Select another region to view local content

You are on the Australia website
Australia
New Zealand
United Kingdom

Blogs

Who's liable? A breakdown of personal liability under AML regimes

Who's liable? A breakdown of personal liability under AML regimes

Breaking down the jargon on AML personal liability

If you’re a director, senior manager, or AML/CTF compliance officer in Australia, personal liability under anti-money laundering laws isn’t just your business’ obligations - you could be personally liable too. And with Tranche 2 rules kicking in from 1 July 2026, even more businesses - like lawyers, accountants, and real estate professionals - will be on the hook. But don’t stress. We’ve cut through the jargon to show exactly who’s at risk and how to stay compliant in clear, no-nonsense steps.

Who’s liable?

Company directors, Senior managers, AML/CTF compliance officers and, in some cases, employees or agents involved in AML/CTF duties could all be personally liable for violations. If you’re a sole practitioner, you may be conducting several of these duties yourself, or outsourcing tasks to a third party – regardless, the buck stops with you, so it’s important to know your obligations.

From 1 July 2026, Tranche 2 rules will extend AML/CTF obligations to new sectors - including lawyers, accountants, real estate professionals, and trust and company service providers. So, if you operate in one of these industries, you’ll soon be a “reporting entity” under the law and these responsibilities will apply to your business too.

We’ve broken down the responsibilities for you below.

Directors of companies, including partners in partnerships and trustees in trusts, have the ultimate responsibility for ensuring their business complies with the Anti-Money Laundering and Counter-Terrorism Financing Act 2006 (AML/CTF Act) and the new Tranche 2 rules. They can be held personally liable for breaches, especially if they are involved in, consented to, or turned a blind eye to non-compliance.

Directors should:

  • Ensure the business has a robust AML/CTF programme and risk assessment in place - and that it’s adhered to by all relevant staff.
  • Ensure regular reviews are conducted, as well as your annual compliance report submitted to AUSTRAC and an independent audit carried out every three years.
  • Appoint a AML/CTF compliance officer and ensure relevant staff are properly trained and vetted.

Senior Managers, including CEOs, CFOs, senior leadership, partners, and anyone with significant influence over the management or administration of the business - also carry personal liability.

The AML/CTF Act and AUSTRAC tranche 2 official guidance make it clear that senior managers must:

  • Oversee and sign-off on the business’ AML/CTF programme.
  • Ensure relevant staff (including themselves) receive appropriate AML/CTF training.
  • Support the compliance officer and ensure they have sufficient authority and resources.

AML/CTF Compliance Officers must be appointed by every reporting entity, and could be an employee or a partner/external person for sole practitioners. This person is responsible for administering and maintaining the AML/CTF programme and risk assessment. For sole practitioners, this may be the business owner or an external appointee.

Compliance Oofficers’ duties include:

  • Overseeing day-to-day compliance with the business’ AML/CTF programme and risk assessment.
  • Ensuring policies, procedures, and controls are up to date and effective.
  • Reporting suspicious matters and threshold transactions to AUSTRAC.
  • Preparing annual compliance reports and facilitating independent reviews when required.

While the main focus is on directors, senior managers, and compliance officers, employees and agents can also be personally liable in certain situations. For example:

  • If they knowingly participate in money laundering or terrorist financing.
  • If they wilfully fail to comply with AML/CTF obligations (e.g., deliberately not conducting customer due diligence (CDD) checks, or helping to conceal suspicious transactions).
  • If they provide false or misleading information to AUSTRAC or law enforcement.

What are the penalties?

In Australia, individuals who fail to meet AML regulations can face fines, bans and even criminal charges depending on their role and the severity of the breach.

  • Reporting entities, including Directors and Senior managers can be personally liable if they fail to ensure adequate AML/CTF programmes. They can face penalties up to 20,000 penalty units (i.e. up to $6.6 million) and may be barred from management roles if found unfit.
  • Employees and Compliance Officers who neglect their AML compliance duties may also face disciplinary actions and civil fines, and if serious negligence or complicity can be proven, may even face criminal prosecution.
  • Criminal liability can apply to any individual involved if they knowingly engage in or are complicit to money laundering, and can face imprisonment and unlimited fines.

Fines and bans are common penalties for procedural failures, while criminal penalties would be more likely to apply to serious cases where an individual has ignored risks or knowingly assisted with laundering.

How to protect yourself from personal liability

You don’t need to be an AML expert. But you do need simple systems that take care of the essentials. Here are the must-haves:

  • A clear AML/CFT programme: relevant to your business, and kept up to date as AUSTRAC guidance changes — including Tranche 2 requirements.
  • Reliable CDD and risk assessment processes: for every client, every time.
  • Proper reporting: suspicious transactions, prescribed transactions, and annual AML reports.
  • Secure record-keeping: stored for 7 years and audit-ready.

If you’re a Tranche 2 reporting entity, you’ll need to enrol with AUSTRAC, assess your AML/CTF risks, and implement a compliant programme by 1 July 2026.

APLYiD handles your AML compliance from start to finish — ID verification, CDD, risk assessment, and record keeping — with no admin headaches and no training needed.

Let APLYiD take the pressure off

At APLYiD, we help you get compliant and stay that way — without the headaches.

  • No training needed. Everything’s automated and guided.
  • No unnecessary complexity. Just one self-serve platform for all AML tasks.
  • No admin overload. ID verification, CDD, risk assessments and record-keeping — all sorted.
  • No gaps in compliance. Our platform keeps you covered, even when regulations change.

Whether you're running a solo practice or managing a small team, APLYiD helps take the guesswork out of compliance so you can focus on what you do best.

Contact Us
Loading...
Who's liable? A breakdown of personal liability under AML regimes | No-nonsense AML platform for your business | Trusted AML & KYC for Real Estate, Legal & Finance