AUSTRAC Tranche 2 Explained
The Complete Guide for 2026

What Is AUSTRAC Tranche 2?

AUSTRAC Tranche 2 is the widely used term for the expansion of Australia's anti-money laundering and counter-terrorism financing (AML/CTF) regulatory framework to a new category of professional service providers. For the first time in Australian regulatory history, accountants, lawyers, real estate agents, conveyancers, and dealers in precious metals and stones will be required to comply with the same category of AML/CTF obligations that have applied to banks, financial institutions, casinos, and remittance providers since 2006.

The term “Tranche 2” reflects the phased implementation approach built into Australia's AML/CTF framework from the outset. When the Anti-Money Laundering and Counter-Terrorism Financing Act 2006 (Cth) (“the Act”) was originally enacted, it was always intended to be implemented in stages. Tranche 1, which commenced in 2006, brought the financial sector and gambling industry into the regulatory regime. This included banks, credit unions, building societies, securities dealers, insurance providers, casinos, and remittance service providers. Tranche 2 was intended to follow shortly after, extending the regime to designated non-financial businesses and professions (DNFBPs) — professional service providers whose services can be exploited for money laundering, terrorism financing, and other serious financial crimes.

For nearly two decades, successive Australian Governments delayed the implementation of Tranche 2. The reasons for delay were complex: industry lobbying, resource constraints within AUSTRAC, competing legislative priorities, and genuine policy debate about the proportionality of extending AML/CTF regulation to professional services. However, that delay came at a significant cost. Australia's failure to regulate DNFBPs was identified as a major vulnerability by international bodies, and domestic intelligence agencies repeatedly highlighted the exploitation of professional services for money laundering purposes.

That delay ended in 2024. Following sustained pressure from the Financial Action Task Force (FATF), recommendations from the Senate Legal and Constitutional Affairs Legislation Committee, a comprehensive public consultation process, and mounting evidence of money laundering through Australian real estate, trust structures, and corporate vehicles, the Australian Government introduced the Anti-Money Laundering and Counter-Terrorism Financing Amendment Bill 2024. This legislation passed both houses of Parliament and received Royal Assent in December 2024. The Amendment Act inserts a new suite of provisions into the 2006 Act and will commence on 1 July 2026.

The impact is significant. AUSTRAC estimates that approximately 100,000 Australian businesses across the professional services sector will be brought into the AML/CTF regime. These businesses — many of them small and medium-sized practices operating with limited compliance infrastructure — must enrol with AUSTRAC, develop and implement AML/CTF programmes, conduct customer due diligence (CDD) on their clients, report suspicious matters, keep comprehensive records for a minimum of seven years, and train their staff on AML/CTF obligations.

Who Is Affected by Tranche 2?

Tranche 2 brings five main categories of professional service providers into the AML/CTF regime. These are defined as providers of “designated services” under s6AA of the amended Act. The categories are:

1. Accountants and Tax Agents

Accountants, tax agents, BAS agents, and auditors are captured when they provide services including financial advisory services, tax advisory services, and services relating to the creation, operation, or management of trusts, companies, or other legal entities. Managing client money or assets also triggers the obligations. This is a broad category that captures the majority of accounting practices that go beyond basic bookkeeping and routine tax return preparation. The Tax Practitioners Board (TPB) has indicated that AML/CTF compliance will be relevant to maintaining professional registration under the Tax Agent Services Act 2009. AUSTRAC has estimated that tens of thousands of accounting and tax practices across Australia will be brought within scope, making this the single largest Tranche 2 cohort by number of businesses affected.

2. Lawyers and Solicitors

Legal practitioners are captured when they act in certain transactional matters: real property transactions, creation or management of companies, trusts, or legal arrangements, and management of client money or assets. Litigation, general legal advice, and matters that do not involve these designated transactions are not captured. The interaction between legal professional privilege (LPP) and AML/CTF reporting obligations is one of the most complex aspects of Tranche 2. The Amendment Act contains specific provisions acknowledging privilege, but the scope of the carve-out is narrow and requires careful analysis. Importantly, LPP does not exempt lawyers from CDD obligations or from maintaining an AML/CTF programme — it provides a limited exception in certain reporting contexts only.

