With Australia’s tranche 2 AML reforms approaching, real estate agencies will soon face the same anti-money laundering obligations that banks and financial institutions already manage.
From compliance programs to risk assessments and reporting, there are policies which real estate agencies will need to create and adopt to meet AML/CTF requirements.
But AML compliance in real estate agencies isn’t just about having the right policy documents, it also requires the right processes, technology, training and culture. When these elements work together effectively, compliance becomes part of everyday operations rather than an administrative burden.
So, what does a fully compliant agency actually look like?
What does full compliance actually look like?
While on its own it’s just paperwork, a clearly documented compliance program is still at the heart of a fully compliant agency. It’s the starting point, which outlines your policies, procedures and controls which staff must follow when onboarding and working with clients.
So, we’ll start with looking at documenting processes.
1. Clearly documented compliance processes
You must create defined AML procedures for your agency based on your level of risk exposure. Having these procedures in place will help guide agents and other staff on what steps to take and when.
A strong process typically includes:
- Customer due diligence (CDD) framework
- Customer onboarding procedures
- Identity verification and beneficial ownership checks
- Risk assessments
- Ongoing monitoring of client activity
- Suspicious matter escalation and reporting
- Employee due diligence
- Record keeping requirements
- Training programs
The trick is to ensure that alongside this you also provide clear operational guidance, so employees understand how to apply processes in real-life situations. Doing this will also help ensure regulatory obligations are consistently met across every sale, purchase, and client interaction.
2. Defined escalation points
To meet your AML obligations, it is essential that agents and other staff members know who in your business to raise issues to when there’s a red flag or when you believe something is slightly off with a listing.
Red flags often fall into four key risk areas:
- Client risk: High-risk clients, such as those with high-net worth, high-risk jobs, or those showing unusual behaviours
- Transactional risk: Unknown or unusual third-party involvement, or unexpectedly large payments
- Structural risk: Legal structure alterations, collusion, obscured identities or use of nominees
- Jurisdictional risk: Dealing with clients based in high-risk countries, sanctioned countries, or with geographical distance
Clearly define escalation pathways so staff know exactly who to notify if something appears unusual. This ensures that potential issues are assessed quickly and appropriately.
3. Ongoing training and upskilling
Businesses grow, staff change, risk levels can go up or down, and regulations evolve. This means compliance training cannot be a ‘one and done’ event.
Stay ahead of the curve and ensure:
- New staff receive AML training during onboarding
- Existing staff receive regular refresher training
- Compliance updates are communicated across the organisation
Remember, compliance knowledge cannot sit with one person. To be effective it needs to exist across the entire business.
4. The right size tech
Tech is important to any business but making sure you’re getting the right size fit for your AML needs is essential.
It might be that a nice easy simple to use platform suits you best, or you might want the full bells and whistles. Whatever you need, do your due diligence and consider the functionality you need to help make your AML obligations more efficient, and what you need to help you stay compliant.
Consider whether the tech:
- Automates identity verification and screening checks
- Manages customer due diligence documentation
- Tracks compliance workflows and activity
- Integrates with your CRM or practice management systems
- Is tailored to the risk level of your business activity
- Provides comprehensive reporting capabilities
At the end of the day technology should help, not hinder, and at the very least reduce administrative workload and support your efforts to meet AML obligations.
5. Regular audits and QAs
AML compliance is not a set and forget exercise. As your agency and regulations evolve, so too should your compliance program. It needs to be reviewed regularly alongside your compliance activity.
This can help you:
- Identify gaps in compliance procedures
- Ensure staff are following established processes
- Confirm documentation is being collected and stored correctly
- Strengthen internal controls
This will not only help you maintain high standards but also reduce the risk of regulatory breaches.
Where real estate agencies often think they’re compliant, but aren’t
One of the risks for any agency is being unaware of a lack of compliance. Agencies may believe they are doing everything right but in practice there are several common pitfalls that we’ve seen become barriers to compliance success.
Limited understanding of AML red flags
Frontline staff are critical to identifying potential suspicious activity but without training it can be difficult for agents or employees to know what constitutes a red flag or unusual activity.
Train agents on induction and as part of an ongoing program and you’ll help create a team that spots red flags and stops unusual activity from going on unnoticed.
