Yesterday, the Department of Home Affairs and AUSTRAC released important guidance on the transitional rules that will support the implementation of Australia's anti-money laundering and counter-terrorism financing (AML/CTF) reforms. While these transitional rules are still being finalised - with an exposure draft expected in the coming weeks - this announcement provides crucial clarity for reporting entities preparing for the March 31, 2026 commencement date.

What's Been Announced?

The transitional rules will provide existing reporting entities with extended timeframes to adapt their systems and processes to certain new obligations. These rules are being made by the Minister for Home Affairs under Schedule 12 of the Anti-Money Laundering and Counter-Terrorism Financing Amendment Act 2024, and are separate from the AML/CTF Rules 2025 made by the AUSTRAC CEO.

The key message: the government recognizes that these reforms represent significant changes, and is providing flexibility to help businesses transition smoothly while still managing their money laundering and terrorism financing risks.

Key Transitional Arrangements for Existing Reporting Entities

3-Year Customer Due Diligence (CDD) Transition Period

The most significant transitional arrangement is a 3-year grace period for initial customer due diligence, running from March 31, 2026 to March 30, 2029.

During this period, existing Tranche 1 reporting entities will have a choice:

Option 1: Continue with the current ACIP

• Keep using your existing Applicable Customer Identification Procedures (ACIP) when onboarding new customers
• Maintain this approach for up to 3 years
• Continue using the familiar delayed CDD provisions in Chapters 46 and 79 of the pre-reform AML/CTF Rules

Option 2: Transition to new Section 28 CDD

• Switch to the reformed initial CDD obligations at any time between March 31, 2026 and March 30, 2029
• Gain access to new deemed compliance provisions and new delayed CDD provisions
• Benefit from modernized verification frameworks designed for digital identity solutions

Important: Whichever method you choose, you must comply fully with that single approach for all new customers and all customer types. You cannot mix and match between old ACIP and new CDD requirements.

What's Not Optional: Ongoing CDD

While you have flexibility on initial CDD, ongoing customer due diligence under Section 30 becomes mandatory from March 31, 2026 regardless of which initial CDD method you're using. This is a new obligation for all existing reporting entities with no transitional period.

Extended Compliance Officer Notification

Existing reporting entities will have until May 30, 2026 to notify AUSTRAC of their AML/CTF compliance officer, providing an extra two months beyond the reform commencement date.

Independent Evaluations

Existing reporting entities that have recently undertaken an independent review will be granted an extended period for their first post-reform independent evaluation, based on how recently they completed their last review.

What This Means for bronID API v5 Integration

The transitional rules create an important decision point for how you integrate with bronID's updated API v5, which has been designed specifically to support the reformed AML/CTF obligations.

The Integration Decision

If you choose to continue with ACIP during the transition period:

• You can maintain your current integration approach
• Your existing verification workflows remain valid
• You'll need to plan a future migration to API v5 before March 2029

If you choose to adopt the new Section 28 CDD from March 31, 2026:

• You'll integrate with bronID API v5 from day one
• You'll gain access to enhanced features
• You'll benefit from new deemed compliance provisions
• You'll be future-proofed for the full duration of the reforms

Strategic Considerations

While the 3-year transition period provides valuable breathing room, there are several factors to consider when planning your integration timeline:

Technical debt: Maintaining your current ACIP system alongside the new requirements creates complexity. Eventually, you'll need to migrate anyway - delaying may simply push that technical burden into the future.

Competitive advantage: Early adopters of the reformed CDD framework will benefit from streamlined verification processes and new compliance mechanisms before competitors.

Operational efficiency: The new deemed compliance provisions in Section 28 CDD are designed to reduce verification friction in certain circumstances. Accessing these benefits earlier could improve your customer onboarding experience.

Regulatory certainty: Once you transition to the new framework, you're aligned with the long-term regulatory direction rather than operating under legacy provisions with sunset dates.

Important: These Rules Are Not Yet Final

It's crucial to note that while this guidance provides clear direction on what's planned, the transitional rules are still being finalised. The Department of Home Affairs will publish an exposure draft in the coming weeks, and industry will have an opportunity to provide feedback before the rules are locked in.

bronID is closely monitoring developments and will keep all clients updated as the exposure draft is released and final rules are confirmed. We recommend using this guidance to begin planning your transition strategy, while remaining flexible as final details are confirmed.

Next Steps

As you consider your approach to the AML/CTF reforms, now is the time to:

1. Assess your current systems: Review your existing ACIP procedures and evaluate the effort required to maintain them versus transitioning to new CDD requirements
2. Understand the new framework: Familiarise yourself with Section 28 CDD requirements and the new deemed compliance and delayed CDD provisions
3. Plan your integration: Decide whether you'll transition to API v5 on March 31, 2026, or maintain your current approach during the transition period
4. Prepare for ongoing CDD: Regardless of your initial CDD decision, ensure you're ready to implement ongoing customer due diligence from March 31, 2026
5. Monitor for updates: Watch for the exposure draft release and be prepared to adjust your plans based on industry feedback and final rules

The bronID team is here to support you through this transition. If you'd like to discuss how API v5 can support your compliance strategy, or need guidance on choosing between continuing with ACIP or transitioning to the new framework, please reach out to our team at support@bronid.com.

This article is based on guidance released by the Department of Home Affairs and AUSTRAC regarding proposed transitional rules. The transitional rules are subject to finalisation following an exposure draft and industry consultation process. This information is current as of January 2026 and should not be considered legal advice. Reporting entities should consult with their legal and compliance advisors when making decisions about their AML/CTF obligations.