Pre-Settlement Flash Audit for Victorian Conveyancers: Catch Deepfake-Voice Wire Instructions Before They Hit PEXA

Your client rings the day before settlement to “confirm” a change to the disbursement account. The voice is right. The name is right. The phone number, on closer inspection, is not — and the instruction sits awkwardly against the file. Synthetic-voice impersonation is now cheap, plausible, and well-suited to the one-shot, time-pressured moment when a Victorian conveyancer is finalising payment directions before lodgement. The Pre-Settlement Flash Audit is a single-transaction diagnostic that reviews the verification trail on a specific file before funds move.

Why it matters now

Under the Electronic Conveyancing National Law, Subscribers must comply with the Participation Rules determined by the Registrar in each jurisdiction. The Model Participation Rules, published by the Australian Registrars’ National Electronic Conveyancing Council (ARNECC), set the framework that Land Use Victoria’s Participation Rules are drawn from — including the Subscriber’s obligations around Verification of Identity, Client Authorisations, and the retention of evidence supporting each Conveyancing Transaction. Synthetic-voice impersonation is a recognised emerging fraud vector: the Australian Cyber Security Centre publishes general guidance on AI-enabled social engineering at https://www.cyber.gov.au/, and ACCC Scamwatch tracks impersonation scams at https://www.scamwatch.gov.au/. When a deepfake voice call is used to alter payment instructions on a Victorian settlement, the consequence for the Subscriber is not only loss but a documentary gap against the Participation Rules’ evidence requirements.

The 5-minute view

• ARNECC’s Model Participation Rules (Version 7, January 2024) are the source document determined by each Registrar as Participation Rules under the Electronic Conveyancing National Law.
• Subscribers in Victoria are obliged to take reasonable steps to verify the identity of their client and the right-to-deal, and to retain evidence supporting the conveyancing transaction.
• Deepfake-voice attacks typically target the verbal “confirmation” step that conveyancers rely on after an email instruction — exploiting the assumption that a callback to a known voice closes the loop.
• A deepfake-voice attack does not change what the Participation Rules require; it changes whether the existing verification steps are still sufficient evidence in practice.
• Out-of-band verification is only meaningful if the “other band” (the phone number, the channel, the identity claim) is itself verified against an independent record — not against a number the caller supplied.
• Indicators worth checking on a specific file include: instruction-change timing relative to settlement, channel used to issue the change, whether the verifying number was sourced from a Subscriber-controlled record, and whether the verifier’s contemporaneous file note captures the verification path.
• The Flash Audit is scoped to one file, on one transaction, with no retainer or discovery call required.

What DRMO does about it

The Pre-Settlement Flash Audit is the single-transaction, productised form of DRMO’s pre-settlement diagnostic work. You submit one Victorian settlement file: the email and phone correspondence chain relating to payment instructions, the file notes around any verbal confirmation, and the dates of any instruction changes in the 14 days before settlement. We run a fixed-scope review covering three layers: (1) the documentary trail against ARNECC Model Participation Rules evidence expectations as adopted in Victoria; (2) the verification path used for any verbal confirmation — whether the callback number was sourced from a Subscriber-controlled record or from the caller; and (3) the instruction-change pattern against published indicators for synthetic-voice and impersonation attacks. The output supports — but does not constitute — your firm’s own compliance and legal decisions on the file.

The deliverable

• 15-page PDF audit report scoped to one Victorian settlement file
• Executive summary with a Red / Amber / Green status and the recommended next action
• Per-indicator review with the underlying evidence (emails, file notes, call logs) cited
• Verification-path reconstruction showing how each instruction was confirmed and against which independent record
• Verification checklist for your settlement team to complete before lodgement and funds release
• Delivered via email within 1 business day of file submission and payment

CTA

Run the Pre-Settlement Flash Audit — AUD $499

A single-transaction productised offer. No discovery call required. Suitable for any Victorian conveyancing file where payment instructions have been issued, confirmed, or changed by phone or email in the 14 days before settlement.

For ongoing protection across all transactions, see the DRMO Retainer (consultative; book a discovery call).

Sources

1. Australian Registrars’ National Electronic Conveyancing Council — Model Participation Rules (Version 7, January 2024): https://www.arnecc.gov.au/publications/model-participation-rules/
2. Australian Cyber Security Centre — general guidance on cyber threats including AI-enabled social engineering: https://www.cyber.gov.au/
3. Australian Competition and Consumer Commission — Scamwatch (impersonation scams): https://www.scamwatch.gov.au/
4. PEXA Group Limited — Subscriber and settlement workflow information: https://www.pexa.com.au/

DRMO capability references:

• Pre-Settlement Flash Audit (L2 service shape, single-transaction productised offer)
• Pre-Settlement Shield (L3 consulting package, of which the Flash Audit is the productised diagnostic component)