Over-reliance on existing relationships
It is understandable that some agents assume that once you’ve done your client checks and a real estate agreement is signed everything is good to go, however after you ‘go live’ with a property, suspicious activity can still occur and must be watched out for.
Also don’t assume that long-standing client relationships remove the need for additional verification. AML regulations require ongoing customer due diligence. A client who has been verified previously may still need further checks if circumstances change.
Failure to refresh customer due diligence
As mentioned above, customer due diligence is not a one-time process. Agencies must monitor for material changes that may affect a client’s risk profile.
Examples of material change may include:
- Changes in ownership structures
- New company directors or shareholders
- Significant changes in transaction value
- New business activities or services
Ensuring your agents are well-trained in your agency procedures, and understanding how you as a business handle risk will help correctly identify material changes and what to do about them.
For example, when risk levels increase with a material change, agencies may need to apply enhanced due diligence (ECDD) measures.
Reliance on ‘cookie cutter’ risk assessment and compliance documentation
While templates can be useful, it is important you tailor your risk assessment and compliance program to your individual business. They should reflect your investor relationships, the services and products you sell, your delivery channels, and geographic location.
A ‘cookie cutter’ approach will not properly protect your business or satisfy AUSTRAC requirements.
Even though AUSTRAC has released starter kits to help tranche 2 entities begin building their AML/CTF programs, the regulator is clear that these are only a starting point. As AUSTRAC notes:
“The starter kit isn’t designed to be used as-is” and must be customised to create “an AML/CTF program that reflects your business.”
Building an AML compliance culture in real estate
Policies and procedures alone don’t prevent risk. Yes, they are important, but they are only effective when supported by the right organisational culture and people.
Start with people, not process
Compliance frameworks rely on the people responsible for implementing them. Staff need to understand why AML measures exist and how they help protect the business.
Comprehensive training sits at the heart of this. Ensure agents are ready to carry out AML procedures and are comfortable doing this. If they are well-informed and prepared the process should easily follow.
Risk is a shared organisation wide responsibility
We can’t say enough about how important this is. Organisation wide everyone is responsible for risk, everyone has responsibility to speak up, everyone has a responsibility to do the right thing.
AML compliance cannot sit solely with one compliance officer. Every role within the business plays a part, including:
- Agents who interact directly with clients
- Administrative teams who manage documentation
- Compliance officers who oversee risk management
- Leadership teams who set expectations and provide support
While your compliance officer holds a critical role it’s important they don’t feel like they’re working alone. If a compliance officer is tasked with approving everything for everyone, they’re going to look at it and feel overwhelmed. And that’s when issues emerge and where potential pitfalls can occur.
Leadership sets the tone
Leadership plays a critical role in shaping compliance culture. When leaders actively support compliance initiatives, staff are far more likely to engage with them. If leaders are not seen to champion AML activity you’re not going to get buy-in from your people, which can quickly lead to compliance gaps.
Encourage continuous improvement
As your business evolves so should your compliance procedures.
Agencies grow, the number of yearly listings change, and agents come and go. Encourage continuous improvement with ongoing training and support so you are better equipped to manage risk over the long term.
Also consider how regulatory changes and emerging financial crime trends could impact your AML procedures and training requirements.
Let people build culture and enable it
Again, your people are the key. Set them up for success with training, leadership and support, and provide them with the right technology so they can efficiently manage AML activity.
Without the right tech, they’ll be tied up working through piles of admin tasks which could lead to inaccuracies, frustration and wasted time.
Final thoughts
Australia’s tranche 2 reforms will significantly expand AML obligations across the real estate sector. Agencies will need to implement structured compliance programs, conduct customer due diligence and maintain ongoing monitoring processes.
While these requirements may appear complex at first, with some planning and preparation they can be managed effectively. Focus on clear processes, smart technology, ongoing training and a strong compliance culture. This will help put you in a strong position to meet regulatory obligations head-on while continuing to deliver efficient and trusted services to your clients.
See how other real estate agencies solved their compliance challenges to create better outcomes for their business.
CR Group
Ray White
About the author
Nicolas Charles
Nick has a background in financial services for nearly 10 years. During his time in retail finance and banking, he was directly involved in the application of AML verification and compliance, which gave him valuable skills for his current role as Head of Operations and Finance at tic company.
