Congratulations to our new Partners and Principal. Read more now.
By: Neil Jeans, Katherine Shamai, Martin Stone, Richard Storey, Annelies Homersham
29 Jan 20266 min read
The real challenge lies in building a culture that embeds AML obligations into the DNA of an organisation.
The 2026 reforms introduce sweeping changes. From 1 July 2026, AML/CTF obligations will extend to new sectors including lawyers, accountants, real estate professionals, property developers, and dealers in precious stones, while existing reporting entities must comply with updated rules by 31 March 2026. These changes are not just procedural; they demand a shift in mindset from reactive compliance to proactive risk management.
A compliance culture goes beyond policies and embeds ethical behaviour, accountability, and risk awareness into every layer of an organisation. This means cultivating a culture where AML/CTF responsibilities are understood, owned, and acted upon at every level of the business.
These essential steps are not just operational, they are cultural and require organisations to embed AML thinking into their values, behaviours, and decision-making frameworks:
For newly regulated entities, the reforms represent both a challenge and an opportunity. Many are engaging with AML/CTF for the first time, and the learning curve is steep. Technical readiness alone is not enough. Firms must foster a culture where compliance is seen as a shared responsibility and not just the domain of risk teams. This includes aligning AML efforts with broader organisational values, incentivising ethical behaviour, and creating feedback loops that encourage continuous improvement.
Leadership plays a pivotal role in shaping compliance culture and organisations that treat AML/CTF as a strategic priority, and not just a regulatory burden, will be better positioned to navigate the reforms and build trust with regulators, clients, and the public.
In a post-AML reform landscape, compliance culture will be a differentiator for a business’s long-term success. As AUSTRAC shifts toward risk-based supervision, organisations that embrace compliance culture will be better positioned to navigate scrutiny and lead with integrity. Organisations that embrace AML/CTF obligations as part of their ethical and operational identity will not only meet regulatory expectations, but they will also strengthen their resilience, reputation, and long-term value.
AML/CTF reforms readiness is demonstrated through effective governance and evidence of progress. The board should have clear oversight on uplift activities underway, ask the right questions, and challenge management on progress while maintaining visibility of compliance risks. To have confidence that your organisation is genuinely reform‑ready, the board should expect to see evidence of the following:
Targeted gap assessments against the new AML/CTF regime can help organisations understand their compliance gaps, determine what must change and identify the scale of change required. Clear visibility of what needs to change is a strong marker of readiness.
A structured uplift plan with timelines, accountabilities and milestones shows that the business is moving from intention to execution. A realistic timeline, aligned to regulatory guidance as it is released, is critical. Readiness also depends on ensuring current AML/CTF controls continue to operate effectively while change is underway.
Your ML/TF risk assessment should be up to date, and aligned to your services, delivery channels and geographic exposure, showing that you understand your current risks and have controls designed to mitigate those risks.
Independent reviews confirm if your AML/CTF Program, CDD, monitoring and governance controls are designed and operating effectively, and are not just documented in your Policy. This can provide the board with confidence that AML/CTF controls are operating effectively while change is underway.
Reach out to our team of experts to learn more about the AML/CTF reforms and how we can help build a compliance culture across your organisation.
Understanding changes to AML/CTF obligations and the Privacy Act: what reporting entities need to know.
From 1 July, the updated AML/CTF regime takes effect for Tranche 2 organisations including the real estate industry. There is already commentary, interpretation and subsequently confusion in the aged care market.
The AML/CTF Amendment Bill 2026 gives AUSTRAC new powers to restrict or prohibit the use of high‑risk mechanisms such as crypto ATMs by reporting entities.
