Accountant Document Compliance: Verification Guide
Document compliance guide for accountants and auditors in Australia. AML/CTF obligations, auditing standards, supporting documents checklist
Summarize this article with
ChatGPT
Claude
Perplexity
Gemini
GrokAccountants and auditors in Australia bear direct legal responsibility for verifying the authenticity and completeness of supporting documents. Under the Anti-Money Laundering and Counter-Terrorism Financing Act 2006 (AML/CTF Act), accounting professionals providing designated services are subject to anti-money laundering obligations, including customer due diligence, suspicious matter reporting, and document retention. Combined with Australian Auditing Standards and Australian Taxation Office (ATO) reporting requirements, the compliance framework for document verification is both broad and enforceable.
This guide covers the regulatory obligations, the documents that require verification, the applicable auditing standards, and the practical tools available to streamline compliance for accounting and audit firms operating in Australia.
This article is for informational purposes only and does not constitute legal, financial, or regulatory advice.
Regulatory Framework: AML and Document Obligations for Accountants
Australian accountants and auditors operate under a layered regulatory framework. The Australian Securities and Investments Commission (ASIC) regulates auditors and sets financial reporting requirements. The professional bodies -- CPA Australia, Chartered Accountants Australia and New Zealand (CA ANZ), and the Institute of Public Accountants (IPA) -- set ethical and professional standards. AUSTRAC supervises AML/CTF compliance for designated services.
The Anti-Money Laundering and Counter-Terrorism Financing Act 2006 requires accountants providing designated services to apply customer due diligence measures, verify the identity of clients using reliable and independent sources, and maintain records for at least seven years after the business relationship ends (Australian Government, AML/CTF Act 2006).
The core obligations include:
- Client identification and verification: verifying the identity of individuals using government-issued photo ID and proof of address, and verifying legal entities using ASIC records, certificates of registration, and beneficial ownership declarations.
- Risk assessment: conducting a firm-wide risk assessment and applying enhanced customer due diligence to higher-risk clients, politically exposed persons (PEPs), and clients in high-risk jurisdictions.
- Suspicious Matter Reports (SMRs): filing reports with the Australian Transaction Reports and Analysis Centre (AUSTRAC) when there are grounds to suspect money laundering or terrorist financing (AUSTRAC, Suspicious Matter Reporting).
- Record keeping: retaining copies of identification documents, transaction records, and due diligence evidence for seven years after the end of the business relationship.
The Auditing and Assurance Standards Board (AUASB) issues Australian Auditing Standards that require auditors to consider laws and regulations throughout the audit, including those related to fraud and money laundering (AUASB). Non-compliance can result in regulatory sanctions from ASIC or the professional body, including fines, suspension, or removal from the register.
CPA Australia and CA ANZ publish detailed AML guidance for their members, covering practical procedures for client onboarding, ongoing monitoring, and record keeping. The guidance specifies acceptable forms of identification, verification methods, and the standard of evidence required.
Supporting Documents Checklist: Purpose, Retention, and Format
The volume and variety of documents that accounting and audit firms must verify is substantial. Each document serves a specific compliance or evidential purpose, and retention requirements vary by regulation.
| Document | Purpose | Retention Period | Accepted Format |
|---|---|---|---|
| Purchase and sales invoices | Accounting entries, GST recovery, audit evidence | 5 years (Corporations Act 2001, s.286) | Paper, PDF, EDI, structured XML |
| Bank statements | Bank reconciliation, cash flow verification | 5 years | PDF, paper, OFX |
| Trial balance and general ledger | Year-end review, consistency checks | 5 years | Accounting software export |
| Client photo ID (Australian passport, state/territory driver licence) | KYC/AML identification | 7 years after relationship ends (AML/CTF Act 2006) | Certified copy |
| Proof of address (utility bill, bank statement) | KYC/AML verification | 7 years after relationship ends | Certified copy, original |
| ASIC company extract | Company identification and verification | 7 years after relationship ends | PDF, ASIC extract |
| Payroll records (payment summaries, payslips) | PAYG compliance, audit trail | 5 years | PDF, paper |
| BAS returns and working papers | ATO compliance, GST reconciliation | 5 years | Digital |
| Expense receipts and claims | Deductibility of expenses, GST input | 5 years | PDF, scan, photo |
| Contracts and engagement letters | Scope of work, liability allocation | Duration of contract + 7 years | Original or copy |
Under Australian tax law, businesses must maintain records that explain all transactions and enable the ATO to determine the taxpayer's tax liability. The ATO requires that all business records be stored for at least five years from the date the records are prepared, obtained, or the transactions completed, whichever is later (ATO, Record Keeping). For accounting firms, this means that the supporting documents underpinning tax calculations must be stored, linked, and retrievable.
Auditing Standards for Document Verification
Australian auditors apply Australian Auditing Standards issued by the AUASB, which are based on International Standards on Auditing. Several standards directly govern how auditors verify supporting documents.
ASA 500: Audit Evidence
ASA 500 establishes the framework for obtaining sufficient appropriate audit evidence. The standard requires auditors to design and perform procedures to gather evidence that supports the financial statements. Key procedures include:
- Inspection of records and documents: examining invoices, contracts, bank statements, board minutes, and correspondence for authenticity, completeness, and accuracy.
- External confirmation: obtaining direct written confirmation from third parties, such as bank balance confirmations, debtor circularisations, and solicitor letters.
- Recalculation: independently verifying arithmetic accuracy of calculations in the financial statements and supporting schedules.
- Analytical procedures: comparing financial data with prior periods, budgets, and industry benchmarks to identify anomalies that require further investigation.
