AML Mate
All posts
General8 min read

AUSTRAC Just Sued Two Firms for Missing One Form. Tranche 2, Don't Be Next.

In December 2025, AUSTRAC launched civil penalty proceedings against Castra and Princeton for failing to lodge their annual compliance report. Here's exactly what the report is, when it's due, and how Tranche 2 entities can avoid the same fate.

2026-04-27· AML Mate Team

On 10 December 2025, AUSTRAC quietly filed something that should make every Tranche 2 business pay attention: civil penalty proceedings against two reporting entities — Castra Pty Ltd and Princeton Securities — for failing to lodge a single document.

Not a billion-dollar Westpac-style transaction monitoring failure. Not a casino scandal. Just one missing annual compliance report for the 2023 calendar year.

If you're an accountant, lawyer, real estate agent, or jeweller about to come under the AML/CTF regime on 1 July 2026, this is the canary in the coal mine. AUSTRAC isn't only chasing the big fish. They're enforcing the basics.

What Is the Annual Compliance Report?

The Annual Compliance Report (sometimes called the "compliance report" or "ACR") is a self-assessment that every AUSTRAC-registered reporting entity must lodge each calendar year.

It's not a financial report. It's a structured questionnaire about how your AML/CTF program operated during the previous year:

  • Did you have a documented AML/CTF program?
  • Did you conduct customer due diligence on new customers?
  • Did you provide AML/CTF training to staff?
  • Did you screen against sanctions lists?
  • Did you submit SMRs and TTRs on time?
  • Did your board or senior management oversee the program?

You lodge it through AUSTRAC Online. There's no fee. The report itself takes most small businesses 30–60 minutes to complete — if the underlying records exist.

That last part is what trips people up.

The Castra and Princeton Cases

According to AUSTRAC's December 2025 media release, both Castra and Princeton failed to lodge their compliance reports for the 2023 calendar year. The report for 2023 was due by 31 March 2024.

By the time AUSTRAC initiated proceedings, the reports were nearly two years overdue.

AUSTRAC didn't issue an infringement notice. It didn't send another reminder. It went straight to civil penalty proceedings in the Federal Court — seeking declarations and pecuniary penalties.

The lesson: a missing compliance report is, on its own, sufficient grounds for civil penalty action.

Why This Is the Most Common AUSTRAC Penalty

Look at AUSTRAC's enforcement history and a pattern emerges. Of the 14+ infringement notices issued in 2024, the most frequent triggers were:

  1. Late or missing annual compliance reports
  2. Late SMRs
  3. Failure to enrol when required

These are administrative failures, not sophisticated breaches. They happen because:

  • Nobody at the firm has the deadline in their calendar
  • The compliance officer leaves and nobody picks up the obligation
  • The firm thought it was exempt or "too small" to be regulated
  • The report was started but never submitted

For Tranche 2 entities, this risk is even higher. Most affected firms — sole-trader accountants, two-partner law firms, small real estate agencies — have never had a compliance officer, let alone a system for tracking AUSTRAC deadlines.

When Is Your First Compliance Report Due?

Here's where Tranche 2 entities need to pay attention to the timeline.

EventDate
Tranche 2 enrolment opens31 March 2026
AML/CTF obligations start1 July 2026
Registration deadline29 July 2026
First reporting period (partial year)1 July 2026 – 31 December 2026
First compliance report due31 March 2027

Your first compliance report only covers the partial year from 1 July to 31 December 2026 — but you still have to lodge it. And you can only answer "yes" to the questions if your underlying program, training, CDD, and reporting systems were operating during those six months.

If your AML/CTF program existed only on paper from 1 July 2026, the compliance report is going to expose that.

What AUSTRAC Actually Asks in the Report

The compliance report is a structured online form. Key sections include:

Governance and oversight

  • Name of your AML/CTF Compliance Officer
  • Whether your board or senior management approved the program
  • Whether you conducted an independent review

Customer due diligence

  • Number of new customers onboarded
  • Whether you applied risk-based CDD
  • Whether you conducted ongoing CDD on existing customers

Reporting

  • Number of SMRs lodged
  • Number of TTRs lodged
  • Number of IFTI/IVTS reports

Training and culture

  • Whether all relevant staff received AML/CTF training
  • Whether your program was tested

Risk and controls

  • Whether you have a documented ML/TF risk assessment
  • Whether transaction monitoring is in place

The trap: every "no" answer is a flag. AUSTRAC uses these reports to triage which entities get an audit, an information request, or — as Castra and Princeton learned — a court summons.