3. Real Estate Agents

Real estate agents are captured when they are involved in the buying, selling, or leasing of real property on behalf of a client. This includes both residential and commercial property transactions. Real estate has long been identified as a high-risk sector for money laundering, both by AUSTRAC and by international bodies such as FATF. Property transactions involving cash, offshore buyers, complex ownership structures, nominees, or significantly above-market purchase prices are considered particularly high risk. AUSTRAC intelligence assessments have consistently identified Australian real property as an attractive vehicle for laundering the proceeds of crime, both domestic and international.

4. Conveyancers and Settlement Agents

Licensed conveyancers and settlement agents are captured when they handle property transfers and settlements. Given that conveyancing directly involves the transfer of real property and the management of settlement funds, conveyancers sit at a critical control point for money laundering typologies. Beneficial ownership verification, source of funds inquiries, and trust account monitoring are particularly relevant obligations for this profession. In jurisdictions where conveyancers operate independently of law firms — such as Victoria, New South Wales, and South Australia — they will bear these obligations directly rather than under the umbrella of a law firm's AML/CTF programme.

5. Dealers in Precious Metals and Stones

Dealers in precious metals (such as gold and silver) and precious stones (such as diamonds and emeralds) are captured when they engage in transactions at or above applicable thresholds. The precious metals and stones sector is internationally recognised as a high-risk channel for money laundering due to the high value density of these commodities, the ease with which they can be transported, and the difficulty of tracing ownership once physical goods change hands. While some precious metals dealers were already captured under Tranche 1 (as bullion dealers), Tranche 2 broadens the scope to include a wider range of dealers and transaction types.

Key Dates and Timeline

The Tranche 2 implementation timeline provides a compressed but defined period for affected businesses to prepare. Understanding these dates is essential for planning your compliance readiness activities.

The period between Royal Assent (December 2024) and commencement (1 July 2026) is the preparation window. While this may appear to be a reasonable timeframe, developing a compliant AML/CTF programme from scratch, training staff, establishing client identification procedures, configuring record-keeping systems, and adapting existing practice management workflows is a substantial undertaking — particularly for small and medium-sized practices with limited compliance resources. Businesses that have not yet begun preparation should treat this as urgent.

The Six Core Obligations

Tranche 2 creates a comprehensive set of obligations for affected businesses. These mirror the obligations that have applied to financial sector reporting entities since 2006, adapted for the professional services context. Understanding each obligation in detail is essential for building a compliant practice.

1. Enrol with AUSTRAC (s75C)

Every reporting entity that provides a designated service must enrol with AUSTRAC under s75C of the Act. Enrolment is a prerequisite — you cannot lawfully provide a designated service after 1 July 2026 without being enrolled. The enrolment process requires you to provide information about your business, including your Australian Business Number (ABN), the types of designated services you offer, the jurisdictions in which you operate, and the name and contact details of your AML/CTF compliance officer. The AUSTRAC enrolment portal for Tranche 2 entities opens on 31 March 2026. Failure to enrol before providing designated services is a civil penalty provision carrying substantial penalties.

For a step-by-step walkthrough of the enrolment process, see our AUSTRAC enrolment guide.

2. Develop and Maintain an AML/CTF Programme (Part 7A)

Under Part 7A of the Act, you must develop, implement, and maintain a written AML/CTF programme that addresses the money laundering and terrorism financing (ML/TF) risks specific to your business. The AML/CTF Rules 2024 prescribe the detailed content requirements. Your programme must contain two parts:

• Part A — Risk-Based Systems and Controls: This includes your enterprise-wide ML/TF risk assessment; your customer identification and verification (Know Your Customer/CDD) procedures under s28–35; ongoing customer due diligence and transaction monitoring under s36; enhanced due diligence for high-risk clients, politically exposed persons (PEPs), and clients from high-risk jurisdictions; procedures for reporting suspicious matters (s41–49) and threshold transactions to AUSTRAC; and your record-keeping arrangements under Part 10.
• Part B — Employee Due Diligence: This includes screening procedures for new employees and contractors in relevant positions; ongoing employee awareness training on AML/CTF obligations; and procedures to prevent employees from tipping off clients about suspicious matter reports (s123).

The programme must be approved by a senior manager or your board, reviewed regularly (at least annually), and updated whenever there is a material change to your business or the regulatory environment. AUSTRAC can request to inspect your programme at any time, and failure to have an adequate programme is a civil penalty offence. Importantly, your programme must be tailored to your specific practice — generic, off-the-shelf templates are unlikely to satisfy AUSTRAC's expectations.

