AUSTRAC Fines Cryptolink AU$56,340; Orders Compliance Overhaul

Australian transaction and analysis centre (AUSTRAC) has imposed a AU$56,340 infringement notice on Cryptolink and accepted a court-enforceable undertaking to rectify major anti-money-laundering and counter-terrorism-financing (AML/CTF) deficiencies. The action, announced 30 October 2025, follows an investigation by AUSTRAC’s Crypto Taskforce that found late reporting of large cash transactions and gaps in the company’s money-laundering and terrorism-financing risk assessment processes.

Regulator Seeks “Assurance” of Stronger Controls

AUSTRAC Chief Executive Brendan Thomas said the enforcement package balances penalties for past breaches with requirements to strengthen ongoing compliance. “The infringement notice addresses previous non-compliance around reporting and the enforceable undertaking seeks assurance that Cryptolink has improved its risk assessments and strengthened its AML/CTF controls,” Thomas said. He added that the measures were designed “to ensure useable intelligence does not slip through the cracks.”

Under the court-enforceable undertaking, Cryptolink must appoint independent reviewers to validate whether all required threshold transactions have been reported, assess the effectiveness of controls for large-cash transactions, and re-evaluate its money-laundering and terrorism-financing risk framework for adequacy. The company has fully cooperated with the regulator and paid the penalty in full. AUSTRAC clarified that payment of an infringement notice is not an admission of liability.

Thomas warned that criminals are exploiting cryptog ATMs to move illicit funds. “Crypto ATMs are one of the highest risk money laundering channels in Australia at the moment. They are being exploited by criminals to launder money and move scam proceeds. This is not conjecture. It’s what our Crypto Taskforce observed and has been backed up by the work of our law enforcement partners,” he said.

The taskforce estimated that 85 percent of transactions by the 90 most prolific crypto ATM users in Australia involved scam or money-mule activity. “Scams are one of the biggest drivers of suspicious activity and criminals have been using crypto ATMs to move and cash out stolen funds,” Thomas added in the regulator’s official release. AUSTRAC urged consumers to avoid transferring money to wallets they do not control and to think twice if asked to deposit cash into a crypto ATM.

According to Coin ATM Radar data cited in October 2025 reports, Australia currently has about 2,024 crypto ATM terminals nationwide—slightly down from roughly 2,100 earlier in the month—reflecting tightened scrutiny and new government proposals to expand AUSTRAC’s powers over these machines. AUSTRAC itself has described finding “a hidden world of scams and dodgy dealings” through its Crypto Taskforce work.

AUSTRAC’s Next Moves in Crypto Compliance

The action against Cryptolink marks one of the first major enforcement steps in the second phase of AUSTRAC’s Crypto Taskforce, which is now focusing on the highest-risk operations. Thomas said the agency plans to collaborate with responsible digital-currency businesses while maintaining a tough stance on non-compliance. “Criminals don’t care how they hurt people, they care about making money,” he noted. “We want to work with the digital currency exchanges to harden the sector against exploitation but if operators don’t take this seriously, we will take action.”

By compelling Cryptolink to undergo independent validation and upgrade its controls, AUSTRAC aims to set a benchmark for compliance expectations across Australia’s expanding crypto-ATM landscape. The agency reiterated that strong reporting and risk assessment frameworks are essential to prevent scams and preserve financial-intelligence integrity.