Obligations/CWLTH

Maintain a written AML/CTF program

Every reporting entity needs a documented AML/CTF program — Part A risk + Part B systems.

criticalupcomingongoingCriminal liability

Who must comply

All AUSTRAC reporting entities.

What triggers it

Becoming a reporting entity.

When due

Before providing the first designated service. Maintained on an ongoing basis with annual independent review.

Evidence required

Written program document, board approval minutes, risk assessment, training records, independent review report.

Max penalty

Up to $33M per civil penalty contravention (corporations) or 5 years imprisonment for criminal offences

Effective from

1 July 2026

Summary

A reporting entity must adopt and maintain a written AML/CTF program covering: an ML/TF risk assessment (Part A), customer identification and KYC procedures (Part B), employee due diligence, ongoing customer due diligence, transaction monitoring, board/senior management approval, AML/CTF compliance officer designation, independent review, and ongoing training. Tranche 2 entities must have a compliant program before providing any designated service from 1 July 2026.

Enforced by

AUSTRAC

Source legislation

anti money laundering and counter terrorism financing act 2006

Industries

real estate agents accountants lawyers and solicitors conveyancers tcsps precious metals dealers fintech banking adi gambling

Topics

aml-ctfprogramrisk-assessment

Source: https://austrac.gov.au/business/core-guidance/aml-ctf-program. Rules Mate is not a law firm. Always verify against the live regulator source before acting.