Powered by
MOMENTUM
MEDIA
With only a few months remaining before the AML/CTF compliance overhaul takes effect, many firms are still grappling with questions, concerns and uncertainty about what needs to be done and prioritised ahead of time – but this guide breaks it all down for you.
Australia’s expanding anti-money laundering and counter-terrorism financing (AML/CTF) regime, set to commence on 1 July, is poised to significantly reshape how law firms operate, extending their compliance obligations and placing financial oversight firmly at the core of legal practice.
While these reforms have been looming for some time and are now just months away from taking effect, many practitioners are still underestimating the scale and complexity of what lies ahead – and have yet to undertake meaningful preparation to stay ahead of the shift.
Speaking at Lawyers Weekly’s recent AML Innovate webcast, Catherine Evans, CEO and head of legal at Kit Legal, cut through the uncertainty confronting firms, addressing the key fears and questions facing lawyers and offering clear, practical guidance on what firms must understand as sweeping compliance changes take effect.
The blind spot in preparation
Evans warned that the profession is underestimating the scale of the overhaul, explaining how a narrow fixation on select obligations is obscuring the far broader and more demanding compliance framework emerging under the regime.
“I think the main obligation that everyone has been focused on has been customer due diligence. That’s the majority of questions we get through. But it’s really important to understand the AML framework is so much broader than that,” she said.
Rather than serving as a single procedural checkpoint at the onboarding stage, Evans emphasised that the new framework represents an ongoing risk management system that must be embedded across the organisation.
“It’s around understanding and documenting all your risks, having the policies, controls and frameworks in place,” she said.
“When I talk about risk, it’s at the enterprise level over your whole business, it’s at your personnel level. What risk faces each person who’s involved in AML, and then your customers as well? There’s ongoing monitoring, ongoing reviews, ongoing testing of compliance, and ongoing reports.”
She shared that instead of treating AML obligations as a discrete administrative function, as many law firms have in the past, firms will need to adopt a “living and breathing framework” that continuously evolves in response to shifting risks, transactions and regulatory expectations.
The awareness gap holding firms back
Despite the scale of the changes, Evans identified that the biggest challenge for law firms is not technical implementation, but a lack of awareness and cultural readiness within the profession.
Evans stressed that many professionals currently do not fully appreciate or understand the AML risks that exist within their own practice areas, or what those risks actually look like in practice.
“I think the first part is to understand the risks … but I think I speak to a lot of lawyers and other professionals that really don’t see any AML risk in what they do. They’re really not aware of what the risks are,” she said.
This lack of awareness, she argued, could not be more detrimental to compliance, stressing that firms must return to the fundamentals of understanding AML risk and how it permeates every aspect of their operations.
“I think coming back to the basics of understanding that and how it then implements all facets of what you’re doing, largely all people within your organisation as well,” she said.
As a result, she stressed that AML/CFT compliance can no longer be siloed within compliance teams, but must instead be embedded across all practice areas and roles throughout the firm.
“It’s not just your client-facing staff that needs to be aware of it. It is an ongoing living and breathing posture around preventing this sort of risk going forward. And as gatekeepers, we are,” she said.
Delegating effectively under time pressure
While firms still have time to prepare ahead of the incoming deadline, Evans warned that “it’s getting more critical” for organisations to get their systems in order now, before the window to act closes further.
A key priority she flagged for firms is establishing clear roles and assigning responsibility for AML/CFT compliance at both operational and strategic levels, stressing that defining responsibilities is now urgent.
“At the moment, we’d be assigning those key roles of AML/CTF compliance officer, senior manager, who is the person that is going to have to oversee and approve certain decisions in the business. Being very clear on those roles would be critical right now,” she said.
But defining roles is only the beginning.
Once those roles are established, Evans explained that firms must then conduct due diligence on the individuals appointed to them, assess the risks associated with their responsibilities, and ensure they are appropriately trained to carry out their obligations effectively.
“Then very soon, working through what the roles are in your organisation. You have to do due diligence on each of those people involved in AML activities and rate their risk as well as make sure they’re fully trained,” she said.
The main question law firms must now confront
As firms begin building and designing their AML/CTF compliance frameworks, Evans emphasised that one of the most important decisions they must make is how the system will be managed and governed.
“The first point is understanding the ongoing nature of this living and breathing framework,” she said.
“Is this something you are going to manage manually, internally? Is it something you are going to engage help with, whether that’s a consultant putting together manual processes? Or is this something you want to engage in more automation?”
Having these conversations now is vital, as Evans explained that understanding what you are doing in this regard shapes all subsequent decisions and ultimately determines the entire structure of a firm’s compliance approach.
“That’s the critical point now because that will really determine what your next steps are around putting together this framework,” she said.
“If you are doing this alone, you should be well advanced now in working through those data packs, and there’s a lot of customisation and work that needs to be done.
“If you’re using a more automated framework, that process should hopefully do a lot of that legwork for you and help you make key decisions in onboarding.”
External support
While AML compliance has long been an established obligation for firms, Evans acknowledged that the initial implementation phase – and the conversations that come with it – can still be challenging.
“This is an ongoing thing which many businesses have had to comply with for a long time now. So it does become part, just part of how you do business,” she said.
“It’s once you have all these processes embedded and you’ve worked through the efficiencies and worked through the best way to do things, it will just become part of how you do business, and everyone will live and breathe it.
“But it’s just this initial phase, and no one likes change, and it does impact a lot of, a lot of things.”
As firms grapple with the scale of change under the upcoming compliance overhaul, many are turning to external providers and training partners to help bridge capability gaps and provide much-needed support and guidance throughout the transition.
Evans urged firms not to underestimate the value of external support during this transition, noting that providers can offer ongoing assistance where needed and help upskill staff – a combination she described as highly beneficial in navigating the change.
“Get the right support in place. There are a lot of free webinars out there. There are a lot of things you can do. But to have that provider that can hold your hand through that initial stage and ongoing as required and upskill people, I think, is really beneficial,” she said.
