Welcoming the new Regulatory Innovation Office

profile picture Yoti 4 min read
Decorative image of the outside of the Houses of Parliament.

This week, the UK Government announced the creation of the new Regulatory Innovation Office – a move we welcome here at Yoti. 

Bringing new tech to market is often slowed down, or even blocked, due to outdated regulations or a lack of existing bodies to help support and facilitate the introduction of the new technology or co-ordinate its joint recognition. Recognising that this is a barrier to innovation, the Government will introduce the Regulatory Innovation Office (RIO). 

The Regulatory Innovation Office will sit under the Department for Science, Innovation and Technology (DSIT). It aims to help regulators facilitate economic growth by speeding up approvals and making regulation processes more efficient. By encouraging and supporting different regulators to work together, the RIO will encourage and foster innovation from businesses.

Key aims of the RIO include bringing regulators together and “working to remove obstacles and outdated regulations to the benefit of businesses and the public”.

 

Calling for regulatory consistency

In order to help maximise the potential of the new RIO, we advocate for regulatory consistency across the field. This would mean that once one technology is approved by any single Government department, it should be publicly recognised by other departments within a reasonable time frame (e.g. within 12 months).

We believe this would significantly reduce the time and effort required for businesses to navigate different regulatory processes and bodies, which in turn, would lead to faster innovation whilst reducing costs all round.

A challenge we face is that new initiatives are often slow to be deployed across different sectors. This is because it can often take years for each governmental department to assess and allow the same technology to be used in their particular area.

For example, digital IDs are certified under the Digital Identity and Attributes Trust Framework (DIATF) for right to work, right to rent and criminal record (DBS) checks. This has transformed the employment sector and the way people complete these important identity checks. Yet, these UK government-certified digital IDs are not publicly recognised by other regulatory agencies such as the Financial Conduct Authority (FCA) or the Gambling Commission.

Additionally, facial age estimation is recognised by Ofcom as a highly effective method for accessing age-restricted content online. It’s also supported by the Information Commissioner’s Office for the Children’s Code. However, it can’t be used for the sale of alcohol in licensed premises due to the current Mandatory Licensing Conditions, despite being successfully tested by the Home Office. Yet, the same facial age estimation technology is already being used to stop underage children from playing 18+ gaming machines in pubs and to help prevent online sales of any age-restricted goods.

The Mandatory Licensing Conditions currently prohibit the use of both UK government-certified digital IDs and facial age estimation. This is because the current law has not been written to be outcome-based, which would allow regulation that supports new technology to be used if proven to be effective. Instead, the law requires a specific technology solution to be used – in this case, a person checking a physical ID document with a hologram. UK supermarkets have said they would like to use facial age estimation and reusable digital IDs but they cannot do this until the law is changed. 

Julie Dawson, our Chief Regulatory and Policy Officer, commented: “Regulatory consistency will create a more cohesive landscape supporting innovators and citizens alike. This in turn can drive economic growth by encouraging the development of more world-leading innovative UK businesses.”

Robin Tombs, our Chief Executive Officer, added: “Creation of the Regulatory Innovation Office is a very welcome, sensible step by the new Government. But naturally businesses will want to see evidence that the RIO performs well in meeting its important mission as this will enhance the UK’s competitive position and drive innovation and growth.”

Keep reading

An image of the Yoti logo. Underneath reads "Yoti responds to the Supreme Court decision on Free Speech Coalition vs Paxton".

The Supreme Court rules in favour of age verification

The question of whether states can require age checks on adult websites has reached a turning point in the US courts. In Free Speech Coalition v. Paxton, the case challenged Texas’s H.B. 1181 law, which required commercial websites that publish sexually explicit content to verify the ages of their visitors to prevent minors from accessing pornography. One of the big discussion points has been whether, in 2025, it is still too burdensome for US adults to prove age privately compared to 20 years ago – especially when privacy-preserving age verification tools have advanced significantly.  The Supreme Court has upheld

3 min read
An image of a child and their parent sitting on a sofa and using a mobile phone. The accompanying text reads 'Ireland's Online Safety Code - Ireland'.

Ireland’s Online Safety Code: what it means for online platforms and how to comply

What you need to know: Ireland’s Online Safety Code will hold video-sharing platforms accountable for keeping their users, especially children, safe online. Platforms with adult content, including pornographic or extremely violent content, must use age assurance to prevent children from accessing the content. These age assurance requirements come into force in July 2025. Platforms that don’t comply can face strong penalties – up to €20 million or 10% of annual turnover.     From July 2025, video-sharing platforms in Ireland with pornography or extremely violent content will need to introduce age assurance to protect children from accessing their content.

7 min read
Image of a man holding his mobile phone in one hand and a driving licence in the other hand. The accompanying text reads "Data Act - United Kingdom".

Understanding the UK’s new Data Act

The Data (Use and Access) Act, now known more simply as the “Data Act”, is a landmark piece of UK legislation that aims to reshape how individuals and businesses interact with digital data. It introduces provisions for a national digital identity trust framework, helping to foster trust in digital identities by ensuring that businesses adhere to strict standards during digital transactions.  This blog gives an overview of the Data Act and what this means for digital identities in the UK.    Why has the Government introduced the Data Act? The Government has said that the Act will “unlock the

9 min read