Australia’s financial intelligence regulator has ordered Binance Australia to appoint an external auditor, citing serious deficiencies in the crypto exchange’s anti-money laundering and counter-terrorism financing controls.
AUSTRAC said it had identified concerns with the local arm of Binance, Investbybit Pty Ltd, including the limited scope of the company’s most recent independent review relative to its size, range of products and risk profile. The agency also flagged high staff turnover, a lack of local resourcing and insufficient senior management oversight, raising questions about the adequacy of its governance.
The move follows AUSTRAC’s National Risk Assessment 2024, which highlights the growing vulnerability of digital assets to criminal abuse and comes amid intensified scrutiny of major players across the sector. Investbybit is registered with AUSTRAC as a digital currency exchange provider; Binance, founded in 2017, is the world’s largest centralised crypto exchange by trading volume and holds approvals or permissions in about 20 jurisdictions.
“AUSTRAC is committed to working with industry to ensure strong safeguards are in place to make it harder for criminals to move and conceal illicit funds using digital currencies,” Mr Thomas said.
“Big global operators may appear well resourced and positioned to meet complex regulatory requirements, but if they don’t understand local money laundering and terrorism financing risks, they are failing to meet their AML/CTF obligations in Australia.
“Businesses can have systems and processes that apply to multiple jurisdictions – but they need to reflect local regulatory requirements. The systems must adapt to the regulatory requirements, not the other way around.
“Understanding specific risks of criminality in the Australian context is crucial to ensure they’re meeting their reporting obligations here.”
AUSTRAC said businesses should get greater value from their independent reviews. “Businesses need to maximise the value of independent reviews and ensure appropriate testing and review across critical processes and controls. They should seek and expect a level of rigour and challenge.”
Mr Thomas added that expectations were higher for global operators with large transaction volumes. “This is a global company operating across borders in a high-risk environment. We expect robust customer identification, due diligence and effective transaction monitoring,” said Mr Thomas.
“I remind all digital currency exchanges to remain alert to transactions that indicate suspicious behaviour, including money laundering via scams and cybercrime and terrorism financing – the potential for these activities are much higher for global exchanges.
“Capacity and risk controls need to correspond to the size of a business and its market presence, particularly as it scales.
“All digital currency operators need to ensure they are complying with Australian law and limiting their exposure to crime.”
Binance Australia has 28 days to nominate external auditors for AUSTRAC’s consideration and selection.
The directive adds to mounting regulatory pressure on the exchange globally. In the United States last year, Binance and its founder, Changpeng Zhao, pleaded guilty to violating AML requirements, with the company agreeing to pay more than US$4 billion and Mr Zhao stepping down as chief executive. In Australia, Binance’s local derivatives arm had its Australian financial services licence cancelled in April 2023 following a targeted review, with the company saying it had requested the cancellation, and later lost access to some local bank transfer rails after a payments partner withdrew support.
AUSTRAC has been increasingly active in enforcing AML/CTF laws across high-risk industries, warning that controls must keep pace with rapid growth and international scale. Binance Australia has been contacted for comment.
