AUSTRAC has outlined its expectations for how firms should prepare for the phased implementation of Australia’s expanded Anti-Money Laundering and Counter-Terrorism Financing (AML/CTF) regime. The reforms require changes for current reporting entities and bring new industries into scope. The regime focuses on reducing financial crime risk and aligning with global standards.
How Are Firms Impacted?
Two distinct groups of organisations will fall under different AML/CTF regime implementation timelines. These are:
- Current reporting entities, including financial institutions and virtual asset service providers (VASPs), must comply with the updated requirements effective 31 March 2026.
- Newly regulated sectors, such as legal practitioners, accountants, real estate agents, trust and company service providers, and dealers in precious metals and stones, will fall under the AML/CTF framework from 01 July 2026.
Why AUSTRAC Is Introducing the Changes
AUSTRAC has designed the reforms to close gaps in the existing AML/CTF regime and align Australia with international Financial Action Task Force (FATF) standards. For financial firms, the reforms reflect increasing expectations around their role in identifying and disrupting illicit financial activity..
While financial institutions have long been subject to AML/CTF obligations, gaps in the broader regime have created blind spots that criminals can exploit, often by using unregulated sectors to move funds in and out of the financial system. AUSTRAC is strengthening the framework to close these gaps, reduce systemic risk, and ensure that financial firms are not exposed through weak links elsewhere in the transaction chain. The changes also respond to FATF pressure to meet global standards and protect Australia’s access to international financial markets.
What AUSTRAC Expects from Firms
AUSTRAC is adopting a risk-based, outcomes-oriented approach to implementation. Firms should assess the nature and size of their business and develop controls proportionate to their exposure to money laundering, terrorism financing and proliferation financing risks.
For existing reporting entities, such as financial firms, maintaining current AML/CTF programs while enhancing policies and controls will be crucial to meeting the new obligations. Firms should document implementation plans and address known weaknesses without delay.
For newly regulated businesses, expectations include:
- Enrolling with AUSTRAC between 31 March and 29 July 2026.
- Putting in place a compliant AML/CTF program, either using AUSTRAC’s model (available from December 2025) or a tailored version.
- Appointing an AML/CTF Compliance Officer.
- Training staff on AML/CTF responsibilities and how to respond to suspicious matters.
How Firms Can Get on the Right Track
AUSTRAC will support implementation through guidance, starter programs and industry engagement sessions. While the regulator does not expect complete compliance from day one, reporting entities must demonstrate their risk-focused efforts. They must create AML/CTF programs tailored to their operations and actual money laundering risks rather than taking a templated approach. Firms that delay preparation or ignore risks may face regulatory scrutiny and enforcement actions.
AUSTRAC encourages firms to start preparing well ahead of the deadlines. Key actions include:
- Reviewing internal systems, processes and policies.
- Conducting a risk assessment to understand exposure.
- Planning for staff education and cultural change.
Firms that act early and take a considered approach to implementation will be well-positioned to meet their obligations and demonstrate compliance when the reforms take effect.
See the original media release from AUSTRAC.
Why Firms Are Turning to MCO’s AML/CFT Capabilities
Criminals can often exploit complex legal structures and industries outside the financial sector to move and conceal funds. VASPs, including crypto exchanges and digital wallet services, add to the risk due to their decentralised nature and anonymity of transactions. Coupled with growing international threats, financial institutions in Australia and worldwide face increasing pressure to ensure their AML/CFT frameworks are not just compliant but genuinely effective. To prevent economic losses, reputational harm, and regulatory enforcement, firms are adopting end-to-end RegTech solutions, like MCO.
MCO delivers more than AML/CFT controls. The complete compliance platform covers all aspects of compliance, including Employee Conflicts of Interest, MNPI and Control Room Compliance, and Compliance Program Management. This integrated approach allows firms to maintain oversight, respond to evolving risks, and demonstrate effectiveness across their entire compliance program.
