Tranche 2 deadline: 1 July 2026—40 days remaining
AML/CTF Compliance · Accountants & Tax Agents
AML/CTF Compliance for Australian Accountants and Tax Agents
From 1 July 2026, Australian accountants and tax agents who provide certain designated services must comply with the Anti-Money Laundering and Counter-Terrorism Financing Act 2006 (Cth) under the Tranche 2 reforms. If your accounting practice manages client funds, forms companies or trusts, acts as nominee director, or provides registered office services, you are a reporting entity and must enrol with AUSTRAC by 29 July 2026. General tax return preparation alone does not trigger obligations.
Built on AUSTRAC official guidance · AI-generated · Firm-specific · No legal knowledge required · Ready in 60 seconds
Scope questions
Does my accounting practice need to comply with AUSTRAC?
Yes, if you provide any of the following designated services under Table 6 of s.6(5B) of the AML/CTF Act 2006: managing or controlling client funds or assets, forming companies or trusts for clients, acting as or arranging nominee directors or shareholders, providing registered office services, or acting on real estate transactions on behalf of clients. Source: AUSTRAC — Accounting professionals ↗; AML/CTF Act 2006, s.6(5B), Table 6.
General tax return preparation, BAS lodgement, and standard bookkeeping are not designated services. However, if your firm also provides any of the services above, those specific services are regulated — regardless of whether tax work is your primary activity.
Does general tax return preparation trigger AUSTRAC obligations?
No. General tax return preparation, BAS lodgement, and standard bookkeeping are not designated services under the AML/CTF Act 2006. Only services in Table 6 of s.6(5B) trigger obligations. However, if your firm also provides trust formation, company structuring, or manages client funds, those specific services are regulated regardless of whether tax work is your primary service.
Source: AML/CTF Act 2006, Table 1 of s.6(1) vs Table 6 of s.6(5B).
What about managing a client’s trust account — is that regulated?
Yes. Managing or controlling client money, securities, or other assets is a designated service under Table 6 of s.6(5B). This includes operating trust accounts on behalf of clients, managing investment portfolios, and controlling SMSF assets where the accountant exercises discretion. AUSTRAC has clarified that funds held solely as payment for your own services are exempt — but using a trust account as a substitute banking facility for clients is not exempt.
Does forming one company per year for a client trigger Tranche 2?
Yes. Company and trust formation is a designated service regardless of volume or frequency. Even a single company incorporation or trust establishment on behalf of a client in a year makes your practice a reporting entity for that service. The trigger is the nature of the service, not how often it occurs.
Source: Schedule 3, AML/CTF Act 2006.
What accounting services are NOT designated services under Tranche 2?
General tax return preparation, income tax advice, BAS preparation, standard bookkeeping, financial statement preparation, and audit services are not designated services. If your practice provides only these services and does not manage client funds or form legal structures, you are not a Tranche 2 reporting entity. Use AUSTRAC’s eligibility checker at austrac.gov.au ↗ to confirm your specific situation.
Your obligations
What does AUSTRAC require from accounting practices by 1 July 2026?
These are the seven steps every in-scope accounting practice must complete before obligations commence. Klyvon generates all required documents automatically.
How do accountants enrol with AUSTRAC?
Go to AUSTRAC Online at online.austrac.gov.au and create an account using your ABN. Complete the Business Profile Form declaring your designated services, Compliance Officer details, and business structure. Enrolment opened 31 March 2026 and must be completed by 29 July 2026.
s.76 AML/CTF Act 2006
Who can be the AML/CTF Compliance Officer for an accounting firm?
The Compliance Officer must be a senior person within the practice — for small and sole-practitioner firms, the principal accountant can hold the role. They must be appointed in writing, have authority to access all client files and records, and meet AUSTRAC's fit and proper standard.
s.36 AML/CTF Act 2006
What must an accounting firm's AML/CTF program cover?
Your written program must address Part A — your ML/TF risk assessment covering client types, services, delivery channels, and jurisdictions — and Part B — your customer identification and verification procedures. For accountants, the risk assessment must specifically address risks from company and trust formation, nominee services, and client fund management.
s.84 AML/CTF Act 2006
What CDD must accountants conduct on clients?
