Pre-Settlement Flash Audit for Brisbane Conveyancers: Detect Settlement Hijack Indicators Before You Sign Off in PEXA

You’re three days from settlement on a Brisbane file. The Subscriber on the other side of the workspace has just nominated a different trust account for the seller’s proceeds. The signing window is open and the line manager wants you to lock in. You have minutes — not hours — to decide whether that nomination is legitimate or whether the workspace is being hijacked. The Pre-Settlement Flash Audit is a single-transaction diagnostic that surfaces the indicators most often present on a hijacked Queensland settlement before you sign the Financial Settlement Schedule.

Why it matters now

Settlement hijack is a recognised risk under the e-conveyancing regime. Queensland conveyancers operating in PEXA do so as Subscribers under Participation Rules determined by the Queensland Registrar of Titles, which are based on the ARNECC Model Participation Rules (currently Version 7, January 2024). Those rules require each Subscriber to verify the identity of its clients, retain evidence of right-to-deal, and apply controls to its Digital Certificate and Electronic Workspace participation — but they do not require the Subscriber on your side of the workspace to verify the Subscriber on the other side. That asymmetry is the structural gap that hijack attempts exploit: a compromised counterparty Subscriber, or a social-engineered instruction change inside an otherwise legitimate workspace, can redirect proceeds at the eleventh hour. The Australian Cyber Security Centre (cyber.gov.au) and ACCC Scamwatch (scamwatch.gov.au) both publish guidance on payment-redirection threats targeting professional services that is directly relevant to this class of attack.

The 5-minute view

• Queensland conveyancers operating in PEXA are Subscribers bound by Participation Rules made under the Electronic Conveyancing National Law, with the Model Participation Rules Version 7 (ARNECC, January 2024) as the national template.
• The Model Participation Rules require each Subscriber to verify the identity of its own clients and retain supporting evidence — but a Subscriber cannot directly verify the controls of a counterparty Subscriber.
• Settlement hijack indicators commonly appear in the final 72 hours before settlement: a late change to the destination account for proceeds, an unexpected change to the Financial Settlement Schedule, or a counterparty signing under a Digital Certificate that has not previously been used on the file.
• Out-of-band verification (a phone call to a previously-known number) is the control consistently recommended by the ACSC for any late instruction change.
• The Pre-Settlement Flash Audit is scoped to one PEXA workspace and one settlement file. It does not replace the Participation Rules obligations on either Subscriber — it provides an independent check on the indicators present on a specific transaction before sign-off.

What DRMO does about it

The Pre-Settlement Flash Audit (L2) is a single-transaction diagnostic delivered against a specific Brisbane settlement file. You submit the PEXA workspace reference, the Financial Settlement Schedule as currently drafted, and the email correspondence chain relating to payment-direction instructions. DRMO runs a fixed-scope review covering: the email authentication results (SPF, DKIM, DMARC) on inbound mail carrying any instruction change; the prior correspondence pattern between your firm and the counterparty firm on this file; the change history on the Financial Settlement Schedule destination accounts; and the indicator profile against the published settlement-hijack patterns from the ACSC and Scamwatch. The audit is calibrated to the Participation Rules framework so the findings are stated in terms a Queensland Subscriber can act on inside the workspace.

The deliverable

• 15-page PDF audit report scoped to one PEXA workspace and one settlement file
• Executive summary with a Red / Amber / Green sign-off status and the recommended next action
• Per-indicator review with the underlying evidence (email headers, FSS change history, correspondence pattern) cited inline
• Verification checklist mapped to the Participation Rules obligations the Subscriber must satisfy before signing
• Delivered via email within 1 business day of file submission and payment

CTA

Run the Pre-Settlement Flash Audit — AUD $499

A single-transaction productised offer. No discovery call required. Suitable for any Queensland conveyancing file where a payment direction has been issued or changed in the 14 days before settlement, or where the counterparty Subscriber’s signing pattern in the workspace has shifted unexpectedly.

This door provides operational support for the Subscriber’s Participation Rules obligations. It is not legal advice. Subscribers should confirm any obligation interpretation with their practitioner regulator or solicitor.

Sources

1. Australian Registrars’ National Electronic Conveyancing Council — Model Participation Rules (Version 7, January 2024): https://www.arnecc.gov.au/publications/model-participation-rules/
2. Australian Cyber Security Centre — general guidance on payment-redirection and business email compromise threats: https://www.cyber.gov.au/
3. Australian Competition and Consumer Commission — ScamWatch guidance on payment-redirection scams: https://www.scamwatch.gov.au/
4. PEXA Group Limited — Subscriber and Electronic Workspace documentation: https://www.pexa.com.au/

DRMO capability references:

• Pre-Settlement Flash Audit (L2 service shape) — single-transaction productised offer
• Pre-Settlement Shield (L3 consulting package) — ongoing settlement-cycle protection