14 min readlex-aml · Platform · Compliance

From Paper to Platform: How lex-aml Turns AUSTRAC's Starter Kits into a Live Compliance System

AUSTRAC published the starter kits. lex-aml digitises them — turning Word documents and PDF checklists into workflows, automated risk scoring, and built-in reporting across 10 modules and a 7-phase compliance lifecycle.

Sumit Arora·GetPost Labs

Brisbane, Australia·February 2026·14 min read

The Problem We Solve

AUSTRAC's starter kits are comprehensive. But they are paper documents. A three-person conveyancing practice downloading a 40-page Word document, a 30-page Process Document, and a Risk Assessment template still needs to figure out how to actually run compliance day to day. How do you track which customers have been verified? How do you know when a periodic review is due? How do you file an SMR in the right format? How do you prove to AUSTRAC that you're doing what your program says you're doing?

lex-aml takes AUSTRAC's three-step lifecycle — Customise, Use, Maintain — and turns each step into software. Every form is digitised. Every decision is tracked. Every record is retained. Every deadline is enforced.

The Three-Step Lifecycle, Digitised

How lex-aml maps to AUSTRAC's Customise, Use, Maintain framework

Customise Your Program

AUSTRAC Paper Approach

AUSTRAC says: Download the starter kit, read the Customise Guide, fill in Word documents, print and file.

lex-aml Digital Approach

lex-aml provides a guided setup wizard. Configure your organisation, designated services, risk appetite, country ratings, and personnel. Complete Personnel Due Diligence (PDD) digitally. Get senior manager approval with a tracked approval workflow. Your Risk Assessment and Policy Document are generated from your configuration — not typed into a blank template.

Platform Features

●Organisation profile with ABN, sector, designated services

●Risk appetite configuration with sliders and defaults from AUSTRAC

●Country risk ratings pre-loaded from FATF and AUSTRAC lists

●Personnel management — roles (CP, CO, GB), PDD tracking, training records

●Compliance officer appointment with fit-and-proper-person criteria checklist

●Senior manager approval workflow with digital signature and date stamp

●Version control — every change tracked, every version retained

Use Your Program Daily

AUSTRAC Paper Approach

AUSTRAC says: Use your Process Document SOPs to onboard customers, verify identity, run screening, score risk, escalate, and file reports. Keep records.

lex-aml Digital Approach

lex-aml digitises every SOP into a workflow. Onboard a customer and the system walks your staff through the CDD process step by step — collect KYC, verify identity, screen sanctions and PEP lists, assess source of funds, assign a risk rating, and flag anything suspicious. Escalations route to the compliance officer. Reports are generated in AUSTRAC format. Every decision, every check, every document is recorded automatically.

Platform Features

●CDD case management — one case per customer per designated service

●Identity verification workflow by customer type (individual, body corporate, trust)

●Sanctions screening against DFAT consolidated list

●PEP screening — domestic and foreign, with family and close associate checks

●Adverse media checks with documentation

●Source of funds and source of wealth assessment forms

●Risk scoring — automated based on your risk assessment configuration

●Escalation workflow — high-risk cases routed to CO/GB with approval tracking

●SMR, TTR, and cross-border movement report generation

●Tipping-off safeguards — restricted visibility on SMR-related cases

●Record-keeping — every action timestamped and retained for 7+ years

Maintain and Review

AUSTRAC Paper Approach

AUSTRAC says: Review your risk assessment annually. Review your program every 3 years. Conduct effectiveness checks. Provide an annual report to your governing body.

lex-aml Digital Approach

lex-aml tracks review deadlines automatically. When your annual risk assessment review is due, the system prompts your compliance officer. When an independent evaluation is required, it generates the evaluation framework. Program amendments are version-controlled. The annual report to the governing body is compiled from platform data — cases processed, risks identified, reports filed, training completed.

Platform Features

●Automated deadline tracking — risk assessment review, program review, training renewals

●Independent evaluation framework and checklist

●Program amendment workflow with version control and GB approval

●Annual report generator — compiles metrics from the platform into a governing body report

●Training management — track who has been trained, when, and on what

●Audit trail — complete, immutable log of all compliance activity

●7-year record retention with search and export

Ten Modules

Each maps to AUSTRAC's policy and process documents

lex-aml is structured as 10 modules. Each module maps to a specific section of AUSTRAC's Policy Document or Process Document. Access is role-based: Contact Person (CP) handles day-to-day customer work, Compliance Officer (CO) manages the program and files reports, and the Governing Body (GB) approves the program and high-risk decisions.

