Practice-area scope test
The Act captures specific services rather than entire professions. A law firm becomes a reporting entity to the extent it provides those services. Most general practices will be in scope because most general practices do at least one designated-services activity. Specialist practices may legitimately be out.
Practice areas that ARE designated services (in scope)
- Conveyancing and property transactions (assisting in the buying or selling of real estate, transferring leasehold interests).
- Corporate / commercial law that includes incorporating companies, setting up trusts, or arranging partnerships for clients.
- Acting as, or arranging for someone to act as, a director, partner, secretary, trustee, or nominee shareholder on behalf of a client.
- Providing a registered office or business address for a client entity that does not actually operate from there.
- Managing client funds, securities or other assets held in connection with a designated service (real estate, business sale, structuring).
- Mergers, acquisitions, business sales and purchases done on a client's behalf.
- Establishing legal arrangements (companies, trusts, partnerships) where the firm assists with the contribution of funds or assets.
Practice areas that are NOT designated services (out of scope)
- Litigation, including commercial litigation that does not also involve handling client funds in connection with a designated service.
- Criminal defence and prosecution work.
- Family law in most forms (divorce, custody, parenting orders). Property settlements within family law can pull the matter back into scope if the firm assists with the property transfer.
- Employment and industrial relations disputes.
- Personal injury, motor accident, workers compensation claims.
- Pure advisory work without execution (a written legal opinion that does not also involve the firm acting in the underlying transaction).
- Immigration, intellectual property prosecution, planning and environment disputes.
The honest summary: if your firm only does the bottom list, you may not need to enrol with AUSTRAC at all. If your firm does any of the top list, you are in scope. A mixed practice (most general suburban firms) is in scope because of the designated-service slice, even if that slice is a small part of the practice. Once you are a reporting entity for one designated service, the obligations apply to that service’s customer files — not to your whole firm’s caseload.
The 11 obligations, scaled to small firms
The obligation set is the same one every Tranche 2 reporting entity carries. The implementation can be sized to a small firm where one partner is also the Compliance Officer.
Enrol with AUSTRAC within 28 days
Once you provide a designated service, you have 28 days to enrol. Practical answer for most firms: lodge the enrolment by mid-June 2026.
Conduct an ML/TF risk assessment
One assessment for the practice covering customer types, geographies, services, delivery channels. For a small firm whose designated-service exposure is mostly local conveyancing, the assessment is short.
Write Part A and Part B of an AML/CTF Program
Part A covers risk identification and mitigation. Part B covers customer identification. Both signed off by the firm's governing body — for a sole practitioner, that is the principal.
Name a Compliance Officer
The named person responsible for the Program. In a small firm this is typically a partner or the sole principal. The role does not require external certification but the named person needs to actually understand the Program and be reachable by AUSTRAC.
Customer due diligence before providing the service
Verify every party in a designated-service matter before the matter proceeds. For individuals: name, DOB, address, photo ID. For corporate clients: incorporation details, beneficial ownership to a 25 percent threshold.
Sanctions and PEP screening
At intake, plus risk-cadence re-screening (high 6-monthly, medium yearly, low every 3 years). The screening source needs to update regularly — a frozen list is not screening.
Suspicious Matter Reports within 3 business days
Form a suspicion of money laundering, terrorism financing or proceeds of crime → lodge an SMR. 24 hours if the suspicion is terrorism financing. Common triggers in legal practice: client structuring requests with no commercial purpose, third-party funds in unusual patterns, refusal to provide source-of-funds evidence.
Threshold Transaction Reports for cash >= A$10,000
Physical currency received in your capacity as a reporting entity, within 10 business days. Rare in modern legal practice but the obligation still exists.
IFTI Reports for cross-border transfers
International funds transfer instructions you give or receive as part of a designated service, within 10 business days. The canonical legal scenario: client wiring deposit funds from offshore directly to your trust account for a property purchase.
