AML Checklist & Guide

Australia β€” New Reporting Entities

Preparing Your Business for
New AML/CTF Obligations

Australia's Anti-Money Laundering and Counter-Terrorism Financing (AML/CTF) framework is expanding to include additional industries. If your business provides designated services and is not currently regulated by AUSTRAC, you may be considered a new reporting entity.

This guide outlines the key obligations your business may need to meet and provides a practical checklist to help you prepare for the introduction of the updated requirements on 1 July 2026.

⏰ Obligations effective: 1 July 2026  |  Enrolment deadline: 29 July 2026
Download the Complete Guide as a PDF

Includes Part 1 (Guide), Part 2 (Checklist - Simplified & Full), and Part 3 (Glossary). All Print-ready for staff meetings or briefings.

Part 1 β€” Guide to Obligations for New Reporting Entities
1
Registration
Enrol with AUSTRAC
Deadline: 29 July 2026 β€” Registration opens 31 March 2026

Newly regulated Tranche 2 entities must enrol with AUSTRAC by 29 July 2026. Registration is expected to open on 31 March 2026.

Tip: Enrolling early will allow your business time to implement the required AML/CTF framework before the compliance deadlines.
2
Program Development
Establish an AML/CTF Program
Must be documented, approved by senior management, and reviewed every 3 years

Your business must develop and maintain an AML/CTF Program that outlines how you will manage and reduce the risks of money laundering, terrorism financing and proliferation financing.

An effective program should:

  • Identify and assess ML/TF/PF risks relevant to your business
  • Include policies, procedures, systems and controls to manage these risks
  • Be appropriate for the size, nature and complexity of your business
  • Be documented and approved by a senior manager
  • Be reviewed and updated as your business or risk environment changes
  • Be independently reviewed at least every three years
  • Include the appointment of a fit and proper AML/CTF Compliance Officer
Note: If you operate as a sole trader, you may undertake the role of Compliance Officer yourself.
3
Customer Due Diligence
Conduct Customer Due Diligence (CDD)
Initial, Ongoing, Enhanced and Simplified CDD

Customer Due Diligence ensures you understand who your clients are and the level of risk they may pose.

CDD requirements generally include:

  • Initial CDD β€” Verifying a customer's identity before providing designated services.
  • Ongoing CDD β€” Monitoring the customer relationship and keeping information up to date.
  • Enhanced CDD β€” Applying additional checks for higher-risk customers.
  • Simplified CDD β€” Applying reduced checks where permitted under AML/CTF Rules.

As part of this process, you must determine whether the customer or related parties are:

  • Who they claim to be
  • Subject to financial sanctions
  • A politically exposed person (PEP)
  • A close associate or relative of a PEP
4
Reporting
Reporting to AUSTRAC
Common reporting obligations for new reporting entities

Reporting entities may be required to submit certain reports to AUSTRAC. Common reporting obligations include:

  • Suspicious Matter Reports (SMR) β€” when a suspicious activity is identified
  • Threshold Transaction Reports (TTR) β€” for cash transactions of AUD $10,000 or more
  • International Value Transfer Service Reports (IVTS) β€” for international transfers of value
  • Cross-Border Movement Reports β€” when physical currency of $10,000 or more enters or leaves Australia
  • Annual Compliance Reports β€” summarising how AML/CTF obligations were met
5
Record-Keeping
Record-Keeping Requirements
All records must be retained for a minimum of seven years

Reporting entities must keep accurate records for at least seven years. These records demonstrate your compliance and may include:

  • AML/CTF program documentation
  • Customer due diligence records
  • Transaction records
  • Staff training records
  • Suspicious activity records
  • Independent review or audit results
Part 2 β€” AML/CTF Implementation Checklist

Use this checklist as a starting point to identify any gaps in your current policies, procedures and systems. Select a version below.

Select Checklist Version
Progress
0 / 0 items
1. Industry Coverage
βœ“
My business provides designated services (accounting, financial services, legal, or trust & company services)
2. AUSTRAC Enrolment
βœ“
Enrolled with AUSTRAC before 29 July 2026
3 & 4. Risk Assessment
βœ“
ML/TF/PF risks identified and assessed (customer types, service delivery, jurisdiction)
βœ“
Inherent and residual risk documented
5. AML/CTF Program
βœ“
Documented AML/CTF program approved by senior management
6. Initial CDD
βœ“
Customer, beneficial owner and/or agent identified
βœ“
ML/TF/PF risk assessed at start of relationship
βœ“
PEP check conducted
βœ“
Sanctions screening conducted
7. Ongoing CDD
βœ“
Transactions monitored for suspicious activity
βœ“
Client information updated when necessary
βœ“
Risk profiles adjusted on trigger events
8. AML Compliance Officer
βœ“
AMLCO is an Australian resident and meets fit and proper person requirements
9 & 10. Record-Keeping
βœ“
Records maintained for CDD, risk assessments, and AML/CTF compliance
βœ“
Core records in place: AML/CTF program, CDD, transactions, training, independent reviews, suspicious activity reports
11. Reporting Obligations
βœ“
Applicable reports identified: SMR, TTR, Annual Compliance Reports
πŸ’‘

Tip: Switch to the Full Version above for the complete checklist with all sub-items and examples.

