Australia’s anti-money laundering regulator has warned gambling operators that systemic weaknesses in compliance controls are still being exploited by criminals, even as the country prepares for sweeping reforms to its AML regime later this month.
Speaking at the Regulating the Game 2026 conference in Sydney, AUSTRAC (Australian Transaction Reports and Analysis Center) Chief Executive Brendan Thomas said gambling remains a key frontline sector in the fight against financial crime, but highlighted a series of recurring compliance failures uncovered during regulatory work with operators. “Gambling is deeply embedded in Australia’s social fabric and in our economy,” Thomas told delegates. “But it is also routinely targeted by criminals seeking to move illicit funds through legitimate financial channels.”
AUSTRAC acts as both Australia’s anti-money laundering and counter-terrorism financing (AML/CTF) regulator and its financial intelligence unit. Thomas said the country’s strong financial system, stable political environment and well-developed gambling sector make Australia attractive not only to legitimate business but also to criminal networks seeking to place and integrate illicit proceeds.
Globally, criminals continue to rely on trusted financial channels embedded in legitimate economic activity to move money. In Australia, drug trafficking remains the single largest source of laundered funds, although authorities are also seeing growing activity linked to tax crimes, government program fraud, illicit tobacco sales and the proceeds of international scam operations. “Financial crime today is not a series of isolated events,” Thomas said. “It operates as a connected, professional and highly adaptive system.”
He warned that criminal networks are increasingly moving funds across borders and industries at speed, exploiting digital payments, complex corporate structures and trusted businesses. Australia’s strong trade, migration and financial links across the Asia-Pacific region also mean the country can act as both a target and a transit point for illicit finance. Within that landscape, gambling operators continue to face elevated risks.
Foundations of trust
High transaction volumes, evolving digital products and cash-intensive channels create opportunities for criminals seeking to launder money, Thomas said. The traditional money laundering cycle – placement, layering and integration – remains highly relevant in the sector. Operators are therefore required to conduct customer identification and verification, assess beneficial ownership, monitor transactions, perform enhanced due diligence where risks are high and submit suspicious matter reports to the regulator.
“These obligations are not administrative hurdles,” Thomas said. “They are foundations of trust that protect your license to operate and Australia’s reputation as a safe and respected place to do business.” Despite improvements across parts of the industry, AUSTRAC continues to uncover recurring patterns of weaknesses during regulatory reviews of gambling and wagering businesses.
Areas of vulnerability
One of the most persistent issues involves large volumes of cash being moved through gambling venues. Across multiple operators, AUSTRAC has observed customers depositing and withdrawing extraordinary sums – sometimes millions of dollars – through repeated transactions. In some cases, the activity involved prepaid cards, vouchers and other opaque instruments that obscured the source of funds.
Authorities also identified so-called “bill-stuffing” behavior, where large amounts of cash are inserted into machines (pokies) with minimal gameplay before being withdrawn as apparently legitimate winnings. “These behaviors were visible, repeatable and highly indicative of money laundering risk,” Thomas said.
Another recurring concern involves the use of multiple accounts and third parties to disguise the ownership of funds. Regulators have observed customers operating numerous accounts under different identities, as well as frequent deposits and withdrawals conducted by third parties. Such structuring makes it difficult for operators to identify who ultimately controls the funds.
High-risk customers also continue to transact in some cases despite adverse media coverage, criminal histories or active investigations by authorities. In some instances, individuals linked to serious organized crime groups were able to continue gambling even after assets had been restrained or confiscated by law enforcement.
Weak source-of-wealth and source-of-funds checks were also highlighted as a major vulnerability. Thomas said some operators failed to challenge high-value patrons who deposited large sums without providing credible explanations of where the money originated. “Enhanced due diligence was delayed or never effectively completed even when money laundering risks were apparent,” he said.
Cash-like instruments and international payment methods are compounding those risks. Prepaid cards, payout cards, vouchers and overseas accounts can allow funds to move quickly through gambling platforms with limited transparency if controls are not robust.
What can be improved?
AUSTRAC has also found that transaction monitoring systems in some businesses have failed to keep pace with evolving risks. In certain venues, monitoring still relies heavily on manual observation by staff rather than structured, risk-based systems. Alerts are sometimes left unresolved, thresholds do not reflect actual risk levels and employees lack clear guidance on escalation procedures.
Staff conflicts of interest and misconduct have also emerged in some investigations, including instances where employees accepted commissions or cash payments from customers. “When incentives align with high-risk behavior, controls break down,” Thomas said.
Reporting failures have further compounded the problem. AUSTRAC has identified cases where suspicious matter reports or threshold transaction reports were delayed, missed or not repeated despite ongoing suspicious activity. In other instances, regulatory recommendations were not implemented and accounts remained open even when risks had been identified.
At an organizational level, the regulator also found some operators had failed to conduct robust money laundering risk assessments or update AML programs following regulatory findings. “These risks were significant, they were known and they were realized in practice,” Thomas said. He also warned operators about the growing trend of outsourcing AML and financial crime functions to third-party providers without adequate oversight.
While outsourcing can be efficient and scalable, Thomas emphasized that regulatory responsibility always remains with the licensed operator. “We are seeing cases where poor quality work by third-party providers goes unchallenged, risks are missed and alerts are closed without adequate scrutiny,” he said. “When that happens, the failure sits squarely with the business.”
Upcoming changes
Australia’s reformed AML/CTF Act is scheduled to take effect on March 31st, introducing updated compliance obligations for regulated entities. Thomas said AUSTRAC would take a pragmatic and risk-focused approach during the transition period, recognizing the scale of the reforms and the tight implementation timeframe. “Preparation is expected, but perfection is not,” he said.
However, regulators will expect businesses to demonstrate genuine progress in identifying and mitigating risks. Operators should maintain existing controls where they are effective and implement credible remediation plans where gaps remain. Those plans should identify weaknesses, assign accountability and be endorsed by senior management and boards, he said.
AUSTRAC will provide guidance, training and tools to support the industry during the transition, but Thomas made clear that regulatory action will follow if significant risks remain unmanaged. “This reform is not about paperwork,” he said. “It is about stronger detection, better controls and more resilient systems.”
