AML & AUSTRAC terminology, in plain English.

Definitions for 84 of the most common AML/CTF terms — from CDD and KYC to suspicious matter reports and Tranche 2.

Adverse mediaNegative news screening: The process of screening customers and beneficial owners against negative news sources — fraud, corruption, sanctions, organised crime, terrorism — as an input to risk rating and EDD.
AFPAustralian Federal Police: Australia's national policing agency. AFP receives intelligence from AUSTRAC and is a key partner in money-laundering and terrorism-financing investigations.
AMLAnti-Money Laundering: Laws, regulations, and operational processes designed to prevent, detect, and report the use of the financial system to disguise the proceeds of crime.
AML/CTF ActAnti-Money Laundering and Counter-Terrorism Financing Act 2006 (Cth): The principal Australian statute that establishes AML/CTF obligations for reporting entities, supervised by AUSTRAC. Amended by the Tranche 2 reforms commencing 1 July 2026.
AML/CTF ProgramYour written compliance program: A documented program covering risk assessment, customer due diligence, transaction monitoring, reporting, training and governance — required for every reporting entity. Comprises Part A (general program) and Part B (CDD program).
AML/CTF RulesSubordinate legislative rules: Detailed rules made by the AUSTRAC CEO under the AML/CTF Act, setting out specifics for enrolment, CDD, reporting and record-keeping.
AML compliance officerNamed accountable person: The senior individual a reporting entity nominates to manage and oversee day-to-day AML/CTF obligations and to be the primary contact for AUSTRAC.
AML riskML/TF risk exposure: The exposure a business has to being misused for money laundering or terrorism financing, assessed across customer types, products, delivery channels and geographies.
APG41Asia/Pacific Group on Money Laundering: The regional FATF-style body covering the Asia-Pacific. APG conducts mutual evaluations of member jurisdictions, including Australia.
APRAAustralian Prudential Regulation Authority: Prudential regulator for banks, insurers and superannuation funds. APRA's CPS 234 (information security) and governance standards interact closely with AML programs in financial institutions.
ASICAustralian Securities & Investments Commission: Corporate, markets and financial services regulator. ASIC's licensing and director duties regimes overlap with AML obligations for AFSL-holders and company directors.
AFSLAustralian Financial Services Licence: The ASIC-issued licence required to provide regulated financial services in Australia. Many AFSL-holders are also AML reporting entities.
AUSTRACAustralia's AML/CTF regulator and FIU: The Australian Transaction Reports and Analysis Centre — federal agency that supervises reporting entities and receives suspicious matter, threshold transaction and international funds transfer reports.

Beneficial ownerThe real human behind a customer: An individual who ultimately owns or controls a customer entity — typically 25% or more ownership, or effective control by other means. Identifying beneficial owners is a core CDD requirement.
Beneficial ownership registerCentralised UBO record: A government-maintained register of beneficial owners of legal entities. Australia is progressing reforms to introduce a public beneficial ownership register.
Biometric verificationLiveness & face match: Identity verification using biometric data such as a face match between a selfie and a government-issued ID, plus liveness detection. A common element of remote KYC.
Board oversightGovernance accountability: The board's responsibility for approving the AML/CTF Program, monitoring its effectiveness, and ensuring sufficient resourcing and independence.

CDDCustomer Due Diligence: The process of identifying customers, verifying their identity, understanding the purpose of the relationship, and assessing the money-laundering and terrorism-financing risk they pose.
Cash dealerPre-Tranche 2 reporting category: Legacy term for businesses that deal in cash above thresholds, historically captured under FTR Act obligations and now fully integrated into the AML/CTF Act framework.
CRSCommon Reporting Standard: OECD framework for the automatic exchange of financial account information between tax authorities. CRS reporting obligations sit alongside AML CDD for many financial institutions.
CTFCounter-Terrorism Financing: Measures aimed at preventing the financial system from being used to fund terrorism. CTF obligations sit alongside AML obligations under the AML/CTF Act.
Customer risk ratingPer-customer risk score: A risk score assigned to each customer based on inherent risk factors (entity type, country, products used, behaviour) which drives CDD intensity and monitoring frequency.

DBGDesignated Business Group: A group of related reporting entities permitted under the AML/CTF Act to share certain AML functions, such as a joint AML/CTF Program and shared CDD.
Designated serviceA regulated activity: A service listed in the AML/CTF Act that triggers reporting-entity obligations. Tranche 2 expands the list to include legal, accounting, real estate and other professional services.
Digital IDTrusted digital identity: A reusable digital identity issued or accredited under the Australian Government Digital ID system, usable for KYC under prescribed conditions.
DNFBPDesignated Non-Financial Business or Profession: FATF term covering lawyers, accountants, real estate agents, dealers in precious metals and trust/company service providers — the sectors brought into Australia's regime by Tranche 2.
DCEDigital Currency Exchange provider: An Australian-regulated reporting entity providing exchange between fiat and digital currency. Must register with AUSTRAC's DCE register.

