AML/CTF Compliance for Accountants: Your 2026 Guide
From July 1, 2026, accountants in Australia will be regulated by AUSTRAC under Tranche 2 of the AML/CTF Act. This guide covers everything you need to know — from which services trigger obligations, to what you need to have in place before the deadline.
Key date: July 1, 2026
All Tranche 2 obligations take effect from this date. AUSTRAC enrolment opens March 31, 2026. Failing to comply can result in civil penalties of up to $28.2 million per contravention.
Why are accountants being regulated?
Australia's AML/CTF regime has historically covered financial institutions and gambling operators (Tranche 1). Tranche 2 extends these obligations to "gatekeeper" professions — accountants, lawyers, real estate agents, and conveyancers — because they can be exploited as conduits for money laundering and terrorism financing.
The Anti-Money Laundering and Counter-Terrorism Financing Amendment Act 2024 brings these professions under AUSTRAC's regulatory umbrella, aligning Australia with FATF Recommendation 22 and international standards.
Which accountants are affected?
Not all accounting work triggers AML/CTF obligations. Only accountants who provide designated services are classified as reporting entities. These include:
- Managing client money, securities, or other assets — including operating trust accounts or managing client investment portfolios
- Managing bank, savings, or securities accounts — on behalf of clients
- Organising contributions for company creation, operation, or management — including setting up structures for capital raising
- Creating, operating, or managing legal persons or arrangements — company formations, trusts, partnerships
- Buying or selling business entities — including mergers, acquisitions, and share transfers
Standard tax return preparation, bookkeeping, and financial statement compilation are not designated services and do not trigger AML/CTF obligations on their own.
What do you need to do?
If you provide any designated services, you must:
1. Enrol with AUSTRAC
Register as a reporting entity through AUSTRAC Online when the portal opens on March 31, 2026. You'll need your ABN, business details, compliance officer information, and details of the designated services you provide.
2. Develop an AML/CTF program
You must have a written AML/CTF program with two parts:
- Part A: Procedures for identifying, mitigating, and managing ML/TF risk — including CDD, transaction monitoring, and reporting
- Part B: Employee due diligence — screening, training, and ongoing awareness
Your program must be based on a documented Enterprise-Wide Risk Assessment (EWRA) and tailored to your practice.
3. Conduct customer due diligence (CDD)
Before providing a designated service, you must:
- Collect and verify client identity information
- Identify beneficial owners of entities
- Assess ML/TF risk for each client
- Apply enhanced due diligence for high-risk clients
- Conduct ongoing monitoring and periodic reviews
4. Report suspicious matters
You must file Suspicious Matter Reports (SMRs) with AUSTRAC if you suspect a client is involved in money laundering or terrorism financing. SMRs must be filed within 3 business days (24 hours for terrorism financing).
Critical: Tipping off the client about an SMR is a criminal offence carrying up to 2 years imprisonment.
5. Keep records for 7 years
All CDD records, transaction records, SMRs, and program documentation must be retained for at least 7 years after the business relationship ends or the transaction is completed.
6. Train your staff
Every person in your practice who provides designated services or handles compliance must receive AML/CTF training covering:
- ML/TF risks relevant to your practice
- Your AML/CTF program obligations
- How to identify and report suspicious matters
- The tipping-off offence
Timeline for accountants
Start preparing — conduct your initial risk assessment and draft your AML/CTF program
AUSTRAC enrolment portal opens — register as a reporting entity
All Tranche 2 obligations take effect — you must be fully compliant
Maintain CDD, file SMRs, review your program annually, keep records for 7 years
Common mistakes accountants make
- Assuming tax work is covered: Standard tax returns and bookkeeping are not designated services. Only specific activities trigger obligations.
- Using a generic template: Your AML/CTF program must be tailored to your practice, risk profile, and client base. AUSTRAC will see through copy-paste templates.
- Waiting until July 1: You need your program, training, and CDD processes ready before the deadline. Don't leave it to the last week.
- Ignoring beneficial ownership: For companies, trusts, and partnerships, you must identify who ultimately owns or controls the entity, not just the person sitting in front of you.
- Not screening against sanctions lists: You must screen clients against DFAT consolidated sanctions lists before providing designated services.
How ComplyAU helps accountants
ComplyAU is purpose-built for Tranche 2 professionals. For accountants, it provides:
- AI-generated AML/CTF programs tailored to accounting practices
- Guided CDD workflows with identity verification and beneficial ownership checks
- Automated sanctions screening against DFAT and FATF lists
- SMR filing workflow with tipping-off safeguards
- 7-year compliant record keeping with immutable audit logs
- Staff training modules designed for accounting professionals
- AUSTRAC review readiness dashboard and evidence binder export
Get ready before July 1
ComplyAU helps you build your AML/CTF program, set up CDD, and prepare for AUSTRAC enrolment — all in one platform. Join the waitlist for early access.
Related Reading
This article is for general informational purposes only and does not constitute legal or compliance advice. For advice specific to your situation, consult a qualified legal or compliance professional.