By My CPE Pty Ltd | February 2026
This is the second Blog in our series on AML/CFT Awareness, and it focuses on the concept of “Personnel Due Diligence”.
What: Personnel due diligence and training obligations apply to any person a reporting entity employs or engages. This includes both individuals and non-individuals.
Reporting entities are required to determine which personnel perform or are expected to perform AML/CTF functions and ensure appropriate due diligence and training are completed before those individuals commence their duties.
Personnel due diligence involves assessing skills, knowledge, expertise and integrity.
For Tranche 2 entities, personnel due diligence and training must be finalised before the 1 July 2026 implementation date; otherwise, staff required to undertake AML/CFT responsibilities will need to be reassigned.
Why: Reporting Entities must conduct personnel due diligence to assess the people they employ or engage to perform AML/CTF roles.
This helps protect the business by:
- Ensuring only suitable people perform AML/CTF functions
- Reducing the likelihood of internal fraud.
Personnel due diligence must be conducted:
- Before employing or engaging the person
- On an ongoing basis throughout their employment or engagement.
How: The AML/CTF Program (e.g. policies and procedures) must ensure initial and ongoing personnel due diligence is conducted and documented for all workers employed or engaged.
AUSTRAC expect reporting entities to do the following, in addition to outlining how they meet these obligations in their AML/CTF policies:
- Assess the roles that require personnel due diligence
- Ensure personnel due diligence is appropriate to the risk associated with the individual’s role
- Ensure personnel due diligence is appropriate to the seniority of the role
- Develop procedures to assess and determine if an individual has the skills, knowledge and expertise to perform their AML/CTF functions
- Perform checks to assess the integrity of personnel, including background checks where appropriate
- Schedule frequency and triggers for periodic reassessment to ensure ongoing suitability and compliance
- Respond to adverse assessment outcomes appropriately
- Retain documents relating to all assessments and decisions that are reasonably necessary to demonstrate compliance.
Strengthening Your AML/CTF Compliance: Personnel Due Diligence and Training
Ensuring compliance with Anti-Money Laundering and Counter-Terrorism Financing (AML/CTF) obligations begins with your personnel. Conducting thorough due diligence and providing tailored training for all relevant staff is not just best practice but a regulatory requirement.
Conducting personnel due diligence before and during a person’s employment or engagement involves assessing the person’s skills, knowledge and expertise relevant to their AML/CTF responsibilities, and importantly, their integrity.
The level of due diligence must be tailored to the person’s role and the ML/TF risks associated with it. For example, a customer-facing staff member who is responsible for ensuring that customers fill out onboarding documentation would require more basic personnel due diligence than the AML/CTF Compliance Officer, who is responsible for overseeing the effectiveness of the entire AML/CTF program.
Who Needs Due Diligence and Training?
Your obligations extend to all individuals and entities involved in AML/CTF functions, including:
- Employees across your organisation
- Contractors, consultants, volunteers, or interns – whether paid or unpaid
- Staff employed by service providers you engage to perform AML/CTF activities.
Personnel performing functions relevant to AML/CTF obligations may include:
- Individuals in governance roles, such as board members, senior managers, or AML/CTF compliance officers
- Staff with responsibilities under your AML/CTF program
- Roles exposed to potential money laundering (ML) or terrorism financing (TF) risks
- Others who support or contribute to fulfilling your AML/CTF obligations.
Identifying Relevant Roles
A practical approach involves:
- Listing all roles that support your AML/CTF obligations
- Mapping the responsibilities associated with each role
- Using this information to develop your Training Plans.
For example:
AML/CTF Obligation | Roles | Key Responsibilities |
Customer due diligence (CDD) | Customer-facing personnel, account/relationship managers, onboarding analysts | Interacts with customers, conducts onboarding, verifies identity |
Ongoing CDD | AML/CTF compliance officer, financial crime teams, QA teams | Monitors transactions, detects unusual patterns, manages risk |
Suspicious activity reporting | Customer-facing personnel, compliance officer, financial crime teams | Identifies and escalates suspicious activity, submits reports |
Threshold transaction reporting | Operations personnel, payment processors, risk/fraud teams | Processes transactions, submits threshold reports |
Compliance oversight | Compliance officers, legal, internal audit, senior managers, external consultants | Oversees compliance, conducts risk assessments, develops policies |
Governance and oversight | Board members, senior managers, AML/CTF compliance officer | Implements AML/CTF program, sets strategic direction |
Systems and controls | IT teams managing KYC, transaction monitoring, record-keeping | Designs systems, implements monitoring and reporting controls |
Third-party service providers | Outsourced personnel performing AML/CTF tasks | Performs functions on behalf of your business |
Non-Individual Considerations
Your due diligence obligations also extend to non-individual entities engaged to perform AML/CTF functions, including companies, trusts, partnerships, corporations, and statutory bodies. Even when outsourcing, your organisation remains responsible for ensuring compliance.
Identifying High-Risk Roles
Not all roles carry the same level of risk. Identifying high-risk positions ensures that due diligence and training are appropriately tailored. High-risk roles may involve:
- Exposure to collusion or coercion by criminal groups
- Access to sensitive data, systems, or high-value transactions
- Authority to override or bypass internal AML/CTF controls.
Consider whether the role can:
- Influence or design AML/CTF policies
- Authorise payments or international funds transfers
- Submit reports, such as threshold transaction reports (TTRs) or suspicious matter reports (SMRs)
- Amend customer risk profiles or audit trails
- Manage outsourcing or contracting arrangements.
Next Steps
To comply with your AML/CTF obligations, it is essential to:
- Conduct personnel due diligence tailored to the risk level of the role
- Provide AML/CTF training that equips staff with the knowledge and skills to fulfil their responsibilities effectively.
Taking these steps not only ensures regulatory compliance but also strengthens your organisation’s resilience against financial crime.
Tip: Initial personnel due diligence must be conducted before a person begins performing AML/CTF-related functions.