Product teams are facing renewed pressure. They now need to keep onboarding, checkout, account access and age-gated journeys moving without adding more friction. Compliance teams are also feeling the pressure - but their pressure is evidential. They need to be able to show that identity, age or eligibility checks are reliable, privacy-conscious and properly recorded.
Across Q2, the direction has become clearer, with identity moving from a back-office compliance step into a live part of regulated digital experiences.
The UK’s digital identity framework has firmly moved beyond being an abstract policy conversation. In February, the Office for Digital Identities and Attributes explained how certified and registered Digital Verification Services can support customer due diligence under the Money Laundering Regulations, including Regulation 28 identity verification and Regulation 40 record keeping. Regulated entities still retain responsibility for wider CDD, but certified DVS can support identity verification where the right conditions are met.
In April, OfDIA also clarified how providers should describe certification. A DVS can be certified against the DVS trust framework and supplementary codes, but not against AML, KYC or a specific regulation itself. Accurate language protects relying parties from misunderstanding what has actually been assessed.
Online safety has also moved from planning into delivery. In May, Ofcom said its enforcement programmes on child sexual abuse material and age assurance would continue, and that major services used by children had been told to meet clear expectations on effective age checks, safer feeds, risk assessment and protections against grooming.
For digital platforms, age assurance now affects the product journey itself: where checks happen, what data is collected, how quickly a user can continue, and whether the business can evidence the outcome afterwards.
On 29 April, the European Commission urged Member States to accelerate rollout of the EU age verification app by the end of 2026. The Commission’s model is based on proving a required age threshold without revealing exact age, identity or other personal details.
That direction is useful for UK businesses too. The direction points towards selective disclosure, data minimisation and reusable trust, rather than collecting more personal information than the journey requires.
The King’s Speech on 13 May confirmed that ministers will proceed with Digital ID through the Digital Access to Services Bill, aimed at modernising how citizens interact with public services.
For regulated businesses, customers will expect identity checks to feel safer, faster and less repetitive. Digital identity will be judged against everyday digital experiences, not old document-led processes.
At OneID®, we help businesses meet that expectation by connecting users to trusted banks and networks so they can prove who they are, how old they are or whether they own an account, without unnecessary document uploads or app downloads.