Airwallex Ordered to Undergo External Audit by AUSTRAC
Global payment provider Airwallex has been ordered by the Australian Transaction Reports and Analysis Centre (AUSTRAC) to undergo an external audit of its anti-money laundering (AML) and counter-terrorism financing (CTF) controls. The move comes as the company expands its cross-border operations and product offerings, raising concerns about the adequacy of its compliance framework.
Regulatory Concerns Over Compliance
AUSTRAC, Australia's financial intelligence regulator, has mandated that Airwallex appoint an external auditor to review whether its AML and CTF controls are proportionate to its business scale and complexity. The payment company will bear the cost of the review, with AUSTRAC requiring the submission of the auditor's findings within 180 days.
While AUSTRAC has not accused Airwallex of any criminal conduct, the decision to mandate an external audit places the company among a select few subject to deeper, more independent scrutiny. AUSTRAC has previously used similar powers to audit other payment and remittance service providers, including Afterpay, PayPal Australia, Western Union Australia, and recently, Binance Australia.
Focus of the Audit
The audit will assess whether Airwallex properly identifies clients, monitors transactions based on risk, and fulfills its obligations to report suspicious activities. The regulator's primary concern is whether the company's compliance systems align with its current business model, given its rapid expansion over the past two years.
Airwallex has added new products, clients, and cross-border business channels, significantly altering its risk profile. The key issue, from AUSTRAC's perspective, is not the presence of monitoring systems but their relevance to Airwallex's present operations, including whether transaction scenarios reflect current transaction types, whether alerts are properly reviewed and escalated, and whether customer risk segmentation accommodates diverse industries, jurisdictions, and use cases.
Airwallex's High-Risk Classification
Airwallex falls under AUSTRAC's highest-risk regulatory category, as it provides global accounts, cross-border payments, foreign exchange services, and debit cards to its enterprise clients, facilitating large-scale fund transfers across multiple jurisdictions. Such infrastructure, while commercially attractive, poses financial crime risks if not properly managed. Cross-border and cross-currency payment flows could be exploited to obscure the source of funds, particularly if access, monitoring, or escalation processes vary across regions.
The regulatory action comes at a time when Airwallex has achieved significant growth. The company recently completed a large funding round, valuing it at billions of dollars, and has expanded its operations to Asia, Europe, and North America. Earlier this year, Airwallex announced the acquisition of a South Korean payments company, adding another regulatory region to its business footprint.
Implications for Airwallex
While a mandatory AML audit does not necessarily indicate improper conduct, it often carries subsequent risks for partnerships, licensing, and expansion timelines. Airwallex had previously undertaken compliance work, including an AUSTRAC review in 2024 and an independent audit in 2025. However, the latest notification suggests that these assessments are now outdated given the company's current operational scale.
The timing of AUSTRAC's action also aligns with broader regulatory reforms in Australia. The country is preparing to implement AML/CTF reforms in March 2026, which are expected to expand related obligations and raise expectations for risk assessments and governance.
Next Steps for Airwallex
The immediate focus for Airwallex is on determining the scope of the audit, selecting an auditor, and anticipating AUSTRAC's response upon submission of the audit report. While the audit itself may not lead to enforcement actions, it subjects the company to closer scrutiny during a critical period of expansion.
External audits can also impact banking relationships and correspondent banking access, as partners often re-evaluate their risk exposure when regulatory concerns are raised. For Airwallex, the review will influence its regulatory standing as well as the confidence of counterparties closely monitoring its performance.
