Skip to main content

Your AML/CTF questions answered

Australia has aligned its AML/CTF laws with international standards.

As part of these changes, certain professions (including ours) are becoming regulated by AUSTRAC for the first time.

From 1 July 2026, we will be required to:

  • collect and verify client identity information;
  • understand who we are acting for in more detail than before;
  • carry out due diligence on staff, clients, and matters;
  • comply with reporting obligations including by reporting “suspicious matters” to AUSTRAC on tight timeframes; and
  • keep certain records.

These are legal requirements, not optional processes.

We are preparing our systems and processes to ensure these requirements are implemented in a way that is:

  • Simple - clear guidance and minimal duplication
  • Consistent - a familiar experience each time
  • Efficient - using technology to streamline onboarding
  • Respectful - maintaining confidentiality and handling information securely

A key part of this approach is the use of the First AML platform, which we are configuring to support and align with our AML/CTF policy.

We are developing our policy and processes to ensure they meet regulatory requirements while remaining practical and workable for our team.

We will embed our policy requirements into our existing workflows using First AML, in conjunction with Actionstep and NetDocuments so these new processes are as seamless as possible for staff and clients.

First AML is a secure online platform that helps us:

  • undertake and update client and matter risk assessments;
  • collect and verify client identity information (known as “Know Your Customer (KYC) information”);
  • manage client due diligence (CDD);
  • streamline client and matter onboarding; and
  • maintain compliant records.

Using First AML allows us to:

  • provide a consistent client experience;
  • reduce manual handling of sensitive information;
  • improve efficiency and accuracy; and
  • meet our legal obligations.

It will be our primary tool for client onboarding and verification of identity (VOI).

What this looks like in practice will depend on your role in the business.

Firm wide changes will include:

  • mandatory AML/CTF training and an understanding of the new requirements;
  • identity verification and other due diligence checks for all staff, with the level of checks varying depending on AML/CTF risk profiles associated with individual roles;
  • giving further and more detailed consideration to client onboarding, matter naming and matter classification (likely including limiting the use of “general advice” files);
  • ongoing monitoring of clients and matters for ‘red flags’ and changes to relevant client or matter circumstances.

Changes specific for fee earners will include:

  • ensuring AML/CTF requirements are met before work begins;
  • understanding who we are acting for, including investigating client structures and beneficial ownership;
  • assessing the risk profile of clients and matters and determining the appropriate level of due diligence in accordance with our policies and procedures; and
  • identifying and escalating any risks, concerns or unusual matters.

Some fee earners will be asked to call some clients and alert them of these changes.

  • Changes specific for administrative professionals will include:
    1. initiating and managing client onboarding through First AML;
    2. sending First AML requests and monitoring completion;
    3. following up with clients to ensure required information and documents are provided;
    4. assisting with collecting and recording information relating to client and matter risk, client identity, structures and documentation; and
    5. ensuring onboarding is completed and appropriately recorded before work on matters commences.

Yes. These requirements apply to all clients, including long-standing clients.

We will need to:

  • collect information we don’t already hold;
  • verify existing information; and
  • update records where circumstances change.

It will impact the start of a matter, particularly if clients delay completing First AML requests.

To minimise delays:

  • onboarding should be initiated early (ideally at file opening); and
  • client due diligence information and document requests, and the Terms of Engagement DocuSign link, can be sent together in the initial email from the First AML platform.

This allows onboarding and engagement to be completed in a single step, reducing back-and-forth.

Once completed, in most cases, client information can be reused for future matters for that client. From time to time, we will need to update or obtain further details, including where circumstances change or additional information is required for a specific matter.

If a client is reluctant:

  • explain that this information is required for compliance reasons;
  • reassure them that First AML is a secure and widely used platform globally; and
  • if the level of reluctance is unusual or persistent, it is a “red flag” and should be addressed as described below.

If required information is not provided, the matter cannot proceed.

Red flags include a person wanting to remain anonymous or appearing to act for an undisclosed third party, being nervous or evasive when information is requested, providing vague information when requesting our assistance, asking whether we report to government authorities, using different names or refusing to provide identification. Other red flags include the structuring of a transaction to avoid AML/CTF reporting thresholds and a transaction with someone in a high-risk country.

There will be a DMAW Lawyers policy about Suspicious Matter Reporting, which must be followed. In short, if anything about a client or a transaction (including its structure) raises concern:

  • do not ignore it;
  • do not raise concerns with the client in a way that could indicate you have AML/CTF related concerns or may be required to report something (this may comprise “tipping off”, which is a criminal offence); and
  • escalate the matter internally.

Staff members are prohibited from discussing the suspicion with the person concerned (and anyone acting on their behalf), or any other staff member who is not directly relevant to managing the firm’s AML/CTF obligations.

The responsible fee earner must ensure onboarding is completed before work begins.

Administrative professionals are responsible for initiating and managing First AML onboarding, including:

  • seeking guidance as required from fee earners;
  • sending requests;
  • monitoring completion; and
  • following up with clients.

The firm’s AML compliance officer (AMLCO) (currently Daniel Jenkinson) is responsible for overall operational compliance. Formal escalations should be sent by email to amlco@dmawlawyers.com.au

All staff need to complete their mandatory online AML/CTF training through Alpha AML, with the first three modules to be completed by 30 April. Additional detailed role-specific training (covering the use of First AML and our internal processes and systems) will also be provided.

We will also provide supporting materials and messaging to help you communicate these changes clearly and confidently to clients, including guidance on how to manage conversations where clients may be concerned or resistant to the new requirements.

At this stage:

  • complete your active Alpha AML training modules by 30 April;
  • familiarise yourself with these upcoming changes;
  • attend any additional required training; and
  • comply efficiently with any request for verification of identity and other due diligence information about you from firm management.

Please feel free to speak with your manager, Daniel or Bernice at any time if you have any questions or queries, or email your queries to amlco@dmawlawyers.com.au.