Tranche 2 will significantly expand Australia’s anti‑money‑laundering and counter‑terrorism financing (AML/CTF) regime. For the first time, sectors such as law, accounting, real estate and high‑value goods dealing will fall within the same framework that currently applies to banks and other financial institutions. AUSTRAC regulates just under 18,000 businesses today, but the reforms will bring that number to roughly 100,000. Regulators will not offer much leeway when enforcement begins in July 2026, so early preparation is essential.
What is Tranche 2?
Tranche 2 extends AML/CTF obligations to high‑risk designated services. If your business is a law firm, accounting practice, real‑estate agency, trust or company service provider, dealer in precious metals or stones, or a virtual‑asset service provider, you will need to:
- Verify client identities – collect and verify reliable KYC information about clients and beneficial owners. Enhanced due diligence must be applied for high‑risk or politically exposed persons (PEPs).
- Monitor transactions and relationships – perform ongoing due diligence and risk‑based monitoring throughout the business relationship.
- File suspicious matter reports (SMRs) – SMRs must be submitted within 24 hours for terrorism‑financing suspicions and within 3 business days for other suspicions, such as money‑laundering. Disclosing that an SMR has been lodged may amount to “tipping off”, which is a criminal offence carrying up to two years’ imprisonment or 120 penalty units.
- Update risk assessments and train staff – your AML/CTF program must include a documented risk assessment and a risk‑awareness training program.
Tranche 2 entities may enrol with AUSTRAC from 31 March 2026 and must comply with the new obligations from 1 July 2026
Key changes under Tranche 2
| New requirement | Impact on your business | Why it matters |
| More sectors covered | Lawyers, accountants, real‑estate agents, trust and company service providers, dealers in precious metals and stones, and virtual‑asset service providers | Approximately 100,000 new entities will join the regime to close gaps identified by the FATF |
| Modern customer due diligence | Clear identification and verification steps, including beneficial‑owner checks and enhanced due diligence for PEPs; ongoing transaction monitoring | Aligns Australia’s regime with FATF Recommendations 22 & 23, which require designated non‑financial businesses and professions (DNFBPs) to be regulated |
| Stronger governance | Senior leadership must oversee the AML/CTF program and appoint a fit‑and‑proper AML/CTF compliance officer | Ensures accountability for AML/CTF compliance at board or partnership level. |
| Independent review | Part A of your AML/CTF program must be independently evaluated at least once every three years. AUSTRAC guidance suggests high‑risk businesses should arrange external reviews every two to three years | Prevents “tick‑box” compliance and provides assurance that processes are effective. |
| Tipping‑off offence | Staff must not reveal that a suspicious matter report has been submitted or that an audit/notice has occurred | Protects investigations. Failure to comply can result in criminal penalties, so clear scripts and training are essential. |
Who needs to pay attention?
- Law firms handling property transfers, client funds or complex corporate structures
- Accounting firms managing client monies or offshore structures
- Real‑estate agencies facilitating high‑value property sales
- High‑value goods dealers handling luxury items, precious metals or stones
Even if you have only minimal AML obligations today, a basic policy will not suffice. Regulators expect documented procedures, up‑to‑date risk assessments and trained personnel.
Common Tranche 2 AML/CTF weak spots
Many existing AML programs fall short because they rely on static policies. Frequent issues include:
- Outdated risk assessments that ignore new threats
- Weak customer due diligence or beneficial‑owner checks
- Poor record‑keeping; the law requires AML/CTF records to be kept for at least seven years
- Untrained staff who do not know how to recognise or report red flags
Regulators have already penalised firms for failing to verify sources of funds, missing PEPs and failing to submit SMRs. Policies alone are not enough – you need practical processes, training and proof that your controls work.
Tranche 2 AML/CTF checklist for readiness
How to read your score
- Low risk: You’re on the right track; continue reviewing.
- Medium risk: Progressing, but gaps remain.
- High risk: Immediate action is required, don’t wait.
Closing the gaps
If your score was below low risk, prioritise the following actions:
- Update your policies to reflect new identity‑verification, transaction‑monitoring and reporting requirements.
- Strengthen due diligence; ensure beneficial‑ownership and PEP checks meet enhanced requirements
- Provide sector‑specific training to staff.
- Implement technology solutions to automate monitoring and reduce manual errors.
- Schedule internal audits and periodic independent reviews to identify issues early
Tranche 2 compliance isn’t “set and forget”; it requires continuous improvement, training and adaptation.
Why prepare early?
Non‑compliance results in more than fines, it damages your reputation, erodes client trust and disrupts operations. Proactive businesses avoid penalties and build trust with clients by showing they take AML seriously. Preparation also positions you competitively; clients increasingly prefer firms that demonstrate strong AML/CTF practices.
Phased roadmap to Tranche 2 compliance
| Phase | Timeline | Main actions |
| Assess and plan | Now – Dec 2025 | Identify whether you provide designated services, undertake an AML/CTF risk assessment and gap analysis; obtain board endorsement for your program. |
| Build and test | Jan 2026 – Jun 2026 | Draft and document your AML/CTF program; appoint an AML/CTF compliance officer; test RegTech or outsourced KYC solutions; train staff; prepare policies to prevent tipping‑off. |
| Go live | By 1 Jul 2026 | Enrol with AUSTRAC (available from 31 Mar 2026) commence transaction monitoring and reporting; schedule your first independent review within three years. |
Need expert help?
Tranche 2 brings substantial new obligations. For tailored guidance specific to your sector, consider talking to our compliance specialists. The reforms align Australia’s AML/CTF regime with global standards and will be enforced from 1 July 2026, so there is limited time to get ready.
