AUSTRAC orders Afterpay audit following concerns over AML breach


Australia’s financial crime investigation agency, AUSTRAC, has enlisted the services of an external auditor to vet the global ‘buy now, pay later’ payments giant, Afterpay, following concerns the fintech may be in breach of the Anti-Money Laundering and Counter-Terrorism Financing (AML/CTF) Act 2006.

While AUSTRAC has yet to identify any specific instances of transgression, a statement released by the agency said it had “reasonable grounds” to suspect Afterpay “has contravened and/or is contravening sections 32 and 81 of the… AML/CTF Act”.

Section 32 requires companies to identify and verify customers before the provision of a service. AML/CTF rules allow for document-based and electronic verification or a combination of the two. According to the act, electronic verification must be based on ‘reliable and independent electronic data’.

Section 81 prohibits companies from operating without an anti‑money laundering and counter‑terrorism financing program in place.

AUSTRAC chief executive, Nicole Rose, revealed the audit will be tasked with determining the extent of any compliance issues and whether further regulatory action is required. Further, it will identify whether the Afterpay has implemented the systems and controls to comply with its obligations to the AML/CTF Act.

“AUSTRAC will continue to work with Afterpay to assist the company to mature and strengthen its compliance processes, staff training and suspicious matter reporting,” Rose said. “But we will not hesitate to take action where an organisation is failing to appropriately protect itself and Australia’s financial system from criminal activity.”

“These laws are in place to protect businesses, the financial system and the Australian community from criminal threats,” Rose added.

At AUSTRAC’s behest, the appointed auditor will examine Afterpay’s:

  • Governance and oversight of decisions related to its AML/CTF framework
  • Identification and verification of customers
  • Suspicious matter reporting obligations
  • AML/CTF program, including the development of its money laundering and terrorism financing risk assessment

In a notice to the ASX, Afterpay said that it has been in talks with AUSTRAC since August 2018, with the financial watchdog indicating that it had considered appointing an external auditor back in April this year but did not follow through until this latest notice.

Afterpay maintains it has had “a good working relationship with AUSTRAC” and has at all times accommodated requests for information.

“At no stage did AUSTRAC use statutory powers to require the production of documents, conduct a formal investigation, or compel staff to answer questions. All of our responses to information and document requests were provided voluntarily,” said Afterpay’s General Counsel & Company Secretary, Christopher Stevens, in the company’s response to the AUSTRAC query.

Based in Melbourne and with operations in the US, UK, New Zealand, Afterpay is today one of the largest ‘buy now, pay later’ (BNPL) companies in the world.

Its ‘pay later’ business, operating in a similar fashion to traditional ‘laybuy’ services offered by retailers, allows customers to purchase goods or services without immediate payment. Customers then make four equal payments each fortnight to complete the transaction, without incurring interest or upfront fees.

A preliminary audit report is expected to be provided to AUSTRAC within 60 days, and will be conducted “at Afterpay’s expense”.