The True Cost of Non-Compliance — Recent AUSTRAC Enforcement Cases

When a business fails to properly manage its AML/CTF obligations, it’s not just a matter of reputation, it can cost hundreds of millions or even billions, in financial penalties, and expose senior individuals to personal liability. Below are headline AUSTRAC cases and take-aways that all new reporting entities should understand.

Why These Cases Matter

• AUSTRAC has a full toolkit: civil penalty orders, infringement notices, enforceable undertakings, remedial directions.

• For corporate entities, the maximum civil penalties can be staggering and are tied to penalty units. For example, from 7 November 2024 onward, one penalty unit is A$330.

• These penalties aren’t theoretical: regulators have applied them against major firms, often citing systemic program deficiencies, weak BO/UBO controls, failure to monitor, and senior management oversight failures.

• For Tranche 2 sectors (law firms, real estate, accounting, TCSPs, high-value goods), these cases serve as a warning shot — if you don’t build a robust, documented, risk-based program now, you may be exposed.

Below are several compelling AUSTRAC enforcement stories to illustrate the stakes.

1. Crown Casinos — $450 Million Penalty

• In July 2023, Crown Melbourne and Crown Perth were ordered by the Federal Court to pay A$450 million over two years for serious and systemic breaches of the AML/CTF Act.

• The court found that Crown’s AML/CTF program had not been based on appropriate risk assessments, lacked sufficient systems and controls, and lacked adequate oversight by the Board and senior management.

• Crown had continued relationships with a junket operator despite known risks, failed to monitor billions of dollars in transactions (including international flows), and allowed suspicious activity to persist unreported.

Lessons for newcomers: Even for high-volume, cash-intensive businesses, blind spots in monitoring, escalation, and governance attract the harshest consequences

2. Westpac — $1.3 Billion Settlement

• In 2020, AUSTRAC and Westpac announced a proposed civil penalty of A$1.3 billion, making it one of Australia’s largest regulatory settlements ever

• Westpac admitted to over 23 million breaches of the AML/CTF Act, including failing to properly report International Funds Transfer Instructions (IFTIs), lacking source-of-funds checks, and weak transaction screening.

• Many of these violations involved omissions or failures to pass along origin / destination information — creating “gaps” that may facilitate layering or obfuscation in cross-border flows.

• While this case is in the banking sector, it underscores how deeply AUSTRAC scrutinises transaction chains and data provenance—even for “technical” omissions.

3. Entain / Ladbrokes — First Action Against Online Betting

• In December 2024, AUSTRAC commenced civil penalty proceedings against Entain Group Pty Ltd, the operator behind Ladbrokes and Neds. 

• Allegations include serious and systemic non-compliance, failure to identify risks, weak KYC / onboarding controls, and use of pseudonyms for high-risk customers to conceal their identities. 

• Notably, it’s the first time AUSTRAC has gone after an online bookmaker in this way, signaling that regulators are going deeper into sectors previously seen as borderline or lightly regulated.
  The outcome is pending, but the action alone emphasizes that digital and platform businesses will now be held to the same standards as traditional institutions.

4. Mounties (Mount Pritchard District & Community Club) — Large Club with Gaming Machines

• In July 2025, AUSTRAC launched civil penalty proceedings against Mounties (Mount Pritchard District & Community Club), alleging serious and systemic AML/CTF non-compliance. 

• The regulator asserts that Mounties lacked an appropriate risk assessment, failed in staff training, controls, monitoring, and independent review.

• Despite outsourcing parts of their AML/CTF program (e.g. to a third-party provider), Mounties remained responsible for oversight — and outsourcing is not a shield from liability.

• This case warns that even “club” businesses engaged in cash-intensive operations are under the microscope — not just casinos or financial institutions.

5. Infringement Notices — Small Failures, Big Signals

• In 2023–2024, AUSTRAC issued infringement notices to multiple businesses (including pubs, clubs, precious metals traders, non-bank lenders) for failure to lodge their annual compliance report by the required deadline.

• The notices ranged from A$3,756 for sole traders to A$18,780 for companies.

• While the dollar amounts are modest compared to Crown or Westpac, these acts show that even procedural obligations (like on-time compliance reporting) are actively enforced.

• In one earlier round, eight businesses were fined for failing to lodge their 2022 compliance report (some as low as A$3,300 per contravention)

Key Patterns & Lessons (for Tranche 2 Entities)

1. Systemic, repeated failures attract the highest penalties. One-off errors are less risky, it is persistently “ignored” obligations that hurt.

2. Governance and oversight are often singled out. Weak Board / senior management involvement is a repeated finding in enforcement.

3. Outsourcing does not shift liability. Entities remain accountable even when parts of compliance programs are delegated to service providers.

4. Technical or process reporting failures matter (e.g. compliance report late) — AUSTRAC tracks even “non-substantive” obligations.

5. Regulators are expanding scope. Cases now include online platforms, clubs, gaming, and will likely continue into other gatekeeper sectors (law, real-estate, etc.).

6. Self-reporting and remediation help, but do not absolve. Entities that proactively disclose and fix weaknesses may mitigate penalties but still face consequences.
   

What This Means for Your Firm (Pre-Tranche 2 Launch)

• Don’t assume you’re “too small” to attract AUSTRAC attention. The regulator has shown willingness to act in all sectors and scales.

• Be rigorous about your AML/CTF program design, documentation, review, and evidence trail.

• Ensure board-level engagement, independent reviews, and accountability structures.

• If you discover past non-compliance, voluntary self-disclosure + documented remediation is a better path than waiting for an audit.

• Use a compliance platform (e.g. My Databoss) to help embed controls, audit trails, and reporting discipline — so you’re not reconstructing history under pressure.

Call to Action

Want to see how exposed your firm is?

Download our Free Risk-Assessment Template (pre-mapped to AUSTRAC’s categories)

Book a Free Implementation Session to receive your industry-specific compliance guide

Preview how My Databoss embeds controls and audit logs for you

Don’t let non-compliance be your firm’s costliest mistake.