New identity verification
requirements explained.
From 1 July 2026, federal law requires us to formally verify the identity of every client receiving certain professional services. This page explains clearly what that means for you — and why the process is brief and straightforward for most medical professionals.
This is a legal obligation, not a choice.
The Anti-Money Laundering and Counter-Terrorism Financing Act has been extended to accounting and advisory firms. Every firm in Australia must comply — including us.
This does not mean we suspect anything.
These checks apply to every client receiving a designated service, regardless of history or relationship length. They are blanket requirements, like the ID checks a bank runs when you open an account.
The process takes under two minutes.
For most clients, verification is a biometric check completed on your phone, two photos and you're done. We handle the rest from there.
Why we are subject to these rules
Australia's AML/CTF regime has applied to banks, financial institutions, and casinos since 2006. The recent Tranche 2 reforms extend the same framework to professional service firms whose work can involve the creation or movement of financial assets on behalf of clients.
We offer a broader range of our services, some of which qualify as designated services under the Act — specifically, any work that involves assisting you to create or restructure companies, trusts, or other legal arrangements, or to manage or deploy financial assets.
In plain terms: when we help you establish a company or trust, or implement an investment strategy, those activities are within scope. General tax advice and BAS preparation on their own are generally not — but for most Verity clients engaged in structural planning, the threshold is met.
We enrolled with AUSTRAC ahead of the 1 July 2026 commencement date. Our AML/CTF Program is documented, risk-based, and proportionate to our client profile.
Why our scope is broader than a standard accounting firm
Your verification — what actually happens
For an individual with standard Australian or internationally-issued photo ID, this is a brief, once-off process.
You receive a secure link
When you engage us for a designated service, we send you a personalised verification link via email or SMS. No app download required.
InstantTwo photos on your phone
Photograph your government-issued ID (passport or driver's licence) and take a live selfie. No data entry — the system reads your document automatically.
Under 2 minutesWe receive confirmation
Results return to us automatically — including PEP and sanctions screening where required. We record the outcome in your file and your engagement proceeds.
SecondsFor entity non-individual clients (companies and trusts), there may be a separate verification process based on government records such as ASIC data and other documents already on file. We will only contact you if we find a gap or discrepancy.
Where most clients sit
AML/CTF compliance is risk-based. The level of due diligence required is proportionate to the realistic likelihood of financial crime. Most of our clients typically sit firmly in the lower-risk category — and that shapes how straightforward your onboarding experience is.
Individual — standard profile
- Verifiable professional registration (AHPRA)
- Income from known Australian employer or billing group
- Domestic client with Australian or recognised overseas ID
- Transactions consistent with career stage and income level
- No PEP or sanctions connections
- Structures consistent with standard income planning or asset protection
Standard verification, no enhanced questioning, straightforward onboarding.
Situations that prompt enhanced due diligence
- Significant funds from overseas sources without documented origin
- Assets or entities in higher-risk jurisdictions
- Structures with no apparent commercial rationale
- Connections to Politically Exposed Persons
- Complex multi-layered arrangements with unclear ownership
- Cash-intensive business activity
We may request additional documentation — such as source-of-funds evidence — before proceeding.
What we do on your behalf, continuously
Beyond the initial verification, the law requires active monitoring for all clients receiving designated services. This runs in the background — most clients will never notice it.
Daily sanctions screening
Automated ongoing checks against the DFAT Consolidated List and international sanctions databases for all active clients.
PEP monitoring
Ongoing screening against Politically Exposed Person registers. Relevant for clients with connections to government roles.
Transaction review
At BAS time and year-end, we may review transactions for any physical cash of $10,000 or more requiring a Threshold Transaction Report.
Reverification triggers
Material changes — a significant offshore move, a restructure, a new entity — may prompt a re-verification of relevant details.
Adverse media scanning
Periodic checks for any publicly reported matters — insolvency, fraud, criminal charges — at frequencies appropriate to your risk level.
Annual compliance reporting
We submit an Annual Compliance Report to AUSTRAC and maintain our program documentation for independent review on a three-year cycle.
The questions we hear most often
No. These checks apply to every client receiving a designated service, regardless of how long we've worked together. They are not triggered by concern — they are a blanket legal requirement that takes effect from 1 July 2026.
