AML/CTF Tranche 2 extends compliance obligations to accountants, lawyers, and financial advisers managing entity and trust portfolios in Australia. AUSTRAC enrolment is open now. Obligations go live 1 July 2026. Here's what you need to do.
For decades, Australian accountants, lawyers, and financial advisers operated outside the formal anti-money laundering regime. That changes on 1 July 2026.
AML/CTF Tranche 2 brings professional service providers — including accountants, tax agents, real estate agents, and financial advisers — into the scope of Australia's Anti-Money Laundering and Counter-Terrorism Financing Act 2006. The AUSTRAC enrolment window opened on 31 March 2026. Obligations go live in 91 days.
For firms managing entity and trust portfolios, the impact goes beyond ticking a compliance box. The regime requires you to understand — and document — who actually controls the structures you work with. Ultimate Beneficial Owner (UBO) mapping, customer due diligence records, and ongoing monitoring are now legal requirements, not best practice.
This guide explains what Tranche 2 means for accountants, what you need to have in place before 1 July, and where entity management software fits into a defensible compliance program.
Australia's AML/CTF framework was originally introduced through the Anti-Money Laundering and Counter-Terrorism Financing Act 2006 and applied primarily to financial institutions, banks, and remittance providers — the so-called Tranche 1 entities.
Tranche 2 extends these obligations to designated non-financial businesses and professions (DNFBPs), a category that now includes:
This expansion brings Australia into alignment with the Financial Action Task Force (FATF) recommendations — the global standard for AML compliance — which Australia has been criticised for lagging on for years.
Accountants are at the centre of entity creation, restructuring, and ongoing administration in Australia. You register companies, establish trusts, advise on ownership structures, and maintain the records that define who controls what. That central role is exactly why AUSTRAC is bringing the profession into scope.
Under Tranche 2, if your firm provides services that touch the formation, operation, or management of legal entities — companies, trusts, partnerships — you are a reporting entity with obligations under the Act.
The AUSTRAC enrolment window opened 31 March 2026. If you haven't started the process, start now. Enrolment is completed via the AUSTRAC Online portal and requires you to identify your firm's designated services, nominate a compliance officer, and confirm your AML/CTF program is in place.
Your AML/CTF program must be a written, risk-based framework that covers:
The program must be tailored to your firm — a one-size-fits-all template from a trade association does not satisfy the requirement. AUSTRAC's guidance for professional services firms is the starting point.
CDD is where entity management becomes central. For every client that is a legal entity — company, trust, partnership, SMSF — you must:
For a family trust with a corporate trustee, a discretionary beneficiary class, and an appointor who can replace the trustee — UBO identification is not trivial. It requires a full ownership map, not a single name on a form.
Any transaction or activity that raises a suspicion of money laundering, terrorism financing, or a proceeds of crime issue must be reported to AUSTRAC via a Suspicious Matter Report (SMR). The obligation to report exists even if you don't proceed with the matter.
All CDD records, transaction records, and AML/CTF program documents must be retained for seven years. These records must be available for inspection by AUSTRAC on request.
The hardest part of Tranche 2 compliance for most accounting firms isn't the paperwork — it's the underlying data.
UBO mapping requires you to trace ownership chains through potentially multiple layers of entities: a trust whose trustee is a company, whose shares are held by another trust, whose beneficiaries include individuals and a family holding company. In a portfolio of 50–200 entities across a client base, this is not something you can manage reliably in a spreadsheet or by scanning documents.
EntityFlo's Ownership Map automatically calculates UBO chains across your entire entity portfolio. For each entity under management, the platform:
This is not a manual process. It's an automated, auditable record that satisfies the UBO identification and verification requirement in real time.
Registry Sync keeps your entity data current by pulling live information from ASIC, so the ownership map is always built on verified, up-to-date records — not stale internal notes.
Document Vault gives you a secure, searchable repository for your CDD records: identity verification documents, trust deeds, shareholder agreements, and correspondence. Seven-year retention is built in.
