You should provide training to ensure your staff can implement and consistently apply your alternative identification procedures. 

It is also best practice to implement a process to: 

• monitor how effective your alternative identification procedures are
• identify potential improvements that will further support your customers. 

Allowing additional time to provide standard identification documents

You may use alternative identification to provide services to customers facing short-term barriers to accessing standard identification. For example, customers affected by a natural disaster or family and domestic violence. You can use alternative identification to provide services while they replace or update standard identification.

You should ask the customer to provide the standard identification documents when they become available. 

Customers facing long-term barriers 

When a customer is facing long-term barriers to accessing standard identification, you can continue to rely on alternative forms of identification.

Many customers face systemic and ongoing barriers to accessing standard identification documents. This can include customers who experience long-term homelessness or live in remote areas. 

AUSTRAC recommends that you move the customer to standard identification if long-term barriers are resolved. However, you should be mindful that in some cases the customer’s circumstances may not change. 

Changes in a customer’s ML/TF risk profile

A customer’s ML/TF risk profile may change after you accept alternative identification. For example, you may identify a change in their behaviour or expected financial transaction patterns.

You can continue to rely on existing alternative identification procedures when you manage and reduce the risks. AUSTRAC recommends you mitigate and manage the risk through appropriate controls before you consider declining or withdrawing services. 

You may use enhanced customer due diligence (ECDD) measures to mitigate and manage the risks. You must apply ECDD if a customer’s ML/TF risk has increased to high. ECDD measures may include:

• collecting and/or verifying additional KYC information
• increasing monitoring of the customer’s transactions
• imposing limits on the account 
• undertaking source of funds checks.

Example: Customer’s risk rating increases due to unusual transactions

A bank assesses a customer to be a low ML/TF risk. They are also satisfied that the customer cannot access standard identification documents. 

The bank discusses what alternative identification documents the customer can access. The bank accepts a written reference from the customer’s employer and opens a bank account for them.

The bank later detects unusual transactions on the customer’s bank account. This includes large cash transactions that cannot be connected to any legitimate source. The bank re-assesses the ML/TF risk of the customer as high. 

The ML/TF risk is connected to the source of the customer’s funds, not their identity. The bank conducts a source of funds check under their ECDD program. While they do this, the bank does not require the customer to provide any further identification documents. The source of funds check establishes that the large cash payments came from a legitimate source – gifts from family members following the customer’s wedding. 

The bank reassess the customer’s risk rating as low. The bank does not require further identification information.

Alternative identification options

Alternative identification options may include one or more of the following:

• a referee statement 
• Government correspondence, including documents from state or territory corrective services
• confirming a person’s identity with reputable organisations or bodies known to them (for example, Aboriginal and Torres Strait Islander organisations or community health organisations) 
• a community ID or organisation membership card for Aboriginal and Torres Strait Islander peoples
• recently expired identification
• a customer’s self-attestation of their identity.

This list is not exhaustive and you may use other sources to verify the customer’s identity. 

Referee statements

AUSTRAC recommends the referee should be someone who: 

• holds a position of trust in the community, and 
• has an existing relationship with the individual.

Suitable referees may include a:

• school principal, teacher or counsellor
• current or former employer or manager
• medical practitioner (e.g. doctor, nurse, midwife, dentist, community health professionals, psychologist)
• minister of religion 
• police officer
• financial counsellor, advisor, planner or capability worker
• community leader, such as an Elder
• official from an Aboriginal and Torres Strait Islander organisation, or a board member of a Local Aboriginal Land Council 
• legal aid or community lawyer
• Services Australia (Centrelink) staff 
• correctional services staff
• manager or warden of a refuge or shelter accommodation or homeless shelter
• manager of an aged care facility or hospital 
• an individual who is able to witness a statutory declaration.  

Suitable referees may also include other social support service providers such as: 

• family violence workers
• social workers
• prison case workers and reintegration officers
• youth services workers.

There may be other suitable referees you choose to accept that are not on this list.

What a referee statement should include

A referee statement can take various forms. AUSTRAC recommends the statement contains the:

• date of the reference 
• referee’s name, signature, position, contact details and relationship to the customer
• referee’s knowledge of the customer’s full name, residential address (if known) and date of birth (actual or approximate)
• approximate dates the referee has known the customer.