Three Ways to Miss the Deadline (and How to Avoid Them)

1. Nobody owns the calendar

Most Tranche 2 firms designate a partner or director as Compliance Officer because they have to, then never put the 31 March deadline anywhere. When that person goes on leave, retires, or changes roles, the deadline disappears with them.

Fix: Put the compliance report deadline into your firm calendar with a 60-day, 30-day, and 7-day reminder. AML Mate's compliance calendar does this automatically based on your enrolment date.

2. The records don't exist

You can't honestly answer the report if you don't know how many new customers you onboarded, whether they were screened, or whether staff completed training. Reconstructing 12 months of compliance records from scratch in March is painful.

Fix: Track CDD events, screenings, training completions, and SMR/TTR submissions in real time, not annually.

3. The report is started but never submitted

AUSTRAC Online lets you save a draft. Plenty of firms have a draft report sitting in the portal that was never lodged. Drafts don't count.

Fix: Confirm the lodgement receipt email. If you don't get one, it wasn't lodged.

What Happens If You Miss It?

AUSTRAC's enforcement options for a missed compliance report range from least to most severe:

ActionTypical trigger
Reminder letterFirst missed deadline, no prior history
Remedial directionPattern of late lodgement
Infringement noticeSingle missed report after warnings
Civil penalty proceedingsMultiple missed reports or no engagement

Castra and Princeton skipped the first three rungs because the report was nearly two years overdue and AUSTRAC's prior engagement hadn't produced lodgement.

What AUSTRAC Has Said About Tranche 2

AUSTRAC CEO Brendan Thomas has signalled a "pragmatic and proportionate" approach for Tranche 2 entities in the first 12 months — but pragmatic doesn't mean optional:

"We don't expect perfection on day one, but we do expect sustained effort, strong leadership, and genuine progress. Firms that wilfully ignore their enrolment or make no meaningful effort to comply will face enforcement action from day one."

Translation: if you're trying, AUSTRAC will work with you. If you've ignored the regime entirely, expect enforcement.

A missing compliance report 9 months after your obligations started is hard to defend as "genuine progress."

What to Do Now

If you're a Tranche 2 entity, here's your minimum action list before 1 July 2026:

  1. Enrol with AUSTRAC as soon as enrolment opens (31 March 2026). See our AUSTRAC registration guide.
  2. Document your AML/CTF program covering Parts A–F. AML Mate generates this in 15 minutes using AUSTRAC starter kit templates.
  3. Set up CDD record-keeping from day one. Don't try to reconstruct it later.
  4. Diary the 31 March 2027 deadline for your first compliance report — and the same date every subsequent year.
  5. Decide who owns the report when your Compliance Officer is unavailable. Single-point-of-failure roles are how deadlines get missed.

The Bigger Picture

The Castra and Princeton proceedings aren't a one-off. They're a signal that AUSTRAC is willing to take court action against any entity — large or small, sophisticated or not — that ignores basic obligations.

The cost of compliance is small. The cost of a Federal Court proceeding is enormous, and that's before any civil penalty is imposed.

For more on AUSTRAC's full enforcement playbook and historical penalties, see our deep dive on AUSTRAC penalties for non-compliance.

Don't let a missed form become a court case. Run a free compliance check to see your Tranche 2 obligations, or start your 14-day free trial and AML Mate will track every AUSTRAC deadline for you — annual report, KYC reviews, training renewals — so nothing slips.

austracannual-compliance-reportenforcementtranche-2compliancepenalties

Related Articles

General

AUSTRAC Penalties for Non-Compliance: What Australian Businesses Risk in 2026

A detailed look at AUSTRAC enforcement actions, penalty amounts, and what happens if your business fails to meet AML/CTF obligations under Tranche 2.

General

AUSTRAC's Free Starter Kits: What They Cover, What They Don't, and What You Still Need

AUSTRAC released sector-specific starter kits for Tranche 2 entities. They're useful — but they're a starting point, not a finished compliance program. Here's a gap analysis of what's missing and how to close it.

General

Tipping Off: What Accountants and Lawyers Can (and Can't) Say to Clients in 2026

The AML/CTF tipping-off offence carries criminal penalties — including imprisonment. With Tranche 2 reforms, the rules now apply to accountants, lawyers, real estate agents, and jewellers. Here's a plain-English guide with do's, don'ts, and client conversation templates.

Ready to get compliant?

AML Mate generates your AML/CTF program in 15 minutes using AUSTRAC's official templates. Start with a free compliance check.

This article is based on AUSTRAC's publicly available guidance. It does not constitute legal or compliance advice. Consult a licensed compliance professional for complex situations.