Start here. No compliance experience required.

Full glossary

Every operational term on the site plus the legal scaffolding behind it. Grouped: regulators, statutes and subordinate law, status and obligations, reports filed with AUSTRAC, source registers, adjacent regimes.

AUSTRAC

Australian Transaction Reports and Analysis Centre. Australia's anti-money-laundering regulator. Runs the national reporting-entity register and enforces the AML/CTF Act.

ASIC

Australian Securities and Investments Commission. Runs the company register, the banned-and-disqualified persons register, and the external-administrations register. Primary source for directorship, insolvency, and corporate governance signals.

FATF (Financial Action Task Force)

Inter-governmental body that sets the global standard for AML, CTF, and counter-proliferation financing. Australia is a founding member. AUSTRAC's rules implement the FATF 40 Recommendations domestically. FATF mutual-evaluation findings drive most major changes to AU AML law, including Tranche 2.

AML/CTF Act 2006 (Cth)

Anti-Money Laundering and Counter-Terrorism Financing Act. The primary statute. Defines reporting entities, designated services, and the SMR/TTR/IFTI reporting regime. Administered by AUSTRAC. Section 6 carries the Designated Services Table that drives every obligation.

AML/CTF Amendment Act 2024 (Cth)

The Tranche 2 enabling Act. Passed federal parliament November 2024, commenced 1 July 2026. Brings ~94,000 AU accountants, lawyers, real-estate agents, conveyancers, corporate advisors, and precious-metals dealers into the AML/CTF regime for the first time.

AML/CTF Rules

Anti-Money Laundering and Counter-Terrorism Financing Rules Instrument 2007 (No. 1). Subordinate legislation made by the AUSTRAC CEO under section 229 of the Act. Where the operational detail lives: CDD requirements, AML/CTF Program contents, threshold-equivalent calculations, designated-service exemptions. Updated more frequently than the Act itself.

Criminal Code Act 1995 (Cth) Division 400

The statutory definition of money laundering offences in Australia. Criminalises dealing with the proceeds of crime, including reckless and negligent dealing. The 'predicate offence' that the AML/CTF regime is designed to detect and disrupt.

Proceeds of Crime Act 2002 (Cth)

The asset-forfeiture statute. Allows the Commonwealth to seize property derived from criminal activity. Operates alongside Division 400 of the Criminal Code: the Code criminalises laundering, the POC Act recovers the laundered proceeds.

Privacy Act 1988 (Cth)

The federal privacy statute. Governs how reporting entities collect, store, use, and disclose personal information gathered through CDD and ECDD. Schedule 1 contains the Australian Privacy Principles. Reporting entities must satisfy both the AML/CTF Act and the Privacy Act simultaneously.

Australian Privacy Principles (APPs)

Thirteen principles in Schedule 1 of the Privacy Act 1988. Cover collection, use, disclosure, quality, security, access, and correction of personal information. APP 11 (security) is the practical floor for storing CDD evidence.

Notifiable Data Breaches (NDB) scheme

Part IIIC of the Privacy Act. Requires reporting entities to assess any suspected eligible data breach within 30 days and notify both the Office of the Australian Information Commissioner and affected individuals if serious harm is likely. Triggered by losses of ID documents, source of funds evidence, or beneficial-owner records collected under CDD.

Charter of the United Nations Act 1945 (Cth)

Domestic legal basis for Australian implementation of UN Security Council sanctions. Combined with the Autonomous Sanctions Act, it creates the legal regime that makes the DFAT consolidated list binding on Australian businesses.

Autonomous Sanctions Act 2011 (Cth)

The Australian statute that authorises sanctions imposed independently of the UN Security Council, including thematic sanctions (e.g. cyber, human rights). Subordinate Autonomous Sanctions Regulations 2011 contain the operational detail.

Tranche 2

The 2026 expansion of AUSTRAC coverage to accountants, lawyers, real-estate agents, conveyancers, corporate advisors, and precious-metals dealers. Live 1 July 2026 under the AML/CTF Amendment Act 2024 (Cth).

Reporting entity

A business legally required to enrol with AUSTRAC, verify every customer, keep records for seven years, and file suspicious-matter reports. Tranche 2 makes around 94,000 AU sole practitioners and small firms into reporting entities for the first time.

Designated service

A service listed in section 6 of the AML/CTF Act that triggers reporting-entity obligations. For Tranche 2 professions, the designated services list is profession-specific: see the per-profession guides for the relevant list.

AML/CTF Program (Part A and Part B)

The mandatory written compliance program every reporting entity must adopt and maintain. Part A covers the entity-wide systems and controls (risk assessment, oversight, board approval, training, independent review). Part B covers customer-level identification and verification procedures. Required by sections 81-85 of the Act.

Risk-based approach (RBA)

The core legal principle of the AML/CTF Act. Reporting entities must calibrate the depth of CDD, the frequency of monitoring, and the rigour of controls to the assessed money-laundering and terrorism-financing risk of the customer, product, channel, and jurisdiction. Not a discretion; a duty.

Designated Business Group (DBG)

Two or more reporting entities that elect to share the burden of compliance, including a single AML/CTF Program and centralised reporting under sections 5 and 234A. Common for accountancy networks, legal partnerships, and franchised real-estate agencies.

Customer due diligence (CDD)

The identification and verification steps a reporting entity runs before and during a business relationship. Establishes who the customer is, the nature of the relationship, and the ongoing risk profile.

Enhanced customer due diligence (ECDD)

Heightened verification applied when risk is elevated: complex trust structures, overseas-incorporated entities, politically-exposed persons, or unusual transaction patterns. Includes beneficial-owner resolution.

Beneficial owner

The natural person who ultimately owns or controls a customer entity. For trusts: the person who ultimately benefits from the trust. For companies: typically the 25%+ shareholder or the person who controls the company by other means.

Politically Exposed Person (PEP)

A current or former holder of prominent public function, or an immediate family member or close associate thereof. Triggers ECDD.

Tipping off (section 123)

Statutory prohibition under section 123 of the AML/CTF Act on disclosing to a customer (or any third party) that a Suspicious Matter Report has been formed, lodged, or contemplated. Maximum penalty two years' imprisonment. The reason an SMR cannot be raised with the customer it concerns.

Suspicious Matter Report (SMR)

The formal report lodged with AUSTRAC under section 41 of the Act when a reporting entity forms reasonable grounds to suspect a matter is connected to a serious offence. Filed via AUSTRAC Online; three business days from forming the suspicion (24 hours for terrorism-financing suspicions).

Threshold Transaction Report (TTR)

The formal report lodged with AUSTRAC under section 43 of the Act when cash of AUD 10,000 or more (or the equivalent in physical currency or e-currency) is transacted through a reporting entity. Ten business days. Aggregation rules apply to structured transactions.

International Funds Transfer Instruction (IFTI)

The formal report lodged with AUSTRAC under sections 45-46 when an instruction to transfer funds into or out of Australia is given or received. Ten business days. Captures both bank wires and remitter movements regardless of amount.

Cross-Border Movement reports (CBM-PI / CBM-R)

Reports for the physical movement of AUD 10,000 or more in cash, or any amount of bearer negotiable instruments, into or out of Australia. CBM-PI for individuals, CBM-R for reporting-entity remitters. Filed under sections 53 and 55.

AUSTRAC Online

The reporting portal operated by AUSTRAC for enrolment, lodgement of SMR / TTR / IFTI / CBM reports, compliance reports, and ongoing-customer-due-diligence updates. Enrolment is a precondition to lodging anything.

KYC / KYB

Know Your Customer / Know Your Business. Industry shorthand for the identification and verification steps required under CDD. KYC = individuals; KYB = entities.

ABR (Australian Business Register)

The government register of all AU business entities. Source for ABN, entity-type, GST status, main business activity, and registration history.

DFAT consolidated list

The Department of Foreign Affairs and Trade's consolidated list of persons and entities subject to Australian sanctions. Covers UN Security Council, autonomous, and thematic sanctions. Legal basis: Charter of the United Nations Act 1945 and Autonomous Sanctions Act 2011.

AFSL

Australian Financial Services Licence. Separate from AML/CTF. Mentioned only to clarify that AFSL and AUSTRAC enrolment are distinct regimes: holding one does not exempt from the other.

Trust Score

Ironbark's composite 1-to-100 score per ABN, computed from six sub-scores (Registration, Directorship, AUSTRAC flags, Sanctions/PEP, Court & insolvency, Freshness). Every sub-score source-linked. Full methodology at /methodology.