Everything you need to
get started.

We recommend following this order when setting up SimpleAML for the first time:

1. Firm Profile — enter your practice details, ABN and principal contact
2. Staff Vetting — record identity checks and fit & proper assessments for all AML/CTF staff
3. Training Register — log AML/CTF training completed by staff
4. Risk Assessment — document your firm-level ML/TF/PF risk assessment
5. Client Base & Geography — complete your client base and geographic risk profile
6. AML/CTF Program — upload your program documents and record senior manager approval
7. AUSTRAC Enrolment — check your readiness score and enrol
8. Save Compliance Report — generate and save your PDF as proof of compliance
9. New Client — add clients and complete CDD before providing a designated service

Yes — SimpleAML works in any modern browser on any device. However for the best experience we recommend using it on a desktop or laptop. The app has a lot of detail and some sections are easier to work through on a larger screen.

No account is required. Just open the app and enter your firm name to get started. Your data is saved automatically to your browser and backed up to our secure cloud.

User accounts with login are on our roadmap — this will allow multiple staff to access the same firm data from different devices.

AUSTRAC's risk-based framework requires your own written assessment for key areas — not just a checkbox. A tick box shows you completed a step. A written narrative shows you understood it and applied it to your specific firm.

During an AUSTRAC audit you'll be asked to explain and defend your assessments. The areas that specifically require written answers include:

• Firm risk assessment — why you rated your services Low/Medium/High
• Risk appetite statement — what client types your firm will and won't accept
• Proliferation financing assessment — your specific PF exposure and controls
• Source of funds for High Risk clients
• Key controls — what your practice actually does

The Save Compliance Report tab generates a formal AML/CTF Compliance Evidence Report specifically formatted for AUSTRAC audit purposes. It is the single most important document you can produce to prove your firm is compliant.

The report documents everything AUSTRAC expects to see during an audit:

• Your AUSTRAC enrolment details and entity ID
• Your AML/CTF Program — Part A governance and Part B CDD procedures
• Your ML/TF/PF Risk Assessment with written narrative
• Your designated services scope and risk appetite statement
• Your compliance appointments including AMLCO
• Your complete client CDD register
• Your staff training register
• Your staff vetting records

Each section references the specific AML/CTF Act provision it satisfies. The report includes a formal declaration and signature block for your AMLCO and senior manager.

There are four occasions when you should generate and save the report:

1. After AUSTRAC enrolment — your baseline record proving everything was in place from 1 July 2026. Wait until after enrolment so your AUSTRAC Entity ID is included.
2. Annually — ongoing proof that your program is actively maintained and up to date.
3. Every 3 years (~2029) — for the independent external evaluation required under s.159 of the AML/CTF Act. Your evaluator will use this as their primary evidence.
4. If AUSTRAC audits your firm — you must be able to produce evidence promptly. Keep a current saved copy at all times.

Go to New Client in the sidebar. Fill in the client's details including entity type, designated service, jurisdiction and the nature of the relationship. Add at least one individual for identity screening, then set a risk rating and review date. Click Record Compliance Profile to save.

CDD must be completed before you provide a designated service to a client — not after.

Each client is assigned Low, Medium or High risk based on their industry, jurisdiction, the designated service being provided, and any suspicious matter or threshold transaction triggers. The rating determines how often a review is required:

• High Risk — annual review
• Medium Risk — every 2 years
• Low Risk — every 3 years

High Risk clients also require enhanced CDD — source of funds documentation, associates screening, and a written reason for proceeding.

When a client's review date passes they are flagged as Overdue in red on the Dashboard and Client Overview. Go to Client Overview, find the client and click New Review. The form pre-fills with their existing details — update what has changed and save. The previous record is retained as a superseded version for your audit trail.

For each individual associated with a client you should upload evidence of:

• DVS Identity check — Document Verification Service result
• PEP screening — Politically Exposed Person check
• Sanctions screening — confirmation against DFAT consolidated sanctions list
• Associates screening — optional for Low Risk, recommended for Medium, required for High Risk

For High Risk clients you also need source of funds documentation.

This may be related to your browser or computer's regional settings. If your device is set to a US locale, some date fields may display in mm/dd/yyyy format while you're entering a date.

Once saved, SimpleAML is designed to display dates in Australian format (dd/mm/yyyy) — but if you're seeing American-format dates after saving, try changing your computer's region settings to Australia and see if that resolves it.

AUSTRAC uses the term "personnel" broadly — it covers anyone involved in your AML/CTF program, including employees, contractors, consultants and partners. For most small accounting firms this means all staff who have contact with clients or handle compliance tasks.

Staff vetting must be completed before appointment for anyone in a compliance role, and reviewed annually.

Yes — go to Save Compliance Report in the sidebar. This opens a formal AUSTRAC audit evidence report in a new tab. Select Save as PDF → Portrait → A4 for the complete compliance document.

