Regulation Icon


Houses of parliament, housing the UK government

The UK government's digital identity consultation response

We’re pleased to see the publication of the UK government’s Digital Identity: Consultation Response. We and others, like techUK, have been calling on the government to reveal its plans for digital identity and this response is a step in the right direction. There are three things that we particularly like. Principles-based approach First, the need for a principles-based approach, spanning privacy, transparency, inclusivity, interoperability, proportionality and good governance. Yoti was founded on core business principles, which have enabled us to develop a suite of digital identity products with the user’s interests at their core.  It’s good to

3 min read

New JMLSG guidance recognises the power of digital identity

On 1 June 2020, the Joint Money Laundering Steering Group (JMLSG) published its revised guidance for what is expected of regulated financial services entities in relation to the prevention of money laundering and terrorist financing. The new guidance recognises the central role that digital identity and robust biometric technologies can play in ensuring regulated entities meet their anti-money laundering (AML) and counter terrorist financing (CTF) obligations.   What is the JMLSG? The JMLSG is a private sector organisation that produces guidance to help the financial services sector meet its legal obligations in relation to AML and CTF. Its guidance isn’t

3 min read

Strong support in the House of Lords for digital age verification

On Monday 20th July, several members of Lords gave strong support for digital age verification, including Baroness Neville-Rolfe, Lord Clement-Jones, Lord Stevenson of Balmacara, Lord Bourne of Aberystwyth, Lord Arbuthnot of Edrom, Lord Holmes. It’s fair to say that all concerned want effective digital age verification, even those that were opposed to the development of digital age verification during the Lords debate such as  Baroness Pickering and Baroness Williams. But for it to be effective, it needs to be standards based and meet the requirements of industry stakeholders and the public. What was NOT clear on the floor of the

3 min read

It’s my health: a global Code of Practice for sharing personal health credentials

As governments across the globe look to ease the restrictive measures placed on individuals during the COVID-19 pandemic, the need for a secure way to share personal health information has become clear. Individuals that present reasonable evidence that they pose a low risk of transmitting the COVID-19 (either they have recovered or have a recent test indicating they’re not currently infected), need a secure and trustworthy way of proving this information in order to return to work, board a flight or return to some specific, limited access venues and activities.  We believe that abiding by a Code of Practice is

3 min read
GPG 45 logo

Good Practice Guide (GPG) 45

At the end of 2019, the GPG (Good Practice Guide) 45 was updated by the GDS (UK Government Digital Services). The guidance on how to check and verify someone’s identity now reflects new methods, such as reading the biochip in ID documents, such as an e-passport. The GPG 45 is also technology neutral as it is out-comes focused, rather than process-focused. As a digital identity provider, we help organisations meet low and medium levels of assurance when checking identity, and we can also support organisations that need to meet a high level. We’re looking forward to the imminent publication of the

5 min read
Girl showing smartphone with Age UK digital ID card

The Fifth EU Money Laundering Directive is arriving in the UK - here are a few things you need to know.

The Government’s amendments to the Money Laundering and Terrorist Financing Regulations (MLR) are coming into force. This is the result of the transposition of the EU’s Fifth Money Laundering Directive, as well as a set of standards set by the Financial Action Task Force (FATF). These amendments extend the obligations to meet the MLR requirements to other sectors, which means that they will be obliged to perform ‘Know your Customer’ (KYC) checks and potentially monitor certain transactions. For example, cryptoasset activities will now fall under the scope. Furthermore, businesses will also need to consider new high-risk factors when determining whether

3 min read