AUSTRAC has officially directed the payment platform MHITS Limited to appoint an external auditor to address significant concerns regarding its anti-money laundering and counter-terrorism financing frameworks. This regulatory intervention follows a broader supervisory campaign targeting the digital payments sector, which has already seen enforcement actions against other major platforms. The oversight body remains focused on ensuring that financial intermediaries maintain robust systems to detect and prevent the flow of illicit funds across international borders. Failure to maintain these standards can lead to severe regulatory consequences and the facilitation of high-risk criminal activities.

MHITS Limited AML Compliance Review

The Australian Transaction Reports and Analysis Centre has taken a decisive step by mandating that MHITS Limited undergo a comprehensive external audit at its own expense. This move is part of a sustained effort by the Australian regulator to clean up the payments sector, which has shown persistent vulnerabilities in recent years. The audit is designed to scrutinize whether the company is meeting its legal obligations under the national financial intelligence laws. Specifically, the regulator expressed concerns that the transaction monitoring program currently in place at the firm is not sufficiently tuned to identify the full spectrum of risks associated with cross-border fund transfers. By ordering this review, the regulator is signaling that passive compliance is no longer acceptable for businesses that facilitate the movement of money between different jurisdictions. The auditor must complete a thorough evaluation and present the findings within a timeframe of 180 days from the date of appointment. This timeline ensures that any systemic weaknesses are identified and remediated before they can be exploited by criminal networks seeking to move dirty money through the Australian financial system.

The scrutiny on MHITS Limited did not occur in a vacuum but is a direct result of a wider industry campaign conducted by the regulator last year. During this campaign, several other payment platforms were found to have serious deficiencies in their internal controls. These findings led to similar audit orders for prominent entities like WorldRemit and Airwallex, while several other platforms received formal letters of concern. The persistent nature of these failures across the sector has led to the entire industry being put on notice. The regulator is particularly concerned with the use of these platforms to fund activities related to child sexual exploitation material, a category of crime that requires immediate and aggressive intervention from financial institutions. The Chief Executive Officer of the agency stated that payments associated with such high-risk activities were flowing through online platforms because businesses were failing to identify the warning signs. The expectation is now clear that all businesses in the payments space must have strong risk management and compliance systems that are capable of disrupting these horrific criminal activities in real time.

Strategic Deficiencies in Transaction Monitoring Programs

The core of the issue at MHITS Limited appears to be a transaction monitoring program that lacks the necessary sophistication to handle the complexities of modern money laundering. Transaction monitoring is the backbone of any effective compliance framework, as it allows a company to detect patterns of behavior that deviate from the expected activity of a legitimate customer. When these programs are poorly designed or lack the appropriate risk filters, they fail to trigger the suspicious matter reports that are vital for law enforcement agencies. The regulator has noted that many businesses in this sector have been failing to exit high-risk customers even when clear indicators of illicit activity were present. This suggests a failure of both technology and corporate culture within the industry. For a payment platform that facilitates transfers to multiple foreign jurisdictions, the risks are naturally amplified. Different regions present different threat profiles, and a one-size-fits-all approach to monitoring is generally considered inadequate by modern regulatory standards. The audit will therefore look closely at how the platform assesses risk and whether its automated systems are actually capable of catching the specific types of crimes that the regulator has highlighted as priority areas.

Furthermore, the surge in the use of online payment platforms by global consumers has outpaced the development of internal compliance departments at many of these firms. Rapid growth often leads to a situation where profit-making activities are prioritized over the more costly and labor-intensive work of regulatory compliance. The regulator’s recent actions serve as a reminder that financial licenses come with a set of non-negotiable responsibilities. The message sent to the cross-border payments industry is that they are on the frontline of the fight against global crime. Being on the frontline means that these businesses are often the only barrier between a criminal and the realization of their illicit gains. If the barrier is weak, the entire global financial system is compromised. The agency emphasized that businesses should not wait for a regulatory knock on the door to fix their systems. Proactive management involves identifying risks, reporting them immediately, and having the courage to stop transactions or terminate customer relationships when the risk exceeds an acceptable threshold.

