Lawyers, Accountants and Real Estate Professionals: Get Compliant Before July 1.

The Anti-Money Laundering and Counter-Terrorism Financing Amendment Act 2024 is Now Law. Here is Exactly What it Requires You to Do.

By Rohan Le Page, Co-Founder, ShareRing

I have spoken to lawyers, real estate agents and accountants over the last six months. Smart people. Busy people. And almost every single one of them, when I bring up Tranche 2, gives me the same look.

The “I know I should deal with this but I haven’t yet” look.

The problem is July 1 does not care about that look. The AML/CTF Amendment Act 2024 is now law. The obligations are set. The date is fixed. And AUSTRAC has been blunt: firms that wilfully ignore their enrolment or make no meaningful effort to comply will face enforcement action from day one.

So here is exactly what you need to do. Not a summary. The actual obligations, with the AUSTRAC links you need, broken down for each profession. Bookmark this.

First things first. Does this actually apply to you?

Before you read another word, check whether these laws even apply to your practice. The reforms do not capture all lawyers, all real estate agents, or all accountants. They capture businesses providing specific “designated services.” You might not be one of them.

AUSTRAC has published a summary of all new obligations and a full list of newly regulated industries. Start here before anything else:

One important thing before you talk yourself out of it: do not assume you are out of scope just because you are small, or because you only do it occasionally. Even one instance of providing a designated service triggers enrolment obligations within 28 days. AUSTRAC is explicit about this.

If you work through the tool and genuinely find you are out of scope, good for you. One less thing to worry about. Genuinely. Go have a coffee.

If you are in scope, keep reading.

What counts as a designated service

Remember: the law does not regulate professions. It regulates specific activities. Whether you are captured depends entirely on what you actually do, not what you call yourself.

Lawyers and conveyancers

You are likely in scope if you:

• Help a client buy, sell or transfer real property or a business
• Receive, hold, manage or control client money or assets
• Set up or restructure a company, trust or other legal arrangement
• Act as a director, secretary or nominee shareholder for a client
• Provide a registered office or business address for someone else’s entity
• Assist with equity or debt financing transactions

You are probably fine if you:

• Do only litigation, court appearances and advocacy work
• Provide purely advisory or opinion work with no transactional component
• Handle only family law matters like divorces and custody disputes with no property transfers
• Work as a barrister with no direct client transactional involvement
• Are an in-house lawyer advising your own employer (you are not separately captured, though your employer may be)

The line is not always clean. A family lawyer who also handles property settlements is partially in scope. A commercial lawyer who advises on deals but never holds funds or executes transactions sits in a genuine grey area. If you are unsure, use the AUSTRAC tool. Do not guess.

Real estate professionals

You are likely in scope if you:

• Act as an agent in the sale, purchase or transfer of any real property
• Work as a buyer’s agent sourcing properties for clients
• Develop and sell property
• Work as a conveyancer handling settlement of property transfers
• Broker mortgage or finance arrangements for property purchases

You are probably fine if you:

• Only manage rental properties and never handle sales or transfers
• Work in a strata management role with no involvement in property transactions
• Provide real estate valuation services only, with no role in facilitating transactions

That said, this one is the broadest of the three. AUSTRAC’s CEO was direct about it: every real estate agency in Australia is coming into the regulated population. If your business touches the sale or transfer of property in any way, assume you are in scope and check.

Accountants and trust and company service providers

You are likely in scope if you:

• Help clients set up or manage companies, trusts or other legal structures
• Provide company secretarial services
• Assist clients in buying or selling a business
• Act as a nominee director, trustee or nominee shareholder
• Manage or control client assets or funds in a material way
• Facilitate international transactions or complex financial structures

You are probably fine if you:

• Only prepare tax returns and financial statements with no transactional involvement
• Do auditing work only
• Provide bookkeeping or payroll services with no role in structuring or asset management
• Give advice on financial strategy without executing or facilitating any transactions

A small tax accounting firm that prepares returns, does BAS lodgements and runs payroll for clients has a reasonable argument they are not captured. But the same firm that also helps the same clients set up a family trust, or assists with the sale of a business, is. Often it is the same practice doing both, which means you need to think carefully about which specific services trigger obligations.

If you are in scope: the eight things you have to do

1. Enrol with AUSTRAC.
Enrolment opens March 31, 2026. You cannot enrol before that date. If you are providing a designated service on July 1, you have until July 29 to enrol. Criminal penalties apply if you do not. This is not optional.

