You are right, the account based model is subject to replay attacks. Actually, this is also true for the current network, if balances are not spend completely.
So, unless this is combined with a switch to UTXO (which renders replay attacks impossible as inputs are only allowed to be spend once), we would probably need some form of transaction counter for each account.