We just hosted a webinar exploring the upcoming Tranche 2 Anti-Money Laundering (AML) and Counter-Terrorism Financing (CTF) reforms, and what they mean for professional services in Australia. With changes due to take effect on 1 July 2026, law firms, accountants, real estate agents, and other sectors are now preparing to operate under a new compliance framework.
The session highlighted why these reforms are necessary and how they connect to broader global standards. AML/CTF laws exist to prevent serious crimes such as child exploitation, human trafficking, and terrorism financing. In Australia, AUSTRAC is the regulator responsible for collecting and analysing suspicious activity reports, working with both local and international authorities to disrupt criminal networks. Until now, Australia has been behind the curve, ranked poorly by the Financial Action Task Force for its compliance efforts. Tranche 2 will bring approximately 90,000 new businesses into the fold, aligning our systems more closely with global expectations.
One of the main takeaways from the webinar was the importance of learning from other countries that have already been through this transition. New Zealand, the UK, and parts of Europe faced delays and disruptions when their AML/CTF obligations were expanded. The message for Australian businesses is clear: start preparing early. Firms should begin with a risk-based approach, focusing first on high-risk customers and services, and ensuring processes are well documented.
Our speakers also shared a practical roadmap to compliance. The process starts with stakeholder education, understanding the exact scope of the obligations and determining whether your business is a reporting entity.
Next comes evaluation, where you conduct a gap analysis and assess risk. From there, businesses should establish an AML/CTF program tailored to their operations rather than relying on generic templates.
By March 2026, reporting entities must enrol with AUSTRAC and begin delivering staff training across all levels.
Finally, from 1 July 2026, the obligations become enforceable, including an obligation to conduct customer due diligence, suspicious matter reporting, and ongoing compliance activities.
Naturally, there are concerns about costs and the impact on client onboarding. The good news is that modern tools can streamline the process, in most cases, adding only one or two extra steps if implemented properly. Verification checks in most cases also cost less than people realize (between $5 and $50), and in many industries these costs can be passed directly on to clients. Engaging external advisors can also reduce the opportunity cost of building overly onerous compliance programs in-house, particularly in high value professional services environments.
Another important theme was the connection between AML/CTF and data governance. Businesses must balance collecting enough data to satisfy regulations with the need to protect sensitive client information. Storing excessive personal data not only creates compliance headaches but also increases the risk of breaches. Training and awareness across the organisation remain essential, as human error, such as phishing attacks, continues to be a common vulnerability. Also, using multiple tech providers and getting them all to work together, multiplies the data governance risk profile.
The overarching message is that Tranche 2 compliance is not optional, but it need not be a burden. By starting early, tailoring compliance programs to their business, and engaging with AUSTRAC for support, firms can turn this challenge into an opportunity. Done well, compliance can become a competitive advantage, streamlining onboarding, strengthening reputation, and building greater trust with clients.
