Beyond the acronyms: How AML/CTF is evolving
Australia's AML/CTF reforms are now live with Tranche 2 enrolment open. Financial crime is evolving rapidly, requiring businesses to shift from checkbox compliance to risk-based, proactive detection strategies.
Highlights
- AML/CTF is a whole-of-business issue, not just a regulatory checkbox
- Australia’s AML/CTF reforms have commenced — existing reporting entities came into scope on 31 March 2026, and Tranche 2 enrolment is now open
- Financial crime is evolving rapidly and businesses must adapt to stay ahead
- BNDRY is a financial crime compliance platform that automates compliance procedures for regulated businesses
The Many Faces of Financial Crime
Financial crime has existed for centuries. Modern methods now encompass identity fraud, embezzlement, bribery, and counterfeiting. The landscape has transformed dramatically since 2008, with money laundering becoming increasingly sophisticated through internet-enabled methods including credit card fraud and terrorism financing.
Important Update: March 2026 Reforms Are Live
- Existing regulated entities (banks, fintechs, casinos, remittance providers) came into scope on 31 March 2026
- Tranche 2 enrolment opened, bringing lawyers, accountants, real estate agents, and high-value dealers into the AML/CTF regime
- Final deadline for Tranche 2 businesses to enrol: 29 July 2026
- Full AML/CTF program obligations commence for Tranche 2 entities: 1 July 2026
Where Australia Stands: Reforms Are Live Now
AUSTRAC CEO Brendan Thomas noted that gambling businesses had historically taken a “tick and flick approach to compliance.” The new reforms explicitly shift from checkbox compliance toward risk-based, proactive detection aligned with Financial Action Task Force standards.
Financial Crime Is Smart, Businesses Need to Be Smarter
Global scam economies are flourishing through digital channels. Locally, scammers acquire legitimate bank accounts to launder crime proceeds. These represent documented, active threats requiring sophisticated detection tools matching criminal technologies.
Stress-Testing Your Compliance Environment
Before selecting compliance tools, businesses should evaluate:
- Where threats most likely appear in customer base or transaction flows
- Which systems hold customer identity data and connectivity status
- Whether risk recognition is distributed across the business or siloed in compliance
- Whether clients and vendors are properly screened against sanctions and PEP lists
- Whether geographical risk factors are built into transaction monitoring
Frequently Asked Questions
What is the difference between Tranche 1 and Tranche 2?
Tranche 1 entities regulated since the original 2006 Act include banks, credit unions, remittance dealers, casinos, and gambling services. Tranche 2 brings newly captured professions with full obligations from 1 July 2026.
What does a compliant AML/CTF program require?
A compliant program includes:
- Documented risk-based approach covering Money Laundering, Terrorism Financing, and Proliferation Financing
- Designated compliance officer
- Ongoing Customer Due Diligence
- Transaction monitoring
- SMR and TTR lodgement
- Staff training
- Periodic independent review
- Annual compliance report by 31 March
What happens if my business doesn’t comply?
AUSTRAC can issue infringement notices, enforceable undertakings, civil penalties, or criminal prosecution referrals. Recent penalties for major entities have reached hundreds of millions of dollars.
When do I need to enrol as Tranche 2?
Enrolment opened 31 March 2026, with final deadline 29 July 2026. Full obligations commence 1 July 2026.
How BNDRY Tech Combats Financial Crime
BNDRY is a financial crime compliance platform integrating via API with existing systems. It automates:
- KYC and CDD screening against sanctions and PEP lists
- Intelligent monitoring with automated alerts and ML-driven detection
- Automated SMR and TTR lodgement
- Secure record-keeping with full audit trail