AUSTRAC Tranche 2: what accountants need to know before 1 July 2026.
TL;DR
- From 1 July 2026, accountants performing certain designated services — managing client money or assets, forming companies or trusts, acting as a nominee shareholder or director — become reporting entities under the AML/CTF Act 2006 (Cth).
- Five obligations attach: enrol with AUSTRAC before you start providing the designated service; write an AML/CTF program (Part A risk assessment + Part B customer due diligence); appoint an AML Compliance Officer; run customer identification and verification (CDD); report suspicious matters (SMRs) and threshold transactions of AUD 10,000 or more (TTRs).
- Record-keeping: seven years. Penalties for contraventions run to civil penalty units in the thousands per breach — significant for a sole practice.
- AUSTRAC enrolment opened 31 March 2026. You cannot wait until 1 July.
- Ironbark screens an ABN against ABR, ASIC, AUSTRAC, DFAT sanctions, AFSA insolvency, and the Federal Court in seconds. $0.49 per screen, credits never expire. Free tier: 10 screens per month.
What changes on 1 July 2026
Tranche 2 brings accountants into the reporting-entity regime.
The AML/CTF Amendment Act 2024 (Cth) extends the list of 'designated services' in the AML/CTF Act 2006 (Cth) to cover specified accounting services effective 1 July 2026. You are captured when you provide one of these services in the course of carrying on a business — not as an incidental or one-off courtesy to a personal contact.
The threshold transaction rules apply in full.
If a client pays you, or moves money through your practice trust account, and the value is AUD 10,000 or more (including the aggregate of structured transactions), you must lodge a threshold transaction report with AUSTRAC within 10 business days. Aggregation rules catch deliberate structuring.
Suspicious matter reporting is active.
If you form a suspicion on reasonable grounds that a transaction may be related to money laundering, terrorism financing, tax evasion, or certain other offences, you must lodge a suspicious matter report (SMR) within three business days of forming the suspicion. For terrorism financing, 24 hours. The 'tipping off' offence prevents you from telling the client that an SMR has been lodged.
Customer due diligence is a live obligation, not a pre-engagement checkbox.
Under AML/CTF Rules, you must identify and verify your customer before providing the designated service, re-verify where risk indicators change, and conduct enhanced due diligence for higher-risk customers, politically exposed persons, and customers in sanctioned jurisdictions. Record each step with source documents and dates.
Who is in scope
The Tranche 2 cohort covers 36,717 reporting entities in the accountants profession. Roughly 55% are sole practitioners or micro-firms (1–3 staff).
Based on ATO registered tax agent counts at 31 December 2024. Includes sole practitioners, firms, and BAS agents performing designated services.
Tax agents, BAS agents, accountants and bookkeepers providing designated services.
The profession is not captured wholesale. You are captured only when you provide a designated service. Bookkeeping, management reporting, and straight tax-return preparation are generally not designated services. Managing client money in a trust account, forming companies, acting as a nominee shareholder or director, and arranging transactions in real estate, businesses, or legal entities generally are.
Sole practitioners are in scope on the same terms as large firms.
The Act does not exempt sole practitioners. The AML/CTF program can be proportionate to the nature, size, and complexity of the business, but it must exist, be written down, be in effect, and be provided to AUSTRAC on request.
Firms with multiple entities must consider reporting-group structure.
Where a firm operates through several related entities — a trust with a corporate trustee, a service company, an advisory Pty Ltd — each entity providing designated services is potentially its own reporting entity, unless an AUSTRAC-approved reporting-group structure is adopted.
The designated services
An entity is captured only in respect of designated services it provides. Services the AML/CTF Amendment Act 2024 (Cth) adds to cover accountants include:
- Managing client money, securities, or other assets in the ordinary course of providing accounting services
- Creating, operating, or managing legal persons or legal arrangements (including companies, trusts, partnerships)
- Acting as (or arranging for another to act as) a nominee shareholder, nominee director, or nominee trustee
- Acting as (or arranging for another to act as) a registered office, business address, or correspondence address for a company
- Providing trust and company service provider services — formation, administration, ongoing agent services
What you must do
Five obligations attach to every reporting entity. The AML/CTF program scales to the nature, size, and complexity of the business — a sole practitioner and a mid-firm follow the same framework at different scales.
