Director ID Data Standard
LegalCorporateComplianceMay 23, 2021

Company Law - Director ID Data Standard

On 15 April 2021, the government released its data standard for Director Identification (ID) Numbers, the Corporations (Director Identification Number) Data Standard 2021 (Instrument). This follows on from the Treasury Laws Amendment (Registries Modernisation and Other Measures) Act 2020, which fully commenced on 4 April 2021, and which invokes a new Pt 9.1A of the Corporations Act 2001 (Cth) (Act). Pt 9.1A provides for director IDs and strict liability offences for failure to obtain a director ID.

The Instrument sets out the information which the Registrar will require in order to be able to provide a director ID to an individual who has applied under the Act.


Broad consultation for this Instrument was undertaken by Treasury for a period of 3 weeks commencing on 12 March 2021. The draft instrument and draft explanatory statement were published on the Treasury website during that consultation.

The introduction of a director ID requirement is one of the government initiatives to promote good corporate conduct, facilitate confidence, and deter and penalise illegal phoenixing, fraudulent corporate activity and business misconduct. Illegal phoenixing occurs when the controllers of a company deliberately avoid paying liabilities by shutting down an indebted company and transferring its assets to another company. This impacts on creditors (who fail to receive payments), employees (through lost wages and/or superannuation entitlements) and the general public (through lost revenue to the government).

The director ID will require all company directors to confirm their identity. The director ID will be a unique identifier for each individual who consents to being appointed as a company director. An individual will keep that unique identifier permanently, even if they cease to be a director. Because an individual will only ever have one director ID, the ID will provide traceability of a director’s relationships across companies, enabling better tracking of directors and preventing the use of fictitious identities. This will assist regulators, such as ASIC and external administrators to investigate a director’s involvement in what may be unlawful activity including illegal phoenix activity.

You can read more about director IDs here.

However, the new director ID regime will also offer benefits beyond combatting illegal phoenixing. For example, it is important for shareholders, employees, creditors and consumers to be confident in who the directors of a company are. The director ID regime provides for simpler, more effective tracking of directors and their corporate history. This will reduce time and cost for administrators and liquidators thereby improving the efficiency of the insolvency process. In addition, the regime will improve data integrity and security, and facilitate the efficient and effective use of registry data. For example, it will allow directors to be identified by a number rather than by other more personally identifiable information.

The strict liability offences in the new director ID regime, relate to the requirement to have a director ID and applying for a director ID. These offences are directed at proving the identity of directors to assist regulators, such as ASIC and the ATO, to better detect, deter and disrupt illegal phoenixing, and improve the identity of corporate data as maintained by the Registrar. The Registrar has the power to issue infringement notices if a person fails to comply, or the Registrar reasonably believes that a person has failed to comply, with the director ID provisions.

What does the data standard provide for?

The data standard provides for the following:

(a) what information may be requested and collected for performance of the Registrar’s functions and the exercise of its powers,
(b) how such information may be collected,
(c) how an application for a director ID is to be made,
(d) when information is to be provided to the Registrar,
(e) how the Registrar uses the information provided to authenticate, verify or validate details of an application,
(f) how information held by the Registrar is to be recorded and stored,
(g) correction of information held by the Registrar, and
(h) the manner and form of communication between the Registrar and persons providing information to the Registrar or seeking to access information held by the Registrar.

Applying for a director ID

Individuals requiring a director ID can apply online. An agent, or other third party, cannot apply for a director ID on behalf of a director unless the Registrar is satisfied that an exception applies. For example, if a director suffers some incapacity, s 8(2).

An applicant for a director ID will be required to complete a declaration confirming their identity and their eligibility to obtain a director ID.

Individuals are required to apply for a director ID prior to being appointed as a director. However, during the transitional period, an individual will have 28 days from the date that individual is appointed as a director, in which to apply for a director ID.

Verifying identification

The Registrar is required to provide an individual with a director ID if the Registrar is satisfied that the individual’s identity has been established. The Registrar may request certain personal information or identity documents in order to establish an individual’s identity, s 6. Individuals will be required to prove their identity using key Australian identity documents. These documents include a driver’s licence, passport, birth certificate, Australian visa and Medicare card. Data collected via an accredited digital identity provider will be used to authenticate the details provided by an individual. Where relevant, the Registrar may cross check identity information received from an individual with other agencies, including ASIC and the ATO.

Protecting privacy

The information obtained by the Registrar is protected information. The Registrar may disclose this protected information to other government agencies and may make a disclosure framework to disclose the information to non-government entities. The Registrar will take steps to protect the information held about individuals against loss, misuse or unauthorised access, use, modification or disclosure. The Registrar, in collecting personal information, will comply with the Privacy Act 1988 (Cth) and the National Privacy Principles (NPP), in particular NPP 10 which relates to the quality (and accuracy) of personal information. This is key, given that one of the main objectives of the director ID regime is to gain greater clarity as to the identity of individuals operating as directors.

The Registrar will only collect, use and disclose personal information to the extent that it is legitimately required for authenticating, validating and verifying an individual’s identity, so that the director ID regime can be effectively administered.

Sources: Corporations (Director Identification Number) Data Standard 2021, 15 April 2021, accessed 23 April 2021.

Corporations (Director Identification Number) Data Standard 2021, Explanatory Statement, 15 April 2021, accessed 23 April 2021.

CCH Pinpoint ®, Corporations Act s 1272A Applying for a director identification number, effective 4 April 2021, accessed 22 April 2021.

CCH Pinpoint ®, Corporations Act s 1272C Requirement to have a director identification number, effective 4 April 2021, accessed 22 April 2021.

CCH Pinpoint ®, Corporations Act s 1272F Infringement notices, effective 4 April 2021, accessed 23 April 2021.

CCH Pinpoint ®, Director Identification Numbers are finally here, 22 June 2020, accessed 22 April 2021.

CCH Pinpoint ®, Treasury consults on new Director ID regime, 16 March 2021, accessed 22 April 2021.

CCH Pinpoint ®, Legislation for director identification numbers commences, 6 April 2021, accessed 21 April 2021.

CCH Pinpoint ®, Director ID Number Disclosure Framework, 22 April 2021, accessed 23 April 2021.

Back To Top