Book an intro

Australia’s AML shake-up starts today: many professional services firms now face new legal compliance obligations

Today marks one of the biggest changes to Australia’s financial crime framework in nearly two decades.

From 1 July 2026, Australia’s long-awaited Tranche 2 AML/CTF reforms are officially in force, dramatically expanding the scope of the country’s AML regime to thousands of businesses that have never before been regulated by AUSTRAC.

For the first time, many businesses operating in the legal, accounting, real estate, conveyancing, trust and company services, and precious stones and metals sectors are now legally required to identify and verify their customers, assess money laundering risks, maintain AML/CTF compliance programs and report suspicious activity to AUSTRAC.

The reforms close a long-criticised regulatory gap that had left Australia behind many comparable jurisdictions, particularly in sectors that criminals have increasingly used to disguise illicit wealth.

For affected organisations, this is no longer about preparing for change. The laws are now in force, and compliance expectations begin today.

A new era for professional services

The reforms significantly expand Australia’s AML/CTF regime. Many professional services businesses that provide designated services are now considered reporting entities under the AML/CTF Act. This includes firms involved in activities such as establishing companies or trusts, assisting with business sales, providing certain legal or accounting services, facilitating property transactions, or offering trust and company services.

For the real estate sector, the changes represent a permanent shift in how transactions are conducted. Real estate agents are now legally required to take reasonable steps to identify and verify buyers and sellers before providing designated services. Depending on the transaction, this may include obtaining government-issued identification, understanding the source of funds or wealth, identifying beneficial owners and determining whether clients are politically exposed persons or subject to financial sanctions.

Legal and accounting firms face similarly significant changes. Firms providing designated services must now complete customer due diligence before acting for clients, monitor ongoing business relationships where appropriate, report suspicious matters to AUSTRAC without tipping off clients and maintain comprehensive compliance records.

What should businesses do now?

Organisations captured by the reforms must implement a documented AML/CTF program, appoint a suitable AML/CTF compliance officer, conduct customer due diligence before providing designated services, establish appropriate record-keeping processes and meet ongoing reporting obligations, including submitting suspicious matter reports where required.

Perhaps most importantly, affected businesses must enrol with AUSTRAC.

While the legal obligations commence today, newly regulated reporting entities have until 29 July 2026 to complete enrolment with AUSTRAC. Businesses providing remittance or virtual asset designated services face additional registration requirements alongside enrolment.

AUSTRAC has made it clear that businesses continuing to provide designated services without enrolling risk enforcement action, with financial penalties potentially applying for each day a business remains unenrolled after the deadline.

Existing reporting entities also face new obligations

The reforms are not limited to newly regulated sectors.

Businesses that were already regulated before 31 March 2026 are also operating under updated AML/CTF Rules. Existing reporting entities must ensure their systems, policies and AML/CTF programs reflect the revised requirements, update enrolment details where necessary and implement documented transition plans if additional work is required to achieve full compliance.

The updated framework also introduces revised reporting requirements, new threshold transaction and suspicious matter reporting forms, amendments to reporting group arrangements, changes to exemptions and expanded travel rule obligations for financial institutions, remitters and virtual asset service providers.

AUSTRAC signals compliance expectations

AUSTRAC has consistently emphasised that its initial approach will be pragmatic and proportionate while businesses transition into the new regime. But that is not exactly a grace period.

The regulator has invested heavily in education resources, webinars, starter kits and guidance to help businesses prepare over recent months. With the laws now in force, organisations are expected to actively manage their money laundering and terrorism financing risks while working towards full compliance.

Early signs suggest businesses are already beginning to meet their new reporting obligations. On the morning the reforms commenced, AUSTRAC confirmed it had already received its first suspicious matter report under the expanded regime.

The impact

The expansion reflects the Australian Government’s determination to prevent criminals from exploiting professional services to legitimise illicit funds.

AUSTRAC has previously estimated that more than $1 billion is laundered through Australian property each year, while financial crime more broadly costs the Australian economy tens of billions of dollars annually. Criminals frequently rely on complex company structures, trusts and professional intermediaries to conceal the origins of illicit wealth.

By extending AML/CTF obligations to sectors that routinely facilitate high-value transactions and corporate structures, regulators aim to identify suspicious activity earlier, strengthen customer transparency and make Australia a significantly more difficult environment for organised crime, terrorism financing and sanctions evasion.

It’s important to note that businesses should not assume they are outside the regime because they are not banks or financial institutions. Many firms will find that even providing a single designated service brings them within the scope of the legislation.

The first step is to determine whether your organisation provides designated services, confirm whether you are required to enrol with AUSTRAC, ensure your AML/CTF program is operational, train relevant staff and implement customer due diligence procedures before continuing to provide regulated services.

For organisations still catching up, the advice from regulators and industry alike has been to start now. The legal obligations have already commenced.

Try our AML (Tranche 2) onboarding workflows and training for Australia

Learn more here →