Enrol with AUSTRAC
Before you commence providing a designated service after 1 July 2026, enrol your business via the AUSTRAC Online portal. Enrolment is free. AUSTRAC enrolment opened 31 March 2026 — processing takes several weeks, so do not defer this.
Write an AML/CTF program (Part A + Part B)
Part A is a risk assessment of the business — customers, services, channels, jurisdictions. Part B covers the customer due-diligence procedures that flow from the risk assessment. The program must be in writing, approved by the governing body, reviewed periodically, and provided to AUSTRAC on request.
Appoint an AML Compliance Officer (AMLCO)
The AMLCO must be an employee or partner at management level, fit and proper, able to have the AML/CTF program amended, and able to discharge reporting obligations. The role cannot be outsourced to an external consultant — consultants may advise and draft, but the AMLCO sits inside the reporting entity.
Run customer identification and verification (CDD)
Identify and verify the customer before providing the designated service. Run enhanced due diligence where risk indicators are present (foreign PEPs, opaque ownership, high-risk jurisdictions). Re-verify on trigger events. Record each CDD step with source documents, dates, and the identity of the staff member who ran the check.
Report SMRs, TTRs, and keep records
Lodge a suspicious matter report (SMR) within three business days of forming a suspicion on reasonable grounds (24 hours for suspected terrorism financing). Lodge a threshold transaction report (TTR) within 10 business days for any transaction involving AUD 10,000 or more. Keep CDD, transaction, and report records for seven years from the date the service was provided or the customer relationship ended.
How Ironbark helps
Ironbark is an AU-native screening product. It is not an end-to-end AML/CTF programme — the programme, AMLCO, and reporting workflow remain the reporting entity’s responsibility. Ironbark discharges the screening component, specifically.
Ironbark verifies a customer entity against the Australian Business Register (ABR), ASIC company register, and ASIC banned-and-disqualified-persons register in one screen. The report carries per-field last-refreshed timestamps. Where the customer is a trust or partnership, the screen resolves the trustee or partners and screens each.
The Ironbark Trust Score exposes the three risk dimensions that the AML/CTF Rules flag for enhanced scrutiny: directorship history (including cross-director networks and disqualifications), AUSTRAC enforcement action history, and insolvency or external-administration events. High-risk thresholds can be set per firm.
Every screen checks the DFAT consolidated list (Autonomous Sanctions and UN Security Council sanctions) and declared political-exposure indicators. Hits are flagged for confirmation with a second source — Ironbark does not auto-decline; the compliance officer makes the call.
Each Ironbark report is a timestamped, downloadable artefact (PDF and JSON). Attach it to your matter file or CDD folder. Retained in Australian-region infrastructure.
Subscribe to monitoring on the Professional or Business tiers. Where a monitored ABN's ASIC status changes, a director is added or banned, or the entity appears on a new sanctions list, an alert is dispatched.
Pricing for your firm size
All prices ex-GST in AUD. Credits never expire — a PAYG screen purchased in 2026 is still valid in 2028. Overage on Professional tier runs at $0.40 per screen; Business tier overage runs at $0.30 per screen.
| Firm size | Screens / month | Recommended tier | Price ex-GST |
|---|---|---|---|
| Sole practitioner (1 seat, under 20 screens per month) | < 20 | PAYG | $0.49 per screen |
| Small firm (2–5 staff, 20–300 screens per month) | 20–300 | Professional | $99 per month (inc-GST $108.90) |
| Mid firm (6–20 staff, 300–1,000 screens per month) | 300–1,000 | Business | $249 per month (inc-GST $273.90) |
FAQ
I only prepare tax returns. Am I captured by Tranche 2?