Sector Trends and the Rise of Suspicious Matter Reporting

The broader impact of the regulator’s campaign is already becoming visible in the data gathered from across the financial sector. There has been a significant increase in the volume of suspicious matter reports submitted by payment platforms, which indicates that the industry is beginning to take its obligations more seriously. Specifically, reports related to suspected child sexual exploitation have increased by a staggering 264 percent. This increase does not necessarily mean that the crime itself is becoming more prevalent, but rather that the detection capabilities of financial institutions are finally improving. When businesses actively look for these transactions, they find them. This surge in reporting increases the likelihood of successful investigations and prosecutions, as law enforcement agencies are provided with the high-quality financial intelligence they need to track down offenders. The exponential increase in detection capability is a direct result of the pressure applied by the regulator through audits and public enforcement actions.

Despite these positive trends, the need for an external auditor at MHITS Limited shows that there is still significant work to be done. The audit process is not merely a box-ticking exercise but a deep dive into the operational realities of the company. It will involve testing the effectiveness of the platform’s KYC or Know Your Customer procedures, its ongoing customer due diligence, and its internal governance structures. The findings will determine whether further regulatory action, such as civil penalties or additional license conditions, will be necessary. The cost of the audit being borne by the company serves as an additional financial incentive for other firms to ensure their systems are up to standard before the regulator intervenes. In the current climate, ignorance of the law or a lack of technical capability is not a valid defense. The regulatory landscape is evolving toward a model of zero tolerance for systemic compliance failures that enable the most damaging forms of international crime.

Enhanced Oversight and Future Regulatory Expectations

The appointment of an external auditor marks the beginning of a period of intense scrutiny for the platform, but it also provides a roadmap for improvement. The auditor’s report will likely include a series of recommendations that the company must implement to satisfy the regulator. These recommendations often involve upgrading software, hiring more specialized compliance staff, and improving the quality of data used to assess customer risk. For the wider industry, the MHITS case is a warning that the regulator is moving beyond simple warnings and is now using its full suite of enforcement powers to compel compliance. The focus on cross-border payments is unlikely to diminish, given the high level of risk associated with moving money into jurisdictions with less stringent financial oversight. Businesses must be able to demonstrate that they understand the specific risks associated with each corridor they operate in and have tailored their controls accordingly.

In conclusion, the regulatory action taken against MHITS Limited is a vital part of Australia’s broader strategy to secure its financial borders. By focusing on the payment platform sector, the authorities are targeting a critical node in the global money laundering network. The requirement for a 180-day audit period ensures that the company remains under the microscope while it works to rectify its shortcomings. The significant rise in reporting across the sector shows that while the challenges are great, the combination of strict oversight and industry cooperation can lead to tangible results in the fight against crime. Financial institutions are reminded that their actions matter and that they have a moral and legal duty to prevent their services from being used to facilitate exploitation. The goal of the regulator is to create a financial environment where illicit actors have nowhere to hide and where the integrity of the payment system is maintained through constant vigilance and robust technological solutions.

---

Key Points

• AUSTRAC has ordered MHITS Limited to hire an external auditor to evaluate its AML and CTF compliance programs.
• The intervention is part of a wider crackdown on payment platforms following serious deficiencies found in companies like WorldRemit and Airwallex.
• Specific concerns involve the failure of digital platforms to detect and block transactions related to child sexual exploitation.
• The payment sector has seen a 264 percent increase in suspicious matter reports since the regulator began its targeted supervisory campaign.
• MHITS Limited must cover all costs of the audit and provide a full report to the national regulator within 180 days.

---

Related Links

• AUSTRAC guidance on transaction monitoring obligations
• FATF recommendations for virtual asset service providers and payment platforms
• Australian Government information on the AML/CTF Act 2006
• Financial intelligence reports on child exploitation trends

Other FinCrime Central Articles About PSP-Related Money Laundering Risks

• AML fines Europe: a costly wake-up call for PSPs and EMis
• Danish FSA Identifies Major Risk Failures at Safenetpay ApS
• $4.2 Million AML Penalty for Wise US Highlights Growing Regulatory Scrutiny

Source: AUSTRAC

Some of FinCrime Central’s articles may have been enriched or edited with the help of AI tools. It may contain unintentional errors.

Want to promote your brand, or need some help selecting the right solution or the right advisory firm? Email us at info@fincrimecentral.com; we probably have the right contact for you.