Speak to Sales

FAQ: AML/CTF for accountants

Find answers to your grey area concerns to better understand your AML/CTF obligations and compliance requirements.

Posted 22/06/2026

Who needs to register

I only prepare tax returns and do bookkeeping. I don't set up companies or trusts. Do I need to register with AUSTRAC? 

The only thing that matters is whether you provide a designated service. 

AUSTRAC makes no distinction between a sole practitioner in suburban Melbourne and one of the Big Four. There is no exemption for small practices, niche practices, or firms that have not taken on new clients in years. If you provide even a single designated service, you must enrol and register before 30 June 2026. 

Use our Designated Services Checklist to work through your practice, activity by activity. It takes minutes and removes the guesswork. 

I haven't provided any designated services yet but may do so in the future. Do I need to register by 30 June 2026, or can I register later? 

If you are not currently providing any designated services, you are not required to enrol by 30 June 2026. 

However, once you do begin providing a designated service, you have 28 days from that point to enrol with AUSTRAC. You cannot simply wait indefinitely. The clock starts the moment you provide your first designated service. 

The practical advice remains the same: if there is any reasonable chance you will provide a designated service in the future, enrol now. The enrolment process itself is straightforward. The risk of forgetting to enrol within 28 days of starting and being found non-compliant is not worth taking. 

What happens if I register for a designated service class but never end up performing it? 

Nothing adverse happens. Registration is not a commitment to deliver a service. It is a compliance position that says you may provide this service. Your AML/CTF obligations only become active when you actually provide the service to a client. The risk runs entirely the other way: not registering for a service you end up providing is the problem, not registering for one you never use. 

The only consideration is that your AML/CTF program should reflect the services you are registered for. If you register for restructuring, your risk assessment and program should acknowledge that as a potential service, even if it remains theoretical.

ASIC & Registered Offices

I'm a registered ASIC agent but I don't offer my premises as a registered office. I just download annual returns and forward them to clients unchanged. Am I caught by AML/CTF? 

This is one of the genuinely grey areas in the legislation, and unfortunately AUSTRAC will not clarify it beyond what is written in the Act. They do not issue individual rulings on whether a specific activity constitutes a designated service. 

What is clear is their intent: if there is doubt, register. 

The question ultimately comes down to risk appetite. If ASIC holds you on record as the agent for a client body corporate, even in a limited, pass-through capacity, a reasonable case can be made that you are acting as a registered agent within the meaning of the Act. Whether that position would be tested is another matter. But if it were, the consequences of being found non-compliant are significantly greater than the cost of registering. 

Our recommendation: if you are the agent of record with ASIC for any client entity, register. The downside of registering unnecessarily is minimal. The downside of not registering when you should have is not.

Specific practitioner scenarios

I handed over my practice over ten years ago. I now exclusively act as Power of Attorney, Guardian, Carer, or Executor for a small number of former clients, including Court appointments. I don't charge fees, have surrendered all professional certificates, and accept no new clients. I'm the sole signatory on some client bank accounts. Do I need to register? 

Acting as Power of Attorney, Guardian, Carer, or Executor are legal roles, not accounting services. In most respects, you are acting in a personal legal capacity, not as a professional providing designated services. The absence of fees, the surrender of professional certificates, and the fact that you accept no new clients all support the view that you are not operating a reporting entity. 

However, one element requires attention: where you hold sole signatory authority over a client's bank account, a case could be made that you are managing client money or assets, which sits closer to a designated service. That specific aspect warrants legal advice before you conclude you are outside the regime. 

For the Court-appointed roles specifically, you should seek guidance from the appointing Court or your legal adviser. These obligations exist independently of your professional status and cannot simply be set aside. 

Our recommendation: obtain a formal legal opinion on the bank account signatory question before 30 June 2026. 

The directors of our sole purpose SMSF corporate trustee do not provide designated services to anyone outside our fund. Do they need to enrol with AUSTRAC? 

