What Are Designated Non-Financial Businesses and Professions (DNFBPs) in AML/CTF Compliance?

Designated Non-Financial Businesses and Professions (DNFBPs) now play a pivotal role in Australia’s efforts to combat money laundering (ML) and terrorism financing (TF). Offenders increasingly exploit these sectors using professional advisers, intricate corporate structures, and trust-based relationships to obscure and move illicit funds. The evolution of financial crime means DNFBPs receive ever-greater regulatory scrutiny across Australia and around the globe.

Australia’s Tranche 2 AML/CTF reforms are reshaping the compliance landscape for thousands of businesses across the country in 2025 and beyond. These sweeping changes bring lawyers, accountants, real estate professionals, and other DNFBPs firmly under the scope of Australia’s anti-money laundering and counter-terrorism financing (AML/CTF) regime for the first time, aligning Australia with international best practices set by the Financial Action Task Force (FATF).

Why Are DNFBPs Under the Spotlight?

DNFBPs typically handle high-value transactions, set up legal entities, or provide strategic advice, making them attractive options for criminal activity.

The Financial Action Task Force (FATF) classifies selected non-financial businesses and professional service providers as “reporting entities” obligated to comply with Anti-Money Laundering and Counter-Terrorism Financing (AML/CTF) rules.

Key milestones:

Who Must Comply? Sectors Classified as DNFBPs

The following sectors are considered DNFBPs in Australia and internationally and must fulfil AML/CTF obligations:

  • Lawyers, notaries, conveyancers, and other independent legal professionals
  • Accountants, auditors, and tax advisers
  • Real estate agents, developers, brokers
  • Dealers in precious metals, jewellery, gemstones, and high-value goods (e.g., vehicles, art)
  • Trust and company service providers
  • Casinos, online gaming, and gambling establishments
  • Insurance firms, agents, and brokers (where relevant)
  • Sports and betting operations
  • Virtual asset service providers (e.g., crypto-fiat exchanges, custodian wallet services)

Designated Non-Financial Businesses and Professions

What Are DNFBPs Required To Do? AML/CTF Duties and Checklist

While specifics can differ between jurisdictions, DNFBPs in Australia are generally required to meet similar core AML/CTF obligations as financial institutions, tailored to their unique risk profile. Each organisation must implement a program appropriate to its risk exposure, business model, and client base.

Core DNFBP AML/CTF requirements include:

  1. Establishing a risk-based AML/CTF program
    Develop, implement, and keep current a compliance program that addresses customer, service, transaction, and jurisdictional risk.
  2. Client identification and Know Your Customer (KYC)
    Apply KYC checks for new and ongoing clients, ensuring true identity is verified.
  3. Customer Due Diligence (CDD) and Enhanced Due Diligence (EDD)
    Conduct routine and heightened due diligence as required, particularly in higher-risk scenarios.
  4. Staff training and awareness
    Provide AML/CTF training to staff so they can recognise and report suspicious activity.
  5. Appointment of a Compliance or Digital Ethics Officer
    Designate responsibility for program oversight (see more on Digital Ethics).
  6. Ongoing transaction monitoring
    Monitor client accounts and transactions for red flags, including cross-border and sanctions risk.
  7. Maintaining customer records
    Keep accurate, up-to-date records of all relevant transactions and client profiles, per Australian law.
  8. Reporting obligations
    Lodge reports of suspicious transactions (SMRs), dealings with PEPs, and other high-risk activities to AUSTRAC as required.
  9. Periodic reviews and program updates
    Regularly revisit risk assessments and update the compliance program to reflect regulatory changes or emerging threats.
  10. Monitoring and reporting specific activity types
  • Suspicious transactions and activities
  • Dealings with PEPs, sanctioned persons and entities
  • Involvement with virtual currency exchanges (when restricted or illegal)
  • Transactions exceeding set thresholds
  • Prohibited goods trading or activities that raise ML/TF risks

Why Compliance Really Matters

DNFBPs are on the front lines of the battle against illicit finance in Australia. Failing to meet AML/CTF obligations can result in severe penalties, legal action, and major reputational damage. Proactive compliance not only protects your business but also strengthens the integrity of the Australian and global financial system.

Frequently Asked Questions about DNFBPs and AML/CTF Compliance

Q1: What is a Designated Non-Financial Business or Profession (DNFBP)?
A: DNFBPs are non-financial sector businesses (e.g., lawyers, accountants, real estate agents, dealers in high-value assets, and virtual asset providers) that are classified by FATF and Australian law as “reporting entities” subject to AML/CTF obligations.

Q2: Why are these sectors regulated under AML/CTF law?
A: Criminals often target these professions to launder proceeds of crime or finance terrorism, exploiting their access to large-value transactions or trust services. Regulating DNFBPs closes key gaps in the fight against financial crime.

Q3: What are the main AML/CTF compliance requirements for DNFBPs?
A: DNFBPs must implement a risk-based AML/CTF program, identify and verify clients (KYC), undertake due diligence (CDD/EDD), provide training, monitor transactions, keep records, and report suspicious behaviour and high-risk dealings to AUSTRAC.

Q4: What types of professionals or businesses are included as DNFBPs in Australia?
A: Typical Australian DNFBPs include legal practitioners, notaries, accountants, auditors, tax advisers, real estate professionals, agents handling precious metals/jewellery, casinos, and virtual asset (crypto) service providers.

Q5: How frequently should DNFBPs review their AML/CTF program?
A: Review your AML/CTF program at least annually, and after any regulatory changes, new risks, or significant alterations to your business model.

Q6: What are the risks of non-compliance for DNFBPs in Australia?
A: Risks include significant monetary penalties, suspension or loss of professional accreditation/licence, reputational harm, and even criminal liability for responsible individuals.

Q7: Where can I access official guidance for DNFBP AML/CTF compliance?
A: Start with the FATF Recommendations and the AUSTRAC resources for reporting entities.

Q8: Are crypto service providers (VASPs) treated as DNFBPs in Australia?
A: Yes, virtual asset and cryptocurrency exchanges are now regulated similarly to DNFBPs and must meet all applicable AML/CTF standards.

 

For tailored guidance, implementation checklists, or relevant updates, contact the NameScan team.