3. Customer Due Diligence (s28–35)

Before providing a designated service, you must verify your client's identity. The CDD requirements under s28 to s35 establish a tiered, risk-based approach:

• Standard CDD — Verify the client's identity using reliable and independent documentation or electronic verification. For individuals, this typically means government-issued photo identification (passport, driver's licence). For companies and trusts, it includes verification of the entity itself, its beneficial owners (using the 25% ownership threshold), and its directors or trustees.
• Enhanced CDD (ECDD) — Required for higher-risk clients, including politically exposed persons (PEPs), clients from high-risk jurisdictions identified by FATF, clients with complex or unusual ownership structures, and any situation where there is a higher risk of ML/TF. ECDD requires additional verification steps, senior management approval, establishing the source of wealth and source of funds, and more intensive ongoing monitoring.
• Simplified CDD — Reduced measures may be applied for demonstrably low-risk clients such as Australian listed companies, Commonwealth or state government entities, and APRA-regulated financial institutions. The simplified approach must be justified by your risk assessment.
• Ongoing CDD (s36) — CDD is not a one-off exercise. You must conduct ongoing monitoring of your client relationships, update client information at appropriate intervals, and scrutinise transactions that appear inconsistent with your knowledge of the client and their risk profile.

For a detailed walkthrough of CDD obligations, see our Customer Due Diligence Guide.

4. Suspicious Matter Reporting (s41–49)

Sections 41 to 49 of the Act establish the suspicious matter reporting (SMR) regime. If you form a suspicion on reasonable grounds that a transaction, a proposed transaction, or any other matter relating to a designated service may be relevant to:

• An offence against a law of the Commonwealth, a State, or a Territory
• The proceeds of crime
• Terrorism financing
• Tax evasion

… then you must lodge a suspicious matter report with AUSTRAC. The report must be lodged within prescribed timeframes: within 24 hours for matters related to terrorism financing, and within 3 business days for all other matters. Failure to report a suspicious matter is both a civil penalty provision and, in certain circumstances, a criminal offence under the Act.

The SMR regime requires you to have internal escalation procedures: a process for staff to raise concerns, a decision maker (typically the AML/CTF compliance officer) who assesses whether the threshold for reporting has been met, and a mechanism for lodging the report through AUSTRAC Online. You must also keep records of matters that were considered but not reported, including the reasons for the decision not to report.

For step-by-step reporting guidance, see our Suspicious Matter Reporting Guide.

5. Threshold Transaction Reports and Record Keeping (Part 10)

If you receive cash of $10,000 or more (or the foreign currency equivalent) in connection with a designated service, you must lodge a Threshold Transaction Report (TTR) with AUSTRAC within 10 business days. You must also report where you suspect a client is structuring transactions — deliberately splitting amounts to avoid the $10,000 threshold.

Part 10 of the Act requires reporting entities to maintain comprehensive records relating to their AML/CTF compliance. This includes all CDD records (identity verification documents, beneficial ownership records), transaction records for designated services provided, copies of suspicious matter reports and threshold transaction reports, your AML/CTF programme and all versions, training records for employees, and risk assessment documentation. Records must be retained for a minimum of 7 years from the date of the transaction or the end of the client relationship (whichever is later). Records must be stored securely, be accessible to AUSTRAC upon request, and be maintained in a form that allows them to be readily produced for examination.

6. Tipping-Off Prohibition (s123)

Section 123 of the Act makes it a criminal offence to disclose (“tip off”) a client or any third party that a suspicious matter report has been, is being, or will be made. This prohibition exists to protect the integrity of AUSTRAC investigations and law enforcement operations, and to prevent suspects from destroying evidence, dissipating assets, or fleeing the jurisdiction.

The tipping-off offence carries serious penalties, including imprisonment of up to 2 years for individuals. It applies to all employees of the reporting entity, not just the compliance officer. Inadvertent tipping-off — such as telling a client you cannot proceed with a transaction “for compliance reasons” or asking questions that reveal the existence of an investigation — can also constitute an offence. This is why Part B of your AML/CTF programme must include practical training on the tipping-off prohibition for all relevant staff, with examples of both direct and inadvertent disclosure.

Designated Services Explained

The concept of “designated services” is central to Tranche 2. Under s6AA of the AML/CTF Act 2006 (as amended), a service is “designated” if it falls within one of the categories specified in the legislation. It is the provision of a designated service — not simply holding a professional licence — that triggers reporting entity status and the associated AML/CTF obligations.

