As Australia strengthens its financial crime framework through the AML/CTF Amendment Act 2024, a new focus has emerged: Proliferation Financing (PF). Somewhat overshadowed by money laundering and terrorism financing, PF is a core risk area businesses must understand and address.
What is Proliferation Financing?1
Proliferation Financing generally refers to the use of funds or financial services to support the development, acquisition, or transfer of weapons of mass destruction (WMDs) including nuclear, chemical, biological, and even conventional weapons. This can occur in two main forms:
- Direct PF: Involves financial transactions directly linked to the trade of proliferation-sensitive goods and technologies. For example, a company unknowingly exporting dual-use goods (items with both civilian and military applications).
- Indirect PF: Involves revenue-raising activities that ultimately fund WMD programs. A notable example is North Korea's overseas operations, such as restaurants, IT services, and construction ventures which generate income used to support its weapons programs.
What does PF look like in practice?
PF can be subtle and complex. Common indicators include:
- Use of third-country front companies and multiple intermediaries
- Mislabelling goods, falsifying end-user information
- Opaque ownership structures and shell companies
- Trade in dual-use goods via transshipment hubs
- Involvement with high-risk jurisdictions like DPRK or Iran
These activities are often designed to exploit gaps in export controls, sanctions enforcement, and due diligence processes.
What does this mean for Australian businesses?
Under the AML/CTF Amendment Act 2024, reporting entities are now required to:
- Assess PF risk as part of their AML/CTF programs
- Mitigate identified risks through appropriate controls
Where the risk of PF has been assessed as low and can be appropriately managed and mitigated by existing policies, the rationale for the conclusion should be documented for the purpose of relying on the exception set out in section 26(f)(11) of the AML/CTF Act. Importantly, this is not a "checkbox" exercise. Reporting Entities who have assessed their PF risks as low and rely on their existing AML/CTF policies to mitigate and manage the risk of PF bear the legal burden to demonstrate why they are entitled to do so.
How should businesses respond?
To assess your PF risks, we recommend adopting athree-step risk assessment framework:
- Threat Identification: Understand whether and to what extent you are exposed to PF threats – consider state or non-state actors, sanctioned entities, or their proxies.
- Vulnerability Assessment: Identify weaknesses in your systems, products, or customer base that could be exploited.
- Consequence Analysis: Consider the likelihood of PF activities and their potential impact —legal, reputational, or national security-related—if PF were to occur.
Looking ahead
While the AML/CTF rules are still being finalised, the direction
is clear: PF risk management is now a core compliance obligation.
Businesses should review PF typologies and consider whether they
are applicable to their business. They should form part of your
ML/TF risk assessment, and where necessary your control framework
(e.g. staff training, transaction monitoring program and personnel
training).
As AUSTRAC continues to release guidance, flexibility will be key.
But one thing is certain—proliferation financing is no longer
a niche concern. It's a mainstream risk management and
compliance priority.
Footnote
1 A detailed technical definition is provided at Section 5 definitions of the AML/CTF Act.
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.
