The AML Consultant.com

Last reviewed: May 2026  |  Compliance Sanctions Australia

Australian businesses operating in the financial services sector face binding obligations under one of the most
comprehensive international sanctions frameworks in the Asia-Pacific region. Whether you are a foreign exchange
provider, a bank, a payment institution, or a reporting entity under the Anti-Money Laundering and
Counter-Terrorism Financing Act 2006 (AML/CTF Act), your compliance with targeted financial sanctions is not
optional — it is a legal imperative enforced through criminal and civil penalties.

This guide consolidates the full Australian international sanctions compliance framework for financial services
practitioners. It covers the legal architecture, each active sanctions regime, core obligations, screening
requirements, penalties, and the due diligence framework administered by the Australian Sanctions Office (ASO)
within the Department of Foreign Affairs and Trade (DFAT).

What Are International Sanctions?

International sanctions are legally binding measures that restrict dealings with specific persons, entities, goods,
and services. They are imposed by the United Nations Security Council (UNSC) or by individual states acting
autonomously, and they pursue foreign policy and national security objectives — including deterring armed
aggression, countering terrorism and proliferation financing, and pressuring governments engaged in human rights
violations.

In the Australian context, sanctions take two principal forms:

• UN-mandated sanctions — imposed through UNSC resolutions that are binding on all UN member
  states. Australia implements these via the Charter of the United Nations Act 1945 (Cth) and subsidiary
  regulations.
• Autonomous (unilateral) sanctions — imposed independently by Australia under the Autonomous
  Sanctions Act 2011 (Cth), generally in coordination with like-minded partners (the EU, the UK, the US,
  Canada, and others) but without requiring a UNSC resolution.

Targeted financial sanctions (TFS) are the most operationally significant category for financial services
businesses. They prohibit dealing with the assets of designated persons and entities, and prohibit providing
financial services to or for the benefit of those persons.

Australia’s Sanctions Legal Framework

Three Acts form the legislative backbone of Australia’s sanctions regime. Financial services practitioners must be
familiar with all three.

1. Autonomous Sanctions Act 2011 (Cth)

The principal Act governing Australia’s autonomous sanctions. It authorises the Minister for Foreign Affairs to
make regulations imposing targeted sanctions against designated persons and entities, and against specified
countries and regions. Key features:

• Empowers the making of Autonomous Sanctions Regulations 2011 (Cth) which set out designation criteria
  for each sanctions regime.
• Creates civil and criminal offences for dealing with designated assets or providing sanctioned services.
• Provides the due diligence defence in section 17 — a critical protection for compliant
  businesses (see below).
• Administered by the Australian Sanctions Office (ASO) within DFAT.

2. Charter of the United Nations Act 1945 (Cth)

Enables Australia to give domestic legal effect to UNSC resolutions, including those imposing targeted financial
sanctions. Subsidiary regulations made under this Act implement sanctions against specific countries and groups —
for example:

• Charter of the United Nations (Sanctions — Iran) Regulation 2016
• Charter of the United Nations (Sanctions — Democratic People’s Republic of Korea) Regulations 2008
• Various regulations for ISIL/Da’esh, Al-Qaida, the Taliban, and other UN-designated entities.

3. Criminal Code Act 1995 (Cth)

Criminalises the financing of terrorism and proliferation financing, including dealings with assets connected to
designated terrorist organisations and WMD-related entities. Chapter 4 of the Code creates the primary
counter-terrorism financing offences. Contravention can attract the most severe penalties in the sanctions
framework.

Key Australian Sanctions Regimes

Australia currently administers sanctions across multiple regimes. The following are the most significant for
financial services businesses:

Russia and Specified Ukraine Regions

Australia imposed comprehensive autonomous sanctions in response to Russia’s invasion of Ukraine. Designated
persons include Russian and Belarusian government officials, military commanders, oligarchs, financial institutions,
and state-connected entities — over 1,200 entries as at May 2026. Sanctions prohibit financial services, asset
dealings, and include travel bans. The Autonomous Sanctions Regulations 2011 set out designation criteria. Read the full Russia sanctions guide →

Iran

Iran is subject to both UN Security Council sanctions (implemented via the Charter of the United Nations
(Sanctions — Iran) Regulation 2016) and Australian autonomous sanctions. Iran-related sanctions include
restrictions on financial services connected to nuclear and arms-related activities, asset freezes for designated
persons, and travel bans. Proliferation financing risk is particularly acute. Read the full Iran sanctions guide →

Democratic People’s Republic of Korea (DPRK)

DPRK is subject to the most comprehensive UN sanctions regime in operation — implemented in Australia via the
Charter of the United Nations (Sanctions — DPRK) Regulations 2008 and Australian autonomous sanctions. All
financial services to DPRK government entities and affiliated persons are prohibited. Proliferation financing risk
(WMD and ballistic missile programmes) is the primary concern. Read the counter-terrorism and UN
sanctions guide →

Myanmar

Autonomous sanctions targeting senior military officials and junta-connected entities, imposed in response to the
February 2021 coup. Designated persons are subject to asset freezes and travel bans. The regime is updated
periodically by Ministerial declaration.

