AML/CTF

"Are You Reporting Me to AUSTRAC?" What Your Compliance Officer Must Say (And What They Must Never, Ever Say)

The question will come. The only question is whether your firm is ready for it. 

It happens more often than most compliance officers expect. A client, sometimes nervous, sometimes indignant, sometimes almost casual about it, looks your compliance officer in the eye (or sends a pointed email) and asks: 

"Are you reporting me to AUSTRAC?" 

Four words. Enormous consequences. 

Because here is the brutal truth: how your AML/CTF Compliance Officer responds to that question in the next thirty seconds can mean the difference between a professionally managed, legally protected situation, and a criminal offence. 

This is not hyperbole. This is the tipping-off offence under Section 123 of the Anti-Money Laundering and Counter-Terrorism Financing Act 2006 (Cth), and it now applies to every accounting firm providing designated services in Australia.

Let's break it down precisely, because "roughly knowing" what to say is not good enough here.

Understand what you are actually dealing with 

The tipping-off offence makes it a criminal act to disclose to any person, including the client sitting across from you, that a Suspicious Matter Report (SMR) has been, is being, or is likely to be lodged with AUSTRAC. 

The offence does not just cover the moment you say "yes, we reported you." It covers: 

• Any statement that confirms a report exists or is under consideration
• Any reassurance that allows the client to reasonably infer no report has been made
• Any behaviour that signals the firm's concern about their matter
• Any disclosure: verbal, written, or by conduct, that could reasonably be expected to prejudice an investigation

The penalty? Up to two years' imprisonment, or 120 penalty units ($39,600 as at 1 July 2026), or both. And critically, this is personal liability. It is not just the firm on the hook. It is the individual who made the disclosure. 

That means your compliance officer, your partner, your manager, or your admin staff member who says the wrong thing in a moment of well-intentioned reassurance.

The moment the clock starts: this surprises most people 

Here is what catches firms off guard: the tipping-off obligation does not start when an SMR is formally lodged with AUSTRAC.

It starts the moment a concern is escalated internally.

The second a staff member raises a red flag with the AML/CTF Compliance Officer, the tipping-off rules are live. From that moment, all client contact relating to that matter must be managed with extreme care, and in most cases, managed exclusively by the Compliance Officer.

The exact response your compliance officer should give 

When a client asks, "Are you reporting me to AUSTRAC?", there is one response that is always right. It is brief. It is professional. It gives nothing away.

"That is a question I will need to refer to our AML/CTF Compliance Officer. I will have them contact you directly."

That is it. Full stop.

If the Compliance Officer is the one fielding the call directly, the appropriate response is:

"As the Compliance Officer for the firm, I am actually bound by the AML/CTF legislation in a way that prevents me from discussing our firm's compliance obligations with clients, and that includes you, I am afraid. I realise that this probably feels a bit awkward, and I am sorry for that. What I do need to do right now is pause the work on your file and take some time to review our obligations under the legislation before we go any further. I will be back in touch with you as soon as I am in a position to do so."

Notice what both of these responses do: 

• They do not confirm a report exists 
• They do not deny a report exists 
• They do not reassure the client that "everything is fine" 
• They redirect, professionally and calmly, without implying suspicion 
• They create no grounds for a tipping-off allegation  

What your team must never say, and why each one is dangerous 

This is the training moment that matters most, because well-meaning staff will instinctively reach for these responses under pressure. Every single one of them is a potential criminal act if a suspicious matter is under consideration.

1. "Oh no, nothing like that, we are just doing some routine compliance checks."
   Why it's dangerous: This is an active reassurance. If a suspicious matter is being assessed, reassuring the client that nothing is happening is precisely what the tipping-off offence is designed to prevent. You have just potentially given a person the all-clear to continue moving money or destroying evidence.
   
   
2. "Look, between us, I might have to report this sort of thing, you understand." 
   Why it's dangerous: This is tipping off in its most textbook form. It directly signals that a report has been, or may be, made. Criminal exposure, full stop. 
   
   
3. "I would sort this out quickly if I were you." 
   Why it's dangerous: This implies that something reportable exists and that urgency is warranted. The client can reasonably infer that a report is imminent. 
   