7-year records retention
Customer identity records, transaction records, AML/CTF Program versions, training records. Aligns broadly with existing law-society record-keeping rules but the AML/CTF retention is on top of, not instead of, the existing rules.
Annual independent review
The Program is reviewed at least once every 3 years (annual is safer). Reviewer must be independent of day-to-day Program operation. For a sole-practitioner firm that means an external auditor, an AML consultant, or a peer-firm partner.
Trust accounts: parallel obligations
Every Australian law firm already operates under detailed state-level trust account rules (Legal Profession Uniform Law in NSW/VIC, equivalent in each other state). The trust account audits, monthly trust statements, and trust receipts are not going away. Tranche 2 adds a parallel set of obligations on top of the existing rules; it does not replace any of them.
Practical implications for a small firm:
- Trust account auditors check trust account rules. AUSTRAC checks AML/CTF Act compliance. Two different reviewers, two different reports.
- A deposit arriving in your trust account in connection with a designated service generates BOTH a trust receipt (existing) AND a potential CDD / sanctions / IFTI obligation (new).
- Source-of-funds questions become standard. Existing trust rules require you to know where money came from broadly; AML/CTF requires you to document it for designated-service matters specifically.
- Suspicious deposits (round numbers, third-party payers, structured to avoid threshold) trigger BOTH the trust account's irregularity protocols AND a potential SMR consideration.
The good news: firms with disciplined trust accounting are partway to AML/CTF compliance already. The discipline of knowing whose money it is, where it came from, and what it is for, translates directly. The bad news: trust account discipline alone is not AML/CTF compliance, and AUSTRAC will ask for the documented Program, the CDD records, and the reporting workflows that sit alongside.
The property-work intersection
For most general-practice firms, property work is the single largest source of AML/CTF exposure. Conveyancing is a designated service whether it is performed by a licensed conveyancer or by a solicitor. In Queensland this matters especially — QLD conveyancing is solicitor-only, so every QLD general-practice firm doing any conveyancing is fully captured.
For firms in other states where conveyancing is done by licensed conveyancers, your AML/CTF exposure on property work depends on what your firm actually does:
- Firms that act for buyers or sellers in property transactions are providing the designated service. Full obligations apply to those matters.
- Firms that advise on property law (off-the-plan disputes, easement questions, strata advice) without acting in a specific transaction are generally providing pure advisory and may be out of scope on those matters.
- Firms that act for developers structuring an off-the-plan project are providing multiple designated services (real estate + structuring + sometimes nominee). Treat as high risk by default.
- Firms holding deposit funds in trust on a property transaction are providing both the designated service AND a parallel trust-account obligation, as covered above.
A common pattern for small firms: most of your matters are litigation, family, criminal or employment (out of scope) and a small slice are property or company-structuring (in scope). The firm still needs a Program, an enrolment, a Compliance Officer, training, and the reporting workflows. But the per-matter overhead only attaches to the designated-service slice. CDD on a divorce client is not required; CDD on a property-purchase client is.
Records and retention
Seven years is the headline. The trap is the same one conveyancers and accountants face: the start date varies by record type. Customer identity records run from end of client relationship; transaction records run from the transaction date; AML/CTF Program versions run from the date that version was superseded. Most law firms already retain client files for 7 years for professional indemnity and law society reasons, so the operational discipline is in place. The AML/CTF retention is on top of, not instead of, the existing rules.
Practical mitigation: do not hard-delete client records on file close. Soft-archive instead, so the retention obligation continues to be met if the client returns years later or AUSTRAC asks in 2033.
What to do this quarter
Concrete sequence for a small firm that has not started yet.
- Run the scope test honestly (30 minutes).
List every practice area the firm offers. For each, decide whether it is a designated service per the lists above. The output is one number: how many of your matters per year are in-scope. If it is zero, document the decision and you are done. If it is non-zero, you are a reporting entity.
- Score readiness honestly (15 minutes).
Twelve-question self-assessment, free, no signup. The result is a numbered score, a band, and a per-obligation diagnostic.
