Good afternoon. Thank you for the opportunity to address you today and thank you to the Honourable Justice Anthony Payne for the warm welcome.  I’d like to begin by acknowledging that we are here on the lands of the Gadigal people and I pay my respects to their country, elders and their heritage.

As mentioned, my name is Brendan Thomas and I am the Chief Executive Officer of AUSTRAC, Australia’s anti-money laundering and counter terrorism financing regulator and financial intelligence unit. 

Today I would like to talk to you about several important areas to help ready yourselves for the forthcoming regulatory reforms, including how AUSTRAC can help and support you as well as changes to the process for asserting legal professional privilege under the  Anti-Money Laundering and Counter Terrorism Financing Act, which I will refer to as the AML/CTF Act.

My aim is to equip you with the practical knowledge and context needed to prepare for, and thrive under, the new regulatory landscape.

However, obviously I won’t be providing legal advice or speaking on scenarios specific to individual businesses. There are several resources to support you however, which are available through AUSTRAC’s website. 

Australia’s AML/CTF legislation’s core objective is to detect, deter, and disrupt money laundering, terrorism financing, and the crimes they enable. Over time, the regime has evolved to address changes in technology, business practices, and the emergence of new risks.

The challenges in disrupting money laundering are not unique to Australia. 

Lawful domestic financial channels remain fundamentally important pathways for money launderers to place, layer and integrate funds domestically and internationally.

Our stable political system, our open and free economy, our independent legal system, our well-developed financial services sector and our strong real estate market make Australia a great place to do business. These features also make Australia an attractive destination to store and integrate criminal proceeds into the financial system.

Drug offences are the single largest source of money laundered in Australia, but there’s also significant money laundered from tax and revenue crimes, government-funded program fraud, proceeds of illicit tobacco sales, and the global proceeds of scams. 

Criminals are persistent in their exploitation of channels that have historically been used to launder funds, such as banks, remitters and casinos as well as high-value assets, such as luxury goods and real estate. Criminal use of digital currency, digital currency exchanges, unregistered remitters and bullion dealers is increasing and posing greater risks.

The lack of money laundering controls in non-financial businesses is creating a significant hole that many criminals are simply walking straight through. This is why the government has legislated these reforms. We see professional facilitators being used to launder money constantly. 

The money being laundered in Australia is extensive. If we look at just one type of crime alone, drug dealing. We know, through the good work of our colleagues in the Australian Criminal Intelligence Commission, that the value of the Australian domestic Australian drug market is at least 12 billion dollars a year. That’s 12 billion dollars of illegal money. All that needs to be laundered through the Australian economy, every year. And that’s one single type of crime.

In 2023-24, serious and organised crime cost Australia up to $82.3 billion, representing 3.2% of Australia’s gross domestic product. 

A further specific money laundering threat is that a number of Australia’s illicit markets are linked to criminal markets and organisations operating in Asia. These include large and highly functional international drug-trafficking organisations that control supply chains into Australia, as well as highly organised and sophisticated professional international money laundering organisations that have a demonstrated capacity to launder funds into and out of Australia. 

To give you an example of the scale and sophistication of money laundering operations: one such operation that was dismantled in Australia by the AFP with AUSTRAC’s assistance, operated as a criminal remittance and banking service able to make significant sums of money available to clients almost anywhere in the world within 24 hours. The organisation moved an estimated $10 billion over four years and had the capacity to move up to $1 million an hour. It even set its own exchange rates.

The organisation had a sophisticated informal value transfer system in place to make funds available overseas. By exploiting digital currency trading, domestic and foreign shell companies, and multiple offshore bank accounts, the organisation effectively operated as an underground bank with global reach.

Organised financial crime accounts for $13.2 billion, with illicit tobacco, intellectual property crime, environmental crime, firearms trafficking and pure cybercrime accounting for $8.6 billion.

Globally, the figure is conservatively $2 trillion.

Currently, the focus of Australia’s AML legislation is primarily on traditional financial institutions and services, such as banks and casinos. However, as criminal methodologies have grown more sophisticated, it has become clear that gaps remain. These include various crime enablers that may be unknowingly directly linked to serious and organised crime, including money laundering and professional facilitators such as lawyers, accountants and real estate agents.

The Australian Government has recognised these vulnerabilities and, through recent legislative amendments, has moved to align our national framework with international standards. The most recent reforms, passed in November 2024, mark a historic expansion, bringing a broader range of professional service providers within the scope of the AML/CTF regime. This expansion is not merely legislative housekeeping; it is a necessary response to the increasing complexity and scale of financial crime in Australia and globally.