If known by the referee they could also include:

• other addresses the customer has recently lived
• other names the customer has been or is known by
• the customer’s circumstances that have resulted in limited access to identification documents
• a brief explanation of the reasons why the customer has inconsistent details on their identification.

These are not mandatory requirements for the reference to be acceptable. You should base your approach on: 

• the customer’s circumstances, and
• your organisation’s specific requirements.

You may also consider other ways to accept the referee statement, such as:

• a real-time video call
• a pre-recorded video statement 
• a written or online statutory declaration
• an online form. 

You may use a template or form to collect information from the customer and their referee. We have developed an example form (PDF, 185KB) that you can tailor to your requirements.

Managing the risks of accepting a referee statement

Consider the following to manage and mitigate the ML/TF and fraud risks associated with accepting a referee statement. These are not mandatory requirements and you should consider them based on the risk. 

You may ask the referee to: 

• provide the statement on an official letterhead of the organisation they represent
• include a recent photograph of the customer as an alternative to standard photographic identification 
• submit the statement directly to your organisation from an official email address, to ensure it is not altered.

If a referee has provided a statement as a member of a particular profession, you should confirm they are a member when possible. For example, you may search:

• the Register of Practitioners managed by the Australian Health Practitioner Regulation Agency (AHPRA)
• the Australian Legal Profession Register managed by the Legal Services Council 
• the Financial Advisers Register managed by the Australian Securities and Investments Commission (ASIC). 

You may also do an internet search of the individual or the organisation they work. 

If you have doubts about the authenticity of a reference, you should take additional steps to confirm. For example, you may follow up with an email or phone call. 

It is up to you to determine what would be an appropriate length of time that the referee has known the customer. One interaction would likely not be appropriate as there is no established relationship. 

You could specify the minimum qualifications of witnesses. For example, a school principal or teacher.

Other controls may include:

• using multiple referees
• combining a referee statement with other forms of alternative identification, such as government correspondence or expired identification
• an online or in-person interview with the customer to assess the consistency and legitimacy of their claims 
• monitoring the number of times the same individual is acting as a referee for different customers, as multiple requests to use the same person may require further investigation 
• monitoring the behaviour of both the customer and referee for any signs of coercion or fraud, after the referee statement has been accepted.

If there is a risk of coercion you could also request:

• an interview or pre-recorded video with the referee 
• that an independent person witnesses the referee’s statement.

This is not an exhaustive list.

Banks may consider delaying carrying out customer identification procedures for up to 15 days after opening an account in some circumstances under Chapter 79 of the Rules. This may allow further time to check alternative identification documents. Read more at Carrying out applicable customer identification after commencing to open a bank account.

Transaction controls to manage the risks 

You may use other controls when accepting alternative forms of identification. These may include limiting the functionality, features, products or services you offer to that customer based on their ML/TF risk. 

This could include placing limits on the:

• number or total value of transactions
• amount per transaction
• overall balance or value of the account.

You could also limit the geographical scope of the transactions. For example:

• only allowing domestic transactions 
• not allowing cross-border transactions with countries with higher ML/TF risks.

Government correspondence

You may accept correspondence from an Australian federal, state or territory government authority or foreign government that shows the customer’s name.

For people in prison or recently released from prison, this can include identification documents issued by the state or territory corrective services. For example, a Corrections Record Number. 

Expired identification

You may allow a customer to provide recently expired identification when they experience difficulty obtaining standard identification. AUSTRAC recommends that you request the customer provide standard identification documents as soon as they can. However, you should be mindful of their specific circumstances and any barriers they may face. 

In some cases you may rely on older expired identification when it is appropriate to the risk and you can either:

• match at least one other identifying detail, such as date of birth
• visually identify the person from their photo on the expired identification.

This may be especially useful for customers disproportionately impacted by barriers to updating expired identification documents such as:

• Aboriginal and Torres Strait Islander customers
• individuals living in remote communities 
• people in prison – particularly those with long sentences
• elderly people who do not officially hand in their driver licence when they stop driving
• individuals in a care facility.

AUSTRAC recommends that you determine the length of time you will rely on expired identification. 

