Compliance professionals who understand the legislation they work under are more effective than those who work from a summary of the rules. This session covers the primary legislation in the UK, New Zealand and Australia, the international framework that underpins all three, and the specific offences, defences and penalties that regulated firms and their people need to understand.

The legislation is not dry background material. These statutes create criminal liability. They apply to individuals within firms, not just to the business itself. Understanding what they actually say, rather than a paraphrase, is essential.

The international framework

Domestic AML legislation does not exist in isolation. It sits atop an international framework established through multilateral conventions and the ongoing work of the Financial Action Task Force. Understanding that framework helps explain why the domestic regimes in the UK, New Zealand and Australia look so similar, even though they are separate pieces of legislation.

International conventions

Four international conventions form the foundation of modern AML law.

The Vienna Convention (1988). The United Nations Convention against Illicit Traffic in Narcotic Drugs and Psychotropic Substances was the first serious international instrument targeting money laundering. Its focus was the proceeds of drug trafficking, and it established the principle that criminalising the conduct that generates proceeds is not enough: the proceeds themselves must be pursued.

The Palermo Convention (2000). The United Nations Convention against Transnational Organised Crime broadened the scope beyond drug proceeds to all serious crime. It established the categories of prevention and enforcement that now underpin international and domestic responses to money laundering, and included significant provisions on asset recovery.

The Strasbourg Convention (1990). The Council of Europe Convention on Laundering, Search, Seizure and Confiscation of the Proceeds from Crime focused on the recovery of criminal proceeds and international cooperation. It was an important step in building the confiscation and asset recovery framework that later AML regimes rely on, with terrorist financing addressed more explicitly in later instruments.

The Warsaw Convention (2005). The Council of Europe Convention on Laundering, Search, Seizure and Confiscation of the Proceeds from Crime and on the Financing of Terrorism was the first international treaty to address both money laundering and terrorist financing in a single instrument. It reflected the post-September 2001 international consensus on the need for an integrated approach.

The Financial Action Task Force

The Financial Action Task Force (FATF) was established in 1989 by the G7. It is an intergovernmental body that sets the international standards for anti-money laundering, counter-terrorist financing and counter-proliferation financing.

FATF does not make domestic law. It sets the standard through its 40 Recommendations and assesses jurisdictions against that standard through mutual evaluations and follow-up processes. Those assessments matter. Jurisdictions that fall short face sustained pressure to reform, and those placed under increased monitoring or subject to a call for action face real consequences for correspondent banking, investment and international financial access.

FATF maintains two public lists. The grey list identifies jurisdictions under increased monitoring, where FATF has identified strategic deficiencies and the jurisdiction has committed to addressing them. The black list, formally the list of high-risk jurisdictions subject to a call for action, identifies jurisdictions where the deficiencies are more serious and where enhanced due diligence is required for business conducted with entities from those countries.

The UK legislative framework

The UK's AML framework is built on three primary statutes, supported by the regulatory instruments covered in Session Three. Each statute addresses a different dimension of the problem.

Proceeds of Crime Act 2002

The Proceeds of Crime Act 2002 (POCA) is the cornerstone of UK anti-money laundering law. Part 7 of the Act creates the principal money laundering offences and the disclosure regime that accompanies them. It applies across England, Wales, Scotland and Northern Ireland.

The three primary offences are found in sections 327, 328 and 329.

Each of these offences requires knowledge or suspicion. A person commits the offence if they know or suspect that the property constitutes or represents a benefit from criminal conduct. That is a deliberately broad and low threshold. You do not need to know the specific crime that generated the proceeds, and you do not need certainty. Suspicion is enough.

Criminal property and the definition that matters

Section 340 of POCA defines criminal property as property that constitutes a person's benefit from criminal conduct, or represents such a benefit, and the alleged offender knows or suspects that it constitutes or represents such a benefit. Criminal conduct is defined as conduct that constitutes an offence in any part of the UK, or would do so if it occurred there.

The breadth of this definition is significant. It captures the proceeds of any criminal conduct, not just serious or organised crime. Tax evasion, benefit fraud, theft and drug supply all generate criminal property within the meaning of POCA. And the property does not have to be cash. Land, goods, financial instruments and any other asset of value can be criminal property.

Territorial scope and the El-Khouri ruling

For many years, there was uncertainty about the territorial reach of sections 327 to 329. The Court of Appeal's decision in R v Rogers [2014] EWCA Crim 1680 had suggested the offences could apply to conduct occurring wholly outside the UK, provided there was sufficient connection to England.

The disclosure regime

Part 7 of POCA also creates the disclosure framework. This is the mechanism by which regulated firms report suspicions of money laundering and obtain protection from liability for doing so.