Counter-Terrorism / UNSCR 1373

Australia designates individuals and entities under the UNSCR 1373 counter-terrorism framework. Critically, this
framework does not impose travel bans — meaning designated individuals may be present in Australia. This creates a
specific residual risk for businesses relying solely on border clearance as a safeguard. The Criminal Code creates
the primary offences. More on
counter-terrorism sanctions →

Other Active Regimes

Australia also maintains sanctions against Syria, Zimbabwe, Sudan, South Sudan, Lebanon, Yemen, Somalia/Al-Shabaab,
Libya, Iraq, the Democratic Republic of Congo, the Central African Republic, Guinea-Bissau, Haiti, and under
thematic frameworks targeting serious corruption, human rights violations, and malicious cyber activity.

Who Must Comply?

Australian sanctions obligations bind a wide range of persons and entities:

• All Australian persons and entities — including Australian citizens, residents, and
  Australian-incorporated entities, wherever they are located.
• All persons in Australia — including foreign nationals and foreign entities operating within
  Australian territory.
• Reporting entities under the AML/CTF Act — including banks, credit unions, payment providers,
  foreign exchange dealers, remittance service providers, and other designated service providers.
• AFSL licensees — Australian financial services licence holders conducting transactions that may
  involve international counterparties.

There is no de minimis threshold. Sanctions obligations apply regardless of the value of the transaction.

Core Compliance Obligations

1. Sanctions Screening

All customers, counterparties, and their beneficial owners must be screened against the DFAT Consolidated List
before conducting any transaction or establishing any business relationship. Screening must be repeated periodically
and whenever there is a material change in the relationship. For detailed guidance on screening processes, see our
DFAT Consolidated List Screening guide.

2. Asset Freezing and No-Dealing Obligations

Where a designated person’s assets are identified, those assets must be frozen immediately. You must not:

• Deal with, transfer, or make available any asset owned or controlled by a designated person;
• Provide any financial service to, or for the benefit of, a designated person;
• Accept false identification or facilitate anonymous transactions that obscure whether a party is designated.

These prohibitions apply whether the dealing is direct or indirect, and regardless of the form of the asset
(including physical currency).

3. Reporting Obligations

Upon identifying or suspecting a sanctioned party or sanctioned transaction:

• Notify the Australian Sanctions Office (DFAT) as soon as practicable.
• Notify the Australian Federal Police (AFP) where terrorism or proliferation financing is
  suspected.
• Submit a Suspicious Matter Report (SMR) to AUSTRAC:
  • Within 24 hours where terrorism financing (including WMD-related sanctions breaches) is
    suspected.
  • Within 3 business days for all other sanctions-related suspicious matters.
• SMRs must be submitted via the AUSTRAC Online platform in compliance with section 41 of the
  AML/CTF Act.

4. Record-Keeping

All sanctions screening records, SMRs, ECDD documentation, incident register entries, and related communications
must be retained for 7 years after the business relationship ends or the transaction is completed.
Records must be stored in a form that ensures their integrity and accessibility for regulatory review.

The DFAT Consolidated List

The DFAT Consolidated List is Australia’s primary sanctions reference, maintained by DFAT’s Australian Sanctions
Office. As at May 2026, the list contains approximately 3,800+ entries across all active Australian sanctions
regimes. It is updated in real time and is publicly available at dfat.gov.au.

The Consolidated List is not, however, an exhaustive screening resource. It must be supplemented with:

• UN Security Council Consolidated List — encompassing all UNSC-designated persons and entities
  globally;
• OFAC Specially Designated Nationals (SDN) List — United States Treasury sanctions, often
  applied extraterritorially;
• EU Consolidated Financial Sanctions List;
• UK OFSI Consolidated List; and
• Internal blacklists and adverse media databases maintained by the reporting entity.

