AUSTRAC’s wealth-management wake-up call after the 2026 reforms

AUSTRAC’s message to wealth management is unusually direct. In April 2026, the regulator said 98% of wealth-management businesses lodged no suspicious matter reports in 2025, while just three businesses accounted for nearly two-thirds of all SMRs across the sector. It also pointed to earlier compliance-report data showing 92% of wealth-management businesses said they had no high-risk customers. AUSTRAC’s supervisory view is that this does not reflect a genuinely low-risk sector. It reflects a detection and escalation problem in a sector exposed to cyber-enabled fraud, stolen identities, tax evasion and asset concealment.

What changed is not just the reform start date, but the regulatory lens. For current reporting entities, the reformed AML/CTF framework commenced on 31 March 2026. AUSTRAC has recast AML/CTF programs from the old Part A/Part B model to a risk-based, outcomes-oriented framework, with clear emphasis on risk assessment, governance and customer due diligence. Existing entities can continue using pre-reform customer identification procedures for some customer classes until 31 March 2029, but only if they document transitional policies by 1 July 2026 and manage the transition in a structured way. While SMR obligations broadly remain in place until 2029, AUSTRAC’s March 2026 SMR guide refresh shows the regulator expects better-quality suspicion analysis now, not later.

That is why this is now a front-line governance issue, not a back-office reporting issue. AUSTRAC has said risk remains at the centre of the regime, and firms that fail to identify, mitigate and manage ML/TF risks remain exposed to regulatory action, including civil penalty proceedings and, for registered businesses, suspension or cancellation of registration. At the same time, the governing body must oversee ML/TF risk identification and compliance, receive at least annual compliance-officer reporting, and be notified of risk-assessment updates as soon as practicable. The compliance officer’s report must address policy compliance, whether the framework appropriately mitigates risk, and remediation gaps.

The firms most obviously in scope are not only banks. AUSTRAC expressly says its wealth-management supervisory work covered trustees of managed investment schemes and financial service intermediaries such as financial advisers and financial planners. It has also created fresh indicators for the financial planners sector, including altered or inconsistent identification documents, unexplained wealth, unclear beneficial ownership, repeated SMSF trustee or member changes, urgent email instructions, and requests involving large cash deposits or transfers to conflict-zone jurisdictions. Even where the legal reporting entity is the AFSL holder or trustee rather than an authorised representative or CAR personally, customer-facing personnel are where these indicators are first seen, so escalation design matters.

The practical response should be disciplined and immediate. First, revisit the ML/TF risk assessment using AUSTRAC’s current risk and indicator materials, and make sure it actually drives customer risk ratings, ongoing CDD and source-of-funds/source-of-wealth triggers. Secondly, retrain front line and compliance staff on SMR decisioning: suspicion does not require proof, a declined application or even a service enquiry can still trigger an SMR, and each new suspicion can require a further report. Thirdly, fix SMR quality. AUSTRAC now stresses plain-English grounds for suspicion, chronological facts and the core “who, what, where, when, why and how”, rather than vague narratives or poor drafting that reduces analytical value. Finally, validate governance mechanics now: compliance-officer notifications for entities already enrolled on 30 March 2026 were due by 30 May 2026, and existing reporting entities generally need their first independent evaluation by the later of 31 March 2027 or four years after their last independent review.

From ABML’s perspective, the more useful question is not whether your wealth business has filed “enough” SMRs. It is whether your control framework could credibly detect the kinds of risk AUSTRAC says are already present in the sector, escalate them without commercial friction suppressing judgment, and turn them into defensible decisions, usable reporting and meaningful board oversight. 2026 should be treated as a re-baselining year, not a grace period.

Need to pressure-test your AML/CTF framework for wealth management? ABML can help with a targeted program review, SMR uplift workshop, compliance-officer support and board reporting refresh.