Skip to main content
Didit Raises $7.5M to Build the Infrastructure for Identity and Fraud
Didit
Europe

Identity verification
built for Bosnia & Herzegovina Flag of Bosnia & Herzegovina

Bosnia and Herzegovina's Financial Intelligence Department and Central Bank enforce AML/CFT across an EU-candidate economy, Didit delivers ID, liveness, AML, and the $0.33 bundle at 500 free checks per month.

Start freeRead the docs
Backed by
Y CombinatorRobinhood Ventures
GBTC Finance
Bondex
Crnogorski Telekom
UCSF Neuroscape
Shiply
Adelantos

Trusted by 2,000+ organizations worldwide.

Country brief

How identity verification works in Bosnia & Herzegovina.

The fraud surface and the frameworks an engineering or compliance lead needs before scoping an integration.
Fraud landscape
BiH faces document-forgery and organized-crime-linked identity fraud, amplified by complex multi-jurisdictional governance and EU-accession-driven digital onboarding growth. Didit scores 200+ real-time fraud signals on every session, face morph, replay, injection, document tampering, device intelligence, IP geolocation.
Compliance frameworks
  • Law on Prevention of Money Laundering and Financing of Terrorist Activities 2014 (as amended 2022)
  • Law on Protection of Personal Data (GDPR-aligned)
  • FATF 40 Recommendations
  • MONEYVAL evaluation framework
  • EU AMLD5/6 alignment (pre-accession)
Regulators

Who supervises identity verification in Bosnia & Herzegovina.

These are the supervisors a Bosnia & Herzegovina verification flow has to answer to. One Didit hosted flow + one audit log covers every one of them, no separate integration per agency.

  • FID/SIPA

    Financial Intelligence Department within the State Investigation and Protection Agency, Bosnia and Herzegovina's national FIU. Receives Suspicious Activity Reports from obligated entities under the Law on Prevention of Money Laundering 2014.

  • CBBH

    Centralna banka Bosne i Hercegovine (Central Bank of Bosnia and Herzegovina), maintains monetary stability and coordinates financial sector regulation between the FBiH and RS entities.

  • FBA

    Federalna agencija za bankarstvo (Federation Banking Agency), supervises banks in the FBiH entity. Sets CDD requirements for FBiH-licensed institutions.

  • BARS

    Agencija za bankarstvo Republike Srpske (RS Banking Agency), supervises banks in the Republika Srpska entity. Sets CDD requirements for RS-licensed institutions.

  • AZLP

    Agencija za zaštitu ličnih podataka u Bosni i Hercegovini (Agency for Personal Data Protection), BiH's national DPA. Governs every identity verification on Bosnian residents under the Law on Protection of Personal Data.

  • BAPO

    Prosecutor's Office of Bosnia and Herzegovina, SIP-classified institution; senior prosecutors designated in the Didit AML screening layer under BiH's PEP framework.

Verification flow · One API

Four modules. One verification.

ID, biometric, AML, and a Bosnia & Herzegovina database cross-check, composed on one workflow, billed per success, returned in one report.
Read the docsGet an API key
01 · ID

Capture and read the Bosnian ID.

Captured on any phone, auto-classified, OCR-parsed, and template-verified.

  • Lična karta (biometric national ID with chip), Pasoš (ICAO 9303 biometric passport), Vozačka dozvola, and Boravišna dozvola for non-BiH residents.
  • Returns: full name, date of birth, document number, expiry, MRZ.
Read the docs
Stage 01Capture and read the Bosnian ID
  • Lična karta (biometric national ID card)
  • Pasoš (biometric passport), NFC chip read
  • Vozačka dozvola (driving licence)
02 · Biometric

Match the face. Prove it's a real person..

Selfie confirmed live and matched against the ID portrait.

  • Duplicate check: 1:N face search across existing users. Free.
  • Active liveness ($0.15) for elevated-risk flows, user turns or blinks.
Read the docs
Stage 02Match the face. Prove it's a real person.
  • Selfie on any phone or laptop camera
  • Mobile-handoff QR when the user starts on desktop
03 · AML

Screen for sanctions, PEPs, and adverse media.

