What is Tranche 2 AML/CTF?
An introduction to the AUSTRAC Tranche 2 AML/CTF reforms — what they are, who they affect, and why they matter for your business.
Background
Australia's Anti-Money Laundering and Counter-Terrorism Financing (AML/CTF) Act 2006 has regulated financial institutions — banks, remittance providers, and gambling services — since 2007. These are known as Tranche 1 reporting entities.
Tranche 2 extends AML/CTF obligations to a new set of industries — collectively known as gatekeeper professions or designated non-financial businesses and professions (DNFBPs). These are sectors that criminals commonly exploit to launder money or finance terrorism:
- Real Estate Professionals — agents brokering property sales and purchases, and developers selling their own properties
- Legal Practitioners — solicitors and barristers providing conveyancing, trust and company services, and other designated services
- Accountants — professionals providing trust and company formation, administration, and related financial structuring services
- Conveyancers — non-lawyer practitioners assisting with property transfers
- Dealers in Precious Metals, Stones and Jewellery — buying and selling gold, silver, platinum, gemstones, and jewellery products
Why these industries?
Real estate, professional services, and precious goods are attractive to criminals because they:
- Store and move value — property appreciates, gold retains value, and professional structures can move funds across borders
- Enable layering — complex trust and company structures can obscure the origin and ownership of funds
- Involve large cash transactions — physical currency can enter the financial system through property settlements, trust accounts, and precious goods purchases
- Provide legitimacy — using professional gatekeepers lends an appearance of legitimacy to transactions involving illicit funds
Australia's Tranche 2 reforms align with Financial Action Task Force (FATF) Recommendations 22 and 23, bringing the country in line with AML/CTF standards already adopted by the UK, EU, Canada, and New Zealand.
Key dates
| Milestone | Date |
|---|---|
| Legislation passed | 2025 |
| Compliance deadline — AML/CTF program must be in place | 1 July 2026 |
| First annual compliance report due | By 31 March 2027 (for the period 1 July – 31 December 2026) |
All regulated businesses must be registered with AUSTRAC and have a compliant AML/CTF program in place by 1 July 2026. AUSTRAC strongly recommends beginning preparations well in advance of this date.
What does compliance involve?
At a high level, every Tranche 2 business must:
- Register with AUSTRAC — enrol as a reporting entity before providing any designated services
- Identify your designated services — understand which of your business activities are regulated under the AML/CTF Act
- Appoint an AML/CTF Compliance Officer — designate a senior person to oversee your compliance program
- Conduct a risk assessment — assess your business's exposure to money laundering and terrorism financing (ML/TF) risks
- Develop an AML/CTF program — create and maintain a written compliance program that addresses:
- Your ML/TF risk assessment
- Customer identification and verification procedures
- Ongoing customer due diligence
- Transaction monitoring and reporting procedures
- Record-keeping and personnel obligations
- Perform Customer Due Diligence (CDD) — identify, verify, and risk-assess every customer before providing a designated service
- Monitor transactions — watch for suspicious activity, threshold transactions, and unusual patterns
- Submit reports to AUSTRAC — Suspicious Matter Reports (SMRs), Threshold Transaction Reports (TTRs), and annual compliance reports
- Train your personnel — ensure all staff understand their AML/CTF obligations and can recognise suspicious behaviour
- Keep records — retain compliance records for 7 years after the end of the business relationship
- Review and update — regularly review your program to ensure it remains current and effective
Penalties for non-compliance
AUSTRAC has significant enforcement powers. Penalties for non-compliance can include:
- Civil penalties of up to $18.78 million per contravention for bodies corporate (indexed annually)
- Criminal penalties including imprisonment for serious offences such as structuring transactions to avoid reporting obligations
- Enforceable undertakings requiring specific remedial actions
- Remedial directions to address compliance deficiencies
- Infringement notices for lower-level breaches
- Reputational damage from public enforcement actions and the AUSTRAC compliance register
AUSTRAC takes a risk-based approach to enforcement and will consider whether a business has made genuine efforts to comply.
How Verifia helps
Verifia is purpose-built for Tranche 2 businesses. Rather than adapting complex bank-grade compliance tools, Verifia provides a streamlined, industry-specific platform that:
- Follows AUSTRAC's 3-step framework — customise, use, and maintain your AML/CTF program
- Generates your AML/CTF program using AI, tailored to your industry, designated services, and risk profile
- Streamlines customer due diligence with integrated identity verification (DVS), risk scoring, and UBO analysis
- Monitors transactions with configurable rules designed for your industry
- Manages reporting with assisted SMR and TTR drafting and deadline tracking
- Maintains your compliance vault with tamper-evident, 7-year record retention and full audit trails
- Provides industry-specific guidance throughout every workflow — from onboarding to ongoing reviews
Continue to the next section to understand your specific obligations, or jump to your industry guide for sector-specific information: