TL;DR: As of November 2025, companies house identity verification is mandatory for Companies House. In order to understand how to meet companies house identity verification standard, businesses should follow a step-based process supported by controls where relevant. For companies house director verification, the journey typically ends with a personal code used to link roles and support confirmation statement filings.
What is Companies House Identity Verification?
Companies House is the UK registrar that keeps the public register of companies’ corporate members and runs online filing services for confirmation statements. As of November 2025, stronger identity verification protocols became a legal requirement for all UK company directors and People with Significant Control (PSCs) for existing and new companies.
People must either successfully verify via GOV.UK one login or through an Authorised Corporate Service Provider (ASCP). They must do this using documents, to ensure a safer register of existing individual members to tackle anti-money laundering or identity fraud. An ACSP acts as a business entity that can verify people on a client’s behalf. That means there needs to be some additional company time and resources that go beyond just checking an ID.
Companies House Identity Verification Journey
ACSPs must retain all the evidence of every check to uphold UK standards. This includes successful, failed, or referred outcomes for corporate directors or PSC that have been successfully verified as well as failed verification attempts. So if Companies House requests a record, it can be produced.
ACSP delivery should follow a simple and repeatable journey for full compliance without financial penalties. By collecting individual details, capturing identity evidence, validating authenticity, confirming it belongs to the person, then recording and retaining an audit pack before submitting verification for the personal code can be issued and roles can be linked for filing. Putting such a protocol in place requires company time for proper training, necessary controls, and repeatable outputs.
Why Companies House Identity Verification Tightened
This introduction of identity verification in November 2025, is part of Companies House’s wider push to reduce any abuse of the register linked to anti-money laundering and economic crime. To prevent the use of companies for illegal purposes, existing directors need to verify their Identity. It helps ensure compliance with legal requirements and reduce further risks.
Identity checks are tightening because the UK is closing gaps
Joshua Vowles-Dent, GTM Lead, says that “Identity checks are tightening because the UK is closing gaps that have been exploited for years – shell companies, false director details, and synthetic identities that make it easier to move value and hide accountability. For ACSPs, the shift is clear: identity verification can’t be treated as a one-off ‘tick box’. It needs to be consistent, evidence-led, and repeatable, with records that stand up to scrutiny.”
The identity verification process is designed to be consistent, not simply the best effort. Companies House is clear that any business entities such as ACSPs must also meet the identity verification standard when verifying existing pscs or directors for clients. If organisations skip these steps, they are not compliant and at risk of regulatory financial penalties.
Scope of Verification of Companies House Service
The current scope of identity verification of companies house service includes directors, persons with significant control (PSC) as well as members of a limited liability partnership who are required to verify their identity. It is an offence to act as a director or PSC without verified identity and can result in penalties. You may face prosecution and financial penalties through the courts if you fail to comply with identity verification requirements.
It is also common to see mixed status in one file for a company’s confirmation statement. The same company may have new and existing directors plus existing PSCs at the same time. So intake must capture roles clearly. Clients also ask about the company secretary, so define who must verify their identity versus who only files.
The Companies House Identity Verification Process
In November 2025, the companies house register has two routes for the new identity verification process. As mentioned, people verify directly through gov.uk one login, post office or they use an authorized corporate service provider (ACSP). This is direct verification of identity of existing directors and PSCs.
The ACSP route is the assisted route which is helpful for existing and new companies alike. Unlike gov.uk one login, this is where a business will handle and run the checks, keep records, as well as support any edge cases around identity for companies house. Both of these routes introduce identity verification for the same end state as part of anti-money laundering procedures, preventing the use of companies for illegal purposes and any other form of identity fraud.
Common Pitfalls for Authorised Corporate Service Providers (ACSP)
ACSP teams stumble on the same four pitfalls when delivering companies house director verification: they confuse AML CDD with Companies House verification, accept incomplete intake data (especially address history), keep weak records, and leave clients unclear on the personal code. As a result, many company directors get stuck right when they need to link roles for filings. Companies House makes the expectation explicit: ACSPs must follow the identity verification standard and keep step-based evidence.
The simplest fix is a tighter operating model: split AML and Companies House into separate workflows, validate intake data up front, standardise an “audit pack” for every case, and send a short handoff explaining how to access and use the Companies House director verification personal code (via “Manage account”) before key filing dates.