Section 330. A person commits an offence if they know or suspect, or have reasonable grounds for knowing or suspecting, that another person is engaged in money laundering, the information came to them in the course of a business in the regulated sector, and they do not disclose it to their nominated officer or to the National Crime Agency as soon as practicable. This is the core reporting obligation for the regulated sector.

Section 337. An authorised disclosure is a disclosure made to the NCA before carrying out a transaction that may involve criminal property, seeking consent to proceed. This is commonly referred to as a Defence Against Money Laundering, or DAML.

Section 338. A protected disclosure is one made in the way the Act allows and with the statutory conditions met. A properly made disclosure can provide a defence to one of the primary offences in sections 327 to 329 where the statutory requirements are satisfied. The protection depends on the route taken, the timing and the facts. Firms should not reduce this to a slogan.

The tipping-off prohibition

Section 333A of POCA makes it a criminal offence to tip off a person that a disclosure has been made, or that an investigation is being contemplated or carried out, if doing so is likely to prejudice that investigation. This applies in the regulated sector.

Once a suspicious activity report has been filed, the subject of the report must not be told. Staff who become aware of an internal report must clearly understand this obligation. Tipping off is not just a regulatory breach; it is a criminal offence carrying a maximum penalty of five years' imprisonment. There is a corresponding prejudicing-an-investigation offence in section 342, which captures conduct going beyond tipping off, including destroying, concealing or falsifying documents relevant to an investigation.

Penalties under POCA

The primary money laundering offences in sections 327 to 329 carry a maximum penalty of 14 years' imprisonment and an unlimited fine. The failure to disclose offence under section 330 carries a maximum of five years' imprisonment. Tipping off under section 333A carries a maximum of five years' imprisonment. These are not theoretical maximums. Convictions result in custodial sentences, and the confiscation regime under Part 2 of POCA allows courts to recover the proceeds of criminal conduct following conviction.

The Terrorism Act 2000

The Terrorism Act 2000 sits alongside POCA and creates a parallel set of offences specific to terrorist financing. The key provisions for regulated firms are in Part III of the Act.

Section 15 makes it an offence to invite another to provide money or other property, intending or having reasonable cause to suspect it will be used for the purposes of terrorism. Section 16 creates an offence of using money or property for the purposes of terrorism. Section 17 makes it an offence to enter into or become concerned in an arrangement facilitating the raising, acquisition, use, movement or control of terrorist property. Section 18 creates the money laundering offence specific to terrorist property: entering into, or becoming concerned in, an arrangement that facilitates the retention or control of terrorist property by concealment, removal from the jurisdiction, transfer to nominees, or otherwise.

The disclosure obligations for terrorist financing sit in sections 19 to 21B, which require persons in the regulated sector to report knowledge or suspicion of terrorist financing to the NCA. The same tipping-off prohibition applies.

The key distinction from the POCA regime is that terrorist property does not need to be the proceeds of crime. Funds raised legitimately but directed towards terrorist purposes are terrorist property. This requires a different risk lens: source of funds matters for money laundering; destination and use matters for terrorist financing.

The Criminal Finances Act 2017

The Criminal Finances Act 2017 introduced several significant measures that extended the UK's ability to recover criminal assets and tackle financial crime. The most practically significant for regulated firms are unexplained wealth orders and the corporate offence of failure to prevent the facilitation of tax evasion.

Unexplained wealth orders

Section 1 of the Criminal Finances Act 2017 introduced unexplained wealth orders (UWOs) into English law. A UWO is a court order that requires a person to explain the source of assets that appear disproportionate to their known lawful income. If a satisfactory explanation is not provided, the assets are presumed to be recoverable property and civil recovery proceedings can follow.

UWOs can be applied for by the National Crime Agency, HMRC, the Serious Fraud Office, the Financial Conduct Authority and the Director of Public Prosecutions. They apply to politically exposed persons and those suspected of involvement in serious crime. Their significance for compliance professionals lies in the signal they send: the regulatory expectation that firms understand the source of a customer's wealth is reinforced by a legal mechanism designed to compel that explanation when authorities have doubts.

Corporate failure to prevent the facilitation of tax evasion

Part 3 of the Criminal Finances Act 2017 created two corporate offences: failure to prevent the facilitation of UK tax evasion, and failure to prevent the facilitation of foreign tax evasion. These follow the model established by the Bribery Act 2010 and impose strict liability on relevant bodies, including companies, partnerships and limited liability partnerships.

A relevant body commits the offence if a person associated with it criminally facilitates tax evasion while acting in that capacity, and the body failed to prevent it. There is no requirement to show that senior management were aware or involved. The defence available is that the body had in place reasonable prevention procedures at the time of the facilitation. HMRC guidance identifies six principles: risk assessment, proportionate procedures, top-level commitment, due diligence, communication and training, and monitoring and review.