Progress
0 / 0 items
1. Determine Whether Your Industry Is Covered
Which of the following applies to your business?
βœ“
Accountants
βœ“
Financial service providers
βœ“
Lawyers
βœ“
Trust and company service providers
If you selected any of the above, your business may have obligations under the AML/CTF legislation.
2. AUSTRAC Enrolment
Have you enrolled your business with AUSTRAC?
βœ“
Yes β€” enrolled with AUSTRAC
βœ“
No β€” enrolment is required before 29 July 2026
3. Risk Assessment
Have you identified and assessed the ML/TF/PF risks relevant to your business? Consider:
Customer Type
βœ“
Individuals
βœ“
Companies
βœ“
Partnerships
βœ“
Trusts
Service Delivery
βœ“
Online
βœ“
In-person
Jurisdiction
βœ“
Domestic (Australia)
βœ“
International
4. Risk Evaluation
Have you assessed and documented:
  • • Inherent risk (before controls)
  • • Residual risk (after controls are applied)
βœ“
Yes β€” inherent and residual risk assessed and documented
βœ“
No β€” further action required
5. AML/CTF Program
Have you developed a documented AML/CTF program approved by senior management?
βœ“
Yes
βœ“
No β€” further action required
6. Initial Customer Due Diligence
Does your onboarding process include:
βœ“
Identifying the customer, beneficial owner and/or agent
βœ“
Assessing ML/TF/PF risk at the start of the relationship
βœ“
Identifying whether the client is a PEP
βœ“
Conducting sanctions screening
βœ“
No β€” further action required
7. Ongoing Customer Due Diligence
Does your process include:
βœ“
Monitoring transactions for suspicious activity
βœ“
Updating client information when necessary
βœ“
Adjusting risk profiles when trigger events occur
Examples of trigger events include:
  • Changes in ownership or control
  • Changes in business activities
  • Changes in customer or transaction behaviour
8. AML Compliance Officer (AMLCO)
βœ“
AML Compliance Officer is an Australian resident
βœ“
AMLCO meets the fit and proper person requirements
9. Record-Keeping
Are records maintained to demonstrate:
βœ“
Customer due diligence
βœ“
Risk assessments
βœ“
Compliance with AML/CTF obligations
Records should be kept in English or easily convertible to English.
10. Core Records
Does your AML/CTF framework include records for:
βœ“
AML/CTF program
βœ“
Customer due diligence records
βœ“
Transaction records
βœ“
Staff training records
βœ“
Independent review records
βœ“
Suspicious activity reports
11. Reporting Obligations
Which reporting requirements apply to your business?
βœ“
Suspicious Matter Reports (SMR)
βœ“
Threshold Transaction Reports (TTR)
βœ“
Annual Compliance Reports
βœ“
Unsure β€” seek professional advice
πŸ’‘

Using This Checklist: Review each section carefully. Identify any gaps in your compliance framework. Implement policies or procedures to address those gaps. Keep records of actions taken for at least seven years.
Tip: This checklist is a starting point – seek professional advice to ensure your business meets all regulatory requirements.

Part 3 β€” Glossary of Key Terms
A–Z
Definitions
Glossary of Key Terms
Key definitions for terms used throughout the AML/CTF framework.
AML/CTF Program
Internal policies and procedures that explain how a reporting entity meets its AML/CTF obligations.
Annual Compliance Report
A yearly report submitted to AUSTRAC outlining how a reporting entity has complied with AML/CTF requirements.
Beneficial Owner
An individual who owns 25% or more, or otherwise controls, an entity such as a company or trust.
Designated Services
Services listed under Section 6 of the AML/CTF Act that carry potential money laundering or terrorism financing risk.
Reporting Entity
A business that provides designated services and must comply with AML/CTF legislation.
Senior Manager
A person involved in making decisions affecting a significant part of the business.
Suspicious Matter Report (SMR)
A report submitted to AUSTRAC when suspicious activity or potential criminal conduct is identified.
Threshold Transaction Report (TTR)
A report submitted to AUSTRAC for cash transactions of AUD $10,000 or more.

Head to our Resources page to view a more detailed list of AML acronyms and quickly access useful areas of AUSTRAC's website.

View Resources Page
Disclaimer: This publication has been prepared with care but is provided for general information purposes only. It does not constitute legal, financial or professional advice. Information contained in this publication may change and may not always reflect the most current regulatory developments. You should not act or rely on the information without obtaining professional advice specific to your circumstances. Please contact us if you would like to discuss how these matters may apply to you. To the fullest extent permitted by law, we and our partners, directors, employees and agents accept no liability for any loss or damage arising from reliance on the information contained in this publication, except where liability cannot be excluded under applicable legislation.


Our helpful team is always only an email or phone call away.

You can reach us anytime at

1800 799 666
hello@amlinfo.com.au
AMLinfo compliance support team ready to help Australian businesses with AML obligations
OUR SERVICES