AML/CTF Tranche 2

AML/CTF Tranche 2

You may have noticed we’ve been quiet about Tranche 2.

That’s been deliberate.

Over the last 18 months, the market has been flooded with webinars, white papers, consultancies, and new platforms - all working hard to educate accountants and other Tranche 2 entities about what the AML/CTF reforms mean. A lot of people are doing that job well, and we didn’t want to add to the noise when others were better placed to lead the conversation.

Now that the market is informed and 1 July 2026 is approaching, it’s time for us to share what we’ve been doing - from a product perspective - to support you.

If you’re still unsure about your obligations - what designated services trigger the regime, how to enrol with AUSTRAC, what a compliant program looks like - please reach out. We’re happy to point you to the people and resources who’ve done an excellent job at educating the sector. This update isn’t that. This update is about what we’re building.

AML isn’t new to Annature

Annature has offered AML capability as an add-on to our Identity verification product since we first launched back in 2022. It’s been used by financial services firms and law firms (which have been regulated entities for some time). If you’re currently using Identity verification, you’ve probably never seen the AML features - because you didn’t need them. We keep the interface simple and only surface what’s relevant to you.

That's about to change. Tranche 2 brings accountants and other newly-regulated sectors into the regime from 1 July, and we're making our AML module a core part of the platform.

What’s changing on 1 July

If you're an existing Annature Identity verification customer, this section is for you. Tranche 2 is changing how we deliver AML capability inside the product you already use - and we want to be upfront about what that means.

The client-facing experience doesn't change. Your clients will continue to receive verification requests and complete them exactly as they do today. Nothing changes for them.

What changes is what happens behind the verification.

Today, when sending a verification request, you can turn on "Enhanced verification" to trigger AML/CTF checks. Your client's collected information is securely passed to a trusted third-party provider who runs sanctions, PEP, terrorism financing, and adverse media checks - giving you a full picture of any flags against that individual across global watchlists.

From 1 July 2026, two things change:

AML/CTF checks are on by default. Today they're opt-in. From 1 July, they're opt-out. If you're providing a designated service, the checks happen automatically - no toggle to remember, no client falling through the cracks because someone forgot to tick a box. When you know AML/CTF checks aren't required (verifying someone for a non-designated service, for example), you can still opt out per verification. The toggle just flips: on by default, off when you say so.
Ongoing monitoring is on by default for verified customers. Today, monitoring a client against sanctions and PEP lists after they've been verified is a separate consideration. From 1 July, every verified customer is automatically enrolled in ongoing monitoring. If a client becomes a PEP or appears on a sanctions list weeks or months after onboarding, you'll be notified. This is one of the most overlooked obligations under Tranche 2 - and now it's handled for you, automatically.

The new AML modules we’re building

Identity verification is only one part of your AML/CTF obligations under Tranche 2. To support the rest, we're building a set of new modules that together cover what a compliant program actually requires — from generating the program itself to managing staff training, customer risk assessments, and senior manager approvals.

By 1 July 2026, your Annature dashboard will include:

AML/CTF Program generation. A guided tool that produces your AML/CTF Program document, tailored to your practice. We've designed the questionnaire to take about two minutes - not the 40-question wizards you'll find elsewhere. Our position is that a good program covers your practice broadly, with light customisation where it genuinely matters.

ML/TF Risk Assessment. A separate risk assessment document, generated through a more detailed questionnaire, that reflects your firm's actual risk profile across services, customers, geography, and delivery channels.
Operational procedure documents. Two procedure documents that explain exactly how your firm conducts customer risk assessment and identity verification - built around how Annature actually works. These are the documents your staff use day-to-day.
Compliance Officer dashboard. A single view for your AML/CTF Compliance Officer showing customer risk ratings, pending approvals, training status, and upcoming reviews.
Staff training module. Send your AML documents to your team for review and acknowledgement. The platform tracks who has reviewed what, when, and prompts for refresher training on the cadence you set. Full audit log included.
Document version control and review cycles. The platform reminds your Compliance Officer when your program and risk assessment are due for review, captures changes, and maintains a complete history.
Customer risk assessments. Rather than sending clients a 40-question form, our approach is to capture risk assessment information from the conversations you're already having at onboarding - via meeting transcripts powered by Vinyl, or through your existing tools like Content Snare. The AI generates a draft risk assessment and risk-rating, your Compliance Officer reviews and approves it.

Identity verification - already in Annature, now extended. Our existing ID verification product continues to handle KYC, with ongoing sanctions and PEP screening. Now it's connected to the broader AML workflow - verifications feed into customer risk ratings automatically.

Ongoing monitoring bulk enrolment for existing client bases. For firms with established client lists, we're providing bulk-enrolment tools via our integrations with the practice management systems you already use - Xero Practice Manager, FYI Docs, Kloud Connect, and others. You'll be able to enrol your entire client base into ongoing monitoring in a single workflow, rather than re-verifying each client individually.
Senior manager approvals register. When a customer is rated high-risk or identified as a PEP, the platform routes the decision to your senior manager with full audit trail. No more spreadsheets, no more email chains.

A few things we’ve deliberately not built

We’ve made some intentional choices about what doesn’t belong in Annature.

