The Australian Transaction Reports and Analysis Centre (AUSTRAC) has implemented significant changes to its tipping off provisions, effective 31 March 2025. These amendments require a thorough understanding and proactive response from all Australian Financial Services Licence (AFSL) holders to ensure ongoing compliance and maintain the integrity of Australia’s financial system regarding AML/CTF tipping off. It is crucial to understand what these changes mean and, more importantly, what practical steps AFSL holders must take concerning Suspicious Matter Report (SMR) disclosure.

Previously, the restrictions around disclosing the fact that a suspicious matter report (SMR) had been, or was being, prepared or provided to AUSTRAC were relatively broad. While the intent was always to protect the integrity of investigations and the safety of those involved, the previous legislation could, at times, feel like navigating a minefield. The key difference now lies in the increased clarity and the introduction of specific tipping off exceptions to the general prohibition against tipping off, which is vital for preventing tipping off financial crime.

What is Tipping Off?

The core prohibition remains: you generally cannot disclose to a client or a third party that you have formed a suspicion or that you have provided, are providing, or are proposing to provide a suspicious matter report (SMR) to AUSTRAC. This fundamental principle is crucial in preventing individuals or entities under scrutiny from altering their behaviour, destroying evidence, or fleeing.

According to AUSTRAC, “tipping off” is defined as disclosing certain types of information to another person, where it would or could reasonably be expected to prejudice an investigation. This includes investigations under Commonwealth, State, or Territory law, and proceeds of crime laws.

Tipping off is a criminal offence, with a maximum penalty of imprisonment for 2 years or 120 penalty units, or both. It does not matter whether you know or think an investigation has started; you must consider the potential consequences of disclosure on an investigation, current or future.

Types of Information Protected:

The AUSTRAC guidance clarifies that the “Information” protected by the tipping off offence includes:

  • Information about SMRs, such as that you submitted an SMR, that the SMR requirement was triggered, or any report or document related to meeting SMR obligations.
  • Information about notices given under sections 49 and 49B of the AML/CTF Act, including being required to give information/documents or having done so.
  • Information about suspect transaction reports (SUSTRs) if you were a cash dealer before 7 January 2025, including forming a suspicion, providing information via SUSTR or notice, or any information from which someone could reasonably infer such information was given to AUSTRAC.

What it Means to Prejudice an Investigation:

Prejudicing an investigation means doing something that could negatively affect an investigation. This often depends on what information is disclosed, who it is disclosed to, how it is disclosed, and when it is disclosed. Examples include telling a customer or associate about an SMR or notice, telling a customer you suspect them of criminal conduct (or giving them enough information to understand you suspect them), accidentally disclosing information publicly, or disclosing to someone likely to share it widely. Such disclosures can prompt subjects to change behaviour to avoid detection.

Introduction of Specific Exceptions:

The significant shift lies in the newly defined tipping off exceptions, which explicitly permit certain disclosures in specific circumstances. These are designed to facilitate the normal course of business and internal risk management processes, provided appropriate safeguards are in place.

One critical exception relates to disclosures within your own organisation. You are now permitted to share information about a suspicion or an SMR with your employees, officers, and related bodies corporate for the purposes of:

  • Ensuring compliance with Anti-Money Laundering and Counter-Terrorism Financing (AML/CTF) obligations: This includes internal discussions about the suspicion, the decision to report, and the content of the report.
  • Conducting risk assessment and management: Sharing information internally allows for a more comprehensive understanding of the organisation’s risk profile and the implementation of appropriate mitigation strategies.
  • Obtaining legal advice: You can now discuss potential or actual SMRs with your legal counsel to ensure compliance and understand potential legal ramifications.

Other disclosures that are not generally likely to be considered tipping off include:

  • Disclosures to comply with requirements in other Commonwealth, State, or Territory laws (e.g., scam prevention, state gambling laws).
  • Disclosures in the process of supporting due diligence in a merger or acquisition.
  • Participation in activities of the Fintel Alliance.
  • Making reasonable enquiries or conducting enhanced customer due diligence (CDD) before an SMR obligation has been triggered, provided you are not disclosing protected information.
  • Disclosures to Australian law enforcement, intelligence, or regulatory agencies with investigative functions (e.g. AUSTRAC, police, ATO, NACC, Border Force, ACIC).

Another significant exception pertains to disclosures to auditors. External and internal auditors now have clearer pathways to access information related to SMRs as part of their audit processes, ensuring robust oversight of your AML/CTF framework.

You are also not prohibited from disclosing Information to other third parties if it would not or could not reasonably be expected to prejudice an investigation. However, while the tipping off offence may not prohibit these, it does not authorise them, and other legal restrictions like the Privacy Act 1988 may apply.

