Whether your club needs one, what the role actually does day-to-day, how the 2024 Amendment Act sharpened the expectations, and the structural difference between an AMLCO named on paper and one who's genuinely fulfilling the role. Working reference for club managers, general managers, and board chairs — not legal advice.
Working reference, not legal advice
AML/CTF obligations turn on whether the club is a reporting entity under the Act and on the specific designated services it provides. For a definitive view of your club's position, talk to an AML lawyer or a registered AML consulting firm.
Since the AML/CTF Amendment Act 2024 commenced on 31 March 2026, the AMLCO obligation sits in the Anti-Money Laundering and Counter-Terrorism Financing Act 2006 itself — Part 1A, Division 5 (ss.26J–26M). Section 26J(1) requires every reporting entity to designate an individual as its AML/CTF Compliance Officer (AMLCO). Section 26J(2) requires that individual to be employed or engaged at management level and to have sufficient authority, independence, and access to resources and information to perform the role effectively. Section 26J(3) sets eligibility — Australian residency where services are provided through an Australian permanent establishment, and a fit-and-proper person test. The AML/CTF Rules 2025 (Part 5) add detail; the role itself is statutory.
For most Australian registered clubs operating electronic gaming machines or handling cash at scale, “reporting entity” status is well established. The threshold question isn't whether the club has AML/CTF obligations — the threshold question is whether the operational machinery behind the AMLCO role is genuinely producing what the Act asks for.
The 2024 Amendment Act didn't introduce the role; it relocated it from the (now-retired) AML/CTF Rules 2007 — where AMLCO designation sat under former Rule 8.5, board and senior-management oversight under Rule 8.4, and independent review under Rule 8.6 — into the Act itself, and elevated the documentation, oversight, and independent-evaluation expectations the AMLCO is responsible for.
The structural failure mode the Act is alert to is the AMLCO who is named on paper but has no actual time, budget, or visibility into the program. Designation without substance is the pattern that draws supervisory attention.
Three sharpenings, all aimed at the AMLCO's documentation and oversight workload:
None of this is fundamentally new. The 2007 Rules already covered the same shape — the AMLCO role under former Rule 8.5, board and senior-management oversight under Rule 8.4, and independent review under Rule 8.6. What the 2024 reforms change is the statutory weight on documentation, governance, reporting and independent evaluation. For clubs whose AMLCO has been operating to a high standard, very little changes operationally. For clubs whose AMLCO has been treading water, the gap is harder to paper over.
If the club is a reporting entity under the AML/CTF Act 2006 (most clubs with electronic gaming machines, cash-handling at scale, or designated services that fall within s.6 of the Act and aren't covered by the s.233K exemption), then yes — s.26J of the AML/CTF Act requires the entity to designate an individual as its AML/CTF Compliance Officer (AMLCO) at management level, with sufficient authority, independence and access to resources to perform the role effectively. The AMLCO doesn't have to be full-time, doesn't have to be a separate hire, and in smaller clubs is typically the club manager or general manager wearing the AMLCO hat. The Act requires the role; it doesn't prescribe the headcount.
Three core duties. (1) Maintain the club's AML/CTF program — the venue's ML/TF risk assessment (AML/CTF Act ss.26C–26E) and AML/CTF policies (s.26F), kept current as the venue's operations or the regulatory environment change. (2) Oversee day-to-day AML/CTF operations — customer due diligence on patron onboarding (Part 2 of the Act), transaction monitoring against the policies' risk-based methodology, threshold-transaction-report (TTR) and suspicious-matter-report (SMR) lodgement, staff training, internal review. (3) Be the point of contact for AUSTRAC — supervisory correspondence, periodic compliance reports, any audit or enforcement engagement. The 2024 Amendment Act sharpened expectations on the second of these, particularly on the documentation behind the risk-based methodology.