Australia’s compliance with AML/CTF is governed by the standards set by the Financial Action Task Force, or FATF. The FATF is the global money laundering and terrorist financing watchdog, responsible for setting international standards and conducting mutual evaluations of member countries. These evaluations focus on both technical compliance—whether the right laws and regulations are in place—and effectiveness—whether those measures work in practice. These standards require Lawyers to comply with AML obligations and Australia is one of the last countries in the world to introduce this. 

Our intelligence regularly uncovers criminals laundering - not just the proceeds of Australian crime, but we are seeing the proceeds of international criminal organisations being laundered in the Australian economy.

The reforms to the AML/CTF Act, aren’t just about stopping Australian criminals. They are also about stopping international criminals parking their dirty money here.

If we’re seen as a weak link, we’d be a target for global crime networks and risk losing credibility with other countries and financial institutions resulting in these countries not wanting to transact or trade with us. 

Legal professionals play a crucial role in financial and property transactions, corporate structuring, and trust management. Unfortunately, this expertise and access also make the sector a target for organised criminals seeking to launder illicit funds. 

A criminal may seek legal assistance to appear legitimate in their illicit transactions. For example, legal services may be used with the intention of transferring funds through a law firm’s customer accounts. This could be to either legitimise the funds, or to use the firm’s professional status to enhance the legitimacy of a transaction. Money laundering is facilitated by concealing the connection between perpetrators and the proceeds of their crimes. Lawyers may unknowingly be involved in money laundering activities when their services are used for depositing, transferring, or withdrawing funds.

The money laundering process typically involves three stages: placement, layering, and integration.

• In placing money Criminals introduce illicit funds into the financial system, often by exploiting lawyers to establish corporate structures, trusts, or by using trust accounts to disguise the origin of funds.
• When layering funds, funds are moved through complex transactions—such as loans, consulting fees, or property investments—to obscure their source. Examples include the use of straw directors, shell companies, and the transfer of funds through legal practice trust accounts.
• In integrating money into the legitimate economy, the funds appear legitimate, they are used to purchase assets or reinvested into criminal enterprises. A notable case involved a Tasmanian drug dealer using a lawyer’s trust account to conceal the proceeds of crime in a real estate transaction.

The legal sector’s involvement in creating opaque structures, facilitating real estate transactions, and managing client funds makes it uniquely vulnerable. 

Law enforcement agencies are consistently identifying criminals seeking and exploiting the advice and services of lawyers to legitimise their activity and obfuscate proceeds of crime. 

Intelligence from our colleagues highlight a case where a senior partner in a medium-sized law firm was abused by her client. On a visit to a bank she was acting for, a director introduced her to a potential client, saying he required a solicitor's services. The solicitor agreed to act for the client. She decided to forgo the usual customer due diligence checks as she was informed that the client had accounts with at least two major banks and was recommended to her by a regulated professional. Over the next three years, the solicitor acted for the client in straightforward commercial matters.

One day, the solicitor was contacted by the police. They advised they were investigating the client for suspected involvement in a fraud ring.

Shortly afterwards, the client called to ask the solicitor to transfer a significant sum of money she was holding for him in the client account to an overseas bank. The solicitor felt uncomfortable doing this but felt she had no choice but to follow instructions. 

The solicitor should submit a suspicious matter report in these circumstances. The report would not contain legally privileged information but should highlight a large overseas transaction and the police contact. 

The proper application of customer due diligence before agreeing to act for the client may have also protected the solicitor from having her services misused and from escalating to the point where she felt she needed to act against her better judgement.

These steps are used by criminals to ensure the funds can be integrated and realised in the form of asset purchases or reinvestment back into criminal activity.  

In another example, the ATO commenced a risk review into an individual taxpayer, suspecting tax evasion. 

When the ATO made contact with the individual taxpayer, the person was represented by a lawyer. 

The ATO ran the lawyer’s name through the AUSTRAC database and identified millions of dollars in wire transfers between the lawyer’s trust account and an offshore bank account. 

The bank with which the lawyer’s trust account was held had submitted international fund transfer instructions (IFTI) to AUSTRAC; however, that bank was unaware of the source of the funds, as it had come from another institution. That meant they were unable to establish who the funds were coming from.

It was only when the ATO had already taken an interest in the individual taxpayer based on other sources of intelligence, that they were able to draw the link between the individual taxpayer and this substantial amount of suspected diverted taxable income, going through the legal trust account.