1,300+ global sanctions, PEP, and adverse-media lists, plus Bosnia and Herzegovina watchlists:

  • Border Police of Bosnia and Herzegovina, PEP Level 1 (senior border officials).
  • Ministry of Defense (Bosnia and Herzegovina), PEP Level 2 (senior ministry officials).
  • Office of the Prime Minister, PEP Level 2 (senior executive officials).
  • Ministry of Foreign Affairs, PEP Level 2.
  • Digitalni arhiv, Infobiro, SIE (state-invested entity database).
  • BAPO, Prosecutor's Office of Bosnia and Herzegovina, SIP (special-interest persons).
  • SAFF Portal, regulatory warnings and enforcement notices.
  • FID/SIPA, Financial Intelligence Department SAR-derived designations.
  • MONEYVAL, Council of Europe AML evaluation findings.
  • FATF 40 Recommendations, risk-jurisdiction monitoring.
  • UN Security Council Consolidated Sanctions List, global designations.
  • OFAC Specially Designated Nationals (SDN), US Treasury designations.
  • EU Consolidated Financial Sanctions List, pre-accession applicable enforcement.
  • Interpol Notices, international law enforcement designations.

Severity-scored. Ongoing monitoring ($0.07/user/yr) re-checks daily and fires a webhook on new hits.

Read the docs
Stage 03Screen for sanctions, PEPs, and adverse media

Screen for sanctions, PEPs, and adverse media , see the docs for the full module surface.

04 · Registry

Document validation, no public registry API in Bosnia and Herzegovina.

There is no public government database validation API for Bosnia and Herzegovina currently exposed as a standalone Didit service, the Agencija za identifikacijska dokumenta, evidenciju i razmjenu podataka (IDDEEA) does not currently offer a public consumer API open to third-party integrators.
Read the docs
Stage 04Document validation, no public registry API in Bosnia and Herzegovina

Document validation, no public registry API in Bosnia and Herzegovina , see the docs for the full module surface.

Documents covered

Every Bosnia & Herzegovina document Didit accepts.

One row per accepted credential, flag, document name, document type. Live from the Didit Business Console.
Authoritative datasets

Civil-registry and AML coverage for Bosnia & Herzegovina.

One card per dataset Didit cross-checks against, civil registries on the Database Validation API plus the global AML watchlist pool. Each card links to the technical docs.
aml-screening

AML lists screened in Bosnia & Herzegovina

1,300+ sanctions, Politically Exposed Persons (PEP), and adverse-media lists, plus the country's regulatory watchlists and PEP registries.

Read the AML coverage docs
Compliant by design

Open a new country in one click. We do the hard work.

We open the local subsidiaries, secure the licenses, run the penetration tests, earn the certifications, and align with every new regulation. To ship verifications in a new country, flip a toggle. 220+ countries live, audited and pen-tested every quarter, the only identity provider an EU member-state government has formally called safer than in-person verification.
Read the security & compliance dossier
EU financial sandbox
Tesoro · SEPBLAC · BdE
ISO/IEC 27001
Information security · 2026
SOC 2 · Type I
AICPA · 2026
iBeta Level 1 PAD
NIST / NIAP · 2026
GDPR
EU 2016/679
DORA
EU 2022/2554
MiCA
EU 2023/1114
AMLD6 · eIDAS 2.0
EU-aligned by design
FAQ

Common questions about Bosnia & Herzegovina.

What is Didit?

Didit is infrastructure for identity and fraud, the platform we wished existed when we were building products ourselves: open, flexible, and developer-friendly, so it works as a real part of your stack instead of a black box you integrate around.

One API covers verifying people (KYC, know your customer), verifying businesses (KYB, know your business), screening crypto wallets (KYT, know your transaction), and monitoring transactions in real time, on a stack built to be:

  • Fast, sub-2-second p99 on every session
  • Reliable, in production with 1,500+ companies across 220+ countries
  • Secure, SOC 2 Type 1, ISO 27001, GDPR-native, and formally attested by Spain's financial regulator as safer than verifying someone in person

The footprint underneath: 14,000+ document types in 48+ languages, 1,000+ data sources, and 200+ fraud signals on every session. The Didit infrastructure dynamically learns from every session and gets better every day.

What does Didit ship?

