CheckFile vs Onfido: complete comparison 2026

Canadian businesses subject to FINTRAC reporting, PCMLTFA obligations, and PIPEDA privacy requirements operate under a compliance framework that has no direct equivalent in the UK — and yet Onfido was built primarily for an FCA-regulated environment. Choosing between CheckFile and Onfido for a Canadian operation means understanding which platform was designed with your regulatory reality in mind, and which was adapted to it.

This article is for informational purposes only and does not constitute legal, financial, or regulatory advice. Regulatory references are accurate as of the publication date. Consult a qualified professional for guidance specific to your situation.

Comparison table: CheckFile vs Onfido

Onfido (Entrust): biometric-first identity verification

Onfido, acquired by Entrust in 2024, built its platform around a single proposition: confirming that a person is who they claim to be. Its Atlas AI engine combines document recognition with facial biometrics — a selfie matched against the document photo — and liveness detection to rule out spoofing attacks. Coverage spans 3,400+ document types from 195 countries, with strong recognition of Canadian government-issued documents: the Canadian passport, all provincial driver's licences, and the Permanent Resident (PR) Card.

For Canadian businesses onboarding international customers at scale through consumer-facing mobile applications, Onfido's native iOS and Android SDKs provide guided capture and UX optimization. SOC 2 Type II and ISO 27001 certifications underpin its security posture.

The trade-offs are significant. Onfido's enterprise pricing runs approximately CAD $2.70–5.40 per verification, available only through enterprise contracts. Integration requires 4–12 weeks. And Onfido's scope is identity confirmation — it does not natively handle the multi-document case files that PCMLTFA compliance typically demands: income verification, commercial registration records, beneficial ownership documentation.

CheckFile: broad-spectrum document verification engine

CheckFile answers a different question: "is this case file complete, authentic, and compliant?" Rather than confirming who someone is, CheckFile verifies the integrity and consistency of entire document sets across 3,200+ types — Canadian passports and provincial driver's licences alongside Certificates of Incorporation from Corporations Canada, SIN-related documents, bank statements, HR records, and legal filings.

Hosted in France under EU data sovereignty standards, CheckFile processes a document in 4.2 seconds on average with 98.7% OCR accuracy. At approximately CAD $0.16 per document on a public, pay-per-use pricing grid, the economics are transparent and predictable. The REST API integrates in 2–5 days. CheckFile does not provide biometric verification — that function can be layered separately through a biometric provider if required.

For Canadian businesses subject to FINTRAC oversight, the platform's complete audit trail, configurable business rules engine, and ISO 27001 / SOC 2 certifications align directly with the traceability and due diligence documentation requirements that PCMLTFA compliance audits examine.

Document and geographic coverage

CheckFile covers 3,200+ document types including Canadian passports, provincial and territorial driver's licences, Permanent Resident Cards, Social Insurance Number (SIN) cards, Certificates of Incorporation from Corporations Canada and provincial registries, bank statements, tax notices from the Canada Revenue Agency (CRA), and T4 slips. For employers, immigration-related documents including work permits and study permits are supported.

Onfido's coverage of 3,400+ document types is deep on government-issued identity documents. For Canada specifically, recognition of the Canadian passport, all provincial and territorial driver's licences, and the PR Card is strong. Commercial and financial documents are outside its native scope.

The structural difference matters for Canadian compliance: PCMLTFA obligations require verifying identity through a range of government-issued documents, but the due diligence file that FINTRAC expects typically extends to business registration records, source of funds documentation, and beneficial ownership declarations — a multi-document case file that CheckFile handles natively.

Pricing: ~$0.16 CAD per document versus opaque enterprise contracts

CheckFile's pricing is public and transparent. At approximately CAD $0.16 per document (equivalent to €0.12), volume discounts apply at scale with no setup fees or onboarding charges. A business processing 5,000 case files per month at three documents each pays approximately CAD $2,400/month.

Onfido operates on enterprise contracts. Published benchmarks place per-verification costs at approximately CAD $2.70–5.40. For 5,000 monthly identity verifications alone, the cost reaches CAD $13,500–27,000 — and commercial documents require additional tooling not covered by Onfido.

For reporting entities managing high-volume PCMLTFA compliance workflows — including the large cash transaction reporting (LCTR) threshold of CAD $10,000 — the per-document cost differential compounds quickly as document volumes grow.

Regulatory compliance in Canada: FINTRAC, PCMLTFA, and PIPEDA

Canada's AML and privacy compliance framework has distinct requirements that neither UK-origin nor US-origin solutions automatically satisfy.

PCMLTFA (Proceeds of Crime and Terrorist Financing Act): The PCMLTFA is Canada's primary AML/ATF legislation, administered by FINTRAC. Reporting entities — banks, credit unions, money services businesses, real estate brokers, accountants, and others — must verify client identity, maintain records, and report certain transactions. The Act requires keeping records of the identification documents used to verify clients, with specific format and retention requirements.

FINTRAC reporting thresholds: Large Cash Transaction Reports (LCTRs) are required for cash transactions of CAD $10,000 or more. Suspicious Transaction Reports (STRs) have no minimum threshold — any transaction where there are reasonable grounds to suspect money laundering or terrorist financing requires reporting. Terrorist Property Reports are mandatory. Document verification underpins all of these reporting workflows.

MSB registration with FINTRAC: Money Services Businesses operating in Canada must register with FINTRAC. Registration requires demonstrating AML compliance controls, including a documented customer identification and verification program. CheckFile's audit trail and rules engine support the record-keeping that FINTRAC examinations assess.

OSFI guidance for federally regulated institutions: The Office of the Superintendent of Financial Institutions (OSFI) sets prudential requirements for federally regulated financial institutions (FRFIs). OSFI Guideline E-13 on identity verification and record keeping, and Guideline B-6 on AML/ATF compliance, establish specific expectations for how FRFIs document and verify customer identity. CheckFile's structured outputs and audit trail align with E-13's documentation requirements.

Provincial law societies: Legal professionals in Canada — subject to AML obligations under PCMLTFA through their respective law societies (Law Society of Ontario, Barreau du Québec, and others) — must verify client identity independently. Provincial law society rules govern the acceptable methods and document types.

PIPEDA and provincial privacy laws: Canada's federal privacy law, PIPEDA, governs personal information handling by private sector organizations. Québec's Act respecting the protection of personal information in the private sector (Loi 25), which has been substantially updated, imposes stricter requirements including mandatory privacy impact assessments, 72-hour breach notifications, and data minimization obligations more analogous to GDPR than to PIPEDA. Organizations with Quebec operations must assess their document verification workflows against Loi 25, not just PIPEDA. CheckFile's EU hosting model and configurable data deletion align with both frameworks, though each organization must conduct its own assessment.

Technical integration: 2 days vs 4-12 weeks

CheckFile provides a documented REST API with webhooks for asynchronous processing and native connectors for Salesforce and HubSpot. No proprietary SDK is required. Integration typically takes 2–5 days. A free 48-hour pilot lets you test the platform with your actual documents before any commitment.

Onfido's mobile SDK (iOS and Android) encapsulates document capture, selfie collection, and liveness detection into an embeddable component. For consumer-facing mobile applications, this provides a polished guided-capture experience. Integration runs 4–12 weeks, excluding the time required for a privacy review of biometric data processing under PIPEDA and Loi 25.

For back-office compliance workflows — processing documents received by email, portal upload, or scanned submissions — CheckFile's API-first architecture is more direct. For consumer mobile onboarding requiring biometric selfie verification, Onfido's SDK offers a better in-app experience that CheckFile does not replicate.

Document fraud detection

CheckFile detects fraudulent documents with 94.8% recall and a 3.2% false positive rate. Detection covers document tampering, data inconsistencies across documents within a case file, format anomalies, and metadata irregularities. These metrics are published and independently auditable.

Onfido's Atlas AI engine combines documentary and biometric fraud signals. Recall and false positive metrics are not published. Onfido's particular strength is identity fraud — detecting that someone is presenting another person's authentic identity document with their own face, a fraud vector that liveness detection catches and document-only analysis cannot address.

For Canadian businesses, FINTRAC has identified specific fraud typologies — including synthetic identity fraud in the real estate sector — that benefit from layered documentary and biometric detection. The two platforms are architecturally complementary.

