Preparing for ECCTA Identity Verification: What Governance and Fund Ops Leaders Need to Know

Identity verification is central to effective entity management and governance operations. From onboarding directors to completing KYC checks for investors, the ability to confirm who people are, consistently and across borders, underpins the integrity of fund operations. Without reliable verification, compliance falters, filings stall and organizational trust erodes.

That’s why the UK’s Economic Crime and Corporate Transparency Act 2023 (ECCTA) represents such a significant shift. For the first time, Companies House will require directors, Persons with Significant Control (PSCs) and certain other individuals to complete formal identity verification requirements before they can act in their roles. The change is commencing on November 18, with phased deadlines tied to company filings and PSC birth months.

For governance and fund ops leaders, this isn’t just another compliance update. Identity verification is becoming a gatekeeper function: a prerequisite for the daily operations of corporate entities. Preparing now will help teams avoid disruption, protect reputation and build stronger infrastructure for the future.

What’s changing under ECCTA

The UK government introduced ECCTA to strengthen transparency and reduce misuse of corporate entities. Identity verification is at the heart of this initiative, ensuring that individuals behind companies are accountable and clearly identified.

Here’s what leaders need to know:

Who must verify:

• All company directors, including directors of overseas companies with a UK corporate entity.
• Persons with Significant Control (PSCs).
• Individuals who file documents with Companies House on behalf of companies.

‍How verification works:

• Through GOV.UK One Login, requiring government-issued photo ID and digital checks.
• Or via an Authorised Corporate Service Provider (ACSP), a regulated intermediary who can complete verification on a company’s behalf.
• As of November 18, directors and PSCs can check the Companies House register for verification due dates for all roles.

Timeline:

• From November 18, 2025, new directors and PSCs must be verified before incorporation or appointment.
• Existing directors will need to provide their identify verification on the first confirmation statement filed after November 18.
• Existing PSCs who are not directors must file their proof of identity verification within 14 days from the start of their birth month.

Consequences of non-compliance:

• Directors or PSCs acting without verification will be committing a criminal offence punishable by a fine (although the director's actions remain valid).
• Companies also commit an offence if they allow unverified directors to act, and could face fines, delays and reputational damage.

For funds and multinational groups, the reach is broader still. The requirements extend to overseas directors and those involved in cross-border structures, adding complexity to an already intricate compliance landscape.

Why it matters for governance and fund ops

Global entity management and fund operations depend on agility. Boards need to appoint directors, execute transactions and file changes without delay. Anti-money laundering and compliance checks are expected, but they cannot be allowed to grind operations to a halt.

ECCTA heightens the stakes by making mandatory identity verification a precondition for corporate action. If a director isn’t verified, the organization cannot move forward with essential filings or appointments. That’s not an inconvenience — it’s a potential operational risk with material consequences.

For governance ops leaders, the shift reframes identity management. It’s no longer simply about having verification documents on file. Instead, the question becomes:

Do we have the systems and workflows to ensure every person is verified, on time, across every entity we manage?

The ability to answer “yes” is now fundamental to maintaining compliance and avoiding costly delays.

Steps to take now

Although ECCTA’s requirements have yet to formally take effect, preparation should be underway. Governance and fund ops teams working to streamline the ID verification process now will minimize disruption and spread the workload across the transition period.

1. Audit your structure

• Map all directors, PSCs and individuals who file on behalf of entities.
• Identify cross-border roles and overseas directors who may face additional hurdles.
• Flag areas of high risk, such as high-turnover boards or complex ownership structures.

2. Plan verification workflows

• Decide whether to manage director verification directly through GOV.UK or rely on an ACSP.
• Update onboarding processes so that verification is completed before appointments or incorporations.
• Establish internal deadlines for existing directors and PSCs, ensuring the grace period doesn’t run down to the last moment.

3. Strengthen your infrastructure

• This is where technology makes the difference. Entity management systems like Athennian not only centralize governance data and corporate records, but also integrate directly with Companies House for easier filing.
• With verification becoming a prerequisite for filings, updating your system and integrating solutions can help ensure compliance isn’t dependent on ad hoc tracking.

4. Coordinate across jurisdictions

• For international structures, build processes that align UK requirements with other jurisdictions’ compliance requirements.
• Streamline communication so that directors understand what is required of them and when, avoiding duplicated effort across different regulators.

By taking these steps, governance teams can reduce the likelihood of bottlenecks and create a smoother experience for corporate directors and stakeholders alike.

Risks of waiting

With a year's grace period for existing appointments, some may be tempted to defer preparation. But waiting carries serious risks:

• Operational bottlenecks: An unverified director could delay filings, transactions or even critical board decisions.
• Regulatory exposure: Companies risk fines, rejection of filings in Companies House or invalid board appointments.
• Reputation damage: Non-compliance signals weak governance to regulators, investors and partners.
• Increased costs: Last-minute reliance on ACSPs may add unplanned expense and pressure.

In a function where reliability and foresight are key, these risks aren’t worth taking.

Looking ahead

Identity verification has always mattered. With ECCTA, it moves from a supporting process to a frontline requirement, one that now determines whether your company can appoint directors, complete filings and remain compliant.

For governance and fund ops leaders, this is both a challenge and an opportunity. The challenge is obvious: new processes, new risks and the need to ensure that every director and PSC completes verification within the mandated window. But the opportunity is just as significant: modernizing governance systems, reducing compliance bottlenecks and positioning your organization for a future where ID verification is increasingly standardized across jurisdictions.

The good news is that teams don’t need to start from scratch. With the right systems in place and integrations with regulators like Companies House, ECCTA compliance can be built into your governance operations rather than managed as a scramble. Athennian customers already have many of these capabilities at their fingertips. For organizations working toward compliance now, this is the moment to lean into technology that reduces risk, keeps you compliant and strengthens governance for the future.