Obligations are in effect·Enrolment deadline: 29 July 2026—21 days remaining
AML/CTF Compliance · Accountants & Tax Agents
AML/CTF Compliance for Australian Accountants and Tax Agents
Since 1 July 2026, Australian accountants and tax agents who provide certain designated services must comply with the Anti-Money Laundering and Counter-Terrorism Financing Act 2006 (Cth) under the Tranche 2 reforms, which are now in effect. If your accounting practice manages client funds, forms companies or trusts, acts as nominee director, or provides registered office services, you are a reporting entity and must enrol with AUSTRAC by 29 July 2026. General tax return preparation alone does not trigger obligations.
Built on AUSTRAC official guidance · Built to current law · Firm-specific · No legal knowledge required · Ready in one session
Scope questions
Does my accounting practice need to comply with AUSTRAC?
Yes, if you provide any of the following designated services: managing or controlling client funds or assets, forming companies or trusts for clients, acting as or arranging nominee directors or shareholders, providing registered office services, or acting on real estate transactions on behalf of clients.
General tax return preparation, BAS lodgement, and standard bookkeeping are not designated services. However, if your firm also provides any of the services above, those specific services are regulated — regardless of whether tax work is your primary activity.
Does general tax return preparation trigger AUSTRAC obligations?
No. General tax return preparation, BAS lodgement, and standard bookkeeping are not designated services under the AML/CTF Act 2006. However, if your firm also provides trust formation, company structuring, or manages client funds, those specific services are regulated regardless of whether tax work is your primary service.
What about managing a client’s trust account — is that regulated?
Yes. Managing or controlling client money, securities, or other assets is a designated service. This includes operating trust accounts on behalf of clients, managing investment portfolios, and controlling SMSF assets where the accountant exercises discretion. AUSTRAC has clarified that funds held solely as payment for your own services are exempt — but using a trust account as a substitute banking facility for clients is not exempt.
Does forming one company per year for a client trigger Tranche 2?
Yes. Company and trust formation is a designated service regardless of volume or frequency. Even a single company incorporation or trust establishment on behalf of a client in a year makes your practice a reporting entity for that service. The trigger is the nature of the service, not how often it occurs.
What accounting services are NOT designated services under Tranche 2?
General tax return preparation, income tax advice, BAS preparation, standard bookkeeping, financial statement preparation, and audit services are not designated services. If your practice provides only these services and does not manage client funds or form legal structures, you are not a Tranche 2 reporting entity. Use AUSTRAC’s eligibility checker at austrac.gov.au ↗ to confirm your specific situation.
Your obligations
What does AUSTRAC require from accounting practices now obligations are in force?
These are the eight steps every in-scope accounting practice must have completed — obligations commenced 1 July 2026 and the AUSTRAC enrolment deadline is 29 July 2026. Klyvon generates all required documents automatically.
How do accountants enrol with AUSTRAC?
Go to AUSTRAC Online at online.austrac.gov.au and create an account using your ABN. Complete the Business Profile Form declaring your designated services, Compliance Officer details, and business structure. Enrolment opened 31 March 2026 and must be completed by 29 July 2026.
Who can be the AML/CTF Compliance Officer for an accounting firm?
The Compliance Officer must be a senior person within the practice — for small and sole-practitioner firms, the principal accountant can hold the role. They must be appointed in writing, have authority to access all client files and records, and meet AUSTRAC's fit and proper standard.
What must an accounting firm's AML/CTF program cover?
Your written program must address a risk management framework — your ML/TF risk assessment covering client types, services, delivery channels, and jurisdictions — and customer due diligence procedures — your customer identification and verification procedures. For accountants, the risk assessment must specifically address risks from company and trust formation, nominee services, and client fund management.
What CDD must accountants conduct on clients?
Before providing a designated service, collect and verify each client's identity. For individuals: full name, DOB, address verified by government-issued photo ID. For companies: ACN, registered address, directors, and beneficial owners (natural persons owning 25%+). For trusts: trust deed, trustee identity, appointor, and beneficial ownership traced to natural persons.
What suspicious activity must accountants watch for?
AUSTRAC published specific risk insights and suspicious activity indicators for accounting professionals in March 2026 — including company formations with no clear commercial purpose, nominee arrangements obscuring true ownership, and funds from high-risk jurisdictions. See Section 3 below for the full list of accountant-specific red flags.