This is an important distinction. Not every service provided by an accountant, lawyer, or real estate agent is a designated service. A lawyer who exclusively provides litigation or family law advice may not be captured. An accountant who only prepares individual tax returns and BAS lodgements may not provide any designated services. A real estate agent who only manages rental properties (as opposed to conducting sales) may fall outside the scope.

The designated service categories for each profession include, but are not limited to:

Designated Services for Accountants

• Financial advisory services
• Tax advisory services (beyond routine tax return preparation)
• Preparing for or carrying out transactions involving the creation, operation, or management of trusts, companies, or other legal structures
• Acting as, or arranging for another person to act as, a nominee director, company secretary, or trustee
• Managing client money, securities, or other assets
• Providing a registered office or business address for a company or trust

Designated Services for Lawyers

• Buying or selling real property on behalf of a client
• Preparing for or carrying out transactions involving the creation, operation, or management of companies, trusts, or other legal arrangements
• Managing client money, securities, or other assets (including through trust accounts)
• Opening or managing bank accounts on behalf of clients
• Organising contributions for the creation, operation, or management of companies

Designated Services for Real Estate Agents

• Acting as an agent for the purchase or sale of real property
• Acting as an agent for the leasing of real property
• Facilitating property auctions

Exclusions and Carve-Outs

The legislation includes certain exclusions and carve-outs. Standard bookkeeping services that do not involve any of the above designated activities are generally excluded. Litigation services provided by lawyers are excluded. Legal advice that does not relate to or facilitate a designated transaction is excluded. Property management services (as distinct from property sales or purchases) are generally excluded. However, these exclusions are narrowly construed, and businesses should not assume that they are exempt without conducting a thorough analysis of their service offerings against the s6AA definitions.

The AML/CTF Rules 2024 provide further guidance on the boundaries of designated services. Where a service could fall on either side of the line, AUSTRAC has indicated that businesses should err on the side of inclusion rather than exclusion. If you are uncertain whether a particular service is designated, you should seek professional advice.

Penalties for Non-Compliance

The AML/CTF Act establishes a tiered penalty regime with both civil and criminal consequences. AUSTRAC has a range of enforcement tools at its disposal, and the penalties are deliberately severe to encourage compliance. Key penalty provisions include:

Beyond formal penalties, AUSTRAC has additional enforcement powers. It can issue infringement notices for lower-level or isolated breaches, seek enforceable undertakings (legally binding agreements requiring you to remedy specific compliance failures within defined timeframes), and issue remedial directions compelling you to take specific actions to achieve compliance. AUSTRAC can also share intelligence and referrals with other regulators, including the Australian Federal Police (AFP), the Australian Criminal Intelligence Commission (ACIC), the Australian Taxation Office (ATO), and state-based professional licensing bodies such as the TPB and law societies.

AUSTRAC has demonstrated a willingness to pursue significant enforcement actions under the existing Tranche 1 regime. In 2018, it imposed a $1.3 billion penalty on the Commonwealth Bank of Australia for over 53,000 contraventions of the Act. In 2023, Crown Resorts received a $450 million penalty for systemic compliance failures. Westpac was fined $1.3 billion in 2020 for over 23 million contraventions. While these cases involved large financial institutions, AUSTRAC has stated publicly that it intends to apply the same regulatory expectations to all reporting entities, including Tranche 2 businesses. The regulator has also indicated that it will take a proportionate approach during the initial period, focusing on education and engagement while still pursuing enforcement action where businesses demonstrate a disregard for their obligations.

For a deeper analysis of the penalty framework, see our blog post: Tranche 2 Penalties: What Happens If You Don't Comply.

How to Prepare: Your Tranche 2 Readiness Checklist

With 1 July 2026 approaching, affected businesses should be actively preparing. The following checklist provides a practical roadmap for achieving compliance readiness.

The Role of AML/CTF Rules 2024

The AML/CTF Rules 2024 are subordinate legislation made under the AML/CTF Act. While the Act provides the overarching framework and creates the offences and penalties, the Rules prescribe much of the operational detail. Understanding the distinction between the Act and the Rules is important for compliance.