No. The AML/CTF framework is designed to regulate the provision of designated services to external clients, not the management of your own affairs or those of a self-contained fund structure. 

Directors of a sole purpose SMSF corporate trustee who manage the fund exclusively for its own members are not providing designated services in the commercial sense the Act contemplates. Pension payments and member benefits are not fees for professional services, they are distributions to members. 

Our recommendation: provided no services are being offered to parties outside the fund, these directors are not required to enrol or register with AUSTRAC.

I was appointed alternate director of a client's passive investment company 23 years ago. She now has advanced dementia. I'm managing the company's affairs and disposing of shares to fund her care. Am I required to register? 

Yes. Acting as a director of a client's company is a designated service under the Act, and you are required to register. 

The critical point many practitioners miss: it is the provision of the service that triggers the obligation, not whether you charge for it. Fees are irrelevant. The moment you are acting as a director of a body corporate on behalf of another person, the designated service is being provided. The company being passive, the personal history, and the absence of any invoice do not change that. 

Register before 30 June 2026. Doing so does not require you to step away from the role. It simply means meeting the compliance obligations that come with it. A 30-year friendship is worth protecting correctly. 

I am a director of a passive investment company and trust for family members. I provide accounting services in that capacity and do not charge for lodging tax returns. Am I required to register? 

Acting as director of a family company in a personal capacity, with no external clients and no fees, is generally not the kind of activity the Act is designed to capture. The AML/CTF framework is primarily targeting commercial service provision, not the management of your own family's financial affairs. 

That said, the same principle applies here as it does across all of these scenarios: it is the provision of the service that matters, not whether you charge for it. If you are acting as director of a body corporate on behalf of others, even family members, that activity sits within the definition of a designated service. 

Our recommendation: review the designated services list against your specific activities. If any doubt remains, seek legal advice before 30 June 2026. 

I do accounting only for my own and my family's businesses. I use my personal address as their registered address at no charge. I have no external clients. Do I need to register? 

Providing a registered office address is a designated service under the Act. However, the same principle applies: it is the provision of a service to another person that triggers the obligation. 

Using your personal address as a convenience for your own and your immediate family's businesses, with no charge and no external clients, is not commercial service provision. You are not holding yourself out as offering this service. You are managing your own affairs. 

You are not required to register in these circumstances. However, if that ever changes and you begin providing this service to anyone outside your immediate family, that position must be revisited immediately. 

Is processing superannuation payments a designated service? 

No. Processing superannuation contributions as part of standard bookkeeping or payroll services is not a designated service under the Act. 

The AML/CTF framework is concerned with accountants who manage, control, or direct client funds in a financial intermediary capacity. Calculating and instructing superannuation payments as part of routine payroll is not that. You are instructing a transaction on behalf of a client. You are not holding, transferring, or controlling their funds in the sense the Act contemplates.

Transaction monitoring & reporting

Do I need to report transactions I see in a client's bank account during BAS or year-end work? How could I possibly meet the 10-day reporting requirement? 

This is one of the most misunderstood areas of the new obligations. There are two distinct reporting requirements. 

Threshold Transaction Reports (TTR) 

A TTR is required when you, as a reporting entity, are directly involved in a cash transaction of $10,000 or more in the course of providing a designated service. Three things must all be true: 

  • It must be physical cash (not an electronic transfer or cheque). 
  • It must occur as part of you delivering a designated service. 
  • You must be a party to that transaction.  

You have 10 business days from the date of the transaction to lodge the report. 

Seeing a $10,000 cash withdrawal in a client's bank statement while preparing their BAS does not trigger a TTR. You were not a party to that transaction. It did not occur in the course of you providing a designated service. The 10-day clock never starts. 

Suspicious Matter Reports (SMR) 

An SMR has no dollar threshold. It is triggered when you form a reasonable suspicion that a transaction or a client may be connected to criminal activity, proceeds of crime, or terrorism financing. While reviewing client bank transactions for BAS or year-end purposes, an SMR is triggered if you observe a pattern that looks suspicious, such as unexplained cash deposits or transactions inconsistent with the client's business profile. 

