Can biometric verification handle a customer who can't open both eyes (e.g. post-stroke)?

The liveness detection step expects two open eyes for automatic capture, which leaves stroke-affected customers, those with ptosis, and similar accessibility cases without an automated path. There's a clean workaround though, and broader accessibility improvements are in development.

The current workaround - manual review path:

1. Start the standard KYC flow. The customer attempts the liveness step. If it fails, the platform marks the verification for manual review rather than rejecting it outright.
2. Compliance Officer escalation. The CO is alerted with the failed liveness capture and the customer's other captured data (document scan, signature, screening results).
3. Alternative verification path. Options include: in-person VOI with the customer present (no remote liveness step required), accepting the document-only verification with the CO documenting the accessibility reason, or referring to a manual VOI workflow (see "Is a manual VOI permitted for customers unable to use the digital flow?" in Section 2).
4. Audit trail. The accessibility-related deviation is logged with the CO's reasoning. AUSTRAC's framework is risk-based and explicitly accommodates accessibility - you document why the standard flow couldn't run and what alternative verification you relied on.

Other accessibility cases that use the same path:

• Significant facial injuries or post-surgical states making biometric matching unreliable.
• Visually impaired customers who can't follow the on-screen prompts.
• Customers with cognitive impairment requiring a representative (see "For POA/EPA/Administrators/Executors, on whom is KYC conducted?" in Section 21).
• Severely elderly customers without smartphone capability - in-person VOI on staff tablet works well here.

What's coming. Liveness improvements for accessibility cases are in active investigation - expected to expand auto-detection tolerances so common conditions don't fail the flow. No firm release date yet.

Privacy and dignity. AUSTRAC's framework doesn't override anti-discrimination obligations. A customer with a disability shouldn't be refused a designated service because the standard flow doesn't fit - the manual review path exists precisely so genuine customers can be verified
appropriately.

See AUSTRAC's Overview of initial customer due diligence page.

Related articles

• What about overseas customers - can they be verified?
• What does the KYC unit price include?
• What ID verification methods does easyAML support?
• Can the customer skip selfies for a "low risk" individual?
• What hardware is recommended for in-office client ID capture?