Personnel Due Diligence (PDD)
Who needs to complete a PDD?
Existing staff in CDD-relevant roles (Compliance Officer, 2IC, CDD Users and Frontline Staff) need their PDD completed before the 1 July 2026 deadline. The depth of the check is scaled to the role - the CO gets the deepest treatment, Frontline Staff a lighter version. PDD is a one-off completion, not a recurring annual obligation (unless your firm's own policies require a refresher). New hires complete PDD as part of onboarding before being given operational access.
Read more: Do existing staff need to complete Personnel Due Diligence? and What does AUSTRAC's PDD requirement cover for non-CO staff?
How do I start a PDD?
The Compliance Officer initiates a PDD for each staff member through the platform - the flow is similar to the customer KYC process. The employee then completes it on their own device; the flow is mobile-friendly, so most people do it from their phone in a few minutes.
The recommended order: the CO completes their own PDD first, then initiates PDDs for the 2IC, CDD Users and Frontline Staff. PDD (together with training) gates operational CDD access, so plan the rollout well before your go-live date - it typically takes several days across a team.
Read more: Does easyAML facilitate employee Personnel Due Diligence?
Why can't I start a PDD for one of my employees?
The most common cause: the employee hasn't been added to your account as a user yet. Add them via Account Settings > Users > Invite User, assign their AML role, and the PDD can then be initiated. Their role assignment also triggers their mandatory training allocation automatically.
Police certificates
Can easyAML provide the police certificate?
Not yet - but this is coming. Automated police check integration is in development, and once live you'll be able to trigger the check directly from the PDD workflow rather than sourcing it separately. The PDD already captures the data in a structure that supports this, so it will slot in cleanly once enabled.
For now, obtain a check from a recognised provider (Australian Federal Police, CrimCheck, or your state police) and upload it to the PDD record as supporting evidence. We'll let customers know when the automated option is available.
Read more: Does easyAML facilitate employee Personnel Due Diligence?
What type of police certificate is needed?
A national police check from a recognised provider is recommended.
Who actually needs a police check?
Under AUSTRAC's integrity rules, a police check is generally required for the Compliance Officer and other high-risk roles. For lower-risk roles such as Frontline Staff, it's optional and based on your firm's own risk assessment. If your HR onboarding already covers a check, the CO can mark the item as covered externally and upload the evidence.
Read more: What does AUSTRAC's PDD requirement cover for non-CO staff?
How recent does the police certificate need to be?
AUSTRAC's AML/CTF Rules don't prescribe a fixed expiry period for police checks - the framework is risk-based rather than prescriptive on check currency. The expiry periods you may have seen (commonly 1 to 3 years) generally come from individual providers or industry bodies, not from AUSTRAC. Apply your firm's own risk-based judgement on how current a check should be for the role.
Can I keep going if my police certificate hasn't arrived yet?
Yes - you don't need to pause everything while you wait. Continue with the other PDD components and your wider onboarding steps, then upload the certificate to the PDD record when it arrives. Keep in mind the PDD can't be fully signed off until all required evidence for the role is on file.
Why isn't the ID coming up as a match because of a middle name?
This is expected behaviour, not a bug. The Document Verification Service and most ID document checks don't use the middle name as a match field for driver's licences and some passports - the first name and surname are what's verified against the issuing authority. The middle name is still stored on the record and is used in PEP/sanctions screening, so a "match without middle name" is a correct result.
Read more: Why is the middle name not always checked, even when entered?
Why do I have to confirm a match when it's already 100% clear?
This is a deliberate review gate, not a fault. The Compliance Officer (or another appropriately permissioned user) formally approves the match, and that decision is audit-logged with the user, timestamp and reasoning. It keeps a human judgement step in the chain and strengthens your audit position.
Why can't I force a match?
Force match is restricted to users with an appropriate role (typically the Compliance Officer). If the option isn't appearing for you, check your role - users without the required permissions won't see it. Force match decisions are audit-logged.
Read more: Can the platform force-match a non-standard transaction past the review stage?
There's no dropdown option when I try to force match - what's wrong?
Our team is aware of this issue and a fix is on the way. If you're blocked in the meantime, contact support and we'll help you progress the record.
Why can't I sign off a PDD?
Sign-off becomes available once every component of the PDD is complete. The most common reasons it's locked:
- The identity match hasn't been confirmed ("matched" or force match, where appropriate)
- The employee hasn't completed their VOI
- The employee hasn't completed their role-based questionnaire
- The police certificate (where required for the role) hasn't been uploaded
- The sign-off confirmations haven't been ticked and a comment added
Work through the PDD record from the top - the outstanding item will be visible against the relevant step.
Why does a PDD show as clear when it hasn't been started?
Our team is aware of this display issue and a fix is on the way. The status doesn't affect the underlying record - the PDD still needs to be initiated and completed as normal.
Questions not covered here? Contact the easyAML support team or your onboarding contact.