Key obligations for regulated law practices

Align
Right

Enrolment

Enrolment involves providing certain information about your business, key personnel, and contact details to AUSTRAC. Those details must be updated if they change. 

Reporting Entities must enrol with AUSTRAC within 28 days of providing a designated service. 

Tranche 2 entities must enrol between 31 March 2026 to 29 July 2026 to avoid penalties. 

AML program 

A reporting entity must have an AML/CTF program which contains: 

ML/TF/PF risk assessment 
This assessment must identify and assess the risks of ML and TF and PF your business may reasonably face in providing a designated service, and  

AML/CTF policies 
A business must develop and maintain policies, procedures, systems and controls that appropriately manage and mitigate your business’ risks. These policies must also ensure that you comply with your AML/CTF obligations and be appropriate to the nature, size and complexity of your business. 

Access the following training videos for further information about undertaking a risk-based approach for the purposes of AML/CTF compliance and AML Programs. 

Customer Due Diligence 

Customer due diligence (CDD) helps you understand who your customers are and the ML/TF/PF risks they may bring to your business. The obligations include initial CDD, ongoing CDD, enhanced CDD and simplified CDD. 

Learn more about CDD by accessing the following training video: 

CDD STRATEGIES FOR MAKING IT EASY 
Amy Bell, Solicitor, AML Sorted. 

Reporting requirements 

Reporting entities need to submit certain reports to AUSTRAC including: 

  • Suspicious matter reports: When you suspect on reasonable grounds that a person is not who they claim to be or that a matter is linked to criminal activity or proceeds of crime. 
  • Threshold transaction reports: For individual physical currency transactions valued at A$10,000 or higher. 
  • International value transfer service reports (IVTS): For all international transfers of value transactions where relevant (this will not be applicable for the majority of law practices). 
  • Annual compliance reports: an annual report summarising how you have met your AML/CTF obligations in the previous year. 

Access the training video linked below to learn more about the reporting obligations of reporting entities. 

REPORTING REQUIREMENTS 
Amy Bell, Solicitor, AML Sorted 

AML Compliance Officer 

The AML Compliance Officer (AMLCO) must:  

  • be an Australian resident, 
  • be a fit and proper person, 
  • be employed or engaged at management level, and 
  • have sufficient authority, independence and access to information and resources to undertake their role effectively 

The AMLCO must, among other things, oversee and coordinate: 

  • the practice’s day-to-day compliance with the AML legislative scheme, and 
  • the effective operation of, and compliance with the practice’s AML/CTF policies. 

The AMLCO can be employed internally or be otherwise engaged by the law practice. They can also have other roles. 

Image size
large