⚠ AUSTRAC Deadline: 1 July 2026 — AML/CTF obligations commence for real estate agents. Loading… remaining.
FAQ — Real Estate Agents

Your AML/CTF questions
answered.

Everything you need to know about your obligations under AUSTRAC Tranche 2 — plain English, no jargon.

The Basics Who It Applies To CDD Obligations Seller CDD Buyer CDD AUSTRAC Enrolment AML/CTF Program Using the App Penalties
No questions match your search. Try different keywords or contact us.

The Basics

What is Tranche 2 and why does it affect me?

Tranche 2 refers to the second wave of reforms under Australia's Anti-Money Laundering and Counter-Terrorism Financing Act 2006 (AML/CTF Act), enacted through the AML/CTF Amendment Act 2024.

From 1 July 2026, real estate agents who act as a seller's agent in property transactions become "reporting entities" — meaning you have legal obligations to identify customers, assess risk, report suspicious activity and enrol with AUSTRAC.

Real estate is a known high-risk sector for money laundering globally. Property transactions involve large sums, can be complex, and have historically been used to move and conceal illicit funds. This is why AUSTRAC is bringing the sector into the AML/CTF framework.

What are the key dates I need to know?
  • 1 July 2026 — AML/CTF obligations commence. Your program must be in place and you must be performing CDD on all transactions from this date.
  • 31 March 2026 — AUSTRAC Online opens for Tranche 2 enrolment.
  • 29 July 2026 — Enrolment deadline. You must be enrolled by this date.
  • 2027 — First Annual Compliance Report (ACR) due. Exact date to be confirmed by AUSTRAC.
  • ~2029 — First 3-year independent evaluation due (s.159 AML/CTF Act).
Don't wait until July. Your AML/CTF Program, staff vetting and training must all be in place before 1 July 2026 — not after.
What do I actually need to have in place by 1 July 2026?

Before 1 July 2026 you need:

  • A documented AML/CTF Program — Part A (governance) and Part B (CDD procedures) — approved by a senior manager
  • A completed agency-level risk assessment
  • Staff vetting records — all staff who perform AML/CTF functions must be vetted before they start
  • AML/CTF training completed by all relevant staff
  • A process for CDD on sellers and buyers for every property transaction

By 29 July 2026 you also need to be enrolled with AUSTRAC.

SimpleAML guides you through all of this step by step. Open the app →
What is an AML/CTF Program?

Your AML/CTF Program is a written document that sets out how your agency will manage its money laundering and terrorism financing risks. Think of it as your compliance policy manual.

It has two parts:

  • Part A — General Program: Governance, AMLCO role, risk appetite, training requirements, reporting obligations and record keeping.
  • Part B — CDD Procedures: How you identify and verify sellers and buyers, when CDD must be done, PEP and sanctions screening, and what to do with high-risk customers.

It must be formally approved by a senior manager (your Principal or Licensee in Charge) and kept up to date — reviewed at least annually.

Download the free SimpleAML templates to build your program. Get templates →

Who It Applies To

Does this apply to my agency?

If your agency acts as a seller's agent in the sale of residential or commercial property — yes, it applies to you.

The following are exempt (not covered by Tranche 2):

  • Residential leasing and property management
  • Standalone auctioneers (not acting as the listing agent)
  • Private sales (where no agent is involved)
If you do both sales and property management, the obligations only apply to your sales activities — not your management portfolio.
What about buyer's agents?

Under the current Tranche 2 reforms, the designated service covers agents acting on behalf of the seller. Buyer's agents — agents who act exclusively for the buyer — are not currently included as a designated service in the same way.

However, this is an evolving area and AUSTRAC guidance may clarify this further. If you act for both sellers and buyers, the obligations apply to your seller's agency activities.

If you are a buyer's agent only, seek specific legal advice on your obligations as AUSTRAC guidance develops.
Does it apply to commercial property?

Yes. The designated service covers the sale of real property — which includes both residential and commercial property. If you sell commercial property as a seller's agent, the same obligations apply.

Commercial transactions may actually carry higher risk ratings due to larger transaction values, more complex ownership structures (companies, trusts) and potentially more complex funding arrangements.

What about off-the-plan sales and property developers?