   
4. "We have some concerns about a few of your transactions, that is really why we need these documents." 
   Why it's dangerous: This directly links the document request to a specific suspicion. Never, under any circumstances, connect a CDD request to a suspicious matter under consideration. 
   
   
5. "Don't worry, we are not obligated to report everything." 
   Why it's dangerous: This is another form of reassurance that can imply no report has been made. If one has, this statement is false and potentially tipping off. 

The three-part framework your compliance officer needs to operate from 

When a suspicious matter is under internal review, your firm's Compliance Officer must run every client interaction through this mental framework:

1. Does this communication confirm, deny, or allow a reasonable inference about an SMR?

 If yes, do not send it, do not say it, do not allow it to proceed.

2. Has the AML/CTF Compliance Officer reviewed and approved this communication?

If not, it does not go out. Every piece of communication with the client while a suspicious matter is under consideration must be approved by the Compliance Officer first.

3. Is continuing the engagement creating tipping-off risk in and of itself?

Sometimes yes, and sometimes the right call is to continue business as usual precisely because ceasing or changing services abruptly would signal to the client that something is wrong. This is a decision the Compliance Officer makes, documented on the internal escalation file.

What happens inside the firm when the question is asked 

The internal process is as critical as the external response. Here is what the correct escalation looks like:

Step 1: The staff member who receives the question responds with the standard referral script and immediately notifies the AML/CTF Compliance Officer.

Step 2: The Compliance Officer reviews the internal escalation file and assesses whether an SMR is under consideration or has been lodged.

Step 3: The Compliance Officer determines what, if anything, can be communicated to the client, and manages that communication personally.

Step 4: Every conversation, decision, and communication relating to this matter is documented on the internal escalation file, not in the client's main engagement file.

Step 5: The Compliance Officer assesses the SMR lodgement timeframe. Remember, once a suspicion is formed, the clock is running. Accounting firms have three business days to lodge an SMR for most matters, and 24 hours for terrorism financing concerns.

The broader lesson for accounting firms 

The reason this question is so dangerous in an accounting firm specifically, more so than in a bank or financial institution, is the relationship factor.

Accounting firms are built on trust, familiarity, and long-term client relationships. When a client of fifteen years looks a partner in the eye and asks if they are being reported, the instinct to reassure them is almost overwhelming. Partners and managers who have always been the trusted adviser suddenly feel the tension between relationship management and legal obligation at its sharpest.

That tension is real. But it is not a defense.

The tipping-off offence does not have a carve-out for long-standing relationships, good intentions, or commercial pressure. It turns on one thing: whether a disclosure was made. Not why it was made. Not who made it. Not how good the relationship was.

This is why the Compliance Officer role is not ceremonial. It is not a title on an organisational chart. It is the single point of authority who manages every aspect of the suspicious matter pathway: including what gets said, to whom, and when.

The one-page takeaway for your whole firm 

If your team takes nothing else from this, give them this:

When a client asks anything that touches on AUSTRAC reporting, say nothing beyond the referral script, and escalate immediately.

"That is a question for our AML/CTF Compliance Officer. I will have them contact you directly."

That is the answer. Every time. Without exception.

If your Compliance Officer is not yet trained and equipped to handle what comes next: the internal assessment, the SMR decision, the managed communication strategy, that is the gap to close right now.

Ready to build a firm that handles this properly? 

The tipping-off protocol is one chapter of a much larger story: the story of what it actually means to operate as a Tranche 2 reporting entity from the ground up. Getting the scripts right matters. Getting the escalation pathway right matters. Getting the whole operating system right is what separates firms that are genuinely compliant from firms that just think they are.

If you want to implement this properly, not just tick boxes, but build a firm that can handle the hard moments professionally and legally, the resources and training to do exactly that exist right now.

The question your client asks should never be the thing that catches your firm off guard. That moment should already be handled. Before it happens.

Disclaimer: This article is for educational and informational purposes only and does not constitute legal advice. Firms should seek independent legal advice in relation to their specific AML/CTF obligations and any suspicious matter situations. 

PREVIOUS POST

Beneficial Ownership: The AML/CTF Gap That Will Catch Most Accounting Firms Off Guard