The Guide to Identity for Companies House Verification Standards
Companies House introduces identity verification as mandatory and it is crucial for ACSPs to complete every step. That means your ACSP must be standards-first. Tools can help, but the duty stays with you. This is also where anti-money laundering governance helps. Anti-money laundering culture already values evidence and audit trails. Still, Companies House director verification is its own process and identity verification requirements. It is not just another AML check.
Step 1: Entering details and identity data quality
Step 1 is to ask for information about the person. In practice, this is where companies can prevent most delays. If clients make mistakes in verifying their identity by entering personal details, later on, checks will fail. During the identity verification process, it is important to provide answers about yourself, not your company. So it is crucial for existing companies to build a clean intake form. Use validation rules and short explanations to verify their identity. Capture the filing context early and ask which roles they hold and whether a filing deadline is near.
Step 2: Identity documents and photo ID
Step 2 is getting evidence to verify their identity. This is where identity documents and photo ID choices matter. Acceptable forms of identification include government issued documents, machine readable passports, biometric residence permits, UK biometric residence permits, UK biometric residence cards, Irish passport cards, and UK frontier worker permits. gov.uk one login lists the types of photo ID that can be used to verify your identity. The document reference number, expiry date, and country of issue should be recorded as part of the evidence.
Steps 3-4: Security questions and identity checks
Steps 3 and 4 are where your identity checks happen to verify someone’s identity. You check the evidence is real, then check it belongs to the person. In direct routes, some users prove identity by answering security questions online. In the “online then Post Office” route, users enter details from photo ID on gov.uk, then go to a Post Office to have the photo ID scanned. As an ACSP, keep your decision notes simple. You should be able to explain your logic in one minute.
Steps 5-6: Records, decisions, and retention
Step 5 is record keeping. Companies House requires you to keep records of the evidence and info used. It also says you must keep these records for 7 years from the date you complete the identity verification. Step 6 is the verification decision. You decide if you can verify the person’s identity. So build an a verification pack by default as part of the new identity verification process. That is what keeps things defensible at scale.
Companies House Identity Verification Pack for Audit-Readiness
A strong ACSP “verification pack” is what turns companies house identity verification from a one-off task into a defensible process you can repeat at scale. As outlined by Companies House, ACSPs must keep records of the identity verification steps and retain them for 7 years, so your pack should be built to answer one question quickly: what did we check, what evidence did we rely on, and why did we verify (or not)?
In practice, a complete pack should include: intake details (the identity data provided at onboarding), evidence copies (document images or capture outputs), and check logs (system outputs showing authenticity/ownership results). It should also capture the decision record (verified / fail / refer), any reviewer notes (if applicable), the ACSP submission confirmation, and an audit-ready timestamp trail that links actions to the operator and time, plus a clear retention marker so your team knows when the record can be disposed of.
Companies House Personal Code via gov.uk one login
After a person verifies their identity, a person gets a Companies House personal code. Companies House explains it is an 11-character code, personal to the individual. Clients often call it a house personal code. Users can view and manage their personal code and verification details through their Companies House account via Manage account once their identity is verified and connected to the account.
The Companies House register will be updated to show the due dates for each role you hold after verification. You may be required to provide your personal code to Companies House more than once If you are involved in more than one company. Companies House says you must sign in with the same email address used when you verified.
Handling Sensitive Identifiers for Companies House Identity Verification
Some clients will ask whether they must provide a national insurance number, especially if they’ve heard different routes ask for different details. ACSPs should treat any government identifier as “high sensitivity” and only collect it when it’s genuinely required for the selected verification journey. gov.uk one login journeys can include evidence and verification signals beyond photo ID, such as HMRC tax record checks, and the security questions route is based on credit-record style questions, which is why users can see different prompts depending on what data is available for them.
From an ACSP controls perspective, the goal is minimisation plus strong safeguards: collect the minimum attributes needed to complete the ID verification process, store them with tight access controls, and retain them only as long as required for audit. FATF’s digital identity guidance explicitly frames digital ID as a way to support elements of customer due diligence using a risk-based approach, which aligns well with treating identifiers such as a national insurance number as optional-by-design, not default-by-habit.