Didit is the infrastructure layer for identity and fraud. One Application Programming Interface (API), 25+ composable modules across four product lines:

  • User Verification (KYC, know your customer), Identity Document Verification, liveness, face match, Anti-Money Laundering (AML) screening, Internet Protocol (IP) analysis. $0.33 per full bundle.
  • Business Verification (KYB, know your business), registry, Ultimate Beneficial Owner (UBO), officers, entity AML, plus a linked KYC session per UBO.
  • Transaction Monitoring, real-time rule engine, case management, Suspicious Activity Report (SAR) workflow.
  • Wallet Screening (KYT, know your transaction), on-chain wallet risk at $0.15 per check, or bring your own screening provider and run it inside Didit.

Compose any module into a workflow with the visual no-code builder, ship in 5 minutes, 500 verifications free every month, forever.

What does it cost? Is anything actually free?

500 verifications free every month, forever, on every account. No credit card. No sales call. No expiry.

Above the free tier, every module has a public per-success price on didit.me/pricing, $0.33 per full KYC bundle, $0.15 per Identity Document Verification, $0.15 per Wallet Screening, $0.20 per Anti-Money Laundering (AML) Screening, $0.10 per liveness, $0.05 per face match, $0.03 per Internet Protocol (IP) analysis.

Pay-as-you-go, no minimums, no overage surprises. Volume discounts kick in automatically as you grow.

Which BiH regulator covers identity verification on a digital onboarding?

Three primary regulators cover every BiH identity-verification flow:

  • FID/SIPA (Financial Intelligence Department), Bosnia's national FIU. Enforces the Law on Prevention of Money Laundering and Financing of Terrorist Activities 2014 (as amended 2022).
  • FBA / BARS (Federation and RS Banking Agencies), entity-level banking supervisors. Each sets Customer Due Diligence requirements for their licensed institutions.
  • AZLP (Agency for Personal Data Protection), BiH's national DPA. Governs every identity verification on Bosnian residents under the Law on Protection of Personal Data (GDPR-aligned).

Didit ships the hosted flow + audit log + watchlist coverage to satisfy all regulators simultaneously.

Is there a government database validation API for BiH identities?

No, Bosnia and Herzegovina does not currently expose a public government consumer API open to third-party integrators for civil registry cross-checks via IDDEEA.

Didit compensates with three complementary validation layers running in parallel:

  • Document OCR + chip read, every field on the Lična karta or Pasoš is extracted and validated against ISO/ICAO templates.
  • Biometric liveness + Face Match 1:1, the selfie is confirmed live and matched against the document portrait.
  • AML screening, the extracted name is screened across 1,300+ global and BiH watchlists (FID, SAFF Portal, BAPO, MONEYVAL, OFAC, UN, Interpol).
Is Didit ready for AML-compliant onboarding under the BiH Law on Prevention of Money Laundering 2014?

Yes. Bosnia and Herzegovina's Law on Prevention of Money Laundering and Financing of Terrorist Activities 2014 (as amended 2022) applies to every FBA/BARS-supervised bank and every FID-obligated entity.

Didit covers the full stack:

  • Identity Document Verification + Passive Liveness + Face Match 1:1 for tier-1 onboarding.
  • AML Screening ($0.20 per check) against 1,300+ lists including FID designations, SAFF Portal warnings, MONEYVAL findings, OFAC SDN, and UN sanctions.
  • Ongoing AML monitoring ($0.07 per user / year) for periodic customer-review obligations.
How long does it take to integrate Didit for Bosnia and Herzegovina?

5 minutes to a working sandbox, a weekend to a production flow.

  • Sign up at business.didit.me, grab an API key, call POST /v3/session/ with a workflow_id, done.
  • AI-agent path: paste the integration prompt at docs.didit.me/integration/integration-prompt into Claude Code, Cursor, or any coding agent.
  • Five SDKs share the same session model: Web, iOS, Android, React Native, Flutter.

The first 500 verifications every month are free, forever.

What does Bosnia and Herzegovina verification cost end-to-end?

Per-module public pricing, pay only for what runs on the session:

  • ID Verification, $0.15 per document check.
  • Passive Liveness, $0.10. Active Liveness, $0.15.
  • Face Match 1:1, $0.05. Face Search 1:N, free.
  • AML Screening, $0.20 per check. Ongoing AML, $0.07 per user / year.

The full KYC bundle is `$0.33`, same price worldwide. 500 verifications free every month, no credit card.

Related

Related coverage

Infrastructure for identity and fraud.

One API for KYC, KYB, Transaction Monitoring, and Wallet Screening. Integrate in 5 minutes.

Start freeTalk to us
Ask an AI to summarise this page