Expanded scope of the Anti-Money Laundering / Counter Terrorism Financing law (AML/CTF) comes to fruition

The AML/CTF Act places specific obligations on designated service providers in an effort to counter money laundering and the financing of terrorism. Recent amendments to the Act will expand the range of service providers captured by its requirements and introduces other changes as well.

Here we discuss who may be affected by those changes and actions they will need to take.

The legislation and how we’ll (mostly) refer to it here

• The Anti-Money Laundering and Counter Terrorism Financing Act 2006 (Cth): the Act

• Amendments to the Act: the Amendment Act

• The Anti-Money Laundering and Counter Terrorism Financing Rules 2007 (No.1): the Rules

Along with other associated regulations, the above are collectively known as the Regime.

From 31 March 2026, the new services and entities (‘Tranche 2 Entities’) to come within the ambit of the Regime include:

• real estate professionals

• dealers in precious metals and stones

• professional services providers such as accountants, lawyers, conveyancers and trust and company service providers.

What does the Regime currently cover?

The Australian Transaction Reports and Analysis Centre, or AUSTRAC, regulates certain types of activities in the financial, bullion, gambling and digital currency exchange industries that have been identified as high-risk sectors for money laundering and terrorism financing. The Act calls these designated services.

Providers of designated services with a geographical link to Australia are reporting entities and have obligations under the Act, including to report suspicious matters and certain transactions above a threshold to AUSTRAC.

Objects of the Amendment Act

There are three main objects of the Amendment Act:

• expand the scope of the AML/CMF Act to cover specified high-risk services and Tranche 2 Entities not covered previously by the Act

• simplify the Regime to improve effectiveness and provide clarity for compliance

• update the Regime to reflect current technologies, business structures and illegal financing methods.

Key changes to the Regime – and some things that remain unchanged

Key reforms in the Amendment Act include:

1. Extension of the Regime to cover Tranche 2 Entities (aka ‘gatekeeper’ professionals)

These Tranche 2 Entities are professions globally recognised as high-risk for money laundering exploitation. In 2024 AUSTRAC found that gaps in regulation of Tranche 2 Entities is a key national vulnerability in the Regime.[1] 

For newly regulated Tranche 2 Entities, the core reporting obligations with AUSTRAC will be to:

• enrol and in some circumstances register with AUSTRAC

• develop and maintain an AML/CTF program tailored to their business

• conduct customer due diligence

• report certain transactions and suspicious activity (for example, threshold transaction reports for physical transactions of $AUD10,000 or more)

• make and keep certain records for at least seven years and ensure they are available to law enforcement.

2. Legal professional privilege

The reforms preserve the common law doctrine of legal professional privilege (LPP) and statutory client privileges in the Evidence Act 1995 (Cth). 

The Amendment Act makes it clear that the AML/CTF Act does not affect a person’s right to LPP if the information would be privileged from being given or produced on that basis.

3. Reporting group concept

The Amendment Act replaces the current concept of a designated business group with a reporting group structure. A reporting group may be formed when at least one member of a business group provides designated services and will include one or more reporting entities with shared risk management and compliance arrangements. Such groups will be able to implement group-wide AML/CTF programs, simplifying their compliance requirements.

The Amendment Act also amends the definition of a reporting entity to include a lead entity of a reporting group. Lead entities will be responsible for overseeing implementation of AML/CTF obligations for their reporting group. 

4. Risk assessments, policies and compliance officer

New requirements will apply to all reporting entities:

• Money laundering, terrorism financing and proliferation financing (ML/TF/PF) risk assessments: Reporting entities must undertake risk assessments relating to money laundering, terrorism financing and proliferation financing by reviewing what these risks are within their business

• AML/CTF program: Reporting entities must have (and must comply with) an AML/CTF program. A program should set out how the business will identify and assess the money laundering and terrorism financing risks it faces and the controls it will put in place to manage them

• AML/CTF policies: Reporting entities must implement AML/CTF policies (and procedures, systems and controls) to mitigate risk and ensure they comply with its obligations

• AML/CTF compliance officer: The compliance officer must be a ‘fit and proper person’ and is responsible for overseeing the operational management for an entity relevant to AML/CTF compliance.

5. Customer due diligence requirements

Customer due diligence (CDD) is one of the key ways reporting entities can understand who their customers are, and the ML/TF/PF risks associated with providing services to them.

The reforms reframe and clarify reporting entities’ CDD obligations and required processes. They include measures targeted to the ML/TF risk of each customer rather than a blanket or general approach.

The CDD obligations include:

• Initial CDD: The ML/TF/PF risk of the customer must be identified at the start of the relationship based on the information reasonably available at the time

• Ongoing CDD: The reporting entity must monitor and manage ML/TF/PF risks throughout the relationship and apply ongoing CDD measures targeted to each customer.

Certain checks must also be applied to each customer for initial and ongoing CDD; for example, simplified CDD where the risk is low and enhanced CDD where the risk is high.

‘Pre-commencement’ customers must also be monitored for significant changes if a suspicious matter reporting obligation arises, or if the risk of the customer changes to medium or high. In either case, reporting entities are obliged to undertake initial CDD on the customer.

6. Virtual assets

The Regime will be extended to include virtual asset-related services. 

Under the Regime, a virtual asset is now defined as a digital representation of value that:

• can be transferred, stored or traded electronically

• functions as a medium of exchange, a store of economic value, a unit of account or an investment; and

• is not issued by or under the authority of a government body.

This definition will capture cryptocurrencies. It does not include common digital representations of value, such as money or customer loyalty or reward points (for example FlyBuys).

7. Repeal of the Financial Transaction Reports Act 1988 (Cth)

The Amendment Act repeals the Financial Transactions Report Act 1988 (Cth) entirely to streamline AML/CTF obligations.

8. Transitional rules

Finally, the changes will allow the Minister to make transitional rules within four years of commencement of these reforms to address any issues that arise within that time. 

Next steps

The changes will undoubtedly impose a regulatory burden, especially on Tranche 2 Entities and small businesses.

AUSTRAC will issue further guidance to help businesses understand their changed obligations. If your business will be regulated by the changes, we recommend familiarising yourself with them and seeking assistance with understanding your obligations.

Authors: Rebecca Hegarty and Isabella Costa

 

This publication is intended as a source of information only. No reader should act on any matter without first obtaining professional advice.