ASA 240: The Auditor's Responsibilities Relating to Fraud in an Audit of a Financial Report
ASA 240 requires auditors to maintain professional scepticism and consider the risk of material misstatement due to fraud throughout the audit. This includes evaluating whether documents may have been altered, fabricated, or omitted. The standard mandates specific procedures when fraud risk is identified, including examining journal entries for unusual characteristics, reviewing accounting estimates for bias, and evaluating the business rationale of significant transactions.
ASA 230: Audit Documentation
Every verification procedure performed must be documented in the audit file. ASA 230 requires that documentation be sufficient to enable an experienced auditor with no prior connection to the audit to understand the nature, timing, and extent of procedures performed, the evidence obtained, and the conclusions reached.
Ready to automate your checks?
Free pilot with your own documents. Results in 48h.
Request a free pilotDigital Transformation in Australian Accounting
The Australian accounting profession is undergoing significant digital transformation across several channels.
Single Touch Payroll (STP)
Since July 2019, all employers in Australia must report payroll information to the ATO through Single Touch Payroll. STP Phase 2, which commenced on 1 January 2022, expanded reporting requirements to include additional information such as income types and country codes for working holiday makers (ATO, Single Touch Payroll).
E-Invoicing Adoption
The Australian Government is promoting the adoption of Peppol e-invoicing, particularly for government procurement. For accounting firms, the shift from unstructured PDFs to structured data means:
- Automated extraction: structured invoices eliminate the need for OCR, as data fields are machine-readable by design.
- Built-in validation: structured formats enforce mandatory fields (supplier ABN, line item detail, GST breakdown), reducing the incidence of incomplete documents.
- Streamlined reconciliation: machine-readable invoices can be matched automatically against purchase orders, delivery notes, and bank payments.
The Corporations Act 2001 requires companies to keep financial records that correctly record and explain the company's transactions and financial position (Australian Government, Corporations Act 2001, s.286). Digital record-keeping that meets these requirements benefits from the auditability and traceability that structured formats provide.
Automating Document Verification for Accounting Firms
Manual document verification does not scale. A mid-sized Australian accounting firm managing 200 clients processes between 4,000 and 8,000 documents per month during peak periods. At 3 to 5 minutes per document, this represents 200 to 670 hours of verification labour per month.
What AI Automates
AI-powered document verification addresses the highest-volume, most repetitive verification tasks:
- Structured extraction: OCR and data extraction from invoices, receipts, bank statements, and payroll documents -- capturing amounts, dates, ABNs, ACNs, and mandatory mentions.
- Cross-validation: automated matching of invoices to bank payments, GST consistency checks (net + GST = gross), sequential numbering validation, and supplier verification against ASIC records.
- Regulatory compliance: verification of AML documentation completeness, checking ID validity periods, and flagging expired documents that require renewal.
- Anomaly detection: identifying duplicate invoices, unusual amounts, date inconsistencies, and unrecognised suppliers.
Measurable Outcomes
| Metric | Manual Processing | Automated Processing | Improvement |
|---|---|---|---|
| Average time per invoice | 3 to 5 minutes | 15 to 30 seconds | 85 to 90% |
| Error rate | 5 to 8% | 0.5 to 1% | 8x reduction |
| Monthly close timeline | 12 to 18 days | 5 to 8 days | 50 to 60% |
| Cost per document processed | AUD 3.50 to 5.50 | AUD 0.40 to 0.80 | 75 to 85% |
For a detailed analysis of automation features designed for accounting firms, see our guide on automating document verification in accounting firms.
Integration Without Disruption
Automated verification integrates with existing practice management and accounting software through APIs. The firm retains its current tools and adds an automated verification layer upstream of data entry. Documents are checked on receipt, anomalies are flagged, and staff intervene only on exceptions where professional judgement is required.
Solutions such as CheckFile.ai connect to the software accounting firms already use, creating a continuous workflow from document receipt through verification to posting. Our platform processes over 180,000 documents per month with 98.7% OCR accuracy and an average verification time of 4.2 seconds per document. To explore pricing for accounting firms or learn about solutions for finance and leasing, visit our dedicated pages.
For a comprehensive overview, see our industry document verification guide.
Frequently Asked Questions
Are Australian accountants legally required to verify client identity documents?
Yes. Under the AML/CTF Act 2006, accountants providing designated services must apply customer due diligence measures. This includes verifying client identity using reliable, independent sources before establishing a business relationship. AUSTRAC supervises compliance and can take enforcement action for non-compliance. Professional bodies such as CPA Australia and CA ANZ also set professional and ethical standards that reinforce these obligations.
How long must accounting firms retain supporting documents?
The Corporations Act 2001 requires financial records to be kept for 7 years after the transactions covered by the records are completed. AML/CTF records (identity verification documents, transaction records) must be retained for 7 years after the end of the business relationship under the AML/CTF Act 2006. Tax records must be kept for 5 years from the date of lodgement.
Does Single Touch Payroll replace the need for document verification?
No. STP mandates digital reporting of payroll information to the ATO, but it does not verify the accuracy or authenticity of the underlying documents. Accounting firms must still verify that invoices, receipts, and other supporting documents are genuine, complete, and consistent with the submitted returns.
What happens if an audit file lacks sufficient documentation?
ASIC can take regulatory action against auditors whose files do not meet the documentation requirements of ASA 230. Insufficient documentation undermines the evidential basis for the audit opinion and can result in sanctions ranging from fines to removal from the audit register. In recent ASIC enforcement cases, documentation failures have been among the most common findings.
Document compliance is a core obligation for accountants and auditors operating in Australia. To structure your verification process and explore solutions tailored to accounting firms, contact our team. For a broader view of document verification requirements across industries, consult our industry verification guide.
Stay informed
Get our compliance insights and practical guides delivered to your inbox.