Journal of Money Laundering Control

AMLCTF compliance and SMEs in Australia: a case study of the prepaid card industry
Downloaded by University of Wollongong At 01:39 27 May 2016 (PT)

Juni Gurung Marcell Wijaya Asha Rao

Article information:
To cite this document:
Juni Gurung Marcell Wijaya Asha Rao, (2010),"AMLCTF compliance and SMEs in Australia: a case study
of the prepaid card industry", Journal of Money Laundering Control, Vol. 13 Iss 3 pp. 184 - 201
Permanent link to this document:
http://dx.doi.org/10.1108/13685201011057109
Downloaded on: 27 May 2016, At: 01:39 (PT)
References: this document contains references to 33 other documents.
To copy this document: permissions@emeraldinsight.com
The fulltext of this document has been downloaded 718 times since 2010*
Users who downloaded this article also downloaded:
(2008),"Regulating the cross-border movement of prepaid cards", Journal of Money Laundering Control,
Vol. 11 Iss 2 pp. 146-171 http://dx.doi.org/10.1108/13685200810867474
(2010),"Fighting financial crime in the age of electronic money: opportunities and limitations", Journal of
Money Laundering Control, Vol. 13 Iss 3 pp. 202-214 http://dx.doi.org/10. 1108/13685201011057118
(2010),"International anti-money laundering programs: Empirical assessment and issues in
criminal regulation", Journal of Money Laundering Control, Vol. 13 Iss 3 pp. 226-271 http://
dx.doi.org/10.1108/13685201011057136

Access to this document was granted through an Emerald subscription provided by emerald-srm:235887 []
For Authors
If you would like to write for this, or any other Emerald publication, then please use our Emerald for
Authors service information about how to choose which publication to write for and submission guidelines
are available for all. Please visit www.emeraldinsight.com/authors for more information.
About Emerald www.emeraldinsight.com
Emerald is a global publisher linking research and practice to the benefit of society. The company
manages a portfolio of more than 290 journals and over 2,350 books and book series volumes, as well as
providing an extensive range of online products and additional customer resources and services.
Emerald is both COUNTER 4 and TRANSFER compliant. The organization is a partner of the Committee
on Publication Ethics (COPE) and also works with Portico and the LOCKSS initiative for digital archive
preservation.
 *Related content and download information correct at time of download.
Downloaded by University of Wollongong At 01:39 27 May 2016 (PT)
 The current issue and full text archive of this journal is available at
www.emeraldinsight.com/1368-5201.htm

JMLC
13,3 AMLCTF compliance and SMEs
in Australia: a case study of the
prepaid card industry
Downloaded by University of Wollongong At 01:39 27 May 2016 (PT)

184 Juni Gurung, Marcell Wijaya and Asha Rao

School of Mathematical and Geospatial Sciences, RMIT University,
Melbourne, Australia

Abstract
Purpose The purpose of this paper is to explore the possibility of effectively enforcing the
Anti-money Laundering and Counter Terrorism Financing (AMLCTF) Act compliance on prepaid
card small and medium enterprises (SMEs). Currently, certain types of prepaid cards providers are
exempt from compliance. This paper looks at this situation bearing in mind the necessity of keeping
regulation manageable for SMEs.
Design/methodology/approach The paper adopts the case study approach facilitated by an
online search of different prepaid card vendors. Using this as a basis, a feasibility analysis of the
AMLCTF Act is conducted for prepaid card SMEs.
Findings It is found that not all regulation compliance requirements are applicable to SMEs.
Regulation enforcement without considering the capabilities of the regulated entities will only
increase avoidance. It is also found that the AMLCTF Act does not effectively address the issue of
prepaid cards vulnerability to money laundering and terrorism financing (ML/TF) illustrated by
exclusion of prepaid cards that cannot be used to withdraw money from the compliance. Given
that there are records of such cards been exploited for illegal trading, Australian Transactions
Reports Analysis Centre appears not to be up to date with the ongoing trend in ML/TF around the
world.
Research limitations/implications Limitations of case study research methodology apply.
Also, the prepaid card vendor information is based on an online search of their web sites and did not
involve in-person interactions to gather the information.
Originality/value This is the first paper in anti-money laundering literature that has considered
SMEs and attempted to look into the AMLCTF Act compliance requirements applicability for them. It
is believed that the case study can facilitate further research related to regulation enforcement issues
for SMEs.
Keywords Money laundering, Terrorism, Financing, Small to medium-sized enterprises,
Australia
Paper type Case study

Journal of Money Laundering Control
Vol. 13 No. 3, 2010
pp. 184-201
q Emerald Group Publishing Limited
1368-5201
DOI 10.1108/13685201011057109
1. Introduction
This paper examines the enforcement of the Anti-money Laundering and Counter
Terrorism Financing (AMLCTF) Act of Australia on small and medium prepaid card
service providers. Prepaid cards also known as stored value cards (SVCs), are a new
means of payment which are becoming popular ( Jacob, 2004, p. 6) in various forms
such as gift cards or network branded cards where funds to be used should be paid
in advance. Also referred to as pay early cards (Sienkiewicz, 2007), they offer
several advantages over traditional payment cards (credit and debit cards)
(Sienkiewicz,
2007) and even cash (Linn, 2008): anonymity, convenience of accessing the services in
non-financial institutions such as retailers, no credit checks and worldwide
acceptance (Choo, 2008) to name a few. Such features of prepaid cards attract not
only legitimate customers but also criminals (Linn, 2008) who are constantly seeking
to
 disguise illegitimate transactions. Much research in anti-money laundering has AMLCTF
focused around the potential use of prepaid cards as a money laundering vehicle
compliance
(TCSR, 2006; Sienkiewicz, 2007; Choo, 2008), on control strategies to prevent such
Downloaded by University of Wollongong At 01:39 27 May 2016 (PT)

exploitation (Khairuddin et al., 2008), the vulnerabilities in regulating the movement of

