Australia's financial regulator, Austrac, is drawing a line around how banks use AI in suspicious activity reports. The issue is not whether banks can use technology to detect unusual transactions. It is whether newer AI systems are being used to produce reports that help investigators, or simply to create more paperwork.
According to industry sources, Austrac officials have met with several banks recently to urge more careful use of AI. One major bank was reportedly reprimanded in a private meeting.
Austrac is pushing back on report volume
Suspicious activity reports, often shortened to SARs, are meant to bring meaningful concerns to a regulator's attention. Austrac's concern is that AI could make it easier for banks to submit more reports without making those reports more useful.
Austrac deputy chief executive Katie Miller said the agency does not want a flood of computer-generated reports that are "low-quality". The problem, as described in the source, is that reports may be packed with data while lacking real intelligence value.
That distinction matters. A report can contain a large amount of information and still fail to explain why a transaction deserves attention. For a regulator, more data is not automatically better if the useful signal is buried inside a growing pile of machine-produced material.
Miller also warned that banks might be submitting high volumes of reports simply to avoid penalties. If that is the reason for using artificial intelligence, the technology becomes a defensive compliance tool rather than a way to improve the quality of financial intelligence.
Machine learning is not new in banking
Banks have used machine learning to flag suspicious transactions for years. That existing use is part of the background to Austrac's warning: automated detection is already embedded in the way banks screen activity.
What has changed is the move toward modern large language models. According to the source, that shift picked up over the past two years as banks saw the technology as a way to cut costs.
Large language models can generate and summarize text, which makes them attractive for compliance workflows that involve reports, explanations and documentation. But Austrac's warning shows the trade-off. If the same tools make it too easy to produce longer or more numerous SARs, they can create a quality-control problem for both banks and the regulator.
The risk is not described as AI missing suspicious behavior. The concern in the source is different: banks may use AI to increase output, while the resulting reports lack enough intelligence value to justify the volume.
The regulator wants signal, not noise
Katie Miller framed the issue around quality and noise. The source includes her warning that more information can become a problem when it makes the important material harder to see.
The banks are leaning towards the ends of higher quality but smaller amounts. The more data you’ve got, there's a problem of noise. If banks were looking to use artificial intelligence just to increase the volume (of reports), that’s something we need to assess.
That comment points to a practical standard for AI-generated suspicious activity reports. The regulator is not asking for maximum output. It is asking whether a report is useful enough to support real assessment.
For banks, that creates a clear implication. AI systems used in SAR workflows need controls that focus on relevance, judgment and review. A tool that produces more text may help reduce workload in one part of the process, but it can also shift the burden to the people and agencies that must interpret the final report.
- Quality matters: reports need intelligence value, not just more fields or more narrative.
- Volume has costs: large numbers of weak reports can make useful information harder to identify.
- AI use will be assessed: Austrac has signaled concern if artificial intelligence is used mainly to increase report counts.
What this says about AI in compliance
The Austrac warning is a reminder that AI in financial compliance is not only a technology question. It is also a governance question. A bank can use modern AI to reduce costs, but the output still has to meet the purpose of the reporting system.
That purpose is not satisfied by a report simply because it exists. A suspicious activity report needs to communicate why something is worth attention. If AI turns compliance into a volume exercise, the regulator may receive more material while learning less from it.
The source does not say banks should stop using AI. It says Austrac is urging more careful use, and that officials have already raised the issue with several banks. The message is narrow but important: artificial intelligence should improve the quality of suspicious activity reporting, not flood the system with low-value content.
For financial institutions, the practical lesson is that AI-generated SARs must be judged by usefulness. Cost savings may explain why banks are adopting large language models, but Austrac's response shows that cheaper reporting is not enough if it produces more noise for the regulator.