Case study: Overseas founder becomes company director near a filing date
Shared inbox blocked personal code access before a confirmation statement
Northbridge Services Ltd (Leeds) added an overseas founder as a new director and updated an existing director’s details. The founder tried gov.uk one login but struggled to verify their identity. After switching to an ACSP route, they learned that a shared mailbox caused confusion over the same email address used at verification. This blocked access to a personal code for companies house director verification via Manage account.
ACSP verification plus code-access recovery playbook
An ACSP ran the six-step process and captured evidence in a clean audit pack. This was treated as a full companies house director verification process. Then, they moved the new director to a unique email and documented ownership. Additionally, the team aligned next steps to role linkage and filing timing. A verified identity results in a personal code that allows you to role link.
On-time filing and repeatable controls
- The company filed on time with no identity rework for the existing companies corporate members.
- The new director’s verified identity linked cleanly to the role.
- They removed shared inbox risk and kept access stable.
- They also retained a complete audit pack for 7 years.
Corporate directors, corporate PSCs, corporate members, and limited partnerships in scope at later date
After November 2025, Companies House has signalled that some roles will move into scope at a later date, so ACSPs should expect follow-on change. This includes corporate directors, officers of corporate PSCs, and limited partnerships. They require tighter role mapping. Some clients will also describe LLP structures using terms such as corporate members or “companies corporate members” where a company is the member, which is exactly where poor data modelling and unclear ownership chains create friction.
As outlined by Companies House’ “changes to UK company law” programme, staged implementation is part of the plan, so the best teams treat later-date scope as a planned product iteration, not an unexpected compliance fire drill. You can learn more about workflows here: Build a Strong KYC Due Diligence Checklist UK
Key Takeaways
- Companies house identity verification works best as an end-to-end workflow, not a one-off check.
- Meeting companies house identity verification standard means mapping every step to saved evidence and a clear decision record.
- Companies house director verification is easiest when planned around the next confirmation statement deadline.
- Strong record-keeping (audit pack + retention) is what makes your ACSP process defensible at scale.
- Clear client comms (what happens next, timelines, and code usage) prevents most delays and rework.
Preparing for Scale with ComplyCube
As of November 2025, with the 12-month transition period, volume will rise. More people will verify closer to company’s confirmation statement deadlines. The authorised corporate service provider process is an advantage. With good intake, strong checks, and fast record retrieval, companies can avoid financial penalties and further risks.
So if you want to future-proof your identity verification solution, design now for later date roles. That includes corporate PSC officers and limited partnerships. If you want a practical review of your workflow against the six-step standard, speak to our team at ComplyCube. We can help you standardise checks and produce audit-friendly outputs that match your policy.
Frequently Asked Questions
Do we need to use gov.uk one login for Companies House Identity Verification?
Not necessarily. gov.uk one login (via desktop of smart phone) is the direct route for individuals completing companies house identity verification themselves. UK authorized corporate service providers are business entities that can verify clients via their own workflow. They know how to meet companies house identity verification standards (consistent evidence capture, checks, and record-keeping).
Can directors verify at a participating post office?
Yes, people (corporate directors and PSCs) who can’t use the gov.uk one login route can complete companies house identity verification via the post office at a participating location. This is a common option for UK-based directors who want an in-person check or don’t have a compatible device.
What does answering security questions online mean for Companies House identity verification?
It’s a knowledge-based route in gov.uk one login where users answer security questions linked to their records (often influenced by UK address history), so choosing the right route early helps avoid delays with companies house identity verification.
Why do people lose access to their Companies House personal code during director verification?
Most issues are sign-in related using the wrong account, not using the same email address, or not finding the code in Manage account and because the Companies House personal code is needed for role linking, this can derail companies house director verification close to a confirmation statement deadline.
How can ComplyCube help with Companies House Identity Verification and Director Verification?
With ID verification becoming mandatory as of November 2025, ComplyCube supports UK ACSP teams by standardising companies house identity verification with an audit-ready workflow. You can capture identity checks, decisioning, and record outputs, helping you meet how to meet companies house identity verification standard. It helps deliver smooth companies house director verification, even when cases arrive near filing deadlines.
