Legal & Conveyancing

FICA, AML and trust-account checks — at matter speed

Use VerifyNow to verify clients, companies, representatives, beneficiaries and payment accounts before a mandate, transfer or trust-account instruction moves. Each check gives your practice an audit-ready record for the matter file.

Start verifying mattersView pricing
Schedule 1 legal practitioners
API for practice management tools
POPIA-ready audit trail

In short: what VerifyNow does for law firms and conveyancers

A defensible FICA workflow for South African attorneys and conveyancers includes SA ID verification against Home Affairs, CIPC company & director verification for corporate clients and counterparties, AML/PEP/sanctions screening at matter take-on, bank account verification on trust-account transfers, and consumer trace for locating estate beneficiaries and missing respondents. Firms must keep records in line with FICA requirements.

VerifyNow’s scope: Home Affairs SA ID verification, CIPC company & director verification, AML/PEP/sanctions screening, bank account verification (AVS), document authentication, face match / liveness, and consumer trace — all under POPIA-compliant consent with a full audit trail. VerifyNow does not issue credit bureau reports or SAPS criminal record clearances; where a matter requires either, they are sourced from a registered credit bureau or SAPS (or an authorised provider) alongside VerifyNow’s checks.

Services

How VerifyNow fits this workflow

The five checks most firms lean on — for individual clients, corporates, estates and trust-account movements.

SA ID Verification

Match clients, directors, executors and beneficiaries against Home Affairs in seconds — the foundation of an attorney FICA file under Section 21.

Learn more

CIPC Company Match

Verify the corporate client or counterparty against the CIPC register and confirm directors before you accept a mandate or sign a transfer instruction.

Learn more

Bank Account Verification (AVS)

Confirm the account number and holder details before releasing funds from the trust account — a practical control on trust-transfer instructions.

Learn more

AML / PEP / Sanctions Screening

Screen clients and counterparties against sanctions, PEP and adverse media watchlists as part of your FICA risk-management and compliance programme.

Learn more

Consumer Trace

Locate estate beneficiaries, missing respondents and debtors by SA ID for fraud detection and fraud prevention under NCA Reg 18(4)(b) / POPIA s11(1)(f).

Learn more
Workflows

Where it gets used

Four matter-level moments where a verification step belongs in the file.

  1. 01

    Client onboarding

    When a new client instructs the firm, run SA ID Verification to capture the Home Affairs record and AML/PEP screening to assess sanctions, PEP and adverse media exposure.

  2. 02

    Accepting a corporate mandate

    Before acting for a company or trust, use CIPC Company Match to confirm registration and directors, then verify each signatory with SA ID Verification.

  3. 03

    Deceased estate administration

    For Master of the High Court estates, run SA ID Verification on executors and heirs, and use Consumer Trace to locate beneficiaries whose contact details are stale.

  4. 04

    Trust-account transfer

    Before paying out a conveyancing proceeds or settlement amount, verify the beneficiary bank account with AVS to reduce push-payment fraud risk on the trust account.

Compliance

Compliance basis

Legal practitioners are listed as accountable institutions in Schedule 1 to the Financial Intelligence Centre Act (FICA). Admitted attorneys, notaries and conveyancers must apply customer due diligence under Sections 20A to 21H, keep records under Sections 22 to 23, report suspicious and cash threshold transactions to the Financial Intelligence Centre, and maintain a Risk Management and Compliance Programme (RMCP) tailored to the firm.

The Legal Practice Act and the Legal Practice Council’s rules overlay additional obligations on trust-account activity — including the duty to keep proper records of all money received and paid on behalf of clients. Pairing a FICA customer due diligence check with a bank account verification (AVS) on the beneficiary account is a straightforward practical control on payout fraud before trust money leaves the firm.

The Protection of Personal Information Act (POPIA) applies to every client, estate and counterparty record the firm holds. Verification data must be collected only for the specific purpose it was obtained for, kept secure, and retained only for the period your legal obligations require. Our consumer trace service is provided strictly for fraud detection and fraud prevention under Regulation 18(4)(b) of the National Credit Act and Section 11(1)(f) of POPIA.

