Why This Is Happening Now
Australia has had AML/CTF legislation since 2006, but real estate agencies were carved out of the first tranche of regulated industries. That exemption ends on 1 July 2026. From that date, if your agency assists with the sale or purchase of property — meaning you receive instructions from a buyer, seller, or their agent — you are a Reporting Entity under the law.
This isn't optional, it isn't industry-led, and it isn't coming with a grace period. AUSTRAC — the Australian Transaction Reports and Analysis Centre — administers the Act, and penalties for non-compliance are severe.
Penalties for non-compliance: Individuals can face fines of up to $6.26 million. Corporations can face fines of up to $31.3 million. Criminal penalties also apply in serious cases.
The law has been a long time coming. Australia has faced international pressure from the Financial Action Task Force (FATF) over gaps in its AML/CTF framework — real estate being one of the most glaring. Other comparable jurisdictions, including the UK, Canada, and New Zealand, have had real estate AML obligations for years.
The Five AUSTRAC Requirements
Every Reporting Entity must satisfy five core obligations. These are not aspirational standards — they are legally enforceable duties that AUSTRAC can audit at any time.
Written AML/CTF Program
A tailored, documented program identifying how your agency will identify, assess, and mitigate its money laundering and terrorism financing risks. This cannot be a generic template — it must reflect your specific agency structure, transaction types, client base, and risk profile.
Customer Due Diligence (CDD)
Before you begin providing any designated service to a buyer or seller, you must verify their identity. This applies to every transaction, every client. Identity must be verified using approved methods — including digital verification services like GreenID.
Ongoing Monitoring
You must continuously monitor your client relationships and transactions for changes in risk. A client who seemed low risk at the start of a transaction may become high risk midway through. Your compliance system must detect and respond to these changes.
Regulatory Reporting
Two report types are mandatory. Threshold Transaction Reports (TTR) must be lodged with AUSTRAC within 10 business days when cash of $10,000 or more is involved. Suspicious Matter Reports (SMR) must be lodged when you suspect a transaction may involve money laundering, terrorism financing, or proceeds of crime.
Record Keeping (7 Years)
All records relating to AML/CTF compliance — identity documents, transaction records, AML forms, risk assessments — must be retained for a minimum of seven years and produced to AUSTRAC on request.
What Is Customer Due Diligence, Exactly?
Customer Due Diligence — known as CDD — is the process of verifying who your client is before you provide them any service. In practical terms, this means collecting and verifying identity documents before signing a listing agreement, before presenting an offer, and before any designated service commences.
There are two levels of CDD. Standard CDD applies to most clients and covers name, date of birth, residential address, and identity verification. Enhanced Due Diligence (EDD) applies to higher-risk clients — including Politically Exposed Persons (PEPs), clients using offshore funds, and clients involved in complex structures like trusts or foreign companies.
Critical: CDD must be completed before you begin providing the designated service. You cannot collect identity documents at settlement. If a client refuses to provide the required information, you cannot proceed with the transaction — and the refusal itself may need to be reported.
What Is GreenID?
GreenID is Australia's leading digital identity verification service. Rather than manually checking physical documents, GreenID checks the client's details against multiple government databases in real time — including the document verification service (DVS), ASIC, and the electoral roll. Your client receives a link by email or SMS, completes the verification on their own device in minutes, and you receive a confirmed result. Property360's SENTINEL platform integrates GreenID verification directly into the AML compliance workflow.
The Role of a Compliance Officer
Every Reporting Entity must designate a Compliance Officer (CO). This is the person within or engaged by your agency who is accountable for the agency's AML/CTF compliance obligations. The CO is not a ceremonial role — they have real legal accountability.
Specifically, the CO is responsible for reviewing and approving AML submissions before transactions proceed, identifying and escalating suspicious activity, managing AUSTRAC reporting obligations, maintaining the written AML/CTF program, and ensuring the agency's compliance posture keeps pace with regulatory changes.
Most real estate principals are not equipped to hold this role themselves — not because they lack intelligence, but because they are running a sales business. The CO role requires dedicated attention to compliance that is difficult to maintain alongside the operational demands of a real estate agency.
Your Three Options for the CO Role
You hold the CO role yourself. This is viable if you are a solo operator with low transaction volumes and are genuinely committed to maintaining compliance discipline. Property360's Solo Model is built for this scenario.
You engage an embedded external CO. A qualified compliance professional from Property360 holds the CO role for your agency. They review every submission, manage escalations, and maintain your compliance framework. This is the CO Model.
You engage a combined CO and Finance Officer. Our CFO Model embeds both a Compliance Officer and a Finance Officer through EZFinance (ACL 392611), simultaneously satisfying your AUSTRAC obligations and generating a new finance income stream for your agency.
What Are the AML Red Flags in Real Estate?
AUSTRAC has published specific risk indicators for the real estate sector. As a principal and compliance officer, you and your agents need to be alert to these situations. The SENTINEL platform's risk scoring system flags the most common patterns automatically — but your agents must understand what they're looking for.
- Cash deposits — Any cash payment of $10,000 or more triggers a mandatory Threshold Transaction Report. Smaller cash amounts may still warrant scrutiny if they seem inconsistent with the transaction.
- Third-party payments — When someone other than the buyer is paying the deposit, you need to identify that person, understand the relationship, and document the source of funds.
- Offshore funds — Money arriving from overseas accounts is a high-risk indicator. You need to verify source of funds documentation and escalate to your CO.
- Politically Exposed Persons — A PEP is a current or former senior government official, or a close associate or family member of one. If a PEP match is triggered, you must stop and contact your CO immediately before proceeding.
- Unusual urgency — A client who is pressuring your agent to sign documents immediately, bypass verification, or skip steps in the process is exhibiting a red flag behaviour. Document it and escalate.
- Company or trust purchases — When a buyer is a company, trust, or SMSF, you must identify the Beneficial Owner — the real person who ultimately controls or benefits from the entity. Without identifying the beneficial owner, you cannot proceed.
The Written AML/CTF Program — What It Actually Contains
Your written program is the cornerstone of your compliance framework. AUSTRAC can request it at any time and use its absence or inadequacy as grounds for enforcement. The program must cover your agency's risk assessment methodology, your CDD procedures, your monitoring obligations, your reporting procedures for TTRs and SMRs, your employee training approach, and your record-keeping system.
The program must be tailored to your specific business. A generic template downloaded from the internet does not satisfy this requirement. Property360 prepares a custom written program for every client as part of the onboarding process.
Choosing the Right Compliance Model for Your Agency
The right model depends on four factors: the size of your agent team, how much time you as principal can commit to compliance, your transaction volume, and whether you want to turn compliance into a revenue opportunity.
If you have a small team, low transaction volume, and are comfortable holding the CO role, the Solo Model at $350+GST/month provides everything you need. If you have four or more agents or simply cannot commit adequate time to CO responsibilities, the CO Model from $990+GST/month gives you an embedded named professional. If you want to recover the cost of compliance through finance income, the CFO Model at $495+GST/month is the only model of its kind in Australia.
Deadline: 1 July 2026. You must be enrolled with AUSTRAC, have your written program in place, and have your compliance systems operational from that date. Do not wait for the deadline to begin your assessment.
Get your agency compliant before 1 July 2026
Book a 30-minute strategy call with the Property360 team. We'll assess your agency's risk profile, recommend the right compliance model, and have you operational before the deadline.
Book a Strategy Call