Enrol and keep details current
Enrol with AUSTRAC and keep business details up to date.

Australia's new rules are live. One monthly pack helps you secure client and transaction records, keep them for seven years, back them up, and produce evidence when asked — without the jargon.
From 1 July 2026, Anti-Money Laundering and Counter-Terrorism Financing obligations extend to these professions.
AUSTRAC’s reforms update Anti-Money Laundering and Counter-Terrorism Financing duties for reporting entities. Here is the business-friendly summary — and where an IT security partner fits.

Official detail lives with AUSTRAC. Read Changes to AML/CTF obligations: what you need to do.
Enrol with AUSTRAC and keep business details up to date.
Run a program that fits how your practice works with clients.
Complete due diligence before designated services — and keep it current.
Submit suspicious matter and other required reports on time.
Retain customer and transaction records, ready to produce on request.
Where FLYONIT fits
We don't replace your compliance advisor — we secure, retain and evidence the records your program depends on.
Access controls and monitoring so only the right people see sensitive files.
Backup and recovery so records survive mistakes, ransomware or staff changes.
Clear logs and reporting packs for audits, reviews and governance.
Under the new Anti-Money Laundering and Counter-Terrorism Financing rules, client and transaction records must be protected, retained and producible. Gaps create risk.
If identity and transaction data is poorly protected, it can be used for financial crime — and that puts your practice in the spotlight.
Failing to keep and protect required records can attract civil penalties and regulatory attention.
If you cannot produce the evidence when asked, you cannot show you met your obligations.
Ransomware, accidental deletion or staff turnover do not pause your duty to keep records safe and available.
Exposure snapshot
Typical weak spots we see before the pack is in place — scored as relative exposure, not a regulatory scorecard.

Client trust & compliance
Identity checks, transaction notes and supporting documents are commercial assets and compliance evidence. This pack treats them that way — protected, retained and recoverable.
Everything the new rules expect of your data — configured, monitored and evidenced for you. Features and outcomes, not a product catalogue.
Who can see what
Keep data safe & intact
Recover & evidence
Only the right people see sensitive client files.
Produce what regulators ask for without a scramble.
Unusual activity is flagged before it becomes a breach.
Record keeping
Customer checks, transaction notes and supporting files stay protected, backed up and ready to produce — for the full retention period.
Year 1
Records created & secured
Year 3
Still searchable & intact
Year 5
Audit-ready on request
Year 7
Full retention met
Readiness goals
Clear targets we aim for once the pack is live in your practice.
Critical data backed up
Retention controls on
Seven-year window

A short walkthrough of how client and transaction records are stored, shared and retained today.
Access controls, record protection, backup and monitoring are configured around your practice — without disrupting day-to-day work.
Ongoing watch, tested recovery, and evidence when you need to show how records are protected.
Tell us about your practice — a FLYONIT specialist will call you back within one business day. No obligation.
Straight answers on the new Anti-Money Laundering and Counter-Terrorism Financing rules, your records, and the pack.
If you are a real estate agent, lawyer, conveyancer, accountant, dealer in precious metals or stones, or a trust and company service provider, the answer is very likely yes. Australia's Tranche 2 reforms extended these obligations to those professions from 1 July 2026. That includes customer due diligence records, transaction records, and keeping them secure and producible for seven years.
Two things. First, regulators expect you to protect the client information you collect — stolen identity data is used for financial crime, so weak security is itself a risk. Second, your records are your proof of compliance: if they are lost, encrypted by ransomware, or quietly changed, you cannot show you met your obligations. AUSTRAC’s guidance on what you need to do is a good place to start; FLYONIT helps with the IT systems and record protection behind that work.
No. Enrolment, your written Anti-Money Laundering and Counter-Terrorism Financing program, customer due diligence design and suspicious-matter judgement sit with your practice and your compliance advisors. FLYONIT secures access, protects and backs up records, monitors for unusual activity on your systems, and helps you produce evidence that those controls are working.
Not in the way most practices assume. Cloud platforms protect their infrastructure, but accidental deletion, insider mistakes, sync errors and ransomware are still your responsibility. This pack adds independent backup of mail, files and collaboration data — monitored and restore-tested so recovery works when you need it.
No. Most practices already pay for tools that can do a large part of this work — they just aren't configured or monitored end-to-end. We set up what you have properly, fill the gaps in monitoring and backup, and hand you clear evidence reports. It is priced as a fixed monthly service scaled to your size.
Most practices are protected within two to three weeks — access controls first, then record protection, then backup and monitoring. There is no planned downtime, and your team keeps working normally throughout.

A 30-minute review shows where your Anti-Money Laundering and Counter-Terrorism Financing records stand — and what the pack fixes in the first fortnight.