prepaid cards across border (Linn, 2008). In addition, Zahn et al. (2007) compared the
anti-money laundering regimes of two different countries Australia and Ukraine while
Sathye (2008) looked at AML/CTF Act compliance cost estimation for Australian 185
financial institutions. However, no study has yet been done on the feasibility of
enforcement of the AML/CTF Act on small and medium enterprises (SMEs). This study
fills this gap in money laundering literature by taking into account a major player in the
Australian economy: SMEs.
SMEs comprise over 90 percent of the Australian economy (ABS, 2001) and
provide around 42 percent of total employment in Australia (Ergas and Orr, 2007).
Regarded as the engine of growth (Fan, 2003) for being major job providers in the
country, the contribution of SMEs does not end there. Their involvement in the
economy helps maintain market competition (Fan, 2003) preventing monopoly by
larger organizations. In addition, they encourage entrepreneurship by providing
necessary funding and skills enhancement plans to make alliance of skills and
innovation possible (Dickinson, 2008). Just like larger firms involved in financial
activities, SMEs working in this area are also vulnerable to money launderers whose
intention is to disguise the source of illegally generated money. The AMLCTF Act
came into enforcement to address such money laundering and additionally
terrorism financing issues in 2006 (AMLCTF, 2006). According to the compliance
requirements of the AMLCTF Act, the regulated entities need to have appropriate
controls in place to prevent and detect money laundering and terrorism financing
(ML/TF) crimes (AMLCTF, 2006). According to Liondis (2008), small businesses are
required to comply with the Act more for their own sake as otherwise they may fall
victim to criminals. This is supported by the argument that money launderers hunt
for unsophisticated financial markets and economies as their intermediaries to hide
from the law (IFOA, 2004).
The AMLCTF Act requires every business providing certain services referred to as
designated services to comply with it. As prepaid cards are one of the designated
services (AMLCTF, 2006), the prepaid card service providers are required to adhere to
the AMLCTF Act. However, prepaid cards with monetary value less than a threshold
amount ($1,000 for cards that can be used to withdraw cash and $5,000 for cards
without the facility to withdraw cash) are exempt from the compliance (AMLCTF,
2006, pp. 40-1). The objective of this move seems to be to provide relative relief to
small and medium prepaid card service providers. However, we consider this
exemption a
loophole in the legislation. The argument is that since larger financial institutions have
resources and a history of exposure to anti-money laundering legislation (Drummond,
2009), criminals may consider these small businesses to be the weakest link to exploit
legitimate financial systems. However, we also do not agree with the compliance
requirements demanded from small and medium businesses (when not exempted)
which demonstrate a one size fits all approach. Although, Australian Transactions
Reports Analysis Centre (AUSTRAC), the regulator of AMLCTF, has allowed a risk
based approach to tackle risks according to the scale and size of businesses
(AUSTRAC, 2007), there are considerable disadvantages of such approach for SMEs
(Geary, 2009). Therefore, we emphasize that prescriptive or rule-based approach is
 JMLC realistic for resource constrained businesses and have attempted in this paper to
13,3 illustrate by an example of how it could be done.
Thus, the objective of this paper can be translated into the following research
questions:
Downloaded by University of Wollongong At 01:39 27 May 2016 (PT)

RQ1. Would SMEs in the prepaid card industry benefit from the exemption
criteria in the AML/CTF Act or does it induce more vulnerability for them?
186 RQ2. What are the compliance requirements of the AMLCTF Act and can they
realistically be adopted by small and medium businesses?
We investigate both these questions in depth in this paper.
According to Ergas and Orr (2007), about 99.5 percent of businesses that ceased to
operate during 2005-2006 were SMEs. As SMEs are a vital part of the Australian
economy (ABS, 2001), it is absolutely essential to ensure their wellbeing. Having said
that, it should also be ensured that they do not become a tool for criminals looking
to launder money or fund terrorism activities. ML/TF have a close relationship as
terrorists hide the source of their funds using similar money laundering methodologies
( Johnson, 2000). However, terrorists hide the source for future criminal purpose
whereas money launderers hide the source so that the money can be injected back into
the legitimate financial stream, i.e. to hide the illegal means by which the money was
earned ( Johnson, 2000). Nonetheless, money laundering has overwhelming social
and economic consequences (McDowell and Novis, 2001). Unpredictable movement of
huge
amounts of money can result in misleading market figures and therefore economic
policies (Mc Dowell and Novis, 2001) while human capital diverted to such criminal
activities has a negative impact on the society. On the other hand, terrorist activities
threaten the security posture of a country and can destabilize the operations of a
country.
Therefore, this paper not only contributes to the research literature but provides
a wakeup call to authorities more focused on larger organizations to prevent ML/TF.
The rest of the paper unfolds as follows: Section 2 provides a definition of SMEs in
prepaid card industry; Section 3 gives a brief overview of the AML/CTF compliance
requirements and its feasibility analysis with respect to small and medium prepaid
card service providers; Section 4 suggests how and why a prescriptive approach
would
be more realistic for compliance by SMEs and finally Section 5 gives the
conclusion.

2. A definition of SMEs in the prepaid card industry

There is no standard definition of SMEs that is broadly agreed upon around the
world
(SDSI, 2003; Clarke, 2006): their definition varies with economies. However, the number
of employees is the most common and popular criterion for defining SMEs (SDSI,
2003). According to ABS (2001), an Australian small business employs , 20
employees and a medium business employs 20 or more but , 200 employees.
Prior to classifying the prepaid card service providers, it is important to look into
the market for the range of products and vendors involved. Basically there are four
types of prepaid cards: open-loop cards, semi-open-loop cards, closed-loop
cards, and
semi-closed-loop cards (Sienkiewicz, 2007; Choo, 2008; Linn, 2008; Khairuddin et
al.,
2008). Open-loop cards are the prepaid cards with the most functionality. There are
network branded (VISA and MasterCard) cards which are accepted worldwide, are
reloadable and can be used to withdraw cash from ATMs (Choo, 2008) such as
CANVAS Prepaid VISA Card[1] and Travelex Cash Passport[1]. Semi-open-loop
cards resemble
 open-loop cards but do not include the cash withdrawing facility (Sienkiewicz, 2007; AMLCTF
Choo, 2008; Linn, 2008; Khairuddin et al., 2008). However, it was found that a variation
of compliance
semi-open-loop cards, i.e. those without reloading facility also exists on the market.
Downloaded by University of Wollongong At 01:39 27 May 2016 (PT)

ANZ Visa Gift Card[1], Commonwealth Bank MasterCard Gift Card[1], Gillian
Griffiths[1], Westpac MasterCard Gift Card[1] are some examples of such flavors of
semi-open-loop cards. In contrast, closed-loop cards and semi-closed-loop
cards have limited
functionalities. They are not reloadable and are accepted by limited merchants only. 187
While closed-loop cards are tied to a specific merchant such as the David Jones
which can be used in David Jones stores only, semi-closed-loop cards are accepted by a
Cards[1]
number of merchants listed on the card. An example of a semi-closed-loop card is the
Wish Gift Card[1] which can be used in Woolworths group participant stores such as
Woolworths and Safeway supermarkets, CALTEX Woolworths and CALTEX, BigW,
Dick Smith Electronics, and Dan Murphys Stores[1].

The result of an online search of prepaid card service providers showed numerous
issuers and retailers. With such a range of prepaid card service providers in the
Australian market, two problems were encountered in classifying them as small,
medium, or large businesses:
(1) For many prepaid card service providers, the prepaid card is not a primary
product of their business and in addition, many such businesses are categorized
as large organizations, for instance, the wish gift card issued by Woolworth or
the ANZ Visa gift card issued by ANZ. Therefore, it would be unfair to classify
them as large businesses in terms of prepaid card service providers. However,
it is difficult to know how many employees are responsible for the service to
enable classifying them based on commonly used SMEs classification
criterion: number of employees or other criterion such as annual sales
turnover from prepaid cards only.
(2) Some prepaid card issuers offer only online services, for example, CANVAS
Cards. Is there a way to classify such business under any business category?
We will attempt to answer these questions first.

