Pre-Settlement Flash Audit for NSW Conveyancers: Detect Deepfake-Voice Wire Instructions Before Settlement

The client rings on Tuesday. The voice sounds right — same cadence, same first-name greeting, same reference to last week’s email thread. They want to redirect the surplus from settlement to a new account because “the bank flagged the old one.” It takes ninety seconds. The Pre-Settlement Flash Audit is a single-transaction diagnostic that checks whether the verification trail on your file would survive scrutiny under the ARNECC Model Participation Rules if that voice was synthetic.

Why it matters now

Synthetic voice cloning has moved from research demonstration to a real-world social-engineering vector targeting professional services. Under the Electronic Conveyancing National Law, NSW Subscribers must comply with the Participation Rules determined by the Registrar General, which are derived from the ARNECC Model Participation Rules (currently Version 7, published January 2024). Those rules impose Verification of Identity and Client Authorisation obligations on Subscribers, and require Subscribers to retain evidence of how those obligations were discharged. A voice call instructing a change to payment destination is not, on its own, a discharge of those obligations — and a cloned voice that you cannot later distinguish from the real client is precisely the evidentiary gap a compliance examination is designed to surface. The Australian Cyber Security Centre publishes general guidance on voice-cloning and impersonation threats at https://www.cyber.gov.au/.

The 5-minute view

• ARNECC’s Model Participation Rules Version 7 (January 2024) is the current model text from which each State and Territory Registrar’s Participation Rules are derived, including in NSW.
• Subscribers are required under the Participation Rules to verify the identity of their client and to take reasonable steps to verify the client’s right to deal with the land, and to retain evidence of those steps.
• A telephone instruction — even from a number matching the client’s record — is not a Verification of Identity standard under the Rules; it is a communication channel that requires its own verification when it triggers a change to payment or authorisation.
• Voice-cloning technology can now reproduce a target speaker’s voice from short audio samples, including samples scraped from public sources or prior call recordings.
• Common indicators on deepfake-voice instructions include: an unexplained change to a previously confirmed account or payee, time pressure framed around the bank or the settlement window, refusal or inability to switch to video, and inconsistencies with the documented file history.
• Out-of-band verification — a call-back to the number on file at the time of identity verification, not the number that just called you — is the practical control the ACSC recommends for instruction changes received by voice or email.
• ARNECC compliance examinations and assessments review whether Subscribers can produce evidence of how Participation Rule obligations were met on a given transaction.

What DRMO does about it

The Pre-Settlement Flash Audit is a single-transaction diagnostic delivered against one NSW settlement file where a voice instruction has been received or where the file is otherwise sensitive to an instruction change in the run-up to settlement. You submit the file reference, the verification-of-identity record retained for the matter, the call log or notes recording the voice instruction, and the email chain referencing payment or authorisation details. We run a fixed-scope review covering: whether the Verification of Identity evidence on file would meet the standard expected under the NSW Participation Rules, whether the call-back protocol used on the voice instruction was out-of-band (against the VOI-time number, not the inbound number), the consistency of the instruction with the prior documented file history, and the presence of known voice-cloning social-engineering indicators. This is the Pre-Settlement Flash Audit productised for single-transaction self-serve use, and runs the same diagnostic logic as Step 2 of the Pre-Settlement Shield consulting engagement.

The deliverable

• 15-page PDF audit report scoped to one NSW settlement file
• Executive summary with a Red / Amber / Green status and the recommended next action before settlement
• Per-indicator review with the underlying evidence cited from the file you submit
• Mapping of the file’s verification trail against the relevant Participation Rule obligations (VOI, Client Authorisation, retention of evidence)
• Verification checklist for your settlement team to complete before funds release or authorisation lodgement
• Delivered via email within 1 business day of file submission and payment

CTA

Run the Pre-Settlement Flash Audit — AUD $499

A single-transaction productised offer. No discovery call required. Suitable for any NSW conveyancing file where a payment, payee, or authorisation change has been requested by voice in the 14 days before settlement.

Sources

1. Australian Registrars’ National Electronic Conveyancing Council — Model Participation Rules (Version 7, January 2024): https://www.arnecc.gov.au/publications/model-participation-rules/
2. Australian Cyber Security Centre — general guidance on impersonation and social-engineering threats: https://www.cyber.gov.au/
3. PEXA Group Limited — settlement workflow documentation: https://www.pexa.com.au/

DRMO capability references:

• Pre-Settlement Flash Audit (L2 service shape, productised single-transaction diagnostic)
• Pre-Settlement Shield (L3 consulting engagement; the Flash Audit corresponds to Step 2 of the Shield protocol)