You can also use Export Data to download a complete backup of all your data as a JSON file, which can be imported back into SimpleAML on any device.

ML — Money Laundering. Making illegally obtained money appear legitimate. For example a client using your trust account to layer funds from an undisclosed source.

TF — Terrorism Financing. Providing funds or financial services — knowingly or unknowingly — that support terrorist activities.

PF — Proliferation Financing. Funding the development or acquisition of weapons of mass destruction. A newer requirement added to the reformed AML/CTF Act.

When SimpleAML refers to ML/TF/PF risk it means: what is the risk that your firm's services could be used to launder money, finance terrorism, or finance weapons proliferation. Your Firm Risk Assessment documents your assessment across all three categories.

PF Statement (Services tab) is your firm's policy declaration — what your firm will and won't do regarding proliferation financing. For example: "Our firm will not provide services to any entity subject to UN Security Council sanctions."

PF Risk Assessment (Client Base & Geography tab) is your evidence-based analysis — your actual exposure to PF risk based on your real client base, services and jurisdictions. It requires a rating (Low/Medium/High) and written justification.

Designated services are the specific accounting services that trigger AML/CTF obligations under Tranche 2. Your obligations apply based on what services you provide, not simply because you are an accountant.

Common examples include assisting with real estate transactions, receiving or managing client funds, creating or restructuring companies or trusts, acting as a nominee, and selling shelf companies.

AMLCO stands for AML/CTF Compliance Officer. Every reporting entity must appoint one before enrolling with AUSTRAC. The AMLCO oversees the firm's AML/CTF program, acts as the primary regulatory liaison with AUSTRAC, and is responsible for filing SMRs and TTRs.

For sole practitioners you will typically be your own AMLCO. SimpleAML's Appointments tab includes a "Fill All Roles" shortcut for this purpose.

• 31 March 2026 — Enrolment opens
• 1 July 2026 — AML/CTF obligations commence
• 29 July 2026 — Enrolment deadline for entities providing designated services from 1 July 2026

The AUSTRAC Enrolment tab in SimpleAML shows your readiness score and tells you exactly what's still missing.

Your data is stored in two places simultaneously — your browser's local storage (available instantly without internet) and our secure cloud (Google Firebase/Firestore) which protects against data loss if you clear your browser.

We do not sell your data or share it with third parties.

If you clear your browser's local storage your data will appear gone — but because SimpleAML backs up to our cloud, it can be restored automatically when you reopen the app in the same browser on the same device.

If you switch to a different browser the new browser won't have your local data and the app will appear empty.

1. On your original device — go to Tools → Export Data
2. Save the downloaded JSON file somewhere accessible
3. On the new device — open SimpleAML, go to Tools → Import Data
4. Select the JSON file — your data will be fully restored

Under the AML/CTF Act, all records must be retained for a minimum of 7 years from the date the record was made or the transaction was completed. This includes customer identification records, transaction records, and AML/CTF program documentation.

We strongly recommend regular data exports stored in your practice's document management system.

Currently SimpleAML is designed for one person managing compliance on one device. If two people open the app on different devices they will each see different data — there is no automatic syncing between devices.

For an office team right now the most practical approach is to use one designated computer and browser as the primary SimpleAML device. Export your data regularly and share the backup file with team members who need a copy.

The upcoming user accounts feature will solve this properly — the AMLCO will have full access, admin staff can add clients and log training, and principals can view and approve — all from their own devices.

User accounts with login are on our roadmap and actively being developed. Once available you will be able to log in from any device and your data will sync automatically.

We made a deliberate decision to launch SimpleAML without a login requirement. With less than 100 days to the 1 July 2026 deadline when we launched, the most important thing was making it as easy as possible for accounting firms to get compliant — no sign-up friction, no passwords, just open and start.

User accounts, multi-device sync, and role-based access for teams are all planned for after the 1 July 2026 deadline.

Yes — SimpleAML is free during beta. No subscription, no credit card, no hidden fees. It was built by a compliance professional who saw sole practitioners and small firms struggling with systems designed for large organisations.

We may introduce optional paid features in the future but the core compliance tool will always have a free tier.

SimpleAML was created by Chris Wong, a finance transformation specialist with 20+ years experience across IAG, TAL, Wesfarmers and Stockland. Chris holds a Master of Insurance & Risk Management from Deakin University and is a CPA.

SimpleAML is developed and maintained by Click Seed Pty Ltd (ABN 87 656 256 567). The tool was built after a sole practitioner Chartered Accountant came to Chris stressed about Tranche 2 with less than 100 days to the deadline — and couldn't find anything simple enough.

Use our contact form or from inside the app click About & Support → Contact Support or the Help button in the top right.

SimpleAML is actively developed and user feedback directly shapes what gets built next.

No. SimpleAML is a compliance assistance tool only. You are responsible for ensuring your own compliance with AUSTRAC requirements. Seek independent legal or compliance advice if you are uncertain about your obligations.