The Dangerous Assumption
There is a dangerous assumption spreading through the Australian mortgage broking industry: "We're already an AUSTRAC reporting entity. We've had AML/CTF obligations for years. We know what we're doing. The Tranche 2 reforms are someone else's problem."
Every part of that reasoning is understandable. And the conclusion it leads to is wrong. The 2026 AML/CTF reforms are not just about bringing new sectors into the regime for the first time. They also fundamentally reset the standards that existing reporting entities must meet. For mortgage brokers, who sit at the centre of Australia's residential and commercial property financing market, that reset is extensive, consequential, and largely underestimated.
What Has Actually Changed — and Why It Matters for Brokers
The End of Part A and Part B
The most structurally significant change for any existing reporting entity is the abolition of the Part A / Part B AML/CTF program structure. The new framework requires a single, integrated, risk-based AML/CTF program that reflects your actual business, your actual customer base, and your actual risk exposure. This is not a formatting change. The new outcomes-focused model asks: does your program actually work? Can you demonstrate that it identifies real risk and produces real compliance outcomes?
A New Risk Assessment Standard
Your ML/TF risk assessment must genuinely reflect the risks your business faces — not a generic template. For mortgage brokers, higher-risk indicators include: foreign nationals and non-resident borrowers; self-employed and cash-intensive business borrowers; complex ownership structures — companies, trusts, or SMSFs; offshore income and assets; high-value transactions; and third-party payments towards deposits, which are a well-documented ML/TF red flag in property financing.
Strengthened Governance Requirements
From 31 March 2026, your governing body must actively exercise AML/CTF oversight — not merely approve a document once a year. A senior manager must approve your program and key compliance decisions. A fit and proper AML/CTF compliance officer must be formally appointed and notified to AUSTRAC by 30 May 2026.
Modernised Customer Due Diligence — The Split-Book Challenge
Existing reporting entities have a three-year transition period (31 March 2026 to 30 March 2029) to move their existing customer base from the old ACIP framework to the new initial CDD framework. But this applies only to existing customers. New customers from 31 March 2026 onwards are subject to the new framework immediately.
This creates a split-book compliance challenge: new clients require new-framework CDD from day one; existing clients can be transitioned over three years but the transition must be documented and managed.
Ongoing CDD — monitoring client relationships for unusual transactions — must be applied to all customers from 31 March 2026. There is no transition period for ongoing CDD.
Enhanced Customer Due Diligence — The High-Risk Borrower Challenge
The clients who present the highest ML/TF risk are often among the most commercially valuable: foreign buyers, high-net-worth offshore investors, business owners with complex income structures, SMSF trustees with offshore connections. These client segments require ECDD — collecting additional source of wealth and funds information, obtaining senior management sign-off before proceeding, and applying more intensive ongoing monitoring throughout the loan's life.
Reporting Groups — The Aggregator Question
Under the new rules, entities within a business group now automatically form a reporting group unless a reporting entity explicitly declines membership in writing. If your aggregator constitutes a reporting group lead, what AML/CTF policies apply at the group level, and how do they interact with your own program? Most brokers have not yet worked through the answers. These questions have legal consequences.
The Enforcement Environment Has Changed
AUSTRAC has been explicit: it is moving from a compliance-based approach to an outcomes-focused model. The question it will ask in a review is not "do you have a Part A?" but "can you show us that your AML/CTF program identified real risk and produced demonstrable compliance outcomes?"
AUSTRAC has also signalled that existing reporting entities who assume the reforms do not substantially affect them are a regulatory priority, not a safe harbour. In the mortgage broking context, the consequences of a serious compliance failure extend beyond AUSTRAC to ASIC — and from ASIC to the credit licence itself.
How Proximo Comply Solves This
AML/CTF Program Rebuild
The Part A / Part B era is over. Proximo Comply builds your program in the new outcomes-focused, risk-based format — integrating your risk assessment, policies, governance structure, and review schedule into a single, current-format compliance framework.
Risk Assessment Engine — Broker-Calibrated
Your ML/TF risk assessment must reflect your actual book. Proximo Comply walks you through a systematic assessment of your client profile — foreign buyer volumes, self-employed borrower mix, complex ownership structures, SMSF lending, high-value transaction concentration — and produces a documented assessment that drives your program controls proportionately.
Split-Book CDD Management
Proximo Comply tracks your customer base across both frameworks — existing customers under ACIP, new customers under the reformed CDD model — and manages the transition schedule, documentation, and policy requirements for each customer class.
ECDD Triggers and Reporting Group Mapping
High-risk client segments automatically trigger ECDD workflows. Proximo Comply supports the collection of additional source of wealth and source of funds information and senior management approval routing. If you operate under an aggregator, Proximo Comply helps you map the reporting group structure and identify any gaps your brokerage needs to cover independently.
The Competitive Angle: Compliance as Differentiation
Lenders and aggregators are tightening their own AML/CTF requirements and increasingly scrutinising the compliance quality of the broker networks they work with. A broker whose KYC processes are digital, efficient, and demonstrably compliant is a better panel member. A broker whose onboarding is manual, inconsistent, and undocumented is a growing risk to the lender's own compliance framework.
The brokers who build the right infrastructure now will be better positioned on lender panels, more competitive in complex client segments, and more defensible in any regulatory review.
Key Dates
| Date | What Happens |
|---|---|
| 31 March 2026 | New AML/CTF Rules in effect. New risk-based program requirements, governance obligations, and ongoing CDD commence. |
| 30 May 2026 | Deadline for existing reporting entities to notify AUSTRAC of AML/CTF compliance officer. |
| 1 July 2026 | Full reformed CDD framework applies to new customers. Reporting group opt-out deadline passes. |
| 30 March 2029 | End of three-year transition period for existing customer ACIP to new initial CDD framework. |