AML compliance for non-bank financial services
Non-bank lenders, mortgage brokers, finance brokers, and adjacent financial services have evolving AML/CTF obligations. We're onboarding sector specialist providers — register your interest.
until 1 July 2026 — most providers need 2 to 4 weeks to set you up.
Financial services AML compliance under AUSTRAC's Tranche 2 reforms means financial services firms must build an AML/CTF program, run customer due diligence (CDD) on every client receiving a designated service, monitor transactions, file suspicious matter reports (SMRs) when triggered, and complete AUSTRAC enrolment before providing in-scope services. CompareAML matches Australian financial services firms to vetted, sector-experienced AML software and managed-service providers — independent, free, and aligned with the Financial services AML/CTF program template requirements set out in the AML/CTF Act and Rules.
Does this apply to your business?
Non-bank lenders, mortgage brokers, finance brokers, fintech.
- Non-bank lenders and BNPL providers
- Mortgage and finance brokers
- Specialist fintech and embedded finance
What you must do by 1 July 2026
Existing AML/CTF obligations apply now; Tranche 2 changes take effect 1 July 2026.
- 1
Confirm reporting entity status
Many financial services are already designated under existing AML/CTF Act provisions.
- 2
Risk assessment and program
Documented AML/CTF program proportional to risk.
- 3
Ongoing CDD and monitoring
Continuous monitoring of customer activity.
What actually triggers AML obligations.
Tranche 2 captures specific services, not whole professions. If your firm provides any of these, you're a reporting entity for that activity.
- Making a loan or providing credit in the course of business (non-bank lending)
- Arranging for a person to receive a designated service (broker activity)
- Providing a remittance or money-transfer service
- Issuing or selling a stored-value card above prescribed limits
- Operating a digital currency exchange (registration also required)
What compliance looks like in practice.
A broker arranges a residential investment loan for a client through a non-bank lender. Both the broker (arranger) and the lender have CDD, source-of-funds and ongoing monitoring obligations.
A specialist asset-finance lender extends working capital to an SME. CDD on the borrowing entity and beneficial owners >25%, sanctions screening, and transaction monitoring across the loan lifecycle.
A fintech offering point-of-sale credit must enrol with AUSTRAC, run a tailored program for the channel, and submit SMRs where transaction patterns suggest structuring or third-party use.
What's at stake if you wait
AUSTRAC enforcement scales with risk and time. The closer to the deadline, the harder it is to onboard cleanly.
- Civil penalties up to A$22M per contravention
- ASIC and AUSTRAC joint scrutiny
Providers for financial services
We're actively recruiting providers for financial services. Submit your details to be matched as soon as they onboard.
We're onboarding sector specialists for financial services.
In the meantime, several full-suite providers in our directory cover adjacent sectors and can support you. Get matched and we'll send the closest fits today, plus the sector specialists as soon as they go live.
Browse all 14 providersWhat providers handle for you
- Tailored programs for lending, brokering, and fintech
- API-based identity verification and screening
- Transaction monitoring tooling
Financial services compliance — common questions
Don't see your question? Get matched and a vetted provider will answer it directly.
We're already AUSTRAC registered. Does Tranche 2 add anything?+
Yes, in most cases. Tranche 2 expands the designated-service list, tightens beneficial-ownership and source-of-funds expectations, and raises the bar on transaction monitoring and independent review. Programs written in 2018–2020 typically need a refresh against the new Rules, the updated AUSTRAC guidance, and the broader expectations that have crystallised through enforcement action against the major banks. Most providers offer a gap-assessment as a fixed-price first engagement, producing a prioritised remediation list rather than a full rebuild.
Get your matched shortlist in 60 secondsAre mortgage and finance brokers definitely in scope?+
Brokers who arrange for a person to receive a designated service from a lender are themselves providing a designated service under the arranger limb of the Act. This captures most residential, commercial, and asset-finance brokers when they introduce a borrower to a lender. The exact obligations depend on whether the broker also touches funds, holds client money in a trust account, or merely arranges the introduction — but enrolment, CDD on the borrower, and SMR obligations apply at the arranger level even where no funds flow through the broker. The MFAA and FBAA have been engaging with AUSTRAC on guidance for the channel; we are tracking the final position closely.
Get your matched shortlist in 60 secondsWhat about non-bank lenders, BNPL, and embedded finance?+
Making a loan or providing credit in the course of business is a long-standing designated service, so non-bank lenders are already in the regime. Tranche 2 brings sharper expectations rather than first-time enrolment for most. Buy-Now-Pay-Later and embedded point-of-sale credit have been a regulatory grey zone but are increasingly treated as in-scope, particularly where transaction sizes, structuring patterns, or third-party use create ML/TF risk. Fintechs operating through partner banks should not assume the bank's AML program covers their customer-facing flow — partnership arrangements typically split obligations explicitly.
Get your matched shortlist in 60 secondsWhere do digital currency exchanges and remittance fit?+
Digital currency exchanges (DCEs) and remittance service providers have a separate AUSTRAC registration obligation, on top of the standard reporting-entity enrolment, and have been in the regime since 2018 (DCEs) and earlier (remittance). Tranche 2 does not change the registration requirement but does sharpen surrounding expectations on customer due diligence, travel-rule compliance, and transaction monitoring. Providers in this space tend to be specialists — we are onboarding a small number into the directory and will surface them as the segment matures.
Get your matched shortlist in 60 secondsHow does ASIC oversight interact with AUSTRAC?+
ASIC and AUSTRAC have a coordinated supervisory posture for AFSL holders, credit licensees, and financial-services intermediaries. AML failings frequently surface in ASIC reviews, and ASIC enforcement actions (responsible lending, fee-for-no-service, design-and-distribution) increasingly include AML/CTF findings as a contributing factor. Practical implication: your AML program, your responsible-lending controls, and your DDO product-governance work should reuse the same customer data, the same risk taxonomy, and the same monitoring infrastructure rather than running as parallel silos.
Get your matched shortlist in 60 secondsGet matched to financial services providers in 60 seconds
Free for businesses. We're paid by providers, never by referral commission.
- Independently vetted Australian providers
- Aligned with AUSTRAC Tranche 2 guidance
- Shortlist shown instantly · warm intro within 1 business day
Other Tranche 2 sectors
CDD, EDD, beneficial ownership, SMR, TTR, Tranche 2 — 80+ terms defined.
Get a personalised AUSTRAC Tranche 2 risk profile for your financial services firm.
Plain-English regulatory updates and provider deep-dives from the AML Intelligence Network.