Summary of obligations (Anti-Money Laundering Reform)
This page provides a summary of your upcoming anti-money laundering and counter-terrorism financing (AML/CTF) obligations. On this page New regulated services Key obligations summary 1. Enrol and register with us 2. Develop and maintain an AML/CTF program tailored to your business 3. Get your staff ready 4. Conduct customer due diligence 5. Report certain transactions and suspicious activity 6. Make and keep records Clear protections for legal professional privilege Related pages New regulated services From 1 July 2026, AML/CTF obligations will apply to certain services typically provided by the following professions and businesses, known as tranche 2 entities: real estate professionals – such as real estate agents, buyer’s agents and property developers dealers in precious stones, metals and products lawyers conveyancers accountants trust and company service providers. More virtual asset-related services and intermediary transfer message services will also come under AML/CTF regulation from 31 March 2026. To check if you provide services that will be regulated under these changes and have AML/CTF obligations: use the online tool to check if you may be regulated visit our new industries and services to be regulated page. For information on the services we already regulate visit who and what we regulate. We’ve developed education resources to help you implement effective AML/CTF measures. You can subscribe to stay updated on AML/CTF reform. Key obligations summary The key obligations for businesses regulated by us are to: Enrol and register with us. Develop and maintain an AML/CTF program tailored to your business. Get your staff ready to implement your obligations. Conduct initial and ongoing customer due diligence (CDD). Report certain transactions and suspicious activities. Make and keep records. In meeting your obligations, the relevant laws also provide clear protections for information that may be subject to legal professional privilege. Understanding and meeting your obligations is essential to protect your business from misuse by criminals and make sure you comply with Australia’s AML/CTF laws. 1. Enrol and register with us If you provide a designated service with a geographical link to Australia you must enrol. Enrolment opens 31 March 2026 for newly regulated industries and can’t be done earlier. If you’re a remittance service provider or virtual asset service provider, you need to enrol and apply for registration. If you’re already enrolled or registered, you must update your enrolment and registration details to include any of the new designated services you provide from 31 March 2026. You must also continue to update us when your enrolment or registration details change. The Department of Home Affairs is considering whether transitional rules should be made to extend the deadlines for enrolment and registration mentioned below. This guidance will be updated if any transitional rules are made. Enrol Enrolment involves providing basic information about your business, such as its: structure services key personnel contact details. You must also update your details when they change. You must submit your enrolment application no later than 28 days after the day you start providing a designated service. If your business provides any of the newly regulated virtual asset services or intermediary transfer message services, these new laws start 31 March 2026. This means you’ll have until 28 April 2026 to enrol. If you provide any other newly regulated designated services, the new laws start on 1 July 2026, and you must enrol by 29 July 2026. Register You must not provide an existing regulated virtual asset or remittance designated service before you’ve registered with us. This obligation applies to newly regulated virtual asset services from 31 March 2026. Criminal penalties apply for non-compliance. Learn more about enrolment and registration and the consequences of not complying. 2. Develop and maintain an AML/CTF program tailored to your business An AML/CTF program protects your business from criminal exploitation through money laundering, terrorism financing and proliferation financing. It helps you fulfil your obligations and contributes to a safer Australian financial system. Your program must contain both of the following: A risk assessment: you must identify and assess your money laundering, terrorism financing and proliferation financing risks (we refer to these as ML/TF risks). AML/CTF policies: you must develop and maintain appropriate policies, procedures, systems and controls to manage and mitigate your ML/TF risks and comply with your obligations. Your program must be documented and approved by a senior manager of your business. It must be kept up to date, including to reflect significant changes to your business and relevant ML/TF risk products we release. It must also be independently evaluated at least once every 3 years. Reporting group If you want to share the costs of compliance with other businesses and fit within the framework established by the Act and Rules, you may be able to do so within a reporting group. Entities in a reporting group share some or all risk management and compliance arrangements. This includes those set out in a group AML/CTF program established by a lead entity of the group. Note that obligations apply differently to foreign branches and subsidiaries. Learn more about: your AML/CTF program obligations reporting groups. 3. Get your staff ready Preparing your staff is critical to help you meet your AML/CTF obligations. This includes making sure of all of the following: they’re fit to perform their roles they understand their obligations your business has strong governance and oversight in place. Governance Your AML/CTF program must be subject to appropriate governance arrangements. Strong governance and oversight help protect your business from criminal exploitation and support a culture of AML/CTF compliance. Your AML/CTF governance structure must clearly identify 3 roles: Governing body: has primary responsibility for your governance and executive decisions, empowers the AML/CTF compliance officer and oversees compliance at the highest level. Senior manager or managers: approves key AML/CTF compliance decisions. AML/CTF compliance officer: manages day-to-day AML/CTF compliance and makes sure policies and procedures are implemented. These roles are usually held by different people, but in smaller businesses, one person may conduct multiple governance responsibilities. Learn more about governance. Conduct personnel due diligence and provide AML/CTF training Personnel due diligence and training ensure the people performing AML/CTF