Corporate Group

Definition of corporate group

AUSTRAC defines a corporate group as a group of two or more related bodies corporate. Two bodies corporate are related where one is a holding company of the other, one is a subsidiary of the other, or one is a subsidiary of a holding company of the other. AUSTRAC also stresses that each body corporate is a separate legal entity with limited liability.

In the AML and CTF Act, corporate group is defined in section 123(12) as a group of two or more bodies corporate that are related to each other under section 50 of the Corporations Act 2001.

What corporate group means in practice

A corporate group can look simple or complex.

A simple corporate group might be a parent company that owns two operating subsidiaries.

A complex corporate group might include multiple holding entities, service entities, and operating entities across several states or countries.

From an AML and CTF perspective, the corporate group concept matters because customers, staff, technology, and controls often move across entities. If your governance is fragmented, you may end up with inconsistent customer due diligence, inconsistent reporting decisions, and uneven staff training.

Why corporate group matters for Tranche 2 compliance

Tranche 2 businesses often operate through multiple entities, for example separate companies for legal practice, conveyancing, property management, or trustee services. The group can also include shared services entities such as IT, finance, or client onboarding support.

Australia’s reform direction is moving away from a simple document tick approach and towards outcomes and risk mitigation. The Australian Government has explained that AML and CTF program obligations will focus on identifying, assessing and mitigating money laundering, terrorism financing and proliferation financing risk, with clearer roles for governing bodies and compliance officers.

If you have a corporate group, those governance expectations become more important. Regulators will expect you to know who is responsible for what, even if operational work is shared across group companies.

Common corporate group scenarios in Tranche 2 sectors

Professional services groups

A group may include a law firm entity, a conveyancing entity, and a trust services entity. The risk is that onboarding is done once but documented differently across entities, or that one entity accepts a customer another would reject.

Real estate networks

A group may include a franchisor entity, multiple local operating entities, and a central payments function. The risk is that staff assume group processes apply universally when legally each entity remains responsible for its own compliance.

Dealers in precious metals and stones

Groups may have a retail company, an online sales company, and a wholesaler. The risk is inconsistent transaction monitoring and inconsistent treatment of repeat customers across channels.

What, how, why, when guidance for corporate groups

What to map first

Map the corporate group structure clearly. Identify each entity, what services it provides, where customers sit, and which entity is the reporting entity for each designated service.

How to allocate responsibilities

Allocate responsibilities across the corporate group, but avoid vague statements like compliance sits with head office. Each entity needs clear accountability. Centralised operations can work, but responsibilities must be documented and governed.

Why separate legal entity matters

AUSTRAC highlights that each body corporate is a separate legal entity with limited liability. That is a reminder that compliance failures can arise when a group acts as if it is one company operationally and legally.

When to harmonise versus separate

Harmonise policies, templates, and training across the corporate group wherever possible to improve consistency. Keep entity specific variations where service lines and risk profiles differ materially.

Best practice controls for corporate groups

1. Group wide risk assessment with entity level overlays
   Adopt a consistent risk methodology across the corporate group, then tailor for each entity’s customer base, services, and delivery channels.
2. Standardised customer due diligence pack
   Use common onboarding packs, including beneficial ownership capture, source of funds prompts, and escalation pathways, with clear entity branding and accountability.
3. Centralised training with role based modules
   Train staff once in a consistent way, but ensure staff understand which entity they work for and which program applies in each engagement.
4. Shared case management and audit trail
   Where systems are shared across the corporate group, ensure audit trails show which entity made decisions and why. This is essential for defensibility.
5. Board and governance reporting
   The reformed regime strengthens expectations of governing body oversight and compliance officer roles. Corporate groups should adopt reporting packs that provide entity level risk insights and group wide trends.

Common challenges

• Staff treat the corporate group as one business and overlook entity specific obligations

• Inconsistent acceptance decisions across subsidiaries

• Shared customer records without clear accountability for compliance decisions

• Weak escalation because staff do not know which compliance officer owns the final decision

How Tranche 2 Consultants can help

Tranche 2 Consultants helps corporate groups design an AML and CTF operating model that works across entities without losing legal accountability. This includes structure mapping, responsibility matrices, program drafting, training design, and governance reporting so you are ready for 2026.

Corporate Group – Closing Note

Corporate group is not just a legal definition. It is a real operational risk factor. Tranche 2 businesses that map their group structure, assign responsibilities clearly, and harmonise controls thoughtfully will be best placed to meet Australia’s reformed AML and CTF expectations.