Issued: 26 May 2026
Last modified: 26 June 2026
Stay informed about upcoming changes to Australia’s Anti-Money Laundering and Counter-Terrorism Financing (AML/CTF) framework. From 1 July 2026, reforms come into effect that may impact some tax practitioners and their clients. This session is designed to help you understand whether these changes apply to you, what’s changing and what it means in practice. In this session, we will be joined by Rochelle Hurst, National Manager, Education & Industry Engagement, AUSTRAC. Rochelle will outline the key AML/CTF reforms, what they mean for tax practitioners, and how AUSTRAC is supporting implementation through guidance and rules. TPB Chair Peter de Cure AM will also discuss how the AML/CTF requirements fit with the TPB’s requirements.
Webinar resources
Factsheet
Changes to the anti-money laundering and counter-terrorism financing laws
Webinar recording
AUSTRAC Anti-Money Laundering reforms
Questions and answers
We have compiled some of the questions we received during our webinar.
AML/CTF reforms
What is the AML/CTF reform?
The AML/CTF reform refers to recent changes made to Australia’s anti-money laundering and counter-terrorism financing (AML/CTF) laws.
From 1 July 2026, the AML/CTF regime, regulated by the Australian Transaction Reports and Analysis Centre (AUSTRAC), has been expanded to cover higher-risk services provided by certain industries, including the accounting sector.
If you provide ‘designated services’, including certain professional services, you will need to comply with the AML/CTF regime, in addition to your obligations under the Tax Agent Services Act 2009 (TASA).
Designated services
What are designated services?
The AML/CTF Act regulates particular services, known as ‘designated services’.
Designated services are regulated under the AML/CTF Act because they have been identified as posing a risk for money laundering, terrorism financing and proliferation financing.
From 1 July 2026, if an accounting business or tax practitioner provides a designated service with a geographical link to Australia, they will be a reporting entity and will be required to comply with the AML/CTF Act and Rules.
More information about the ‘designated services’ and ‘professional services’ covered by the AML/CTF regime can be found here.
When are tax practitioners required to enrol if they are providing a designated service?
If you provide any of the new designated services that commence on 1 July 2026, you must enrol by 29 July 2026. Further information on enrolment can be found here.
Reporting
If I report a client to AUSTRAC, doesn’t that mean I’ve breached their confidentiality under the TASA? Shouldn’t I tell them or get their permission before reporting?
Under Code item 6 of the Code of Professional Conduct (Code), you must not disclose information relating to a client’s affairs to a third party, unless you have a legal duty to do so.
The AML/CTF regime does create a legal duty. Therefore, if you are required to report to AUSTRAC under the AML/CTF regime, you will not breach Code item 6.
The same position applies in relation to your obligation to maintain confidentiality in your dealings with government, under section 25 of the Tax Agent Services (Code of Professional Conduct) Determination 2024.
If I comply with AUSTRAC’s AML/CTF requirements relating to client verification, will I also meet the TPB’s proof of identity (POI) requirements?
Both AML/CTF and TASA regimes require you to verify your clients. This assists to identify and minimise the risk of fraudulent activities, including identity fraud. If you comply with the AML/CTF requirements in relation to the provision of your services, you will generally meet the minimum proof of identity requirements for client verification required by the TPB.
If I report something to the TPB for breach reporting purposes, can the TPB share this information with AUSTRAC under the TASA?
The TPB can only provide information to other government agencies and bodies in accordance with its information-sharing framework under the TASA. The TASA imposes strict privacy requirements in relation to the sharing of information.
Currently, the TASA does not contain a specific information-sharing power with AUSTRAC. The TPB would need to consider its statutory disclosure provisions to determine if there is an exception which lawfully permits the disclosure of information.
We also note that the TPB’s breach reporting regime targets conduct by registered tax practitioners, whereas AUSTRAC reporting obligations primarily target conduct by clients of registered tax practitioners. However, the same type of conduct or behaviour may give rise to a need for you to report under both regimes.
What are the implications under the TASA if I fail to comply with my AML/CTF obligations?
