Reliable and independent verification: documents vs electronic data under AUSTRAC KYC

A practical guide to AUSTRAC KYC verification using reliable and independent documents or electronic data, including the two source rule, DVS, and evidence tips.

If you have not read our KYC overview yet, start here first: KYC in Australia: What AUSTRAC Expects for Customer Identification and Verification.

This article is the next step. It focuses only on verification, meaning how you confirm customer information using reliable and independent documentation or electronic data, and how to keep the evidence trail defensible.

What you will get from this article

1. What AUSTRAC means by reliable and independent 2. Document verification, what is acceptable and what to record 3. Electronic verification, the two source rule and what sources can look like 4. When to use a combination approach 5. A simple verification checklist your team can actually follow

1. Where verification fits in the KYC workflow

KYC is not one action. It is a sequence.

1. Collect identification information 2. Verify certain information using reliable and independent sources 3. Record what you did and keep evidence in a consistent place

This article covers step 2 and the evidence that supports it.

2. What "reliable and independent" means

AUSTRAC expects verification using reliable and independent documentation or electronic data, or a combination of both.

Two practical tests help:

1. Reliable: the source is credible and accurate 2. Independent: the source is not provided or controlled by the customer

As risk increases, firms should take a more conservative approach, meaning stronger sources, more corroboration, and clear decision notes.

3. Document based verification

For documents, AUSTRAC guidance expects originals or certified copies of primary or secondary documents.

Practical guidance for your team

When verifying with documents, capture these three things every time:

1. Which document or documents were relied on 2. Whether it was original sighted or certified copy 3. Which specific details were verified from it, for example name and date of birth, or name and address

Digital documents

If you accept a digital document, treat it with the same discipline:

1. Record what was sighted 2. Record the date and method 3. Store evidence or an evidence note, depending on your policy

4. Electronic data verification

For electronic data verification, AUSTRAC guidance expects at least two separate data sources to verify customer information.

This is the most commonly missed rule.

What counts as electronic data verification

Electronic verification is about confirming identity details using independent data sources. Some approaches use the Document Verification Service, but the real point is the method:

1. Use independent sources 2. Use at least two sources 3. Record exactly which sources were used and what they confirmed

What to record for electronic verification

Record these fields as a minimum:

1. Source one name and result 2. Source two name and result 3. Which customer details were verified 4. Any mismatches and how they were resolved 5. The decision note if you proceeded despite a partial mismatch

5. When to use a combined approach

A combined approach is often appropriate when:

1. One method confirms identity but not address 2. The customer is higher risk and you want stronger assurance 3. The electronic check is inconclusive and you need documents to resolve it

The goal is to make your process defensible, not to create busywork.

6. Evidence and record keeping: what makes it defensible

Verification is only half the battle. You also need a clean evidence trail.

Practical takeaway:

1. Store evidence for what you verified 2. Record verification results in a consistent note format 3. Keep your verification trail clean so it stands up under review

7. Common verification mistakes

1. Collecting documents but not recording whether they were originals or certified copies 2. Using only one electronic source instead of at least two 3. Not recording which details were verified and by which source 4. Treating verification results as binary without documenting how mismatches were resolved 5. Storing evidence inconsistently, making audits painful

8. A simple verification checklist

Use this as your baseline for each client file.

1. Confirm the customer type 2. Confirm what details must be verified for that customer type 3. Choose verification method: documents, electronic data, or both 4. If documents, record originals or certified copies and which details were verified 5. If electronic data, use at least two separate sources and record results 6. Record any mismatch and the resolution decision 7. Store evidence and a short verification note in a consistent place 8. If risk is higher, apply stronger verification and document why

9. How Nelvo helps

1. Captures the verification method chosen for each client and the details verified 2. Records which sources were used and links them to stored evidence 3. Creates a consistent verification note so your files are easier to defend during review

Disclaimer

This article is general information only and is not legal, financial, or compliance advice. It is not tailored to your circumstances. While we aim to keep content current and accurate, AML and CTF obligations and regulator guidance can change. You should obtain independent professional advice and consult AUSTRAC guidance before making compliance decisions.