KYC Workbench

The KYC Workbench is where you manage the complete customer due diligence lifecycle — from initial identification and verification through to ongoing monitoring and scheduled reviews. It is your primary tool for meeting your CDD obligations under the AML/CTF Act.

Designated Service Management

Before you can perform CDD, you need to understand which of your services are designated services under the AML/CTF Act — these are the services that trigger your CDD obligations.

Verifia pre-loads designated service types based on your industry:

You can view and manage your designated services in Settings > Designated Services. Your Compliance Officer can add custom service types. Activities that are not designated services (general advice, market appraisals, etc.) do not trigger CDD — Verifia provides clear guidance to help staff distinguish.

Every KYC case must be linked to a specific designated service, establishing the legal basis for your CDD obligation.

Adding a Customer

You can add customers directly or from within a matter. Starting from a matter automatically links the customer and triggers the appropriate workflows.

Guided Client Onboarding Wizard

Verifia walks you through a step-by-step intake process tailored to your industry and the customer type:

1. Select customer type — Individual, Company, Trust, or Partnership
2. Complete customer-type-specific fields — the form adapts based on the type you selected, collecting all AUSTRAC-required information. Each field includes inline guidance explaining why it is needed.
3. Automatic risk factor assessment — Verifia evaluates the customer information against your industry's risk factors
4. CDD tier determination — the system calculates whether Simplified, Standard, or Enhanced CDD is required
5. Decision point — proceed with CDD, escalate for review, or flag concerns

Industry-specific customer creation

• Real Estate: When creating a property brokering transaction, Verifia prompts you to add both the buyer and the seller as customers, each requiring independent CDD (dual-party CDD). Property developers selling their own stock only need buyer CDD.
• Precious Metals: The system checks whether the transaction meets the $10,000 physical currency/virtual asset threshold that triggers your designated service obligations
• Legal Profession: You are asked to link the customer to a service category (conveyancing or trust/company services) if your practice provides both

Creating a KYC case

Once a customer is added, create a KYC case to begin the formal verification process:

1. Click Create KYC Case on the customer profile
2. Verifia automatically determines the CDD tier (Simplified, Standard, or Enhanced) based on the customer's initial risk assessment
3. A verification checklist is generated based on the CDD tier requirements

CDD tier verification requirements

Enhanced CDD — Senior Management Approval

When a KYC case requires Enhanced CDD, it cannot be approved without senior management sign-off. This is an AUSTRAC requirement for all high-risk customer relationships.

1. The KYC case proceeds through normal verification steps
2. When the case reaches Pending Approval status, a notification is sent to senior management
3. Senior management reviews a dedicated approval queue showing all pending ECDD cases
4. The approval form requires confirmation that: source of funds has been reviewed, adverse media has been assessed, and the risk is accepted
5. Only after senior management sign-off can the Compliance Officer move the case to Approved

Sending a KYC link

For customers who need to provide identity documents and undergo verification:

1. Click Send KYC Link on the KYC case
2. Verifia generates a secure, branded verification link
3. The customer receives the link via email
4. They self-serve: upload identity documents, complete biometric verification, and sign the privacy consent
5. Verification results flow back into Verifia automatically and are attached to the KYC case

The KYC link is time-limited and single-use. You can resend it if needed.

Reviewing verification results

Once verification data is received:

1. Review the eKYC verification results — identity match confidence from the Document Verification Service (DVS)
2. Check sanctions and PEP screening results — review any matches and determine whether they are true matches or false positives
3. For Enhanced CDD: review source of funds/wealth documentation — assess whether the explanations are plausible and adequately supported
4. Review the customer's risk rating — Verifia calculates this based on customer attributes, transaction context, and screening results
5. Make your decision:
   • Approve — CDD is satisfactory; the customer can receive the designated service
   • Request more information — ask the customer for additional documents or clarification
   • Escalate — flag for senior review, Compliance Officer assessment, or SMR consideration
   • Refuse — CDD cannot be satisfactorily completed; the designated service must not be provided (see CDD Tiers for guidance on refusing service)

All decisions are recorded in the audit trail with timestamps and the decision-maker's identity.

UBO analysis

For entity customers (companies, trusts, partnerships), you must identify the ultimate beneficial owners — the natural persons who ultimately own or control the entity:

1. Navigate to the UBO Analysis tab on the customer profile
2. For companies: enter the ACN and Verifia fetches current data from ASIC (directors, shareholders, registered address)
3. For trusts: upload the trust deed and the AI parser identifies key parties (settlor, trustee, beneficiaries, appointor)
4. Review the ownership graph showing all beneficial owners and their ownership/control percentages
5. Verify that all UBOs meeting the 25% ownership or control threshold are identified
6. Each identified UBO may require their own CDD — Verifia creates linked customer records as needed

For complex multi-layered structures, Verifia traces ownership through all entity layers and displays the full ownership chain visually.

Ongoing due diligence

Verifia automatically schedules CDD reviews based on the customer's risk tier:

• Low risk (Simplified CDD): Review every 3 years
• Medium risk (Standard CDD): Review every 2 years
• High risk (Enhanced CDD): Review every 12 months

When a review is due, it appears in your Smart To-Do list on the dashboard with the customer's name, risk tier, and the review due date.

Triggered reviews

In addition to scheduled reviews, Verifia triggers an immediate review when:

• A sanctions or PEP screening match is detected (e.g., through ongoing monitoring or batch rescreening)
• The customer's risk rating changes based on new information
• Suspicious transaction activity is flagged by monitoring rules
• Adverse media is identified in ongoing screening
• You manually flag the customer for reassessment

Delayed CDD (Real Estate only)

For auction scenarios where the buyer is only identified after the hammer falls:

1. Create the KYC case and select Delayed CDD
2. Provide a justification (e.g., "Auction sale — buyer identified post-hammer")
3. The system sets a deadline (default: 5 business days, configurable) for completing verification
4. The transaction can proceed while CDD is in progress
5. Overdue delayed CDD cases trigger escalating alerts — first to the assigned staff member, then to the Compliance Officer

Delayed CDD should only be used when genuinely necessitated by the circumstances. See the Real Estate industry guide for details.

Third-Party CDD Reliance

The AML/CTF Act allows you to rely on CDD that has already been completed by another reporting entity — for example, a legal practitioner may rely on CDD performed by the real estate agent for the same customer.

To use third-party CDD reliance:

1. In the KYC case, select Rely on Third-Party CDD
2. Record the required details:
   • Third-party entity name and ABN
   • Date the CDD was completed
   • Scope of the CDD relied upon
3. Confirm that the third party is a reporting entity regulated under the AML/CTF Act

The case is marked as verified via Third-Party Reliance (rather than self-verified), and the reliance record is preserved in the audit trail. Note that even when relying on third-party CDD, your ongoing due diligence obligations still apply — you remain responsible for monitoring the customer relationship.

Ending a Customer Relationship

When a business relationship with a customer ends, use the End Relationship workflow to ensure proper compliance closure:

1. Navigate to the customer profile and click End Relationship
2. Verifia checks for any outstanding compliance tasks:
   • Open KYC cases that need to be resolved or closed
   • Pending alerts that need to be actioned
   • Unresolved matters linked to this customer
3. Close all active cases and mark records for retention
4. Set the retention period (default: 7 years from the date of the last transaction or service)
5. All related documents are archived to the Compliance Vault
6. A relationship termination summary is generated and recorded

Customers with active, unresolved KYC cases cannot have their relationship terminated — this prevents accidental data loss. The entire process is recorded in the audit trail.