Thirteen years in this industry teaches you something important: the firms that thrive through regulatory and technological change are rarely the ones that react fastest. They are the ones that invested early, deliberately, and with a clear point of view about where their clients were heading. That principle shapes everything we build at InfoTrack, and it is the lens through which I want to share what we have been working on, and more importantly, why.
Over the past year, our product investment has deepened considerably across three interconnected areas: compliance infrastructure, intelligent data, and information security. These are not separate streams. They are designed to work together, so that as your obligations grow and the regulatory environment shifts, your platform does the heavy lifting rather than your team.
The AML/CTF Tranche 2 reforms represent the most significant change to professional obligations for legal practitioners, conveyancers, real estate professionals, and accountants in a generation. From 1 July, anti-money laundering and counter-terrorism financing obligations that have long applied to financial institutions will extend to your profession. We have been preparing for this alongside you.
Our Compliance Centre was developed in consultation with Grant Thornton, AUSTRAC’s own adviser, and has already been demonstrated to more than 7,000 practitioners across 26 locations in Australia. It brings together AML/CTF-compliant program creation, automated risk scoring, client onboarding modules, KYC verification, and audit trail generation into a single, integrated workflow, designed from the ground up to satisfy AUSTRAC obligations.
What makes this investment meaningful is not just the capability itself, but how it fits into the work you already do. We have integrated the compliance workflows directly into existing transaction and search processes, so onboarding and due diligence happen within the same environment where you order searches, manage settlements, and run your matters. There is no separate system to log into, no duplication of effort, and no compliance documentation sitting in a folder that never quite connects to the actual matter file.
We have also built the record-keeping and encrypted data infrastructure to meet the mandatory retention periods under the AML/CTF Act, and we maintain ongoing engagement with AUSTRAC and industry bodies as the final rules continue to take shape. When the guidance shifts, the platform evolves with it.
Beyond compliance, we are investing in what it means for your firm to operate with genuine data intelligence. InfoTrack.ai and our Model Context Protocol (MCP) enabled services give your practice a new way to consume InfoTrack’s trusted data sources, including the ability to power AI agents that can automate and augment the repetitive, data-intensive work that currently consumes your team’s time.
The foundation for this is not new. InfoTrack has spent years building and deepening the richness, accuracy, and coverage of its data assets across property, identity, company, and court information. What is changing is how that data can be consumed and applied. Our MCP-enabled architecture means your firm can integrate InfoTrack’s intelligence directly into your own tools and workflows, not just through the InfoTrack platform itself.
This is important because the AI landscape for professional services is evolving rapidly. Firms that want to build genuinely useful AI agents need reliable, accurate, real-time data as the underlying input. We are making sure InfoTrack is that source, so that when your practice is ready to automate parts of its workflow through AI, the data powering those automations is data you can trust.
Security expectations for professional services firms are not staying still. Australia’s Cyber Security Act, which came into effect in November 2024, introduced mandatory ransomware payment reporting obligations and signalled a broader shift in how regulators expect businesses handling sensitive data to govern their security posture. For firms managing identity documents, financial records, and client due diligence files, that shift has direct implications, and the standard your technology platform is held to matters as much as the standard your firm operates to.
InfoTrack is ISO 27001:2022 certified, meaning our information security management systems are independently audited against internationally recognised standards. All data at rest is encrypted using AES-256, all data in transit is secured end-to-end using TLS, and our infrastructure is entirely Australia-hosted, supporting the data residency and sovereignty expectations that Australian firms and their clients increasingly require. Our Trust Centre, available at trust.infotrack.com, provides full visibility of our security posture and accreditations.
Looking ahead, the security demands on platforms like ours will only intensify. Privacy Act reforms, evolving Digital ID obligations, and the increasing volume of identity data flowing through AML/CTF compliance processes all raise the stakes for how that data is stored, accessed, and protected. Our investment in 24/7 threat monitoring, strengthened identity and access management, and progression toward SOC 2 Type II accreditation reflects our view that security is not a baseline to meet once and move on from. It is a continuous investment, and one we take seriously on behalf of every firm that trusts us with their most sensitive workflows.
The firms that will lead in the next five years are those that treat compliance, intelligence, and security as integrated capabilities rather than separate cost centres. That shift is already underway across the legal and property profession, and the pace is accelerating.
Regulatory obligations are deepening. The Digital ID Act 2024 is beginning to reshape how identity is verified across government and commercial transactions. Privacy Act reforms are progressing. AML/CTF obligations are extending to professions that have never had to think this way before. At the same time, AI adoption is moving from experimentation to genuine operational integration, and the firms investing in data-quality foundations now will be better placed to benefit from that shift than those waiting to see how it lands.
The practical implication for your practice is straightforward. The tools, workflows, and compliance infrastructure you put in place in the next 12 to 18 months will either support your capacity to grow or create friction that slows you down. Getting those foundations right, across identity verification, client due diligence, data security, and intelligent automation, is the work that matters most right now.
Budget cycles always generate inquiries. The 2026–27 budget, with its layered reforms across personal tax, property investment, trust structures, and small business, will generate sustained client demand for well-informed advice. Practices that can respond quickly, with accurate information and efficient processes, will be better positioned than those still working through paper-based or fragmented workflows.
The shift toward new-build investment and the complexity of transitional CGT arrangements will increase the volume of property due diligence. The trust reforms will extend the advisory cycle well beyond a single financial year. Across all of these changes, the common thread is that practitioners who have connected, compliance-ready systems will find it easier to meet increased demand without absorbing it as increased cost.