Customers declaring their own identity (self-attestation)

If you can’t establish the identity of a customer in any other way, you may be able to accept a customer’s self-attestation of their identity. However, you must only use this as a last resort.

Self-attestation may be useful for customers who are:

• experiencing homelessness
• refugees without identification documents
• unable to nominate a referee who meets your alternative customer identification requirements.

You must not rely on self-attestation if you know or suspect that it is incorrect or misleading.

You must continue to apply ongoing customer due diligence to manage and mitigate the ML/TF risks. This includes transaction monitoring.

If you rely on self-attestation, AUSTRAC recommends you take steps to verify the customer’s identity when practical. For example, you may ask the customer to provide:

• another form of alternative identification within an agreed period of time 
• standard identification documents if they obtain access to them.

Obtaining and submitting documents

Obtaining and submitting identification may be complex and challenging. The cost can also be a barrier. 

AUSTRAC recommends that you consider the most efficient way for the customer to obtain and submit documentation. 

If it is not possible for customers to submit documents in person, you could:

• accept documents by email, certified mail or fax
• use online conferencing services, video calls or pre-recorded video call statements 
• allow the customer to provide a photo of themselves holding their identification documents, along with a copy of the documents themselves.

This is particularly relevant for customers in remote areas.

If you use an online platform for customers to submit their identification documents, you should consider if it can accept alternative forms of identification. If it can’t, you should offer another way for your customer to submit their documents. 

Record keeping

You must keep records of what you did to identify the customer and what alternative identification you used. AUSTRAC recommends this record include information about the customer’s particular circumstances. Refer to record-keeping.

Aboriginal and Torres Strait Islander customers

AUSTRAC recommends that you develop and maintain procedures to help you identify and verify Aboriginal and Torres Strait Islander customers who don’t have standard identification. 

You should use a flexible approach that is mindful of the barriers Aboriginal and Torres Strait Islander peoples face: 

• obtaining standard identification and
• accessing financial services. 

There are many historical and contemporary reasons for this, including:

• lower birth registration rates due to a range of reasons including past policies and practices that excluded Aboriginal and Torres Strait Islander peoples from official records 
• oral-based cultures and languages which can mean written details like family surnames vary in spelling and pronunciation 
• cultural practices which may require individuals to be known by different names after certain life and cultural events
• geographic barriers for remote or regional communities with limited access to registry offices, hospitals, digital and government services. 

It may not always be possible for a customer to provide standard identification, even if you give them additional time. 

AUSTRAC recommends that you consider providing your customers with the option to advise if they identify as Aboriginal and Torres Strait Islander. This may help to:

• consider if you should use a flexible approach to identification 
• ensure the customer will not need to identify as Aboriginal and Torres Strait Islander each time they make contact
• identify customers that may require further support 
• triage customers to culturally appropriate services if offered, such as dedicated support telephone lines or teams.

Alternative identification options

For alternative identification options and suitable referees, refer to the above section on Alternative identification options.

Aboriginal and Torres Strait Islander organisations 

You may seek a reference from: 

• an official representative of an Aboriginal and Torres Strait Islander organisation 
• a board member of a Local Aboriginal Land Council (LALC). 

AUSTRAC recommends you educate your staff on the organisations that exist in the areas you operate. This includes LALCs and other Aboriginal and Torres Strait Islander community-controlled organisations. This will assist you to have informed questions and understand the needs of customers.

You should be mindful that:

• only certain types of Aboriginal and Torres Strait Islander organisations are registered with the Office of the Registrar of Indigenous Corporations (ORIC)
• LALC membership varies across states and territories and the terms these bodies use may vary. 

Other organisations may also be suitable to provide referee reports. 

Not all customers will be connected to a LALC. Some may be members of multiple across jurisdictions because of vast family relationships. For example, in New South Wales a customer may be a member of a LALC. In Queensland, a customer may be a member of a Native Title Representative Body or a Native Title Service Provider. 

Community identity or organisation membership card

Some community organisations develop Aboriginal and Torres Strait Islander community identification cards to assist with identification requirements. These generally include the person’s name, other birth names, address, date and place of birth. They may or may not include a photo. 

They often contain less personal information. This is because they are designed to assist in assessing and exercising cultural rights. They are not designed to meet identification verification standards. 