An SMR must be lodged within 3 business days of forming the suspicion, or 24 hours if terrorism financing is suspected. Critically, you are prohibited from informing the client that you have lodged one. This is the tipping-off prohibition and carries serious penalties. 

AML/CTF training referencing transaction review during BAS and year-end work is building your awareness of SMR obligations and training you to identify red flags. It is not saying you must lodge a TTR for every large transaction you happen to see in a client's records.  

While reviewing my client's BAS documents I noticed a $10,000 cash withdrawal from 1 May 2026. The 10-day TTR window has already passed. Will this cause an issue? 

No, because no TTR was ever required in the first place. 

A TTR is only triggered when you are directly involved in a cash transaction in the course of providing a designated service. You were not a party to that withdrawal. It occurred in your client's bank account before you were ever involved. The 10-day clock never started for you. 

What you should ask instead is whether that withdrawal looks suspicious in the context of that client's business. If it does, an SMR obligation may arise. That clock starts from the moment you form the suspicion, not from when the transaction originally occurred. 

KYB, KYC & customer due diligence

I've watched several webinars but I'm still not clear on what I need to do for KYC/KYB/CDD for existing clients. We provide a registered office and Div 7A applies to most of our clients. 

For clients you were already acting for before 1 July 2026, known as pre-commencement customers, you are not required to complete initial CDD immediately. The exemption continues for each client until one of two triggers occurs:  

  • an SMR obligation arises in relation to that client, or  
  • there is a significant change in the nature of the relationship that results in their ML/TF risk being assessed as medium or high. 

However, the exemption from initial CDD does not mean you have no obligations. Ongoing monitoring applies from day one. This means watching for unusual transactions or behaviours, reviewing and updating KYC information at appropriate intervals, and identifying any risk changes. 

If you are providing a registered office for a client, that is a designated service and CDD is required for those clients. Div 7A work alone is not a designated service. Those clients only require CDD if they also receive a designated service from you. 

My clients are long-term relationships, some for over 30 years. Does knowing them personally reduce the CDD requirement? 

No, and this is one of the most important points in the entire AML/CTF framework. 

AUSTRAC does not care that you have known someone for 30 years, that your children attended the same school, or that you served on a not-for-profit board together. CDD is not an assessment of whether your client is a good or bad person. 

What it is assessing is that person's exposure to money laundering or terrorism financing risk. They may not be a bad actor themselves, but through their business interests, family relationships, political connections, or military associations, they can become exposed to, or influenced by, people who are. The risk is not always about intent. It is about vulnerability. 

Personal familiarity does not reduce ML/TF risk. The CDD process exists precisely because risk is not always visible to those closest to it. 

What is the workflow for appointing a new director to a pre-commencement company in EngageAML? 

This depends on whether you act as the incoming director's tax agent. 

If you do not act as their tax agent, the workflow in EngageAML is straightforward. 

  • Step 1: Select Appoint New Director as the designated service. 
  • Step 2: Add the incoming director manually in the KYB section. 

EngageAML will then automatically trigger a CDD and KYC check on the new director before the appointment proceeds. You do not need to add them as a separate entity elsewhere in the system. The workflow handles this within the engagement. 

Training and compliance obligations

Do staff need to individually register with AUSTRAC to complete training? And what is the best way to manage team training records? 

Your firm's AUSTRAC registration covers the firm as an entity. Staff do not need to individually register with AUSTRAC. However, your AML/CTF Compliance Officer has an obligation to maintain a training register with documented proof that each staff member has completed appropriate training. A firm-level registration alone produces none of that evidence. 

The preferred approach is to use a training programme that generates individual completion records in the format AUSTRAC requires. 

The Access AML/CTF Training Programme does exactly this. It is 6.5 hours of CPD-accredited content for $75 per user (excluding GST), with built-in tracking that records completion per staff member in the format your AMLCO needs for the training register.