FAQs

AUSTRAC, Australia's AML/CTF regulator, oversees over 17,000 individuals, enterprises, and organisations. We ensure compliance with the Anti-Money Laundering and Counter-Terrorism Financing Act of 2006 and the Financial Transaction Reports Act of 1988.

Tranche 2 refers to the second phase of Australia’s anti-money laundering (AML) and counter-terrorism financing (CTF) laws. It extends the scope of regulated entities to include businesses such as lawyers, conveyancers, real estate agents, and accountants. This means affected professional service providers will now be considered ‘reporting entities and must comply with AML/CTF obligations to deter money laundering and terrorist financing.

Since 2007, Tranche 2 of the legislation has been under consideration, which would expand the entities required to comply with AML/CTF obligations to include real estate agents, lawyers, book-keepers, accountants, and trust/company service providers (also known as gatekeepers).

The Attorney-General has announced a public consultation regarding proposed anti-money laundering and counter-terrorism financing (AML/CTF) regime reforms in Australia. The objective of the proposed reforms is to ensure that the regime conforms to international standards. industry can enhance their understanding of their obligations and compliance.

The AML/CTF regime is central to Australia's efforts to prevent criminals from profiting from their unlawful activity and to prevent funds from reaching terrorist organisations.

The first round of public consultation on proposed reforms to Australia’s AML/CTF regime closed in June 2023. A second round of consultation will be opened in September 2023, and it is likely to include draft legislation. It will likely include a 12 or 18-month transition period in its Tranche 2 Bill. This would allow Australia to have laws in place before the Financial Action Task Force (FATF)‘s fifth-round mutual evaluation visit, expected in 2026.

As a reporting entity, your business will be required to implement risk management programmes to identify and mitigate potential money laundering and terrorist financing risks. This includes conducting customer due diligence (CDD) on clients, monitoring transactions and client behaviour for suspicious activities, and reporting any suspicious matters to AUSTRAC.

Real estate professionals will face increased scrutiny in their transactions. You will need to conduct thorough checks on buyers and sellers, verify their identities, and assess the nature of the transactions more diligently. This may lead to longer transaction times and additional administrative burdens.

Lawyers and conveyancers will need to play a more active role in identifying and preventing money laundering and terrorist financing. You will have to conduct comprehensive client due diligence, particularly for high-value transactions, and report any suspicious activities to AUSTRAC.

Tranche 2 will require accountants to be more vigilant in their dealings with clients engaged in financial transactions susceptible to money laundering. You will need to perform detailed assessments of your client's activities and keep a close eye on any unusual or large transactions. Additional training and software tools may be necessary to meet compliance requirements.

Complying with Tranche 2 may involve an increased administrative workload, longer transaction times, and the need for additional resources, such as training and software. However, failure to comply with the new regulations could result in legal or reputational risks for your business.

There are opportunities for your business to showcase its commitment to compliance and ethical practices. By diligently following the regulations, you can enhance your reputation as a trustworthy partner for your clients, reducing the risks associated with money laundering and terrorist financing activities.

To better understand and fulfil your obligations under Tranche 2, you can refer to official guidance from AUSTRAC, engage in industry-specific training, and seek advice from legal or financial professionals with expertise in AML/CTF compliance.
One AML can also help you understand and meet your AML/CFT obligations. We provide robust, cost-effective, and seamless solutions. Get in touch with us today.

The reforms apply to lawyers, accountants, conveyancers and real estate professionals from 1July2026. AUSTRAC expects you to be enrolled as a reporting entity, have an AML/CTF program, appoint a compliance officer and train your staff by that date. Because risk assessments, policies and contracts take time, it is wise to begin preparing no later than the last quarter of 2025.

Yes. Compliance is based on the services you provide, not your size. If you offer designated services such as conveyancing, trust administration, accountancy services or property transactions, you must enrol with AUSTRAC and implement an AML/CTF program. Sole traders may act as their own compliance officer.

Enrolment opens on 31March2026. You need to provide details about your business structure, services, key personnel and contact information. You must enrol within 28days of providing a regulated service and no later than 29July2026. AUSTRAC will release further guidance and a starter program before December2025.

AUSTRAC has stated it will prioritise enforcement against entities that fail to enrol or wilfully ignore their obligations. Non‑compliance can result in significant fines, regulatory action and reputational damage. Acting early avoids penalties and protects your business.

A risk‑based approach means identifying the money‑laundering and terrorism‑financing risks associated with your services and customers and applying controls proportional to those risks. Your AML/CTF program must include a documented risk assessment and tailored policies, procedures and systems so resources are focused where risks are highest.

The timeframe depends on your business’s complexity. Developing a comprehensive program; risk assessment, policies, staff training, customer due diligence and reporting processes, often takes several months. Starting by the last quarter of 2025 ensures you can test and refine your program before the July2026 deadline.