2.1 Definition of SMEs for prepaid card service providers

Definitions of SMEs differ according to industry type which may be a service
providing business or manufacturer (SDSI, 2003). Also, apart from the number of
employees, capitalization, assets, sales, and production capacity are also used as a
metric of classification (SDSI, 2003). However, due to the unique nature of prepaid
card products, i.e. they generally exist as a supplement product to other businesses
(from
our online search), it was necessary to formulate a separate classification criterion.
Licensing requirements of prepaid card issuers and retailers can be adopted as a
rational way to build up the metric for their classification into small, medium, or large
businesses. Prepaid cards or SVCs come under non-cash payment (NCP) facilities
and Australian Securities and Investments Commission (ASIC), regulator of
financial services in Australia requires the providers to have financial services
license (ASIC,
2005). However, certain NCP facilities are waived from the licensing requirements
under unconditional relief or conditional relief. The objective of such exclusion is
aimed at those low risk NCP facilities that would benefit less from the compliance
cost of the regulatory regime (ASIC, 2005, p. 7).
 JMLC Unconditional relief allows financial service providers to offer the specified
13,3 services without obtaining the financial services license (ASIC, 2005). Gift cards and
vouchers are such services where their vendor is not required to have a financial
services license to sell them. Another kind of exemption, unconditional relief is
Downloaded by University of Wollongong At 01:39 27 May 2016 (PT)

provided to some low-value NCP facilities where low-value refers to value no more
than $1,000 (ASIC,
188 2005, p. 8). The vendors of low-value NCP eligible for conditional relief are required to
adhere to certain conditions such as providing disclosure statements, clear fees and
charges, and terms and conditions for purchasing to ensure consumer protection and
market integrity (ASIC, 2005).
Based on this analysis, SMEs in prepaid card industry can be classified as:
.
Closed-loop card and semi-closed-loop card issuers and distributors (card value
, A$1,000). These include gift card issuers and sellers such as Myer, David
Jones, Woolworths, Coles, Harris Scarfe, and so on.
.
Semi-open-loop prepaid card issuers and distributors (card value , A$1,000).
These include ANZ, Gillian Griffiths, Westpac, and Commonwealth bank.
Irrespective of businesses prior classification for their primary product, we classify
these service providers as SMEs in our study. For example, Woolworths is a large
organization but as a prepaid card service provider, it becomes a SME. Our argument
is that the exemption provided by ASIC for NCP is to provide assistance for SMEs.
Therefore, exemption criteria could be considered as classification criteria for SMEs.
For online prepaid card businesses, we adopt the same principle of classification
criteria. If they provide any cards, other than open-loop cards, with monetary value
, $1,000 then they become SMEs. More precisely, we do not consider any
businesses selling open-loop cards as SMEs. Our argument is that organizations
that provide open-loop Cards have to get the financial license without any exception
(ASIC, 2005). These organizations thus would have made a significant investment
to bear the
establishment cost beyond the scope of SMEs.

2.2 Anomaly in definition

Some prepaid card issuers provide open-loop cards together with other kinds of
prepaid cards. In such instances, they will not be categorized as SMEs. For example,
the Heritage Building Society provides semi-open-loop card[2] and open-loop card[2]
and consequently we do not consider the heritage building society as an SME. Our
definition can be summarized in the Venn diagram shown in Figure 1.

3. Feasibility analysis of the AMLCTF Act compliance for small and

medium prepaid card service providers
The AMLCTF Act does not target industries but designated services (Drummond,
2009). Therefore, any business providing these designated services should be
compliant with the AMLCTF Act irrespective of its size or nature (AMLCTF, 2006).
This suggests that similar to large organizations SMEs also need to comply with the
Act meeting all requirements. But SMEs by their nature have constrained resources
(Clarke, 2006) and could face significant problems for the compliance. Therefore, it
becomes important to look into the compliance requirements of the AMLCTF Act to
determine if these requirements are realistic for SMEs to adhere to. As mentioned
 SME
AMLCTF
compliance
Downloaded by University of Wollongong At 01:39 27 May 2016 (PT)

Not SME

Not SME
189
Here,

SME
Prepaid card service providers of closed, semi-closed and semi-open cards and
therefore SMEs from our definition
Not SME
Open loop servicecard providers and hence not SMEs

Not SME
Representation of open loop service providers together with other types of Figure 1.
prepaid cards. Hence, theyare not SMEs too

earlier, this study focuses on prepaid card SMEs but it could also be significant in
providing information that can be related to other SMEs.

3.1 Large organizations compliance issues

First, we discuss some problems mentioned by large financial organizations to get an
idea of the administration and financial costs required to be AMLCTF Act compliant.
Doing so would provide an understanding of its applicability to SMEs. The objective
here is to explore the impact of the AMLCTF Act on larger organizations so as to do
analogical analysis on SMEs.
The introduction of the AMLCTF Act brought outcry from industries about the
additional expense and administration cost to adhere to the Act (Elders Rural Bank
(ERB), 2006; Drummond, 2009; Woodhead, 2007). Almost all financial operations today
are integrated with information and communication technologies and changes to
financial systems entail changes in information and communication Technology.
Drummond (2009) points out that the initial setup costs especially for restructuring IT
systems and staff training are in the vicinity of $100 million each. ERB (2006) was
concerned with the cost associated with changes to the entire existing structure of the
bank including management and information technology. Banks have also released
their compliance cost estimate as a whole: for example, ANZ projects this cost to be
$66 million over three years which aligns with the PricewaterhouseCoopers ballpark
estimate for major financial institutions at between $50 and $100 million
(Woodhead,
2007). Furthermore, Sathye (2008) estimates the cost of AMLCTF Act compliance for
financial institutions in Australia to be collectively $1.02 billion at 2007 prices.
Hence,
clearly AMLCTF Act compliance cost is a major hindrance for large financial
organizations. In addition, there has also been concern about the clarity of the
requirements and expectations of the Act (Ingram, 2008).
The risk-based approach of the AMLCTF Act, referred to as principles-based
legislation, aims to provide control to the organization itself to design an AMLCTF
program that suits it (AUSTRAC, 2007). This transfer of control from regulatory
body to the regulated entity provides flexibility (Ross and Hannan, 2007) but requires
the organizations to be knowledgeable of the risks they face. Misunderstanding
of these risks may be interpreted as non-compliance by AUSTRAC (2007). In turn,
 JMLC the organizations might be penalized with fines up to $11 million for corporations
13,3 and $2.2 million for an individual (AMLCTF, 2006, pp. 40, 76). Nevertheless,
large organizations are in a better position than smaller organizations. Existence
of the precursor, Financial Transactions Reports Act (FTRA), to the AMLCTF Act
Downloaded by University of Wollongong At 01:39 27 May 2016 (PT)

