Which documents can VerifyNow verify in South Africa (FICA/KYC)?

Which documents can VerifyNow verify—fast, secure FICA/KYC checks for General Business in South Africa. Start compliant onboarding with VerifyNow.

In General Business, document verification is where compliance becomes practical: you need to identify customers, screen risk, and keep audit-ready records—without slowing down sales. Using VerifyNow, you can verify common South African identity and business documents to support FICA, KYC, and POPIA-aligned processes.

Important compliance note
FICA and KYC aren’t “one-and-done”. Ongoing monitoring, refreshing records, and risk-based controls are essential—especially when customer details change.

Why document verification matters for FICA & KYC in General Business

For many South African organisations, “General Business” means you’re not a bank—but you still face real compliance exposure. You may be a service provider, marketplace, property-related business, professional services firm, e-commerce brand, or B2B supplier onboarding new customers and vendors.

Key terms to know (and use correctly)

FICA: The Financial Intelligence Centre Act sets rules for customer due diligence, recordkeeping, and reporting. Learn more at the Financial Intelligence Centre.
KYC (Know Your Customer): The practical process of identifying and verifying customers.
POPIA: The Protection of Personal Information Act governs lawful processing and safeguarding of personal information. See POPIA guidance and the Information Regulator.

What’s changed recently (and what to do now)

South African compliance expectations have become more operational and less “paper policy”:

Data breach reporting is under sharper scrutiny: If personal information is compromised, you may need to notify affected people and the regulator as soon as reasonably possible (depending on circumstances).
POPIA eServices Portal is now central for certain submissions and regulatory interactions—make sure your internal governance and contact details are maintained.
Administrative fines can be significant: POPIA penalties can reach ZAR 10 million in serious cases, alongside reputational and contractual fallout.

A practical compliance checklist (evergreen)

Collect the right documents for the risk level.
Verify authenticity (not just “file it”).
Match identity to the person (where required).
Store records securely with access controls.
Refresh verification when details change or risk increases.

Important compliance note
POPIA requires reasonable technical and organisational measures to prevent loss, damage, or unlawful access. Verification is only step one—secure storage and controlled access complete the compliance loop.

Which documents can VerifyNow verify? (South African document types)

This is the core question: Which documents can VerifyNow verify? In a General Business setting, you typically verify documents across individual identity, proof of address, and business/entity categories.

Individual identity documents (natural persons)

VerifyNow is built for day-to-day onboarding realities in South Africa—where customers may present different document types depending on citizenship and circumstance.

Common identity documents include:

South African ID book (green barcoded ID book)
South African Smart ID card
Valid passport (for foreign nationals and South Africans)
Asylum seeker / refugee documentation (where applicable to your risk policy and acceptance rules)

Tip: Use a risk-based approach. For higher-risk onboarding, you may require additional supporting documentation or enhanced checks.

Proof of address documents (residential verification)

Proof of address is a frequent FICA/KYC requirement, especially where your business relationship involves ongoing service, credit exposure, delivery risk, or high-value transactions.

Common proof of address documents include:

Utility bill (municipal rates/electricity/water)
Bank statement
Lease or rental agreement
Official letter from a recognised institution (where your policy allows)
Rates statement or similar municipal documentation

Important compliance note
Don’t collect more than you need. Under POPIA, apply data minimisation: request only what is necessary for the stated purpose, then protect it.

Business and entity documents (juristic persons)

If you onboard companies, partnerships, trusts, or NPOs, you’ll typically need to confirm the entity exists and identify the people behind it.

Common entity-related documents include:

Company registration documents (e.g., registration certificate and related filings)
Director/member information (where relevant to your due diligence)
Trust deed / letters of authority (for trusts)
Constitution or founding documents (for associations/NPOs)
Tax-related registration confirmations (where required by your onboarding policy)

A quick “what to verify” table for General Business

Customer Type	Typical Documents	Why it matters (FICA/KYC)
Individual (SA citizen)	Smart ID / ID book + proof of address	Confirms identity + residential link
Individual (foreign national)	Passport + supporting docs + proof of address	Reduces impersonation and cross-border risk
Company	Registration docs + director/beneficial owner info	Confirms entity legitimacy and control
Trust	Trust deed + letters of authority + trustee IDs	Identifies controlling persons and authority
Vendor/Supplier	Entity docs + authorised signatory ID	Prevents procurement fraud and payment diversion

How VerifyNow fits into your FICA/KYC workflow (without slowing sales)

Document verification shouldn’t feel like a “speed bump”. The best compliance processes are repeatable, auditable, and customer-friendly.

What a strong verification flow looks like

Capture: Customer uploads or submits required documents.
Verify: VerifyNow checks documents per your onboarding rules.
Assess: Apply a risk-based decision (approve, request more info, escalate).
Recordkeeping: Store verification outcomes and evidence for audit trails.
Ongoing monitoring: Refresh when details change or risk triggers occur.

Use inline rules like: if high-risk → request additional supporting documents.

POPIA-aligned handling (practical steps)

To align verification with POPIA obligations:

Limit access to verification records (role-based permissions)
Encrypt and secure stored documents
Log actions (who accessed what and when)
Retain only as long as necessary (define retention schedules)
Prepare for breach response (internal playbooks + reporting workflow)

External guidance worth bookmarking:

Important compliance note
A breach response plan isn’t optional in practice. “Reasonable safeguards” includes being ready to detect, contain, and report incidents efficiently.

💡 Ready to streamline your General Business compliance? Sign up for VerifyNow and start verifying IDs in seconds.

FAQ: Document verification with VerifyNow (FICA, KYC & POPIA)

Can VerifyNow verify both individuals and businesses?

Yes. VerifyNow supports verification needs across natural persons (individual customers) and juristic persons (business entities), helping you build an audit-ready onboarding process.

Do I always need proof of address for KYC in South Africa?

Not always. Requirements depend on your risk assessment, the nature of the relationship, and your internal compliance policy. Many General Business scenarios still require proof of address to reduce fraud and support FICA-aligned due diligence.

What if a customer doesn’t have a utility bill?

You can allow alternative documents based on policy, such as a bank statement or lease agreement. Keep your approach consistent, documented, and risk-based.

How does POPIA affect the documents I collect?

POPIA pushes you to collect only what you need, process it lawfully, and protect it with appropriate security. That includes:

Purpose limitation
Security safeguards
Retention controls
Breach readiness

What are the real risks of getting document verification wrong?

Common consequences include:

Onboarding fraudulent customers or suppliers
Payment diversion and impersonation scams
Audit failures due to missing evidence
Regulatory exposure, including administrative fines up to ZAR 10 million in serious POPIA matters
Reputational damage and contract loss

How often should we re-verify documents?

A practical rule: re-verify when there’s a material change (name, address, ownership, signatories) or when risk increases (unusual transactions, complaints, chargebacks, or other red flags). Build this into your operational playbooks.

Get Started with VerifyNow Today

If you’re still asking which documents can VerifyNow verify, the next step is simple: set your onboarding rules and start verifying the documents your customers already use—without turning compliance into a bottleneck.

With VerifyNow, you can:

Verify common South African identity documents for FICA/KYC
Support proof of address checks for risk-based onboarding
Strengthen POPIA-aligned handling with better process control
Build audit-ready evidence for compliance reviews
Reduce onboarding friction while improving trust ✅