When must accountants submit Suspicious Matter Reports?
When you have reasonable grounds to suspect a matter involves money laundering, terrorism financing, or proceeds of crime. Terrorism financing suspicions must be reported within 24 hours. All other matters within 3 business days. Document every assessment including decisions not to file. The tipping-off prohibition means you cannot disclose an SMR to the client.
What records must accounting practices keep?
All CDD records, transaction records, SMRs, TTRs, risk assessments, and training records must be retained for a minimum of 7 years. Records must be stored securely and be retrievable within timeframes specified in any AUSTRAC request.
How often must accountants get an independent evaluation of their AML/CTF program?
At least once every 3 years (more often if your practice's size or complexity warrants it), arrange an independent evaluation covering your risk assessment, policy design, actual compliance, and risk mitigation effectiveness. A written report goes to your governing body / senior manager. Distinct from your annual internal review.
AUSTRAC guidance
What suspicious activity should accountants watch for under AUSTRAC guidance?
AUSTRAC published risk insights and indicators of suspicious activity for accountants in March 2026. The following patterns must trigger internal escalation to your Compliance Officer and may require a Suspicious Matter Report.
AUSTRAC: Risk insights and indicators of suspicious activity for accountants ↗
Should accountants be concerned about company or trust formations with no clear commercial purpose?
Yes. Clients requesting the formation of companies or trusts where no genuine business activity or commercial rationale can be identified — particularly where the client is vague about the entity's purpose — are a significant red flag. Your AML/CTF Program must include procedures to document the purpose of every entity formation and to escalate formations that cannot be adequately explained.
What makes a nominee director or shareholder arrangement suspicious?
Nominee director or shareholder arrangements where the named person has no genuine connection to the business, no knowledge of its activities, and no apparent reason to be involved are a key indicator of a structure designed to obscure the true controller. AUSTRAC's guidance specifically identifies nominee arrangements as a high-risk service for accountants, requiring enhanced due diligence and beneficial ownership tracing to the true controller.
How should accountants treat clients managing funds from FATF high-risk jurisdictions?
Clients managing or receiving funds from countries on the FATF grey or black list carry elevated money laundering risk. Your AML/CTF Program must include a geographic risk assessment, and any engagement involving funds from high-risk jurisdictions must trigger enhanced CDD — including source of funds and source of wealth verification.
What is layering through corporate structures and why must accountants detect it?
Multi-layered corporate or trust structures — particularly chains of holding companies, back-to-back trusts, or structures in multiple jurisdictions — that make it difficult to identify the ultimate beneficial owner are a known money laundering technique called layering. If a client asks you to establish or administer a structure where the complexity appears designed to obscure rather than serve a legitimate business purpose, this must be escalated to your Compliance Officer.
Is structuring payments or transactions a red flag for accounting clients?
Yes. Clients deliberately structuring cash payments or transactions to remain below the $10,000 TTR threshold — or asking whether payments would trigger a report — must be treated as suspicious. Structuring is a criminal offence under the AML/CTF Act 2006. Your AML/CTF Program must include transaction monitoring procedures to identify structuring patterns across client accounts.
What should accountants do when a client refuses to provide source of funds information?
Clients who are unusually resistant to providing source of funds or source of wealth information — particularly for large fund movements or high-value entity formations — are a significant red flag. You cannot proceed with the designated service if required CDD cannot be completed. If the client's refusal itself raises suspicion, you may be required to file a Suspicious Matter Report.
Is rapid movement of large sums through trust accounts a suspicious indicator?
Yes. The rapid movement of large sums through trust accounts without a clear, documented commercial rationale is identified in AUSTRAC's Risk Insights for Accountants as a key red flag. If funds are entering and leaving a client's trust account at an unusually high velocity, with no corresponding business transactions that explain the movement, this must trigger enhanced scrutiny and documented assessment.
What if a client instructs me to establish multiple entities in quick succession?
Instructions to establish multiple companies or trusts in rapid succession, particularly where no coherent business explanation is provided for the need for separate entities, is a flag for potential layering or structuring of beneficial ownership. Each formation must be assessed individually against your CDD and risk assessment procedures, and the overall pattern must be documented and evaluated by your Compliance Officer.
How should accounting practices handle politically exposed persons as clients?
