Identity verification in Laos
Executive summary. Lao People's Democratic Republic is one of the least-developed KYC markets in Southeast Asia, and since 21 February 2025 it is also on the FATF grey list — a single fact that reframes every discussion about onboarding, correspondent banking, and cross-border payments into or out of the country. The legal backbone is the Law on Anti-Money Laundering and Combatting the Financing o
Documents supported
(Government IDs from 220+ countries)
Average verification time
Countries covered
(Government-issued IDs validated)
Market overview
Laos is a landlocked single-party state of roughly 7.7 million people, bordered by China, Vietnam, Cambodia, Thailand and Myanmar. GDP per capita is under USD 2,500 and the banking system is dominated by the four state-owned commercial banks (BCEL, Lao Development Bank, APB, LDB) plus a small number of joint-venture and foreign branches. Smartphone penetration is growing, but formal financial inclusion remains low, cash is dominant, and the kip has been under sustained depreciation pressure since 2022, which has pushed informal USD and Thai baht circulation up sharply. Three verticals matter for KYC in Laos, and none of them looks like a normal fintech market:
Supported documents
Didit templates cover national IDs, passports, residence permits and regional documents — plus 14,000+ documents globally for cross-border flows.
Regulators
BOL licensing regime for banks and the legal basis for BOL's prudential and AML supervisory powers
basis for the Lao Securities Commission Office (LSCO
the legal framework for Special Economic Zones, including the GTSEZ
supervises casino licensees, including GTSEZ operators, although in practice SEZ supervision has been a principal FATF finding
the grey list
Ministry of Home Affairs
restricted
Civil registration and national ID. Limited digitization. Lao family book (tabien ban) traditionally used for identification.
Government & regulated databases
Compliance framework
AML framework
Supervised by Law on Commercial Banks
- Law on Anti-Money Laundering and Combatting the Financing of Terrorism, No. 49/NA (21 July 2014) — the backbone of Lao KYC/AML. Defines reporting entities, customer identification, record-keeping, suspicious transaction reporting, and the mandate of AMLIO. Effective 24 February 2015. The English text is published on AMLIO's site. - Law on Commercial Banks — BOL licensing regime for banks and the legal basis for BOL's prudential and AML supervisory powers. - Penal Code (amended 2017) — criminal
Data protection
Supervised by National DPA
Penalties for non-compliance
Laos is a very limited market for Didit, and the sensible posture is selective, opportunistic, and sanctions-aware. Where Didit can compete:
Use cases
Neobanks, EMIs, payment institutions, lenders, brokerages.
There is no mature credit bureau ecosystem in Laos. The BOL operates a central credit information service for supervised banks, but it is not exposed to third-party KYC vendors. There are no consumer data brokers, no regulated mobile-money-based eKYC aggregators comparable to those in neighbouring T
Exchanges, custodians, wallets, on/off-ramps.
Commercial banks under BOL supervision must identify customers before opening an account, obtain information on the purpose and intended nature of the business relationship, screen against sanctions and PEP lists, and report transactions above BOL-set thresholds and any suspicious transaction to AML
Sports betting, online casinos, age-gated platforms.
Laos does not have a functional regulated crypto market. The BOL has issued multiple public warnings against buying, selling, or using cryptocurrency — the most recent round reinforced the position that cryptocurrency transactions are illegal and that the central bank considers them incompatible wit
Gig platforms, delivery, creator economy, e-commerce.
Under the Law on Investment Promotion, Laos licenses a handful of casinos located inside SEZs. Lao nationals are not permitted to gamble in them; the customer base is foreign, overwhelmingly Chinese. Two clusters matter:
Biometric liveness
The Law on Electronic Data Protection No. 25/NA (2017) is the reference framework. Personal data can be collected and processed with the consent of the data subject, and cross-border transfer requires: - the consent of the data subject; - assurances that the receiving entity can protect the data adequately; - encryption of sensitive financial, banking, investment and accounting information; - conformance with the contractual agreement between sender and recipient.
CERTIFICATIONS
Our platform meets the highest international standards for information security, data privacy, and biometric accuracy.
Full EU data protection compliance
Information security management
PAD (liveness + face match)
TRUSTED WORLDWIDE
Join thousands of companies that trust Didit for their verification needs
Didit’s NFC + active biometrics technology blocks the most advanced fraud scenarios, offering a level of security equivalent to or superior to in-person verification.
Spanish Financial Sandbox
CNMV, SEPBLAC & Spanish Treasury — Conclusions Report
Didit is an exceptionally valuable partner, delivering a stable and highly adaptable solution”.
Vuk Adžić
Head of the E-Business Department at Crnogorski Telekom
Didit offered us a robust technology with a simple implementation and adaptability to different markets”.
Fernando Pinto
CEO & CoFounder at TucanPay
Thanks to Didit we have been able to reduce manual processes and improve data extraction accuracy”.
Diana Garcia
Trust & Safety Executive at Shiply
Didit’s integration slashed verification times and costs, freeing resources for other projects”.
Guillem Medina
COO at GBTC Finance
Didit removed KYC costs, enabling faster scaling with high verification standards and less fraud.”
Paul Martin
VP Marketing & Growth at Bondex
Didit’s secure, user-friendly verification boosts customer trust and optimizes our process.”
Cristofer Montenegro
Executive assistant to the CEO at Adelantos
Didit ensures a precise, secure digital onboarding without slowing negotiations or client time.”
Ernesto Betancourth
Gerente de riesgos at CrediDemo
FAQ
Yes. Laos permits remote KYC onboarding under its national AML framework, including document verification, biometric liveness and video identification where required by regulation.
Didit verifies all major national IDs, passports and residence permits issued in Laos, plus 14,000+ document types globally for cross-border flows.
Didit charges $0.30 per verification with 500 free checks per month. No contracts, no minimums. Competitors typically charge $1.00–$2.50+ per verification.
Yes. Didit screens against 1,000+ global watchlists including PEP databases, sanctions lists (EU, UN, OFAC, OFSI), and adverse media — covering all AML obligations in Laos.
Most regulated sectors in Laos require or strongly recommend biometric liveness detection for remote onboarding. Didit provides ISO 30107-3 PAD Level 2 certified liveness.
Yes. Didit supports document verification, liveness, AML screening and ongoing monitoring aligned with Laos’s crypto regulatory framework, including EU Travel Rule compliance where applicable.
Yes. Didit provides document-based age verification and identity confirmation suitable for Laos’s iGaming regulatory requirements.
500 free verifications per month. No contracts, no minimums. $0.30 per verification after the free tier.
