A client had their email accounts hacked. AFSL received email request for withdrawal of funds from investment platform (super – client over 65). Original forms received relating to same, with signature matching certified ID. Forms had new bank account after “client” (via hacked email) notified old account was closed.
What are the AFSL’s reporting requirements to relevant authorities? AUSTRAC? Local/Federal police? Client (UK resident) has notified UK police and will contact NSW police.