The Act prescribes role-level eligibility, not a specific certification. Section 26J(2) requires the AMLCO to be employed or engaged at management level and to have sufficient authority, independence, and access to resources and information to perform the role effectively. Section 26J(3) adds that, where the venue provides designated services through a permanent establishment in Australia, the AMLCO must be an Australian resident, and must be a fit-and-proper person. In practice the role typically sits with the club manager, general manager, or compliance manager rather than with a junior staff member. Some AMLCOs hold an AUSTRAC online learning programme certificate or a tertiary AML qualification, but certification is not statutory — the regulator's focus is on competency demonstrated by program quality and operational outcomes.
The Anti-Money Laundering and Counter-Terrorism Financing Amendment Act 2024 (operative 31 March 2026) sharpened three things. First, the documentation standard behind the risk-based methodology — the AMLCO is now expected to be able to show, alert by alert, why the program flagged what it flagged, with rule, threshold, data and disposition linked for each flagged matter. Second, the elevated supervisory expectations on senior-management oversight — the governing body's AML/CTF responsibilities are now explicit in s.26H of the Act, and the AMLCO reports up to the governing body at least once every 12 months (AML/CTF Rules 2025 r.5-7(2)). Third, the reach into independent evaluation — the reporting entity must ensure an independent evaluation of the program is conducted at a frequency appropriate to the venue's nature, size and complexity, and at least once every three years (s.26F(4)(f)), with documented findings and remediation. The AMLCO typically coordinates the engagement, but the obligation sits on the entity and the evaluator cannot be the AMLCO or the compliance team.
Yes, and in most NSW registered clubs they are. The Act allows the AMLCO to hold other roles as long as the role has sufficient authority and is genuinely capable of being exercised. The pattern that draws AUSTRAC scrutiny is when the AMLCO is named on paper but in practice has no time, budget, or visibility into the program — that's the structural failure, not the dual-role itself. A club manager who treats the AMLCO duties as a real workload, with documented time and resources, is genuinely fulfilling the role.
The AMLCO is internal — they design, run, and maintain the AML/CTF program day-to-day. The independent evaluator is external — they conduct the independent evaluation the Act requires (s.26F(4)(f)) at least once every three years, and more often where appropriate to the venue's nature, size and complexity. The same person can't do both for the same club; the independence requirement is structural. Many clubs engage an external AML consultant, accounting firm or lawyer for the independent evaluation, while the AMLCO role is in-house. Some clubs also engage an external party to draft the initial program; once drafted, ongoing maintenance is the AMLCO's job, not the consultant's.
Six categories, each retained for seven years under the AML/CTF Act but with different start clocks. (1) The current AML/CTF program (risk assessment + policies) with its version history — retained seven years after the record is no longer relevant to Part 1A compliance (s.116). (2) Customer-due-diligence records — retained seven years after the business relationship ends (s.111). (3) Transaction-monitoring evidence — the rules that fired, the alerts that were generated, the dispositions (cleared / escalated / SMR) — retained seven years from when the record was made (s.107). (4) TTR and SMR submissions and any AUSTRAC correspondence about them — also seven years under s.107. (5) Staff training records — Part 1A program records, retained seven years under s.116. (6) Independent evaluation reports and the club's responses to findings — Part 1A records under s.116. All of this is what an inspector or AUSTRAC reviewer asks for if engaged. Most of it is also what the platform should produce automatically rather than requiring the AMLCO to assemble manually.
Highly variable. A small club with low EGM count, modest cash flow, and a clean operating record may see the AMLCO spend 2–4 hours a week on the role: review weekly transaction-monitoring outputs, sign off on SMRs (rare), update the program when something changes, oversee training. A larger club with heavy cash flow, multiple SMRs per quarter, complex patron-onboarding, and active AUSTRAC engagement may see the AMLCO spend 1–2 days a week. The variable that compresses the time most is whether the platform produces the evidence trail automatically or whether the AMLCO has to assemble it from scratch — the second case can quadruple the workload.
How to draft a defensible Suspicious Matter Report under the AML/CTF Amendment Act 2024.
Threshold Transaction Reports vs Suspicious Matter Reports — when each applies, when both apply, when neither does.
The AML-specialist comparison — consulting-triangle distribution, AUSTRAC domain depth, defensibility-architecture.
The single biggest variable in AMLCO workload is whether the evidence trail accumulates automatically or has to be assembled from scratch. First three months free, no card up front.