Written by Fintax
News Overview
In late August 2025, the Australian Transaction Reports and Analysis Centre (AUSTRAC) announced that it had ordered Binance Australia ("Binance Australia") to appoint an external auditor to review its anti-money laundering program. AUSTRAC stated that this decision was made after identifying serious deficiencies in Binance's anti-money laundering and counter-terrorist financing controls. The regulator also expressed concerns about Binance's high employee turnover, lack of local resources, and lack of senior management oversight—raising questions about the adequacy of Binance's anti-money laundering and counter-terrorist financing governance. Binance Australia has 28 days to nominate an external auditor for AUSTRAC's consideration and selection.
Matt Poblocki, Binance's General Manager for Australia and New Zealand, stated that Binance acknowledged AUSTRAC's decision, adding that the move "is part of their regulatory review, not an enforcement action." AUSTRAC CEO Brendan Thomas noted that the 2024 National Risk Assessment emphasized that crypto assets are increasingly vulnerable to abuse by criminals, and that the action against Binance is the result of its involvement in key industry regulation. "This is a global company operating across borders in a high-risk environment. We expect it to conduct rigorous customer identification, due diligence, and effective transaction monitoring," he said. "All crypto operators need to ensure they comply with Australian law and curb related criminal risks."
FinTax Review
In Australia, entities providing encryption services must register as reporting entities with the Australian Transaction Reports and Analysis Centre (AUSTRAC) and comply with Australia's anti-money laundering and counter-terrorism financing (AML/CTF) laws. An important part of AML/CTF compliance is ensuring that a company's AML/CTF program (primarily policies and procedures) is subject to independent review. The independent review report must explain how the company fulfills its AML/CTF obligations, including management oversight procedures, corporate money laundering and terrorist financing risk assessments, record-keeping procedures, AUSTRAC reporting obligations, and ongoing customer due diligence, and must assess whether the AML/CTF program is effectively implemented. Australia's AML/CTF regulatory framework is primarily based on the Anti-Money Laundering and Counter-Terrorism Financing Act 2006 and its amendments. The Act stipulates that relevant entities should conduct "regular" independent reviews, taking into account the nature and scale of the business, the complexity of the services provided, and the level of money laundering and terrorist financing risks faced by the business.
According to AUSTRAC's public press release, Binance was requested to undergo an external audit due to concerns regarding the adequacy of its anti-money laundering and counter-terrorist financing controls. These concerns stemmed from a number of factors, including Binance's high employee turnover, a lack of local resources and senior management oversight, and the limited scope of its most recent independent review relative to its size, operations, and risk assessment. These issues collectively led to compliance deficiencies in Binance's AML/CTF obligations in Australia.
Since the beginning of this year, AUSTRAC has been strengthening its controls over cryptocurrency exchanges and has taken a series of regulatory or enforcement actions against entities suspected of failing to comply with certain requirements. In May, AUSTRAC fined Melbourne-based exchange Cointree $75,120 for delays in submitting suspicious matter reports related to potential money laundering, which hindered the timely implementation of enforcement actions. AUSTRAC has previously taken regulatory action against 13 remittance service providers and cryptocurrency exchanges, and issued compliance warnings to over 50 institutions. Furthermore, regarding the latest policy changes, the latest amendments to Australia's Anti-Money Laundering and Counter-Terrorism Financing Act 2006 were passed by Parliament in November 2024. Key compliance obligations will take effect on March 31 or July 1, 2026 (depending on the entity). The updated legislation aims to align Australia's anti-money laundering and counter-terrorist financing measures with global standards set by the Financial Action Task Force (FATF) and expand AUSTRAC's investigative and enforcement powers. The Act also expands its regulatory scope to include more crypto-asset-related services to address the unique risks of the industry. Starting in March 2026, AUSTRAC will require crypto businesses to obtain user data and report financial transaction information. In July 2025, AUSTRAC also released its 2025-2026 regulatory priorities, emphasizing that "this year marks a shift in regulatory paradigm—from one focused primarily on compliance to one focused on substantive risks and hazards." The legislation also emphasizes a focus on the high-risk sector of the crypto industry.
Against this backdrop, AUSTRAC's anti-money laundering audit order against Binance Australia is one of the latest measures implemented to curb illicit financial activities in the crypto space and a reflection of the tightening global government regulation of cryptocurrency exchanges. Indeed, as governments around the world increase their regulatory oversight, the crypto industry's understanding of compliance is shifting. For many crypto companies, compliance is increasingly viewed as an inherent competitive advantage, with audit compliance being a key aspect of this.
In light of Binance's anti-money laundering audit in Australia, crypto companies may need to pay more attention to two areas in the future. First, local governance. As AUSTRAC CEO Thomas stated in a statement, "Large global operators may appear well-resourced and able to comply with complex regulatory requirements, but if they do not understand local money laundering and terrorist financing risks, they will not be able to meet their obligations to conduct such activities in Australia." Although Binance holds regulatory approvals or licenses in approximately 20 jurisdictions, these licenses are not uniform across all jurisdictions, requiring it to adapt to the regulatory requirements of each country. Regulators tend to favor crypto companies with strong local teams and extensive local resources, which in turn leads to a better understanding of local market risks and regulations, which is crucial for achieving compliance. Second, audit compliance. AUSTRAC has required Binance's Australian auditors to strengthen their audits, and regulators in other countries may also introduce similar regulations, making "external audit orders" a standard regulatory tool in the crypto sector to ensure that crypto companies effectively assume their audit compliance responsibilities. From another perspective, focusing on audit compliance is not just about avoiding penalties, but about building a sustainable business model and strengthening the ability to address regulatory challenges.
From Australia to the world, countries are striving to build a comprehensive and effective crypto regulatory system, but this is accompanied by ongoing regulatory uncertainty. Some of this uncertainty translates into compliance risks for crypto market participants.
For crypto companies, they can consider: (1) improving the independent review mechanism, pre-planning the response process for triggering external audits, and keeping relevant records. Ensure that their own AML/CTF plans have been fully independently reviewed and appropriately tested in the key processes and control measures of the independent review. The frequency and scope of the independent review can be matched with factors such as business scale and risk level to better meet actual needs; (2) supplement local resources and strengthen localized governance. Appropriately expand the local team, dynamically fine-tune the corporate system in combination with the regulatory guidelines and law enforcement trends of various jurisdictions, and enhance consistency with the regulatory expectations of local departments. In short, the incident of AUSTRAC launching an anti-money laundering audit on Binance Australia reminds the crypto industry that there is still room for improvement in focusing on audit compliance and localized governance, which is closely related to cultivating trust in the crypto ecosystem and achieving sustainable innovation and development.