indicates that the anti-money laundering regime is not new to larger financial
institutions. Since, they needed to be compliant with FTRA prior to the AMLCTF
190 Act, they are familiar with similar obligations under FTRA and 100 points identities
check (Drummond, 2009). The survey by Klynveld Peat Marwick Goerdeler (2008)
suggest that the big banks are capable of meeting these compliance costs and this
argument is supported by the fact that the total profit reported by big five banks was
$8.8 billion in the first half of 2007-
2008. Still, major banks are finding it difficult to comprehend legislation
expectations and meet compliance cost. Thus, it would be fair to say that small
businesses who are new to the anti-money laundering regime would find it hard going
to be compliant.
SMEs have limited resources (Clarke, 2006) and a risk-based approach which
expects reporting entities to have comprehensive understanding of ML/TF risks may
be onerous. Moreover, the cost of complying can be overwhelming. Although we were
unable to find any compliance cost estimate for SMEs based on the information
available it will not be inconsiderable. Hence, for small businesses fairly new to the
AMLCTF Act, compliance seems to be entirely a burden. Having said this, we do
believe that compliance is a must. Hence, we now look at the different requirements of
the AMLCTF act and do a feasibility analysis of each.

3.2 AMLCTF compliance requirements feasibility analysis for prepaid card service
providers (SMEs)
This feasibility analysis is done for prepaid card SMEs to determine if the AMLCTF
Act requirements are reasonable for them. The output of the analysis of each
requirement is given a feasibility rating from 0 to 5 where each dark star is a point.
A feasibility rating of 5 implies that the compliance requirement is fully applicable
and
0 means that it is not applicable at all.
This feasibility analysis is based on the study of the AMLCTF Act compliance
requirements as listed by AUSTRAC[2] and prepaid card service providers modus
operandi in the market. Through an online search of various prepaid card service
providers, information about how prepaid cards can be purchased, what documents
are required from the customer and the like were obtained. Moreover, study of other
research papers on SMEs and the impact of other regulatory compliance on them
(Sathye, 2008; Schmidt and Bennison, 2007; Drummond, 2009), gave an insight into
the limitations of SMEs enabling us to give the respective feasibility ratings.
The following study looks at the main areas of the AMLCTF Act compliance and
each one is listed, detailed, and reasoned to determine its applicability to prepaid
cards SMEs.
3.2.1 The AMLCTF compliance area: know your customer (KYC).
Explanation. KYC refers to authentication of customers based on FTRA 100 points
check form where customers are required to provide proof of identification to satisfy
the 100 points requirement[2]. In general, one primary document (birth certificate/
citizenship certificate/passport) and one or two other proof of identification, for
example, drivers license is enough for 100 points requirement.
 Analysis. KYC is an essential requirement to be met to prevent money laundering AMLCTF
by establishing proper identification of the customer. However, for purchasing a single
compliance
prepaid card below $500, identification would not be required (Khairuddin et al.,
Downloaded by University of Wollongong At 01:39 27 May 2016 (PT)

2008). The current trend as demonstrated by our online search also indicates that
small denomination gift cards could be bought without providing any customer
information. However, it was alarming to find that even bulk purchase of these gift
cards did
require thenot
customer to be identified. Although gift cards monetary value cannot be 191
withdrawn as cash from ATMs, they have been found to be used in illegal trade as an
alternative for money (MLTA, 2005). Therefore, we emphasize the suggestion made by
Khairuddin et al. (2008) that bulk purchase of gift cards should be limited to 10 unless
the customer agrees to provide his/her identification. On the other hand, for the
semi-open-loop cards such as ANZ Visa gift card and the like, customers are required
to provide identification.
Feasibility rating. Since, the requirement is not suitable for isolated purchase of gift
cards; we give a feasibility rating of 3, i.e.: wwwqq.
3.2.2 The AMLCTF compliance area: employee due diligence.
Explanation. Employee due diligence requires monitoring of employees capable of
facilitating ML/TF (OLDP, 2007). The process is risk based and allows the
determination
of job positions that pose ML/TF risk and therefore should be under constant
supervision. Both existing employees and prospective ones need to be screened.
This is generally performed by employees identity and background checking. Also,
the businesses, as reporting entities, are required to have controls in place to manage
employees who fail to comply with any procedure established under their employee
due diligence program.
Analysis. Employee due diligence is an important requirement to ensure that
employees are not the weakest link in the business. Both prospective and existing
employees need to be monitored as either may assist in ML/TF activities. This is fully
applicable to prepaid cards SMEs.
Feasibility rating: wwwww.
3.2.3 The AMLCTF compliance area: employee training.
Explanation. This requirement emphasizes an employees awareness of ML/TF
risks followed by appropriate training programs to prevent such activities[2]. Such an
awareness and training program must be designed to provide employees with
sufficient knowledge of the AMLCTF program and the consequences of
non-compliance. Therefore, employee must understand all products or services they
deal with and the ML/TF risks associated with it.
Analysis. Employees interacting with customers for selling prepaid cards need to
know the essence of procedures such as customer identification as they are the front
line defence. Additionally, the awareness program ensures that employees do not fall
victim
due to ignorance. This is why the requirement is fully applicable to prepaid cards
SMEs.
Feasibility rating: wwwww.
3.2.4 The AMLCTF compliance area: ongoing customer due diligence.
Explanation. This procedure involves the customers transactions monitoring
process on an ongoing basis[2]. AUSTRAC also requires reporting entities to verify
the KYC information and set the trigger point to identify suspicious activities.
The
ongoing customer due diligence process is risk based and can be modified to cater to
the scale and business activities of the reporting entity.
 JMLC Analysis. Usually, whenever a customer purchases a prepaid card, there is no
13,3 personal bank account linked with the associated fund (MLTA, 2005). Rather the
monetary value of the card is stored in the common aggregate/pooled account owned
by the prepaid card company (MLTA, 2005). Therefore, it follows that prepaid card
Downloaded by University of Wollongong At 01:39 27 May 2016 (PT)

