Slow UK company ID checks raise fraud fears

By Vriti Gothi

The UK’s introduction of mandatory identity verification for companies under the Economic Crime and Corporate Transparency Act (ECCTA) is being viewed with caution across the FinTech and RegTech ecosystems. While the reform is positioned as a landmark upgrade to corporate transparency, FinTech fraud experts argue that the government’s decision to implement the changes over a 12-month phased period leaves a significant exposure point that criminals may exploit.

For FinTechs and digital-first banks that depend on Companies House data to automate KYB processes, streamline onboarding and strengthen fraud controls, the staggered rollout undermines the reliability of one of their most essential data sources. With millions of companies and directors still awaiting verification, the industry expects a rise in duplicate checks, manual reviews and compliance bottlenecks, reversing years of progress in automated risk management. This raises concerns that FinTech lenders, neobanks and payment providers may find themselves forced to re-validate corporate identities in-house, increasing operational costs and adding friction to customer onboarding flows.

Offering an expert perspective on the implications, Jonathan Frost, Director of Global Advisory for EMEA at BioCatch, said, “The 12-month phased rollout for mandatory identity verification leaves a clear window for criminals to abuse. With 6 million companies and officers still to be verified, it seems likely that banks will continue to shoulder a disproportionate burden, investing vast sums into double-checking Companies House data. This will distract from their efforts to tackle economic crime, and depending on how effective Companies House’s processes prove to be, there could be worse to come. If ineffective, banks will need to treat each company with a degree of scepticism that the ECCTA provisions were supposed to remove.”

He adds that the gap cannot be addressed through basic ID checks alone and that the registry must adopt the same level of technological rigour that financial institutions already employ. “Companies House should focus on using the same technology as banks, excluding bad actors from the register by tracking behaviours and devices. This will enable them to detect suspicious activity, whilst also streamlining the process for genuine directors.”

From a FinTech standpoint, this is a critical moment. Banks and FinTech firms have invested heavily in behavioural biometrics, device intelligence and real-time anomaly detection to stay ahead of fraudsters who continuously evolve their digital tactics. If Companies House maintains a slower, document-driven approach while criminals exploit the transition period, the downstream impact will likely fall on the financial sector, resulting in more false entities slipping through onboarding, higher fraud losses and a growing operational burden on compliance teams.

The success of ECCTA’s reforms will ultimately hinge on whether Companies House can match the technological maturity of the FinTech industry. As the UK moves deeper into the phased rollout, the FinTech community will be watching closely to see if the government can modernise its verification infrastructure quickly enough to prevent the very risks the legislation aims to eliminate.