EDDEnhanced Due Diligence: A more rigorous form of due diligence applied to higher-risk customers, including PEPs, customers from high-risk jurisdictions, and complex ownership structures.
Electronic verificationVerifying ID against data sources: Verifying a customer's identity using electronic data sources (credit bureau, document verification service, government databases) rather than physical documents.
EnrolmentRegistering with AUSTRAC: The process by which a reporting entity registers itself on the AUSTRAC Reporting Entities Roll. Enrolment is required before providing designated services.

FATFFinancial Action Task Force: Inter-governmental body that sets international standards on AML, CTF and counter-proliferation financing. FATF's 40 Recommendations underpin Australia's AML/CTF regime and the Tranche 2 reforms.
FATCAForeign Account Tax Compliance Act (US): US legislation requiring foreign financial institutions to report on US persons. Often handled alongside AML/KYC processes by financial institutions.
FIUFinancial Intelligence Unit: A national agency that receives, analyses and disseminates reports of suspicious financial activity. AUSTRAC is Australia's FIU.
FTR ActFinancial Transaction Reports Act 1988 (Cth): Predecessor regime that still applies to a small set of cash dealers and solicitors. Largely superseded by the AML/CTF Act 2006.

Geographic riskCountry & jurisdiction risk: An input to customer and product risk rating reflecting exposure to high-risk, sanctioned, or non-cooperative jurisdictions identified by FATF and Australian government lists.
GovernanceOversight & accountability: The structures, policies and reporting lines that ensure the AML/CTF Program is owned, resourced, and effective — including board, AML compliance officer, and senior management roles.

High-risk customerElevated ML/TF exposure: A customer whose attributes (e.g. PEP status, complex ownership, high-risk jurisdiction, cash-intensive business) warrant enhanced due diligence and increased monitoring.

IFTIInternational Funds Transfer Instruction: An instruction to transfer funds into or out of Australia. Reporting entities must report IFTIs to AUSTRAC, regardless of value.
Independent reviewPeriodic program assurance: An independent review of the AML/CTF Program required at appropriate intervals — typically every 1 to 2 years — covering design and operating effectiveness.
Inherent riskPre-control risk exposure: The level of ML/TF risk a business faces before considering the controls it has in place. Compared to residual risk to evaluate control effectiveness.

KYBKnow Your Business: The entity-equivalent of KYC — verifying the identity of a corporate customer, its directors and officers, and its beneficial owners.
KYCKnow Your Customer: The identity verification component of CDD — collecting and verifying name, date of birth, and address (or equivalent for entities) before providing a designated service.

LayeringStage 2 of money laundering: Moving illicit funds through layers of transactions and accounts to obscure their origin. The middle stage of the classic placement–layering–integration model.
Legal Practitioner Trust AccountLawyer-held client funds: A trust account operated by a solicitor or law practice holding client funds. A focal point of Tranche 2 obligations for the legal sector.

MLMoney Laundering: The process of disguising the origins of money obtained from criminal activity so it appears legitimate.
MLROMoney Laundering Reporting Officer: International equivalent of Australia's AML compliance officer — the designated person responsible for managing AML obligations and SMR submissions.
Mutual evaluationFATF country review: A periodic peer assessment by FATF (or APG) of a country's AML/CTF regime against the 40 Recommendations. Australia's evaluations have driven reforms including Tranche 2.

OFACOffice of Foreign Assets Control (US): US Treasury body administering and enforcing economic and trade sanctions. OFAC lists are commonly screened against alongside Australian DFAT sanctions.
OnboardingAccount opening process: The end-to-end process of bringing on a new customer — collecting information, verifying identity, screening, risk-rating and approving for service.
Ongoing customer due diligenceOCDD: Continuous monitoring of customer activity and periodic review of CDD information to ensure the risk profile remains accurate over the life of the relationship.

Part A programGeneral AML/CTF program: The first part of the AML/CTF Program: governance, risk assessment, training, oversight and independent review arrangements.
Part B programCustomer identification program: The second part of the AML/CTF Program: applicable customer identification procedures (CDD/KYC), including for beneficial owners and PEPs.
PEPPolitically Exposed Person: An individual entrusted with prominent public functions — domestic, foreign, or international organisation. PEP relationships generally require enhanced due diligence and senior approval.
PlacementStage 1 of money laundering: Introducing illicit funds into the financial system, typically through cash-intensive businesses, structured deposits or purchase of monetary instruments.
Predicate offenceUnderlying crime: The criminal activity that generates the proceeds being laundered — fraud, drug trafficking, tax evasion, corruption, etc.
Proceeds of crimeProperty derived from offending: Property or value derived directly or indirectly from a predicate offence. Subject to confiscation under the Proceeds of Crime Act 2002 (Cth).
Proliferation financingFunding of WMD programs: The financing of the proliferation of weapons of mass destruction. Increasingly addressed alongside AML and CTF in Australian and international frameworks.