owners cannot be accounted for their transactions. In such case, ongoing customer
due diligence becomes inappropriate for prepaid card SMEs.
192 Feasibility rating: 0, i.e. qqqqq.
3.2.5 The AMLCTF compliance area: reporting of international funds transfer
instructions, threshold transactions, suspicious matters.
Explanation. Business activities or services that include international fund transfer
are required to keep records of transactions for reporting purpose[2]. Also the
reporting entities should be vigilant enough to identify suspicious activities, for
example, tax
evasion and report it through suspicious matter report[2]. Also, any transaction more
than A$10,000 made via a designated service provided by the reporting entity should
be reported through threshold transaction report[2].
Analysis. Threshold amount is $10,000 or more (AMLCTF). But SME prepaid card
providers offer prepaid card value no more than $1,000. In addition, the prepaid card
cannot be used to transfer its monetary value to other bank accounts (online search).
These prepaid cards are non-reloadable and are typically stored in a common pool
account which makes this requirement of reporting international funds transfer,
threshold transactions, and suspicious matters reporting non-applicable for SMEs.
Feasibility rating: 0, i.e. wwqqq.
3.2.6 The AMLCTF compliance area: record keeping.
Explanation. Reporting entities need to have proper documentation of the
AMLCTF program for further investigation or reporting purpose[2]. Besides,
transactions records are required to be kept for seven years under this
requirement[2].
Analysis. Record keeping of the AMLCTF program is applicable to SMEs as they
need to justify their effort in compliance procedures. However, record keeping of
transactions made by each customer is inappropriate as a common account is used for
all prepaid card owners of a particular prepaid card product.
Feasibility rating: 2, i.e. wwqqq.
3.2.7 The AMLCTF compliance area: AML compliance manager.
Explanation. Each reporting entity is required to appoint one AML compliance
manager or compliance officer who is responsible for providing the compliance
report[2]. AUSTRAC describes the compliance officer as the one who is responsible for
conducting and managing the compliance program; the officer must be at managerial
level. In addition, the officer must be independent, have appropriate seniority, be
accountable and should be skilled and experienced.
Analysis. SMEs have only a few employees often with owners as managers (Clarke,
2006, p. 3). Also the skills and qualification requirements of the compliance manager
are very high as set by the AMLCTF Act. Therefore, SMEs may not be able to afford
to
have an AML compliance manager.
Feasibility rating: 0, i.e. qqqqq.
These seven requirements form the major elements of the standard AMLCTF
program[2]. From the analysis, we can see that not all of the major requirements
are applicable to SMEs. Thus, we suggest that SMEs be subjected to only those
requirements feasible for them, such as KYC, employee due diligence, employee
training,
 reporting of suspicious matters, and record keeping. There are other requirements but AMLCTF
we do not consider them here as they are not applicable to our study.
compliance
Downloaded by University of Wollongong At 01:39 27 May 2016 (PT)

4. A prescriptive compliance method for SMEs

In this section, we discuss the AMLCTF Act exemption for SME prepaid card
providers and possible adverse effects of this on SMEs. While we stress that SMEs
should be regulated under the anti-money laundering regime, a rule-based approach 193
may be more suitable than the current risk-based approach of the AMLCTF Act.

4.1 Why SMEs need to be

regulated?
As much as we agree that requiring compliance could cause excessive stress to SMEs,
we cannot ignore the fact that legislation compliance helps them to sustain their
business. Without proper defence, they may be targeted by criminals to carry out
illegal activities as large financial institutions adopt more sophisticated anti-money
laundering and counter terrorism financing schemes (Ross and Hannan, 2007). Illegal
funds are frequently transferred to disguise source and reliance on such funds may
leadAnto important
demise of point
these to note is thatSMEs
manipulated compliance
(IFOA, requirements
2004). should not outweigh
benefits as otherwise businesses would be forced to shut down. Australian newsagent
federation (ANF) noticed that many newsagents have stopped providing remittance
services to avoid compliance with the AMLCTF Act (ARRB, 2008) as remittance
service providers have to comply with the legislation (AMLCTF, 2006). However, if
a similar situation is encountered by prepaid card SMEs, organizations providing
prepaid card service as a supplement to their core business may stop the service to
avoid the compliance requirements, but businesses solely providing prepaid card
services may find themselves out of business. Therefore, compliance requirements
should be justifiable to the size and operation scale of businesses.
The AMLCTF (2006, p. 40) Act exempts from compliance businesses selling
closed-loop, semi-closed-loop and semi-open-loop cards with value (including reloading
value if applicable) not more than A$5,000. Likewise, providers of open-loop cards
either valued below A$1,000 and/or allowing reloading up to A$1,000 are also exempt
from AMLCTF (2006, pp. 40-1) Act compliance. We, however, do not agree with this
approach. In an online search, we found that almost all prepaid card SMEs offer
prepaid cards below the threshold value to escape from the AMLCTF compliance[2],
e.g. the major banks: Westpac, Commonwealth, ANZ, and Gillian Griffiths. The
maximum monetary value of the Westpac MasterCard gift card, Gillian Griffiths Visa
gift card, Commonwealth Bank MasterCard gift card, and ANZ VISA gift card are
A$800, A$800, A$500, and A$500, respectively. Next, no limit is set on the number of
these prepaid cards that can be bought at any one time[2]. This is a loop-hole and
non-regulation of SME prepaid cards providers might open up opportunities for
criminals to exploit the prepaid cards for illegal activities.

4.2 Risk-based approach vs prescriptive approach for SMEs

The idea behind the risk-based AMLCTF compliance procedure is that organizations
are more aware of their business risks and are in a better position to address them
effectively (AUSTRAC, 2007). This seems to outsmart the one size fits all approach
adopted by the predecessor of AMLCTF: FTRA. However, a risk-based approach
 JMLC requires enormous work by reporting entities. In addition, organizations themselves
13,3 need to define the risks pertinent to their business this can be misleading. Ross
and Hannan (2007) support this argument finding the risk-based approach of the
AMLCTF Act vague and consisting significant element of uncertainty.
Downloaded by University of Wollongong At 01:39 27 May 2016 (PT)

A risk-based approach involves risk assessment processes which need to be

reviewed and updated periodically to address evolving risks since ML/TF activities
194 are dynamic (Ross and Hannan, 2007). The precision of a risk assessment process is
important as the entire risk-based approach becomes faulty without proper
identification of risks (Geary,
2009). Owing to the dynamic nature of ML/TF activities, a risk-based approach need
to be proactive as well (Geary, 2009). Thus, without both a reactive and a proactive
risk
management strategy, AMLCTF Act compliance becomes merely a regulatory risk
avoidance tactic for organizations therefore undermining the legislations primary
objective to control ML/TF activities.
SMEs may be reluctant to use a risk-based approach due to their limited resource.
Concerns have been raised about their ability to make significant investment in the
complex risk assessment processes necessary to design a risk-based AMLCTF
program
suitable for them (Ross and Hannan, 2007; Geary, 2009). Without an effective risk-
based
approach, the flawed AMLCTF program could be interpreted as non-compliance
leading to SMEs getting penalized. This is why a risk-based approach has been
regarded as a
double edged sword (Ingram, 2008) or as contradictory legislation (Drummond,
2009). In other words, the regulated entities are in charge of their own AMLCTF
compliance
program but would get fined if they fail to interpret the compliance requirements as
expected by AUSTRAC.
We believe there is another way for resource constrained SMEs: a prescriptive
approach. It refers to a system where each and every action listed has to be followed.
A
prescriptive approach has been criticized for being hard and fast (Ross and Hannan,
2007) but it also brings clarity. Considering the fact that a risk-based approach
has caused some confusion in reporting entities, a non ambiguous rule set would not
only educate SMEs but also encourage compliance. Thus, we believe, the traditional
prescriptive approach more like baseline approach would be suitable for SMEs
considering their limited manpower and financial resources. The baseline approach
is basic essential (Fitzgerald, 1995) that outlines controls necessary for
organizations
that have not properly addressed security and are not likely to do it in a structured
manner. Moreover, AUSTRAC as a regulatory body is in the best position to access
resources required to keep abreast with the latest trends in ML/TF procedures. Hence,
they would be able to cultivate best practices for SMEs via the enforcement of the Act
discouraging criminals from approaching prepaid card SMEs for illegitimate
activities. An example of such a baseline approach is attached in the Appendix of
this paper.

