Privacy commissioner: Businesses be wary of new anti-money laundering laws

Powered by SC Magazine
 

Privacy commissioner Karen Curtis has urged businesses to consider the privacy of consumers when collecting personal information under the Anti-Money Laundering/Counter-Terrorism Financing Act 2006 (AML/CTF), amendments which came into effect yesterday.

Referred to as a ‘dirty money’ crack down by newly-appointed Minister for Home Affairs Bob Debus, the AML/CTF Act requires businesses in the financial, bullion and gambling sectors such as banks, casinos and TABs to implement an anti-money laundering/counter-terrorism financing program which will be upheld by the Australian transaction Reports Analysis Centre (AUSTRAC).

"Australia established its anti-money laundering system in 1988," Debus said. "But with globalisation and advanced technology, transnational crime syndicates and global terror networks now have new opportunities by which they can exploit legitimate businesses to conceal dirty money."

However, privacy commissioner Karen Curtis fears businesses may invade the privacy of ordinary citizens: “While it is of course important for businesses to collect the required information from customers to meet AML/CTF Act requirements, they should be careful not to over-collect, as this may breach their customers’ privacy rights.”

“Most importantly, businesses should adopt a sound risk-based approach to ensure that all information collected for AML/CTF Act reporting obligations is strictly necessary, and they should not try to apply an ‘arbitrary standard’ to their collection processes,” said Curtis.

For example, in certain circumstances a business may only need to verify the customer’s basic details, such as name, address and date of birth.

Curtis also reminded those small businesses with obligations under AML/CTF that they will now have requirements under the Privacy Act.

“Small businesses that fall under the AML/CTF requirements also need to be mindful of their obligations under the Privacy Act, which covers the collection, storage, use, disclosure and disposal of their customer’s personal information,” she said.

Just last month, reports surfaced that the UK government’s HM Revenue and Customs department, responsible for collecting the bulk of tax revenue as well as paying Tax Credits and Child Benefits, lost two CDs containing confidential information including banking details of over 25 million child benefit recipients.

According to AUSTRAC, the implementation of the Act has been ongoing for over two years allowing the industry lead time to make changes to IT, risk management, customer identification and other business systems.

Privacy commissioner: Businesses be wary of new anti-money laundering laws
 
 
 
Top Stories
Microsoft confirms Australian Azure launch
Available from next week.
 
NBN Co names first 140 FTTN sites
National trial extended.
 
Cloud, big data propel bank CISOs into the boardroom
And this time, they are welcome.
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest Comments
Polls
In which area is your IT shop hiring the most staff?




   |   View results
IT security and risk
  25%
 
Sourcing and strategy
  12%
 
IT infrastructure (servers, storage, networking)
  23%
 
End user computing (desktops, mobiles, apps)
  12%
 
Software development
  27%
TOTAL VOTES: 233

Vote
Would your InfoSec team be prepared to share threat data with the Australian Government?

   |   View results
Yes
  62%
 
No
  38%
TOTAL VOTES: 72

Vote