If you fail to comply with your AML/CTF obligations, AUSTRAC may take steps to enforce compliance or impose a penalty under the AML/CTF legislation. There is no automatic penalty under the TASA. However, non-compliance with your AML/CTF obligations may give rise to a breach of the Code of Professional Conduct, for which we can impose sanctions. The implications will ultimately depend on the nature and extent of the breach and the individual circumstances of each case.
AUSTRAC questions
What happens when you do not provide any designated services as a tax accountant? Is there any way of informing AUSTRAC of this? I don't want them thinking I'm ignoring all the correspondence that they've been sending out over the last several months.
If you determine that you are not regulated, AUSTRAC expects you to be able to explain the basis for that conclusion. If you determine that you are not regulated but are not certain, AUSTRAC expects you to keep a record that explains how you formed your position including:
- the services you considered
- why you concluded they're not designated services
- any AUSTRAC guidance you relied on
- any independent legal advice you used.
This will assist you if you're later asked to explain how you reached that view.
If you're clearly not regulated, you could explain your reasoning without needing to keep any records.
What does ongoing customer due diligence (CDD) mean?
You must monitor your customers to appropriately identify, assess, manage and mitigate the risks of money laundering, terrorism financing and proliferation financing that you may reasonably face while providing designated services. This includes monitoring your clients for unusual transactions and behaviours, and behaviour that may require you to submit a suspicious matter report (SMR) to AUSTRAC.
If you have a business relationship with a client, you must also review and, if appropriate, update your identification and assessment of the customer’s ML/TF risk and, if necessary, update and reverify know your customer (KYC) information relating to the customer.
Further information on ongoing CDD can be found here.
Do the customer due diligence obligations only apply in relation to new clients from 1 July 2026, or existing clients as well?
The AML/CTF obligations apply to any entity that provides a designated service, regardless of whether the client is new or existing.
For existing clients (pre 1 July 2026), you may not need to complete initial customer due diligence. However, you must do so if certain triggers arise, such as:
- a suspicious matter reporting obligation; and
- there is a significant change in the business relationship that results in a change to the customers risk to medium or high.
Further information on pre-commencement customers can be found here.
What is the difference between enrolling and being required to be registered?
If you provide a designated service with a geographical link to Australia, you must enrol with AUSTRAC within 28 days of providing that service.
Registration is an additional obligation that only applies to remittance service providers and virtual asset service providers. These service providers are required to both enrol and register with AUSTRAC.
I’m a BAS agent and as part of my engagement I process and maintain payroll data, including processing wages. I don’t request authorisation every time but have an STP authority every year. Do I need to enrol under the new Tranche 2 laws?
AUSTRAC has recently released additional guidance on bookkeeping services to help determine whether these activities are captured as a designated service.
You should refer to this guidance to assess your circumstances. If you determine you are providing a designated service from 1 July 2026, you will need to enrol with AUSTRAC.
Please see the guidance here.
Am I required to inform the client that I’m going to report them to AUSTRAC?
If you decide to stop providing designated services to a client due to an increased risk, or submit a suspicious matter report (SMR) you must not:
- tell them you did this because of their suspicious activity
- provide information that establishes you submitted an SMR
- tell them you are required to submit an SMR.
Further information on tipping off can be found here.
Further information
Where can I get more information to help me work through all the changes, and work out whether they apply to me?
The TPB has published a new factsheet ‘Changes to the anti-money laundering and counter-terrorism financing laws’, to:
- provide general guidance to registered tax practitioners on the changes, including how the obligations under the AML/CTF regime overlap with the TASA, and
- help you understand how these new reforms may apply to you.
However, for more detailed information on the AML/CTF reform, including an explanation of the designated services covered, refer to the AUSTRAC website.
Where can I find more information about the starter kits provided by AUSTRAC?
AUSTRAC has developed a Program Starter Kit for the accounting sector to help small accounting practices understand and comply with their obligations under the AML/CTF regime and develop their AML/CTF program. The starter kit provides a comprehensive AML/CTF framework aligned with Australian requirements. It includes:
- a risk assessment covering the common risks faced by your profession
- policies that outline what you must do
- processes that explain how AML/CTF tasks are carried out day to day
- forms to record information to comply with the new requirements.
AUSTRAC has also produced various educational products including checklists, factsheets and videos. Further information can be found here.