IOTA’s Take on Australia’s AML Reform
Australia’s proposed anti-money laundering and counter-terrorism financing reforms aim to update outdated rules for the digital age. The IOTA Foundation supports this direction, advocating for a flexible, risk-based approach to compliance that empowers innovation while upholding safeguards. Key recommendations include smarter customer due diligence for low-risk transactions, recognition of structural diversity across businesses, and support for decentralized models like DAOs.
At the IOTA Foundation, we believe innovation and compliance go hand in hand. Regulations like Anti-Money Laundering (AML) and Counter-Terrorism Financing (CTF) measures play a vital role in protecting financial systems and society at large – they’re not just bureaucratic checkboxes, but powerful tools to uphold trust.
That’s why we’re closely watching proposed updates to the AML/CTF Act by AUSTRAC, Australia’s AML/CTF regulator and financial intelligence unit. These reforms matter. Done right, they can modernize Australia’s regulatory framework, align it with global best practices, and make life easier for innovators working in good faith.
We’ve already submitted our thoughts to AUSTRAC, and now we’re sharing some key takeaways with the wider community.
Rethinking Risk: Smarter Ways to Do CDD
Customer due diligence (CDD) is critical, no doubt. But treating every transaction, no matter how small, the same way? That creates friction. Micropayments and low-value transfers shouldn’t be weighed down by full-scale CDD if they don’t pose a real threat.
What’s the alternative? A risk-based approach. One that simplifies or even delays verification where it makes sense. For example: using blockchain analytics, transaction monitoring, or decentralized identity tools to keep things compliant but also inclusive.
And for non-custodial wallets or time-sensitive transactions like remittances? Rigid KYC rules can do more harm than good. Flexibility here matters. Delayed CDD with proper post-transaction monitoring is a smart solution.
One Size Doesn’t Fit All
Every business is different. Yet under the current draft, small Virtual Asset Service Providers could be hit with requirements that make sense for global giants but not sole traders or startups.
We’re encouraged to see the Draft Rules acknowledge the need for flexibility, but there’s more work to do. More specifically, the requirement to designate a dedicated AML/CTF compliance officer could impose an undue burden on smaller entities. Options like self-certification or third-party audits could ease the load without compromising compliance.
DAOs, Wallets, and the Real World of Web3: Adapting Compliance to Reality
The crypto ecosystem is more than just exchanges. We’ve got DAOs, non-custodial wallets, and new models of ownership. Modern compliance frameworks need to reflect this.
DAOs challenge the notion of centralized accountability. That doesn’t mean they can’t be compliant, but it does mean we need flexible governance models that reflect how they work.
Non-custodial wallets are tricky because they lack clear ownership. But blockchain analytics and tokenized Know Your Customer proofs can help identify counterparties, particularly in cases involving self-hosted wallets. To support this, IOTA’s Web3 Identification Solution, tested in the EU Blockchain Sandbox, empowers users with decentralized, privacy-preserving identity verification while meeting evolving regulatory standards.
Reporting That Works for Builders
Annual reports are one thing. Requiring everyone to align with a single fiscal calendar is another.
The proposed 12-month reporting cycle could create friction for global teams working with different financial years. Allowing VASPs to sync compliance reporting with their home jurisdictions would ease the burden and improve data accuracy, especially for small teams with limited compliance resources.
And when it comes to the Travel Rule? Interoperability is key. If every country implements thresholds, data-sharing practices, and technical protocols differently, cross-border compliance becomes a minefield. AUSTRAC should push for harmonized global standards and encourage interoperable solutions to ease international transactions.
Shared Services, Smarter Compliance
For many businesses, centralizing compliance tasks across a group makes sense. Shared service hubs or centralized onboarding teams can boost efficiency and make AML/CTF obligations more consistent, particularly in areas like client onboarding, KYC verification or transaction monitoring.
Allowing these kinds of internal structures benefits everyone – regulators included.
The Bottom Line
AML and CTF measures are essential. They protect economies, prevent abuse, and maintain trust in financial systems. But how they’re implemented matters, and the details can make or break innovation.
Leave a Reply