Who in my business needs to make decisions before we can start preparing for AML/CTF?
A principal (CEO, Managing Partner, Director or Licensee) must appoint the Compliance Officer and make some key decisions.
Several downstream tasks can't start until a principal - your CEO, Managing Partner, Director, or Licensee - has made an active decision. These aren't administrative tasks; they're judgement calls that unblock everything else:
- Appoint a Compliance Officer and define their authority. Whoever is appointed needs to understand the role before they can do anything in it. If it's an existing staff member, their other responsibilities may need adjusting.
- Decide your KYC/KYB pricing model - whether you'll absorb the cost, on-charge as a disbursement, or build it into a fixed fee. This decision drives your engagement letter, fee disclosure, quote templates, PMS setup and accounting software.
- Decide your approach to existing clients - whether you'll re-verify all active matters, only high-risk ones, or take a risk-based approach. This determines the scope of a substantial internal workload.
- Decide who will perform CDD - all staff, paralegal/admin staff only, or outsourced. Each option changes who you train, what your workflows look like, and what it costs per matter.
- Decide your cutover model - hard cutover on 1 July or a phased pilot on a subset of matters. A hard cutover is simpler but riskier; a phased pilot gives you a lower-stakes test run.
- Determine whether a Reporting Group arrangement applies - if you have related entities, sharing an AML program and CDD under a Reporting Group can simplify compliance significantly, but it requires a deliberate setup decision and AUSTRAC registration of the group.
These principal-level decisions are covered in detail in our Operational Readiness Checklist, Part 1, Section 1.