Australia expands AML rules, widening market for digital identity verification

Biometric Update· July 2, 2026

Australia has implemented its largest anti-money laundering and counter-terrorism financing (AML/CTF) reforms in nearly two decades, removing privacy law exemptions for over 100,000 small businesses. The new regulations mandate that 'tranche two' sectors, including real estate and legal services, adopt a risk-based approach to customer verification and reporting. This regulatory expansion is expected to drive significant demand for digital identity solutions as businesses seek to balance compliance requirements with data minimization goals.

The Australian government's AML and CTF Amendment Bill represents a major overhaul of the country's financial oversight, stripping privacy law exemptions from small and medium-sized enterprises (SMEs) that previously had an annual turnover exemption of $3 million. Effective July 1, more than 100,000 businesses are now required to meet new reporting and data obligations, specifically targeting 'tranche two' sectors such as realtors, lawyers, accountants, and dealers in precious metals. Under this outcomes-based model, companies must take a risk-based view of their customers, with noncompliance potentially leading to civil penalties or even criminal liability for executives in the most severe instances.

Industry experts, such as Rick Iverson of digital ID exchange provider ConnectID, see these changes as a pivotal moment for the adoption of digital identity solutions. Iverson notes that digital ID allows businesses to verify customer identities without the need to collect and store sensitive physical documents like driver's licenses or biometric data, thereby reducing the overall data footprint and risk for the enterprise. However, the rollout has met some resistance; Law Council of Australia president Tania Wolff has called for a delay in commencement, citing a lack of clarity in the legislation regarding which legal services are specifically impacted. Privacy Commissioner Carly Kind has signaled a flexible approach to enforcement, suggesting that larger entities with more resources will be held to account sooner than smaller firms navigating the transition.

In response to the shifting regulatory landscape, digital identity verification providers are rapidly enhancing their offerings to support newly regulated businesses. Entrust has recently integrated Australia’s Document Verification Service (DVS) directly into its identity verification (IDV) workflow to facilitate seamless compliance. Harvinder Singh, Entrust’s regional vice president, emphasizes that organizations must now view identity verification as the 'first moment of truth' in the customer onboarding process. By prioritizing early fraud prevention through robust IDV, companies can protect digital experiences while meeting the stringent new requirements of the AML/CTF framework.

Read the full story at Biometric Update

Summary generated by RabbitReport AI from public reporting. The full article and original reporting belong to Biometric Update.