Conditions and Safeguards:

It is critical to understand that these exceptions are not blanket permissions. Any disclosure, even within these permitted categories, must be undertaken with extreme caution and strict adherence to confidentiality. The information shared should be limited to what is necessary for the specific purpose, and individuals receiving the information must be made aware of the sensitive nature and the ongoing prohibition against further disclosure outside these permitted parameters.

AUSTRAC strongly recommends implementing suitable controls to prevent tipping off, especially when sharing information internally or with third parties. Examples of information controls include:

  • Restricting access to Information to those with a genuine need to know, including third-party service providers with system access.
  • De-identifying information distributed more widely.
  • Discussing general trends rather than specific customers or transactions.
  • Implementing and reviewing audit trails of who accesses Information and when.
  • Using legally enforceable undertakings to ensure confidentiality by employees and third parties.
  • Maintaining good security practices like secure storage, password protection, and secure destruction of physical copies.

When sharing with third parties, consider sharing only on a need-to-know basis, reviewing foreign laws if applicable, verifying the third party’s controls, and attaching conditions to further use of the information.

So, what are the practical steps AFSL holders need to take in light of these changes?

  1. Review and Update Internal Policies and Procedures: Your AML/CTF program must be reviewed and updated. From 31 March 2026, you will be required to adopt and maintain AML/CTF policies to prevent tipping off. This includes clearly outlining the permissible disclosures, the conditions under which they can be made, and the internal protocols for handling such sensitive information. Ensure that your policies explicitly detail who can access SMR-related information and the limitations on further dissemination.
  2. Enhance Training Programs: You must provide training to your employees on the tipping off offence. All relevant staff, including those in compliance, risk management, legal, audit, and customer-facing roles, must receive comprehensive training on the new tipping off provisions. This training should clearly articulate the ongoing prohibition, the specific exceptions, and the strict conditions attached to these exceptions. Scenario-based training can be particularly effective in illustrating the practical application of these rules.
  3. Implement Robust Access Controls: Access to information related to suspicions and SMRs should be strictly controlled on a need-to-know basis. Implement systems with access limitations for authorised personnel and maintain audit trails.
  4. Establish Clear Internal Communication Protocols: Develop protocols for discussing potential or actual SMRs, specifying channels, individuals, and detail levels, emphasizing confidentiality. Determine measures to prevent tipping off when disclosing or dealing with Information.
  5. Update Whistleblowing Policies: Ensure your whistleblowing policies align with the new provisions, clarifying the avenues for employees to raise concerns related to potential AML/CTF breaches without inadvertently breaching the tipping off rules.
  6. Seek Legal Counsel: Engage with your legal advisors to ensure your interpretation and implementation of the new tipping off provisions are accurate and compliant. They can provide tailored advice based on your organisation’s specific structure and operations.
  7. Maintain Detailed Records: Keep thorough records of any internal disclosures made under the new exceptions, including the date, the recipient, the purpose of the disclosure, and the information shared. This will be crucial for demonstrating compliance and responding to any regulatory inquiries.

Managing Customers to Reduce Tipping Off Risk:

Interactions with customers, especially during enhanced CDD or when ending a relationship, requires specific care. The key is to provide genuine reasons for engaging with them that do not mention suspicious conduct. Examples of genuine reasons for inquiries include complying with AML/CTF legislation, updating customer details, following standard processes for certain situations, or resolving issues with information/identification. Using standardised communications or scripts can help. When ending a relationship, provide reasons like falling outside risk appetite or failure to provide information, again, without disclosing suspicion.

The offence does not prohibit disclosing information to assist a customer who is not the subject of suspicion (e.g., a scam victim), as long as it doesn’t prejudice an investigation. Disclosures should be on a need-to-know basis and limited to necessary information.

An exception exists for legal practitioners and qualified accountants acting in good faith to dissuade a client from criminal activity, provided they do not disclose the existence of an SMR, SUSTR, or relevant notice, or that they are required to report the client’s activities.

Other Considerations:

  • Outsourcing: When using external service providers, verify they have appropriate controls to reduce tipping off risk.
  • Courts/Tribunals: You generally cannot be required to disclose protected information to a court or tribunal unless it’s in a proceeding under the AML/CTF Act. Disclosing that transactions occurred is generally okay. Seeking legal advice before disclosing in court is recommended.
  • Information Sharing Between Reporting Entities: Section 123(5) provides an exception for sharing information between reporting entities for detecting, deterring, or disrupting financial crime. However, this exception is not yet in operation as regulations prescribing conditions are still needed.

The amendments represent a nuanced but significant shift. AFSL holders must proactively adapt their policies, procedures, and training to navigate this new landscape effectively, ensuring compliance and contributing to a more robust financial system. Failure to do so could expose organisations to significant regulatory scrutiny and penalties related to AML/CTF tipping off.

www.freepik.com

Back to Blog