UK Guidance on Digital ID for AML Compliance Answers and Raises Questions

The new UK guidance positions the Digital Identity and Attributes Trust Framework as a cornerstone for meeting AML obligations, particularly under Regulation 28 of the Money Laundering Regulations. By mandating that only DIATF‑certified digital verification services can be used for identity checks, regulators aim to create a trusted ecosystem that reduces manual onboarding costs and enhances anti‑impersonation safeguards. This approach promises faster customer onboarding while ensuring that firms retain control over record‑retention and risk‑assessment responsibilities.

However, industry experts highlight two significant gaps. First, the guidance fails to specify the confidence level required for identity assurance, a metric that the EU AML Regulation explicitly defines for remote onboarding. Second, it overlooks the status of EU‑based qualified trust service providers under eIDAS, despite their proven interoperability and presence among the 14 of 39 surveyed DVS providers. This omission could limit the use of established cross‑border solutions such as DocuSign, Signicat, and Namirial, potentially fragmenting the market and creating compliance uncertainty for firms operating internationally.

For businesses, the practical impact hinges on regulatory clarity. Clear confidence thresholds and recognition of EU eIDAS providers would unlock broader adoption of digital identity, translating the Treasury’s projected £701 million efficiency gain into tangible cost savings. Until the guidance is refined, firms must balance the benefits of certified DVSs with the lingering risk of non‑compliance, investing in supplementary due‑diligence processes to bridge the current gaps.