There are two viable shapes for an SME AML program: run it yourself with software, or outsource the operational layer to a managed service. The right answer is mostly about your firm's bandwidth and risk profile, not the price tag.
When software-only works
- You have a principal or senior staffer with the time and inclination to own AML.
- Your service mix is relatively narrow and your client base is mostly low-risk.
- You want full visibility into onboardings and SMR decisions.
- Budget is tight and you're prepared to invest internal hours instead.
When a managed service pays for itself
- Nobody at the firm wants to learn the AML/CTF Rules in depth.
- You handle complex client structures (cross-border trusts, corporate groups).
- You've already missed the early-mover window and need someone to compress the calendar.
- You'd rather pay A$1,500–A$2,500 per month than risk a regulator-grade audit failure.
The hybrid that's increasingly common
A growing number of firms run software in-house but engage a managed service for the independent review, the policy refresh, and surge support during AUSTRAC engagement. This 'software plus retainer' model often costs less than a fully managed service and keeps day-to-day operations under your control. Several CompareAML providers (notably AMLHUB and Complispace) offer both shapes from the same platform.