AML/CTF Reform and the Quality of Risk Decisions
The AML/CTF reforms are often described as an expansion of Australia’s regime.
That description is accurate but incomplete. It places emphasis on scope, when the more important shift sits elsewhere.
What changes under the reforms is how risk decisions are made and supported.
Having a program is the baseline. The stronger measure is whether it supports positions that can be stood behind.
For newly captured entities, that starts with determining whether their activities fall within the regime. For those already within it, it means revisiting whether existing arrangements still reflect their structure, investor base and operating model.
The framework still matters. Its value depends on whether it connects to what sits underneath it: how risk is identified, when judgement is required, who makes the call, and what supports the outcome.
Risk-based does not mean informal
The shift to a risk-based approach is central to the reforms.
It introduces flexibility. Businesses are not expected to apply identical controls regardless of size or risk profile.
At the same time, a risk-based model shifts the weight from rules to people. That is where most frameworks are least developed.
In that context, judgement needs to be visible. A program that focuses only on process can miss where discretion is required.
Most importantly, programs are often written as if decisions occur sequentially and with time. They rarely do. Decisions are made with partial information, competing priorities and commercial pressure. That is the environment the framework has to operate in.
A checklist can confirm that steps have been completed. It cannot determine whether the outcome is sound.
Under a revised regime, that distinction matters. Responsibility rests with the position taken, not the process.
A risk-based regime ultimately assigns accountability for judgement, not just compliance.
When control is harder to see
The more difficult AML/CTF decisions are rarely those with an obvious red flag. They tend to arise in structures that appear complete, but still leave an important risk question unresolved.
A common trust structure illustrates the point.
A family trust with a corporate trustee applies to invest in a fund. The application is complete. The proposed investment is funded from an account in the trustee’s name. Identification and screening do not raise an issue.
On its face, the structure is unremarkable.
The trust deed provides that an appointor can remove and replace the trustee. That person is not the applicant and does not provide the funds. The explanation of wealth, however, relies on business proceeds connected to them. Open-source material raises questions about that business.
Taken individually, each element may be acceptable. Considered together, the position is less straightforward.
The file may be complete and still leave the central issue unresolved. Does the available material support the position that is about to be taken?
That may require further information on the wealth creation event, closer analysis of the appointor’s role, internal escalation, or a documented basis for proceeding.
AUSTRAC’s guidance reflects the same point. Legal ownership does not always align with control or influence.
That distinction cannot be resolved through a checklist alone.
Where programs tend to break down
AML/CTF programs often lose clarity in three places:
Information gaps are treated as low risk
Judgement points are not recognised as such
Decisions are not recorded in a way that explains the basis
Each of these can exist within an otherwise well-documented program. They become visible only when the available material is considered together.
That point can be difficult to identify consistently in practice. Wicklow’s Complete File Test is designed to make it explicit.
The Complete File Test
A complete file can create a sense of comfort that is not always justified.
Most AML/CTF frameworks test completeness. Fewer test whether a decision is supported.
The Complete File Test is applied at the point a view is formed. It asks whether the file is decision-ready.
It involves two elements: whether the available information is sufficient and whether any point of judgement has been identified.
Wicklow’s Complete File Test, applied to investor records at the point a decision is being made.
The distinction is practical. Some files require administrative follow-up, others require a considered view, and some require both. Treating these situations the same is where clarity is lost.
In the trust example, the presence of the deed, identification documents and screening results is only the starting point. The material still needs to support the risk position once the appointor’s role and source of wealth are considered together.
Used consistently, the test gives the AML/CTF process a shared language, so information gaps, judgement calls and unresolved risk positions are not treated as the same problem.
The aim is clarity in the position taken, without adding another layer of process.
Where Wicklow fits
Most businesses do not lack AML/CTF documentation. The less consistent element is how judgement is identified and handled.
Wicklow’s work focuses on that point. We advise on AML/CTF for fund and adviser models, and apply the same standards within Wicklow’s own AFSL-regulated business. That gives us a view of both the design of a framework and the realities of implementing it.
For businesses responding to reform, a complete program is not the differentiator. Consistency in how positions are formed and applied is.
That is the lens Wicklow brings to AML/CTF design: giving risk decisions the structure they need to be supported.