On 7 December 2006, Parliament passed the Anti Money Laundering and Counter Terrorism Financing Act 2006 (AML/CTF Act). To date, there has been little focus on the ‘employer’ obligations of organisations who are covered by the AML/CTF. In many ways, those obligations have been the ‘sleeper’ issue of the AML/CTF Act.
With an employer’s obligation to implement an Employee Due Diligence Program and a Training Program to commence on 12 December 2007, the employee issues must now be a key part of all compliance plans.
Which employers are covered?
The AML/CTF Act is likely to apply to an employer if it undertakes a business in the financial sector or gambling sector, is a bullion dealer or other professional or business that provides particular designated services. Examples of employers covered by the AML/CTF Act include retail and investment banks, money lenders, superannuation funds, life insurance companies, stock brokers, fund managers and financial planners.
What is included in an Employee Due Diligence Program?
In short, an employer must have an Employee Due Diligence Program that deals with the screening, monitoring and management of employees in certain positions.
The relevant positions are those that would enable a person to facilitate the commissioning of money laundering (ML) or financing of terrorism (TF) (we refer to these positions as ‘Risk Positions’). Examples of Risk Positions include positions where employees have direct contact with cash, transferring of funds, monetary transactions or control over the recording of those transactions.
Implications for Employers
The first step is for an employer to determine if it is covered by the AML/CTF Act. If so, an employer should:
- identify Risk Positions;
- determine how it will screen for those Risk Positions. If an employer already has pre-employment checks in place, this may be enough;
- decide the forms of monitoring to implement. This could include auditing or spot checks, testing and email checking or video surveillance (subject to other relevant laws);
- consider how to create a culture of compliance. This could include inserting compliance obligations in employment contracts, job descriptions or guidelines; and
- develop a training program This may include separate training for different levels of employees, depending on both the risk level of the position but also seniority.
The AML/CTF Rules require an employer to determine whether to, and how it should, screen prospective employees or an employee who is being transferred or promoted into a Risk Position.
This will mean that employers will need to determine which roles are Risk Positions and then how to screen for those positions. The AML/CTF Rules are silent as to the extent of the screening required. As a minimum, however, we believe that a reporting entity should have a screening process that confirms the identification of an employee and performs a criminal conviction check.
A reporting entity may also wish to screen for more subjective matters such as anything that may make the employee (or prospective employee) susceptible to ML or TF risk. For example, whether a person has lived in a number of countries for short periods of time. Obviously, the wider the screening is, the potential for breach of other laws (such as discrimination) increases.
The AML Rules require a reporting entity to establish and maintain a system to manage an employee who fails to comply with the entity’s AML/CTF Program. This means an employer will need to monitor employees. Again the AML/CTF Act does not state how this should occur.
A reporting entity will also need to decide how it will discipline employees who are not complying with the AML/CTF Program.
What will the Training Program need to cover?
The AML/CTF Rules require an employer to provide appropriate training at appropriate intervals. The Training Program must include:
- the obligations of the reporting entity under the AML/CTF Act;
- the consequences of non-compliance;
- the types of ML and TF risks within that organisation; and
- the processes and procedures in place.
It is up to the employer to decide how often to conduct the training. For many employers though, it would make sense to conduct that training upon induction and thereafter at least annually.
What if an employer is not ready by 12 December 2007?
The obligation to implement an Employee Due Diligence Program and a Training Program will commence on 12 December 2007. While a 15‑month amnesty for civil penalty orders will exist for non-compliance, this will only occur if the reporting entity can satisfy AUSTRAC that it has taken ‘reasonable steps’ to comply.
What are the penalties under the AML/CTF Act and the Criminal Code?
Failure to comply with the AML/CTF Act is an offence and can lead to both civil and criminal penalties including substantial pecuniary penalties. An employer will be vicariously liable for those acts of an employee unless they can establish that they exercised due diligence. The maximum penalty for a body corporate is $11,000,000.
Further, under the Criminal Code:
- individuals who engage in ML or TF can be sentenced to imprisonment (up to life for TF); and
- the liability of a corporation for the actions of its employees, agents and officers is regulated by Part 2.5. For example, where an offence requires intention or knowledge, a corporation is taken to have such an intention or knowledge if it expressly, tacitly or impliedly authorised or permitted the commission of an offence.
Other relevant employment issues
The AML/CTF Act raises a number of other practical and legal issues including:
- protection from liability . The AML/CTF Act provides protection from liability for a person who, in good faith, does or omits to do anything in compliance with the AML/CTF Act. It will be interesting to see whether this is an effective defence in relation to employment law matters such as discrimination and unfair dismissals; and
- tipping off. There are restrictions in relation to ‘tipping off’ a customer where a suspicious matter reporting obligation arises. In some circumstances these restrictions may prevent an employer from raising concerns with an employee, in case the employee tips off the customer. This will impact the timing of, and reasons given for, disciplining or dismissing the employee. Guidance may need to be sought by an employer from AUSTRAC or the Australian Federal Police before any concerns are raised or dismissal occurs.
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.