Off-the-plan sales present additional complexity because the buyer's identity may be known well before settlement, and the transaction timeline can span years. The same CDD obligations apply — you must identify and verify the buyer, but the ongoing monitoring requirements are more involved given the extended timeline.

Property developers who sell direct to buyers without using a licensed real estate agent may have their own separate obligations under Tranche 2. SimpleAML is designed for licensed real estate agents acting as seller's agents — if you are a developer selling direct, seek specific legal advice.

Off-the-plan CDD is complex. Seek legal advice if this is a significant part of your business.
What about stock and station agents?

Stock and station agents who sell rural and agricultural land are covered by Tranche 2 in the same way as residential and commercial real estate agents — the designated service applies to the sale of real property broadly.

SimpleAML is not specifically designed for the stock and station sector and may not cover all the nuances of rural property transactions. Seek specific guidance if this is your primary business.

CDD Obligations — Overview

What is CDD and why do I have to do it?

CDD stands for Customer Due Diligence. It's the process of identifying who your customers are, verifying that identity, and assessing the risk they pose for money laundering or terrorism financing.

Under the AML/CTF Act, you must perform CDD on both your seller and your buyer for every property transaction. The law requires this even if you've dealt with the customer before.

CDD involves:

  • Collecting identifying information (name, date of birth, address, occupation)
  • Verifying that identity against acceptable documents (passport, driver's licence, DVS)
  • Identifying the beneficial owner if the customer is a company, trust or SMSF
  • Screening for PEP status and sanctions
  • Assigning a risk rating (Standard or High)
Do I really have to do CDD on both the seller AND the buyer?

Yes — even though you act for the seller, you must perform CDD on both parties. This is one of the most commonly misunderstood aspects of the new obligations.

The law requires you to identify and verify all parties to the transaction, not just your client. The buyer is a party to the transaction and must be identified.

You cannot skip buyer CDD on the basis that you are the seller's agent and have no relationship with the buyer. Both parties must be identified and verified.
What documents can I use to verify identity?

Acceptable identity documents include:

  • Australian passport
  • Foreign passport
  • Australian driver's licence
  • Medicare card (as a secondary document)
  • Birth certificate
  • Australian citizenship certificate

Identity should be verified using the Document Verification Service (DVS) — an electronic check against government records. DVS is fast, reliable and provides an auditable record. Services like NameScan provide DVS checking.

If DVS is not used, you must inspect the original document in person (or via video call) and keep a certified copy.

What is a PEP and do I need to screen for them?

A Politically Exposed Person (PEP) is someone who holds or has held a prominent public position — such as a government minister, senior public official, judge, military officer, or senior executive of a state-owned enterprise — in Australia or overseas.

Yes — you must screen every seller and buyer against PEP lists. PEPs carry a higher risk of corruption and must be treated as high-risk customers, regardless of other factors.

You must also screen against the DFAT Consolidated Sanctions List and the UN Security Council Consolidated List for every customer.

If you identify a PEP, do not proceed without AMLCO approval. If you identify a sanctioned individual, do not proceed at all — file an SMR with AUSTRAC.

Seller CDD

When do I need to complete CDD on the seller?

Seller CDD must be completed at listing — before or at the time of signing the agency agreement. You must not market or list the property until seller CDD is complete.

This is a hard rule — there is no grace period. If you list before completing seller CDD, you are in breach.

Build seller CDD into your listing workflow. When you sit down to sign the agency agreement, CDD should be done at the same meeting.
Can I rely on another party for seller CDD?

No. Legal reliance — where you rely on CDD performed by another reporting entity — is not available for seller CDD. You must always perform seller CDD directly.

This is different from buyer CDD, where legal reliance is available in certain circumstances.

What if the seller is a company, trust or SMSF?

Company seller: Verify the company name and ACN via ASIC. Identify all directors and verify at least one. Identify any beneficial owner (25%+ ownership). Confirm who is authorised to sign.

Trust seller: Obtain the trust deed. If individual trustee — verify as an individual. If corporate trustee — verify the company as above. Identify the settlor, beneficiaries and any person with effective control.

SMSF seller: Verify all members' identities. Verify the trustee (individual or corporate).

Trust and SMSF sellers are common in property transactions. Build a checklist into your process so nothing is missed.

Buyer CDD

When do I need to complete CDD on the buyer?

