Identity verification in Italy
Executive summary. Italy is one of the EU's most densely regulated identity and AML environments. The core statute is Decreto Legislativo 21 November 2007, n. 231 ("D.Lgs. 231/2007"), which transposes the EU AML directives and has been amended repeatedly, most recently by D.Lgs. 125/2019 (crypto) and D.Lgs. 90/2017 (penalty regime). Customer due diligence obligations are enforced by Banca d'Italia
Documents supported
(Government IDs from 220+ countries)
Average verification time
Countries covered
(Government-issued IDs validated)
Market overview
Italy is the EU's third-largest economy and one of the most mature digital-ID markets in Europe. Two facts matter for any KYC vendor operating in the country: 1. Government digital ID is ubiquitous. SPID (Sistema Pubblico di Identità Digitale) has been adopted by more than 38 million Italian adults and is issued by nine accredited identity providers (Aruba PEC, InfoCert, Lepida, Namirial, Poste Italiane, Register, Sielte, TI Trust Technologies, In.Te.S.A.). The Carta d'Identità Elettronica (CIE 3.0) has been issued to over 45 million residents and is eIDAS-notified at the "high" assurance level — the highest available. Every Italian bank, insurer and regulated fintech is already expected to accept these rails. 2. Remote onboarding is mainstream and heavily regulated. Banca d'Italia's Dispo
Supported documents
Didit templates cover national IDs, passports, residence permits and regional documents — plus 14,000+ documents globally for cross-border flows.
Regulators
Agenzia delle Dogane e dei Monopoli
AgID (Agenzia per l'Italia Digitale)
regulated
Public Digital Identity System. 70%+ of Italian adults enrolled. Three levels of assurance (LoA 1: username/password, LoA 2: two-factor, LoA 3: hardware token). 9 accredited IdPs: Aruba PEC, In.Te.S.A
Ministry of Interior / Istituto Poligrafico dello Stato
regulated
Electronic ID card with NFC microchip (CIE 3.0). Produced by Istituto Poligrafico e Zecca dello Stato. NFC-based chip reading with TLS client certificate authentication (PIN-protected). Biometric data
Agenzia delle Entrate
regulated
Tax identification code (16 alphanumeric characters for individuals) assigned to all residents. Official online verification tool on Agenzia delle Entrate website (checks registration status). Third-p
Ministry of Interior
regulated
National population register consolidating 8,000+ municipal registries into single national database. 57M+ residents, 7,794 municipalities integrated. Address, civil status, family composition, birth/
InfoCamere / Chambers of Commerce
open
Business register managed by Chambers of Commerce. Online search available.
Government & regulated databases
Compliance framework
AML framework
Supervised by ADM
Italy's AML regime rests on a handful of core instruments:
Data protection
Supervised by CONSOB
- Retention: Art. 31 of D.Lgs. 231/2007 imposes a 10-year retention period on client identification data, transaction records and all documents supporting the CDD file. This is longer than the 5-year minimum of AMLD5 — Italy deliberately chose the higher floor. - Legal basis: retention for AML purpo
Penalties for non-compliance
- D.Lgs. 90/2017 rewrote the AML sanctions regime: CDD failures start at €2,000 per violation and escalate to €2,500–€50,000 for serious, repeated, systematic or multiple violations. For banks and financial intermediaries under Articles 61–62 the ceilings are substantially higher and can be applied
Use cases
Neobanks, EMIs, payment institutions, lenders, brokerages.
Obligated entities under D.Lgs. 231/2007 must run adeguata verifica della clientela at the establishment of the business relationship or before executing an occasional transaction over the €15,000 threshold (€1,000 for money remittance and prepaid cards). The measures are risk-based (Art. 17) and sc
Exchanges, custodians, wallets, on/off-ramps.
Italy extended AML obligations to crypto operators with D.Lgs. 125/2019, which created the special section of the OAM money-changers register for operatori in valute virtuali and prestatori di servizi di portafoglio digitale. Registration with OAM was mandatory before offering virtual currency or cu
Sports betting, online casinos, age-gated platforms.
Italy is one of the largest regulated gambling markets in Europe. Under the reform that entered into force on 14 November 2025, ADM activated 52 licensed domains, replacing a fragmented landscape of > 400 active sites. 46 operators secured the new concessions at €7 million per licence, generating €3
Gig platforms, delivery, creator economy, e-commerce.
Online marketplaces active in Italy sit under two overlapping regimes:
Biometric liveness
Remote onboarding under the Banca d'Italia regime and the EBA Guidelines requires robust liveness detection. The international benchmark is ISO/IEC 30107-3 Presentation Attack Detection, with Level 1 (basic presentation attacks) and Level 2 (sophisticated attacks including masks, deepfakes and injection attacks). Didit ships with PAD Level 2 liveness tested by iBeta-accredited labs. On the data-protection side, biometric data is a special category under GDPR Art. 9 and is tightly regulated in It
CERTIFICATIONS
Our platform meets the highest international standards for information security, data privacy, and biometric accuracy.
Full EU data protection compliance
Information security management
PAD (liveness + face match)
TRUSTED WORLDWIDE
Join thousands of companies that trust Didit for their verification needs
Didit’s NFC + active biometrics technology blocks the most advanced fraud scenarios, offering a level of security equivalent to or superior to in-person verification.
Spanish Financial Sandbox
CNMV, SEPBLAC & Spanish Treasury — Conclusions Report
Didit is an exceptionally valuable partner, delivering a stable and highly adaptable solution”.
Vuk Adžić
Head of the E-Business Department at Crnogorski Telekom
Didit offered us a robust technology with a simple implementation and adaptability to different markets”.
Fernando Pinto
CEO & CoFounder at TucanPay
Thanks to Didit we have been able to reduce manual processes and improve data extraction accuracy”.
Diana Garcia
Trust & Safety Executive at Shiply
Didit’s integration slashed verification times and costs, freeing resources for other projects”.
Guillem Medina
COO at GBTC Finance
Didit removed KYC costs, enabling faster scaling with high verification standards and less fraud.”
Paul Martin
VP Marketing & Growth at Bondex
Didit’s secure, user-friendly verification boosts customer trust and optimizes our process.”
Cristofer Montenegro
Executive assistant to the CEO at Adelantos
Didit ensures a precise, secure digital onboarding without slowing negotiations or client time.”
Ernesto Betancourth
Gerente de riesgos at CrediDemo
FAQ
Yes. Italy permits remote KYC onboarding under its national AML framework, including document verification, biometric liveness and video identification where required by regulation.
Didit verifies all major national IDs, passports and residence permits issued in Italy, plus 14,000+ document types globally for cross-border flows.
Didit charges $0.30 per verification with 500 free checks per month. No contracts, no minimums. Competitors typically charge $1.00–$2.50+ per verification.
Yes. Didit screens against 1,000+ global watchlists including PEP databases, sanctions lists (EU, UN, OFAC, OFSI), and adverse media — covering all AML obligations in Italy.
Most regulated sectors in Italy require or strongly recommend biometric liveness detection for remote onboarding. Didit provides ISO 30107-3 PAD Level 2 certified liveness.
Yes. Didit supports document verification, liveness, AML screening and ongoing monitoring aligned with Italy’s crypto regulatory framework, including EU Travel Rule compliance where applicable.
Yes. Didit provides document-based age verification and identity confirmation suitable for Italy’s iGaming regulatory requirements.
500 free verifications per month. No contracts, no minimums. $0.30 per verification after the free tier.
