AUSTRAC has issued Cryptolink an infringement notice of $56,340 and accepted a court-enforceable undertaking that addresses the company's AML/CTF deficiencies.
The action follows AUSTRAC's Crypto Taskforce identifying late reporting of large cash transactions and weaknesses in the company's money laundering and terrorism financing risk assessments.
AUSTRAC CEO Brendan Thomas said the package of infringement notices and the enforceable undertaking is designed to ensure useable intelligence does not slip through the cracks.
"The infringement notice addresses previous non-compliance around reporting and the enforceable undertaking seeks assurance that Cryptolink has improved its risk assessments and strengthened its AML/CTF controls," Mr Thomas said.
"Crypto ATMs are possibly the highest risk money laundering channel in Australia at the moment.
"They are being exploited by criminals to launder money and move scam proceeds.
"This is not conjecture. It's what our Crypto Taskforce observed and has been backed up by the work of our law enforcement partners."
As part of the enforceable undertaking, Cryptolink must engage third party reviewers to:
- validate whether the business has reported all required threshold transactions to AUSTRAC
- assess whether the business has implemented effective controls for large cash transactions
- review Cryptolink's money laundering and terrorism financing risk assessment to ensure it is fit-for-purpose.
Cryptolink has fully cooperated with AUSTRAC and paid the infringement notice in full. Payment of an AUSTRAC infringement notice is not an admission of liability.
The enforcement action comes after intensive engagement with crypto ATM operators since late 2024.
Working in partnership with law enforcement, AUSTRAC's Crypto Taskforce estimated that 85% of transactions made by the 90 most prolific crypto ATM users were the proceeds of scams and money mule activity.
"Scams are one of the biggest drivers of suspicious activity and criminals have been using crypto ATMs to move and cash out stolen funds," said Mr Thomas.
A recently released Australian Institute of Criminology report found more than 40% of cybercrime victims are revictimized, often within months.
"With this in mind we want people to be cautious of making transactions to any wallet they don't control and thinking twice in circumstances where someone asks you to deposit money into a crypto ATM."
The second stage of the Crypto Taskforce is focussed on high-risk operations.
"Criminals don't care how they hurt people, they care about making money," said Mr Thomas.
"We want to work with the digital currency exchanges to harden the sector against exploitation but if operators don't take this seriously, we will take action."
