Compliance · v1

AML/CTF Compliance Statement

DomeID provides identity verification inputs that real estate reporting entities can use as part of their Customer Due Diligence (CDD) process under the Anti-Money Laundering and Counter-Terrorism Financing Act 2006 (Cth) and the AML/CTF Rules 2025.

Our role under the Act

DomeID is nota reporting entity. Real estate agents, buyers' agents, and property developers who deliver designated services are reporting entities from 1 July 2026. DomeID's role is to provide reliable identity, document, and screening inputs that those reporting entities can incorporate into their own CDD program.

Reliable and independent sources

AUSTRAC's AML/CTF Rules 2025 (Parts 4.9 and 4.10) accept identity verification by both documentation and electronic data, including:

• Document Verification Service (DVS) checks via accredited Gateway Service Providers.
• Biometric identity verification.
• Liveness detection (ICAO/NIST aligned).
• Electronic data from government databases.

DomeID uses Sumsub (SOC 2 Type II + ISO 27001 audited, DVS-gateway integrated) for these checks. Supabase (SOC 2 hosting, AU residency) backs the audit trail. No element of the verification chain operates outside an audited environment.

What an agent receives

• Full legal name, date of birth, and residential address.
• Document type, last 4 of document number, expiry, issuing authority.
• Liveness result, biometric face-match result.
• PEP, sanctions, and adverse-media screening result.
• Proof-of-address verification result.
• Verification ID, timestamp, Sumsub session ID — for the agent's 7-year record.
• Advisory risk rating (the agent makes the final risk decision).

What stays with the agent

Even with DomeID providing inputs, the following obligations remain entirely with the reporting entity:

• Final risk rating decisions per customer.
• Source of funds and source of wealth verification.
• Suspicious Matter Reports (SMRs) — the SMR decision is the agent's.
• Ongoing customer due diligence during the transaction.
• Maintaining the agent's own AML/CTF program.
• The agent's own 7-year record-keeping (DomeID also keeps records, but this does not substitute).

Section 37A reliance — V2

DomeID is on a 6-month path to support formal section 37A CDD Arrangements. Agencies that sign a CDD Arrangement with DomeID (V2) will be able to procedurally rely on DomeID's identity verification within the limits of the safe harbour for isolated breaches of section 32. V2 unlocks once DomeID completes independent compliance attestation (SOC 2 Type II or specialist AML compliance attestation).

Records and audit

All verifications are retained for 7 years. The audit log is append-only at the database layer and tamper-evident. Every consumer action and every agent access produces an immutable row.

For commercial enquiries about DomeID for your agency: hello@domeid.com.au. For compliance enquiries: compliance@domeid.com.au.