2. Write an AML/CTF program.
A written, risk-based compliance program. It must include a formal risk assessment covering your money laundering and terrorism financing exposure. It must include policies, procedures, systems and controls to manage that risk. It must be approved by senior management before July 1. This is not a document you download and file. It needs to reflect how your firm actually operates.

For small, low-complexity practices, AUSTRAC has released sector-specific Program Starter Kits. These are free, practical and genuinely useful. Use them. But understand they are a starting point, not a finish line. Large or complex practices will need to go further.

3. Appoint a compliance officer.
Someone in your firm needs to own AML/CTF compliance. A named individual with delegated responsibility. For small practices this can be the principal. This person must meet a character test and have an appropriate level of expertise. AUSTRAC gives newly regulated entities until July 29 to notify them of their compliance officer.

4. Verify every client before you provide a designated service.
Before you act for a new client on a designated service, you must verify their identity. Not after. Before. And this can kick in earlier than you think. AUSTRAC has said the obligation to conduct customer due diligence can arise during preparatory steps, before the transaction is formally underway.

Verification means collecting full legal name, date of birth or residential address, and confirming that information from a reliable, independent source. Taking their word for it is not compliant. Photocopying a passport does not confirm the document is genuine or that the person presenting it is really that person.

For higher risk clients, Enhanced Customer Due Diligence applies: additional verification of source of funds, beneficial ownership, Politically Exposed Person status and sanctions screening.

5. Screen for PEPs and sanctions.
Every new client on a designated service. Every time. Politically Exposed Persons and targeted financial sanctions lists. You need a process, and you need to run it consistently.

6. Monitor ongoing client relationships.
CDD is not a one-time event at onboarding. Relationships change. Risk profiles change. You need ongoing monitoring and a process to update client information when circumstances shift.

7. Report suspicious matters.
If you suspect a transaction or client is connected to criminal activity, you must report it to AUSTRAC. Regardless of whether the transaction proceeds. Regardless of the dollar amount. There is no minimum threshold for suspicious matter reporting.

8. Keep records for 7 years.
Every identity verification, every transaction record, every suspicious matter report. Seven years. In a format that can be produced to AUSTRAC on request. Filing cabinets and spreadsheets are not audit trails.

One important note for lawyers: legal professional privilege

The Act preserves legal professional privilege. Nothing in the AML/CTF Act requires a lawyer to disclose information that would otherwise be privileged. AUSTRAC has published guidance on how to manage this in practice, including a form to assert privilege in specific circumstances. If you are purely a litigation or advisory practice with no transactional work, you may not be captured at all.

Why the manual approach does not work

Photocopying a passport is not verification under the AML/CTF Act. It does not confirm the document is genuine. It does not confirm the person presenting it is the actual owner. It does not run PEP or sanctions checks. It does not produce a 7-year auditable digital record. It is not compliant.

And doing it manually at scale is genuinely expensive. A firm handling 200 property matters a year is verifying 200 clients. Then re-verifying when they come back. Then again for their spouse, their trust, their SMSF. The labour cost alone is significant. The compliance risk of doing it badly is even bigger.

The firms building compliance on paper will spend more, carry more risk and create more friction for clients than firms that go digital from the start. There is no version of this where the manual approach wins.

What we built at ShareRing

ShareRing Me covers the full verification stack in a single client-facing app. Document capture, OCR, biometric face matching, liveness detection, DVS check against Australia’s government document verification system, PEP screening, sanctions screening. The verified result is anchored to our blockchain as an immutable, timestamped audit trail.

The thing that makes it genuinely different from every other platform on the market: the credential is reusable. A client verifies once. Every subsequent engagement with your firm, or any other ShareRing-enabled firm, is a single tap. No re-verification. No friction. No paper.

We built this specifically for the Australian market and against AUSTRAC’s actual requirements. It meets every material AML/CTF and ARNECC VOI obligation out of the box. Fifty to eighty percent cheaper per verification than the major enterprise alternatives. No mandatory subscription. Deploys in days.

If you want to see how it works in practice, book a demo. We will walk you through the full client onboarding flow, the compliance dashboard, and what your 7-year audit trail looks like when AUSTRAC comes knocking.

Rohan Le Page is Co-founder of ShareRing. ShareRing Me is AUSTRAC AML/CTF compliant, ARNECC VOI Ready, DIATF certified, and ISO 27001 certified. sharering.network | #Private #Secure #Verified