Introduction

With just over five weeks until the Anti-Money Laundering and Counter-Terrorism Financing Act 2006 (Cth) (AML/CTF Act) extends to lawyers, accountants, conveyancers and other "Tranche 2" professions on 1 July 2026, AUSTRAC has finalised the sector-specific guidance the legal industry has been waiting for. Starter programme kits, the regulator's updated reform pages, and a wave of Law Council of Australia and state law society implementation tools are now live. The question facing principals and compliance officers is no longer what the obligations are. It is whether the systems, people and policies their firms have built will hold up to scrutiny from day one.

Where the Profession Stands at the End of May

AUSTRAC opened enrolment for Tranche 2 entities on 31 March 2026 and will close it on 29 July 2026. Designated services performed on or after 1 July 2026 must be supported by an enrolled reporting entity, an appointed AML/CTF compliance officer at management level, an approved two-part AML/CTF programme, a money laundering and terrorism financing (ML/TF) risk assessment, and customer due diligence (CDD) processes that meet the new outcomes-based standard.

The scale of the shift is unprecedented for Australia. AUSTRAC expects 80,000 to 90,000 new reporting entities across legal, accounting, real estate and dealers in precious metals and stones, to come into the regime in this single tranche. Industry roundtables hosted through April and May suggest a sizeable proportion of small and mid-sized law firms have not yet completed their ML/TF risk assessment, the foundational document on which the rest of the programme depends.

What AUSTRAC's Final Guidance Confirms

AUSTRAC's professional services reform guidance, alongside its starter programme kit for small, low-complexity practices, makes the regulator's expectations explicit. Firms must identify which of their services are "designated services" under Table 6 of the AML/CTF Act - typically those involving assisting or acting on behalf of a client in relation to a relevant transaction such as buying or selling real estate, managing client money, or forming or restructuring legal entities. Conveyancing, trust and company services, and certain corporate transactional work will almost always be in scope, while pure advisory and litigation work generally will not be.

The CEO of AUSTRAC has been consistent in messaging that perfection on 1 July is not the bar; demonstrable, risk-based effort is. That said, the regulator has also made clear that firms which have made no visible progress by commencement should expect engagement - not as enforcement in the first instance, but as supervisory action that will accelerate quickly if the programme remains absent.

The Common Gaps in the Final Stretch

Three themes are recurring across the implementation conversations being run by the Law Council, the Law Society of NSW, and the Queensland and Victorian societies. First, governance: the AML/CTF compliance officer must sit at management level, but in many partnerships the role has been assigned to an office manager or a finance lead without the authority the rules contemplate. Second, the two-part programme: firms commonly have a Part A risk-based policy in draft, but no Part B operationalising it through CDD checklists, escalation flows and record-keeping. Third, CDD operationalisation: it is one thing to have an identification policy on paper, another to have an audit-ready record for every new client onboarded from 1 July.

Practical tools, including platforms like Legl that help firms run client risk assessments, carry out client due diligence, capture source-of-funds evidence and maintain audit-ready records, can compress the build, but the underlying judgement calls about risk appetite and policy thresholds remain partnership decisions.

Key Takeaways

• The AML/CTF regime commences for Tranche 2 entities on 1 July 2026; enrolment closes 29 July 2026.
• The AML/CTF compliance officer must be at management level - it’s recommended to review the appointment now if it was made in haste.
• Both Part A (risk-based programme) and Part B (operational CDD policies and procedures) must be approved and in force on 1 July.
• Suspicious matter reports will be due within three business days (24 hours for terrorism financing); threshold transaction reports within 10 business days.
• Use AUSTRAC's starter programme kit and the relevant law society implementation guide as templates, but tailor them to the firm's actual service mix and client base.

Looking Ahead

Beyond 1 July, attention will turn to AUSTRAC's first wave of supervisory engagement and to the Anti-Money Laundering and Counter-Terrorism Financing Amendment Bill 2026 moving through Parliament, which would expand the regulator's power to restrict high-risk channels. The firms that put the work in over the next five weeks will be the ones positioned to absorb whatever the second-order changes bring.