Checks to run

FICA workflow checklist for Legal & Conveyancing

Use this path for client onboarding, corporate mandates, conveyancing payouts and estate beneficiary tracing.

Compliance note

Legal practitioners are FICA accountable institutions and need CDD, record keeping, reporting and RMCP controls.

Practical onboarding sequence

  1. 1Confirm whether your business is a FICA accountable institution for this workflow.
  2. 2Identify the customer, counterparty or responsible person before the relationship starts.
  3. 3Verify identity using the right report and save the verification receipt.
  4. 4Risk-rate the person or entity and decide whether AML/PEP or enhanced due diligence is needed.
  5. 5Verify bank account ownership before deposits, payouts, refunds or settlements move.
  6. 6Keep a CDD record, consent/lawful-basis evidence, timestamp and transaction reference.
  7. 7Use the FICA Toolkit and RMCP generator where your business needs documented procedures.

Toolkit links

Open FICA ToolkitUse the guided toolkit to decide which FICA, POPIA, CDD and RMCP resources apply.
CDD checklistTrack customer due diligence steps before onboarding or continuing with a customer.
RMCP generatorBuild a starting Risk Management and Compliance Programme where one is required.
KYC workflowMap the legal requirement to a practical onboarding workflow.

Home Affairs ID + Photo

Checks a South African ID number against Home Affairs and returns the official identity details and photo where available for your CDD file.

Run check

CIPC Company Match

Looks up the company against CIPC records so you can confirm registration details before dealing with a business counterparty.

Run check

CIPC Director Search

Returns director and linked company context from CIPC records, helping you verify who is behind a company party or mandate.

Run check

AML/PEP/Sanctions

Searches sanctions, PEP, watchlist and adverse-risk sources so your team can review higher-risk people, directors and counterparties.

Run check

Bank Account Verification

Checks the bank account details against bank-held data to confirm whether the account is open, valid and linked to the person or company provided.

Run check

Consumer Trace

Returns trace context such as contact or address indicators where available, helping corroborate details for a lawful fraud-prevention purpose.

Run check

Educational guidance only. Your accountable-institution status, RMCP, customer risk rating and lawful basis determine the final checks and records you must keep.

FAQ

Questions, answered

Are attorneys FICA accountable institutions?+

Yes. Legal practitioners — attorneys, notaries and conveyancers admitted under the Legal Practice Act — are listed as accountable institutions in Schedule 1 to the Financial Intelligence Centre Act (FICA). That brings client take-on, trust-account activity and property transfers inside the customer due diligence, record-keeping, reporting and Risk Management and Compliance Programme (RMCP) obligations of the Act.

How does VerifyNow fit with my practice management software?+

Every verification on the platform is available as a REST API call in addition to the dashboard. Practice management tools can call the API at the point of client onboarding, mandate acceptance or trust transfer, and store the returned transaction ID against the matter. Full endpoint details are in our API documentation at /api-docs.

How do I verify a beneficiary of a deceased estate?+

Start with SA ID Verification to confirm the beneficiary exists and is not deceased. Where the beneficiary cannot be contacted on the details held in the will or the Master file, run a Consumer Trace — scoped to fraud detection and fraud prevention — to retrieve recorded addresses and contact numbers from official sources, then follow up in writing.

What records must I keep for FICA?+

Under FICA Sections 22–23 you must keep records of the identity of each client, the steps taken to verify identity, and the nature and terms of each transaction, for at least five years from the end of the business relationship or single transaction. The VerifyNow dashboard stores an auditable trail of every check — inputs, results, transaction ID and timestamp — that you can export for the file.

Does POPIA apply to client files and trust records?+

Yes. The Protection of Personal Information Act applies to every law firm handling client, counterparty or estate data. Verification data should be collected and used only for the specific FICA, LPC trust-account or mandate purpose it was obtained for, kept secure, and retained for the period your legal obligations require — typically the five-year FICA minimum.

Take on your next client — compliantly

Create a free account and run your first FICA, CIPC or AVS check in minutes. Pay per lookup — no subscription.

Create free accountView pricing