AUSTRAC Tranche 2 is the second tranche of Australia's anti-money laundering and counter-terrorism financing (AML/CTF) regime, enacted by the Anti-Money Laundering and Counter-Terrorism Financing Amendment Act 2024 (Cth). It extends the existing AML/CTF Act 2006 to a new group of professions — known internationally as designated non-financial businesses and professions (DNFBPs) — including lawyers, conveyancers, accountants, real estate agents, dealers in precious metals and stones, and trust and company service providers. New obligations commence on 1 July 2026. Australia is one of the last G20 jurisdictions to extend AML/CTF coverage to these sectors, following Financial Action Task Force (FATF) Recommendations 22 and 23.
Tranche 2 obligations commence on 1 July 2026 for newly captured reporting entities. Affected businesses must enrol with AUSTRAC before they provide a designated service on or after that date. AUSTRAC has indicated a pragmatic, education-first supervisory posture in the early months, but the legal obligation crystallises on 1 July 2026 — not when AUSTRAC begins enforcement activity. Existing reporting entities (banks, remitters, gaming venues already captured under Tranche 1) face additional uplift requirements over the same period.
AUSTRAC's published impact analysis estimates approximately 100,000 Australian businesses become reporting entities under Tranche 2. Captured sectors include solicitors and conveyancers, accountants and tax practitioners, bookkeepers providing in-scope services, real estate agents acting on sales, dealers in precious metals and stones (above prescribed thresholds), trust and company service providers, and several adjacent professional and financial services. The Act captures the provision of specific 'designated services' rather than entire professions — so a solicitor doing pure litigation may be out of scope while the same solicitor handling client funds in a property settlement is in scope.
Reporting entities must (1) enrol with AUSTRAC before providing a designated service; (2) develop and maintain a written AML/CTF program covering Part A (general program — risk assessment, governance, training) and Part B (customer identification and verification); (3) conduct customer due diligence (CDD) including beneficial ownership identification for non-individual customers; (4) apply enhanced due diligence (EDD) to higher-risk customers and politically exposed persons (PEPs); (5) monitor transactions and customer behaviour on an ongoing basis; (6) submit suspicious matter reports (SMRs), threshold transaction reports (TTRs for cash transactions of A$10,000 or more) and international funds transfer instruction (IFTI) reports as triggered; (7) keep records for seven years; and (8) commission an independent review of the program at appropriate intervals.
The AML/CTF Act provides civil penalties of up to A$22 million per contravention for body corporates and A$4.4 million per contravention for individuals (calculated as 100,000 and 20,000 penalty units respectively at the current penalty unit rate). AUSTRAC has separately negotiated record civil penalties under existing Tranche 1 enforcement — A$1.3 billion against Westpac in 2020 and A$700 million against the Commonwealth Bank in 2018 — demonstrating that penalties scale rapidly with the volume of contraventions. Beyond financial penalties, AUSTRAC can issue enforceable undertakings, remedial directions, and infringement notices, and contraventions are publicly reported.
A designated service is a specific service listed in section 6 of the AML/CTF Act 2006 that triggers AML/CTF obligations when provided to a customer. Tranche 2 adds new categories including: assisting with the planning or execution of buying, selling or transferring real estate; managing client money or other assets; creating, operating or managing legal persons or arrangements (such as companies and trusts); providing a registered office or business address; acting as a trustee or company director; and dealing in precious metals or stones above prescribed thresholds. The 'designated service' framing means a single firm may have a mix of in-scope and out-of-scope work depending on what services it actually provides.
Indicative pricing across the 14 vetted providers on CompareAML ranges from A$0 (easyAML is free until 1 July 2026) to A$2,500+ per month for managed services, with the typical SME self-serve subscription falling between A$129 and A$650 per month. Mid-market configurable platforms run A$700–A$2,000 per month, and enterprise quote-based arrangements (Equifax, First AML enterprise) are negotiated per deployment. Implementation effort — independent of the software cost — typically requires 30–80 hours of internal time across program documentation, staff training, and onboarding. See the CompareAML compare page for the current band-by-band breakdown.
Tranche 1, in force since 2006, captures financial institutions, remitters, bullion dealers, and gambling service providers — sectors with the most direct exposure to large-value or high-velocity flows of funds. Tranche 2 extends the same regime to designated non-financial businesses and professions (DNFBPs): lawyers, accountants, real estate agents, trust and company service providers, and dealers in precious metals. The substantive obligations (enrolment, AML/CTF program, CDD, reporting, record-keeping) are largely the same; what changes is the population of reporting entities and AUSTRAC's supervisory bandwidth.
Yes. Every reporting entity must enrol with AUSTRAC before providing a designated service on or after 1 July 2026. Enrolment is free and completed through AUSTRAC Online; it requires basic business identification, designated service categories, and a nominated AML/CTF compliance officer. Enrolment is distinct from registration — registration is only required for remittance service providers and digital currency exchanges. Failing to enrol before providing a designated service is itself a contravention of the Act.
An AML/CTF program is the written document required by Part 7 of the AML/CTF Act describing how a reporting entity will identify, mitigate and manage money-laundering and terrorism-financing risk. It comprises Part A (the general program — risk assessment, governance, employee due diligence, training, oversight, independent review) and Part B (the customer identification and verification procedures). 'Templates' produced by software providers and industry bodies are starting points that must still be tailored to your business: AUSTRAC has consistently warned against 'off-the-shelf' programs that are not genuinely risk-based for the firm using them.