Compliance AI monitors your entity portfolio for changes that may trigger a CDD refresh — director appointments, share transfers, amendments to trust deeds — and alerts you before a compliance gap develops.
Non-compliance with the AML/CTF Act 2006 carries serious consequences:
| Breach type | Potential consequence | |
|---|---|---|
| Failure to enrol with AUSTRAC | Civil penalty up to $18.5 million (body corporate) | |
| Failure to conduct CDD | Civil penalty per contravention | |
| Failure to report a suspicious matter | Civil and criminal penalties | |
| Failure to maintain records | Civil penalty | |
| Tipping off a subject about an SMR | Criminal offence |
These are not nominal fines. AUSTRAC has demonstrated a willingness to pursue major institutions — Westpac's $1.3 billion penalty in 2020 remains the largest corporate fine in Australian history. Tranche 2 extends that same regulatory reach to professional services firms.
Beyond financial penalties, non-compliance with AML/CTF obligations can trigger referrals to professional bodies (CPA Australia, CA ANZ, TPB) with professional registration consequences.
If you're managing entity portfolios and haven't started, here is the minimum viable compliance roadmap:
Does AML/CTF Tranche 2 apply to all accountants, or only large firms?
The obligations apply to any accounting firm that provides designated services — including entity formation, trust administration, company secretarial services, or financial advice relating to those structures. Firm size does not create an exemption. However, the required AML/CTF program must be risk-proportionate, meaning a sole practitioner managing 10 family trust structures has different requirements than a mid-tier firm with hundreds of entity clients.
What counts as an Ultimate Beneficial Owner under Australian AML law?
Under the AML/CTF Act 2006 and AUSTRAC's guidance, a UBO is generally an individual who ultimately owns or controls 25% or more of the entity's ownership interests or voting rights, or who exercises ultimate effective control through other means. For trusts, the analysis includes settlors, trustees, appointors, and beneficiaries — the "25% threshold" test must be applied across all layers of the ownership chain.
Can EntityFlo replace a formal AML/CTF program?
No — EntityFlo is not a substitute for a written AML/CTF program, which is a legal requirement. What EntityFlo provides is the underlying entity data infrastructure that your program needs to function: current UBO maps, verified ASIC records, secure CDD document storage, and change monitoring. Think of it as the data layer that makes your compliance program defensible.
What if my entity records are currently incomplete or out of date?
This is the most common problem firms will face in preparing for 1 July. EntityFlo's Registry Sync pulls current ASIC data for every entity in your portfolio, so you can identify gaps immediately. The Ownership Map then runs against that verified data to surface UBO chains that may never have been formally documented. Starting with an accurate baseline is the first step.
AML/CTF Tranche 2 is the most significant change to Australian professional services compliance in a generation. The 1 July 2026 deadline is firm. The AUSTRAC enrolment window is already open.
For accountants managing entity and trust portfolios, the central challenge is UBO mapping — identifying and documenting the individuals who ultimately own and control the structures you administer. That's not a paperwork exercise. It's a data problem, and it requires infrastructure that keeps pace with changes in your portfolio.
EntityFlo gives you that infrastructure: automated UBO calculation, live ASIC data, secure document storage, and compliance monitoring — built specifically for the complexity of Australian entity management.
Get your entity portfolio AML-ready before 1 July.
Start your 14-day free trial — no credit card required.
Book a demo — 30 minutes, focused on your compliance position.
Nathan Carroll is the founder and CEO of EntityFlo, Australia's purpose-built entity management platform for corporate groups, family offices, and property developers managing 5–100 entities. Prior to EntityFlo, Nathan held the role of Global CRO at FeeWise (LEAP/InfoTrack group), scaling North American revenue from zero to $1M+ ARR in 12 months. He has completed two company exits, including Antler's first global exit. [Connect on LinkedIn](https://linkedin.com/in/nathan-carroll-32b98231).
We use cookies to improve your experience. Essential cookies are always active. You can accept all cookies or choose essential only.