CheckFile vs Onfido: complete comparison 2026

Australian businesses subject to AUSTRAC reporting obligations, the AML/CTF Act 2006, and the Privacy Act 1988 operate under a compliance framework with distinct requirements that differ materially from the FCA-regulated environment in which Onfido was built. Choosing between CheckFile and Onfido for an Australian operation means understanding which platform was designed with your regulatory reality in mind — and which was retrofitted to it.

This article is for informational purposes only and does not constitute legal, financial, or regulatory advice. Regulatory references are accurate as of the publication date. Consult a qualified professional for guidance specific to your situation.

Comparison table: CheckFile vs Onfido

Onfido (Entrust): biometric-first identity verification

Onfido, acquired by Entrust in 2024, built its platform around a single proposition: confirming that a person is who they claim to be. The Atlas AI engine combines document analysis with facial biometrics — a selfie matched against the document photo — and liveness detection to defeat spoofing attacks. Coverage spans 3,400+ document types from 195 countries, with solid recognition of Australian government-issued documents: the Australian passport, state and territory driver licences, and the ImmiCard.

For Australian businesses onboarding international customers at scale through consumer-facing mobile applications, Onfido's native iOS and Android SDKs provide guided capture and UX optimisation. SOC 2 Type II and ISO 27001 certifications underpin its security posture.

The trade-offs are real. Onfido operates on enterprise contracts at approximately A$3.10–6.20 per verification, with pricing available only through direct negotiation. Integration requires 4–12 weeks. Onfido's scope is identity confirmation — it does not natively handle the multi-document case files that AML/CTF Act compliance typically requires: source of funds documentation, ASIC company extracts, Tax File Number declarations, beneficial ownership records.

CheckFile: broad-spectrum document verification engine

CheckFile answers a different question: "is this case file complete, authentic, and compliant?" Rather than confirming who someone is, CheckFile verifies the integrity and consistency of entire document sets across 3,200+ types — Australian passports and state/territory driver licences alongside ASIC company extracts, Tax File Number (TFN) declarations, bank statements, payslips, and ImmiCards.

Hosted in France under EU data sovereignty standards, CheckFile processes a document in 4.2 seconds on average with 98.7% OCR accuracy. At approximately A$0.19 per document on a public, pay-per-use pricing grid, costs are transparent from day one. The REST API integrates in 2–5 days. CheckFile does not provide biometric verification — that function sits with dedicated biometric providers and can be layered separately.

For Australian businesses subject to AUSTRAC oversight, the platform's complete audit trail, configurable rules engine, and ISO 27001 / SOC 2 certifications align with the traceability and due diligence documentation requirements that AML/CTF compliance examinations assess.

Document and geographic coverage

CheckFile covers 3,200+ document types including Australian passports, all state and territory driver licences, ImmiCards (the Australian equivalent of a biometric residence permit), TFN declaration forms, ASIC company extracts and certificates of registration, Medicare cards (where used for identity purposes), bank statements, payslips, and Australian visa documents. VEVO (Visa Entitlement Verification Online) status is a separate government service, but the underlying visa documents that feed into VEVO checks are supported.

Onfido's coverage of 3,400+ document types is deep on government-issued identity documents. For Australian-issued documents — the Australian passport, state and territory driver licences, and the ImmiCard — recognition is strong. Commercial and financial documents are outside its native scope.

The structural difference matters for AML/CTF compliance: AUSTRAC reporting entities must verify identity through government-issued documents, but the Customer Due Diligence (CDD) program that the AML/CTF Act 2006 requires extends to business verification, source of funds documentation, and beneficial ownership analysis — a multi-document case file that CheckFile handles natively and Onfido does not.

Pricing: ~A$0.19 per document versus opaque enterprise contracts

CheckFile's pricing is public. At approximately A$0.19 per document (equivalent to €0.12), volume discounts apply at scale with no setup fees or onboarding surcharges. A business processing 5,000 case files per month at three documents each pays approximately A$2,850/month.

Onfido operates on enterprise contracts. Published benchmarks place per-verification costs at approximately A$3.10–6.20 depending on features and volume. For 5,000 monthly identity verifications alone, the cost reaches A$15,500–31,000 — and commercial document verification requires additional tooling not covered by Onfido.

For reporting entities managing Significant Cash Transaction Reports (SCTRs) — required for transactions of A$10,000 or more — and Suspicious Matter Reports (SMRs), the per-document cost differential compounds quickly as compliance document volumes grow.

Regulatory compliance in Australia: AUSTRAC, AML/CTF Act, and Privacy Act

Australia's AML/CTF and privacy compliance framework has specific requirements that solutions built for UK or US markets do not automatically satisfy.

