Decoding the financial crime regulation signals in Southeast Asia and Australia 

Key takeaways

1. Financial crime regulation is evolving and strengthening
   Southeast Asia and Australia are seeing more detailed financial crime regulations, focusing on threats like scams and money laundering, with clear frameworks and enforcement.
2. Regulatory enforcement and guidance are becoming more proactive
   Cases like Singapore’s $3bn scandal have led to stricter enforcement and clearer guidance on customer risk, source of wealth, and sharing red flags.
3. Scam prevention and consumer protection are high priorities
   Regional authorities now require real-time information sharing and advanced transaction monitoring, with national scam centers facilitating rapid response.
4. AUSTRAC and AML/CTF reform in Australia is a major focus
   AUSTRAC is driving significant reforms, requiring both current and new entities to assess and mitigate money laundering risks, and improve reporting.
5. Institutions must invest in robust, adaptable compliance models
   Organizations must upgrade financial crime programs with real-time data and automation to meet evolving regulatory expectations.

Financial crime regulation guidance is more detailed and developed than ever 

Southeast Asia and Australia have seen financial crime regulation and guidance blossom in the wake of large economic threats. These include scams, illegal online gaming, and proceeds of crime being invested into developed economies. 

Couple this with the international watchdog, the Financial Action Task Force (FATF), conducting mutual evaluations under a revised set of global standards on some of its largest members in Asia this year and next, and we have an environment of change and opportunity to enhance the way financial crime is prevented and detected. 

Regulators in Singapore, Malaysia, the Philippines, and Australia – among others – have provided clear priorities and expectations. In Australia’s case, this has been labelled as a once in a generation chance to land an anti-money laundering (AML), counter-terrorist financing (CTF) and counter-proliferation financing (CPF) framework. This structure leverages the best of industry and law enforcement to deter criminal actors. 

Here we decode the regulations and make the calls to action clear. 

A tiger team approach to lifting financial crime prevention effectiveness 

The very public $3bn money laundering case in Singapore has tested how all players stand against a money laundering syndicate.  This includes local, international, mainstream banking, and associated financial services.

Equipped with proceeds mainly from illegal gaming, criminal actors invested in property, luxury goods, and other liquid assets. Since the breaking details of this case in late 2023, we have seen carefully executed reviews by the Monetary Authority of Singapore (MAS). This has culminated in last month’s almost S$30m of penalties to nine different businesses, with additional penalties and restrictions placed on some employees of those firms who dealt with the bad customers.  

Details of the MAS guidance

The details of the guidance released to industry in late 2024 came more clearly into focus with these enforcement actions: 

• Customer risk assessment must consider even the most basic factors, including multiple nationalities, by asking questions of customers and, importantly, having an effective process to probe deeply into why a customer would need or want to hold multiple citizenships and invest in Singapore.  

• Red flags must be shared across business lines to enable the conduct of due diligence. Examples include identifying inconsistencies in documents; don’t just notice but probe deeply for a legitimate purpose. 

• Source of wealth requires rigor in the process. If large amounts of money come to Singapore declared as a gift, the links between the source and the customer must be verified. 

• Reporting is not risk management. Finding a risk and reporting a suspicious matter is not where risk management stops. Consideration of transaction restrictions or even expedited exit are examples of what post-reporting risk mitigations look like. 

It’s clear that with robust financial crime programs for the likes of AML transaction monitoring and customer due diligence (CDD), risk triggers on key indicators, and supporting workflows to engage financial crime teams to think about risk and mitigate it, will be core to the success of regulated entities operating in Singapore. 

A scam too many — moving from laundering the proceeds of crime, to preventing the stealing of money from vulnerable people  

Authorities in Malaysia, Singapore, the Philippines, Australia, and elsewhere in Southeast Asia, have progressed efforts to protect consumers and businesses from falling victim to scams. Importantly, they are also mandating measures to inform citizens of threats and requiring industry to introduce stronger safeguards. 

While AML, CTF, and CPF have long had supporting regulation, fraud and scams are areas that have more been governed only by the rules of participating in a payment channel. That is until recently, when enforceable regulation and central bank guidance to industry have changed the scam domain. 

Information sharing via national centres and mandated capability in surveillance of customer transactions are the two themes to emerge across markets in the fight against scams. 

• Singapore, Malaysia, and Australia (with many in Southeast Asia to follow) have established national scam centres to bring sharing threat information into real-time to enable citizens and provide the information for industry to act to protect their customers.  
  • And in some countries, like Malaysia and Australia, authorities have mandated that industry must act on information received through these channels or face regulatory enforcement. 
• Malaysia, Australia, and the Philippines have mandated capability measures, including selections of the following in each market: 
  • real-time monitoring,  
  • enhanced customer notifications,  
  • use of biometric monitoring,  
  • confirming payee details, and  
  • advanced methods of authentication. 

For the industry to remain vigilant and compliant in their role to reduce the impact of scams —including the ability to receive and use information quickly, including application into monitoring systems, and to detect unusual customer behaviors that may give rise to a scam loss – robust transaction monitoring and risk signal processing are a must on the capability to-do list for financial crime teams. 

Prepare for the changing financial crime regulations today 

Australia’s long-awaited AML reforms are here. The regulator is making clear on what is expected from existing and newly regulated entities between now and 2026. Though more detailed rules and guidance will be released by July 2026, there is no excuse to stop and wait. 

Decoding the following is straightforward: “AUSTRAC does not expect perfection on day one. However, we do expect you to maintain your focus on reducing your money laundering risks.” 

Know your risks, have a plan, and act on those risks are clear components in what AUSTRAC is saying to the banks, gaming companies, and other well-established AML regulated entities as well as the newest members of the framework in lawyers, accountants, real estate, and jewellers. 

Five key takeaways for those entities currently under the regime:

These can be summarized as don’t stop the fight against financial crime and act now to make change. 

1. Understand your risks and keep going with effective financial crime prevention controls 
2. Develop and document the implementation plans for the AML reforms 
3. Show sustained effort on the implementation program 
4. Continue to manage ML/TF risks 
5. Act now to review your framework and make it better 

Five key takeaways for those new to the AML regulations: 

1. Enroll as a reporting entity – self-identify that you are ready to comply 
2. Establish an AML Program – it can change and evolve over time. Base it on what you know about risk and regulation currently 
3. Appoint your AML compliance officer 
4. Train your staff on your program and processes 
5. Be ready to start asking customers questions. If you think there is a risk, report where necessary those suspicions to AUSTRAC 

AUSTRAC and AML Reforms

AUSTRAC has doubled down on what is expected to manage AML Reforms and has released their focus areas for regulation. This is only the second time that this has occurred and covers the period of July 2025 to June 2026.  

AUSTRAC’s first stated priorities have provided a clear line of sight to supervisory activities and actions taken when non-compliance is present, for example: payments, gold bullion and crypto-related services.

The five key areas to note beyond the priority of AML reforms: 

• If you’re not reporting any, or very little, suspicious matters, this needs to change. 
  • AUSTRAC is seeking better understanding of risk to link to compliance with SMR obligations. 
• Maturity of digital currency exchange businesses in managing ML/TF risk is variable. 
  • AUSTRAC wants to see this improve and will use their registration framework to support only businesses who are competent in understanding and executing financial crime controls. 
• Cash is a mainstay of money laundering. 
  • AUSTRAC flags that businesses that are vulnerable to the risk of cash in money laundering need to enhance their risk management. This is consistent with the recent national risk assessment,
• Keep your enrollment details up to date. 
  • Seems simple, but if key details in enrollment are not updated, expect AUSTRAC to use infringement notices to seek remedy. 
• Build capacity in the Pacific.  
  • AUSTRAC has flagged an increasing role in the capability and coordination for ML/TF risk mitigation in the Pacific. This comes as no surprise given the proximity of Australia (and New Zealand), in addition to the many Australian businesses that facilitate financial services (including banking and remittance) for many island nations.  

Whether it is acting on the reforms now or identifying which of the key priorities for AUSTRAC will impact your organization – it is clear the time to reassess the suitability of financial crime program design and systems are fit for purpose for this next generation of financial crime mitigation. Agentic automation, real-time capabilities, risk signals, and insights will be hallmarks of successful financial crime programs in the forthcoming years. 

Redefine your financial crime compliance operating model 

As we enter the second half of 2025, the signals are clear from the regulators. They are seeking to work with industry to protect the integrity of the financial system and prevent harm to their citizens from criminals seeking to make or move illicit money. 

SymphonyAI is an AI vertical expert, delivering advanced, domain-trained AI solutions that empower financial institutions to proactively prevent financial crime. Organizations can also master regulatory complexity, and drive business transformation with trusted, real-time intelligence. With over 25 years of experience, we combine our pedigree with innovation to help financial institutions navigate APAC with transparency and confidence as a trusted, strategic partner. 

Contact us to find out more. 

Related resources

10 essential components for effective regulatory engagement management

Regulation meets AI: How financial regulators are approaching AI adoption

Assisting the Proposed Model AI Governance Framework for Generative AI