CLOSE

close

CLOSE

EN

Tranche 2 and the legal sector: Ready or not, AML is coming

Recommended
Tranche 2 and the legal sector: Ready or not, AML is coming

Tranche 2 and the legal sector: Ready or not, AML is coming
From the SRA to the FCA: What the transition to the Single Professional Services Supervisor means for your firm

From the SRA to the FCA: What the transition to the Single Professional Services Supervisor means for your firm
Fake cases, real costs: Law firm penalised for AI-generated citations

Fake cases, real costs: Law firm penalised for AI-generated citations

It’s no exaggeration to say that Australia’s Anti-Money Laundering and Counter-Terrorism Financing Amendment Act 2024, the Tranche 2 reforms, marks the most sweeping reform to the legal services regulatory landscape in nearly a decade. When the new regime takes effect in July 2026, lawyers will officially join the ranks of entities regulated under Australia’s AML-CTF laws, a seismic shift for the profession.

 

For many in the legal community, this new reality may still feel surreal, or even unfair. But the debate is over and the Act is now law. Whether you are a partner in a national firm, a sole practitioner, or an in-house counsel handling property transactions, your compliance obligations are changing.

 

But while the change is big, it isn’t insurmountable. In fact, lessons from New Zealand, the UK, and elsewhere show that AML compliance in the legal sector can be managed with the right mindset, planning, and cultural adjustment.

 

How exactly will the new legislation affect lawyers? And, importantly, what can you do now to prepare?

 

How the AML-CTF Act will impact lawyers

 

For the first time, lawyers will be treated as “reporting entities” when they provide certain types of services, known as “designated services.” These include most transactional, financial, property, trust, and corporate advisory work. In short, if your firm helps clients move money, acquire assets, set up structures, or manage funds, you’re in scope.

 

This means:

 

  • You’ll need to conduct client due diligence checks.

  • You’ll need to prepare a risk assessment and compliance program that meets AUSTRAC standards.

  • You’ll be required to monitor transactions, keep records, and report suspicious matters to AUSTRAC.

  • You’ll appoint an AML-CTF Compliance Officer, subject to “fit and proper” requirements.

  • And, every three years, your firm will undergo an independent AML audit.

 

This is a fundamental cultural shift. Law firms will now need to think and operate more like regulated financial institutions. The implications stretch beyond compliance paperwork: they affect how firms onboard clients, manage data, use technology, and even how lawyers think about client relationships and confidentiality.

 

Why this matters

 

Australia is under renewed international pressure from the Financial Action Task Force (FATF) to strengthen its defences against financial crime. Lawyers, accountants, real estate agents, and other professional service providers, collectively known as “Tranche 2 entities,” have long been seen as vulnerable gateways for money laundering and terrorist financing.

That spotlight will only intensify through 2026 as FATF evaluates Australia’s performance. We can expect more enforcement headlines, more AUSTRAC investigations, and more emphasis on transparency, especially around beneficial ownership, shell companies, and trusts.

 

In this context, AML compliance isn’t just a regulatory burden. It can be a reputational shield. Firms that fail to prepare risk not only penalties but also public exposure if their services are misused. Those that act early, on the other hand, can show leadership, demonstrating trustworthiness, professionalism, and ethical strength to clients and regulators alike.

 

The steps lawyers should take now

 

While many details of the new regime will be set out in AUSTRAC’s forthcoming AML-CTF Rules, the direction is clear. The time to prepare is now. Here are six practical steps every firm should start working on.

 

1. Map your services against the act

Determine which of your firm’s services fall under “designated services.” Use the new tables 5 and 6 in section 6 of the Act (soon available in AUSTRAC’s “Future Law Compilation”). For full-service firms, you might choose to apply AML checks across the board for simplicity. Smaller practices may prefer to limit compliance to specific areas, like property or corporate work. The key is to document your approach and train your staff accordingly.

 

2. Appoint an AML champion

Someone in the firm needs to own this. They’ll lead implementation, liaise with AUSTRAC, and build internal expertise. Larger firms may need a full-time compliance role; smaller ones can upskill a partner or senior lawyer. AML comes with its own dense jargon and your champion’s job is to translate and embed this language into the firm’s daily practice.

 

3. Conduct a proper risk assessment

This isn’t box-ticking. Your firm must produce a bespoke risk assessment, a serious internal due diligence exercise on how your services could be misused for criminal purposes. Consider client types, practice areas, jurisdictions, service delivery methods, and technologies. A thoughtful, proportionate risk assessment will help you design meaningful, targeted controls and keep AUSTRAC auditors at bay.

 

4. Leverage existing systems

Many firms already have onboarding, conflict-checking, or trust account systems that can be repurposed for AML compliance. Strengthen these with structured Client Due Diligence (CDD) and verification processes. Ask: what red flags have you seen before? What client behaviours raised suspicion? Build those instincts into formal procedures.

 

5. Upgrade your tech and data management

AML is fundamentally an information management exercise of collecting, verifying, storing, and where necessary, reporting client data. If your firm’s systems are outdated or scattered, this is the moment to modernise. But do your due diligence on tech solutions that integrate smoothly with your existing client and document management systems.

 

6. Build a relationship with AUSTRAC

Unlike traditional self-regulation under law societies, AUSTRAC is a proactive, data-driven regulator. You’ll enrol as a reporting entity, submit annual reports, and undergo periodic audits. Prepare your teams for this cultural adjustment. Transparency and engagement will be key to building a constructive regulator relationship and to avoiding unnecessary scrutiny.

 

From legal advisor to risk gatekeeper

 

For lawyers, the hardest part may not be the forms, but the philosophy. The AML regime requires us to see clients not only as sources of trust and instruction but as potential conduits for misuse. That’s a hard adjustment for a profession built on confidentiality and advocacy.

 

However, AML doesn’t erase legal privilege or ethical duties. It reframes them. It demands vigilance, documentation, and professional scepticism, not suspicion of every client, but awareness of the system’s vulnerabilities. The truth is, this reform isn’t just about regulation. It’s about protecting the integrity of the legal profession in an increasingly complex financial world.

 

Start early, start small. Just start

 

The AML-CTF Amendment Act will not make the sky fall. Transactions will continue, privilege will endure, and law firms will remain indispensable. But the change will require planning, investment, and time and possibly more than most expect.

 

Firms that start early, experiment, and document their processes will glide through the 2026 transition. Those that wait will scramble. This can be done. New Zealand firms eventually adjusted and found their new normal. Australian lawyers can too. The key is to start now and not when AUSTRAC knocks.

 

We’ve launched a suite of fully regionalised AML/CTF training to help Australian firms prepare for Tranche 2. Try it here.

 

Don’t miss our free webinar, Preparing for Tranche 2: What Australia’s AML reforms mean for professionals. VinciWorks’ AML experts will break down what Tranche 2 means in practice, what lessons can be learned from the UK and Europe, and how you can prepare your firm before the laws take effect. Register here.