Laura WilesHM Treasury has published guidance on using digital identities with the MLRs.
Entities covered by the MLRs must have customer due diligence (CDD) measures in place to verify the identity of their customers and understand the purpose behind their transactions. The guidance clarifies that digital identity services certified against the digital identity and attributes trust framework and on the digital verification services (DVS) register are a reliable and independent source of information, and can be used by regulated entities as part of their CDD processes. Specifically, for individual customers, firms can fulfil their obligations under Regulation 28 of the MLRs by verifying a customer’s identity using certified and registered digital identity services.
Verification services that are not certified and on the DVS register cannot reliably be deemed suitable for compliant identity verification under the MLRs. Firms must also ensure that services can meet the required record retention requirements under Regulation 40.