As part of the AML/CTF reforms, lawyers and law firms providing ‘designated services’—will fall under the AML/CTF Act. Examples of a designated service for the legal sector include:

• Assisting a person in the planning or execution of a transaction to buy, sell or transfer a body corporate or legal arrangement
• Assisting in planning or executing the creation or restructuring of a body corporate or legal arrangement. 

Red flags or suspicious matters may arise from various context-specific scenarios relating to client behaviour, their source of funds, or the nature of the transaction.

It may be a red flag where your client is evasive about the nature and purpose of the transaction or, where your client appears reluctant to provide information. 

Other red flags highlighted by FATF may include: 

• the client appears unconcerned or lacks knowledge about the transaction
• the transaction is unusual for the client, type of business or age of the business
• unexplained payments from a third party
• large cash payments
• connections with jurisdictions which are subject to sanctions or where drug production, terrorism or corruption is prevalent, or there is a lack of AML regulation.

Being aware of these indicators or warning signs of ML/TF should assist you in applying a risk-based approach to meeting your obligations under AML/CTF Act and Rules. 

If the lawyer mentioned previously had been subject to regulatory rigour, they would have identified the channelling of significant funds through their trust account to an offshore bank account of the client as potentially high risk.

Additionally, they would have had an obligation to undertake enhanced customer due diligence, including taking reasonable steps to identify the source of the customer’s wealth, analysing the purpose, reasons for, or nature of the transactions. 

This may have led to earlier detection of criminal activity, and prevention of further proceeds travelling offshore.

I will leave this here for now and discuss how AUSTRAC can support you in complying with your AML/CTF obligations a little later.

From 1 July 2026, newly regulated businesses under AUSTRAC’s regime must comply with a range of AML/CTF obligations. These include:

• Enrolling with AUSTRAC within 28 days of providing a designated service. You can access the online enrolment system from 31 March this year.
• Have an AML program in place. This program must include a risk assessment of money laundering, terrorism financing, and proliferation financing risks, as well as policies and procedures to manage and mitigate those risks.

These policies must also ensure that you comply with your obligations and be appropriate to the nature, size and complexity of your business.

You may use AUSTRAC’s starter program kit or develop your own. 

Ask questions of your clients, understand the risks they present, and be ready to report suspicious activity, known as initial and ongoing customer due diligence or CDD.

• This involves verifying the identity of your customers and understanding the nature of your business relationships with them. In many cases, you may be doing some of this already – you may currently know your customers very well, and this obligation may simply amount to formalising your approach.
• CDD helps you understand who your customers are and the ML/TF risks they may bring to your business. The level of information you collect and verify to complete CDD will depend on the risk profile of the customer.
• Specifically, you must establish whether the customer or any agent of the customer is:

Who they claim to be;

Subject to targeted financial sanctions; and, or

A politically-exposed person, or a relative or close associate of one, for example, a government official.

• It’s important to remember we endorse a risk-based approach.

This means that the level of due diligence you do over your customer will depend on the ML/TF risk they pose.

In many cases, we suspect your customer risk may be ‘low’. In these cases, you can apply less stringent due diligence – known as ‘simplified due diligence’.

From the information you have given us, most of your customers will be low risk.

These customers require much lighter checks. In many cases, it will be enough to gather some basic information from them, check their driver’s licence against this information and do a couple of internet searches to see if they’re subject to sanctions or are a politically exposed person.

• While customer due diligence is vital, please remember we don’t expect you to be police officers or investigators. You will not be required to stop transactions to comply with your AML/CTF obligations.
• It is also necessary to state that we don’t want to create duplication.
• We acknowledge that real estate transactions often involve multiple regulated entities. For example, one transaction may involve real estate agents, conveyancers, lawyers and banks.
• Therefore, the requirement to collect and verify information multiple times may be inconvenient for customers, particularly when several entities are requesting the same information.
• As such, and to avoid duplication, the law allows businesses to engage in reliance agreements or arrangements on an ongoing basis, or, on a case-by-case basis.
• This means that the Know Your Customer information verified by a real estate agent, bank, conveyancer or solicitor involved in a transaction can be shared with other regulated entities involved in the transaction to satisfy the CDD obligation.
• You will not need to perform CDD on existing customers, so it won’t be necessary for any relationships that began before 1 July 2026, unless:

You need to submit a suspicious matter report about them; or

There is a significant change in the relationship that increases their risk to medium or high over the course of your business relationship with them.

• Legal professionals must submit suspicious matter reports (SMRs) and threshold transaction reports (TTRs) for cash transactions of $10,000 or more. If structuring is suspected—where clients break up large cash deposits into smaller amounts to avoid reporting requirements—an SMR must be lodged.
• Have an AML/CTF Compliance Officer in place responsible for overseeing compliance and acting as the main point of contact with AUSTRAC.
• Have your staff trained on AML/CTF obligations, the risks facing the legal sector, and internal compliance procedures.

