Compliant client onboarding and identity verification
Complimentary, all-inclusive AML/CTF solution
Order all your searches and certificates in one place
A dynamic, matter specific environment
Manage family law matters with one solution
Simplify estate administration and planning
Review contracts faster with AI-assisted precision
Electronically lodge registry documents and settlements
Securely collate client financial documentation
Serve documents fast with tracking
Practice Management Integration
Streamline administrative tasks and optimise workflows
Access our support guides for comprehensive self-help assistance
Allows suppliers to connect their products and services with the InfoTrack Ecosystem
Learn how software and integrations can transform the way you work
Find out the latest industry updates
Take on compliance with confidence
Take your professional development to the next level
Cyber Security Awareness Training
Build your cyber resilience
Discover leading edge property insights
2025 State of Real Estate Report
Insights from Australian Buyers and Sellers
With Tranche 2 AML/CTF reforms approaching, law firms and conveyancing practices are under increasing pressure to understand their obligations and implement compliant processes ahead of 1 July.
For larger firms, the challenge is not just meeting regulatory requirements. It is applying those requirements consistently across teams, offices and a high volume of matters, without creating unnecessary operational burden.
In a recent webinar featuring Richard Storey, Partner – Risk Consulting at Grant Thornton, we explored what large legal practices need to do now and how to build a scalable, audit-ready AML/CTF framework.
There are four core steps every firm must complete before 1 July. While these requirements apply across the board, the way they are implemented in larger firms is typically more complex.
First, firms must assign clear AML/CTF roles and responsibilities. This includes defining the governing body, a senior manager responsible for oversight and approvals, and an AML/CTF compliance officer who manages day-to-day operations. In larger firms, these roles often sit across different teams, making clarity and accountability critical.
Second, firms need to enrol with AUSTRAC. Although there is a short grace period after providing your first designated service, early enrolment is strongly recommended to avoid delays and ensure readiness from day one.
Third, an AML/CTF program must be developed and in place before 1 July. This program forms the foundation of your compliance framework and includes your risk assessment, policies and procedures.
Finally, all relevant staff must be trained before they begin providing designated services. This training should cover not only regulatory obligations, but also how to identify suspicious behaviour and apply processes in practice.
In short, yes.
AUSTRAC’s starter kits provide a useful baseline, but they are primarily designed for smaller firms, of 15 or less staff, with simpler structures and lower risk exposure. For larger law firms and conveyancing practices, the level of complexity is significantly higher.
This means most larger firms will need to move beyond templated approaches and develop a more tailored framework. In practice, that typically involves building a bespoke risk assessment, creating policies that reflect the firm’s specific operating model, and implementing stronger controls around higher-risk clients and matters.
As highlighted in the webinar, size, structure and client profile all increase exposure to financial crime risk. As a result, regulatory expectations also increase.
At the centre of every AML/CTF program is the risk assessment. While AUSTRAC defines the legal sector as inherently high risk for money laundering, each firm must assess how that risk applies in its own context.
A well-developed risk assessment considers four key areas:
For larger firms, the key shift is moving from simply identifying risk to actively managing it. This means defining your risk appetite, documenting how risks will be mitigated, and ensuring those controls are consistently applied across the business.
Once risks are understood, they need to be translated into clear, practical processes that staff can follow.
For large firms, this is where many challenges arise. It is not enough to have policies documented. Those policies must be embedded into day-to-day workflows, ensuring that onboarding, due diligence and escalation processes are applied consistently across different teams and offices.
This includes clearly defined steps for client onboarding, guidance on how to identify and escalate high-risk matters, and structured processes for reporting suspicious activity. Without this level of consistency, compliance becomes difficult to manage and even harder to demonstrate.
One of the most significant challenges for large firms is implementing AML/CTF requirements at scale.
Staff onboarding is a key example. Firms must conduct due diligence on employees, including identity verification and, in some cases, additional checks such as criminal history or bankruptcy screening. Unlike client onboarding, these costs cannot be passed on and must be absorbed by the firm.
Training is another critical component. All staff must complete AML/CTF training before providing designated services, and firms need visibility over completion rates and any gaps across the organisation. For larger firms, this often requires a structured and trackable approach to training delivery.
Client onboarding also becomes more complex, particularly when dealing with non-individual clients. Companies, trusts and partnerships introduce additional layers of complexity, requiring firms to identify beneficial owners, understand control structures and assess risk accordingly. This shift towards Know Your Business (KYB) processes is one of the most significant operational changes under the reforms.
AML/CTF compliance extends well beyond onboarding.
Firms are required to submit suspicious matter reports when necessary, complete annual compliance reporting, and retain records for at least seven years. For large firms, this creates a broader governance challenge.
It is not just about storing information. Firms must be able to demonstrate a clear and consistent audit trail, showing what actions were taken, when they occurred, and who was responsible. This level of transparency is essential for meeting regulatory expectations and responding to any future audits or reviews.
Given the scale and complexity involved, manual processes are rarely sustainable for larger firms.
Technology plays a critical role in enabling firms to manage AML/CTF obligations more effectively. By centralising compliance activities, standardising workflows and automating record keeping, firms can reduce duplication and improve consistency across the business.
As demonstrated in the webinar, platforms like InfoTrack’s all-inclusive AML/CTF Compliance Centre are designed to support the full compliance lifecycle, from initial program setup through to client onboarding, reporting and ongoing record keeping.
AML/CTF compliance is not a one-off project. For large law firms and conveyancers, it is an ongoing operational requirement that must be embedded into the way the firm works.
Those that take a structured approach, supported by clear processes and the right technology, will be better positioned to manage risk, reduce administrative burden and remain compliant as the regulatory landscape continues to evolve.
To learn more, watch the AML/CTF for large firms webinar on demand, or book a complimentary demonstration to see the Compliance Centre in action.