The timing depends on the sale method:

  • Private sale: Buyer CDD must be complete before exchange of contracts. You control the timing — do not allow exchange to proceed until CDD is done.
  • Auction: Because the buyer may not be known before the auction, CDD must be completed within 28 days of exchange OR before settlement — whichever comes first.
For auctions — do not allow settlement to proceed if buyer CDD is still outstanding. This is the only case in the app where timing is genuinely critical after exchange.
What is legal reliance and can I use it for buyer CDD?

Legal reliance allows you to rely on CDD that has already been performed by another reporting entity (for example, the buyer's solicitor or mortgage broker) rather than performing CDD yourself.

To use legal reliance, all of the following conditions must be met:

  • The third party is a reporting entity under the AML/CTF Act
  • They have performed CDD on the buyer that meets your requirements
  • They provide you with written confirmation of this
  • You keep a record of that written confirmation
Legal reliance does NOT cover PEP and sanctions screening. Even if you rely on another party for identity verification, you must still screen the buyer for PEPs and sanctions yourself.
What if the buyer refuses to provide ID?

If a buyer refuses to provide identification, you cannot proceed with the transaction. CDD is a legal requirement — proceeding without it exposes you to serious penalties.

A buyer's refusal to provide ID is itself a significant red flag and should be escalated to your AMLCO. Consider whether a Suspicious Matter Report (SMR) is required.

Explain to buyers early in the process that identity verification is a legal requirement for all property transactions from 1 July 2026 — not a choice.
What are the red flags I should watch out for?

Common red flags in property transactions include:

  • Buyer offers to pay entirely in cash or cryptocurrency
  • Purchase price significantly above or below market value with no clear explanation
  • Buyer is disinterested in property features but intensely focused on completing quickly
  • Buyer is reluctant or refuses to provide identification
  • Funds coming from multiple unrelated third parties
  • Buyer changes payment method or funding source unexpectedly
  • Complex ownership structures (multiple companies/trusts) with no clear business reason
  • Buyer is a foreign PEP or from a FATF high-risk jurisdiction
  • Property is sold and resold quickly at increasing prices
  • Seller accepts well below market value without explanation

Red flags don't automatically mean the transaction is suspicious — but they must be escalated to your AMLCO for review.

AUSTRAC Enrolment

How do I enrol with AUSTRAC?

Enrolment is done through AUSTRAC Online at online.austrac.gov.au. The portal opens for Tranche 2 enrolments on 31 March 2026 and the deadline is 29 July 2026.

During enrolment you will need to provide:

  • Your agency name, ABN and licence number
  • Your AMLCO's name and contact details
  • The designated services you provide
  • Your commencement date (1 July 2026 for most agencies)
  • Fit and proper declarations for key personnel

Once enrolled, AUSTRAC will issue you an Entity ID — record this in SimpleAML.

Complete steps 1–5 in SimpleAML before attempting enrolment — you'll need your agency profile, AMLCO details and program approval in place.
What is an AMLCO and does every agency need one?

An AMLCO (AML/CTF Compliance Officer) is the person responsible for overseeing your agency's AML/CTF compliance. Every reporting entity must appoint one.

Your AMLCO must be a fit and proper person — typically your Principal or Licensee in Charge. For small agencies, the LIC is almost always the AMLCO.

The AMLCO must be notified to AUSTRAC by 29 July 2026.

For small agencies, the Principal/LIC is typically both the AMLCO and the approving senior manager. That's fine.
What is the Annual Compliance Report (ACR)?

Once enrolled, you must submit an Annual Compliance Report (ACR) to AUSTRAC each year. The ACR reports on your compliance activities — your program, training, CDD processes and any issues identified.

The first ACR for Tranche 2 entities will be due in 2027, covering the period from 1 July 2026. AUSTRAC has not yet confirmed the exact due date.

SimpleAML's compliance evidence report is designed to help you prepare for this — it captures all the data AUSTRAC will want to see.

AML/CTF Program

Do I need a lawyer to write my AML/CTF Program?

No — you don't need a lawyer to write your AML/CTF Program, but your completed program must accurately reflect your agency's actual circumstances, risk profile and procedures.

SimpleAML provides free Word document templates (Part A and Part B) that you can download, customise with your agency's details, and use as your program. These templates are AUSTRAC-aligned and cover everything required.

