DFAT published guidance for real estate agents in March 2026. Most agencies haven't seen it.
Australia has two compliance regimes that apply to real estate agents from 1 July 2026. AUSTRAC covers AML/CTF obligations. DFAT covers sanctions. Both are mandatory. Most agents only know about one.
Your AUSTRAC enrolment doesn't cover your sanctions obligations. A separate piece of law does.
Most AML/CTF guides for real estate focus on AUSTRAC — enrolment, your program, customer due diligence, suspicious matter reports. All of that matters. But there is a second compliance layer that gets far less coverage.
In March 2026, the Australian Sanctions Office (part of the Department of Foreign Affairs and Trade) published a dedicated guidance note for real estate professionals and conveyancers. It covers your obligations under Australia's sanctions laws — a framework that runs alongside AUSTRAC's rules, not inside them.
The fastest way to have both covered
Before the detail, the practical path if you haven't started yet:
- Sign up to AML Simple — around 2 minutes. Enter your ABN and AML Simple pulls your registered business details automatically. Your organisation profile is pre-filled.
- Use the AUSTRAC Enrolment Cheat Sheet — around 5 minutes. Open AUSTRAC Connect in one tab, open the Cheat Sheet in another. Every field AUSTRAC needs is pre-filled from your account.
- Run the AML/CTF Program Generator — around 15 minutes. The wizard asks the right questions about your agency and generates your program document, consistent with AUSTRAC's Program Starter Kit structure. Sanctions screening against the DFAT Consolidated List is built into the CDD workflow.
Enrolled, program built, sanctions screening set up. That covers both compliance regimes from 1 July 2026.
Prefer to understand what's involved? The rest of this post walks through both frameworks.
Two frameworks, not one
The AML/CTF framework (under the Anti-Money Laundering and Counter-Terrorism Financing Act 2006) requires you to enrol with AUSTRAC, maintain an AML/CTF program, conduct customer due diligence, and report suspicious matters.
Separately, Australia's sanctions laws (under the Autonomous Sanctions Act 2011 and the Charter of the United Nations Act 1945) prohibit dealing with individuals or entities subject to Australian or United Nations sanctions. These obligations apply to all Australians, not just AUSTRAC-regulated entities. They exist whether or not you have enrolled with AUSTRAC.
The two frameworks overlap in practice. AUSTRAC's CDD rules require you to screen clients against the DFAT Consolidated List — so your CDD process is where most agencies will operationalise their sanctions checks. But the underlying sanctions obligation comes from a different piece of legislation.
Sanctions offences under the Autonomous Sanctions Act 2011 and the Charter of the United Nations Act 1945 are strict liability. That means if you deal with the assets of a sanctioned person, you may be committing an offence regardless of whether you knew they were listed.
The DFAT guidance note published in March 2026 makes this explicit for the real estate sector for the first time.
What DFAT identifies as the risk for real estate
DFAT identifies real estate as a high-risk sector for sanctions evasion. The reasons it gives are consistent with AUSTRAC's own risk assessments:
- High transaction values
- Cross-border buyers
- Complex ownership structures, including trusts and foreign entities
- The ability to obscure beneficial ownership through corporate layers
The guidance is specifically aimed at helping real estate professionals understand where their obligations come from and what is expected.
The Consolidated List — what it is and how it works
DFAT maintains the Consolidated List — a single database combining United Nations Security Council sanctions and Australia's autonomous sanctions. It is available at dfat.gov.au.
The list includes individuals, companies, and entities that are subject to sanctions designations. It is updated as new designations are made.
Sanctions checking is not a one-time step at onboarding. A client who was clear at the start of a transaction can be listed at any point before it settles. Your CDD process needs to account for the possibility that the list changes during a transaction.
For each client you screen, the practical steps are:
- Run the check at initial CDD, before providing a designated service
- Re-screen when the Consolidated List is updated — AUSTRAC guidance treats the Consolidated List as a live document that requires regular checking, not a one-time reference
- Document the screening result and the date it was run
- If a potential match arises, review the identifying details carefully before dismissing or confirming
What to do if you get a confirmed match
Most potential matches will be false positives — a similar name, a different country, a different date of birth. Document your reasoning and move on.
A confirmed match is a different matter.
Dealing with a sanctioned person is a criminal offence. Stop the transaction. File a Suspicious Matter Report with AUSTRAC. Seek legal advice about your obligations, including whether assets need to be frozen. Do not inform the client they have been flagged — this may constitute tipping off, which is itself an offence.
What your agency needs in place from 1 July 2026
For the AML/CTF layer: enrolment with AUSTRAC, a written program, identity verification and CDD records for every client, a named compliance officer notified to AUSTRAC by 29 July 2026, and staff training completed before obligations start.
For the sanctions layer: a consistent process for screening clients and beneficial owners against the Consolidated List, applied at onboarding and whenever the list updates, with documented decision records when matches arise.
If you run sanctions screening through your CDD workflow, you are covering both obligations in a single step. Under the AML/CTF Act 2006 (s 107), your AML/CTF records must be retained for seven years. Keeping your sanctions screening decisions within the same record-keeping system means both sets of records are captured together.
AML Simple runs sanctions and PEP screening against the DFAT Consolidated List as part of every client's CDD workflow. Every result is timestamped and stored against the client record automatically.
Start your AML program at AML Simple — the first three steps take under 25 minutes.
General information only, not legal or compliance advice. For guidance specific to your agency's circumstances, consult a qualified AML/CTF compliance professional.
Sources: