Maintain accurate records

Your AML/CTF Policies must ensure that your practice keeps accurate and complete records across all key compliance areas.

Maintaining thorough records not only demonstrates compliance with the AML/CTF Act but also helps your practice respond quickly to audits or information requests from AUSTRAC.

Transaction Records

You must keep records that allow the reconstruction of individual transactions involving the provision of designated services to clients.

These records should include:

  • Documents or copies of documents obtained from clients (e.g. client identification materials)
  • Client files or transaction details sufficient to show the nature, purpose and parties involved

Practice tip:

Retain transaction records for at least seven years after the transaction is completed. Electronic copies are acceptable, provided they are accessible, legible and secure.

Client Due Diligence (CDD) Records

You must maintain records that demonstrate:

  • The type and content of information collected to verify a client’s identity (Know Your Client / KYC)
  • The ML/TF risk assessment applied to each client, including the rationale for assigning their risk rating

Practice tip:

Ensure that your CDD records clearly link each client’s verification data with their associated ML/TF risk assessment. This connection helps show that your risk-based approach is being properly applied.

Governance Records

Governance records demonstrate how your practice manages and oversees AML/CTF compliance. These must include:

  • Your AML/CTF Program and all updates
  • Evidence that AML/CTF Policies ensure reported information is complete, accurate, and unaltered
  • Records of all staff training sessions
  • Documentation of the Compliance Officer’s due diligence, covering their skills, knowledge, integrity and suitability both before and during engagement
  • Annual compliance reports
  • Independent evaluation reports

Practice tip:

Schedule regular internal reviews to confirm that governance documents are current and consistent with AUSTRAC guidance. This reduces the risk of compliance gaps over time.

Reporting Records

Your practice must retain copies of all mandatory reports submitted to AUSTRAC, such as:

  • Suspicious Matter Reports (SMRs)
  • Threshold Transaction Reports (TTRs)
  • International Funds Transfer Instructions (IFTIs)

These records should confirm the date, nature and details of each report submitted.

Practice tip:

Establish a central register for all AUSTRAC reports to simplify audit preparation and demonstrate a clear reporting trail.