We’re not hosting your Suspicious Matter Report register. SMR data is highly sensitive, and AUSTRAC expects it to be tightly controlled within your firm. We'll provide a downloadable register template so you can maintain this properly, but the data stays with you, where it belongs.

We're not building Threshold Transaction Report workflows. For the customers we serve, $10,000+ cash payments are rare - and where they do occur, you can lodge directly with AUSTRAC.

We're not building a questionnaire form builder. There are excellent tools that already do this (Content Snare, Onboardme, and others). We'll integrate with what you already use rather than reinvent it.

What happens next

Everything described above will be available in your Annature dashboard before 1 July 2026. We'll be in touch closer to launch with access details and onboarding support.

In the meantime, if you have questions - about Tranche 2 generally, or about how Annature fits into your compliance approach - just send us a message. We're happy to talk.

Thanks for your patience while we built something we're genuinely proud of.

— Corey

AML/CTF Tranche 2

You may have noticed we’ve been quiet about Tranche 2.

That’s been deliberate.

Now that the market is informed and 1 July 2026 is approaching, it’s time for us to share what we’ve been doing - from a product perspective - to support you.

AML isn’t new to Annature

That's about to change. Tranche 2 brings accountants and other newly-regulated sectors into the regime from 1 July, and we're making our AML module a core part of the platform.

What’s changing on 1 July

The client-facing experience doesn't change. Your clients will continue to receive verification requests and complete them exactly as they do today. Nothing changes for them.

What changes is what happens behind the verification.

From 1 July 2026, two things change:

AML/CTF checks are on by default. Today they're opt-in. From 1 July, they're opt-out. If you're providing a designated service, the checks happen automatically - no toggle to remember, no client falling through the cracks because someone forgot to tick a box. When you know AML/CTF checks aren't required (verifying someone for a non-designated service, for example), you can still opt out per verification. The toggle just flips: on by default, off when you say so.
Ongoing monitoring is on by default for verified customers. Today, monitoring a client against sanctions and PEP lists after they've been verified is a separate consideration. From 1 July, every verified customer is automatically enrolled in ongoing monitoring. If a client becomes a PEP or appears on a sanctions list weeks or months after onboarding, you'll be notified. This is one of the most overlooked obligations under Tranche 2 - and now it's handled for you, automatically.

The new AML modules we’re building

By 1 July 2026, your Annature dashboard will include:

AML/CTF Program generation. A guided tool that produces your AML/CTF Program document, tailored to your practice. We've designed the questionnaire to take about two minutes - not the 40-question wizards you'll find elsewhere. Our position is that a good program covers your practice broadly, with light customisation where it genuinely matters.

ML/TF Risk Assessment. A separate risk assessment document, generated through a more detailed questionnaire, that reflects your firm's actual risk profile across services, customers, geography, and delivery channels.
Operational procedure documents. Two procedure documents that explain exactly how your firm conducts customer risk assessment and identity verification - built around how Annature actually works. These are the documents your staff use day-to-day.
Compliance Officer dashboard. A single view for your AML/CTF Compliance Officer showing customer risk ratings, pending approvals, training status, and upcoming reviews.
Staff training module. Send your AML documents to your team for review and acknowledgement. The platform tracks who has reviewed what, when, and prompts for refresher training on the cadence you set. Full audit log included.
Document version control and review cycles. The platform reminds your Compliance Officer when your program and risk assessment are due for review, captures changes, and maintains a complete history.
Customer risk assessments. Rather than sending clients a 40-question form, our approach is to capture risk assessment information from the conversations you're already having at onboarding - via meeting transcripts powered by Vinyl, or through your existing tools like Content Snare. The AI generates a draft risk assessment and risk-rating, your Compliance Officer reviews and approves it.

Identity verification - already in Annature, now extended. Our existing ID verification product continues to handle KYC, with ongoing sanctions and PEP screening. Now it's connected to the broader AML workflow - verifications feed into customer risk ratings automatically.

Ongoing monitoring bulk enrolment for existing client bases. For firms with established client lists, we're providing bulk-enrolment tools via our integrations with the practice management systems you already use - Xero Practice Manager, FYI Docs, Kloud Connect, and others. You'll be able to enrol your entire client base into ongoing monitoring in a single workflow, rather than re-verifying each client individually.
Senior manager approvals register. When a customer is rated high-risk or identified as a PEP, the platform routes the decision to your senior manager with full audit trail. No more spreadsheets, no more email chains.

A few things we’ve deliberately not built

We’ve made some intentional choices about what doesn’t belong in Annature.

We're not building Threshold Transaction Report workflows. For the customers we serve, $10,000+ cash payments are rare - and where they do occur, you can lodge directly with AUSTRAC.

What happens next

Everything described above will be available in your Annature dashboard before 1 July 2026. We'll be in touch closer to launch with access details and onboarding support.

In the meantime, if you have questions - about Tranche 2 generally, or about how Annature fits into your compliance approach - just send us a message. We're happy to talk.

Thanks for your patience while we built something we're genuinely proud of.

— Corey

Annature changelog

AML isn’t new to Annature

What’s changing on 1 July

The new AML modules we’re building

A few things we’ve deliberately not built

What happens next

Annature changelog

AML/CTF Tranche 2

AML isn’t new to Annature

What’s changing on 1 July

The new AML modules we’re building

A few things we’ve deliberately not built

What happens next