Australian financial intelligence agency AUSTRAC has ordered an independent audit of Airwallex amid concerns over the company’s AML/CTF compliance framework. The review focuses on whether the global payment platform is meeting its legal obligations under Australia’s anti-money laundering and counter-terrorism financing rules.
The notice was issued to the Airwallex Designated Business Group to assess whether the company has adequate systems in place to protect the Australian financial system from criminal misuse.
#AUSTRAC Raises Concerns Over Airwallex Compliance Controls
According to AUSTRAC CEO Brendan Thomas, independent audits are used where serious regulatory risks may exist. In this case, the audit was initiated following concerns about potential non-compliance with Australia’s AML/CTF Act.
AUSTRAC stated that it is concerned Airwallex’s transaction monitoring program may not be fully aligned with the range of risks faced by the business. The regulator also questioned whether Airwallex has demonstrated a sufficient understanding of its customers and the reporting obligations that may apply to its operations.
As a global payment platform, Airwallex facilitates cross-border money transfers across multiple jurisdictions. This makes effective customer due diligence, transaction monitoring, and suspicious activity reporting particularly important.
#What Will the Independent Audit Cover?
The independent audit was appointed under section 162 of the Anti-Money Laundering and Counter-Terrorism Financing Act 2006.
The review will assess key areas of Airwallex’s AML/CTF compliance program, including:
- customer due diligence procedures;
- transaction monitoring controls;
- suspicious matter reporting;
- AML/CTF risk management;
- effectiveness of internal compliance systems;
- governance and accountability for financial crime controls.
The auditor has 180 days from appointment to provide findings to AUSTRAC. The scope of the audit has been determined by the regulator, and the review will be conducted at Airwallex’s expense.
#Why AUSTRAC Is Focusing on Payment Platforms
AUSTRAC emphasized that strong AML/CTF controls are essential for preventing the misuse of financial services by criminal networks. Weak compliance systems can create risks linked to:
- fraud and scams;
- drug trafficking;
- illegal tobacco activity;
- money laundering;
- terrorism financing;
- child sexual exploitation-related crimes;
- other serious financial crime risks.
The regulator also noted that AML/CTF obligations should not be treated as back-office functions. Boards and senior executives are expected to take responsibility for financial crime risk management, ensure clear accountability, and provide sufficient resources to compliance teams.
#Possible Regulatory Outcomes
The findings of the independent audit will help AUSTRAC determine whether further regulatory action is required. Depending on the outcome, this could include additional compliance directions, enforcement action, or other supervisory measures.
For the broader fintech and payments sector, the Airwallex audit highlights the increasing regulatory focus on AML compliance in Australia, particularly for companies handling cross-border payments and high-volume transactions.
#Airwallex Responds to AUSTRAC’s Direction
Airwallex stated that it will fully cooperate with the independent review of its AML/CTF compliance procedures. The company also said it believes its controls are appropriate and supports the audit process.
Airwallex noted that an external review carried out in 2025, following an earlier AUSTRAC audit in 2024, found that suitable systems and controls had been implemented in the areas reviewed.
The company also emphasized that it has zero tolerance for financial crime and removes clients who fail to meet its compliance standards.
What This Means for AML/CTF Compliance in Australia
The AUSTRAC audit of Airwallex is a reminder that fintech companies, payment providers, and cross-border money transfer platforms must maintain strong and well-documented AML/CTF programs.
For regulated businesses in Australia, key compliance priorities include:
- understanding customer risk profiles;
- maintaining effective transaction monitoring systems;
- detecting and reporting suspicious matters;
- documenting AML/CTF controls;
- ensuring board-level oversight;
- regularly testing compliance frameworks;
- allocating sufficient resources to financial crime prevention.
As AUSTRAC continues to monitor the digital payments sector, companies operating in Australia should review whether their AML/CTF programs are properly designed, implemented, and adapted to their business risks.