Legal Profession
Industry-specific AML/CTF compliance guide for legal professionals — designated services, Legal Professional Privilege, mixed practices, and risk factors.
This guide covers the AML/CTF obligations specific to legal practitioners under AUSTRAC Tranche 2. Read this alongside the general AML/CTF guide for the shared compliance framework.
Why the legal profession is regulated
Legal professionals are regulated as gatekeeper professions because they:
- Create and manage complex legal structures — trusts, companies, and partnerships that can be used to obscure the ownership and origins of funds
- Facilitate significant transactions — property purchases, commercial deals, and cross-border arrangements involving large sums
- Hold funds in trust accounts — client trust accounts can be used to layer illicit funds through the financial system
- Provide conveyancing services — facilitating property transfers, a known ML/TF channel
Who is covered?
This framework applies to legal practitioners — solicitors and barristers who hold a current legal practising certificate — when they provide designated services.
Important distinction: If you are a conveyancer without a legal practising certificate, you must use the Conveyancers guide instead. AUSTRAC applies different requirements to lawyer-conveyancers and non-lawyer conveyancers.
During Verifia onboarding, if you select "Conveyancer" as your industry, the system asks whether you hold a legal practising certificate:
- Yes — you are routed to the Legal Profession compliance framework (this guide)
- No — you continue with the Conveyancer framework
Your designated services
Legal practitioners may provide several categories of designated services:
Conveyancing services
- Assisting in the planning or execution of buying, selling, or transferring real estate
- Same activities as non-lawyer conveyancers, but governed by the Legal Profession compliance framework (including LPP obligations)
Trust and company services
- Establishing, managing, or administering trusts and other legal arrangements
- Creating or managing companies, partnerships, or other bodies corporate
- Acting as, or arranging for a person to act as, a trustee, nominee director, company secretary, or nominee shareholder
- Providing a registered office or business address for a company
Other designated services
- Acting as, or arranging for a person to act as, a nominee in relation to securities or other property
- Managing client funds or assets (other than through a solicitor's trust account in the ordinary course of legal practice)
What is NOT a designated service
General legal advice, litigation, dispute resolution, and other legal services that do not involve the specific activities listed above are not designated services and do not trigger AML/CTF obligations. Only the activities specifically listed in the AML/CTF Act are regulated.
Legal Professional Privilege (LPP)
LPP is the most significant difference between legal practitioners and all other Tranche 2 industries. It affects how you report to AUSTRAC, but it does not remove your obligation to report.
What is LPP?
Legal Professional Privilege protects confidential communications between lawyers and their clients made for the dominant purpose of giving or obtaining legal advice, or for use in connection with existing or anticipated legal proceedings.
How LPP affects your reporting obligations
LPP does not exempt you from filing reports with AUSTRAC. However, it does prevent you from including privileged information in those reports. Before submitting any report to AUSTRAC (SMR, TTR, or other), you must:
- Conduct an LPP assessment — review each piece of information in the proposed report and determine whether it is protected by LPP
- Identify privileged information — flag any information that was communicated for the dominant purpose of giving or obtaining legal advice
- Redact privileged information — remove privileged content from the version submitted to AUSTRAC
- Retain both versions — keep the full internal record (including privileged information) and the redacted AUSTRAC version in your compliance vault
LPP workflow in Verifia
When a legal profession organisation creates an SMR or TTR:
- Verifia automatically inserts an LPP Assessment step before submission
- For each section of the report, the Compliance Officer determines:
- Not subject to LPP — information is included in the AUSTRAC submission
- Subject to LPP — information is redacted, with the basis for the privilege claim documented
- Verifia generates two versions:
- Internal version — complete record stored in the compliance vault (access-restricted)
- AUSTRAC version — redacted version with privileged information removed
- The LPP assessment itself is recorded as part of the audit trail
If the Compliance Officer determines that no information in the report is subject to LPP, they can certify this with a single attestation and proceed without line-by-line assessment.
Key LPP principles
- LPP applies to communications, not to underlying facts. The fact that a transaction occurred is generally not privileged, even if your legal advice about that transaction is.
- LPP does not apply to communications made for a criminal or fraudulent purpose (the "crime-fraud exception"). If you suspect a client is seeking legal advice to facilitate money laundering, that communication may not be privileged.
- When in doubt, seek independent legal advice about the scope of privilege before filing the report. The deadline for filing (3 business days for SMR, 10 business days for TTR) still applies.
Mixed practice support
Many legal practices provide multiple categories of designated services — for example, both conveyancing and trust/company services. AUSTRAC requires businesses with materially different service categories to consider the different risk profiles of each.
How Verifia handles mixed practices
During onboarding, Verifia asks: "Does your practice provide conveyancing services, other professional services (trust/company services), or both?"
If you select both:
- Verifia creates two separate risk assessments:
- One for conveyancing services — focused on property transaction risks
- One for trust and company services — focused on structure creation and administration risks
- Each assessment has its own industry-tailored questionnaire
- Your AML/CTF program references both assessments and addresses the different risk profiles
- Your compliance health score tracks both assessments independently
- When creating a KYC case, you link it to the relevant service category
This ensures your compliance program accurately reflects the materially different risk profiles of your service categories.
Risk factors specific to legal profession
Verifia pre-loads industry-specific risk factors based on AUSTRAC guidance and FATF typologies for legal professionals.