For a detailed guide to screening methodology and supplementary lists, see DFAT Consolidated List Screening: A
Practical Guide.

Penalties for Non-Compliance

The penalties for breaching Australian sanctions law are severe:

Individuals and corporations can be held personally liable. Directors and officers who are knowingly involved in a
contravention face personal criminal exposure.

The Due Diligence Defence (s.17, Autonomous Sanctions Act)

Section 17 of the Autonomous Sanctions Act 2011 provides a partial defence to civil liability (and is
relevant to criminal intent elements) where the defendant proves that they:

1. Took reasonable precautions to avoid the contravention; and
2. Exercised due diligence to avoid the contravention.

This defence is not automatic. It requires documented, systematic compliance activity. The DFAT Sanctions Risk
Assessment (SRA) tool is a key mechanism for building a defensible due diligence record. Businesses that cannot
demonstrate a structured and documented compliance programme will not be able to rely on this defence.

The DFAT Sanctions Risk Assessment (SRA) Framework

DFAT’s Australian Sanctions Office publishes a structured Sanctions Risk Assessment (SRA) tool to
help regulated entities assess the sanctions risks associated with their activities. Last updated 12 December 2024,
the SRA is organised into two parts:

• Part A — Association with a Designated Person or Entity (TFS): Four questions assessing direct
  and indirect risk of providing assets to, or dealing with assets of, designated persons. Relevant to virtually all
  financial services activities.
• Part B — Association with a Sanctioned Country, Region, or Terrorist Group: Questions
  addressing sanctioned supply, import, commercial activities, and financial services nexus to sanctioned
  jurisdictions.

The SRA should be completed and documented as part of the enterprise-wide risk assessment cycle and retained as
part of the due diligence record supporting a s.17 defence.

Frequently Asked Questions

Does sanctions compliance apply to all financial transactions, or only above a certain value threshold?

Sanctions obligations apply to all transactions, regardless of value. There is no de minimis exception in
Australian sanctions law. Even a small-value currency exchange to a designated person is prohibited.

Is the DFAT Consolidated List alone sufficient for sanctions screening?

No. The DFAT Consolidated List covers Australian autonomous and UN-derived sanctions designations, but must be
supplemented with the UN Security Council Consolidated List, the OFAC SDN List, and other relevant lists depending
on your counterparty profile and business activities. Most compliance teams use a third-party screening provider
that aggregates multiple lists.

What is the difference between the Autonomous Sanctions Act and the Charter of the United Nations Act?

The Autonomous Sanctions Act 2011 enables Australia to impose sanctions independently of a UNSC
resolution — for example, in response to Russia’s invasion of Ukraine. The Charter of the United Nations Act
1945 implements UNSC resolutions into Australian law — for example, UN sanctions against Iran, DPRK, and
ISIL. Both Acts can apply simultaneously to the same regime (e.g., Iran is subject to both UN and autonomous
Australian sanctions).

What should we do if a customer matches a sanctions list?

Immediately suspend the transaction and do not return any tendered assets. Investigate the match to determine
whether it is a confirmed match or a false positive. If confirmed: freeze assets, notify DFAT (Australian
Sanctions Office), notify the AFP if terrorism is involved, and submit an SMR to AUSTRAC within the applicable
timeframe. Do not tip off the customer.

How often should we update our sanctions risk assessment?

At least annually, and immediately when a material change occurs — such as a new sanctions regime, a significant
change in your customer base or business activities, or a regulatory communication that identifies new risk.

Are Australian citizens ever listed on Australian sanctions lists?

Very rarely. The vast majority of entries on the DFAT Consolidated List are foreign nationals. A small number of
Australian-connected individuals appear on counter-terrorism lists under the UNSCR 1373 framework. Australian
entities incorporated domestically can also become subject to sanctions if they are owned or controlled by a
designated person, even if the entity itself is not directly listed.

Does border clearance by the Australian Border Force (ABF) remove our obligation to screen?

No. ABF clearance is an inherent risk mitigant — designated persons subject to travel bans are ordinarily
refused entry — but it is not a substitute for your own screening obligations. Australian citizens and residents
can be designated, and persons may enter Australia before being designated. Your independent screening at the
point of transaction is legally required.

Related Articles

This article is general information only and does not constitute legal advice. Australian sanctions law is
complex and subject to frequent change. Financial services businesses should seek independent legal advice and
refer directly to DFAT guidance for their specific circumstances. DFAT’s Australian Sanctions Office can be
contacted at sanctions@dfat.gov.au.