New Anti-money Laundering /Counter-Terrorism Financing (AML/CTF) Reforms TF known as AML Tranche 2

We are letting you know Australia has introduced new Anti-Money Laundering & Counter-Terrorism Financing controls (AML/CTF), which will become effective today 1 July 2026.

These reforms extend AML/CTF obligations beyond banks and financial institutions to professionals such as lawyers, conveyancers, real estate and accountants. The goal is to close regulatory gaps, align with global standards, and improve controls in an effort to prevent money laundering and terrorism financing across Australia.

What this means for you

In practical terms as part of the new laws, businesses caught by the AML/CTF laws must verify their client’s identity before providing certain Designated Services.

The services classified as Designated Services can be summarised as:

  • assisting in the planning or execution of a transaction to sell, buy or transfer a company or business

  • receiving, holding, controlling or managing a person’s property for a transaction

  • assisting in organising, planning, or executing a transaction for equity or debt financing relating to a body corporate or legal arrangement

  • selling or transferring a shelf company

  • assisting in the planning or execution of the creation or restructuring a body corporate or legal arrangement

  • acting, or arranging for someone to act on behalf of a person in particular positions in a body corporate or legal arrangement; and

  • providing a registered office address or principal place of business address of a body corporate or legal arrangement.

This includes collecting information such as:

  • verification of identity;

  • address details;

  • company ownership or beneficial ownership information, if relevant; and

  • trust information (if applicable).

These checks help ensure that services are not misused for illegal activities. The verification process is a standard legal requirement, not a reflection on you or your transaction.

How will your information be used?

You will receive an email request from InfoTrack on our behalf when this process is required and your information will only be used to meet legal AML/CTF requirements, which may include:

  • verifying your identity;

  • conducting due diligence; and

  • supporting ongoing compliance and monitoring obligations.

Your data will not be used for marketing purposes or sold or shared beyond what the law requires for AML/CTF compliance.

How long your information will be stored

Under AML/CTF legislation, businesses must securely retain identification and verification records for 7 years. We are using InfoTrack to store this information in a secure, ISO‑certified platform for the full retention period, after which it is safely deleted in accordance with regulatory requirements.

InfoTrack’s security standards

Protecting your privacy is important and your information is protected with ISO 27001 certified security controls, meaning InfoTrack follows global best-practice standards for data protection, risk management, and information security.

This certification ensures:

  • secure storage and handling of your data;

  • continuous monitoring and protection against cyber threats; and

  • rigorous internation governance and compliance processes.

Please refer to the InfoTrack Privacy Policy for further information and the AUSTRAC website for more details on AML/CTF Tranche 2.

You can always contract your Norton White lawyer for clarification too.

Contacts 

Adam Martin

+61 3 9119 2585

adam.martin@nortonwhite.com

Ben Martin

+61 2 9230 9435

ben.martin@nortonwhite.com

Mark Mackrell

+61 2 9230 9415

mark.mackrell@nortonwhite.com

Next
Next

The Goliath: High Court ruling confirms liability for expenses associated with wreck removal are not subject to limitation