5. Conclusion
Enforcement of the AML/CTF Act allows businesses vulnerable to ML/TF to have
appropriate controls in place to prevent and detect such activities effectively.
Since the AMLCTF Act addresses services and not particular industries, it
extends offering the designated services which include prepaid cards. Since, prepaid cards in
to the market exist as a supplementary product in most businesses it is
SMEs not possible to define SMEs in the prepaid card industry using the commonly adopted
classification criteria. We, therefore, define prepaid card SMEs on the basis of the
 Australian financial services licensing requirement and include providers of prepaid AMLCTF
cards that cannot be used to withdraw cash (closed, semi-closed, and semi-open) below
monetary value of A$1,000. compliance
The AMLCTF Act exempts such SME prepaid card providers from compliance. We believe this is a
Downloaded by University of Wollongong At 01:39 27 May 2016 (PT)

loop-hole and SMEs need to be complaint as non-regulated businesses might be targeted by criminals.
Having said that, the legislations complexity and

overwhelming expectations discourage SMEs from compliance. Moreover, larger 195

organizations despite being familiar with the anti-money laundering regime were
found
to have complained about the AMLCTF Acts compliance cost and self-judgmental
requirements. In this situation, where resourceful and financially capable larger firms
struggle to meet the compliance requirements, only a few SMEs can afford to comply
with the Act.
AUSTRAC believes that the risk-based approach of the Act enables even small
businesses to comply without stretching their resources. But again, this approach
requires significant knowledge investment to undertake a proper risk analysis which
underpins the AMLCTF Act compliance program. Any flaw in such a risk assessment
can destroy the authenticity of the whole program resulting in the regulatory risk of
being penalized. Risk assessment only allows small businesses to determine the
amount of reporting to be done depending on their judgment of the level of risk
(high, low, or medium) but not the precise methodology to come with the risk level in
the first place. While such an approach might be suitable for large organizations, a
prescriptive method more like baseline method should be considered for SMEs.
Furthermore, on doing a feasibility analysis of the AMLCTF Act compliance
requirements to determine its applicability to SMEs, we found that only a few
requirements were suitable for SME prepaid card service providers. In a nutshell, in
this paper we argue that SMEs should not be exempted from compliance but also
agree that the current compliance requirements are enormous for them. Therefore,
prepaid card service providers SMEs should be compliant with the AMLCTF Act
but should only be subjected to requirements that are suitable for them. We
believe that AUSTRAC is well resourced to determine the latest ML/TF methods
and design relevant AMLCTF program for SMEs in prepaid card industry. Finally,
we give an example of the baseline approach for prepaid cards SMEs to be AMLCTF
compliant.

Notes
1. Online search of prepaid card service providers comprises of the following:
.
Westpac (2010), MasterCard Gift Card 2009 updated, available at: www.westpac.com.au/
personal-banking/bank-accounts/debit-cards/gift-cards/ (accessed April 12, 2009).
.
Gillian Griffiths, 2008, Avoid uncomfortable silences this Christmas, Monday, December
1, available at: www.nab.com.au/wps/wcm/connect/nab/nab/home/about_us/8/5/37/
avoiduncomfortablesilencesthischristmas (accessed June 21, 2010).
.
CANVAS Prepaid VISA Card (2009), Heritage Building Society, available at: www.
mycanvascard.com.au/Content/Homepage.aspx (accessed April 11, 2009).
.
CBA (2008), Terms and conditions of the commonwealth bank mastercard gift card
2008, Commonwealth Bank, available at:
www.commbank.prepaidcardsupport.com/cbacustomer/ html/termandcon.jsp? pg login
(accessed April 12, 2009).
 JMLC .
David Jones (2010), The David Jones gift card, available at: www.davidjones.Com.au/gift_
13,3 card.jsp (accessed April 12, 2009).
.
HBS (2009), About our prepaid cards, Heritage Building Society, available at: www.
Downloaded by University of Wollongong At 01:39 27 May 2016 (PT)

universalgiftcard.com.au/index.cfmpageid g07&CFID 1&CFTOKEN

2ED69D0F851
E0EEF90DC0BFABF4476A6&CFSEQ 1 (accessed April 11, 2009).
196 .
PCC (2009), Prepaid credit card 2009, available at: www.my360 .c om. au/Post.
aspx?id 7996 (accessed April 11, 2009).
.
Travelex (2009), Cash passport prepaid currency card, available at: www.cashpassport.
com.au (accessed April 11, 2009).
.
ANZ VISA Gift Card (2007), available at: www.prepaidshop.com.au/giftcard.asp (accessed
June 21, 2010).
.
Wish Gift Card (2008), available at: www.wishgiftcard.com.au/home/ (accessed April 13,
2009).
2. Explanation of these requirements is taken from AUSTRAC web site:
.
AUSTRAC (2007, www.austrac.gov.au/).

References
ABS (2001), Small Business in Australia, Australian Bureau of Statistics, Canberra, available
at: www.abs.gov.au/Ausstats/abs@.nsf/0/97452f3932f44031ca256c5b00027f19? (accessed
August 10, 2009).
AMLCTF (2006), Anti-money laundering and counter terrorism financing act 2006, available
at: www.comlaw.gov.au/ComLaw/Legislation/ActCompilation1.nsf/0/8405C57030577F9
6CA25751C001E5BBF? (accessed April 18, 2009).
ARRB (2008), Regulatory issues in the distributive trades, Annual Review of Regulatory
Burden, available at: www.pc.gov.au/data/assets/pdf_file/0003/83037/09-chapter7.pdf
(accessed September 21, 2009).
ASIC (2005), ASIC policy statement [PS 185] proposed policy statement for non-cash payment
facilities regulation impact statement (RIS), Australian Securities and Investments
Commission, available at: www.watchdog.asic.gov.au/asic/pdflib.nsf/LookupByFile
Name/RIS_ps185.pdf/$file/RIS_ps185.pdf (accessed August 10, 2009).
AUSTRAC (2007), Australian transaction report and analysis centre, available at: www.
austrac.gov.au/ (accessed September 24, 2009).
Choo, K.K.R. (2008), Money laundering risks of prepaid stored value cards, Australian Institute
of Criminology, available at: www.aic.gov.au/publications/tandi2/tandi363.pdf (accessed
March 7, 2009).
Clarke, A.D. (2006), SMES and corporate governance: politics, resources and trickle-down
effects, available at: www.clta.edu.au/docs/pdf/2006-conf-papers/ADClarke.pdf (accessed
October 10, 2009).
Dickinson, G.P. (2008), Company formation and regulation compliance for SMEs (Estonia),
International Journal of Law and Management, Vol. 50 No. 3, pp. 136-48.
Drummond, S. (2009), Enforcing responsibility, Risk Magazine, available at: www.
riskmanagementmagazine.com.au/articles/79/0C055779.asp?Type124&Category1240
(accessed September 24, 2009).
ERB (2006), Submission for the exposure draft of the anti-money laundering and counter
terrorism financing bill 2005, Elders Rural Bank, available at: www.ag.gov.au/www/agd/
 rwp attach.nsf/VAP/(F8075C460713B173t1160FAA5B2A642EE),Elders^Rural^Bank^00
60410.pdf/$file/Elders^Rural^Bank ^ 20060410.pdf (accessed September 28, 2009).
AMLCTF
Ergas, H. and Orr, J. (2007), SME trends and achievements, available at: www.telstrabusiness.
compliance
co m/bu siness/S howDoc?nodePath%2 FBEA Re pository%2F R esources %2FPres s
Downloaded by University of Wollongong At 01:39 27 May 2016 (PT)