AML/CTF Act 2006: The Anti-Money Laundering and Counter-Terrorism Financing Act 2006 is Australia's primary AML legislation, administered by AUSTRAC. Reporting entities — banks, credit unions, remittance dealers, bullion dealers, gambling operators, and others — must enrol with AUSTRAC, develop and maintain an AML/CTF program, verify customer identity (Know Your Customer), and report certain transactions. The AML/CTF Rules 2007 prescribe the specific identification procedures and document requirements.

AUSTRAC registration and reporting thresholds: All reporting entities must enrol with AUSTRAC. Significant Cash Transaction Reports (SCTRs) are required for cash transactions of A$10,000 or more. Suspicious Matter Reports (SMRs) have no minimum threshold — any transaction or activity where there are reasonable grounds to suspect it relates to money laundering or terrorism financing must be reported, regardless of amount. International Funds Transfer Instructions (IFTIs) must be reported for transfers of any amount. Document verification underpins all of these reporting workflows.

Customer Due Diligence under the AML/CTF Act: Part B of an AML/CTF program must include procedures for verifying the identity of customers before providing a designated service. Acceptable identification procedures are specified in the AML/CTF Rules and include verification against government-issued documents (passports, driver licences, ImmiCards) and, where applicable, electronic verification through the Document Verification Service (DVS). CheckFile's structured outputs integrate into DVS-adjacent workflows.

APRA prudential requirements: The Australian Prudential Regulation Authority (APRA) supervises authorised deposit-taking institutions (ADIs), insurance companies, and superannuation funds. APRA Prudential Standard CPS 234 (Information Security) establishes requirements for information asset security that document verification systems handling sensitive personal data must satisfy. CheckFile's ISO 27001 certification and SOC 2 audit align with CPS 234 expectations.

ASIC supervision of AFS licensees: ASIC supervises holders of Australian Financial Services (AFS) licences for AML/CTF compliance obligations. AFS licensees providing financial services are reporting entities under the AML/CTF Act and must maintain AML/CTF programs. ASIC also requires AFS licensees to verify the identity of clients for anti-hawking and financial services obligations. Document verification of ASIC company extracts — confirming the legal existence and structure of corporate clients — is a common due diligence requirement.

Digital ID Act 2024: The Digital ID Act 2024 establishes the myID framework (formerly myGovID), creating a voluntary accredited digital identity scheme for Australia. While the scheme is still maturing, accredited providers must meet identity proofing standards set by the Australian Government. Document verification remains foundational to identity proofing at IP2 and IP3 levels under the Trusted Digital Identity Framework (TDIF).

Privacy Act 1988 and Australian Privacy Principles (APPs): The Privacy Act 1988 and its 13 Australian Privacy Principles (APPs) govern the collection, use, and storage of personal information by Australian Government agencies and businesses with annual turnover above A$3 million (with lower thresholds for some health-related entities). Key obligations for document verification workflows include: APP 1 (open and transparent management of personal information), APP 3 (collection only for a primary purpose), APP 6 (use or disclosure only for the primary purpose), and APP 11 (security of personal information). The Office of the Australian Information Commissioner (OAIC) administers and enforces the Privacy Act. CheckFile's configurable data deletion, EU hosting, and data processing agreement support APP compliance, though each organization must conduct its own privacy assessment.

Technical integration: 2 days vs 4-12 weeks

CheckFile provides a documented REST API with webhooks for asynchronous processing and native connectors for Salesforce and HubSpot. No proprietary SDK is required — any HTTP client integrates directly. Integration typically takes 2–5 days. A free 48-hour pilot lets you test with your actual documents before any commitment.

Onfido's mobile SDK (iOS and Android) encapsulates document capture, selfie collection, and liveness detection in an embeddable component. For consumer-facing mobile applications where guided biometric capture is the primary onboarding flow, this is a genuine UX advantage. Integration runs 4–12 weeks, not including the time required for a privacy review under the APPs.

For back-office compliance workflows — processing documents received through portals, email, or scanned submissions — CheckFile's API-first architecture is more direct. For consumer mobile onboarding requiring biometric selfie verification, Onfido's SDK provides an experience that CheckFile does not replicate.

Document fraud detection

CheckFile detects fraudulent documents with 94.8% recall and a 3.2% false positive rate. Detection covers document tampering, data inconsistencies across documents within a case file, format anomalies, and metadata irregularities. These metrics are published and auditable.

Onfido's Atlas AI engine combines documentary and biometric fraud signals. Published metrics are not available. Onfido's particular strength is identity fraud — detecting that someone is presenting another person's authentic identity document with their own face, a fraud type that liveness detection catches and document-only analysis cannot.