Costs vary by firm size and service mix. Typical expenses include consultant fees, staff training, due‑diligence and transaction‑monitoring software, and time spent documenting policies. Smaller firms may prefer usage‑based or shared‑service solutions. OneAML offers modular packages and readiness assessments to help manage these costs.

All programs must include risk assessments, due diligence and reporting, but each sector faces unique risks. Law firms must manage legal privilege and high‑value trust transactions. Accountants handle client funds and may need enhanced due diligence for high‑risk clients. Real‑estate agents must verify buyers and sellers and watch for suspicious property transactions. OneAML tailors programs to each sector’s specific risks and workflows.

Yes. AUSTRAC expects every reporting entity to appoint a fit‑and‑proper AML/CTF compliance officer to oversee the program. The officer should have appropriate authority and training and report to senior management. Sole traders may perform this role themselves.

AUSTRAC plans to publish sector‑specific starter programs and educational materials by December2025. You can subscribe to AUSTRAC updates and review its summary of obligations for Tranche2 entities to understand requirements such as enrolment, program development, customer due diligence and reporting. OneAML monitors these releases and updates client programs accordingly.

Staff training should cover money‑laundering and terrorism‑financing risks, how to verify customer identity, recognising red flags, and how to report suspicious matters. AUSTRAC expects all employees to understand and follow the AML/CTF program. Training should be refreshed regularly and whenever regulations change.

Yes. The AML/CTF Act allows simplified customer due diligence where the risk is low. You must document why simplified procedures are appropriate and review these clients periodically. High‑risk customers require enhanced due diligence.

Conduct a readiness assessment by comparing your services against the list of regulated activities, evaluating existing policies and procedures, and identifying gaps in risk assessment, due diligence, reporting, training and governance. OneAML’s readiness scorecard helps benchmark your current state and plan next steps.

Reporting entities must maintain records of their AML/CTF program, customer due diligence, transaction monitoring, staff training and audits for at least seven years. Keeping thorough records demonstrates compliance and is essential if AUSTRAC audits your business.

The reforms explicitly protect documents covered by legal professional privilege. Businesses are not required to disclose privileged information and may use a dedicated form to assert privilege. This is particularly relevant for law firms handling confidential client matters.

AUSTRAC does not offer financial incentives, but preparing early reduces the risk of penalties and operational disruption and signals your commitment to ethical practice. OneAML offers early‑adopter packages with discounted rates and complimentary health checks for firms that engage before the compliance rush.

Integration options depend on your current software. Many practice management and accounting platforms offer API connections or plug‑ins for AML screening and transaction monitoring. OneAML can evaluate your systems and recommend suitable RegTech solutions.

OneAML provides end‑to‑end services, including risk assessments, program design, staff training, health checks, ongoing advisory retainers and technology integration. We also assist with regulator queries and independent audits, delivering expert compliance with minimal stress.

Correspondent banking involves one bank providing services on behalf of another, typically across borders. These relationships carry significant AML risks as they may obscure the origin of funds or enable illicit transfers. Enhanced due diligence and monitoring are essential to manage these risks.

AML (Anti-Money Laundering) refers to the efforts to prevent and detect money laundering activities, while CTF (Countering the Financing of Terrorism) focuses on stopping the flow of funds to terrorist organisations. Both fall under the broader regulatory frameworks aimed at curbing financial crime and often share similar requirements.

Ongoing training ensures that employees stay up to date with the latest AML regulations, risks, and internal procedures. Regular training equips staff with the skills to identify and report suspicious activities and ensures your business remains compliant with evolving legal standards.

Sanctions are penalties or restrictions imposed by governments or international bodies on specific individuals, entities, or countries. In the context of AML, businesses must ensure they do not conduct transactions with sanctioned parties, which are often linked to criminal or terrorist activities. Screening customers and transactions against sanctions lists is a key compliance requirement.

A suspicious transaction report (STR), also known as a suspicious activity report (SAR), is filed when a business identifies a transaction or activity that appears to be related to money laundering, terrorist financing, or other financial crimes. These reports are sent to relevant authorities, such as AUSTRAC in Australia, DIA/FMA/RBNZ in New Zealand or the FCA in the UK. Timely filing of STRs is a legal obligation and helps prevent further criminal activity.

Transaction monitoring involves continuously reviewing customer transactions for suspicious patterns or activities, such as large, unexplained transfers or transactions involving high-risk countries. Automated systems often flag unusual behaviour for further investigation, ensuring early detection of potential money laundering activities. Regular monitoring is a critical component of an effective AML program.

Customer due diligence (CDD) is the process of verifying a customer’s identity and assessing their risk of involvement in money laundering or terrorist financing. It involves gathering information such as name, address, and identification and is essential for understanding the nature of the customer’s activities. Enhanced due diligence (EDD) may be applied to high-risk customers, like PEPs, to ensure more stringent monitoring and controls.

