Complete guide to creating a compliant AML/CTF program under AUSTRAC requirements. Learn Part A, Part B, risk assessment, and Tranche 2 obligations for accountants, lawyers, and real estate professionals.
What is an AML/CTF Program?
An AML/CTF program is your documented plan to comply with the Anti-Money Laundering and Counter-Terrorism Financing Act 2006. Under AUSTRAC requirements, all reporting entities must have a written program that outlines how you identify, manage, and report money laundering and terrorism financing risks.
Who Must Have an AML/CTF Program?
If you are a reporting entity under the AML/CTF Act, you must have a program. Reporting entities include:
- Accountants and audit firms
- Lawyers and solicitors
- Real estate agents
- Conveyancers
- Financial advisers
- Financiers and lenders
- Casinos and gaming venues
AML/CTF Program Part A: Mandatory Requirements
Part A covers the core elements every reporting entity must include:
- Customer Due Diligence (CDD) - How you identify and verify customers
- Beneficial Ownership Identification - Who owns/controls the customer
- Enhanced Due Diligence (EDD) - Extra checks for high-risk customers
- Risk Assessment - Document your ML/TF risks
- Sanctions Screening - Check against sanctions lists
- Record Keeping - Keep customer records for 7 years minimum
- Reporting - Report suspicious activity to AUSTRAC
- Training - Ensure staff understand AML obligations
AML/CTF Program Part B: Application-Specific Requirements
Part B depends on your business type and must address:
- Nature of your business and client interactions
- Products and services offered
- Customer identification methods
- Ongoing transaction monitoring
- Use of technology and third parties
- Cross-border transactions
Step-by-Step AML/CTF Program Creation
Step 1: Conduct ML/TF Risk Assessment
Identify money laundering and terrorism financing risks specific to your business:
- What products create risk? (cash transactions, trusts, property sales)
- What customer types are high-risk? (new customers, high-value clients)
- What jurisdictions pose risk? (high-risk countries, sanctions-listed)
- What internal factors increase risk? (staff turnover, process gaps)
Step 2: Design Customer Due Diligence Process
- Collect and verify identity documents
- Verify beneficial ownership information
- Screen against sanctions lists (DFAT, UN, etc.)
- Document all CDD steps
- Review and update regularly
Step 3: Create Suspicious Activity Reporting Procedure
- Train staff to identify suspicious transactions
- Document what constitutes suspicious activity
- Create internal reporting form
- Report to AUSTRAC within 10 business days
- Keep SMR records
Step 4: Document and Implement
- Write Part A requirements document
- Write Part B application-specific document
- Create supporting procedures and forms
- Train all staff on AML/CTF obligations
- Designate AML/CTF compliance officer
- Review annually and update when required
Tranche 2 Reforms: New Obligations
AUSTRAC Tranche 2 introduces new requirements for higher-risk reporting entities:
- More robust beneficial ownership verification
- Enhanced ongoing customer due diligence
- Quarterly reporting to AUSTRAC (for some entities)
- Enhanced sanctions screening
- Strengthened governance requirements
AML/CTF Program Compliance Checklist
- ☐ Conducted ML/TF risk assessment
- ☐ Created Part A document with all 8 mandatory elements
- ☐ Created Part B document application-specific to your business
- ☐ Implemented customer due diligence process
- ☐ Set up sanctions screening system
- ☐ Created suspicious activity reporting procedure
- ☐ Trained all staff on AML/CTF obligations
- ☐ Designated AML/CTF compliance officer
- ☐ Established record-keeping system (7-year retention)
- ☐ Scheduled annual review and update
- ☐ Documented compliance for AUSTRAC audit
Get AML/CTF Program Support
Use AML Shield Pro to generate compliant AML/CTF programs, conduct risk assessments, complete CDD, and meet all AUSTRAC Tranche 2 obligations automatically.