AML/CTF for existing entities

March 31, 2026 is the date when new obligations for Tranche 1 reporting entities and virtual asset service providers in Australia will take effect. If you don’t meet your obligations under AML/CTF law, AUSTRAC can take steps to enforce compliance and/or seek a penalty, including civil penalty orders, enforceable undertakings, infringement notices and remedial directions.

KordaMentha can provide a strategic roadmap for compliance by March 2026. Get in touch with one of our experts to find out how we can help you.

What are the key proposed areas of change?

ML/TF risk assessment

• Risk assessments are the cornerstone to demonstrating compliance with your AML/CTF obligations.
• Risk assessments must also consider the risk of proliferation financing (PF), and if low, existing AML/CTF policies may suffice without additional measures.
• Regular reviews of ML/TF risk assessments are mandated, especially after certain significant changes.

AML/CTF programs

• Businesses will have flexibility in how they organise their AML/CTF Programs, as long as they meet their AML/CTF obligations.​
• AML/CTF Programs must include both the ML/TF risk assessment and AML/CTF policies, which should be appropriate to the nature, size, and complexity of the business.
• A designated senior manager, who participates in making decisions affecting the business, must approve the ML/TF risk assessment and AML/CTF policies and their updates.

AML/CTF policies

• Businesses must develop and maintain policies, procedures, systems, and controls to manage ML/TF risks and evidence compliance with the AML/CTF Act.
• These policies must be appropriate to the business’s nature, size, and complexity, and form part of the AML/CTF Program.
• Policies will cover a broad range of obligations, including governance arrangements, customer and employee due diligence, training for staff, reporting to AUSTRAC and independent evaluations.

AML/CTF responsibilities of governing bodies

• Governing bodies are responsible for the ongoing oversight of ML/TF risk assessment and compliance with AML/CTF policies and the AML/CTF Act.
• They must ensure that the business takes reasonable steps to identify, assess, mitigate, and manage ML/TF risks and comply with the AML/CTF policies and the AML/CTF Act.

AML/CTF compliance officers

• Businesses must designate an AML/CTF compliance officer (AMLCO) who is employed or otherwise engaged at the management level, and who has sufficient authority, independence, and access to resources.
• The AMLCO must be a resident of Australia and be a fit and proper person, responsible for overseeing day-to-day compliance and communicating with AUSTRAC.

Reporting groups

• The concept of a ‘designated business group’ will be replaced with a ‘reporting group,’ allowing more flexibility in group structures, including non-corporate structures, as well entities that are not providing a designated service.
• A lead entity within the reporting group must have an AML/CTF Program appropriate to the nature, size, and complexity of the business of each reporting entity in the group.

Customer due diligence (CDD)

• CDD requirements will shift to an outcomes-focused approach, requiring businesses to know their customers and understand their ML/TF risks.
• Initial CDD must be conducted before providing designated services, unless certain exceptions exist.
• Ongoing CDD involves monitoring customers to identify, assess, mitigate and manage ML/TF risks, with enhanced CDD required for high-risk customers and situations.
• Simplified CDD may be used during both initial and ongoing CDD, as long as the ML/TF risk is low.

Tipping off

• The focus on tipping is now streamlined to prevent the disclosure of suspicious matter reporting information that could prejudice an investigation.
• Both intentional and reckless disclosures may be considered tipping off, with certain exceptions continuing to apply.

Resources for Tranche 1 entities

Access curated resources relevant to Tranche 1 entities on the KordaMentha AML/CTF Hub. As changes roll out, we will be updating our resource library to support existing entities in remaining AML compliant.

We strongly encourage you to subscribe to receive updates and be the first to hear of upcoming webinars, milestones and other downloadable AML/CTF compliance resources.

Senate Submission

AML/CTF Amendment Bill Senate submission

KordaMentha was invited to make a submission to the Legal and Constitutional Affairs Legislation Committee inquiry into the Anti-Money Laundering and Counter-Terrorism Financing Amendment Bill 2024.

Bulletin

KordaMentha AML/CTF Bill Bulletin 2025

Understand the key things Tranche 1 organisations need to know to be reform ready. Download to get a summary of key proposed areas of change.

Service Brochure

AML as a managed service

We offer AML as a managed service, a fully customisable, onshore end-to-end AML solution that enables the secure and cost-effective management of your AML/CTF compliance obligations.

Justice Committee submission

New Zealand Justice Committee submission

KordaMentha was invited to make a submission to the Justice Committee inquiry into the Anti-Money Laundering and Counter Financing of Terrorism Amendment Bill before the New Zealand parliament.

Bulletin

Tipping off

Understand the changes to tipping off under the Anti-Money Laundering and Counter-Terrorism Financing Act 2006, detailing the updated definition, penalties, and exceptions for ‘tipping off’ in financial investigations.

Other AML/CTF hub capabilities

• AML/CTF for new entrants

Our client impact

Independent review of Australian superannuation organisation 

Financial Crime Risk & Compliance

KordaMentha was engaged by an Australian superannuation business to conduct a comprehensive review of its Anti-Money Laundering and Counter-Terrorism Financing (AML/CTF) Program.

View full case study