Austrac has published its updated expectations for businesses currently regulated under the Anti-Money Laundering and Counter-Terrorism Financing Act 2006 (AML/CTF Act) to implement the changes to the Act which commence on 31 March 2026.

In particular, it has detailed its expectations in respect of implementation plans.

The updated statement builds on, and should be read together with, Austrac’s regulatory expectations for implementation of the AML/CTF reforms of 3 July 2025. Background.

Implementation plans
Austrac says that if, on 31 March 2026, you are unable to meet your new or changed obligations within the required timeframes, it expects you to have a documented implementation plan. This would have to say how you will manage your ML/TF risks while you transition to meet your changed obligations.

This plan should identify:

• how you will continue to manage your ML/TF risks, including the maintenance of any controls associated with your existing AML/CTF obligations, during the transition period;
• the gaps you have between your current state and your future state of being able to satisfy your changed obligations;
• your plan for addressing those gaps, including a timeline and accountable roles or people;
• the reasons you have these gaps and any ongoing key risks to delivering the required uplift in your plan within reasonable timeframes;
• your plans for mitigating any existing or temporary risks of money laundering and terrorism financing that are associated with the gaps and/or the change process;
• how you will monitor the effectiveness of your ML/TF risk management as you change your underlying policies, procedures and systems.

Austrac says your implementation plan needs to be reasonable. Your timeline for addressing gaps should align with the scale and complexity of the work required to implement systems and processes to meet the obligation.

Austrac expects regulated businesses to prioritise changes necessary to manage ML/TF risks. Austrac does not expect tactical responses that technically meet an obligation but reduce the effectiveness of AML/CTF controls. However, Austrac does expect that regulated businesses will implement timely changes to meet their obligations, rather than delaying change until the optimal approach is developed.

Austrac does not require a particular format for implementation plans, but your plan should provide sufficient detail to enable the board, senior management and staff to understand how changes will be implemented. Austrac expects that you will focus greater attention on implementing the changes than preparing a perfect plan.

Austrac expects that your implementation plan and any changes to it will be endorsed by your senior management and provided to your board.

Austrac recommends that businesses commencing operation prior to 31 March 2026 establish AML/CTF systems and processes to meet the new requirements from the outset.

If you found this article helpful, then subscribe to our news emails to keep up to date and look at our video courses for in-depth training. Use the search box at the top right of this page or the categories list on the right hand side of this page to check for other articles on the same or related matters.

Author: David Jacobson
Principal, Bright Corporate Law
Email:
About David Jacobson
The information contained in this article is not legal advice. It is not to be relied upon as a full statement of the law. You should seek professional advice for your specific needs and circumstances before acting or relying on any of the content.