AUSTRAC has identified specific fraud typologies affecting Australian reporting entities — including synthetic identity fraud in the remittance and property sectors — that benefit from layered documentary and biometric detection. The two platforms are architecturally complementary for high-risk onboarding scenarios.

When to choose CheckFile

• Your AML/CTF Act compliance program requires verifying multi-document case files — Australian passports, state/territory driver licences, ImmiCards, TFN declarations, ASIC company extracts — not just a single identity document
• You are an AUSTRAC-enrolled reporting entity managing SCTR workflows, SMR documentation, or AML/CTF program audits
• You need transparent, per-document pricing without enterprise contract negotiations — the A$0.19/document rate is public
• Your integration timeline is measured in days, not weeks or months
• You serve clients subject to APRA CPS 234 requirements or ASIC AFS licence obligations that demand documented, auditable verification records
• You operate under the Digital ID Act 2024 framework and need document verification that meets TDIF identity proofing standards

When to choose Onfido

• Your primary requirement is biometric identity verification: confirming identity via selfie-to-document facial comparison and liveness detection
• You operate a consumer-facing mobile application where Onfido's native iOS/Android SDK provides guided capture and a polished onboarding experience
• You onboard customers internationally and need deep recognition of government-issued identity documents across 195 countries
• Budget per verification is not a primary constraint and you are comfortable with enterprise contract pricing
• Your compliance requirements are identity-centric and do not extend to the commercial document verification that AML/CTF Act due diligence typically requires

Verdict

CheckFile and Onfido answer different questions. Onfido asks "who is this person?" and answers with biometrics. CheckFile asks "is this case file complete, authentic, and consistent?" and answers with comprehensive documentary analysis.

For Australian businesses navigating AML/CTF Act 2006 obligations, AUSTRAC registration and reporting requirements, APRA prudential standards, and the privacy obligations of the Australian Privacy Principles, the compliance challenge extends substantially beyond a single identity check. CheckFile's multi-document coverage, transparent pricing, and rapid API integration make it the more practical fit for the documentary compliance workload that Australian regulation actually imposes.

For organizations that need both — biometric identity confirmation and multi-document case file analysis — the two platforms are architecturally compatible. A common pattern uses Onfido for initial selfie verification and CheckFile for the full case file: AML/CTF-required supporting documents, ASIC company extracts, TFN declarations, and cross-validation across the complete dossier.

See also: Document Verification Guide · Identity Verification Solutions Comparison

Frequently Asked Questions

Does CheckFile satisfy AUSTRAC and AML/CTF Act document verification requirements?

CheckFile's verification outputs — structured data extraction, fraud detection flags, and a complete audit trail — support the record-keeping and due diligence documentation that AUSTRAC expects under the AML/CTF Act 2006. The platform is ISO 27001 and SOC 2 certified, and its configurable rules engine can enforce the customer identification procedures prescribed in the AML/CTF Rules 2007. CheckFile does not lodge SCTRs, SMRs, or IFTIs on your behalf — those reporting obligations remain with the enrolled reporting entity.

Can CheckFile and Onfido be used together in the same workflow?

Yes. Both platforms expose REST APIs and integrate straightforwardly. A typical Australian compliance architecture uses Onfido for biometric selfie verification (document + facial comparison + liveness), then CheckFile for the supporting case file: payslips, bank statements, ASIC company extracts, TFN declarations, and cross-validation across all documents. The combination covers both identity fraud and documentary fraud within a single AML/CTF-compliant workflow.

How does CheckFile support compliance with the Australian Privacy Principles (APPs)?

CheckFile is hosted in France and operates under EU data protection standards substantively aligned with key APPs — particularly around data security (APP 11), purpose limitation (APP 6), and data minimization (APP 3). Configurable automatic deletion and processing agreements are available to support your APP compliance obligations. The Office of the Australian Information Commissioner (OAIC) publishes guidance on privacy impact assessments, which organizations handling sensitive identity documents should conduct. CheckFile's documentation supports that assessment process, but each organization is responsible for its own APP compliance determination.

What Australian document types does CheckFile support?

CheckFile supports Australian passports, all state and territory driver licences, ImmiCards, Medicare cards (for identity verification purposes), TFN declaration forms, ASIC company extracts and certificates of registration, bank statements, and payslips. The full catalog of 3,200+ supported document types is available through the CheckFile contact page.

---

CheckFile processes 3,200+ document types with 98.7% OCR accuracy and a 4.2-second average verification time. ISO 27001, SOC 2 certified. Public pay-per-use pricing from ~A$0.19/document.

See pricing · Start a free pilot · Security overview