The Australian Transaction Reports and Analysis Centre (AUSTRAC) has approached the Federal Government’s Data Centre Facilities Panel to lease space for the establishment of a new primary data centre.
The data centre project was initiated following the near failure of AUSTRAC’s IT systems in January 2012, which exposed significant shortcomings in the agency’s risk management and information recovery frameworks.
A recent Australian National Audit Office (ANAO) report has revealed that AUSTRAC currently has no back-up facilities or disaster recovery mechanisms for the single data centre that houses the agency’s entire suite of IT systems. If the data centre fails, AUSTRAC and its partner agencies will be left without access to financial intelligence for at least the six months that it would take to rebuild and restore the facility.
“The ‘suggested strategy or control’ to mitigate the risk was to ‘rely on back-up systems’ which, in practical terms, did not exist,” says the report.
AUSTRAC is the federal agency responsible for the analysis and dissemination of financial intelligence to prevent money laundering and the financing of terrorist activity in Australia.
A spokesperson from AUSTRAC has confirmed that it has issued a request for offer to panellists under the mandatory whole-of-government panel for the procurement of data centre facilities.
The agency has already signed a $396,000 contract for data centre migration services with Frame Group.
It was allocated $16.1 million in the 2013-14 budget to develop an off-site data centre to house its IT systems and electronic records. The funding is divided over four years, with a total of $9.7 million allocated for 2013-14, including $8.2 million in capital funding. The agency timeline for the project indicates that the entire procurement process and facility development will take place during this period, with the project completion date set for June 2014.
AUSTRAC will retain its existing data centre as a disaster recovery facility, according to the budget papers.
The scope of AUSTRAC’s data management covers over 254 million transaction reports. Its monitoring systems identified nearly 36,000 cases of suspicious transaction activity in 2010-11.
In addition to data centre concerns, the ANAO report also identified ongoing problems with AUSTRAC’s data management and its handling of external information requests.
The audit found significant delays in processing times for TargIT, the agency’s automated system for monitoring and identifying suspicious financial activity. Only 78 per cent of requested intelligence disseminations were completed in the target time of 15 working days, and only 43 per cent of proactive disseminations were dispatched within the targeted 30 days.
The main reason for the delays are AUSTRAC’s ‘legacy’ analytical systems that have “constrained its ability to process growing data volumes and meet increasing demands”, said the report.
In response to these findings, AUSTRAC has pointed to the roll-out of its $25 million Enhanced Analytical Capability (EAC) system that will provide more sophisticated tools to manage the agency’s significant data cache. AUSTRAC expects to implement the system by 2014, both within its own operating environment and across external partner agencies.
The EAC project has been ongoing since 2010. It received total funding of $24 million over four years, with a capital cost of $17.5 million. It is described in the ANAO report as “the largest change program to its intelligence systems since the late 1990s”.
As well as enhancing data management, the system will improve AUSTRAC’s monitoring capabilities for the use of its data by partner agencies. The scope of this function extends to around 3,266 authorised non-AUSTRAC personnel who have access to its main Transaction Reports Analysis and Query (TRAQ) database that electronically disseminates financial intelligence to relevant agencies.
For more information, please contact the Editor (02) 9955 9896.