Summary of changes for current regulated entities

This is a summary of the changes included in the new laws to reform Australia’s Anti-Money Laundering and Counter-Terrorism Financing Act 2006 (AML/CTF Act). 

These summarise the changes as outlined under the Anti-Money Laundering and Counter-Terrorism Financing Amendment Bill 2024 (the Bill). This is important information for all reporting entities currently regulated by AUSTRAC. 

We will release further guidance and educational materials in mid-2025 to help you understand and meet your changed obligations. You can subscribe to stay updated on AML/CTF reform

Should you require more information in the meantime, refer to the Bill and Explanatory Memorandums

On this page

New AML/CTF program requirements

A major update to the AML/CTF program requirements shifts the focus from a compliance-based approach to a risk-based, outcomes-oriented approach. These changes will help you adopt more effective AML/CTF measures tailored to the actual risks your business faces.

The separation of an AML/CTF program into Part A and Part B is no longer a requirement. You can organise your AML/CTF program in a way that meets your needs, provided it meets the requirements of the AML/CTF Act.  

The new requirements include:

  • ML/TF/PF risk assessment: You must identify and assess risks related to money laundering and terrorism financing, as well as your proliferation financing risks.
  • AML/CTF policies: You must create and maintain appropriate AML/CTF policies to manage and mitigate the money laundering, terrorism and proliferation financing risks you identify, and ensure compliance with the general requirements of the AML/CTF Act and Rules. If your proliferation financing risk is low and addressed by policies related to money laundering and terrorism financing, you do not have to implement specific counter-proliferation financing policies.
  • Roles and responsibilities: The new framework emphasises the role of governing bodies and senior management in overseeing ML/TF/PF risk and AML/CTF compliance and taking reasonable steps to comply with AML/CTF obligations. It is now an explicit requirement to appoint a fit and proper AML/CTF compliance officer responsible for implementing the AML/CTF program. 

The concept of a ‘designated business group’ will also be replaced with a ‘reporting group’. Depending on the circumstances, a reporting group may be either elective, or created by operation of law and will consist of entities with shared risk management and compliance arrangements that follow a group AML/CTF program. 

This supports a flexible framework for related entities, including non-reporting entities, to fulfil AML/CTF obligations on behalf of reporting entities within the group. Every reporting group must have a lead entity to oversee implementation of AML/CTF obligations across the reporting group and implement some group-level policies.

These changes come into effect on 31 March 2026. You can find out more in Schedule 1 to the Bill.

Customer due diligence requirements

The changes to customer due diligence (CDD) requirements ensure a more targeted and flexible approach, focusing on outcomes that help mitigate risks associated with higher-risk customers and transactions. 

CDD is separated into two categories, depending on the timing of relevant checks: 

  • Initial CDD: You must identify the ML/TF/PF risk of the customer at the start of the relationship based on the information reasonably available to you. This will generally mean determining where the customer fits in your enterprise or group-wide ML/TF/PF risk assessment, based on factors like the kind of service they’re receiving, the kind of customer they are, the way you are providing the service to the customer and the countries relevant to the provision of the service. Initial CDD also includes completing screening to establish if the customer is subject to targeted financial sanctions, or a politically exposed person (PEP). The AML/CTF Rules will specify circumstances where you can delay initial CDD where essential to avoid interrupting the ordinary course of business. 
  • Ongoing CDD: You must monitor and manage ML/TF/PF risks throughout the customer relationship, applying ongoing CDD measures that are appropriate to each customer. 

The new laws also clarify the level of checks applied to each customer under initial and ongoing CDD:

  • Simplified CDD: You may apply simplified CDD in specific circumstances, such as where the ML/TF/PF risk of the customer is low and no enhanced CDD triggers apply. This reduces the compliance burden for low-risk customers.
  • Enhanced CDD: You must apply enhanced CDD when the ML/TF/PF risk of the customer is high and in specified circumstances where there are inherent ML/TF/PF risks associated with a business relationship. For example, when your customer is a foreign PEP or a suspicious matter reporting obligation arises in relation to their conduct.
  • Pre-commencement customers: You must monitor pre-commencement customers for significant changes that could increase their ML/TF/PF risk to medium or high, or trigger a suspicious matter reporting obligation. If such changes occur, you must complete both initial and ongoing CDD on the customer.

CDD exemptions are also being streamlined, including:

  • Keep open notices: These notices replace the current ‘Chapter 75 law enforcement operation exemptions’. Law enforcement can now issue notices directly to reporting entities, allowing them to defer certain CDD action if they believe undertaking certain CDD obligations could alert a customer to a law enforcement investigation.
  • Lower CDD threshold for gambling sector: The AML/CTF Act reduces the CDD exemption threshold for gambling services from $10,000 to $5,000 to align with international standards set by the Financial Action Task Force. 

