An age-old adage in the project management world "high speed, high quality, low cost...pick any two" accepts the premise that compromise is inevitable.
In the contemporary world of cross-border financial payments, reporting entities enjoy no such luxury. In fact, the opposite is the case given the importance of, and scrutiny placed on, the adherence to cross-border financial payment obligations. Therefore, there is no room for compromise when designing and implementing a robust IFTI reporting framework.
IFTI reporting obligations
Section 45 of the Anti-Money Laundering and Counter-Terrorism Financing Act 2006 (Cth) (AML/CTF Act) outlines an obligation to report IFTIs within 10 business days after the day on which the instruction is sent or received. An IFTI is defined under section 46 of the AML/CTF Act and includes an electronic funds transfer instruction (IFTI-E) and instruction under a designated remittance arrangement (IFTI-DRA). While IFTI obligations may appear deceptively straightforward, in practice, it can be difficult to determine which entity in a payment chain is obligated to provide the IFTI report to the Australian Transaction Reports and Analysis Centre (AUSTRAC) .
Chapters 16 and 17 of the Anti‑Money Laundering and Counter‑Terrorism Financing Rules Instrument 2007 (No. 1) (Cth) (AML/CTF Rules) provide details of the information to be provided by a responsible entity when submitting an IFTI report.
The evolving cross-border payments landscape
Regulator expectations in relation to IFTI reporting have intensified in recent times. In response, reporting entities are facing ongoing challenges meeting their IFTI obligations, an issue which is compounded by emerging developments within the payments landscape, as summarised below:
- end customers are expecting frictionless, near-real-time payments with richer associated messaging;
- payment volumes are increasing at a rapid pace;
- available payment methods are expanding;
- increased scrutiny on payment transparency and improved reporting outcomes; and
- a migration of cross-border Society for Worldwide Interbank Financial Telecommunication (SWIFT) payments to a new standard, known as the International Organization for Standardization (ISO) 20022, is due to take place before November 2025.
The need for improvements in the IFTI reporting domain
Recent well-publicised enforcement action by AUSTRAC has highlighted the consequences a reporting entity may face if it has failed to implement a robust IFTI reporting framework.
In conducting numerous cross-border payment reviews for our clients, including assessments of the associated regulatory reporting obligations, we have observed that clients are over-reporting, under-reporting and mis-reporting their cross-border payments. In some cases, certain payment message types have been mis-used and payment data has been identified in incorrect fields.
The improper classification of payment messages and the presence of data quality issues reduce payment transparency and make adherence to IFTI reporting obligations more difficult to achieve.
Furthermore, a failure to detect and rectify weaknesses within a reporting entity's IFTI reporting framework may impede their ability to effectively migrate to the ISO 20022 standards before November 2025.
Concluding IFTI reporting considerations
Given AUSTRAC's recent willingness to pursue enforcement action in response to IFTI non-compliance, it is important for reporting entities to ensure they have implemented a robust IFTI reporting framework.
Reporting entities can ensure they are well placed to consistently achieve accurate and compliant IFTI reporting outcomes by:
- identifying and remediating payment data quality issues;
- understanding which of their cross-border payments are IFTI-reportable and which are not;
- ensuring payment messages are structured as per SWIFT guidelines;
- enriching payment messages, to align with IFTI reporting requirements; and
- removing manual effort by automating payment processing and IFTI reporting.
Authors: Tim Brookes (Director, Ashurst Risk Advisory), Brien Coram (Director, Ashurst Risk Advisory), Samantha Carroll (Counsel, Ashurst Legal).
The services provided by the Ashurst Risk Advisory practice do not constitute legal services or legal advice, and are not provided by Australian legal practitioners. The laws and regulations which govern the provision of legal services in the relevant jurisdiction do not apply to the provision of non-legal services.
