Any beneficial owners or connected parties relevant to the customer.
  • If someone acted on the customer’s behalf, you must record:
    • Their relationship to the customer,
    • Their authority to act, and
    • Their details
Exceptions for people acting on behalf of the customer

Normally, if someone acts on behalf of your customer, you must include their details in the report.

But you don’t need to include those details if all three of these conditions apply:

  1. The transaction was a cash deposit with no personal contact - for example, through an ATM or express deposit box.
  2. The transaction did not involve virtual assets.
  3. The person was acting as part of their regular cash-handling business, such as a payroll delivery or professional cash courier. (This does not cover informal collectors such as people fundraising for a charity).
What you must do instead

If you rely on this exception, your report must clearly state the circumstances  -  e.g. “cash deposited via ATM, no personal contact” or “cash delivered by professional courier service”.

9-8 Reports of threshold transactions - information about the transaction

Standard information

Your report must include:

  • the date and time of the transaction
  • the address or location where it happened
  • the role of each person involved (customer, transferor, transferee, etc.)
  • the purpose of the transaction (if known)
  • the kind of designated service involved
  • your organisation’s reference number (e.g. transaction or matter ID)
  • the value in AUD of any physical currency involved
  • for foreign currency: the type, amount, and exchange rate used
Information about an account

If the transaction involved an account, include the same information as SMRs (see 9-4), with additional information on:

  • The signatory to the account who conducted the transaction
  • The account opening date
Information about products or instruments

If products or instruments were involved, record a description and value in AUD (or foreign currency). Examples: cheque, traveller’s cheque, stored value card, precious metals, gaming chips/tokens.

Information about transfers of property

If the transaction involved property include the same as SMRs (see 9-4) but you can exclude details of each person involved.

Information about virtual assets

Same as SMRs (see 9-4).

Information about another person providing the service

Same as SMRs (see 9-4).

Information about online activity

Same as SMRs (see 9-4).

Division 3 - AML/CTF compliance reports

9-9 Reporting and lodgement periods for AML/CTF compliance reports

  • Your reporting period is each calendar year (1 January – 31 December).
  • You then have 3 months after the end of that year to lodge your compliance report with AUSTRAC.

For example: your 2026 report (covering 1 Jan–31 Dec 2026) must be lodged by 31 March 2027.

Division 4  -  Registered remittance affiliates

Note
The following section of the AML/CTF Rules do not apply to law firms, accounting practices, or real estate agencies. They apply to remittance providers, financial institutions, or individuals/businesses physically moving currency across borders.

That said, for completeness, here is the outline of the section.

  • Who it applies to: Remittance affiliates within a registered remittance network.
  • Obligations:
    • Suspicious matter reports can be lodged by the network provider on behalf of affiliates (with a written agreement).
    • Threshold transaction and international funds transfer reporting obligations sit with the network provider, not the affiliate.

Division 5  -  Cross-border movement reports

Note
The following section of the AML/CTF Rules do not apply to law firms, accounting practices, or real estate agencies. They apply to remittance providers, financial institutions, or individuals/businesses physically moving currency across borders.

That said, for completeness, here is the outline of the section.

  • Who it applies to: Anyone moving cash or bearer instruments (like cheques, money orders, traveller’s cheques) of $10,000+ into or out of Australia.
  • Obligations:
    • Reports must include details of the person, sender/receiver, type and amount of instruments, travel or shipment details, and declaration of truth.
    • Timing: report at customs (if carried personally) or before dispatch (if sent).
    • Receipts of such instruments must also be reported within 5 business days.
    • Notices: Government signage must be displayed at ports, airports, and similar locations to alert travellers of these obligations.

About First AML

First AML comes from the perspective of both a technology provider, but also as compliance professionals. Prior to releasing, First AML’s all-in-one AML workflow platform, we processed over 2,000,000 AML cases ourselves. Understanding the acute problem that faces firms these days as they try to scale their own AML, is in our DNA.

That's why First AML now powers thousands of compliance experts around the globe to reduce the time and cost burden of complex and international entity KYC. Source stands out as a leading solution for organisations with complex or international onboarding needs. It provides streamlined collaboration and ensures uniformity in all AML practices.

Keen to find out more? Book a demo today!

Related