Using AUSTRAC’s starter kits: A practical guide

Smaller firms have long been prime targets for criminals seeking to exploit their professional status to mask illicit wealth through complex trusts, business structures, and legitimate-looking transactions. However, with the release of Australia’s federal Anti-Money Laundering regulator, AUSTRAC’s AML/CTF program starter kits, small firms, including those with limited resources, now have access to a practical, purpose-built framework designed to level the playing field.

These kits provide essential tools, including sector-specific risk assessment templates, customer due diligence policies, and practical red-flag indicators, enabling small firms to identify their specific vulnerabilities. By following the step-by-step guides, firms can transition from a position of risk to one of resilience, implementing the necessary controls to close operational gaps and protect their business from criminal exploitation.

Why the AML/CTF landscape is changing

Australia is moving toward stronger expectations for gatekeeper professions, but the purpose is straightforward: to protect businesses, communities, and the broader economy from being exploited by financial crime.

For small firms, this doesn’t mean complicated systems or reams of documentation. It means bringing a bit more structure to things you already do, understanding your clients, spotting red flags early, and keeping simple records of important decisions.

Why AUSTRAC’s starter kits are a game changer

The starter kits are a positive development, and globally, they’re a first. No other regulator has released something this simple, this practical, and this tailored to small, low-complexity firms. And more than that, they send a signal that matters:

• Small businesses aren’t expected to know everything
• You’re not meant to drown in compliance
• Effort and intent matter.

Used well, the kits give firms a solid foundation to build on, without the guesswork, endless searching, or copying another firm’s documents. Their real value comes from tailoring them to your actual clients, services and unique risk profile, rather than treating them as rigid, one size fits all templates.

Where should small firms start?

With the reforms now real and the expectations clearer, small firms can make meaningful progress by concentrating on a handful of straightforward, doable steps:

1. Create a short, honest risk assessment – it doesn’t need to be complicated, focus on who you normally deal with, what “unusual” might look like, and the small number of scenarios that genuinely worry you
2. Map your onboarding journey – chances are you already collect much of what you need. This is about adding one or two sensible checks, not rebuilding your process
3. Nominate an AML/CTF lead – every firm needs someone who can make a call when something doesn’t quite feel right. This can be a partner, manager, or even someone who’s simply organised and pragmatic
4. Tailor the starter kits, don’t copy them – replace generic examples with real ones, remove what doesn’t apply, keep the language natural and not regulatory
5. Talk to clients early – a simple explanation, such as “We’re updating our risk processes in line with new national reforms”, goes a long way in managing expectations.

The pitfalls you want to avoid

We often see small firms fall into the same traps:

• Copying templates word-for-word – regulators care about relevance and intent
• Overbuilding controls – your AML/CTF approach should reflect your size
• Not documenting decisions – often, a very brief note is enough; consistency beats complexity every time.

A simple, consistent approach beats overcomplication every time and avoiding these pitfalls will keep your program both compliant and genuinely workable.

Katie Bourne is a forensic services director at BDO.