The AML/CTF Rules 2024 specify, among other things:

• Customer identification procedures: The specific documents and methods that are acceptable for verifying client identity, including the applicable customer identification procedure (ACIP) requirements for individuals, companies, trusts, and other entity types.
• AML/CTF programme content: The detailed elements that must be included in your Part A and Part B programme, including the requirement for a documented risk assessment, specific CDD procedures, and the form of employee due diligence.
• Record-keeping standards: The format, content, and retention period requirements for different categories of records.
• Reporting forms and procedures: The form and content of suspicious matter reports and threshold transaction reports, including the information fields that must be completed.
• Simplified CDD conditions: The criteria under which simplified CDD may be applied, and the reduced requirements for low-risk client categories.
• Enhanced CDD triggers: The circumstances that trigger enhanced CDD, including PEP definitions, high-risk jurisdiction lists, and complex ownership structure indicators.

The Rules are a legislative instrument and are legally binding. Failure to comply with the Rules constitutes a failure to comply with the Act. AUSTRAC can amend the Rules without amending the Act itself, which means that the operational detail of your obligations can change through subordinate legislation. Businesses should monitor the Federal Register of Legislation for any amendments to the AML/CTF Rules and update their programmes accordingly.

In practical terms, when building your AML/CTF programme, you need to satisfy both the requirements of the Act (the “what you must do”) and the Rules (the “how you must do it”). For example, the Act requires you to conduct CDD (s28–35), but the Rules specify which identification documents are acceptable and how electronic verification must be conducted. The Act requires you to have an AML/CTF programme (Part 7A), but the Rules prescribe the specific content and structure of that programme.

International Context: Why Australia Expanded Its AML Regime

Tranche 2 does not exist in isolation. It is part of Australia's response to international standards set by the Financial Action Task Force (FATF), the global standard-setting body for anti-money laundering and counter-terrorism financing. FATF is an intergovernmental organisation that sets standards and promotes effective implementation of legal, regulatory, and operational measures for combating money laundering, terrorism financing, and other related threats to the integrity of the international financial system.

FATF Recommendations 22 and 23 specifically require countries to apply CDD, record-keeping, and other AML/CTF measures to designated non-financial businesses and professions (DNFBPs), which include lawyers, notaries, accountants, real estate agents, and dealers in precious metals and stones. Recommendation 22 covers customer due diligence and record-keeping obligations for DNFBPs. Recommendation 23 requires countries to apply suspicious transaction reporting, internal controls, and other measures to DNFBPs.

In Australia's 2015 mutual evaluation, FATF rated the country as non-compliant with both Recommendation 22 and Recommendation 23. This was a significant and embarrassing finding for a developed nation and a founding member of FATF. It placed Australia alongside a small group of countries that had failed to extend AML/CTF regulation to professional services — a gap that FATF identified as a material vulnerability in Australia's financial system integrity. The evaluation found that the absence of regulation created an “AML/CTF gap” that criminals could exploit by using professional service providers as unwitting or complicit facilitators.

The 2015 evaluation was followed by a 2018 follow-up assessment, in which FATF reiterated its concerns and noted that Australia had made insufficient progress toward addressing the deficiency. Australia was placed under enhanced follow-up procedures, a category reserved for countries with significant outstanding issues. This created sustained diplomatic and policy pressure on the Australian Government to act. The spectre of potential grey listing — being placed on the FATF list of jurisdictions under increased monitoring — provided additional impetus for reform. Grey listing carries significant reputational and economic consequences, including increased scrutiny of cross-border financial transactions, higher compliance costs for Australian financial institutions, and potential restrictions on access to international financial markets.

Many comparable jurisdictions have already implemented equivalent regimes. The United Kingdom has required DNFBPs to comply with AML regulations since 2007, most recently under the Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017. The European Union has progressively extended AML obligations to DNFBPs through its Anti-Money Laundering Directives (currently the 6th AMLD), with a dedicated AML Authority (AMLA) being established. New Zealand brought lawyers, accountants, and real estate agents into its AML regime under Phase 2 of the Anti-Money Laundering and Countering Financing of Terrorism Act 2009, which commenced in 2018. Canada has required DNFBPs to comply with the Proceeds of Crime (Money Laundering) and Terrorist Financing Act since 2008.

Australia's Tranche 2 brings the country into line with these international peers, closes the regulatory gap identified by FATF, and strengthens the integrity of the Australian financial system. For Australia's next mutual evaluation — expected in the coming years — the implementation and effectiveness of Tranche 2 will be a critical area of assessment.