Before providing a designated service, collect and verify each client's identity. For individuals: full name, DOB, address verified by government-issued photo ID. For companies: ACN, registered address, directors, and beneficial owners (natural persons owning 25%+). For trusts: trust deed, trustee identity, appointor, and beneficial ownership traced to natural persons.
ss.28–36 AML/CTF Act 2006
What suspicious activity must accountants watch for?
AUSTRAC published specific red flags for accounting professionals in January 2026 — including company formations with no clear commercial purpose, nominee arrangements obscuring true ownership, and funds from high-risk jurisdictions. See Section 3 below for the full list of accountant-specific red flags.
AUSTRAC Risk Insights for Accountants, January 2026
When must accountants submit Suspicious Matter Reports?
When you have reasonable grounds to suspect a matter involves money laundering, terrorism financing, or proceeds of crime. Terrorism financing suspicions must be reported within 24 hours. All other matters within 3 business days. Document every assessment including decisions not to file. The tipping-off prohibition under s.123 means you cannot disclose an SMR to the client.
s.41 AML/CTF Act 2006
What records must accounting practices keep?
All CDD records, transaction records, SMRs, TTRs, risk assessments, and training records must be retained for a minimum of 7 years. Records must be stored securely and be retrievable within timeframes specified in any AUSTRAC request.
ss.112, 162 AML/CTF Act; AML/CTF Rules 2007, Part 10
AUSTRAC guidance
What suspicious activity should accountants watch for under AUSTRAC guidance?
AUSTRAC published specific red flag indicators for accountants in January 2026. The following patterns must trigger internal escalation to your Compliance Officer and may require a Suspicious Matter Report.
AUSTRAC Risk Insights for Accountants, January 2026 ↗
Should accountants be concerned about company or trust formations with no clear commercial purpose?
Yes. Clients requesting the formation of companies or trusts where no genuine business activity or commercial rationale can be identified — particularly where the client is vague about the entity's purpose — are a significant red flag. Your AML/CTF Program must include procedures to document the purpose of every entity formation and to escalate formations that cannot be adequately explained.
What makes a nominee director or shareholder arrangement suspicious?
Nominee director or shareholder arrangements where the named person has no genuine connection to the business, no knowledge of its activities, and no apparent reason to be involved are a key indicator of a structure designed to obscure the true controller. AUSTRAC's guidance specifically identifies nominee arrangements as a high-risk service for accountants, requiring enhanced due diligence and beneficial ownership tracing to the true controller.
How should accountants treat clients managing funds from FATF high-risk jurisdictions?
Clients managing or receiving funds from countries on the FATF grey or black list carry elevated money laundering risk. Your AML/CTF Program must include a geographic risk assessment, and any engagement involving funds from high-risk jurisdictions must trigger enhanced CDD — including source of funds and source of wealth verification. Source: FATF Country Assessments, incorporated by reference in AUSTRAC guidance.
What is layering through corporate structures and why must accountants detect it?
Multi-layered corporate or trust structures — particularly chains of holding companies, back-to-back trusts, or structures in multiple jurisdictions — that make it difficult to identify the ultimate beneficial owner are a known money laundering technique called layering. If a client asks you to establish or administer a structure where the complexity appears designed to obscure rather than serve a legitimate business purpose, this must be escalated to your Compliance Officer.
Is structuring payments or transactions a red flag for accounting clients?
Yes. Clients deliberately structuring cash payments or transactions to remain below the $10,000 TTR threshold — or asking whether payments would trigger a report — must be treated as suspicious. Under s.142 of the AML/CTF Act 2006, structuring is a criminal offence. Your AML/CTF Program must include transaction monitoring procedures to identify structuring patterns across client accounts.
What should accountants do when a client refuses to provide source of funds information?
Clients who are unusually resistant to providing source of funds or source of wealth information — particularly for large fund movements or high-value entity formations — are a significant red flag. You cannot proceed with the designated service if required CDD cannot be completed. If the client's refusal itself raises suspicion, you may be required to file a Suspicious Matter Report. Source: ss.28–36, s.41 AML/CTF Act 2006.
Is rapid movement of large sums through trust accounts a suspicious indicator?
Yes. The rapid movement of large sums through trust accounts without a clear, documented commercial rationale is identified in AUSTRAC's Risk Insights for Accountants as a key red flag. If funds are entering and leaving a client's trust account at an unusually high velocity, with no corresponding business transactions that explain the movement, this must trigger enhanced scrutiny and documented assessment.