High-risk indicators
| Factor | Description |
|---|---|
| Large physical currency in trust account | Significant cash amounts ($50,000+) deposited to or withdrawn from your trust account |
| Virtual asset involvement | Cryptocurrency involved in a transaction you are facilitating |
| Complex multi-layered structures | Multiple entities created or managed with no clear commercial rationale for the complexity |
| FATF high-risk jurisdiction | Client or transaction connected to a jurisdiction identified as high risk |
| PEP involvement | Client is a Politically Exposed Person, or a close associate or family member of a PEP |
| Unexplained wealth | Client's assets are significantly inconsistent with their known legitimate income |
| Nominee arrangements without clear purpose | Client requests nominee directors, shareholders, or trustees without a clear commercial reason |
Medium-risk indicators
| Factor | Description |
|---|---|
| High-value conveyancing without mortgage | Property over $1.5M purchased without external financing |
| International transaction facilitation | Cross-border legal arrangements, especially involving jurisdictions with weak AML controls |
| Newly formed entity with no history | Company or trust recently established with no trading history or apparent business activity |
| Non-face-to-face client | Client you have never met in person |
| Unusual trust account activity | Funds passing through your trust account with no clear connection to a legal matter |
Suspicious behaviour to watch for
- Client asks you to hold funds in your trust account without a clear legal purpose or for an extended period
- Client wants to structure a transaction in an unnecessarily complex way without clear commercial rationale
- Client is reluctant to provide source of funds or identity information
- Instructions change frequently or are contradictory without reasonable explanation
- Client is overly concerned about confidentiality beyond normal professional expectations
- Transaction involves jurisdictions with no apparent connection to the client's business or personal circumstances
- Client asks you to act outside your usual area of practice — this may indicate "lawyer shopping"
- Funds arrive from unexpected third parties or jurisdictions not connected to the matter
- Client wants to create structures that seem designed to obscure ownership rather than serve a commercial purpose
- Client mentions that other professionals have declined to act for them
Example scenarios
Scenario 1: Standard conveyancing transaction
A client engages you to handle the purchase of a $750,000 residential property, funded by a bank mortgage.
- CDD: Standard CDD — verify client identity, assess risk. Low risk (standard residential purchase, bank-funded, local individual client).
- Designated service: Conveyancing. Proceed with the matter.
- Settlement: Funds come from the bank and the client's electronic deposit. No physical currency involved. Complete the transaction.
- Records: Archive all conveyancing documents, CDD records, and engagement letter in the compliance vault.
Scenario 2: Trust establishment with complex structure
A client wants to establish a discretionary family trust with a corporate trustee. The trust will hold three investment properties valued at $4.5M in total.
- CDD: Enhanced CDD triggered — complex structure, high aggregate value.
- UBO analysis: Identify all relevant parties: appointor, settlor, trustee company directors and shareholders, and nominated beneficiaries (or classes of beneficiaries).
- ECDD requirements: Source of funds (how will the trust acquire the properties?), source of wealth for the settlor and appointor, adverse media screening, senior manager approval.
- Ongoing monitoring: Schedule annual CDD reviews (enhanced tier). Monitor for changes in trust deed, beneficiaries, or trustee directors.
Scenario 3: SMR filing with LPP consideration
During a commercial transaction, you notice funds arriving from a jurisdiction known for corruption. You form a suspicion that the funds may be proceeds of crime.
- SMR obligation: You must file an SMR within 3 business days of forming the suspicion.
- LPP assessment: Before drafting the report, conduct the LPP assessment in Verifia.
- Privileged information: Your legal advice to the client about the transaction structure is privileged — mark it for redaction.
- Non-privileged facts: The transaction details, fund sources, jurisdictional connections, and the factual basis for your suspicion are generally not privileged — include them in the report.
- File the report: Submit the redacted version to AUSTRAC. The full version is stored securely in your vault.
- Tipping-off: Do not inform the client or any other person that an SMR has been filed.
Scenario 4: Mixed practice — dual risk assessment
Your firm provides both conveyancing and commercial law services (company formation, trust administration).
- Onboarding: Select "Both" when asked about your service categories in Verifia.
- Risk Assessment 1 (Conveyancing): Complete the conveyancing-focused assessment — property types and values, cash exposure, geographic risk from buyers/sellers.
- Risk Assessment 2 (Trust/Company Services): Complete the professional services assessment — entity types you create, structure complexity, international elements, nominee arrangements.
- AML/CTF Program: Your generated program addresses both service categories with appropriate controls for each risk profile.
- Day-to-day: When creating a KYC case, link it to the relevant service category. CDD requirements and risk factors may differ between categories.
Key Verifia features for legal professionals
| Feature | How it helps |
|---|---|
| LPP assessment workflow | Guided privilege assessment automatically inserted before every AUSTRAC report submission |
| Mixed practice support | Separate risk assessments and CDD workflows for different service categories |
| Trust deed AI parsing | Automated identification of parties (settlor, trustee, beneficiaries, appointor) from uploaded trust deeds |
| ASIC company lookup | Look up company structures, directors, and shareholders by ACN for UBO analysis |
| Compliance vault with privilege controls | Separate, access-controlled storage for privileged and non-privileged records |
| Conveyancing CDD | Property-specific risk factors and dual-party support for conveyancing matters |
Real Estate
Industry-specific AML/CTF compliance guide for real estate agents and developers — designated services, dual-party CDD, auctions, property developers, and risk factors.
Accounting
Industry-specific AML/CTF compliance guide for accounting professionals — designated services, trust and company service provider obligations, risk factors, and practical scenarios.