A Politically Exposed Person (PEP) — an individual holding or having held a prominent public position, or a close family member or associate of one — must be subjected to enhanced CDD, including source of funds and source of wealth verification, and senior management approval before the engagement begins. PEP status does not mean you cannot take on the client, but the additional steps are mandatory.
What does a transaction inconsistent with a client's business profile look like?
A transaction that is inconsistent with the client's known business size, revenue, or operating profile — such as a small sole-trader business moving funds in volumes typical of a large enterprise — warrants enhanced scrutiny. Your AML/CTF Program should include procedures to establish a baseline understanding of each client's expected transaction patterns and to flag deviations for documented review.
What you get
What does Klyvon build for your accounting practice?
Every document is generated for your specific practice — your name, your compliance officer, your services. Not a generic template. Every document is built to current law using AUSTRAC's official guidance for your sector as context — then reviewed and owned by you.
AML/CTF Program Document
Personalised · Built to current lawYour firm-specific compliance program built to current law. Covers client fund management risks, company and trust formation procedures, nominee service red flags, and accountant-specific risk factors.
Client Due Diligence Forms
Personalised · Built to current lawCDD procedures for individual, company, trust, and SMSF clients with accountant-specific enhanced CDD triggers, including source of funds requirements for fund management clients.
Compliance Officer Letter
Personalised · Built to current lawFormal appointment letter satisfying the written appointment requirement under the AML/CTF Act 2006, personalised to your practice and Compliance Officer.
Suspicious Matter Report Assistant
Personalised · Built to current lawWhen suspicion arises, you have 3 business days to file with AUSTRAC. Klyvon drafts a formal 6-section SMR from the transaction details you enter — industry-aware language, TTR flag if the amount exceeds $10,000, and your firm's AUSTRAC ID pre-populated. You review and submit. (Limited drafts on Free · high monthly allowance on Essential)
Documents built to current law are a starting point — reviewed and owned by you. All decisions remain with your firm.
Enforcement
What are the penalties for accountants who don’t comply with AUSTRAC?
Under the AML/CTF Act 2006 (Cth), civil penalties reach up to $33,000,000 for body corporates (based on current penalty unit rate of $330; re-indexes 1 July 2026) and $6,600,000 for individuals (based on current penalty unit rate of $330; re-indexes 1 July 2026) per contravention. Criminal penalties apply for operating without enrolment and for serious or wilful non-compliance. AUSTRAC publishes enforcement actions publicly. For accountants specifically, CPA Australia and CA ANZ have professional conduct obligations that may be triggered by AUSTRAC findings — a regulatory penalty can carry professional licence consequences beyond the financial penalty itself.
Penalty figures are indicative — refer to current legislation for precise amounts.
Pricing
How much does AML/CTF compliance cost for an accounting practice?
Compliance consultants charge $10,000–$50,000 or more for custom program development. Klyvon generates your complete compliance documents for $299/month — with all documents ready in one session.
Why Klyvon?
$8,000–$50,000 to build your program
Custom program development
From $299/month — built to current law in one session
Month-to-month · cancel anytime
Klyvon Essential — Accountants & Tax Agents
$299/month
- ✓ AML/CTF Program Document
- ✓ Client Due Diligence Forms
- ✓ Compliance Officer Letter
- ✓ SMR Template + Filing Guide
- ✓ AUSTRAC Enrolment Guide
Month-to-month · cancel anytime
Common questions
Common questions from accountants about AUSTRAC Tranche 2
Does Tranche 2 apply to BAS agents as well as registered tax agents?
BAS agents whose services are limited to BAS preparation and lodgement are not providing designated services. However, if a BAS agent also manages client funds, operates trust accounts on behalf of clients, or assists with company or trust formations, those services are regulated. The obligation attaches to the service provided, not the registration type. Use AUSTRAC's eligibility checker at austrac.gov.au to confirm.
What if I only occasionally form a company or trust for a client?
The frequency of providing a designated service does not affect whether you are a reporting entity. Even one company incorporation or trust establishment on behalf of a client in a calendar year triggers AML/CTF obligations for that service. You must enrol with AUSTRAC, implement an AML/CTF program, and conduct CDD for that client.
Do I need separate CDD for each engagement or once per client?