If you identify suspicious activity, you must report it to the appropriate authorities, such as AUSTRAC in Australia, the Department of Internal Affairs in New Zealand, or the Financial Conduct Authority (FCA) in the UK. Failure to report can lead to penalties. Additionally, review and update your internal controls to prevent future occurrences.

PEPs are individuals in prominent public positions, such as government officials, who may be at higher risk for corruption or financial crime. Businesses must apply enhanced due diligence when dealing with PEPs to manage the additional risks they present. This includes thorough identity verification, ongoing monitoring, and possibly reporting transactions.

Common red flags include unusually large transactions, multiple small transactions designed to avoid detection, transactions involving high-risk countries, and customers unwilling to provide sufficient information. Monitoring for these indicators is essential for the early detection of illicit activities.

Protecting your business involves implementing robust due diligence processes, especially with high-risk customers or transactions. You should also monitor and report any suspicious activities and keep your AML/CTF program up to date. This proactive approach reduces the likelihood of your business being exploited for terrorist financing.

Penalties for non-compliance vary by jurisdiction but can include substantial fines, legal action, and reputational damage. In some cases, businesses may face suspension of licences or operational restrictions. Staying compliant helps avoid these severe consequences and protects your business from financial and legal risks.

The FATF Recommendations are a comprehensive set of guidelines designed to combat money laundering, terrorist financing, and the financing of weapons of mass destruction. They cover crucial areas such as risk-based assessments, customer due diligence, and reporting suspicious activities. Adhering to these recommendations ensures your business remains compliant with international and local regulations.

FATF establishes global AML/CTF standards that countries adopt into national legislation. These standards ensure that businesses worldwide implement consistent practices to detect and prevent financial crimes. FATF’s guidance is crucial for aligning domestic laws with international best practices, helping businesses navigate complex compliance landscapes.

KYC is a fundamental part of AML compliance, requiring businesses to verify the identity of their customers, assess risks, and monitor activities. It ensures you know who you are dealing with, preventing fraud, money laundering, and other financial crimes. Implementing strong KYC procedures is critical to protecting your business and maintaining regulatory compliance.

An independent AML audit is conducted by external experts, offering an unbiased review of your AML/CTF program. It provides a fresh perspective and helps identify gaps that internal audits may overlook. This external verification is often required by regulatory bodies and enhances the credibility of your compliance efforts.

AML/CTF programs should undergo reviews at least every two to three years, or more frequently if necessary by regulatory authorities. Regular reviews ensure that your AML/CTF program remains up to date with evolving risks, new regulations, and changes in your business operations, helping maintain compliance and reduce vulnerabilities.

An effective AML compliance program includes customer due diligence (CDD), transaction monitoring, record-keeping, suspicious activity reporting, and regular training for employees. These components work together to identify and mitigate the risks of money laundering and ensure compliance with regulatory requirements.

An AML/CTF program is not only a regulatory requirement but also a vital protection for your business. It helps prevent your organisation from being exploited for money laundering or terrorist financing, ensuring you avoid penalties, reputational harm, and business disruptions. Complying with AML/CTF regulations also demonstrates a commitment to ethical business practices.

An AML program is a structured set of policies, procedures, and controls that a business implements to detect, prevent, and report money laundering activities. It includes customer due diligence (KYC), transaction monitoring, record-keeping, reporting of suspicious activities, and ongoing employee training. The objective is to prevent criminals from taking advantage of the business and ensure legal compliance.

A risk assessment is a critical part of an AML program where a business evaluates the potential risks it faces related to money laundering and terrorist financing. It involves identifying high-risk customers, transactions, regions, and services, and applying appropriate measures to mitigate those risks. This process helps ensure resources are focused on areas with the highest risk, following a risk-based approach.

Money laundering is the process of disguising illegally obtained funds as legitimate income. Criminals use businesses to funnel illicit money through financial systems. This poses significant risks as businesses may unknowingly facilitate criminal activities, leading to legal consequences, financial penalties, and damage to their reputation.

AML/CFT stands for Anti-Money Laundering and Countering the Financing of Terrorism. These terms refer to a set of regulations, standards, and procedures designed to prevent the illegal movement of money (money laundering) and to stop the financial support of terrorist activities (terrorist financing).
Anti-Money Laundering (AML) aims to prevent the practice of disguising illegally obtained funds as legitimate income. Financial institutions and other entities are required to identify and monitor suspicious activities to prevent criminals from using the financial system to launder money.
Countering the Financing of Terrorism (CFT) focuses on preventing the flow of funds to individuals, groups, or organisations that support terrorism. By tracking and blocking the sources of these funds, authorities aim to weaken terrorist organisations.