Skip to main content
search

What you need to know about AUSTRAC’s Tranche 2

From 1 July 2026, Anti-Money Laundering (AML) and Counter-Terrorism Financing (CTF) regulation extends to over 100,000 small to medium businesses in Australia. We have collected all you need to know – so you don’t have to worry.

Australia’s anti-money laundering laws are expanding. If you work in real estate, conveyancing, accounting, legal or virtual asset services, you may be subject to new AML/CTF compliance obligations known as Tranche 2.

What is Tranche 2 and AML/CTF?

Tranche 2 refers to the expansion of Australia’s Anti-Money Laundering and Counter-Terrorism Financing (AML/CTF) act to include additional professions and industries. It brings more professions under AUSTRAC regulation to detect and prevent financial crime.

It requires businesses and professionals to verify customer identities, monitor transactions and report suspicious activity to AUSTRAC.

Who needs to comply with Tranche 2?

Real estate agents (including buyer’s agents and property developers)
Conveyancers
Accountants and tax agents
Lawyers
Virtual asset-related services
Other service providers offering designated services

If you handle client funds, large transactions or high-risk financial activity, these rules will likely apply to you. If you’re unsure if these rules apply to you, use AUSTRAC’s online check to learn more.

When does Tranche 2 come into effect?

The legislation has passed, and the rules around Tranche 2 AML compliance are being finalised.

Enrolment opens 31 March 2026.
Full compliance will be required from 1 July 2026.

What is required under Tranche 2?

What obligations do you have if you’re affected? Together, these obligations are designed to ensure Tranche 2 businesses know their customers, understand and manage their ML/TF risks, and can demonstrate to AUSTRAC, with evidence that they are preventing their services from being misused.

From commencement, any business that provides a captured “designated service” with an Australian link must check if you are in scope and enrol/register with AUSTRAC. Confirm which of your activities are designated services (e.g., property broking, professional services, TCSP work, high‑value cash/crypto sales, gaming, virtual‑asset or payment services) and keep details up to date.

  • Train staff and maintain governance: Appoint an AML/CTF compliance officer, ensure the board/partners are accountable for oversight, and provide regular, role‑appropriate AML/CTF training so frontline staff understand red flags and procedures.
  • Review and improve your program: Periodically review and, where required, independently assess the effectiveness of your AML/CTF program, updating it as AUSTRAC’s rules, typologies and your business model evolve.

Together, these obligations are designed to ensure Tranche 2 businesses know their customers, understand and manage their ML/TF risks, and can demonstrate to AUSTRAC, with evidence that they are preventing their services from being misused.

  • Assess your money‑laundering and terrorism‑financing (ML/TF) risks: Conduct a documented, business‑wide ML/TF risk assessment covering your services, clients, products, channels and geographies; use AUSTRAC’s sector guidance and starter kits where available
  • Establish and maintain an AML/CTF program: Implement a written, risk‑based program approved by senior management that sets out governance, risk assessment, customer due diligence, ongoing monitoring, reporting, record‑keeping and staff training arrangements (Part A and Part B where relevant).
  • Carry out customer due diligence (CDD) and enhanced CDD (ECDD): Identify and verify customers and beneficial owners before or at the time of providing designated services, understand the purpose and nature of the relationship, and apply additional checks for higher‑risk situations (for example PEPs, high‑risk countries, complex or opaque structures, unusual transactions).
  • Keep records: Make and retain records of CDD, transactions, risk assessments, program documents, training and AUSTRAC reports for at least 7 years, in a form that can be produced promptly on request.
  • Monitor customers and transactions on an ongoing basis: Monitor business relationships and transaction activity to detect unusual or suspicious patterns, update risk ratings when circumstances change, and use that monitoring to decide when to apply ECDD or exit relationships.
  • Report to AUSTRAC: Lodge suspicious matter reports (SMRs) when you suspect a person or transaction may be linked to crime or terrorism financing, and submit any other required reports (for example threshold transactions, international funds transfers or sector‑specific returns) within statutory timeframes.

What are the consequences of non-compliance?

AUSTRAC can issue remedial directions, infringement notices, accept enforceable undertakings, and apply to the Federal Court for civil penalty orders. In serious cases, it can suspend or cancel registrations, require external audits or risk assessments, and refer matters for criminal investigation.

For serious contraventions, the Federal Court can impose up to 100,000 penalty units on a body corporate and up to 20,000 penalty units on an individual. With the current penalty‑unit value at A$313, this equates to up to about A$31.3 million for corporations and A$6.26 million for individuals per contravention.

How much will Tranche 2 compliance cost?

What obligations do you have if you’re affected?