These changes come into effect on 31 March 2026. You can find out more in Schedule 2 to the Bill. 

Harm prevention approach to tipping off

The new laws amend the prohibition on ‘tipping off’ customers regarding the reporting of suspicions of unlawful activity. The reform is intended to facilitate information sharing within reporting groups while ensuring the integrity of investigations. 

These changes focus on the harm to be prevented, specifically disclosures that would reasonably prejudice an investigation, while allowing legitimate information sharing within reporting groups and where information is appropriately protected. 

These changes come into effect on 31 March 2025. You can find out more in Schedule 5 to the Bill. 

Changes to value transfer obligations and reporting of international transfers

The new laws introduce changes relating to electronic funds transfer instructions, and designated remittance arrangements. Collectively, these will now be known as value transfer services and will also apply to the transfer of virtual assets. 

These changes aim to make it easier for you to comply with sanctions screening, value transfer data transmission and reporting requirements. They will also enable authorities to track funds internationally and address potential risk in cross-border transactions. 

Value transfer chain

The new laws replace the previous funds transfer chain concept with an updated and simplified value transfer chain, which applies to both domestic and international transfers of value (i.e. transfers of money, virtual assets or other property). 

This allows for clearer understanding of service providers’ responsibilities where each business is involved in transferring value on behalf of a payer and/or payee, regardless of technology or transaction type.

Value transfer designated services will trigger obligations for payee information to be sent as part of the transfer message, in addition to payer information, to accompany transfers of value. These obligations will apply to financial institutions, remittance service providers and virtual asset service providers for both domestic and international transfers, although the information to be sent will differ for some types of transfers in recognition of technological and other limitations.

The value transfer chain changes come into effect on 31 March 2026.

International value transfer service reporting

International value transfer service (IVTS) reporting will replace the current international funds transfer instruction (IFTI) reports. The reporting obligation will now lie with the reporting entity closest to the Australian customer. 

This will improve the framework for tracking international transfers of value, which includes the transfer of money, virtual assets or other property, by enabling more accurate customer information to be included in reports. Currency exchange and gambling services will also be move from IFTI reporting to IVTS reporting. 

There is a new reporting obligation for reporting transfer activity to or from unverified self-hosted virtual asset wallets.

Transitional rules will consider commencement timeframes for IVTS reporting to allow sufficient time for reporting entities and AUSTRAC to update and implement required system changes. The existing IFTI reporting framework will be retained in operation under the transitional rules.

You can find out more about these changes in Schedule 8 to the Bill. 

Revised definition of Bearer Negotiable Instruments

The definition of bearer negotiable instruments (BNIs) has been revised in response to industry feedback that the previous definition was overly broad and created reporting burdens. 

The new definition aligns with Financial Action Task Force recommendations and excludes non-bearer and non-negotiable instruments. This will reduce unnecessary reporting.

These changes come into effect on 1 July 2026. You can find out more in Schedule 7 to the Bill. 

The new laws will provide clearer protections for the disclosure of information or documents that may be subject to legal professional privilege. 

The common law doctrine of legal professional privilege will remain unchanged under the reformed laws. This ensures that the AML/CTF Act does not require disclosure of any information or document that a person reasonably believes is subject to legal professional privilege. 

The process for asserting privilege involves providing a dedicated legal professional privilege form in lieu of the requested information. This form will be available on the AUSTRAC website at a later date.  

Further details on the process for managing and resolving assertions and claims of legal professional privilege will also be provided through Ministerial guidelines at a later date.

These changes come into effect on 1 July 2026. You can find out more in Schedule 4 to the Bill. 

Repeal of Financial Transaction Reports Act 1988

The Financial Transaction Reports Act 1988 (FTR Act) is being repealed. 

Affected businesses include: 

  • solicitors
  • businesses that buy and sell traveller’s cheques
  • motor vehicle dealers who act as insurance providers or intermediaries 
  • online remitters which do not provide designated services at or through a permanent establishment in Australia.

These businesses will no longer be required to make reports under the FTR Act for transactions occurring from 7 January 2025, but may still have ongoing confidentiality and record-keeping obligations. 

You can find out more in Schedule 11 to the Bill. 

You can also learn more about your ongoing obligations following the FTR Act repeal.

Subscribe for updates on AML/CTF reform.

Subscribe now

The content on this website is general and is not legal advice. Before you make a decision or take a particular action based on the content on this website, you should check its accuracy, completeness, currency and relevance for your purposes. You may wish to seek independent professional advice.

Last updated: 12 Dec 2024
Page ID: 1159

Was this page helpful?

Was this page helpful?
Please note that feedback you provide here will be used only for the purpose of improving our website. If you have a specific question about your AML/CTF obligations, please contact us.