If you're an accountant, lawyer, real estate agent, precious metals dealer, or trust and company service provider — you're now a reporting entity under AUSTRAC. 5,534 obligations across 768 rules. AuditDSS generates your complete AML/CTF compliance program and scores your existing policies against every obligation. No LLM wrapper. Every clause traced to the source obligation.
5,534
AML/CTF obligations
768
Rules across both instruments
70,000+
New reporting entities
1 Jul 2026
Full compliance expected
The AML/CTF Rules 2025 extend AUSTRAC's regime to these sectors for the first time. If you provide any of these designated services, you must comply.
If you answered yes to any of the above, you are regulated by AUSTRAC and must have a compliant AML/CTF program by 1 July 2026.
Most guides tell you "get an AML/CTF program." We show you exactly what that means — 5,534 individual obligations, each one testable.
Establish and maintain a compliant AML/CTF program, including a Part A (general) and Part B (customer identification) component.
Initial, ongoing, and enhanced CDD. Verify identity before providing designated services. Update when triggers occur.
Monitor transactions for suspicious activity. Implement automated or manual systems proportionate to risk.
Report suspicious matters to AUSTRAC within prescribed timeframes. Document the basis for suspicion.
Retain CDD records, transaction records, and AML/CTF program documentation for 7 years.
Conduct ML/TF risk assessments covering customers, services, delivery channels, and jurisdictions.
Train employees to identify suspicious activity, understand obligations, and follow AML/CTF procedures.
Register with AUSTRAC as a reporting entity before providing designated services.
AuditDSS covers both the new 2025 Rules (Tranche 2) and the existing 2007 Rules. Both fully decomposed into testable obligations with enforcement-calibrated risk scoring.
The new instrument — effective 31 March 2026. 12 Parts covering AML/CTF programs, CDD, transaction monitoring, reporting, and record keeping for all reporting entities including Tranche 2 sectors.
The existing instrument. Still in force for financial services, gambling, and remittance providers. Enforcement history from 23 actions calibrates risk scores for both instruments.
Why both instruments matter: AUSTRAC's 23 enforcement actions (totalling $2.69B in penalties) were all under the 2007 Rules. That enforcement history calibrates the risk scores for both instruments. New Tranche 2 entities get enforcement-informed risk scoring from day one — the closest proxy for where AUSTRAC will focus.
Other providers give you templates. AuditDSS generates regulation-mapped compliance programs and scores your documents against every obligation.
Answer a short questionnaire about your business. AuditDSS generates your complete AML/CTF program — L2 policy, L3 procedures, L4 forms — mapped to every AUSTRAC obligation that applies to you.
Upload your existing policies and internal documents. AuditDSS scores them against every obligation in the AUSTRAC Rules — gaps identified, risk-ranked, cited to the source.
Get a prioritised remediation roadmap. Every gap ranked by severity, likelihood, detectability, and enforcement history. Fix the high-risk gaps first.
Store CDD records, transaction logs, training completion, and SMR documentation in the evidence vault — mapped to the specific obligations they satisfy.
Generate your complete AML/CTF program — L2 policy, L3 procedures, L4 forms and checklists — mapped to every AUSTRAC obligation. Ready in minutes.
Upload your existing policies and score them against every obligation in the AUSTRAC Rules. See exactly where you are compliant and where you have gaps.
4-axis probabilistic scoring — severity, likelihood, detectability, and regulatory focus — calibrated on 23 AUSTRAC enforcement actions.
Every clause in your AML/CTF program traces back to a specific AUSTRAC obligation. No guesswork. No hallucinated compliance.
Track every gap from identification through to closure. Assign owners, set deadlines, and generate evidence of remediation.
Most "AI compliance" tools paste your business name into a generic template or feed a regulation to ChatGPT and call it a compliance program. That's not compliance — that's a liability.
AuditDSS is different:
New Tranche 2 entities have no direct enforcement precedent. But AUSTRAC's enforcement of the 2007 Rules tells you exactly where the regulator focuses.
$2.69B
Total penalties imposed
23
Enforcement actions
133
FATF assessments informing scores
AUSTRAC has not signalled a lenient approach to Tranche 2. The regulator's track record — including CBA's $1.3B penalty, Westpac's $1.3B penalty, and Crown's $450M penalty — demonstrates willingness to impose severe consequences. New reporting entities should expect the same enforcement rigour applied to financial institutions.
The AML/CTF Rules 2025 commence. Obligations are enforceable from this date.
Register with AUSTRAC. Build your AML/CTF program. Train your staff. Implement CDD procedures.
AUSTRAC expects full compliance. Transition period for good-faith efforts, but obligations are enforceable.
Generate your AML/CTF program in minutes. Score your existing policies against every obligation. Know exactly where you stand before the deadline.