FAQs - Tranche 2 AML Compliance in Australia

This page answers the most common questions Australian businesses are asking about Tranche 2 AML/CTF reforms, including who is affected, what obligations apply, when compliance is required, and how to prepare. It is written in plain English and aligned with AUSTRAC’s AML/CTF reform framework.

Key Dates

Enrolment opens 31 March 2026

Obligations commence 1 July 2026

What is Tranche 2 AML/CTF compliance?

Tranche 2 refers to the expansion of Australia’s Anti-Money Laundering and Counter-Terrorism Financing (AML/CTF) regime to cover designated non-financial businesses and professions (DNFBPs).

Under the AML/CTF Amendment Act 2024, these businesses will become reporting entities for the first time and must comply with AUSTRAC’s AML/CTF obligations.

When do Tranche 2 AML/CTF obligations start?

The key dates under the Tranche 2 reforms are:

31 March 2026 – Deadline to enrol with AUSTRAC

1 July 2026 – AML/CTF obligations formally commence

From 1 July 2026, Tranche 2 entities must have a compliant AML/CTF program in place and be actively meeting their obligations.

Who is affected by Tranche 2 AML/CTF laws?

Tranche 2 obligations apply to businesses that provide certain designated services, including:

Real estate agents and agencies
Law firms (when performing specified transactional services)
Accounting firms
Trust and company service providers
Dealers in precious metals and stones
Other professional service providers captured under the reforms

If your business handles client funds, facilitates property transactions, sets up legal structures, or manages assets on behalf of clients, you are likely affected.

What is a “designated service” under Tranche 2?

A designated service is a specific activity defined in the AML/CTF Act that triggers compliance obligations.

Common examples include:

Buying or selling real estate on behalf of a client
Managing trust accounts or client monies
Creating, administering, or managing companies or trusts
Acting as a nominee director or shareholder
Buying or selling precious metals, stones, or high-value items

Providing even one designated service means your business must comply with AML/CTF requirements.

Do sole practitioners need to comply with Tranche 2?

Yes. Sole practitioners and small firms are not exempt.

If you provide a designated service, you must:

Enrol with AUSTRAC
Implement an AML/CTF program
Conduct customer due diligence (KYC)
Monitor customer activity and report suspicious matters

Business size does not remove AML/CTF obligations.

What are the main AML/CTF obligations under Tranche 2?

Tranche 2 reporting entities must:

Enrol with AUSTRAC
Develop and maintain an AML/CTF Program
Conduct customer due diligence (CDD / KYC)
Identify and verify beneficial owners
Assess and manage money laundering and terrorism financing risk
Submit Suspicious Matter Reports (SMRs)
Maintain AML/CTF records
Provide AML/CTF training to staff
Undertake independent AML/CTF reviews

What is an AML/CTF Program?

An AML/CTF Program is a documented framework that explains how your business:

Identifies and assesses ML/TF risk
Applies customer due diligence
Monitors customer activity and transactions
Escalates and reports suspicious behaviour
Manages AML/CTF governance and oversight

The program must be risk-based and tailored to your specific business model.

What does customer due diligence (CDD / KYC) involve?

Customer due diligence typically includes:

Identifying the customer
Verifying identity using reliable, independent sources
Identifying beneficial owners and controllers
Understanding the purpose and nature of the business relationship
Ongoing monitoring of customer activity
Higher-risk customers require enhanced customer due diligence (ECDD).

How long does it take to become AML/CTF compliant?

Timeframes vary depending on business complexity, but many Tranche 2 entities underestimate the effort required.

Typical preparation timelines include:

AML/CTF risk assessment: 2–4 weeks
AML/CTF program development: 3–6 weeks
Systems, training, and implementation: ongoing

Starting early reduces compliance risk and operational disruption.

Can AML/CTF compliance be outsourced?

Yes. Many Tranche 2 businesses choose to outsource AML/CTF operations, including:

Customer onboarding and KYC
Ongoing due diligence and screening
Risk assessments and monitoring
Regulatory reporting support

Outsourcing does not remove legal responsibility, but it can significantly reduce internal workload and compliance risk.

If you'd like to discuss AML compliance with the experts, click here

FAQs - Tranche 2 AML Compliance in Australia

Key Dates

What is Tranche 2 AML/CTF compliance?

When do Tranche 2 AML/CTF obligations start?

The key dates under the Tranche 2 reforms are:

31 March 2026 – Deadline to enrol with AUSTRAC

1 July 2026 – AML/CTF obligations formally commence

From 1 July 2026, Tranche 2 entities must have a compliant AML/CTF program in place and be actively meeting their obligations.

Who is affected by Tranche 2 AML/CTF laws?

Tranche 2 obligations apply to businesses that provide certain designated services, including:

Real estate agents and agencies

Law firms (when performing specified transactional services)

Accounting firms

Trust and company service providers

Dealers in precious metals and stones

Other professional service providers captured under the reforms

If your business handles client funds, facilitates property transactions, sets up legal structures, or manages assets on behalf of clients, you are likely affected.

What is a “designated service” under Tranche 2?

A designated service is a specific activity defined in the AML/CTF Act that triggers compliance obligations. Common examples include:

Buying or selling real estate on behalf of a client

Managing trust accounts or client monies

Creating, administering, or managing companies or trusts

Acting as a nominee director or shareholder

Buying or selling precious metals, stones, or high-value items

Providing even one designated service means your business must comply with AML/CTF requirements.

Do sole practitioners need to comply with Tranche 2?

Yes. Sole practitioners and small firms are not exempt. If you provide a designated service, you must:

Enrol with AUSTRAC

Implement an AML/CTF program

Conduct customer due diligence (KYC)

Monitor customer activity and report suspicious matters

Business size does not remove AML/CTF obligations.

What are the main AML/CTF obligations under Tranche 2?

Tranche 2 reporting entities must:

Enrol with AUSTRAC

Develop and maintain an AML/CTF Program

Conduct customer due diligence (CDD / KYC)

Identify and verify beneficial owners

Assess and manage money laundering and terrorism financing risk

Submit Suspicious Matter Reports (SMRs)

Maintain AML/CTF records

Provide AML/CTF training to staff

Undertake independent AML/CTF reviews

What is an AML/CTF Program?

An AML/CTF Program is a documented framework that explains how your business:

Identifies and assesses ML/TF risk

Applies customer due diligence

Monitors customer activity and transactions

Escalates and reports suspicious behaviour

Manages AML/CTF governance and oversight

The program must be risk-based and tailored to your specific business model.

What does customer due diligence (CDD / KYC) involve?

Customer due diligence typically includes:

Identifying the customer

Verifying identity using reliable, independent sources

Identifying beneficial owners and controllers

Understanding the purpose and nature of the business relationship

Ongoing monitoring of customer activity

Higher-risk customers require enhanced customer due diligence (ECDD).

How long does it take to become AML/CTF compliant?

Timeframes vary depending on business complexity, but many Tranche 2 entities underestimate the effort required. Typical preparation timelines include:

AML/CTF risk assessment: 2–4 weeks

AML/CTF program development: 3–6 weeks

Systems, training, and implementation: ongoing

Starting early reduces compliance risk and operational disruption.

Can AML/CTF compliance be outsourced?

A designated service is a specific activity defined in the AML/CTF Act that triggers compliance obligations.

Common examples include:

Yes. Sole practitioners and small firms are not exempt.

If you provide a designated service, you must:

Timeframes vary depending on business complexity, but many Tranche 2 entities underestimate the effort required.

Typical preparation timelines include: