When do accountants need to comply with AUSTRAC Tranche 2?

The AML/CTF reforms commence on 1 July 2026. Accounting firms must enrol with AUSTRAC by 29 July 2026 and notify AUSTRAC of their AML/CTF Compliance Officer by the same date. The first independent AML/CTF program evaluation is not required until 1 July 2029.

Which accounting services are captured by Tranche 2?

Accounting firms providing designated services are captured. These include acting as a registered tax agent, preparing financial statements, providing business advice, acting as a company secretary, providing payroll services on behalf of a client, and providing accounting services when the firm has signatory authority over a client's bank account or manages assets.

What is an AML/CTF Program and do all accounting firms need one?

Yes. Every reporting entity must have a written AML/CTF Program tailored to its specific ML/TF risk profile. The program must cover customer due diligence procedures, employee training, transaction monitoring, and reporting obligations. Clear AML's Program Builder guides you through creating a compliant program in under an hour.

What are the penalties for non-compliance with AUSTRAC Tranche 2?

Civil penalties can reach up to AUD 22.2 million per contravention for corporations, and AUD 4.4 million for individuals. Criminal penalties for serious AML/CTF offences can include imprisonment. AUSTRAC also has the power to accept enforceable undertakings, issue infringement notices, and seek injunctions.

How long must accounting firms keep AML/CTF records?

All AML/CTF records — including customer identification documents, transaction records, risk assessments, and compliance program documents — must be retained for a minimum of 7 years.

Do accounting firms need to screen clients against sanctions lists?

Yes. Reporting entities must screen clients against the DFAT Consolidated List and UN Security Council sanctions lists. Screening must occur at onboarding and on an ongoing basis. Clear AML automates real-time screening against all required databases.

What is a Suspicious Matter Report (SMR) and when must one be lodged?

An SMR must be lodged with AUSTRAC whenever a reporting entity suspects (on reasonable grounds) that a transaction or attempted transaction may relate to money laundering, terrorism financing, or another serious offence. SMRs must be lodged within 24 hours for terrorism-related matters and within 3 business days for all other suspicious matters.

Can small accounting firms use software to manage AML/CTF compliance?

Yes, and AUSTRAC specifically recommends technology solutions for small businesses. Platforms like Clear AML automate identity verification, risk assessment, sanctions screening, and AUSTRAC reporting — reducing the compliance burden significantly for sole practitioners and small firms.

AUSTRAC Tranche 2 for Accountants: Complete Compliance Guide (2026)

Australia's AML/CTF Act has been expanded to cover accounting firms, lawyers, real estate agents, and other professional services — collectively known as Tranche 2 entities. With approximately 90,000 new reporting entitiesentering regulatory scope, the reforms represent the largest expansion of Australia's AML/CTF framework since the Act was introduced in 2006.

If you run an accounting firm in Australia, this guide explains exactly what you must do, when you must do it, and how to get compliant without disrupting your practice.

Key Deadlines at a Glance

1 July 2026 — AML/CTF reforms commence. Obligations apply from this date.
29 July 2026 — Deadline to enrol with AUSTRAC.
29 July 2026 — Deadline to notify AUSTRAC of your AML/CTF Compliance Officer.
1 July 2029 — Deadline for your first independent AML/CTF program evaluation.

Which Accounting Services Are Captured?

Not every service provided by an accounting firm triggers AML/CTF obligations. The reforms capture firms providing designated services, which for accountants include:

Acting as a registered tax agent or BAS agent when the firm has authority over client funds
Preparing financial statements on behalf of a client
Acting as company secretary for a client
Providing payroll services where the firm controls or disburses funds
Managing assets or accounts where the firm has signatory authority
Providing general accounting or bookkeeping when combined with financial control

If you are unsure whether your services are captured, AUSTRAC's accountants guidance pageprovides sector-specific clarification, or you can use Clear AML's free eligibility checker.

Your 5 Core Compliance Obligations

Once your firm is captured, you must satisfy five core obligations under the AML/CTF Act:

1. Enrol with AUSTRAC

All reporting entities must create an AUSTRAC Online account and enrol their business. Enrolment opened on 31 March 2026 and the deadline is 29 July 2026. You must also nominate an AML/CTF Compliance Officer (this can be the principal of the firm) and notify AUSTRAC of that person's details.

2. Adopt an AML/CTF Program

Every reporting entity must have a written AML/CTF Program — a living document that describes how your firm identifies, assesses, and manages money laundering and terrorism financing risks. The program must be tailored to your specific practice; a generic template will not satisfy AUSTRAC's requirements.

Your program must cover at minimum:

A risk assessment of your client base, services, and delivery channels
Customer due diligence (CDD) procedures including identity verification
Enhanced due diligence (EDD) procedures for high-risk clients
Ongoing monitoring of client relationships
Staff training requirements
Record-keeping obligations
Reporting procedures (SMRs and TTRs)

3. Conduct Customer Due Diligence (CDD)

Before providing a designated service, you must verify the identity of your client. For individuals, this means collecting full name, date of birth, and residential address, then verifying at least one of these against a reliable source. For companies and trusts, you must also identify the entity structure and beneficial owners.

CDD must also be conducted on an ongoing basis — not just at onboarding. You must monitor for changes in client risk profile and re-verify when circumstances change.

4. Report to AUSTRAC When Required

Two types of reports are mandatory under the AML/CTF Act:

Suspicious Matter Reports (SMRs): Must be lodged within 24 hours if the suspicion relates to terrorism financing, or within 3 business days for all other suspicious matters.
Threshold Transaction Reports (TTRs): Required whenever a client conducts a physical cash transaction of AUD 10,000 or more. TTRs must be lodged within 10 business days.

5. Keep Records for 7 Years

All AML/CTF records — customer identification documents, transaction records, risk assessments, SMRs, and your compliance program — must be kept for a minimum of 7 years. Records must be stored in a format that allows them to be provided to AUSTRAC on request.

Independent Evaluation

Your AML/CTF Program must be independently evaluated to assess its effectiveness. For Tranche 2 entities, the first evaluation deadline is 1 July 2029. AUSTRAC has staggered these deadlines based on account numbers to avoid sector-wide bottlenecks. The evaluation must be conducted by someone independent of the program's design and day-to-day operation — this can be an external consultant or an internal reviewer who had no involvement in building the program.

What Are the Penalties for Non-Compliance?

AUSTRAC's enforcement powers are significant. Civil penalties for serious non-compliance can reach up to AUD 22.2 million per contravention for corporations and AUD 4.4 million for individuals. Criminal penalties for the most serious offences can include imprisonment. AUSTRAC has historically preferred to work with businesses to achieve compliance, but has demonstrated willingness to impose large penalties on repeat or deliberate non-compliers.

How Clear AML Helps Accounting Firms

Clear AML is purpose-built for Australian Tranche 2 entities. Our platform for accountants includes a guided AML/CTF Program Builder, automated KYC/KYB identity verification, real-time sanctions and PEP screening, and pre-built SMR and TTR reporting workflows — everything your firm needs to meet its obligations from day one.