The countdown has begun. While "Tranche 2" businesses—lawyers, accountants, and real estate agents—receive the majority of media attention surrounding Australia's anti-money laundering and counter-terrorism financing (AML/CTF) reforms, a seismic shift for current reporting companies is also imminent.
March 31, 2026, is more than just a date on the calendar for Australian Financial Services Licence (AFSL) holders who are already subject to AUSTRAC regulation. It signifies the start of an updated, stricter regulatory system. The days of "set and forget" compliant AML programs are long gone. "Is the business ready for the AML/CTF changes?" is currently the most crucial question.
#
The Status Quo's End
The AML/CTF Amendment Act 2024 and its accompanying regulations bring about modifications intended to streamline the system while raising its efficacy burden. The legislative change that eliminates the distinction between Part A and Part B of the AML/CTF Program is important for current reporting entities.
The divided structure vanishes on March 31, 2026. Reporting organizations must replace it with a single, results-driven AML/CTF Program. This is a basic requirement for a program that clearly connects risk assessments to controls, not an administrative exercise in document merging. The current program will probably fall short of the new requirements if it is kept on a shelf and only examined by an impartial third party.
#The Evaluation of Dynamic Business Risk
The Business Risk Assessment is the central component of the reforms. The Risk Assessment becomes a dynamic, living part of the governance framework under the new regime, rather than a static document.
Most importantly, the range of danger has increased. Along with money laundering (ML) and terrorism financing (TF), entities are also required to specifically identify, evaluate, and manage risks associated with proliferation financing (PF).
Customers, jurisdictions, and distribution channels must all be thoroughly examined. Does the existing risk approach take into consideration the financing of weapons of mass destruction or the evasion of sanctions? If the response is "no," the gap analysis needs to start right away.
#Governance: The Standard of "Reasonable Steps"
The responsibility to take "reasonable steps" to guarantee compliance is placed firmly on top management and governing bodies by the amendments. It is no longer sufficient for a Board to merely mention the AML/CTF Program in meeting minutes.
Active oversight is now required of senior management. This entails being aware of the particular ML/TF/PF threats the company confronts and making sure the AML/CTF Program has the resources and efficacy to reduce them. The selection of the AML/CTF Officer is also scrutinized; this person must be "fit and proper" and possess adequate autonomy and power. The governance structure might not be in compliance if the AML Officer is positioned three levels below the board and has no direct access to it.
#The Designated Business Groups' Disintegration
Replacing Designated Business Groups (DBGs) with Reporting Groups is a practical but crucial operational shift. On March 31, 2026, current DBGs will expire.
This rollover is not automated. The new regulations require corporate groupings that depend on pooled compliance resources to proactively create a Reporting Group. This calls for a formal agreement and the identification of a lead organization in charge of the group's AML/CTF compliance. Individual entities within a group may become legally vulnerable and technically non-compliant if a formal transition is not made.
#Culture and Training
New definitions and responsibilities accompany new regulations. It is necessary to identify and properly train every employee working in AML/CTF. Programs for staff training that were created years ago will become outdated.
For instance, as of March 2025, the "tipping off" provisions have already changed, and the new Customer Due Diligence (CDD) standards necessitate updated operational expertise, especially with regard to value transfers and the "Travel Rule."
Now is the time to design a training plan for 2026. It should guarantee that every employee, including frontline employees, compliance teams, and the Board, is aware of both the new Act's mechanics and the cultural shift toward proactive risk management that AUSTRAC mandates.
The Immediacy of Today
Now that 2026 has arrived, there is not much time left to assess these additional responsibilities. It's possible that the gap between the 2026 criteria and the existing frameworks will be greater than expected.
#AFSL holders should take the following immediate actions:
- Gap Analysis: Examine the new requirements in relation to the existing AML/CTF Program.
- Risk Assessment Review: Make sure the Risk Assessment represents current business reality by updating it to include recognized risks and Proliferation Financing.
- Governance Check: Confirm the AML Officer's independence, official appointment, and fit and suitable status. Inform the Board of their increased liabilities.
- DBG Transition: Arrange for the Reporting Group to replace the Designated Business Group.
The goal of the changes is to prevent illicit abuse of Australia's financial system. This indicates that the bar has been raised for AFSL holders. Compliance is now a fundamental license-to-operate requirement rather than just a box to be checked.
AFSL holders are receiving assistance from MIntegrity in managing this change. There is a set deadline. The responsibilities are obvious. Now is the moment to take action.
