Every AML webinar ends the same way. The formal presentation finishes, the slides stop, and then the real questions start. That’s when you find out what’s actually worrying people.
We’ve run two sessions with hundreds of practitioners in the past month. The chat windows fill up, and the same themes keep coming back. So here’s what firms are actually asking, and what we’re telling them.
For context: when we polled attendees, 58% said they hadn’t started preparing yet. Another 35% had started researching but weren’t sure what to do. Only about 7% felt mostly sorted. If you’re feeling behind, you’re in good company.
1. Do I need to verify all my existing clients before July 2026?
No. This is the biggest relief message we can give you.
In AUSTRAC language, clients you have before 1 July 2026 are “pre-commencement customers”. You don’t need to perform customer due diligence on them unless one of two things happens:
- You need to file a suspicious matter report about them, OR
- There’s a significant change in the relationship that moves them to medium or high risk
So if you have 200 clients on 30 June 2026, you’re not rushing through 200 identity verifications before the deadline. You need systems ready for when triggers occur. But you’re not starting from scratch with everyone on day one.
The catch: any new designated service you provide to an existing client after 1 July 2026 will require customer due diligence before you proceed. Existing client, new service, new obligation.
2. We use our office as the registered address for clients. Does this trigger AML?Yes. Registered office services are specifically listed as a designated service.
This one came up constantly. Lots of firms don’t think of it as a “service” – it’s just something they’ve always done. You set it up years ago and nothing happens unless ASIC sends a letter or the client needs to change something. But under the reforms, it counts.
The good news: existing arrangements fall under the pre-commencement rules. If you’re already providing this before 1 July 2026, you don’t need to immediately verify those clients. The obligation only kicks in when something actually happens – a change of address, an ASIC notice that requires action, until something is triggered requiring an AML action. Until then, it’s pre-commencement and you’re not required to do anything.
Should you change all your clients’ registered addresses to their own? That’s a business decision. Some firms are stopping the service entirely. Others are keeping it and building it into their AML program. Neither is wrong, but you need to decide. This is also where a lot of firms suddenly realise they’ve been doing things on autopilot for years.
3. I’m a director or shareholder for clients – estate planning trusts and that sort of thing. Am I caught?
Yes. Acting as a nominee director or shareholder is a designated service.
This catches more accountants than people expect. If you hold shares or directorships in client structures – whether for estate planning, asset protection, or just administrative convenience – you’re providing a designated service.
The question of who you’d actually be risk-assessing is a fair one. You’d be assessing the beneficial owners of the structure, which is typically your client and their family. It gets a bit circular when the whole point of the arrangement is that you’re the legal owner to simplify things.
We don’t have perfect clarity on how this plays out in practice yet. Existing arrangements are pre-commencement, so you have time. But you’ll need to document these relationships properly and have them in your AML program.
4. What about existing clients with foreign shareholders who we make payments for?
Two separate triggers here.
Making payments for clients: If you’re managing client funds or accounts, that’s designated service #3. This includes making payments on their behalf from accounts you control.
Foreign shareholders: Having foreign shareholders doesn’t automatically make a client high-risk, but it’s a factor in your risk assessment. A majority foreign shareholder, particularly from certain jurisdictions, may elevate the rating.
For existing clients, the pre-commencement rules apply. But if you’re making payments for clients with complex ownership structures, think about whether your ongoing monitoring would actually pick up anything unusual. That’s where most firms are landing at the moment, based on what we’ve seen.
5. If a client is high-risk, won’t they know they’re being assessed?
Yes. And that’s fine.
This worry comes up a lot. Accountants don’t want to offend clients or make them feel suspected of something.
But AML compliance is becoming standard across all professional services. Lawyers, real estate agents, financial advisers – everyone’s going through this. Your legitimate clients will understand you’re meeting regulatory requirements, not accusing them of anything.
Enhanced due diligence might mean asking about source of funds, understanding their business activities better, or getting senior approval within your firm before acting. These are reasonable questions in a professional relationship.
If a client reacts badly to basic compliance questions, that’s actually information worth having.
6. If a client receives cash and we know about it for tax, do we need to report it?
Not automatically.
The $10,000 threshold transaction report applies when you receive or pay physical currency of $10,000 or more. If your client’s business receives cash and tells you about it for their BAS or tax return, that’s different from you handling the cash yourself.
But this is where ongoing monitoring matters. If you know a client routinely receives large amounts of cash, and it seems inconsistent with their business type or declared income, that’s worth examining. Cash-intensive businesses aren’t inherently suspicious. Unexplained cash is.
7. Why aren’t financial planners caught?
They largely already are, through different mechanisms.
Financial planners work through product providers – fund managers, platform operators, insurance companies – who are already reporting entities under the existing AML regime. When they complete forms for investment bodies, those bodies are doing the AML checks.
The Tranche 2 reforms target professional services that weren’t previously covered: accountants, lawyers, real estate agents, trust and company service providers.
If a financial planner is also providing accounting services or setting up structures, they’d be caught for those activities like any other accountant.
What to do now
AUSTRAC’s sector-specific guidance is expected in January 2026. That will fill in a lot of the detail.
Most firms don’t need a 50-page AML plan right now. They need a handle on three things:
Work out which designated services you actually provide. Many firms discover they’re doing more than they thought – registered office services, nominee arrangements, client fund management.
Don’t panic about existing clients. The pre-commencement rules give you breathing room. Focus on having systems ready, not verifying everyone immediately.
Think about how new client onboarding changes from 1 July 2026. What information will you collect? How will you verify identity? What does the process look like?
How we’re handling it
This is usually when people ask what we’re doing about it.
If you’re a Seamlss user, you’ll see an AML Compliance Hub in your sidebar. It’s a 5-phase checklist that tracks your progress toward July 2026, with tasks unlocking as AUSTRAC releases guidance. Timeline view, links to AUSTRAC resources, countdown to the deadline. No extra cost – it’s just there.
We’re building AML into the onboarding process and have all the tools you need covered in Seamlss to assist your AML journey.
We’re also running a monthly AML Accountants Forum where practitioners can ask questions and share what they’re figuring out. Next one is 18 December.
These are informal sessions. No sales pitch, just honest conversation about getting ready.
Register here: events.humanitix.com/aml-accountants-forum