Insight
Tranche 2 Arrives: What the 1 July 2026 AML Reforms Mean for Australian Businesses
01 Jul 2026
The most significant expansion of Australia’s anti-money laundering regime in two decades is now in effect. Following the Anti-Money Laundering and Counter-Terrorism Financing Amendment Act 2024 (Cth), a large group of professional and service businesses — the so-called “Tranche 2” entities — have been brought into the regime. For many of these businesses, this is the first time they have faced obligations under the Anti-Money Laundering and Counter-Terrorism Financing Act 2006 (Cth) at all.
What changed, and when
The reforms apply on a staggered timeline. Changes for existing reporting entities took effect from 31 March 2026, while obligations for newly regulated “Tranche 2” entities commenced from 1 July 2026. Enrolment with AUSTRAC for Tranche 2 entities was able to begin from 31 March 2026.
The newly captured sectors are broad. The Tranche 2 reforms expand AML/CTF compliance to additional professions including lawyers, accountants, real estate professionals, property developers, and precious stone and metal dealers. From 1 July 2026, professional service providers such as conveyancers, and trust and company service providers, are also brought within the regime. The change is substantial in scale — the amendments are likely to result in approximately 90,000 new reporting entities.
What the obligations look like
Being a reporting entity is not a one-off registration exercise. Tranche 2 entities are required to comply with obligations including specified record-keeping and reporting obligations, as well as the implementation of an AML/CTF program aimed at minimising the entity’s risk exposure to money laundering and terrorism financing through its services. In practice this generally involves customer due diligence, ongoing monitoring, and enhanced scrutiny of higher-risk customers.
The reforms also reshape the structure of compliance programs themselves. One of the most significant changes is the removal of the long-standing Part A and Part B AML/CTF program structure, moving toward a more streamlined, risk-based model. Businesses that already had programs in place will need to consider how the new approach applies to them.
Importantly, the consequences of getting this wrong are not trivial. Failure to comply with these obligations could result in significant civil penalty orders and other enforcement action available to AUSTRAC.
Key dates beyond commencement
Several transitional deadlines accompany the 1 July 2026 start date, and they may matter to newly regulated businesses planning their compliance work:
- New reporting entities are to enrol with AUSTRAC by 29 July 2026.
- Newly regulated reporting entities have until 29 July 2026 to notify AUSTRAC of the identity of their AML/CTF Compliance Officer.
- For newly regulated businesses, the earliest date for their first independent evaluation is 1 July 2029, with further deadlines staggered at six-month intervals.
Privacy obligations arrive alongside
A development that has received less attention is the interaction with privacy law. From 1 July 2026, Tranche 2 entities — including real estate professionals, dealers in precious metals and stones, lawyers, conveyancers, accountants, and trust and company service providers — are brought into the Privacy Act 1988. Because AML compliance involves collecting and holding sensitive customer information, newly regulated businesses may wish to consider their privacy obligations and their AML obligations together rather than in isolation.
Support is available
The regulator has acknowledged the scale of the change. AUSTRAC has developed program starter kits, described as the first time an anti-money laundering regulator has provided this level of practical support to business, developed in collaboration with industry peak bodies and small businesses across the newly regulated sectors. Reviewing AUSTRAC’s published guidance for your specific sector can be a useful starting point.
Practical steps you may wish to consider
- Confirming whether your business provides a “designated service” that brings it within the regime
- Reviewing AUSTRAC’s enrolment requirements and the relevant deadlines for your entity
- Considering whether you have an appropriate AML/CTF program under the new risk-based model
- Identifying and appointing an AML/CTF Compliance Officer and notifying AUSTRAC
- Reviewing AUSTRAC’s sector-specific starter kits and guidance
- Considering your customer due diligence and record-keeping processes
- Reviewing your privacy practices in light of your new status under the Privacy Act 1988
This article contains general information only and does not constitute legal advice. Envision Legal accepts no liability for any loss arising from reliance on this content. You should seek independent legal advice tailored to your specific circumstances. For enquiries, contact Envision Legal.
Talk to us
Ready to talk it through?
Send us a note about what you're working on. We'll respond within one business day and, if we're a fit, book a free 15-minute consultation with a senior lawyer.