Try the readiness check - Cost it out (15 minutes).
Get a realistic dollar figure on the page so you can budget. Whether you choose software, a consultant, or internal time, the budget matters for partnership sign-off.
Open the cost calculator - Decide build / buy / hire by 31 March 2026.
Three options. Build it in spreadsheets and Word documents (cheap, painful, fragile under audit). Buy software (recurring cost, less custom). Hire a consultant (high cost, dependent on their availability). The Tranche 2 deadline does not move; pick the path with time to settle.
- Enrol with AUSTRAC by mid-June 2026.
Even if your Program is not fully finalised, lodge the enrolment. Penalty for late enrolment is greater than penalty for an early enrolment with a thin program.
Common questions
I run a pure family law practice. Am I really out of scope?
Almost certainly yes, with one exception. If your family law practice handles property settlements as part of a divorce — and your firm actually executes the property transfer, not just advises on the entitlement — that property transfer is a designated service. If property settlements always get referred to a conveyancer or property lawyer for execution, your family practice itself stays out of scope. Document the decision either way.
What about acting for trustees? Is that a designated service?
It depends on what 'acting' means. Advising a trustee on their duties is pure advisory and out of scope. Acting AS the trustee, providing the registered office of the trust, or setting up the trust on behalf of the settlor are all designated services. The line is whether the firm is providing legal advice or providing a trust service.
My firm uses settlement agents in WA. Do I still have AML obligations on those matters?
If your firm is the matter principal (the client engages you, you instruct the settlement agent), the designated service is provided by your firm. The settlement agent's involvement does not transfer the obligation. If the client engages the settlement agent directly and your firm only provides advice, the obligation may sit with the settlement agent. Most matters in practice are the first pattern.
What records does my law society want vs AUSTRAC?
The two regulators want overlapping but different records. Law society audits focus on trust account integrity, client file management, professional conduct. AUSTRAC focuses on customer identity verification, sanctions screening, suspicious matter reporting, and the AML/CTF Program itself. Where the records overlap (client identity for both purposes), keep one set that serves both. Where they diverge (sanctions screening for AUSTRAC, conflict checks for law society), keep both.
Can my law firm partners share the Compliance Officer role between them?
Practically yes, formally name one. The Act requires a named individual responsible for the AML/CTF Program. In a multi-partner firm one partner is designated the Compliance Officer and is the named contact for AUSTRAC. Other partners may operationally share the workload — running CDD, reviewing files — but the formal accountability sits with the named person. Pick a partner who is going to stay engaged with the topic rather than rotating it yearly.
What about a sole-practitioner firm that does only litigation? Anything to do?
If your scope test returns zero designated-service matters, you are not a reporting entity and do not need to enrol with AUSTRAC. Document the decision in writing (a one-page memo to file is enough) so that if a client later asks why you do not have an AML/CTF Program, the answer is on record. If your practice changes in future to include any designated-service work, you have 28 days to enrol from when the first matter starts.
How does Caltury fit a small law firm?
Self-serve 14-day trial, no credit card. The scope test in the dashboard helps a firm confirm whether it is in or out before subscribing. CDD workflow, sanctions screening, AUSTRAC enrolment wizard and Program builder are usable on day one. The Compliance Officer role can be assigned to a partner with read-only access for other partners. CSV import for moving an existing client book across. No call required, no demo, no consultant.
Caltury is AML/CTF software for independent Australian practices entering Tranche 2. Founded by Ben Horne (ex-ADF, sole trader, ABN 49 452 393 782, Australian-based). Sydney hosted on Supabase and Vercel. Async written support, no calls or demos. The readiness assessment is the right next step if this guide was useful and you want it applied to your specific practice.
This guide is general information about Australian AML/CTF obligations for legal practices. It is not legal advice. AUSTRAC has not reviewed this content. For situations specific to your firm consult an Australian-qualified lawyer or AML/CTF adviser, including on the scope-test decision itself.