16 September 2025
8 min read
Published by:
Significant changes are on the way for real estate agents and property developers. Under the updated 2025 Anti-Money Laundering and Counter-Terrorism Financing (AML/CTF) rules, real estate agents who broker the sale, purchase, or transfer of real estate, as well as property developers involved in off-the-plan sales or transfers not brokered by an independent agent, can now rely on the collection and verification of know your customer (KYC) information as part of initial customer due diligence (ICDD), previously carried out by another reporting entity or foreign equivalent. While this added convenience is available, it also brings ongoing responsibilities that must be carefully managed.
From 31 March 2026, these new rules for real estate agents and property developers providing designated services will officially take effect and will be enforceable as of 1 July 2026. Although these requirements may seem challenging at first, compliance can become more manageable by strategically relying on third parties to collect and verify KYC information.
The updated rules now provide clear guidance on what is required when relying on another reporting entity or a foreign equivalent for ICDD verification and information collection. This process must be fully documented in Part B of an AML/CTF program. Division 8 of Part 6 in the 2025 AML/CTF Rules does not apply to ‘outsourcing’ or conducting customer due diligence (CDD) through agency arrangements. Instead, these provisions address situations where real estate agents and property developers rely on KYC information collected during CDD by another reporting entity or foreign equivalent, either under a CDD arrangement or agreement, or on a case-by-case basis.
For formal CDD arrangements or agreements, the other party must be a reporting entity or a foreign equivalent regulated by laws aligned with FATF recommendations on CDD and record keeping. The chosen framework must be suitable for the money-laundering (ML), terrorism financing (TF) and proliferation financing (PF) risks of the relying entity. This involves careful consideration of the nature, size and complexity of the other party’s business, their customer base, and the jurisdiction in which they operate. In scenarios involving higher risk or more complex services and customers, particular attention must be paid to whether the other business can perform initial CDD (ICDD) to the required standard.
Prior to commencing any designated service, unless delayed ICDD is permitted, the relying entity is obligated to obtain KYC information from the other party. Access to copies of the data used for KYC verification should be immediate, such as through an IT system, or as soon as possible after a request. Importantly, the allocation of responsibilities including clear record-keeping obligations for each party, must be explicitly set out within the arrangement or agreement to ensure both clarity and accountability.
The 2025 AML/CTF Rules place a clear emphasis on the regular review of formal CDD relationships. Reporting entities are required to assess whether these continue to meet the requirements of section 6-29 of the 2025 AML/CTF Rules. The frequency of assessment should reflect the level and type of ML, TF and PF risks relevant to the designated services, with a maximum interval of two years between reviews. Importantly, these assessment obligations are directed specifically at formalised partnerships of this kind. If there is a significant change in circumstances, an immediate reassessment is required to ensure ongoing compliance.
The 2025 AML/CTF Rules do not extend this periodic review requirement to case-by-case reliance. This targeted approach helps maintain the effectiveness and reliability of CDD processes in response to changing risk environments and regulatory expectations. For case-by-case reliance, the requirements are similar but apply to specific situations. Reliance is restricted to another reporting entity or foreign equivalent and must be appropriate to the ML, TF and PF risks of the customer, considering the other party’s business and customer base. The relying entity must have reasonable grounds to believe it can obtain all KYC and verification data before providing the service, or later if delayed ICDD is allowed. As with formal arrangements, the respective responsibilities of each party should be clearly documented to support ongoing compliance and oversight.
The consequences of failing to perform ICDD depend on the structure of the reliance. If a real estate agent or property developer uses a formal, ongoing CDD arrangement or agreement, they are still responsible for fixing any problems with their own customer checks. As long as these issues are addressed, they are considered to have collected and verified the required KYC information.
If reliance is done on a case-by-case basis, the rules are stricter. If the other party did not actually collect or verify the required KYC information, the relying business is not considered to have met its own KYC obligations. In these cases, the business cannot claim it completed the required checks unless the other party truly did them.
Imagine a real estate agent or property developer working on a property sale with other professionals, such as lawyers. Instead of repeating KYC checks for the same client, they can streamline onboarding by relying on the KYC process already completed by another party involved in the transaction. This approach saves time, reduces hassle for clients, and makes business operations more efficient.
However, this shortcut is subject to important conditions. Under the latest AML/CTF rules, reliance on another party is only allowed if it is a regulated reporting entity or a foreign equivalent that meets FATF standards. Any arrangement with a regulated third party must be tailored to address the risks of ML, TF, and PF, considering the other party’s business operations and customer base.
When relying on a third party for ICDD, it is essential to obtain all required KYC information before providing any designated services, unless the rules allow for delayed ICDD. Timely access to all verification data is crucial, and an agreement should clearly outline each party’s responsibilities, including who will be responsible for record-keeping.
To stay ahead of financial crime risks, all agreements and arrangements with third parties must be reviewed regularly. A reporting entity must assess whether the agreement or arrangement continues to meet the standards for CDD arrangements. The timing of reviews should reflect the ML, TF, and PF risks of the services provided, but must occur at least every two years. If there is a significant change in circumstances, such as shifts in customer type, new services, or regulatory updates, an immediate review is required.
Reliance is not a ‘set and forget’ solution. The AML/CTF framework requires ongoing attention to ensure agreements and arrangements remain effective and compliant. Findings from each review should be recorded, noting the compliance status, any issues identified, and actions taken to resolve them. Keeping these records up to date demonstrates a commitment to compliance and provides important evidence if the agency or developer is audited or reviewed by regulators.
For both real estate agents and property developers, wise reliance on KYC information can make business smoother, faster, and more client-friendly, as long as all requirements are met. Maintaining robust reliance agreements, conducting thorough risk assessments, and ensuring that reviews are properly documented and acted upon will support ongoing compliance with the AML/CTF regime and help safeguard the integrity of Australia’s property market.
Our key takeaways for real estate agents and property developers include:
By following these steps, reporting entities can confidently meet regulatory obligations and help create a safer, more transparent property industry. Vigilance, informed decision-making, and strong compliance practices are essential for ongoing success.
For a refresher, see our previous article on the AML/CTF obligations for the real estate sector.
If you have questions about the AML/CTF laws or need support in developing a compliance program that meets your legal obligations, please contact us here.
Disclaimer
The information in this article is of a general nature and is not intended to address the circumstances of any particular individual or entity. Although we endeavour to provide accurate and timely information, we do not guarantee that the information in this article is accurate at the date it is received or that it will continue to be accurate.
Published by:
