All posts
aml-programcomplianceaustrac

What is an AML/CTF program and does your agency need one?

If you've heard the term 'AML/CTF program' and wondered what it actually means, this guide explains exactly what it is, what it must contain, and whether your real estate agency is required to have one.

By AML Simple Team

What is an AML/CTF program and does your agency need one?

If someone has told you that your real estate agency needs an "AML/CTF program" but you're not sure what that actually means, you're not alone. The term gets thrown around a lot, but the underlying concept is straightforward: it's a set of documented policies and procedures your agency has in place to detect and prevent money laundering, terrorism financing, and proliferation financing.

This post explains what an AML/CTF program is, what it must cover under the law, who is required to have one, and where to start.

Why programs exist

Real estate is a well-documented vehicle for money laundering. Large transactions, long settlement periods, and the ability to move significant sums through property purchases make the sector attractive to those seeking to legitimise illicit funds.

In November 2024, the Australian Parliament passed the Anti-Money Laundering and Counter-Terrorism Financing Amendment Act 2024, bringing real estate agents under Australia's AML/CTF framework for the first time. The obligations commence on 1 July 2026.

The centrepiece of those obligations is the requirement to have — and operate — an AML/CTF program.

Does your agency need a program?

The obligation applies to businesses that provide a designated service. For real estate, the designated service is:

Brokering the purchase, sale, or transfer of real estate for other people as part of a business.

This covers:

  • Buyer's agents and seller's agents
  • Property developers selling without an independent agent
  • Auctioneers of real estate
  • Conveyancers

What is not covered: Property management, leasing, and rental management are not designated services. Agencies that only manage rentals — and do not broker any property sales — are not required to have an AML/CTF program.

If your agency does both (manages rentals and brokers sales), the AML/CTF obligations apply to the sales side of the business.

What is an AML/CTF program?

At its core, an AML/CTF program is a documented set of policies, procedures, systems, and controls that describes how your agency will:

  1. Identify the money laundering and terrorism financing (ML/TF) risks specific to your business
  2. Mitigate and manage those risks on an ongoing basis
  3. Meet the reporting, record-keeping, and due diligence requirements set out in the AML/CTF Act 2006

The program does not have to follow a particular layout or template. Under the 2026 reforms, the old "Part A / Part B" structure that applied to banks and other existing regulated entities has been removed. Programs can now be organised however works best for your agency, as long as they cover all the required content areas.

What must the program cover?

The AML/CTF Act 2006 requires that programs establish appropriate policies, procedures, systems, and controls across three broad areas.

1. Risk assessment and governance

The program must document how your agency identifies and manages AML/CTF risk. This includes:

  • ML/TF/PF risk assessment — a written assessment of your agency's specific risks across four categories: customers, services, delivery channels, and geographic locations. This is the foundation of everything else; without it, there is no documented basis for your compliance decisions.
  • Governance — how your governing body and senior management oversee AML/CTF compliance
  • Compliance officer — appointment of a fit-and-proper person at senior management level who is responsible for implementing the program. AUSTRAC must be notified of this appointment by 29 July 2026.
  • Employee due diligence — background checks on staff in AML-relevant roles
  • Training — AML/CTF risk awareness training for all staff, delivered before they perform AML-relevant duties and updated ongoing
  • Change management — how the program is updated when your business changes, when regulations change, or when new risks emerge
  • Independent review — periodic independent review of the program (frequency depends on the size and complexity of your business; the first review is not required until 2030–2032 for most agencies)

2. Customer due diligence

The program must describe how your agency will identify and verify the people you are dealing with. This covers:

  • Customer identification and verification — what information to collect, what documents to accept, and what methods are acceptable for verifying identity
  • Risk-based approach — how you risk-rate customers (low, standard, or high)
  • Beneficial ownership — procedures for identifying who ultimately owns or controls a company or trust client (25% ownership or effective control is the threshold)
  • Ongoing CDD — when and how customer information is reviewed and updated throughout the relationship
  • Enhanced CDD — additional steps required for high-risk customers (such as foreign politically exposed persons)
  • Simplified CDD — when a reduced approach is acceptable for low-risk scenarios

3. Monitoring and reporting

The program must cover how your agency detects unusual activity and meets its reporting obligations:

  • Transaction monitoring — systems or processes to identify transactions that warrant closer scrutiny
  • SMR and TTR procedures — how to identify, escalate, and file Suspicious Matter Reports and Threshold Transaction Reports
  • Record keeping — what records to keep, how they are stored, and for how long (the Act requires a minimum of seven years)

The AUSTRAC Program Starter Kit

AUSTRAC has published a free Program Starter Kit specifically for real estate agencies. It includes a set of customisable Word documents — a program template, a risk assessment document, and a process document — with common real estate risk factors and compliance steps already filled in.

Once your agency has customised these documents to reflect your specific circumstances and had them approved by senior management, they constitute your AML/CTF program.

The Starter Kit is designed for agencies with 15 or fewer personnel providing only one designated service (brokering real estate). Agencies with more than 15 staff, multiple designated services, or complex business structures will need a more comprehensive program that goes beyond what the Starter Kit covers.

You can access the Starter Kit at: austrac.gov.au — Real estate Program Starter Kit

Key dates to have in your diary

| Date | What happens | |---|---| | 31 March 2026 | Enrolment with AUSTRAC opens | | 1 July 2026 | AML/CTF obligations commence | | 29 July 2026 | Deadline to notify AUSTRAC of your compliance officer | | 31 March 2027 | First Annual Compliance Report due |

Where to start

The most common mistake agencies make is treating the program as a box-ticking exercise rather than a working document. A program that sits in a drawer and is never updated provides little protection — legally or practically.

The most useful first step is the risk assessment. Once you understand what risks are specific to your agency, the rest of the program follows logically from that.

AML Simple's program generator walks you through this process step by step, producing output that is consistent with the AUSTRAC Program Starter Kit structure. No legal background required.

Start your AML program free — no account needed →

AML Simple is a compliance workflow tool, not a provider of legal or regulatory advice. This post is educational and describes general AML/CTF requirements under Australian law. Every agency's circumstances are different — consult a compliance professional if you need advice specific to your situation. See our Expert Advice service for professional guidance.

Back to all posts

We use cookies from LinkedIn and Facebook to measure our ad performance. Your account data is never shared with advertisers.