When to choose CheckFile

• Your PCMLTFA compliance program requires verifying multi-document case files — Canadian passports, provincial driver's licences, PR Cards, SIN documentation, Certificates of Incorporation — not just a single identity document
• You are a FINTRAC reporting entity managing LCTR workflows, STR documentation, or MSB registration compliance
• You need transparent, per-document pricing without enterprise contract negotiations — the CAD $0.16/document rate is public
• Your integration timeline is measured in days, not weeks or months
• You operate in Québec and need a platform compatible with Loi 25 data minimization and breach notification requirements
• You serve clients subject to OSFI Guideline E-13 recordkeeping requirements for federally regulated financial institutions

When to choose Onfido

• Your primary requirement is biometric identity verification: confirming identity via selfie-to-document facial comparison and liveness detection
• You operate a consumer-facing mobile application where Onfido's native iOS/Android SDK provides guided capture and a polished onboarding UX
• You onboard customers internationally and need deep recognition of government-issued identity documents across 195 countries
• Budget per verification is not a primary constraint and you are comfortable with enterprise contract pricing
• Your compliance requirements are identity-centric and do not extend to the commercial document verification that PCMLTFA due diligence typically requires

Verdict

CheckFile and Onfido answer different questions. Onfido asks "who is this person?" and answers with biometrics. CheckFile asks "is this case file complete, authentic, and consistent?" and answers with comprehensive documentary analysis.

For Canadian businesses subject to PCMLTFA obligations, FINTRAC reporting requirements, OSFI prudential guidance, and the provincial privacy variations imposed by Loi 25 in Québec, the compliance challenge extends substantially beyond a single identity check. CheckFile's multi-document coverage, transparent pricing, and rapid API integration make it the more practical fit for the documentary compliance workload that Canadian regulation actually imposes.

For organizations requiring both — biometric identity confirmation and multi-document case file analysis — the two platforms are architecturally compatible. A common pattern uses Onfido for initial selfie verification and CheckFile for the full case file: PCMLTFA-required supporting documents, corporate registration records, beneficial ownership declarations, and cross-validation across the complete dossier.

See also: Document Verification Guide · Identity Verification Solutions Comparison

Frequently Asked Questions

Does CheckFile satisfy FINTRAC and PCMLTFA document verification requirements?

CheckFile's verification outputs — structured data extraction, fraud detection flags, and a complete audit trail — support the recordkeeping obligations that FINTRAC expects under the PCMLTFA. The platform is ISO 27001 and SOC 2 certified, and its configurable rules engine can enforce the client identification and verification logic that PCMLTFA requires for different reporting entity types. CheckFile does not file LCTRs, STRs, or Terrorist Property Reports on your behalf — those reporting obligations remain with the reporting entity.

Can CheckFile and Onfido be used together in the same workflow?

Yes. Both platforms expose REST APIs and integrate straightforwardly. A typical Canadian compliance architecture uses Onfido for biometric selfie verification (document + facial comparison + liveness), then CheckFile for the supporting case file: income verification, CRA notices, provincial business registration records, and cross-validation across all documents. The combination covers both identity fraud and documentary fraud within a single PCMLTFA-compliant workflow.

How does CheckFile handle Québec's Loi 25 privacy requirements?

CheckFile is hosted in France and operates under EU data protection standards, which are substantively aligned with Loi 25's requirements on data minimization, purpose limitation, and configurable deletion. Organizations subject to Loi 25 must conduct their own Privacy Impact Assessment (PIA) — mandatory under Loi 25 for high-risk personal information processing — to evaluate their specific workflows. CheckFile's data processing agreement and technical documentation support that assessment. The Office of the Privacy Commissioner of Canada and the Commission d'accès à l'information du Québec (CAI) publish guidance on PIA requirements.

What Canadian document types does CheckFile support?

CheckFile supports Canadian passports, all provincial and territorial driver's licences, Permanent Resident (PR) Cards, SIN cards, provincial health cards (where used for identity purposes), Certificates of Incorporation from Corporations Canada and provincial registries, CRA tax notices, and T4 slips. The full catalog of 3,200+ supported document types is available through the CheckFile contact page.

---

CheckFile processes 3,200+ document types with 98.7% OCR accuracy and a 4.2-second average verification time. ISO 27001, SOC 2 certified. Public pay-per-use pricing from ~CAD $0.16/document.

See pricing · Start a free pilot · Security overview