If your agency has complex or unusual circumstances, or if you are uncertain about your obligations, seeking legal advice is always a good idea.

Download the free SimpleAML templates →
What is the 3-year independent evaluation?

Under section 159 of the AML/CTF Act, all reporting entities must arrange an independent evaluation of their AML/CTF Program at least every three years. The first evaluation for Tranche 2 entities is due approximately in 2029.

The evaluation must be conducted by a suitably qualified person who is independent of your agency — typically an external compliance consultant or auditor.

SimpleAML's compliance evidence report includes a Part B — Evaluation Support section specifically designed to help your evaluator assess your program.

What is the tipping-off prohibition?

The tipping-off prohibition (section 123 of the AML/CTF Act) makes it a criminal offence to disclose to a customer that a Suspicious Matter Report (SMR) has been, is being, or may be filed in relation to them.

This means you cannot warn a seller or buyer that their transaction is being investigated or that you have filed a report with AUSTRAC. All staff must understand this obligation — a breach is serious.

Tipping off is a criminal offence. If you file an SMR, do not tell the customer — not even indirectly. Train all staff on this obligation.

Using SimpleAML

Is SimpleAML really free? What's the catch?

Yes — completely free. No account required, no subscription, no credit card. There is no catch.

SimpleAML was built by Chris Wong, CPA, because every existing AML compliance tool was built for banks and cost thousands per year. Independent real estate agencies deserve something built for them.

Your data stays in your browser — nothing is sent to any server. You own your data completely.

Where is my data stored? Is it secure?

All your data is stored in your browser's localStorage — on your device only. Nothing is transmitted to any server.

This means:

  • Your data is private — nobody else can see it
  • It is only accessible on the device and browser you use
  • If you clear your browser data, your SimpleAML data will be lost — use the Export function regularly to back up
  • You are responsible for maintaining your records for 7 years as required by the AML/CTF Act
Back up your data regularly using the Export function in the app. AML/CTF records must be kept for 7 years.
Can multiple staff use SimpleAML?

Currently SimpleAML is a single-user, single-device app. Multiple staff can use it but they would each be using their own local copy on their own device — data is not shared between devices.

For a small agency, the most practical approach is to have one designated device (typically the AMLCO's computer) where all compliance records are maintained, and staff add their records to that device.

Cloud sync and multi-user support are on the future roadmap.

What is the Compliance Evidence Report?

The Compliance Evidence Report is a printable document that draws all your SimpleAML data together into a single structured compliance record. It is not submitted to AUSTRAC — it is held by your agency as evidence of compliance.

It has two parts:

  • Part A — Annual Evidence: Your enrolment details, program approval, risk assessment, staff vetting, training records and CDD register.
  • Part B — Evaluation Support: A gap analysis, CDD timeliness check, high-risk transaction summary and a blank independent evaluator declaration page.

Generate it after enrolment so your AUSTRAC Entity ID is included, making it a complete record from 1 July 2026.

Penalties & Consequences

What happens if I don't comply by 1 July 2026?

Non-compliance with the AML/CTF Act can result in serious consequences including:

  • Civil penalties — significant financial penalties per breach
  • Criminal prosecution — for serious or wilful non-compliance
  • Enforceable undertakings — AUSTRAC may require you to implement specific compliance measures
  • Public naming — AUSTRAC publishes enforcement actions
  • Loss of licence — non-compliance may affect your real estate licence
The deadline is real. AUSTRAC has significantly increased its enforcement activity in recent years. Don't assume you won't be audited.
Does SimpleAML guarantee my compliance?

No — SimpleAML is a compliance assistance tool, not a guarantee. It guides you through what AUSTRAC requires and helps you document your compliance, but you are ultimately responsible for ensuring your agency meets all its obligations.

SimpleAML does not constitute legal advice. If you are uncertain about your specific obligations, seek independent legal advice.

Ready to get compliant?

SimpleAML guides you through every step — free, no account required.

Open SimpleAML Free → Download Free Templates
Important: SimpleAML is a compliance assistance tool only and does not constitute legal advice. Users are responsible for ensuring their own compliance with AUSTRAC requirements. Seek independent legal advice where required. Developed by Click Seed Pty Ltd ABN 87 656 256 567.