Most corporate groups think AML/CTF Tranche 2 is someone else's problem. The beneficial ownership disclosure obligations that land on July 1 reach into every layered structure your group has ever built — trusts, nominees, indirect holdings. Here's what you need to do before the deadline.
The clock is ticking. July 1, 2026 is the hard deadline for AML/CTF Tranche 2 compliance in Australia — and if you're running a corporate group with layered structures, the obligations are far more significant than most in-house teams have acknowledged.
This isn't a problem for your AML reporting entity to manage quietly in the background. The beneficial ownership disclosure requirements embedded in Tranche 2 reach into every trust, every nominee arrangement, and every indirect ownership chain in your group. If your last UBO mapping exercise was done for a bank onboarding form two years ago, you're exposed — and six weeks is not much time to fix it.
Here's a clear-eyed breakdown of what Tranche 2 actually changes, who it affects inside a corporate group, and what you need to do before July 1.
The Anti-Money Laundering and Counter-Terrorism Financing Amendment Act 2024 extended Tranche 2 obligations to a new category of businesses — primarily professional services firms including lawyers, accountants, conveyancers, and trust and company service providers. But the ripple effects for corporate groups go well beyond just adding more entities to the regulated population.
The critical shift is around beneficial ownership disclosure obligations. Under the updated AML/CTF Rules, regulated entities must now collect, verify, and maintain beneficial ownership information — not just ask for it on a customer due diligence form. For corporate groups, this means:
For a corporate group with 10, 30, or 50 entities spread across pty ltds, discretionary trusts, unit trusts, and corporate trustees, this is a structural compliance challenge — not an admin task.
Most corporate groups have some form of beneficial ownership record. The problem is that almost all of them were built for a specific moment in time — usually a banking relationship, an AML questionnaire, or an AUSTRAC audit request — rather than as a living compliance record.
Here's what makes those records structurally inadequate under Tranche 2:
They're static. Tranche 2 requires ongoing monitoring of beneficial ownership. If someone in your ownership chain transfers a stake, changes their control role, or moves ownership via a discretionary trust distribution, your record needs to reflect that — not at the next bank review, but as it happens.
They often stop at the legal entity level. "Company A is owned by Company B, which is owned by Person X" passes a surface check but fails a Tranche 2 analysis if Company B is held through a discretionary trust of which Person X is an appointor, not technically a majority shareholder.
They don't capture control — only ownership. AUSTRAC's interpretation of beneficial ownership under the updated rules explicitly captures persons who exercise control over an entity, not just those who hold a defined percentage threshold. Appointors of trusts. Directors with casting votes. Shareholders with class rights. All of these need to be in your analysis.
They're held in documents, not systems. A PDF in your legal folder is not a beneficial ownership register. It can't be searched, updated, audited, or reported against. Under Tranche 2, your register needs to be something you can actually maintain continuously.
The structures that cause the most problems under Tranche 2 are exactly the structures that corporate groups in Australia most commonly use.
Discretionary trusts present the most complex challenge. Because the trustee has absolute discretion over distributions, there is no beneficiary who holds a fixed ownership interest. Instead, AUSTRAC guidance requires that the appointor (the person with power to remove and replace the trustee) be treated as the effective beneficial owner — because they hold the ultimate control over who controls the trust assets.
For groups where a family trust is a holding entity, the appointor — often a family member not directly involved in the business — may now need to be named, verified, and monitored as a beneficial owner of every downstream entity the trust controls.
Nominee arrangements are equally problematic. Where shares are held by a nominee on behalf of a beneficial owner, the beneficial owner must be identified — not the nominee. This sounds simple but breaks down in practice when the nominee is a corporate entity, when the beneficial ownership agreement was informal, or when the underlying beneficial owner is themselves a trust.
Indirect ownership chains — where UBO is several entities deep — require traversal through every layer. A 25% ownership threshold at each layer means that a 25% stake in an entity that holds 25% of another entity does not result in beneficial ownership of the underlying entity. You need to trace control, not just multiply percentages.
Most corporate groups have never done this analysis systematically. Tranche 2 makes it mandatory.
AUSTRAC's updated guidance is explicit. Here's the gap between what's required and what most groups currently have:
| What AUSTRAC Expects | What Most Groups Have | |
|---|---|---|
| A maintained register of beneficial owners with verification records | A PDF or spreadsheet last updated 18+ months ago | |
| Identification of all persons with ultimate effective control | Ownership percentages to the first entity layer only | |
| Continuous monitoring for material changes | Periodic reviews when a bank asks | |
| Analysis of trust structures including appointor-level control | Trustee listed; beneficiaries listed as "discretionary" | |
| Documented methodology for complex structure resolution | No documented methodology — analyst judgment, case by case | |
| Integration with your AML/CTF Program | Separate UBO exercise not connected to your AML Program |
The organisations that are prepared have built systems — not documents. They have a live UBO register that connects to their entity registry, flags when ownership data changes, and maintains audit-ready verification records.