Think of it the same way as the ID checks a bank runs when you open an account. The bank is not suggesting you are a suspect. We are not either. We are complying with the law.
If you are engaging us only for individual tax return preparation, the AML/CTF rules may not apply to that service in isolation. However, if your engagement involves entity structuring — setting up or maintaining a company or trust, obtaining a loan, or implementing an investment strategy — then yes, verification is required.
In practice, most clients are engaged at the structural advisory level, so the majority will go through the process. Where there is any doubt, we will let you know before asking you to proceed.
The process is the same. Passports from over 230 countries are supported by our verification platform, so a foreign passport is not an obstacle.
Where you have significant assets or financial connections overseas, we may ask some additional questions about the source of those funds. This is standard for anyone with international financial links and is not specific to your background or country of origin.
The new laws require formal, documented identity verification for all clients receiving designated services — including existing clients. Our longstanding relationship is genuinely valued, we will advise you if there is a legal requirement for a recorded CDD process.
For an established client, the process is typically very quick. One verification check on your phone and your file is updated. It is a once-off in most cases.
For individuals: a current government-issued photo ID — an Australian driver's licence, passport, or Medicare card with a secondary document. For most clients, a passport or driver's licence is all that is needed.
For companies and trusts: we handle most entity verification ourselves using ASIC records and trust documents already in your file. We will contact you only if we find a discrepancy or need a document we do not hold.
Each entity requires its own verification, but your personal identity only needs to be verified once. If you are a director of two companies and a trustee of a trust, you complete one personal ID check. We link it across all related entities and coordinate the full structure to keep the process as efficient as possible.
This is a more significant issue under the new rules. We are required to sight the trust deed in order to complete due diligence on a trust. If the deed cannot be located, we are not in a position to provide designated services to that trust until the matter is resolved.
Some of the options are — applying to the Court to confirm the trust's terms, or winding up and re-establishing the trust — both take time and require legal advice. If you think your trust deed may be missing, please raise it with us as soon as possible.
In uncommon situations, if we are unable to satisfactorily verify your identity, we may need to defer a designated service. This is rare. Please contact us early if you have any concerns and we will work through it with you.
Not routinely. We submit an Annual Compliance Report to AUSTRAC — this is a summary of our program's operation and does not contain individual client information.
We are required to file a Suspicious Matter Report if we form a reasonable suspicion that activity may be connected to financial crime, and a Threshold Transaction Report if we handle a physical cash transaction of $10,000 or more. For the majority of our clients, neither of these will ever apply.
No — and we are legally prohibited from doing so. Under the AML/CTF Act, disclosing that a Suspicious Matter Report has been made — or is being considered — is a criminal offence known as "tipping off." This restriction applies to every reporting entity in Australia. If we ever appear unable to discuss a particular aspect of an engagement, this legal obligation may be the reason.
Your identity verification records are required to be retained for a minimum of seven years under the AML/CTF Act. We comply with the Privacy Act 1988 in how we store and handle that information. Your data is not shared with any third party beyond what the law requires.
Personal identity data from the biometric verification process is held in a secure, separately accessed vault — not stored alongside general practice management records.
A Politically Exposed Person (PEP) is someone who holds or has held a prominent public position — a government minister, senior public servant, judge, military officer, or a close family member or associate of such a person.
We ask this of every client as part of standard onboarding. It is not a reflection of concern. PEPs are subject to enhanced due diligence under the law because their position may create higher exposure to financial crime risks. For most GP contractors and IMGs, the answer is simply no.
A note on the tipping-off prohibition
If we ever file a Suspicious Matter Report with AUSTRAC, we are legally prohibited from informing you that this has occurred. Disclosing that a report has been made — or is being considered — is a criminal offence under the AML/CTF Act known as "tipping off." This restriction is not discretionary. It applies to every reporting entity in Australia, not just us. If we ever appear unable to discuss a particular aspect of a matter, this legal obligation may be the reason.
We're happy to walk you through it.
If you have questions about how the new requirements affect your specific engagement with us, the best starting point is a short conversation with us.
Call 1300 173 103 Email Us