What if a client instructs me to establish multiple entities in quick succession?
Instructions to establish multiple companies or trusts in rapid succession, particularly where no coherent business explanation is provided for the need for separate entities, is a flag for potential layering or structuring of beneficial ownership. Each formation must be assessed individually against your CDD and risk assessment procedures, and the overall pattern must be documented and evaluated by your Compliance Officer.
How should accounting practices handle politically exposed persons as clients?
A Politically Exposed Person (PEP) — an individual holding or having held a prominent public position, or a close family member or associate of one — must be subjected to enhanced CDD, including source of funds and source of wealth verification, and senior management approval before the engagement begins. PEP status does not mean you cannot take on the client, but the additional steps are mandatory. Source: AUSTRAC Risk Insights for Accountants, January 2026.
What does a transaction inconsistent with a client's business profile look like?
A transaction that is inconsistent with the client's known business size, revenue, or operating profile — such as a small sole-trader business moving funds in volumes typical of a large enterprise — warrants enhanced scrutiny. Your AML/CTF Program should include procedures to establish a baseline understanding of each client's expected transaction patterns and to flag deviations for documented review.
What you get
What does Klyvon's AI generate for your accounting practice?
Every document is generated for your specific practice — your name, your compliance officer, your services. Not a generic template. Every document is generated by AI trained on AUSTRAC's official guidance for your sector — then reviewed and owned by you.
AML/CTF Program Document
Personalised · AI-generatedYour firm-specific compliance program citing Act sections throughout. Covers client fund management risks, company and trust formation procedures, nominee service red flags, and accountant-specific risk factors.
Client Due Diligence Forms
Personalised · AI-generatedCDD procedures for individual, company, trust, and SMSF clients with accountant-specific enhanced CDD triggers, including source of funds requirements for fund management clients.
Compliance Officer Letter
Personalised · AI-generatedFormal appointment letter satisfying the written appointment requirement under s.36 AML/CTF Act 2006, personalised to your practice and Compliance Officer.
AI Suspicious Matter Report Assistant
Personalised · AI-generatedWhen suspicion arises, you have 3 business days to file with AUSTRAC. Klyvon's AI generates a formal 6-section SMR draft from the transaction details you enter — industry-aware language, TTR flag if the amount exceeds $10,000, and your firm's AUSTRAC ID pre-populated. You review and submit.
AI-generated documents are a starting point — reviewed and owned by you. All decisions remain with your firm.
Enforcement
What are the penalties for accountants who don’t comply with AUSTRAC?
Under Part 15 of the AML/CTF Act 2006 (Cth), civil penalties reach up to $33,000,000 for body corporates and $6,600,000 for individuals per contravention. Criminal penalties apply for operating without enrolment and for serious or wilful non-compliance. AUSTRAC publishes enforcement actions publicly. For accountants specifically, CPA Australia and CA ANZ have professional conduct obligations that may be triggered by AUSTRAC findings — a regulatory penalty can carry professional licence consequences beyond the financial penalty itself.
Source: AML/CTF Act 2006 (Cth), Part 15, s.76. Penalty figures are indicative — refer to current legislation for precise amounts.
Pricing
How much does AML/CTF compliance cost for an accounting practice?
The Australian government estimates the average cost of manual AML/CTF compliance preparation at $23,250 per business when using consultants and lawyers. Compliance consultants charge $10,000–$50,000 or more for custom program development. Klyvon generates your complete compliance documents for $99/month + GST — with all documents ready in under 60 seconds.
Klyvon Compliance Pro — Accountants & Tax Agents
$99/month
- ✓ AML/CTF Program Document
- ✓ Client Due Diligence Forms
- ✓ Compliance Officer Letter
- ✓ SMR Template + Filing Guide
- ✓ AUSTRAC Enrolment Guide
Cancel before trial ends — no charge
Common questions
Common questions from accountants about AUSTRAC Tranche 2
Does Tranche 2 apply to BAS agents as well as registered tax agents?
BAS agents whose services are limited to BAS preparation and lodgement are not providing designated services under Table 6 of s.6(5B). However, if a BAS agent also manages client funds, operates trust accounts on behalf of clients, or assists with company or trust formations, those services are regulated. The obligation attaches to the service provided, not the registration type. Use AUSTRAC's eligibility checker at austrac.gov.au to confirm.