The organisations that aren't prepared are going to spend the next six weeks scrambling to produce records that should have been maintained continuously.
Six weeks isn't much time, but it's enough to get to a defensible position if you approach it systematically. Here's what needs to happen:
1. Map every entity in the group. Start with your ASIC register. Pull all current company records, including shareholding and officeholder data. Identify all related trusts, joint ventures, and nominee arrangements. You need a complete entity inventory before you can begin UBO analysis.
2. Build ownership structure diagrams for every entity. Layer by layer — not just to the first entity, but to the ultimate human persons who own or control each entity. For trusts, identify trustee, appointor, and beneficiary classes. Flag every complex structure for deeper analysis.
3. Apply the control test, not just the ownership test. For each entity, who exercises ultimate control? Majority shareholders, yes — but also persons with veto rights, casting votes, board appointment rights, or contractual control. Appointors of trusts in your chain must be captured.
4. Verify and document each beneficial owner. AUSTRAC requires identification and verification of beneficial owners — not just names. ID documents, PEP screening, sanctions checks. This is the time-consuming part, especially for older structures where documentation is thin.
5. Build the register in a system, not a document. A spreadsheet updated manually is a step above nothing. An entity management platform where UBO data is live, versioned, and connected to your ASIC records is what Tranche 2 compliance actually looks like in practice.
6. Connect your UBO register to your AML/CTF Program. Your beneficial ownership records need to be part of your AML Program documentation — referenced in your risk assessment, linked to your CDD procedures, and subject to your monitoring obligations.
7. Set change triggers. Before July 1, define what constitutes a material change requiring register update: new shareholders above threshold, trust distribution changes, corporate trustee replacements, new equity issuance, restructures. These triggers need to be in your internal procedures, not living in someone's head.
The fundamental problem with the way most groups approach UBO compliance is that it's treated as a project — something you do, complete, and file. Tranche 2 makes it a process — something that runs continuously as your group structure evolves.
Continuous UBO monitoring means:
Groups that have built this infrastructure treat UBO compliance as an output of their entity management system, not a separate project. Groups that haven't are running it manually, which means it's only as good as the person who last remembered to update the spreadsheet.
Six weeks to July 1. Here's where to start:
The groups that sail through July 1 will be the ones that treated beneficial ownership mapping as infrastructure, not as a response to a deadline. If you're still in response mode, this week is the week to change that.
EntityFlo's entity management platform includes built-in UBO mapping, ASIC data sync, and compliance monitoring tools designed specifically for multi-entity corporate groups. If you're working against the Tranche 2 deadline, speak to our team about how we can help you get your beneficial ownership register into shape before July 1.
Tranche 2 primarily expands the scope of who is classified as a reporting entity under the AML/CTF Act. However, the beneficial ownership obligations in the updated AML/CTF Rules apply broadly to regulated entities' customer due diligence obligations — which means that any entity that does business with a regulated Tranche 2 entity (including professional services providers) may be required to provide updated and verified beneficial ownership information. Additionally, corporate groups that include any Tranche 2-regulated entities must ensure their own AML/CTF Programs are updated to reflect the new obligations.
Under the AML/CTF Rules, a beneficial owner is any natural person who ultimately owns or exercises effective control over a customer or legal arrangement. This includes: persons who directly or indirectly own 25% or more of the voting rights or share capital; persons who exercise effective control through other means (board appointment rights, contractual control, veto rights); and in the case of trusts, the trustee, the settlor, any person with the power to appoint or remove the trustee (appointor), and any beneficiaries with a vested interest. The control test applies even where no individual meets the ownership threshold.
For discretionary trusts, there is no fixed ownership interest to trace — distributions are at the trustee's discretion. AUSTRAC guidance requires that you identify: (1) the trustee (corporate or individual); (2) the appointor — the person with power to remove and replace the trustee, who is typically treated as holding ultimate control; (3) the settlor (for record-keeping purposes); and (4) any beneficiaries with a vested (not discretionary) interest, or where the beneficial class is narrow or controlled. For a corporate trustee, you must then trace the beneficial ownership of the trustee entity using the same framework.
Under the updated AML/CTF Act, civil penalties for non-compliance can reach up to $33.5 million per contravention for corporate entities, and criminal penalties for serious offences carry significant custodial terms. AUSTRAC has historically preferred enforceable undertakings and remediation programs over immediate prosecution for first-time compliance failures — but only where the organisation demonstrates genuine effort to remediate. The "we'll fix it when asked" approach is not a defence; it's evidence of a deficient compliance posture that typically results in heavier enforcement action.
No. Your ASIC company register records the registered shareholders (legal owners) of each company — but beneficial ownership requirements under Tranche 2 look through legal ownership to the ultimate human persons exercising ownership and control. A company register typically shows a corporate shareholder, not the humans behind it. Your beneficial ownership register must be maintained separately, identify natural persons behind all legal entity layers, and be supported by verification documentation. The company register is a starting point for your UBO analysis — not the output of it.
We use cookies to improve your experience. Essential cookies are always active. You can accept all cookies or choose essential only.