Tranche 2: What small businesses actually need to know

A lot of small businesses are confused about what Tranche 2 actually requires, so here’s the simple version.

1. You need to classify customers by risk.
Low, medium, high. And your checks can’t be the same for all three — regulators expect to see clear differences.

2. You need a written AML/CTF Program.
It should cover how you assess risk, what controls you use, how you monitor transactions, and how you train staff.

3. Australia uses SMRs, not STR/SAR.
You lodge an SMR whenever something feels off. You don’t need proof — suspicion is enough.

4. You must keep records for 7 years.
Customer ID, risk assessments, monitoring notes, SMR‑related info, training records.

5. Common mistakes:
– Same onboarding for all customers
– No documented risk reasoning
– Confusing SMRs with STR/SAR
– No written AML/CTF Program

That’s the practical baseline most small businesses will need to meet under Tranche 2.

reddit.com
u/AfraidPineapple5064 — 4 days ago

Tranche 2 and the risk‑based approach

I’ve been working on AML/CTF automation for small businesses in Australia, and Tranche 2 has really highlighted something I keep seeing over and over — people interpret “risk‑based approach” in completely different ways.

Some treat it like a checklist they need to get through. Others approach it like a genuine investigative exercise.

With Tranche 2 pulling accountants, lawyers, real estate and other small reporting entities into the AML/CTF regime, these differences are becoming even more obvious. A lot of businesses are suddenly trying to build risk assessments for the first time, and many seem unsure about what “risk‑based” actually means in practice.

For those of you working in AML/CTF or financial crime — what do you think is the biggest misunderstanding businesses have when they try to build or update their risk assessments?

Would be keen to hear perspectives from investigators, analysts, compliance officers, and anyone involved in STR/SAR governance.

reddit.com
u/AfraidPineapple5064 — 5 days ago

How are small law firms organising the AML/CTF workflow?

I’m trying to get a sense of how small Australian law firms are organising the practical side of AML/CTF obligations. Not the legal interpretation — just the admin and workflow.

Things like:

  • onboarding checks
  • client risk levels
  • ongoing monitoring
  • keeping records in one place
  • internal documentation
  • preparing for audits
  • storing evidence

I’ve heard from a few small practices that the requirements are manageable, but the workflow can get messy when staff are busy.

If you’re in a small firm, how are you handling the operational/admin side of AML/CTF?

Interested in hearing what’s working and what’s not.

reddit.com
u/AfraidPineapple5064 — 6 days ago

How are small law firms handling the operational side of AML/CTF obligations?

I’m trying to understand how small Australian law firms are managing the operational side of AML/CTF obligations — not the legal interpretation, just the workflow.

I’ve been talking to a few small practices and the common theme seems to be that the requirements are clear enough, but the day‑to‑day process varies a lot. I’m curious how firms are organising things like:

  • onboarding checks
  • client risk categorisation
  • ongoing monitoring
  • record‑keeping
  • internal documentation
  • audit‑readiness
  • evidence storage

If you’re running or working in a small practice, I’d love to hear how you’re structuring the admin/process side of it.

Just trying to understand the real‑world workflow challenges.

reddit.com
u/AfraidPineapple5064 — 6 days ago

If you hate drafting workplace policies, this might help

I’ve been working on a small tool that helps Aussie businesses put together clean, compliant workplace policies without messing around with templates.

It’s called PolicyWriter.com.au. You pick the policy type (WHS, HR, Privacy, Code of Conduct, etc.), answer a few quick questions, and it builds the document for you.

It’s still growing, so if there’s a policy you always dread writing, tell me — I’m adding new ones based on what people actually need.

reddit.com
u/AfraidPineapple5064 — 15 days ago

I got tired of messy policy templates, so I built something simple

I’ve been working on a lightweight tool that helps Australian small businesses generate clean, compliant workplace policies in minutes.

It’s called PolicyWriter.com.au — no signup, no templates to wrestle with, and no complicated setup.

You choose the policy type (WHS, HR, Privacy, Code of Conduct, etc.), answer a few prompts, and it produces a structured, inspection‑ready document.