Generally no. Standard tax-return preparation is not a designated service under the AML/CTF Act 2006 (Cth). You become captured when you perform a designated service — managing client money or assets, forming or running companies or trusts, acting as a nominee director or shareholder, or providing a registered-office service. If any part of your practice includes those activities, the whole practice typically needs an AML/CTF program covering them.
When exactly do I need to enrol with AUSTRAC?
Before you commence providing a designated service after 1 July 2026. AUSTRAC enrolment opened on 31 March 2026. The enrolment is completed via the AUSTRAC Online portal and requires details of your business, principals, and AMLCO. AUSTRAC can take several weeks to process — do not leave it to June 2026.
Who can be the AML Compliance Officer (AMLCO) in a small firm?
The AMLCO must be an employee (or partner) of the reporting entity at management level, fit and proper, and able to have the AML/CTF program amended. In a sole practice the principal is typically the AMLCO. The role may not be outsourced to an external consultant — external consultants can advise, but the AMLCO sits inside the firm.
What's the civil penalty for missing an SMR?
Civil penalty provisions in the AML/CTF Act 2006 (Cth) apply to each contravention. The maximum per breach is set in penalty units under the Crimes Act 1914 (Cth) and is updated periodically. For a sole practice this is a material risk — missing a single SMR can exceed six figures. [VERIFY current penalty unit value at time of reading.]
Do I need to screen my existing long-standing clients on 1 July 2026?
AUSTRAC's Tranche 2 transitional rules require reporting entities to apply customer due diligence to customers as part of ongoing customer due diligence processes, including where an event triggers re-verification. In practice, most firms run a baseline screen on the full active client list during 2026 to establish a compliant starting position, then rely on ongoing monitoring thereafter. Discuss with your AMLCO or external adviser.
We use trust accounts already. Does the Legal Profession Uniform Law or the Tax Agent Services Act cover this?
Trust-account rules under the relevant state law and under the Tax Agent Services Act 2009 (Cth) cover trust-account integrity and tax agent conduct. They do not discharge the AML/CTF obligations that Tranche 2 introduces — those are separate, cumulative obligations with distinct reporting, record-keeping, and program requirements.
Are sanctions-and-PEP screening tools sufficient for AUSTRAC Tranche 2?
Sanctions and PEP screening is one component of customer due diligence — typically the part global screening tools focus on. It does not cover ABR status, ASIC directorship history, ASIC banned-and-disqualified persons, AUSTRAC enforcement history, AFSA insolvency, or Federal Court matches. Ironbark aggregates all of those AU-native sources into a single screen. If your firm already subscribes to a global screening tool, Ironbark runs alongside it — we focus on the AU data layer.
What's the smallest firm that realistically complies with Tranche 2?
A sole practitioner performing only a handful of designated services per year can comply. The AML/CTF program scales to the size of the practice. The non-negotiable elements are: written program in place, AMLCO appointed (yourself), CDD run on the customer before providing the service, SMRs and TTRs lodged when triggered, and records kept for seven years. The AUSTRAC guidance and industry-association templates make this tractable.
Where are Ironbark's Trust Score calculations documented?
On our /methodology page. Every sub-score is listed with its weight, data source, refresh cadence, and known edge cases. We publish it because AML/CTF decisions must be defensible — you cannot defend a decision made against a vendor's opaque proprietary risk rating. The sub-score weights are fixed and disclosed.
How do Ironbark credits work?
Credits never expire. A $0.49 PAYG screen purchased today is usable in 2028. This is deliberate — competitor products with 12-month expiry punish low-volume firms, and that's most of the Tranche 2 cohort. There is no minimum purchase. The Professional and Business tiers include monthly screen allocations; overage runs at $0.40 or $0.30 per screen.
Run a free check
10 screens per month on the free tier. No card required. Credits never expire.