We understand this may be daunting and these obligations are new. Quite potentially, the very concept of money laundering may be completely foreign. It is important to understand, we do not expect perfection from day one. We do not expect you will be masters at identifying and controlling for money laundering risks; however, we do expect you put in honest efforts to meet your obligations and report suspicious activity to AUSTRAC.

It is important to note many firms already have some of these policies in place, especially around client due diligence and record-keeping. However, these must now be reviewed and, where necessary, strengthened to ensure compliance with the new obligations.

After 1 July 2026, we will focus our enforcement efforts against entities that wilfully ignore the obligation to enrol or are complicit with, or wilfully blind to, money laundering activities.

We are also here to support you. We have developed a suite of support tools and guidance materials to assist you in meeting your obligations.

These include our world first sector specific starter program kits. These kits provide practical, step-by-step templates for small businesses to understand, build and maintain your AML/CTF obligations as well as reduce the time and cost of compliance. The kits allow you to build and customise your own AML/CTF program, apply ML/TF risk assessments, policies and procedures as well as practical tools to assist with compliance with the new obligations.

Larger businesses can also use the kits as a foundation but must demonstrate why the kit is suitable for their circumstances if they have more than 15 staff.

We have developed these kits with industry peak bodies and small businesses across newly regulated sectors and conducted user and sentiment testing on the kits and iterated according to feedback provided along the way.

You can find the starter kits on AUSTRAC’s website alongside a carefully crafted user journey and visual aids to ensure that you are able to follow these easily to assist with compliance with your obligations.

We have also developed detailed guidance documents, covering risk assessments, program structures, customer due diligence, governance, and more. These resources are regularly updated in collaboration with industry associations and peak bodies.

Complementing this, throughout 2026 AUSTRAC will deliver webinars, e-learning modules, factsheets, and checklists to support your understanding of the regime. A phased awareness campaign, ‘Together We Can Stop Crime Where It Hides’, is underway to help all newly regulated entities navigate the transition. This is part of our broader public sector campaign to assist the general public in understanding money laundering and it’s impacts.

I strongly encourage you to engage with AUSTRAC’s guidance, attend and participate in forums, workshops, and working groups to stay informed and engaged. I also encourage you to reach out to AUSTRAC with your queries. We are here to help you. I have increased the capacity of our contact centre including operating hours to ensure that someone is available to answer your questions.

These initiatives are designed to ensure that all legal professionals—regardless of firm size or practice area—can access the tools and knowledge needed to comply, manage risk, and contribute to the national effort against financial crime.

AUSTRAC’s regulatory approach has shifted to being outcomes-focused, risk-based, and designed to foster a collaborative partnership with industry. Our goal is to support legal professionals in building robust compliance frameworks while ensuring the sector is not exploited by those who seek to undermine our financial system.

Our priorities for 2025–26 include:

• Supporting newly regulated entities by ensuring that all newly regulated businesses—including legal practices—understand and begin managing their AML/CTF risks.
• Applying a risk based, data and intelligence led basis for compliance and enforcement and prioritising regulatory interventions for those entities who fail to enrol or are not making meaningful efforts to implement their AML/CTF programs. Our approach will be supportive but firm, aiming for iterative improvements rather than immediate perfection.
• Increasing the proportion of entities lodging high-quality suspicious matter reports. AUSTRAC will identify low or non-reporters and work to improve their systems and processes.
• Continuing to monitor and mitigate vulnerabilities associated with large cash transactions, which remain a mainstay of money laundering activity in Australia.
• Enhancing regulation and oversight of digital currency exchanges and virtual asset service providers, which are increasingly at risk of exploitation by criminal groups.
• Strengthening partnerships and coordination in the Pacific region to combat cross-border financial crime.

The legal profession stands on the frontline of Australia’s fight against money laundering and terrorism financing. The reforms to the AML/CTF regime represent both a challenge and an opportunity: a challenge to adapt to new obligations and expectations, and an opportunity to enhance the reputation and resilience of our sector.

I urge you to engage with AUSTRAC’s guidance, participate in our education programs, and work closely with your industry associations. Compliance is not a one-off exercise but a continuous process of improvement. AUSTRAC is committed to supporting you every step of the way.

Together, we can ensure that the Australian legal sector remains a trusted pillar of our community and a formidable barrier against the forces of organised crime. 

Thank you.