CDD must be completed before providing a designated service, but you do not need to re-collect documents for each subsequent engagement with the same client if their circumstances have not changed and your previous verification remains current. Your AML/CTF program must specify your ongoing CDD review procedures — including triggers for re-verification such as material changes to client structure, unusual transactions, or changes in risk profile.
Can I rely on CDD conducted by another Tranche 2 entity such as a law firm?
Yes. Reliance arrangements are permitted under the AML/CTF Act. If a law firm has already verified a mutual client's identity, you may rely on that CDD under a written reliance arrangement. The relying party retains legal responsibility for the adequacy of the CDD — so you must be satisfied the other entity's verification meets the required standard before relying on it.
What is beneficial ownership and how do I identify it for a discretionary trust?
Beneficial ownership means identifying the natural persons who ultimately own or control the entity. For a discretionary trust, this includes the trustee (and if corporate, its directors and shareholders), the settlor, the appointor, and any named or identifiable beneficiaries. Where no individual beneficiary owns 25% or more, you must identify the class of beneficiaries and the person exercising effective control — typically the appointor.
Do I need to re-verify long-standing clients I have worked with for many years?
AUSTRAC's guidance requires that all customers be identified and verified before designated services are provided. For existing clients with no prior formal verification, you must complete CDD before continuing to provide regulated services after 1 July 2026. For clients previously verified under a robust process with adequate records, your AML/CTF program must specify how you treat existing client files and must ensure documentation is sufficient.
What is a PEP and what additional steps are required when dealing with one?
A Politically Exposed Person (PEP) is an individual who holds or has held a prominent public position — including government ministers, senior military or judicial officers, and their close family members and associates. Engaging a PEP as a client requires enhanced CDD: verifying the source of funds and source of wealth, applying senior management approval before engaging, and conducting more frequent periodic reviews of the relationship.
Does Tranche 2 apply if I work as a contractor inside a larger accounting firm?
Tranche 2 obligations apply to the reporting entity — the firm that provides the designated service to clients. A contractor working within a compliant firm is generally covered by that firm's AML/CTF program. However, if you operate independently under your own ABN and provide designated services to clients directly, you are personally a reporting entity and must enrol and comply in your own right.
How often must I review my AML/CTF program?
Your AML/CTF program must be reviewed at least annually and whenever there is a material change to your business — such as offering a new service, taking on a new client category, or changes in regulatory guidance. The program review must be documented and approved by a senior manager.
How often must accountants get an independent evaluation of their AML/CTF program?
At least once every 3 years, and more often if appropriate to the size and complexity of your practice. This is a separate, mandatory requirement under the AML/CTF Act — distinct from the annual internal review above. The independent evaluation must assess: your ML/TF risk assessment against the Act and Rules, the design of your AML/CTF policies, your actual compliance with those policies, and whether you're appropriately identifying, assessing, and mitigating ML/TF risk. Findings go in a written report to your governing body and any senior manager responsible for program approvals.
What is the AUSTRAC Accounting Program Starter Kit and is it enough?
AUSTRAC has released a sector-specific Program Starter Kit for accountants that covers the basic structure of a compliant program. It is a useful starting point but is generic — it does not reflect your firm's specific client base, risk profile, services mix, or compliance officer details. AUSTRAC's own guidance states that programs must be tailored to your business. For more context on what a customised program requires, see our full AUSTRAC Tranche 2 guide.
Can Klyvon help me write a Suspicious Matter Report?
Yes. Klyvon Essential includes a suspicious matter report assistant. Enter the transaction date, transaction details, and the suspicious elements you observed. Klyvon drafts a formal, AUSTRAC-formatted SMR covering all six required sections — reporter obligations, matter details, grounds for suspicion, suspicious indicators, recommended action, and AUSTRAC submission notes. You review and submit directly via AUSTRAC Online. Essential includes a high monthly draft allowance.
Does Klyvon include sanctions screening?
Targeted financial sanctions screening is now part of your AML/CTF program obligation under the AML/CTF Rules 2025 — not a separate exercise. Klyvon's generated program includes the required policy controls for targeted financial sanctions. You will still need to screen clients against the DFAT Consolidated List as part of your CDD workflow. Klyvon does not run live screening checks, but your program documents exactly when and how to do it.
Ready to generate your AUSTRAC compliance documents?
The AUSTRAC enrolment deadline (29 July 2026) is 21 days away.