Tranche 2 Australia Explained: AML/CTF Reform Guide 2026

FrankieOne
Tranche 2
Thousands of businesses across Australia will soon face stricter AML/CTF obligations under Tranche 2, requiring them to implement robust compliance measures or risk regulatory penalties.

Thousands of businesses across Australia will soon face stricter AML/CTF obligations under Tranche 2, requiring them to implement robust compliance measures or risk regulatory penalties.

## What Is AML/CTF Tranche 2?

Australia's Anti-Money Laundering and Counter-Terrorism Financing (AML/CTF) framework is expanding. Tranche 2 introduces new regulatory requirements for industries that have historically operated outside these obligations, bringing legal services, real estate, accounting, trust and company service providers, and dealers in precious metals and stones into the compliance fold.

This expansion is designed to align Australia with global AML/CTF standards, reinforcing transparency and closing gaps that have left financial systems vulnerable to exploitation. Australia is one of the last FATF member countries to extend AML/CTF regulation to these sectors — a gap that has drawn repeated criticism in mutual evaluation reports.

## Who Does Tranche 2 Apply To?

The number of businesses required to comply is set to increase from 17,000 to over 100,000. Newly regulated sectors include:

 

    • Law firms and solicitors — particularly those handling conveyancing, trusts, and client money

    • Real estate agents — both residential and commercial property transactions

    • Accountants and tax agents — especially those providing financial structuring advice

    • Trust and company service providers (TCSPs) — including company formation agents

    • Dealers in precious metals and stones — jewellers, bullion dealers, and gemstone tra
    • Adopting Customer Due Diligence (CDD): Verifying customer identities (e.g. full name, date of birth, address, and ID documents) and understanding their business relationships. This includes both Standard Due Diligence for routine clients and [Enhanced Due Diligence for higher-risk relationships](/know-your-customer-and-aml).

    • Reporting Obligations: Submitting suspicious transaction reports (STRs) and adhering to cash transaction limits.

    • Risk Management: Identifying and addressing risks associated with clients, services, and operational regions. A [risk-based approach to onboarding](/risk-based-onboarding) is considered best practice under the new framework.

    • Record-Keeping: Maintaining comprehensive records to support audits and investigations.

  • Training Programs: Equipping staff with knowledge of AML/CTF obligations and best practices.

 

[Read more about AML/CTF and identity verification →](/know-your-customer-and-aml)

## Tranche 2 Timeline: Key Dates

The reform is progressing through Parliament and industry consultation. Key milestones:

| Milestone | Expected Date |
|---|---|
| Exposure draft legislation released | 2024 |
| Parliamentary review and passage | 2025 |
| AUSTRAC registration period opens | 2025–2026 |
| Enforcement of new obligations | 2026 onward |

Businesses should not wait for enforcement to begin preparing. AUSTRAC has signalled that a transition period will be provided, but the complexity of building a compliance program from scratch — particularly for firms without dedicated compliance teams — means early action is critical.

## How to Prepare for Tranche 2

While these changes are necessary to strengthen Australia's financial ecosystem, they also present operational challenges. Many businesses, particularly those without dedicated compliance teams, will need to implement new processes, train staff, and integrate AML/CTF solutions into their workflows. The cost of compliance, both in time and resources, will be a key concern, especially for small and medium-sized enterprises.

Practical steps to take now:

1. Assess your risk exposure — Map the services you provide against AUSTRAC's risk indicators. Which clients and transactions carry elevated money laundering or terrorism financing risk?
2. Identify compliance gaps — Do you have a documented AML/CTF program? Can you verify customer identities digitally? Are your staff trained?
3. Choose a technology partner — Manual compliance won't scale for most businesses. Evaluate platforms that can automate identity verification, risk scoring, and reporting.
4. Start staff training early — Compliance culture takes time to embed. Don't wait until enforcement begins.

However