Identity verification in Gibraltar
Executive summary. Gibraltar is a British Overseas Territory of approximately 34,000 people that punches far above its weight as an international financial centre, a global iGaming hub, and a pioneer in distributed ledger technology (DLT) regulation. The Gibraltar Financial Services Commission (GFSC) oversees a UK-aligned AML/CFT framework harmonised with EU AMLD5 and AMLD6. The DLT Regulations (2
Documents supported
(Government IDs from 220+ countries)
Average verification time
Countries covered
(Government-issued IDs validated)
Market overview
Gibraltar has approximately 34,000 residents occupying 6.7 square kilometres at the southern tip of the Iberian Peninsula. Its economy is dominated by financial services, online gambling, and tourism. Key verticals driving KYC demand:
Supported documents
Didit templates cover national IDs, passports, residence permits and regional documents — plus 14,000+ documents globally for cross-border flows.
Regulators
licenses and supervises remote gambling operators
HM Government of Gibraltar — Civil Status and Registration Office
restricted
Civil Status and Registration Office manages birth, marriage, and death records. Gibraltar identity cards issued to residents. British Overseas Territory — residents hold British Overseas Territories
Government & regulated databases
Compliance framework
AML framework
Supervised by Gambling Commissioner
- Proceeds of Crime Act 2015 (POCA) — the primary AML/CFT statute, establishing money-laundering offences, suspicious-activity reporting, and confiscation powers. - DLT Regulations (Financial Services (Distributed Ledger Technology Providers) Regulations 2020) — 10 regulatory principles for DLT-based businesses, including AML/KYC requirements. Update expected late 2025/early 2026 to incorporate VASP registrations. - Gibraltar GDPR (Data Protection Act 2004, as updated) — aligned with EU GDPR. Gi
Data protection
Supervised by National DPA
The Gibraltar GDPR aligns with EU standards. Cross-border transfers to EU/EEA and UK are generally permitted. Transfers to other jurisdictions require appropriate safeguards (SCCs, BCRs, or adequacy decisions). The GRA enforces compliance.
Use cases
Neobanks, EMIs, payment institutions, lenders, brokerages.
1. Document capture. Scan of passport, Gibraltar ID card, or EU national ID. 2. Liveness and biometric match. Selfie with liveness detection, matched against the document portrait. 3. Data extraction. Full name, date of birth, nationality, document number, expiry date. 4. PEP and sanctions screening
Exchanges, custodians, wallets, on/off-ramps.
DLT-licensed businesses must comply with GFSC's 10 regulatory principles, including:
Sports betting, online casinos, age-gated platforms.
Remote gambling operators must comply with Gambling Commissioner AML requirements:
Gig platforms, delivery, creator economy, e-commerce.
Standard GFSC-compliant CDD for regulated platforms: document verification, PEP/sanctions screening, and risk-based ongoing monitoring.
Biometric liveness
British passports held by Gibraltar residents contain biometric chips (ICAO 9303) with facial image and fingerprint data, supporting NFC-based verification. For international iGaming customers, the approach depends on issuing-country document technology. ISO 30107-3-compliant liveness detection is the standard for remote onboarding across all sectors. ---
CERTIFICATIONS
Our platform meets the highest international standards for information security, data privacy, and biometric accuracy.
Full EU data protection compliance
Information security management
PAD (liveness + face match)
TRUSTED WORLDWIDE
Join thousands of companies that trust Didit for their verification needs
Didit’s NFC + active biometrics technology blocks the most advanced fraud scenarios, offering a level of security equivalent to or superior to in-person verification.
Spanish Financial Sandbox
CNMV, SEPBLAC & Spanish Treasury — Conclusions Report
Didit is an exceptionally valuable partner, delivering a stable and highly adaptable solution”.
Vuk Adžić
Head of the E-Business Department at Crnogorski Telekom
Didit offered us a robust technology with a simple implementation and adaptability to different markets”.
Fernando Pinto
CEO & CoFounder at TucanPay
Thanks to Didit we have been able to reduce manual processes and improve data extraction accuracy”.
Diana Garcia
Trust & Safety Executive at Shiply
Didit’s integration slashed verification times and costs, freeing resources for other projects”.
Guillem Medina
COO at GBTC Finance
Didit removed KYC costs, enabling faster scaling with high verification standards and less fraud.”
Paul Martin
VP Marketing & Growth at Bondex
Didit’s secure, user-friendly verification boosts customer trust and optimizes our process.”
Cristofer Montenegro
Executive assistant to the CEO at Adelantos
Didit ensures a precise, secure digital onboarding without slowing negotiations or client time.”
Ernesto Betancourth
Gerente de riesgos at CrediDemo
FAQ
Yes. Gibraltar permits remote KYC onboarding under its national AML framework, including document verification, biometric liveness and video identification where required by regulation.
Didit verifies all major national IDs, passports and residence permits issued in Gibraltar, plus 14,000+ document types globally for cross-border flows.
Didit charges $0.30 per verification with 500 free checks per month. No contracts, no minimums. Competitors typically charge $1.00–$2.50+ per verification.
Yes. Didit screens against 1,000+ global watchlists including PEP databases, sanctions lists (EU, UN, OFAC, OFSI), and adverse media — covering all AML obligations in Gibraltar.
Most regulated sectors in Gibraltar require or strongly recommend biometric liveness detection for remote onboarding. Didit provides ISO 30107-3 PAD Level 2 certified liveness.
Yes. Didit supports document verification, liveness, AML screening and ongoing monitoring aligned with Gibraltar’s crypto regulatory framework, including EU Travel Rule compliance where applicable.
Yes. Didit provides document-based age verification and identity confirmation suitable for Gibraltar’s iGaming regulatory requirements.
500 free verifications per month. No contracts, no minimums. $0.30 per verification after the free tier.