What if I only occasionally form a company or trust for a client?
The frequency of providing a designated service does not affect whether you are a reporting entity. Even one company incorporation or trust establishment on behalf of a client in a calendar year triggers AML/CTF obligations for that service. You must enrol with AUSTRAC, implement an AML/CTF program, and conduct CDD for that client. Source: Schedule 3, AML/CTF Act 2006.
Do I need separate CDD for each engagement or once per client?
CDD must be completed before providing a designated service, but you do not need to re-collect documents for each subsequent engagement with the same client if their circumstances have not changed and your previous verification remains current. Your AML/CTF program must specify your ongoing CDD review procedures — including triggers for re-verification such as material changes to client structure, unusual transactions, or changes in risk profile.
Can I rely on CDD conducted by another Tranche 2 entity such as a law firm?
Yes. Reliance arrangements are permitted under ss.38–40 of the AML/CTF Act. If a law firm has already verified a mutual client's identity, you may rely on that CDD under a written reliance arrangement. The relying party retains legal responsibility for the adequacy of the CDD — so you must be satisfied the other entity's verification meets the required standard before relying on it.
What is beneficial ownership and how do I identify it for a discretionary trust?
Beneficial ownership means identifying the natural persons who ultimately own or control the entity. For a discretionary trust, this includes the trustee (and if corporate, its directors and shareholders), the settlor, the appointor, and any named or identifiable beneficiaries. Where no individual beneficiary owns 25% or more, you must identify the class of beneficiaries and the person exercising effective control — typically the appointor. Source: ss.28–36, AML/CTF Act 2006.
Do I need to re-verify long-standing clients I have worked with for many years?
AUSTRAC's guidance requires that all customers be identified and verified before designated services are provided. For existing clients with no prior formal verification, you must complete CDD before continuing to provide regulated services after 1 July 2026. For clients previously verified under a robust process with adequate records, your AML/CTF program must specify how you treat existing client files and must ensure documentation is sufficient. Source: AUSTRAC CDD guidance.
What is a PEP and what additional steps are required when dealing with one?
A Politically Exposed Person (PEP) is an individual who holds or has held a prominent public position — including government ministers, senior military or judicial officers, and their close family members and associates. Engaging a PEP as a client requires enhanced CDD: verifying the source of funds and source of wealth, applying senior management approval before engaging, and conducting more frequent periodic reviews of the relationship.
Does Tranche 2 apply if I work as a contractor inside a larger accounting firm?
Tranche 2 obligations apply to the reporting entity — the firm that provides the designated service to clients. A contractor working within a compliant firm is generally covered by that firm's AML/CTF program. However, if you operate independently under your own ABN and provide designated services to clients directly, you are personally a reporting entity and must enrol and comply in your own right.
How often must I review my AML/CTF program?
Your AML/CTF program must be reviewed at least annually and whenever there is a material change to your business — such as offering a new service, taking on a new client category, or changes in regulatory guidance. The program review must be documented and approved by a senior manager. Source: s.84 AML/CTF Act 2006; AML/CTF Rules 2007, Part 9.
What is the AUSTRAC Accounting Program Starter Kit and is it enough?
AUSTRAC has released a sector-specific Program Starter Kit for accountants that covers the basic structure of a compliant program. It is a useful starting point but is generic — it does not reflect your firm's specific client base, risk profile, services mix, or compliance officer details. AUSTRAC's own guidance states that programs must be tailored to your business. For more context on what a customised program requires, see our full AUSTRAC Tranche 2 guide.
Can Klyvon help me write a Suspicious Matter Report?
Yes. Klyvon Pro includes an AI Suspicious Matter Report assistant. Enter the transaction date, transaction details, and the suspicious elements you observed. Klyvon's AI generates a formal, AUSTRAC-formatted SMR draft covering all six required sections — reporter obligations under s.41 of the AML/CTF Act 2006, matter details, grounds for suspicion, suspicious indicators, recommended action, and AUSTRAC submission notes. The draft is reviewed by you and submitted directly via AUSTRAC Online. Pro users receive 25 SMR drafts per month.
Ready to generate your AUSTRAC compliance documents?
The 29 July 2026 deadline is 40 days away.