Customer identification


Since 12 December 2007, reporting entities have been required to identify their customers under the Anti-Money Laundering and Counter-Terrorism Financing Act 2006 (AML/CTF Act).

When does a customer need to be identified?

A reporting entity must verify a customer's identity before providing a 'designated service' to the customer. Designated services are listed in section 6 of the AML/CTF Act.

In special cases, an identification procedure may be carried out after providing a designated service. Currently the Anti-Money Laundering and Counter-Terrorism Financing Rules Instrument 2007 (No. 1) (AML/CTF Rules) provide special circumstances for certain online gambling services.

Who is a customer?

The AML/CTF Rules set different identification and verification requirements for different types of customers:

  • individuals (including sole traders)
  • companies (both domestic and registered foreign companies)
  • trustees
  • partnerships
  • incorporated and unincorporated associations
  • registered co-operatives
  • government bodies.

How are customers identified?

Under the AML/CTF Act, reporting entities are required to have an AML/CTF program. 'Part B' of the AML/CTF program must set out the reporting entity's 'applicable customer identification procedures'. Specific requirements are set out in the AML/CTF Rules.

The AML/CTF Act also allows for authorised agents of a reporting entity to carry out customer identification on behalf of the reporting entity.

Do existing customers need to be identified?

In most cases an existing ('pre-commencement') customer is not required to be identified, unless a suspicious matter reporting obligation arises regarding that customer.

Certain 'know your customer' (KYC) information may need to be collected and/or verified regarding a customer who has previously been identified, if the reporting entity later suspects on reasonable grounds that the customer is not the person they claim to be.

What are low-risk services?

The AML/CTF Rules may specify that a particular designated service is a 'low-risk' service. A customer of a low-risk service need not be identified unless a suspicious matter reporting obligation arises relating to that customer. Currently, the AML/CTF Rules do not specify any low-risk services.

Can reporting entities share customer identification?

Under the AML/CTF Act, in conditions specified by the AML/CTF Rules, it is possible for a reporting entity to rely on a customer identification procedure carried out by another reporting entity. Currently this only applies to licensed financial advisers and designated business groups and does not include record-keeping obligations.

What is ongoing customer due diligence?

From 12 December 2008, reporting entities have had 'ongoing customer due diligence' obligations under the AML/CTF Act and AML/CTF Rules. Refer to Ongoing customer due diligence for more information.

What are the record-keeping requirements?

Under the AML/CTF Act, a reporting entity must make and retain a record of its applicable customer identification procedures. The record must be retained for seven years after the end of the reporting entity's relationship with the relevant customer.

Are there exemptions from the identification obligations?

Under the AML/CTF Rules, a designated service can be exempted from:

  • all identification provisions
  • one or more identification provisions
  • all identification provisions where a service is provided in specified circumstances
  • one or more identification provisions where a service is provided in specified circumstances.

The AML/CTF Act also exempts reporting entities' permanent establishments in foreign countries (that is, not in Australia).

Certain designated services relating to pensions, annuities, superannuation and retirement savings accounts are exempt from the customer identification provisions, but not from ongoing customer due diligence. These designated services are defined in items 40, 42 and 44 of table 1 in section 6 of the AML/CTF Act.

Australian financial services (AFS) licence holders are exempted when arranging for an item 40, 42 or 44 service to be provided to a person (where that is the extent of the service provided by the AFS licence holder, under item 54 of table 1). For more information about item 54, see Non-banking financial services and Public Legal Interpretations.

What about 'cash dealers' under the FTR Act?

Account opening requirements under the Financial Transaction Reports Act 1988 (FTR Act) will continue to apply to 'cash dealers' who do not offer designated services as reporting entities under the AML/CTF Act.

Further information

AUSTRAC has produced various educational tools and publications to assist reporting entities with their customer identification obligations. These include:

  • 'AML/CTF programs' web page
  • AUSTRAC Regulatory Guide (in particular, chapters 2, 3 and 4)
  • brochure series
  • customer identification sample forms
  • e-learning courses
  • guidance notes
  • 'Identifying agents of customers' web page
  • 'List of certifiers' web page
  • 'Ongoing customer due diligence' web page
  • Public Legal Interpretations

The above can be accessed from the quicklinks on this page.

AUSTRAC has also produced a fact sheet about identification requirements in general. Reporting entities can use this fact sheet as a handout to customers or whoever is conducting the transaction, to explain why they could be requested to show identification or to provide details about themselves in relation to the AML/CTF Act. 


Related information



AML/CTF programs


Brochure series

Customer identification forms

Designated business groups

E-learning courses


Guidance notes

Identifying agents of customers

List of certifiers

Non-banking financial services

Ongoing customer due diligence

Public Legal Interpretations

Regulatory Guide

Suspicious matters


Last modified: ...


© Commonwealth of Australia - AUSTRAC 2014