The Australian Banking Association (ABA) has issued a factsheet for their members with more information about these cards for KYC purposes. This may also assist to identify some of the current cards which are available.

Example 1: Opening an account

Customer A wants to open an account with a credit union. However, Customer A has provided a different name that conflicts with the information in his identify documents. Customer A has a legal name in his identification documents and a preferred cultural name that he is known by in his community. Customer A has used his preferred cultural name. He explains that his identification documents use his legal name.

The credit union assesses the ML/TF risk of opening an account to Customer A as low. The credit union advises Customer A of additional information he could provide to verify his identity.

Customer A requests a referee statement from an Aboriginal Health Worker from his community. The statement includes: 

• a recent photograph
• the name Customer A is known by in his community
• his address 
• details of the name on his identification documents.

The credit union contacts the referee to discuss the reference. They are satisfied they can rely on the alternative identification document. The credit union opens the personal account. 

Example 2: Superannuation beneficiary

Customer B identifies as being of Aboriginal heritage. Customer B’s mother recently passed away and she is the beneficiary of a death benefit on her mother’s superannuation policy with a superannuation fund.

Customer B changed her name after her mother died. Her full name is now different to the name recorded on the beneficiary nomination form. Customer B does not have a legal record of her cultural name change.

The superannuation fund asks for information about Customer B’s name change as part of its identification and verification procedures.

Customer B advises that it is customary not to use the name of a deceased person. She also doesn’t have any official identification document in her new name. She has provided her address but doesn’t know her actual date of birth – only the year and place she was born.

The superannuation fund assesses the ML/TF risk of providing the relevant designated services to Customer B as low. This acknowledges that despite having a different name, the daughter is the only nominated beneficiary. The superannuation fund discusses alternative identification options with Customer B and offers to verify Customer B’s identity with a referee statement. Customer B arranges a reference from her late mother’s doctor, who is also her doctor. In the reference, the doctor attaches a recent photograph of Customer B. The reference contains details of her circumstances including her relationship with her mother and the change of name in accordance with cultural practice. 

The superannuation fund confirms that the doctor is a registered health practitioner using the AHPRA’s register of practitioners. The fund contacts the doctor to discuss the reference and is satisfied that it can rely on the alternative identification document. 

Example 3: Inconsistent identification documents

Customer C identifies as being of Aboriginal heritage, resides in New South Wales and wants to open a bank account. Customer C provides the bank with a range of documents from various government departments, however, his name and dates of birth are inconsistent.

Customer C isn’t sure which birth date is accurate. The bank isn’t sure which document, if any, it can use to identify him.

The bank assesses the ML/TF risk of providing a designated service to Customer C as low. The bank decides to accept an alternative document to verify Customer C's identity. 

The bank officer discusses alternative identification options with Customer C. Customer C says he is a member of a NSW Local Aboriginal Land Council (LALC). The bank officer suggests that the customer obtains a reference from a current office bearer of the LALC. The LALC officer provides a reference on an official letterhead. It confirms that Customer C is the person named in the government documents and includes a photograph of Customer C. The bank contacts the referee and confirms the information contained in the reference, before opening a bank account for Customer C.

Customers affected by family and domestic violence

It is critical for the safety of people affected by family and domestic violence to have access to financial services independent of the perpetrator. This also applies to financial abuse and elder abuse. 

Importance of confidentiality

Confidentiality is critical. It is important you do not take any steps that would alert the perpetrator to your customer’s activities.

It is important that you do not ask for details or evidence of the violence. This includes asking for this level of detail from victim-survivors and their advocates, referees and support persons.

A statement by a referee should be sufficient if it states: 

• the customer has experienced family or domestic violence 
• why this has impacted their ability to access identification documents.

Example 1: Customer needs to obtain new identification documents

Customer D’s partner does not allow her to have access to a bank account and has hidden her identification documents. She recently fled without any identification documents and is staying at a friend’s home. She needs to open a bank account urgently to receive Centrelink payments and a grant to relocate to her parents’ home interstate.

Replacing each of Customer D’s identification documents is difficult and time-consuming. She is also experiencing delays obtaining new identification documents because she is at a temporary address.

Her general practitioner of several years is familiar with her situation. They provide a reference to the bank from their official email address. The bank does an internet search of the clinic to confirm its legitimacy. They also check the individual is registered on the AHPRA register of practitioners. 