Without AML Smart Guard

According to the RIS by the Attorney General’s Department, the average ongoing cost per business is $23,250 per year. Costs will vary from business to business and may include:

Administration time and lost productivity
Software fees, including KYC/KYB tools
Professional consultation and services fees
Staff training and appointment of AML/CTF compliance officer
Policy and AML/CTF program drafting by legal experts

With AML Smart Guard

Pricing starts at $349 / mth for small teams ~5 people

All-in-one platform enabling comprehensive Tranche 2 compliance
Step-by-step guidance & support for compliance officers (ask us about a service to fill any compliance void)
Australian & offshore experts to support all of your queries
Program design and platform enablement within 48 hours
Tranche 2 specific workflows to minimise administration & maximise ease of compliance.
Get Started

Frequently

asked questions

Can’t find the answer that you’re looking for? Get in touch with us.

AML Smart Guard offers local expertise and a fully managed AML as a service including an end‑to‑end Tranche 2 platform and risk operations not just a point tool or a one‑off consulting project.

Key differences:

  • Truly End-to-End:  We deliver an holistic, integrated service. We combine AML/CTF Program development, AUSTRAC-aligned eLearning, customer risk assessment and identity verification, sanctions and PEP screening, transaction monitoring, enhanced due diligence operational and reporting support – all in one integrated solution incl. operational services for triage, and remediation support.   
  • Bank-Grade Controls without Bank-Level Complexity:  Our platform is powered by LexisNexis® Risk Solutions, a global leader in financial crime and identity technology. That means advanced identity verification, data matching and transaction monitoring, delivering “bank-style” oversight without the associated cost or infrastructure burden. 
  • Your Full-Service Compliance Partner:  We won’t disappear after implementation.  Our AML/CTF experts and operations team will support you with alert triage, reporting guidance and ongoing program refinement, helping you stay in control and aligned as AUSTRAC expectations evolve. 
  • Designed for Tranche 2: Our workflows, templates and risk models are built specifically for property & real estate, legal & advisory, accounting & corp services, funds & trustees, high‑value dealers, pubs & clubs, and digital‑asset/payment firms, mapped directly to AUSTRAC’s new guidance.
     

Look for a solution that helps deliver your end-to-end AML / KYC compliance requirements every day – not one that just ticks a box. Essentials include.

1. AUSTRAC alignment, not generic templates

Your AML/KYC Program, policies and procedures should map to the AML/CTF Act, Rules and sector-specific guidance with language and workflows tailored to reflect how your industry and business operates, and the designated services you provide.

2. End-to-End Coverage

Your AML platform and solution must cover the full compliance lifecycle: risk assessment, program setup, CDD and EDD, transaction monitoring, record-keeping and reporting — not just ID checks or screening.  Some solutions do not offer ongoing transaction monitoring which could present a compliance gap and result in fines or other regulator action.  

3. Risk-Based and Configurable

You should be able to tailor risk ratings, red flags and workflows to your industry, services, customer types and jurisdictions in line with your own ML/TF policies and risk assessment.  

4. Embedded in Your Workflow

Strong integration with your CRM, practice management or transaction systems ensures AML steps sit inside normal operations without double handling or re-keying.

5. Audit-Ready by Design

The system should automatically capture and store actions, decisions, retain records for at least seven years and generate regulator-ready reports if AUSTRAC reviews you.

6. Ongoing Local Support

AML obligations are complex and will continue to evolve. Select a provider with Australian expertise who can help you update your AML program and setting, refine controls and respond confidently to regulatory change.

7. Scalable, Transparent Pricing

Look for predictable subscription pricing that scales with your business.  If considering transaction-based pricing, ensure to assess and understand your anticipated screening and transaction volumes as these models can become very expensive e.g., one property sale will usually attract 4 x KYC screens, 2 per vendor and 2 per purchaser (property held in joint names).  Also, be aware of any up-front and one-off charges.  

AML Smart Guard is not just a technology platform, we are a full-service AML compliance partner. Our pricing is structured as a simple, scalable monthly subscription that integrates expert advisory, practical implementation, enterprise-grade technology and ongoing compliance support into one predictable cost. No compliance gaps. No upfront fees. No surprise charges.

  • Check out our “Pricing” and ask for a “Free Demo” to appreciate more about how AML Smart Guard can serve your needs and solve your problems.
  • Contact our sales/support teams directly and ask about evaluation access, pilot programs or proof‑of‑concept options for bespoke services.

From simple data capture via your Client Portal, your customers will receive an email / SMS link to complete a simple 60 second ID verification process through IDVerse.

With a consumer friendly approach, IDVerse helps reduce application times, catch fraud attempts early, save money, ensure compliance and minimise reputational risk, without compromising on user experience.

AML Smart Guard handles the rest.

Let us worry about AML compliance while you focus on your business.

Get Started
Get in touch

Compliance as a Service. Our in-house experts manage every aspect of compliance, from KYC and ECDD to regulatory reporting.

© 2026 AML Smart Guard. All rights reserved.

Close Menu