Corporations Home ID verification to begin in November 2025
Corporations Home is forging forward with plans to introduce authorized id verification necessities for administrators and folks with vital management (PSCs) of corporations, with enforcement to start in just a few months on Tuesday 18 November 2025.
The measures will imply new administrators should confirm they’re who they declare to be with a view to incorporate a brand new firm or be appointed to an present one, whereas present administrators might be made to verify they’ve verified their id concurrent with the submitting of their annual affirmation assertion throughout a 12 month transition interval from November. Moreover, PSCs might want to confirm their id in keeping with an appointed day inside the similar interval
Corporations Home claims the roll-out of id verification won’t solely help enterprise progress by giving extra assurance about who’s establishing and working UK corporations, but additionally assist organisations profit from extra reliable registry knowledge and stop fraud.
“Id verification will play a key function in bettering the standard and reliability of our knowledge and tackling misuse of the businesses register,” mentioned Corporations Home CEO Louise Smyth.
“To help enterprise and assist individuals confirm their identities, Corporations Home is contacting all corporations with recommendation and steerage.
“That is a part of a coordinated effort to assist corporations to conform [and] we encourage individuals to confirm as early as doable,” mentioned Smyth
“Greater than 300,000 people have already accomplished so in the course of the present voluntary interval, which began in April,” she mentioned.
The measures are being launched after Corporations Home was granted elevated powers beneath the Financial Crime and Company Transparency Act of 2023, which obtained Royal Assent in October 2023. These powers additionally give Corporations Home the power to problem info submitted to it.
Corporations Home mentioned it was phasing within the id verification course of over the interval by means of November 2026 with a view to present corporations and people in scope with the absolute best help. It believes that about six or seven million individuals might want to take part, though for many this must be a one-off course of that takes a couple of minutes to finish.
After 18 November individuals will commit an offence in the event that they act as an organization director with out being verified as soon as their duties start, so present administrators ought to confirm earlier than their firm’s subsequent affirmation assertion comes due. Corporations Home mentioned it could be offering assist and help for companies as they work in the direction of compliance, and mentioned its enforcement strategy could be “proportionate”.
One Login worries
Administrators and PSCs will be capable of confirm their id both by way of the Gov.uk One Login digital id service, or by way of an authorised company service supplier (ACSP).
Nevertheless, the supposed use of the One Login digital id service to conduct id verification has sparked issues amongst safety specialists. As first reported by Pc Weekly, the Authorities Digital Service (GDS) was warned by the Cupboard Workplace and the Nationwide Cyber Safety Centre (NCSC) in April 2025 about vital knowledge safety failings and different shortcomings.
A whistleblower described a litany of issues together with inadequate safety staffing, a scarcity of danger or risk assessments, or info safety administration programs. In addition they described inadequate monitoring processes and issues in regards to the variety of individuals with privileged entry to dwell knowledge.
As of the top of April, One Login had but to attain compliance with key nationwide cyber safety requirements – a full three years after such issues had been first raised.
Then, in Might, the service misplaced its certification towards the federal government’s personal belief framework for digital id programs, and an impartial red teaming workouts discovered proof of a big vulnerability in One Login, which already has six million customers.
Michael Perez, director at Dublin and Milton Keynes-based managed safety providers supplier (MSSP) Ecko, mentioned that whereas necessary id verification was a worthy goal in that it sought to handle challenges round belief, fraud, and managing digital complexity, the well-documented issues with One Login raised legitimate issues over Corporations Home’s plans.
“Requesting tens of millions of people to submit delicate id paperwork by way of a platform that hasn’t absolutely adopted secure-by-design ideas introduces vital danger. It concentrates vulnerability and will expose customers to breaches at a time when public confidence in digital programs is already beneath strain,” mentioned Perez.
“Whereas the ambition behind One Login is commendable, sturdy protections should underpin any system dealing with id knowledge. At current, the platform is asking people and companies to share important info with out the mandatory safeguards in place, setting a regarding precedent.”
He added: “What’s wanted now’s higher assurance. The general public deserves programs which might be totally examined and safe by design. With out that, increasing One Login’s use dangers eroding belief not solely on this platform, however within the broader imaginative and prescient for digital authorities.”
