What Australian businesses need to do for AML/CTF compliance
From 1 July 2026, accountants, lawyers, real estate agents, and jewellers must comply with AUSTRAC AML/CTF regulations. Here is every step you need to take — with or without AML Mate.
The 7 obligations at a glance
Step 1
Register with AUSTRAC
All reporting entities must register with AUSTRAC before providing designated services. This involves identifying which services you provide and submitting your registration through the AUSTRAC portal.
Doing it yourself
Navigate the AUSTRAC website yourself, figure out which designated services apply to you, complete lengthy government forms.
With AML Mate
Our onboarding wizard identifies your designated services automatically based on your industry and ABN. We guide you through exactly what AUSTRAC needs.
Step 2
Write your AML/CTF Program (Part A & B)
You must create a written AML/CTF program with two parts. Part A covers risk-based systems and controls — customer identification procedures, ongoing due diligence, transaction monitoring, and reporting obligations. Part B covers your employee training program. These are detailed compliance documents that must be tailored to your business.
Doing it yourself
Draft from scratch (dozens of pages) or hire a compliance consultant for $3,000–$10,000. Read through 100+ pages of AUSTRAC guidance to understand what to include.
With AML Mate
Answer guided questions about your business. Our AI generates a complete Part A-F program using AUSTRAC's official Starter Kit templates, with every recommendation citing its source.
Step 3
Customer Identification (KYC / CDD)
Before providing designated services, you must verify every client's identity. This includes collecting government-issued photo ID, verifying identity (optionally via Electronic Identity Verification), identifying beneficial owners for companies and trusts, and assessing each client's risk level.
Doing it yourself
Create your own checklists and spreadsheets. Manually collect and file ID documents. Track which clients need review and when. Subjectively assess risk levels.
With AML Mate
Structured client onboarding with automated risk scoring. EIV integration for instant identity checks. Dashboard shows at a glance which clients need CDD review and when their next check is due.
Step 4
Screen against PEP & Sanctions Lists
You must screen every client against the DFAT consolidated sanctions list and check if they are a Politically Exposed Person (PEP). This must be done at onboarding and periodically thereafter. Matches require Enhanced Due Diligence.
Doing it yourself
Download the DFAT sanctions XLSX file manually. Search names one by one. For PEP checks, you need access to expensive commercial databases. No easy way to do this without paid tools.
With AML Mate
Automatic screening against DFAT sanctions list and PEP databases when you create a client. Results shown instantly. Alerts generated for any matches. Re-screening available at any time.
Step 5
File Reports with AUSTRAC
You are legally required to file Suspicious Matter Reports (SMRs) within 24 hours of forming a suspicion. Threshold Transaction Reports (TTRs) must be filed within 10 business days for cash transactions of $10,000 or more. International Value Transfer Services (IVTS, formerly IFTIs) also require reporting.
Doing it yourself
Log into AUSTRAC Online and fill out complex government forms from scratch. Manually gather all client and transaction details. Risk missing tight deadlines.
With AML Mate
Smart pre-fill from your existing client data. Built-in AUSTRAC field validator catches errors before submission. Step-by-step SMR and TTR wizards with deadline tracking and alerts.
Step 6
Train Your Staff
All employees who provide designated services or handle AML/CTF obligations must receive training. You need to develop training materials covering your obligations, how to identify suspicious matters, and your internal procedures. Training must be ongoing, not just one-off.
Doing it yourself
Develop your own training materials from scratch. Manually track who has completed training and when. No standardised testing or certification.
With AML Mate
5 built-in training modules covering all AUSTRAC requirements. Interactive quizzes with pass/fail. Automatic tracking of completion. Downloadable certificates. Invite employees via email to a dedicated training portal.
Step 7
Annual Compliance Report & Ongoing Obligations
Each year you must submit a compliance report to AUSTRAC summarising your AML/CTF activities. You also need to conduct an independent review of your program, update it when regulations change, and maintain records for 7 years.
Doing it yourself
Set your own calendar reminders and hope nothing slips. Manually compile annual statistics. Re-read AUSTRAC updates to check for regulation changes.
With AML Mate
Automated alerts for all deadlines — annual reports, KYC renewals, training due dates. Dashboard with compliance score. All records stored centrally with full audit trail.
Industry-specific guides
AUSTRAC Tranche 2: What You Need to Know
Who is affected, key dates, penalties, and what to do.
Read guideAML Compliance for Accountants
Which services are covered, CDD for accounting clients.
Read guideAML Compliance for Real Estate Agents
Property sales AML obligations and buyer/seller ID.
Read guideAML Compliance for Lawyers & Legal Professionals
Conveyancing, trust accounts, company formation obligations.
Read guideAML Compliance for Jewellers & Precious Dealers
Cash thresholds, simplified options, red flags for jewellers.
Read guideAML Compliance for Conveyancers
Designated services, CDD for property transfers, red flags.
Read guideHow to Submit an SMR
Suspicious Matter Reports — when to file, tipping off rules.
Read guideThreshold Transaction Reports (TTR)
$10,000+ cash reporting, structuring, common mistakes.
Read guideHow to Register with AUSTRAC
Step-by-step registration process and common mistakes.
Read guidePenalties for non-compliance
- Up to $16,500 per contravention for companies
- Up to $3,300 per contravention for individuals
- Serious breaches can attract civil penalties up to $31.3 million
- AUSTRAC can issue infringement notices, enforceable undertakings, and remedial directions