HMT guidance on using digital identities with the UK Money Laundering Regulations

HM Treasury and the Department for Science, Innovation and Technology have jointly published guidance setting out how entities regulated under the UK Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017 (MLRs) can use digital verification services for customer due diligence checks. Under the MLRs, banks and other regulated entities must establish policies, controls and procedures to mitigate the risks of money laundering and terrorist financing. These include customer due diligence measures to verify the identity of customers and understand the purpose behind transactions. Digital identity services which are certified against the trust framework and on the digital verification services register can be used by regulated entities as part of their customer due diligence processes.

Specifically, for individuals, entities can fulfil their obligations under the MLRs by verifying a customer's identity using certified and registered digital identity services. Entities may also use certified and registered digital identity services to fulfil their obligations regarding the verification of company directors. Regulated entities are reminded that they should continue to make their own assessment of a customer's risk and apply enhanced due diligence measures accordingly. While digital identities may be used for identification and verification purposes, entities should not assume that digital identities fulfil all aspects of customer due diligence. Regulated entities will also remain ultimately liable for any failures to apply customer due diligence measures appropriately when using digital identity services. Entities should also ensure that services can meet the required record-retention requirements under the MLRs. The new guidance supplements but does not supersede obligations under the MLRs.

Return to main website.