Like all agencies subject to Australia's Privacy Principles and the Privacy Act 1988 (Privacy Act), AUSTRAC is required to have a privacy policy that informs members of the community how it collects, uses and discloses personal information.
As the anti-money laundering and counter terrorism-financing regulator and Australia's financial intelligence unit, AUSTRAC collects, uses and discloses personal information according to law to perform its regulatory functions and support national security, law enforcement and other partner agencies to detect and disrupt the threats of money laundering, terrorism financing and other serious crimes. AUSTRAC also collects personal information in other circumstances where the collection is necessary to enable it to operate, for example during recruitment processes.
AUSTRAC's privacy policy has been updated to give the public greater clarity on when and how personal information is collected; when, how and why personal information is used; and the circumstances in which personal information in AUSTRAC's possession may be disclosed.
In particular, the update includes changes that reflect 2021 legislative amendment to secrecy and access provisions in the Anti-Money Laundering and Counter Terrorism-Financing Act 2006 that affect when AUSTRAC information - which typically involves personal information - may be lawfully disclosed. The updated privacy policy also highlights the collection of additional personal information by AUSTRAC through international fund transfer instruction (IFTI) reports submitted by banks, as financial institutions globally transition to the more transparent and more secure ISO20022 based end-to-end messaging system for international fund transfers from November 2022.