The bank assesses the ML/TF risk of providing Customer D with the designated service as low and opens the account. The bank requests that Customer D provide her identification documents as soon as she is able.

Example 2: Customer unable to obtain identification documents

Customer E is living with her brother who controls her finances and prevents her from working. She recently fled her home to a domestic violence refuge.

Customer E goes to the bank to open a new bank account so she can receive Centrelink payments. She only has photos on her phone of her passport and drivers licence. These show her previous address.

The refuge director provides a written reference to the bank from their official email address and copies in Customer E. The bank assesses the ML/TF risk of providing Customer E with the designated service as low. The bank opens the account, with a requirement that Customer E provides her new identification documents when she receives them.

The police help her to retrieve her belongings and identification documents. She returns to the branch two weeks after the account is opened and completes the standard identification checks.

Customers affected by a natural disaster

Customers affected by a natural disaster may have suffered significant losses or property damage. They may not have access to identification documents or the documents may have been destroyed. It can take time to piece together information and apply for replacement documents. 

Example: Customers’ identification documents are destroyed

Customers F and G are a married couple who operate a mixed farming enterprise. A major bushfire recently impacted their region. Like many of their neighbours, they lost their home, surrounding buildings, farm machinery, fencing and stock.

The fire destroyed all of their personal and business documents including all forms of identification. This prevents them from accessing their bank accounts, including receiving an Australian Government disaster recovery payment.

They visit their nearest bank branch. The bank is mindful of the hardship the community has endured. The bank works with the couple to determine the most appropriate form of alternative identification. The couple agree to obtain a referee statement confirming their personal details and circumstances.

A local police officer witnesses a statutory declaration confirming their identities. The reference states the family was affected by the bushfire resulting in the loss of their identification documents.

The bank makes arrangements to provide access to their bank accounts. Customers F and G agree to provide standard forms of identification once they are replaced.

Customers in prison or recently released from prison

Accessing standard forms of identification can be difficult for people in or recently released from prison. This creates barriers to opening or accessing an account for a range of reasons, including:

• they did not have standard forms of identification when they entered prison
• the identification expired, was lost, stolen or misplaced
• their bank account was deactivated
• they lack a stable address upon release. 

People released from prison who are eligible for a Services Australia Crisis Payment need an active bank account to receive the payment.

In some states and territories, corrective services may issue photographic identification to assist people transitioning out of the prison system. 

People in prison may use financial counsellors, case workers and reintegration officers to assist them to open a bank account.

Example: Customer will soon be released from prison

Customer H is due to be released from prison in two weeks, and will receive a Crisis Payment. However, her bank account was closed during her time in prison.

Customer H’s identification documents have expired. It will take some time to obtain a proof of age card.

A financial counsellor has worked with Customer H over the past 12 months and is familiar with her situation. The financial counsellor provides a written reference to the bank.

After speaking directly with the financial counsellor, the bank agrees to open a new account for Customer H so she can receive and access the Crisis Payment. Customer H agrees to provide the standard identification documents when she receives them. 

Intersex, transgender or gender diverse customers

Customers who are intersex, transgender (trans) or gender diverse may not have matching or accurate forms of identification.

This can be for a range of reasons, including:

• different state laws and eligibility for changing gender markers
• a change in appearance that doesn’t match the individual’s photo identification
• inability to access documentation, which may be held by unsupportive parents or guardians of a minor
• the high financial cost of updating and replacing identification documents
• the emotional burden of navigating administrative processes that may also expose the individual to discrimination.

Customers who do not have identification documents that match their gender or preferred name may experience misgendering as result. This can be distressing for those impacted. 

Misgendering is when a person is addressed in ways that don’t align with their gender, including using:

• incorrect pronouns (he/she/they) or titles (Mr/Ms/Mx) 
• an individual’s previous name (informally known as ‘deadnaming’).

To support intersex, trans and gender diverse customers, you should: 

• consider adding optional information fields where customers can provide details like their pronouns and preferred name
• promptly update customer details across all correspondence, platforms and transaction records upon receiving updated identification documents 
• ensure staff maintain accurate customer records and file notes so your customers do not have to repeatedly explain their situation.