If there’s a policy you’d like to see added, tell me — I’m expanding the library based on real business needs.

reddit.com
u/AfraidPineapple5064 — 15 days ago

How do small businesses handle risk assessments day‑to‑day?

Hey folks — looking for some insight from people who deal with safety stuff regularly.

I’ve noticed that a lot of small businesses (especially trades, construction, and warehouses) all handle risk assessments differently. Some use spreadsheets, some use templates, some just write things down when needed.

From your experience, what’s the most common approach?

  • doing them manually
  • using a template from somewhere
  • using software
  • or only doing them when a client asks for it

I’ve been building a tool (Risk-Assessment.com.au) that helps generate risk assessments, but I’m not trying to sell anything here — I’m more curious about what actually slows people down.

Is it figuring out hazards?
Documenting controls?
Keeping everything consistent?
Or just finding the time to do it?

Keen to hear how others manage it in the real world.

reddit.com
u/AfraidPineapple5064 — 16 days ago

ow are small businesses keeping up with Fair Work changes lately?

Hey all — genuine question for other small business owners and managers.

I’ve been talking to a few people lately and it seems like everyone’s struggling to keep their HR/WHS/Fair Work stuff up to date. Policies, templates, new rules… it feels like something changes every few months.

Curious how you’re handling it on your side:

  • writing your own policies
  • using templates you found somewhere
  • paying a consultant
  • or just doing your best and hoping it’s enough

I’ve been building a little tool (PolicyWriter.com.au) that creates Aussie‑compliant policies, but I’m not here to pitch it. I’m more interested in hearing what actually causes the most pain for people.

Is it figuring out what policies you need?
Keeping them updated?
Making them readable for staff?
Or something else completely?

Would love to hear how others are dealing with it.

reddit.com
u/AfraidPineapple5064 — 16 days ago

How do small businesses usually handle workplace policies from a legal perspective?

Hey all — hoping to get some general insight from the legal-minded folks here.

I’ve been chatting with a few small business owners and noticed a lot of confusion around workplace policies (HR, WHS, privacy, etc). Not the legal advice side — more the practical side of how people usually approach it.

From your experience, what do small businesses typically do?

  • write their own
  • copy templates
  • get a lawyer to draft them
  • or something else entirely

I’m working on a small project that helps generate workplace policies, but I’m not trying to replace legal advice or pretend it’s a legal service. I’m more trying to understand where the line usually sits between “this is fine for internal use” and “you should really get a lawyer involved”.

Would love to hear how you see it from the legal side.

reddit.com
u/AfraidPineapple5064 — 16 days ago

Question for small business owners: what’s the hardest part of staying compliant with Fair Work?

I’ve been talking to a few small business owners lately (hospitality, retail, cleaning, beauty), and it seems like everyone struggles with similar Fair Work issues:

  • figuring out the correct Award
  • penalty rates
  • keeping proper time/attendance records
  • making sure rosters match the Award
  • dealing with staff disputes
  • avoiding accidental underpayment

For those of you running a small business —
what’s the part you find most confusing or time‑consuming?

I’m trying to understand the real pain points so I can see how people are handling it in practice.

reddit.com
u/AfraidPineapple5064 — 17 days ago

Building a lightweight AML/CTF workflow tool for small reporting entities — looking for feedback

I’ve been building a simple AML/CTF workflow tool aimed at small Australian reporting entities (remitters, accountants, small fintech operators, etc.) who struggle with the admin side of compliance.

The goal is to make the day‑to‑day tasks less painful:

  • customer risk assessments
  • ongoing due diligence
  • transaction notes
  • record‑keeping
  • audit‑ready logs

Trying to keep it lightweight and practical rather than “enterprise”.

If anyone here works in fintech, compliance, or small‑team operations, I’d love feedback on:

  • what parts of AML/CTF workflows are most annoying
  • what should be automated vs manual
  • whether templates or guided flows are more useful
  • anything that would make this genuinely helpful

Prototype is here: https://www.amlshieldpro.com.au (amlshieldpro.com.au in Bing)
Happy to walk through the workflow or answer questions.