Other significant UK legislation

Sanctions and Anti-Money Laundering Act 2018 (SAMLA). Following Brexit, SAMLA gave the UK the powers needed to create its own autonomous sanctions regime and to maintain and update its AML and counter-terrorist financing framework independently of the EU. It provides the enabling powers under which UK sanctions regulations are made.

Economic Crime (Transparency and Enforcement) Act 2022. Introduced the Register of Overseas Entities, requiring overseas entities that own UK land to register their beneficial owners or managing officers. It also strengthened the unexplained wealth order regime and introduced provisions on sanctions enforcement.

Economic Crime and Corporate Transparency Act 2023. Being implemented in stages. Makes significant changes to Companies House, including identity verification requirements for directors and persons with significant control. It also created the failure to prevent fraud offence under section 199, which came into force on 1 September 2025 for large organisations.

The New Zealand legislative framework

New Zealand's AML regime is built on the Anti-Money Laundering and Countering Financing of Terrorism Act 2009 (the AML/CFT Act). The Act was passed in response to FATF evaluations that identified significant deficiencies in New Zealand's approach and has been amended and strengthened on several occasions since.

The AML/CFT Act applies to reporting entities, which include banks, life insurers, non-bank deposit takers, money changers, financial advisers and, since Phase 2 of the regime came into force, lawyers, accountants, conveyancers, real estate agents and certain other businesses and professions. Reporting entities are required to conduct risk assessments, maintain an AML/CFT programme, conduct customer due diligence, monitor transactions, and report suspicious transactions and prescribed transactions to the New Zealand Police Financial Intelligence Unit.

New Zealand has made a series of regulatory changes in recent years to make the regime more proportionate and clearer in its risk-based approach. The reform programme has continued into 2025 and 2026, with a small set of immediate statutory changes enacted through the Statutes Amendment Act in late 2025, and further AML/CFT amendment bills progressing through Parliament. In March 2025, the New Zealand Police Financial Intelligence Unit published a new National Risk Assessment, the first since 2019. Reporting entities in New Zealand should keep a close eye on updates from the Ministry of Justice and from their relevant supervisor.

The Australian legislative framework

Australia's AML and counter-terrorism financing framework is built on the Anti-Money Laundering and Counter-Terrorism Financing Act 2006 (the AML/CTF Act) and the Anti-Money Laundering and Counter-Terrorism Financing Rules Instrument 2007 (the AML/CTF Rules). The regime is administered by AUSTRAC, which acts as both regulator and financial intelligence unit.

The AML/CTF Act applies to reporting entities providing designated services. Following the Anti-Money Laundering and Counter-Terrorism Financing Amendment Act 2024, the regime also extends to certain high-risk services provided by lawyers, accountants, trust and company service providers, real estate professionals, dealers in precious stones, metals and products, and some virtual asset service providers, with those new obligations commencing from 1 July 2026.

Defences available under the UK framework

Consent (DAML). Under section 337, a person who makes an authorised disclosure to the NCA before carrying out a transaction has a defence to the primary offences in sections 327 to 329. The NCA has seven working days to refuse consent; if it does not refuse within that period, consent is deemed to have been given. In practice, the great majority of DAMLs result in deemed or express consent, and the transaction can proceed.

Lack of knowledge or suspicion. A person does not commit an offence under sections 327 to 329 if they did not know or suspect that the property was criminal property. This is not a defence that survives wilful blindness: deliberately avoiding knowledge that would give rise to suspicion does not prevent the offence being made out.

Adequate consideration. Section 329(2)(c) provides a defence to the acquisition, use and possession offence where a person acquires or uses property for adequate consideration, and did not know or suspect that the property was criminal property. Following R (World Uyghur Congress) v National Crime Agency [2024] EWCA Civ 715, the Court of Appeal held that this defence does not apply to the concealing or arrangement offences in sections 327 and 328.

Reasonable excuse. There is a defence to the failure to disclose offence under section 330 where the person had a reasonable excuse for not disclosing. This is a narrow defence and is unlikely to assist in straightforward cases where a regulated firm simply failed to file a report.

Penalties and enforcement: a comparative note

In all three jurisdictions, the consequences of AML non-compliance operate at two levels: criminal liability for individuals, and regulatory action against firms. The trend across all three is towards larger penalties and greater individual accountability.

Coming up in Session Three

Session Three covers the Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017 in detail. The MLRs sit beneath POCA in the UK framework and set out the specific compliance obligations for regulated firms: the risk assessment, policies and controls, customer due diligence, ongoing monitoring and record keeping.

The MLR 2017 have continued to evolve through amendments. Session Three works from the regulations as currently in force and flags where significant change is in progress.

Further reading and resources

The following primary sources are recommended alongside this session. All are publicly available.