Identity verification in Luxembourg
Document verification, biometric liveness and AML screening for businesses operating in Luxembourg — at $0.30 per verification.
Documents supported
(Government IDs from 220+ countries)
Average verification time
Countries covered
(Government-issued IDs validated)
Market overview
The primary AML statute is the Loi du 12 novembre 2004 relative à la lutte contre le blanchiment et contre le financement du terrorisme (the "AML Law"), published in the Journal officiel du Grand-Duché de Luxembourg (Mémorial A) and accessible through legilux.public.lu. The law has been amended repeatedly — most notably by the law of 13 February 2018 (AMLD4 transposition), the law of 25 March 2020 (AMLD5 transposition, introducing the Register of Beneficial Owners and VASP regime), and the law of 20 May 2021 (extending obligations to additional professions and tightening beneficial ownership rules). Sectoral AML/CFT obligations for the financial sector are operationalised through CSSF Regulation No 12-02 of 14 December 2012, as substantially revamped in 2020 and updated through CSSF circul
Supported documents
Didit templates cover national IDs, passports, residence permits and regional documents — plus 14,000+ documents globally for cross-border flows.
Regulators
Commission de Surveillance du Secteur Financier
Commissariat aux Assurances
Administration de l'Enregistrement, des Domaines et de la TVA
Cellule de Renseignement Financier
Commission Nationale pour la Protection des Données
Centre des technologies de l'information de l'État
Luxembourg Business Registers
CTIE (Centre des technologies de l'information de l'État)
regulated
National register of natural persons. Numéro d'identification (national identification number) assigned to all residents.
LuxTrust S.A.
regulated
National PKI and digital identity provider. Trusted service provider for qualified certificates, electronic signatures, and identification. Used by banks and government.
CTIE
regulated
Government electronic identity. eIDAS-notified. Used for MyGuichet.lu government services.
Ministry of Justice
open
Trade and Companies Register. Online search available via LBR.
Government & regulated databases
Compliance framework
AML framework
Supervised by CSSF
| Authority | Role | |---|---| | CSSF (Commission de Surveillance du Secteur Financier) | Prudential and AML/CFT supervisor for banks, PFS, investment funds, fund managers (UCITS ManCos, AIFMs), payment institutions, e-money institutions, VASPs/CASPs (MiCA), crowdfunding service providers | | CAA (Commissariat aux Assurances) | Supervisor for insurance undertakings and insurance intermediaries, including AML/CFT obligations | | AED (Administration de l'Enregistrement, des Domaines et de la TVA)
Data protection
Supervised by CNPD
Penalties for non-compliance
5. Sanctions + PEP + ongoing monitoring. Didit's AML module screens against 1,000+ watchlists (EU, UN, OFAC, UK HMT) and delivers ongoing monitoring — exactly the scope CSSF inspectors drilled into during 2024 on-sites.
Use cases
Neobanks, EMIs, payment institutions, lenders, brokerages.
On 27 September 2023, the FATF published the fourth-round mutual evaluation of Luxembourg. Results:
Exchanges, custodians, wallets, on/off-ramps.
Luxembourg implements the GDPR through the Loi du 1er août 2018 on the organisation of the CNPD. The CNPD has published a list of processing operations requiring a Data Protection Impact Assessment (DPIA) under Article 35 GDPR, and biometric processing for the purpose of identification is on that li
Sports betting, online casinos, age-gated platforms.
EU/EEA nationals may use their home-country national ID card or passport. For non-face-to-face onboarding, the AML Law requires either (a) an eIDAS-notified electronic identification scheme at substantial or high level of assurance, or (b) equivalent safeguards through document + biometric liveness,
Gig platforms, delivery, creator economy, e-commerce.
LuxTrust S.A. — Luxembourg's dominant Qualified Trust Service Provider (QTSP) under eIDAS Regulation (EU) 910/2014. LuxTrust issues qualified certificates, qualified electronic signatures (QES), qualified electronic seals, and qualified timestamps, and is supervised by ILNAS (number 2016/8/001). The
Biometric liveness
Luxembourg hosted EUR 7.4 trillion in fund AuM in 2024 (around 80× GDP), with roughly 36% in alternative funds. With 3,000+ funds and hundreds of AIFMs and UCITS ManCos, the country is home to a dense ecosystem of third-party fund administrators, transfer agents (TAs), and depositary banks — all of which carry AML/CFT obligations for investor onboarding under the AML Law and CSSF Regulation 12-02. Investor KYC in a Luxembourg fund is typically handled by the TA on behalf of the AIFM/ManCo, which
CERTIFICATIONS
Our platform meets the highest international standards for information security, data privacy, and biometric accuracy.
Full EU data protection compliance
Information security management
PAD (liveness + face match)
TRUSTED WORLDWIDE
Join thousands of companies that trust Didit for their verification needs
Didit’s NFC + active biometrics technology blocks the most advanced fraud scenarios, offering a level of security equivalent to or superior to in-person verification.
Spanish Financial Sandbox
CNMV, SEPBLAC & Spanish Treasury — Conclusions Report
Didit is an exceptionally valuable partner, delivering a stable and highly adaptable solution”.
Vuk Adžić
Head of the E-Business Department at Crnogorski Telekom
Didit offered us a robust technology with a simple implementation and adaptability to different markets”.
Fernando Pinto
CEO & CoFounder at TucanPay
Thanks to Didit we have been able to reduce manual processes and improve data extraction accuracy”.
Diana Garcia
Trust & Safety Executive at Shiply
Didit’s integration slashed verification times and costs, freeing resources for other projects”.
Guillem Medina
COO at GBTC Finance
Didit removed KYC costs, enabling faster scaling with high verification standards and less fraud.”
Paul Martin
VP Marketing & Growth at Bondex
Didit’s secure, user-friendly verification boosts customer trust and optimizes our process.”
Cristofer Montenegro
Executive assistant to the CEO at Adelantos
Didit ensures a precise, secure digital onboarding without slowing negotiations or client time.”
Ernesto Betancourth
Gerente de riesgos at CrediDemo
FAQ
Yes. Luxembourg permits remote KYC onboarding under its national AML framework, including document verification, biometric liveness and video identification where required by regulation.
Didit verifies all major national IDs, passports and residence permits issued in Luxembourg, plus 14,000+ document types globally for cross-border flows.
Didit charges $0.30 per verification with 500 free checks per month. No contracts, no minimums. Competitors typically charge $1.00–$2.50+ per verification.
Yes. Didit screens against 1,000+ global watchlists including PEP databases, sanctions lists (EU, UN, OFAC, OFSI), and adverse media — covering all AML obligations in Luxembourg.
Most regulated sectors in Luxembourg require or strongly recommend biometric liveness detection for remote onboarding. Didit provides ISO 30107-3 PAD Level 2 certified liveness.
Yes. Didit supports document verification, liveness, AML screening and ongoing monitoring aligned with Luxembourg’s crypto regulatory framework, including EU Travel Rule compliance where applicable.
Yes. Didit provides document-based age verification and identity confirmation suitable for Luxembourg’s iGaming regulatory requirements.
500 free verifications per month. No contracts, no minimums. $0.30 per verification after the free tier.