Not selling anything — just building in public and looking for feedback.

reddit.com
u/AfraidPineapple5064 — 19 days ago

Looking for feedback on a simple documentation workflow for small employers

I’ve been working on a lightweight tool for small Australian employers (Fair Work Shield) to help organise notes, timelines and basic documentation. It’s not legal advice or award interpretation — just a simple workflow to keep things clear and consistent.

I’m trying to understand whether the workflow feels too heavy, too light, or generally practical for small teams. I’d really appreciate feedback on the structure and usefulness of things like:

incident and conversation logs

notes/timeline tracking

document organisation

simple admin workflows for small teams

My goal is to make the process easier for small operators who don’t have HR systems or formal processes.

Any thoughts on what feels helpful, unnecessary, or missing would be super valuable.

Not selling anything — just looking to improve the workflow based on real‑world feedback.

reddit.com
u/AfraidPineapple5064 — 23 days ago

Looking for feedback on a WHS workflow I’m building for small businesses

I’ve been working on a WHS workflow for small Australian businesses and I’m trying to sanity‑check whether the structure makes sense.

The goal is to help small teams (cafés, tradies, retail, small offices, etc.) handle the basics:

  • hazard identification
  • risk assessment
  • control measures
  • incident reporting
  • WHS documentation
  • simple templates

I’m not trying to sell anything — just want to make sure the logic is practical and not over‑engineered.

If anyone here works in WHS, safety, or manages a small team, I’d really appreciate feedback on whether the flow is reasonable.

Here’s the workflow if you want to look at it:
https://linktr.ee/nexuslinks_hub

Happy to adjust anything based on your experience.

reddit.com
u/AfraidPineapple5064 — 24 days ago

WHS compliance workflow walkthrough for Australian small businesses (feedback welcome)

I’ve been working on a structured way to help small Australian businesses organise their WHS obligations more clearly and consistently.

This walkthrough shows the workflow I’ve been experimenting with, including:

  • Hazard identification and risk assessment steps
  • Incident reporting structure
  • Safety tasks and recurring checks
  • Register management (hazards, incidents, training, equipment)
  • How responsibilities and actions link together
  • A simple way to keep WHS tasks visible and repeatable

I’m sharing this to get feedback from people who work in WHS, safety management, or compliance. I’m especially interested in whether the workflow structure makes sense, whether anything important is missing, and how the overall approach could be improved.

This is not a sales post — just looking for professional input so I can refine the structure.

Happy to answer questions or clarify anything.

reddit.com
u/AfraidPineapple5064 — 1 month ago

AML/CTF compliance workflow walkthrough for Australian small businesses (feedback welcome)

I’ve been working on a structured way to help small Australian businesses understand and organise their AML/CTF obligations.

This walkthrough shows the workflow I’ve been experimenting with, including:

  • AML/CTF risk assessment structure
  • Customer due diligence steps
  • Record‑keeping requirements
  • Reporting obligations
  • Internal controls and governance
  • How the tasks connect into a repeatable workflow

I’m sharing this to get feedback from people who work in AML/CTF, compliance, risk, or financial services. I’m especially interested in whether the structure makes sense, whether anything important is missing, and how the workflow could be improved.

This is not a sales post — just looking for professional input so I can refine the approach.

Happy to answer questions or clarify anything.

u/AfraidPineapple5064 — 1 month ago

A Fair Work compliance tool I’m building

I’ve been exploring ways to simplify how small Australian businesses understand and organise their obligations under the Fair Work Act 2009 (Cth).

I recorded a walkthrough showing the approach I’m using to structure:

- NES requirements

- Award interpretation steps

- Employment documentation

- Record‑keeping

- Policy organisation

- Onboarding processes

- Audit preparation

I’d really appreciate feedback from WHS, HR, and compliance professionals on whether the structure makes sense and what could be improved.

This is purely for learning and feedback — not promoting anything.

Happy to answer questions about the logic or workflow.

u/AfraidPineapple5064 — 1 month ago