Releases%2FPDF_SMETrendsAndAchievement s//binary&versio n Id1 ( acc e sse d

October 1, 2009).
Fan, Q. (2003), Importance of SMEs and the role of public support in promoting SME 197
development, Creating A Conducive Legal and Regulatory Framework for Small and
Medium Enterprise Development in Russia, A Policy Dialogue Workshop, available at:
http://info.worldbank.org/etools/docs/library/49256/fan.pdf (accessed August 11, 2009).
Fitzgerald, K.J. (1995), Information security baselines, Information Management & Computer
Security, Vol. 3 No. 2, pp. 8-12.
Geary, J.M. (2009), Light is the best antidote, Journal of Money Laundering Control, Vol. 12
No. 3, pp. 215-20.
IFOA (2004), Anti-money laundering, International Federation of Accountants, available at:
www.apgml.org/iss u es/docs/23/ I nt%27l%2 0 Federation%20of%20Accountants_
AML%202nd%20Ed.pdf (accessed September 21, 2009).
Ingram, S. (2008), AML/CTF the state of play in Australia, Melbourne APEC Finance
Quarterly, available at: www.apec-melbournefincen.org.au/MAFQ0208.html (accessed
September 21, 2009).
Jacob, K. (2004), Stored value cards: a scan of current trends and future opportunities, Center
for Financial Services Innovation, available at: http://cfsinnovation.com/system/files/
imported/managed_documents/storedvaluecard_report.pdf (accessed April 10, 2009).
Johnson, J. (2000), Will it make a difference to the global anti money laundering movement?,
Journal of Money Laundering Control, Vol. 6 No. 1, pp. 9-16.
KPMG (2008), Major Australian banks: year end 2008, Klynveld Peat Marwick Goerdeler,
available at: www.kpmg.com/AU/en/IssuesAndInsights/ArticlesPublications/Financial-
Institutions-Peformance-Survey/Major-Banks/Documents/Major-Australian-Banks-Year-
End-2008.pdf) (accessed June 21, 2010).
Khairuddin, M., Zhang, P. and Rao, A. (2008), Risk mitigation strategies for the prepaid card
issuer in Australia, in Valli, C. and Woodward, A. (Eds), Proceedings of the Sixth
Australian Information Security Management Conference, SECAU Security Research
Centre, Edith Cowan University, Perth, pp. 101-9.
Linn, J.C. (2008), Regulating the cross-border movement of prepaid cards, Journal of Money
Laundering Control, Vol. 11 No. 2, pp. 146-71.
Liondis, G. (2008), Frontline vital in fraud prevention, Money Management, available at: www.
moneymanagement.com.au/Article.aspx?ArticleID234146 (accessed May 27, 2009).
Mc Dowell, J. and Novis, G. (2001), The consequences of money laundering and financial
crime, Bureau of International Narcotics and Law Enforcement Affairs, US Department
of State, available at: www.apgml.or g /issues/ docs/30/Negative%20Ef f ects%20of
%20ML_ Economic%20Perspectives%20May%202001.pdf (accessed May 7, 2009).
MLTA (2005), US money laundering threat assessment, available at: www.ustreas.gov/press/
releases/reports/js3077_01112005_MLTA.pdf (accessed September 21, 2009).
OLDP (2007), Anti-money laundering and counter-terrorism financing rules instrument
2007 (No. 1), Office of Legislative Drafting, available at: www.comlaw.gov.au/
ComLaw/Legislation/LegislativeInstrumentCompilation1.nsf/0/681BDF3EF911445BCA25
 JMLC 753E0011D385/$file/AntiMonLaundCountTerrFinRules2007No1.pdf (accessed September
21, 2009).
13,3
Ross, S. and Hannan, M. (2007), Money laundering regulation and risk-based decision-making,
Journal of Money Laundering Control, Vol. 10 No. 1, pp. 106-15.
Downloaded by University of Wollongong At 01:39 27 May 2016 (PT)

Sathye, M. (2008), Estimating the cost of compliance of AMLCTF for financial institutions in
Australia, Journal of Financial Crime, Vol. 15 No. 4, pp. 347-63.
198 Schmidt, R.A. and Bennison, D. (2007), Legislation and SME retailers compliance costs and
consequences, International Journal of Retail & Distribution Management, Vol. 35 No. 4,
pp. 256-70.
SDSI (2003), What is an SME? SME definitions and statistical issues 2003, Journal of
Enterprising Culture, Vol. 11 No. 3, pp. 173-83.
Sienkiewicz, S. (2007), Prepaid cards: vulnerable to money laundering?, Federal Reserve Bank
of Philadelphia Payment Cards Center Discussion Paper No. 07-02, available at:
www.phil. frb.org/payment-
cardscenter/publicati ons/discuss ionpapers/2007/D2 007FebPrepa id
CardsandMoneyLaundering.pdf (accessed May 13, 2009).
TCSR (2006), Prepaid cards an emerging threat, The Corner Stone Report, Vol. III No. 2,
available at: www.ice.gov/doclib/pi/cornerstone/pdf/cs1206.pdf (accessed November 20,
2009).
Woodhead, B. (2007), Regulations drive $46 m Westpac spend: [5 IT Broadsheet Edition],
The Australian, May 8, ProQuest ANZ Newsstand (Document ID: 1266426471), p. 3,
available at: htt p://proq uest. um i.com/pq dweb?did1266426471&sid1&Fmt3&
clientId16532&RQT309&VNamePQD (accessed April 7, 2010).
Zahn, M.V.d., Tower, G., Kostyuk, A.N., Barako, D., Chervoniaschaya, Y., Brown, A.M. and
Kostyuk, H. (2007), The anti-money laundering activities of the central banks of
Australia and Ukraine, Journal of Money Laundering Control, Vol. 10 No. 1, pp. 116-33.

Appendix. AMLCTF program for prepaid card distributors: baseline approach

Information booklet
What is money laundering?
Money laundering is a process by which origin of money is disguised to make it appear
legitimate. Criminals involved in illegal activities such as drug trafficking, arms trafficking and
the like introduce money generated from such crimes into legitimate financial system to hide
their wealth or become legitimate. Money laundering is also known as washing dirty money to
make it clean.
What is terrorism and terrorism financing?
Terrorism is an illegal use of force or violence against innocent people or societies often to show
influence or force government to agree with demanded political, religious, or philosophical
objectives (AUSTRAC).
Terrorist organization requires money to sustain and execute their action plan. Source of
funding for terrorism is both legitimate (e.g. charity or wealthy sponsors) and illegitimate
(e.g. drug trafficking). Terrorism financing is also known as reverse money laundering as most
of the fund comes from legitimate sources i.e. the fund is obtained to do illegal activity in
comparison to money laundering where money is generated from criminal procedures and made
legitimate.
What is a prepaid card?
Prepaid card also known as SVC is an early pay card where the monetary value of the card is
encoded in either a magnetic strip or a computer chip (Choo, 2008).
 Types of prepaid cards:
AMLCTF
compliance
Downloaded by University of Wollongong At 01:39 27 May 2016 (PT)

Increasing level of features 199

Closed
Semi-closed
Open
Figure A1.
Semi-open

.
Closed loop prepaid card. Retailer specific such as David Jones gift card.
.
Semi-closed loop prepaid card. Can be used in a number of participating merchant stores,
e.g. Coles gift card.
.
Semi-open loop prepaid card. Network branded cards such as Visa and MasterCard
without cash withdrawing facility, e.g. Westpac MasterCard gift card.
.
Open-loop card. Network branded cards such as Visa and MasterCard with cash
withdrawing facility, e.g. Canvas card.

How are prepaid cards vulnerable to ML/TF?

Prepaid cards can be obtained without having a bank account. They can be used as alternate
cash and can be transported easily by fitting in a wallet.

What is AMLCTF Act?

Anti-money laundering and counter terrorism financing is the legislation that brings Australia in
line with the international best practices in preventing and detecting anti-money laundering and
terrorism financing (AMLCTF, 2006).

Are you a prepaid card distributor? Is it mandatory for you to comply with AMLCTF Act?
If you are selling any type of prepaid card (e.g. gift cards) then you are distributor of prepaid
cards. According to AMLCTF Act, prepaid card sellers should be compliant with the Act.

Are you prepaid card distributor SME?

You are prepaid card distributor SME if the prepaid card you sell:
.
cannot be used to withdraw cash from ATM; and
.
maximum value of the card is $1,000.

You can consider baseline approach of AMLCTF Act.

If you are not SME distributor then what should you do?
In this case, you should be compliant with general AMLCTF Act.

What is a baseline approach and how is it implemented for SMEs in prepaid card industry?
The baseline approach is basic essential (Fitzgerald, 1995). It outlines controls that are
necessary to organizations that have not properly addressed security and are not likely to do it
in a structured manner (Fitzgerald, 1995). So, baseline approach identifies the basic
essential controls that should implemented by SME distributors to prevent ML/TF.
 JMLC Baseline approach
Know your customer (KYC).
13,3
KYC ensures that the customer and their financial transactions have been effectively
identified, verified and monitored according to ML/TF risks (AUSTRAC).
Downloaded by University of Wollongong At 01:39 27 May 2016 (PT)

KYC is implemented by using 100 point identity check.

Example of 100 point identity check where at least the total point should be 100 point to be
200 eligible (Table AI).
For SME distributors of prepaid cards, following should be considered:
.
In case of prepaid card distributors, identification requirement for a single gift card (up to
$500) (Khairuddin et al., 2008).
.
For bulk purchase (over ten cards or total value above $500), identification check should
be required before selling the prepaid cards. For the identification purpose, instead of
100 point check, a single identification document including signature and photo of
the customer can be accepted, e.g. drivers license, student card, employee identity card,
and the like.

KYC helps to protect the business by accepting only legitimate customers. It is a front line
defense of businesses and should be implemented properly.
Employee due diligence.
Employee due diligence is the process where businesses manage profile of employees
(screen) for controlling ML/TF risks (AUSTRAC). Both to be employees and existing
employees need to be monitored who may be able to assist in money laundering purpose. The
process should however be transparent and be executed with the employees consent.
At first the employment position which may facilitate money laundering should be
considered, i.e. risk positions. In case of retailer, it is frontline staff such as shop attendant.
Owing diligence
should be done by placing a proper procedure for prospective employee background checking
such as:
.
100 point identity check;
.
a check of employment and character references;
.
social networking site (facebook) quick check;
.
drug check; and
.
a national criminal record search as well as checks with ASIC and the Federal Court to
determine if the person is under any sort of disqualification order or is a bankrupt.

For existing employees, screening methods such as use of:

.
surveillance camera;
.
spot check;
.
sudden change in lifestyle of employees;
.
stock check; and
.
record keeping of infraction of rules by employees.

Document Point
Birth certificate/citizenship certificate/current passport 70
Australian drivers license 40
110
Table AI.
 Employee training.
AMLCTF Act requires employees of businesses that are reporting entities to be provided
AMLCTF
with appropriate training at appropriate intervals. It is a good practice to provide training compliance
annually to all the employees and also as a part of induction program to new employees.
Downloaded by University of Wollongong At 01:39 27 May 2016 (PT)

Employees should be made aware of:

.
ML/TF crime and their negative impact on economy;
.
Ways in which prepaid cards can aid in the crimes. For example, bulk purchase of 201
prepaid cards and hence the importance of KYC policy; and
.
consequences of not being compliant, i.e. fine of $2.2 and $11 million for individual and
corporation, respectively.

The cost effective yet appropriate way of providing training is via e-learning courses provided
by AUSTRAC. The quiz for each module of AUSTRAC courses can be used to evaluate and
ensure the understanding of employees.
The business should also cultivate a compliance culture by including the training of
employees in:
.
job description;
.
employment contracts; and
.
as a part of incentive program.

Corresponding author
Asha Rao can be contacted at: asha@rmit.edu.au

To purchase reprints of this article please e-mail: reprints@emeraldinsight.com

Or visit our web site for further details: www.emeraldinsight.com/reprints
 This article has been cited by:

1. Ameya KelkarSchool of Mathematical and Geospatial Sciences, RMIT University,

Melbourne, Australia Asha RaoSchool of Mathematical and Geospatial Sciences,
RMIT University, Melbourne, Australia. 2013. Codesigning compliance to the
Downloaded by University of Wollongong At 01:39 27 May 2016 (PT)

AntiMoney Laundering Act within the small and medium enterprise sector.
Journal of Financial Regulation and Compliance 21:1, 84-101. [Abstract] [Full Text] [PDF]
2. Lishan AiCentre for Transnational Crime Prevention, University of Wollongong,
Wollongong, Australia.
2012. Rulebased but riskoriented approach for combating money
laundering in Chinese financial sectors. Journal of Money Laundering Control 15:2, 198-
209. [Abstract] [Full Text] [PDF]