AML/CTF ProgramTransactional

How do I prepare for an unannounced AUSTRAC inspection?

Updated 23 May 2026

Quick answer

Prepare by maintaining an up-to-date written AML/CTF program, complete CDD records for every client, evidence of ongoing PEP and sanctions screening, staff training records, and a log of all SMR decisions. AUSTRAC inspectors can request records going back seven years. Readiness must be continuous, not reactive.

AUSTRAC's inspection powers are broad. Authorised officers can enter premises, request documents, and require interviews with staff — without prior notice. The only effective preparation is treating audit-readiness as an ongoing state, not a pre-inspection sprint.

The five things to have ready at all times

  • Current AML/CTF program: A Part A and Part B document that reflects how your firm actually operates today — not how it operated at enrolment. Every material change should be reflected in a new version, with an audit trail of changes.
  • Complete CDD files: Every current client should have a complete CDD file — identity documents, verification results, and a risk classification. This includes long-standing clients onboarded before your AML/CTF obligations commenced.
  • Screening records: A log of every PEP and sanctions screening check — including the date, the list version used, and the result (including negative results). Not just for new clients — for ongoing screening too.
  • Training records: A register of who attended what training and when. Current enough that no relevant staff member has gone more than 12 months without a refresher.
  • SMR decision log: A confidential internal record of every suspicious matter — including those you investigated and decided not to report, with the reasoning documented.

Seven-year record retention

AUSTRAC can request records dating back seven years. This means records from before your Tranche 2 obligations commenced may be relevant if you were already a reporting entity, or records from your first year of compliance will need to be available until 2033.

Paper files are acceptable but digital systems are far more practical for retrieval. Being able to produce a specific client's CDD records within minutes — not hours — is the standard inspectors expect.

Designating an AML/CTF compliance officer

Your AML/CTF program should designate a specific person as the compliance officer — the first point of contact for AUSTRAC. This person should be familiar with all aspects of your program, know where records are stored, and be able to speak to your compliance posture without needing to research answers. Inspectors will often ask to speak with the compliance officer directly.

If AUSTRAC contacts you

Do not panic. Inspections are often exploratory rather than punitive. Cooperate fully, be honest about any gaps you have identified and steps you are taking to address them, and seek legal advice before making any formal written submissions in response to compliance notices.

How ClearAML helps

ClearAML centralises every compliance record — CDD files, screening logs, training records, and SMR decisions — in a single platform with full audit trails. When AUSTRAC arrives, you can demonstrate your entire compliance program in minutes.

Keep your records audit-ready with ClearAML →

Related questions

AML/CTF Program

How do I build a compliant ML/TF risk assessment for my firm?

AML/CTF Program

What must be included in an AML/CTF program for an accounting firm?