KYC requirements

AUSTRAC provides a guide for digital currency exchange services to develop an Anti-Money Laundering/Counter-Terrorism Financing (AML/CTF) program. In a previous article, we explored the key steps from AUSTRAC that form Part A of developing an AML/CTF program. Part B involves setting out procedures for collecting and verifying “know your customer” (KYC) information.


What is KYC information?

KYC information needs to be collected from a customer prior to providing a service to that customer. This typically involves collecting the customer’s personal details (e.g. by completion of a form) and verifying those details against identification documents or online identification verification services.

The types of information that must be collected and verified will depend on the type of customer the service is being provided to. AUSTRAC sets out standard guidelines for information relating to individuals, domestic companies and trustees of trusts.



The minimum identification information that needs to be verified for an individual is:

  • Customer’s full name.
  • Date of birth or residential address.


Domestic companies

The minimum information that must be collected from a customer who is a domestic company is:

  • Full legal name.
  • Full address of the entity.
  • Australian Company Number (ACN).
  • Whether the company is a proprietary or public company.
    • if proprietary, the name of each director of the company.



Generally, the minimum information that must be collected from a customer who is a trust/trustee of a trust is:

  • Full name of the trust.
  • Full name and address of each trustee.
  • Full name of each beneficiary.
  • Full business name (if any) of the trustee.
  • Type of trust.
  • Country in which the trust was established.
  • Name of the settlor.


There are various types of trust entity types listed by AUSTRAC where the simplified trustee verification procedure may be undertaken. Please refer to the AUSTRAC document A guide to preparing and implementing an AML/CTF program for your digital currency exchange service business for specific information.


Beneficial owners

Any individual who owns 25% or more of the trust or controls the trust (whether directly or indirectly) needs to be identified as a beneficial owner.

If the trustee has been verified using the simplified trustee verification procedure, the beneficial owners of the trust do not need to be identified.


Politically exposed persons

When the identity of a customer is verified, it must also be determined whether the customer is a politically exposed person, and what steps will be taken to mitigate the associated risks.


Responding to discrepancies

A risk-based system needs to be developed to respond to any discrepancy that arises in the course of verifying information about a customer, so that it can be certain that the customer exists and is who they claim to be.


Recording KYC information

Records must be kept of all customer identification undertaken, in order to:

  • Meet legislative obligations.
  • Provide information for transaction monitoring.
  • Enable enhanced customer due diligence/suspicious matter reporting.
  • Demonstrate compliance with AML/CTF obligations.


Key takeaways

Digital currency exchange service businesses need to develop an AML/CTF program, in order to mitigate the associated money laundering and terrorism financing (ML/TF) risks. AUSTRAC’s guide brings to light important considerations, and outlines the key steps to follow to ensure compliance with AML/CTF obligations.

Nyman Gibson Miralis provides expert advice and representation in cross-border money laundering cases investigated by multiple international investigative agencies.

Contact us if you require assistance.