Role Definitions

Contact Person

The person who handles day-to-day customer interactions and initial CDD collection. In a small practice, this is often the practitioner themselves.

Compliance Officer

The AML/CTF compliance officer appointed under Rule 5-14. Oversees the program, reviews escalations, files reports, manages ongoing CDD. Must be a fit and proper person.

Governing Body

The senior manager or governing body. Approves the AML/CTF program, approves high-risk business relationships, receives the annual compliance report. Ultimately accountable.

Seven-Phase Compliance Lifecycle

One continuous loop — not a one-time exercise

AUSTRAC's Process Document defines a compliance lifecycle that every reporting entity must follow. lex-aml structures this as a 7-phase continuous loop. Every CDD case moves through these phases, and the platform tracks where each case sits at any given time.

Setup

Configure organisation, assign roles, appoint CO, complete PDD

Onboard

Identify customer type, collect ID documents, obtain consent

CDD

Verify identity, screen sanctions and PEP, assess risk, assign rating

Escalate

Enhanced CDD, adverse media, source of wealth, SM approval

Report

File SMRs, TTRs, cross-border movement reports to AUSTRAC

Monitor

Periodic reviews, trigger-event detection, ongoing risk assessment

Maintain

Effectiveness checks, annual review, program amendments, annual report

loops back to Monitor

The Dashboard shows a pipeline view of all cases across these 7 phases. At a glance, your compliance officer can see how many cases are in CDD, how many are escalated, how many reports are pending, and how many periodic reviews are due. This is the operational cockpit that the paper-based starter kit cannot provide.

Regulatory Alignment

How each obligation maps to the platform

The AML/CTF Act and Rules impose 8 core obligations on every reporting entity. Here is how each maps to a lex-aml module and the specific legislative provision it satisfies.

#	Obligation	What It Requires	lex-aml Module	Legislative Ref
01	Enrol	Within 28 days of providing a designated service	Organisation	Act Part 3A · Rules Part 3
02	Program	Risk-based AML/CTF program in place before providing services	AML/CTF Program	Act Part 1A · Rules Part 5
03	CDD	Verify customer identity before providing a designated service	CDD Cases	Act Part 2 · Rules Part 6
04	Monitoring	Ongoing CDD proportionate to risk	Ongoing CDD	Rules 6-37 to 6-39
05	Reporting	SMRs, TTRs, cross-border movement reports	Reporting	Act Part 3 · Rules Part 9
06	Records	7-year retention minimum	All modules	Act Part 10
07	Officer	Appoint AML/CTF compliance officer	Personnel	Act s26J · Rules 5-14
08	Training	Personnel trained and competent	Personnel	Rules 5-10 to 5-12

AUSTRAC's Program Starter Kits: What's Inside and How to Use Them

The 5 sector kits, 4 documents, and 3-step lifecycle explained.

Read article

The Three Documents That Define Australia's AML/CTF Regime

The Act, Amendment Act, and Rules.

Read article

Table 6: The 9 Services That Make Lawyers, Accountants & Conveyancers Reporting Entities

Are you caught? Full breakdown with scenarios.

Read article

References

Primary sources

AUSTRAC — Program Starter Kits Link
AUSTRAC — AML/CTF Reform — About the Reforms Link
Federal Register of Legislation — AML/CTF Rules 2025 — Part 5 (AML/CTF Programs) Link
Federal Register of Legislation — AML/CTF Act 2006 — Part 1A (AML/CTF Programs) Link

Ready to See It in Action?

lex-aml is currently in early access for Tranche 2 entities. Request access to see how the platform handles your sector's starter kit.

Request Early Access

Sumit Arora

16 February 2026

Disclaimer: This article is published by GetPost Labs Pty Ltd, a technology company building compliance software. All content is for educational purposes only and does not constitute legal, financial, or compliance advice. While we make every effort to ensure accuracy, this article may contain errors or omissions. Always refer to the authoritative text on legislation.gov.au and seek professional advice for your specific circumstances. If you spot an error or have a suggestion, please reach out to sumit@getpostlabs.io.

The Problem We Solve

The Three-Step Lifecycle, Digitised

Customise Your Program

Use Your Program Daily

Maintain and Review

Ten Modules

Seven-Phase Compliance Lifecycle

Regulatory Alignment

Related Articles

References

Ready to See It in Action?