Record-keeping7-year retention obligation: Reporting entities must retain CDD records and transaction records for 7 years after the customer relationship or transaction ends, in a form that can be produced to AUSTRAC.
Red flagIndicator of suspicious activity: A pattern, behaviour, or attribute that suggests possible money laundering or terrorism financing and warrants further review or potentially an SMR.
RelianceRelying on third-party CDD: Where a reporting entity relies on CDD performed by another reporting entity, subject to specific conditions in the AML/CTF Rules.
Reporting entityA business with AML obligations: An entity that provides one or more designated services. Reporting entities must enrol with AUSTRAC and meet AML/CTF Program, reporting and record-keeping obligations.
Residual riskPost-control risk exposure: The level of ML/TF risk that remains after the controls in place have been considered. Compared to inherent risk to evaluate control effectiveness.
Risk assessmentDocumented ML/TF risk view: A documented assessment of the money-laundering and terrorism-financing risks your business faces, considering customer types, products, channels, and geographies. Required for every reporting entity.
Risk-based approachRBA — proportionate controls: Calibrating the intensity of CDD, monitoring and controls to the assessed risk of the customer, product or relationship — the cornerstone of the AML/CTF Act.

SanctionsFinancial & trade restrictions: Australian autonomous sanctions (DFAT) and UN sanctions prohibit dealing with listed persons and entities. Sanctions screening is a parallel obligation to AML.
ScreeningList & adverse-media checks: Checking customers, beneficial owners and counterparties against sanctions lists, PEP lists and adverse media at onboarding and on an ongoing basis.
SDDSimplified Due Diligence: A reduced level of CDD applied to clearly low-risk customers (e.g. listed public companies, government bodies), permitted under the AML/CTF Rules.
Shell companyEntity with no real operations: A legal entity with no significant assets or operating activity, often used to obscure beneficial ownership. A common ML red flag.
SMRSuspicious Matter Report: A report submitted to AUSTRAC when a reporting entity forms a suspicion that a transaction or customer relates to money laundering, terrorism financing, tax evasion or other serious crime. Replaces the older SAR terminology used overseas.
Source of fundsWhere the money came from: The activity that generated the funds used in a particular transaction (e.g. salary, sale of property, business revenue). Distinct from source of wealth.
Source of wealthHow total wealth was built: The activities that generated a customer's overall net worth (e.g. business ownership, inheritance, investments). Typically gathered for higher-risk customers.
StructuringSmurfing — splitting transactions: Splitting transactions into amounts below reporting thresholds to evade AML reporting. An offence under the AML/CTF Act.
Suspicious activityBehaviour warranting review: Customer behaviour, transaction patterns, or attributes that diverge from expected activity and warrant further review and potentially an SMR.

Targeted financial sanctionsTFS — list-based freezes: Obligations to freeze assets and prohibit dealings with persons listed under UN, autonomous, or counter-terrorism financing regimes.
Terrorism financingTF: Providing or collecting funds with the intention or knowledge that they will be used to carry out terrorist acts. The 'T' in CTF.
Three lines of defenceGovernance model: Risk governance model with operational management (1st line), compliance and risk functions (2nd line), and internal audit (3rd line) — commonly used to structure AML governance.
Tipping offAn offence against disclosure: Disclosing to a customer (or anyone else) that a suspicious matter report has been or may be made. It is a criminal offence under the AML/CTF Act.
Tranche 1Original AML regime: The initial scope of the AML/CTF Act 2006 covering financial services, gambling, and bullion — pre-dating the Tranche 2 expansion to professional services.
Tranche 2Expansion of AML to new sectors: AUSTRAC's expansion of AML/CTF obligations to legal, accounting, real estate, conveyancing, bookkeeping, pubs and clubs, dealers in precious metals and stones, trust and company service providers and other designated sectors, commencing 1 July 2026.
Transaction monitoringOngoing activity surveillance: Automated and manual monitoring of customer transactions against expected behaviour and risk indicators, to detect activity that may warrant an SMR.
TTRThreshold Transaction Report: A report to AUSTRAC for cash transactions of A$10,000 or more (or foreign currency equivalent), submitted within 10 business days.

UBOUltimate Beneficial Owner: Synonymous with beneficial owner — the natural person who ultimately owns or controls a customer entity.

VASPVirtual Asset Service Provider: A business providing virtual asset (crypto-asset) exchange, custody or transfer services. Regulated as a digital currency exchange provider in Australia.

Wire transfer ruleTravel rule: Requirement to include originator and beneficiary information with electronic funds transfers, so financial institutions in the chain can perform sanctions screening and risk assessment.

Need answers?

Read the full FAQ

Costs, deadlines, who's affected, and how providers differ.

FAQ

Official source

AUSTRAC Tranche 2 guidance

The regulator's own definitions and reform guidance.

Visit austrac.gov.au