The Criminal Network at Your Door: What the Regulator Sees That You Might Not
AUSTRAC's leadership has spent recent months describing a sophisticated, cross-border financial crime ecosystem that is actively targeting Australian gaming venues. Here's what the regulator is seeing, and what it means for your AML program.
Mark Kelly
5 March 2026
3 min read
When we talk about AML compliance in the context of pubs and clubs, it's easy to default to the procedural, i.e., topics like thresholds, forms, and reporting cycles. What gets lost in that conversation is the bigger picture: what compliance is actually defending against.
AUSTRAC's leadership has been spending the past few months pulling back the curtain on that picture, and it's worth letting this land with you. Because what they're describing isn't a handful of opportunistic bad actors. It's an integrated, cross-border financial crime ecosystem - professionally structured, technologically enabled, and deliberately targeting legitimate sectors like gaming.
This isn't abstract. Australia is inside the system.
The core message coming out of AUSTRAC right now is that the Asia-Pacific region has become the operating environment for a new generation of money laundering. Criminal networks generate illicit funds in one jurisdiction, move them through several others, and integrate them into the legitimate economy somewhere else entirely. Australia, connected as we are to the region through trade, migration, tourism, finance and digital services, definitely sits inside that system.
And gaming venues, with their high transaction volumes and cash-intensive environments, represent the kind of channel these networks look to exploit.
What AUSTRAC is finding
The regulator isn't theorising. In its enforcement work across gaming operators, AUSTRAC has found a consistent set of real-world failures that sophisticated criminal activity exploits:
- Transaction monitoring systems that haven't kept pace with the volume or nature of current risks
- Manual observation replacing structured, risk-based alerts
- Thresholds set at levels that no longer reflect actual exposure
- Staff who lack clear escalation guidance, and in some cases, staff with their own conflicts of interest, accepting payments from high-risk customers
Add to that delayed or missed SMRs, and you have an environment where known risks sit unresolved for months.
The regulator's message is direct: these aren't edge cases. They’re patterns.
The frontline has moved
For years, the AML focus in Australia sat primarily on banks and traditional financial institutions. As controls tightened there, criminal activity shifted, finding gaps in sectors that weren't yet looking, or looking hard enough, for activity. Gaming venues are one of those sectors. High cash flow, high transaction frequency, complex customer profiles, and - in many cases - compliance programs that were built for a different era.
The 31 March 2026 reforms are a direct response to that shift. The new risk-based framework asks operators to genuinely understand where their exposure sits, concentrate controls accordingly, and demonstrate that understanding to the regulator.
What this means for your venue
If you're running gaming operations and your AML program still relies primarily on staff observation and manual reporting, you're operating with a structural gap that AUSTRAC has explicitly flagged. The criminals being described by the regulator aren't deterred by a sign on the wall - they're deterred by systems that surface unusual patterns before they can establish a foothold.
That's what Sentinel does. It continuously monitors transactions across your gaming floor, flags behaviour that warrants review, and supports your team in making documented, defensible decisions. It's not about generating more paperwork; it's about ensuring that when something's wrong, you see it.
Because in the environment AUSTRAC is describing, the question isn't whether criminals are interested in gaming venues. They already are. The question is whether your venue gives them an easy path or a hard one.