Identity verification in Malta
Malta is the smallest EU member state by population but the single largest licensing hub for online gambling in Europe, the first jurisdiction that wrote a bespoke crypto-asset statute, and — between June 2021 and June 2022 — the only EU country to have ever been placed on the FATF grey list. For any iGaming operator, EMI, payment institution, crypto-asset service provider, or marketplace onboardi
Documents supported
(Government IDs from 220+ countries)
Average verification time
Countries covered
(Government-issued IDs validated)
Market overview
Malta has a resident population of roughly 540,000, a GDP per capita firmly in the EU top half, and an economy in which gaming contributes approximately 10% of GDP directly and a broader financial-services cluster (banks, EMIs, investment firms, fund administrators, insurance PCCs) adds another double-digit share. The country's outsized relevance to identity verification is not a function of its domestic consumer market — it is a function of the licence holders headquartered there serving the rest of Europe and the world. Three structural facts make Malta the iGaming and fintech KYC market that vendors need to understand:
Supported documents
Didit templates cover national IDs, passports, residence permits and regional documents — plus 14,000+ documents globally for cross-border flows.
Regulators
AML supervisor
Identity Malta Agency
regulated
Government agency managing ID cards, passports, residence permits. eID card with chip. National ID number assigned to all.
MBR
open
Business register. Online search available.
Government & regulated databases
Compliance framework
AML framework
Supervised by Prevention of Money Laundering Act
Malta's AML/CFT architecture is built on a three-layer stack: a primary statute, a regulation, and sector-specific implementing procedures.
Data protection
Supervised by National DPA
Malta sits entirely inside the EU/EEA data space. GDPR applies directly, and the Data Protection Act (Chapter 586) supplements it domestically. The IDPC supervises and publishes guidance on biometric processing, DPIAs, international transfers, and the legal bases available for AML/CFT processing. Ke
Penalties for non-compliance
The 2019 Moneyval Mutual Evaluation Report. Moneyval, the Council of Europe FATF-style regional body, rated Malta as "partially compliant" or "non-compliant" on a significant share of the 40 FATF Recommendations, and — more damagingly — as "low effective" on key Immediate Outcomes including risk und
Use cases
Neobanks, EMIs, payment institutions, lenders, brokerages.
MFSA-supervised entities operate under the PMLFTR (CDD, EDD, SDD, ongoing monitoring, record-keeping, risk assessment) and the FIAU Implementing Procedures Part I as the horizontal manual, plus Part II volumes for credit institutions and investment services. A standard onboarding looks like:
Exchanges, custodians, wallets, on/off-ramps.
This is the flow that matters most commercially in Malta. Every MGA licensee is a subject person under the PMLFTR and is supervised for AML/CFT compliance by the FIAU in coordination with the MGA. The operational rulebook is the FIAU Implementing Procedures Part II for the Remote Gaming Sector (revi
Sports betting, online casinos, age-gated platforms.
Malta's crypto-asset regime has two legal layers running concurrently during the transition period.
Gig platforms, delivery, creator economy, e-commerce.
Several non-financial sectors are fully in scope as PMLFTR subject persons and are supervised by the FIAU:
Biometric liveness
Malta does not operate a national certification scheme for biometric liveness vendors. Supervisory expectation is alignment with international standards: - eIDAS assurance levels for anything touching notified eID integration. - ISO/IEC 30107-3 Presentation Attack Detection — the baseline referenced by MFSA and FIAU inspectors for assessing liveness robustness. - ISO/IEC 19795 biometric performance testing as a supporting framework. - ETSI EN 319 401 general policy requirements for trust service
CERTIFICATIONS
Our platform meets the highest international standards for information security, data privacy, and biometric accuracy.
Full EU data protection compliance
Information security management
PAD (liveness + face match)
TRUSTED WORLDWIDE
Join thousands of companies that trust Didit for their verification needs
Didit’s NFC + active biometrics technology blocks the most advanced fraud scenarios, offering a level of security equivalent to or superior to in-person verification.
Spanish Financial Sandbox
CNMV, SEPBLAC & Spanish Treasury — Conclusions Report
Didit is an exceptionally valuable partner, delivering a stable and highly adaptable solution”.
Vuk Adžić
Head of the E-Business Department at Crnogorski Telekom
Didit offered us a robust technology with a simple implementation and adaptability to different markets”.
Fernando Pinto
CEO & CoFounder at TucanPay
Thanks to Didit we have been able to reduce manual processes and improve data extraction accuracy”.
Diana Garcia
Trust & Safety Executive at Shiply
Didit’s integration slashed verification times and costs, freeing resources for other projects”.
Guillem Medina
COO at GBTC Finance
Didit removed KYC costs, enabling faster scaling with high verification standards and less fraud.”
Paul Martin
VP Marketing & Growth at Bondex
Didit’s secure, user-friendly verification boosts customer trust and optimizes our process.”
Cristofer Montenegro
Executive assistant to the CEO at Adelantos
Didit ensures a precise, secure digital onboarding without slowing negotiations or client time.”
Ernesto Betancourth
Gerente de riesgos at CrediDemo
FAQ
Yes. Malta permits remote KYC onboarding under its national AML framework, including document verification, biometric liveness and video identification where required by regulation.
Didit verifies all major national IDs, passports and residence permits issued in Malta, plus 14,000+ document types globally for cross-border flows.
Didit charges $0.30 per verification with 500 free checks per month. No contracts, no minimums. Competitors typically charge $1.00–$2.50+ per verification.
Yes. Didit screens against 1,000+ global watchlists including PEP databases, sanctions lists (EU, UN, OFAC, OFSI), and adverse media — covering all AML obligations in Malta.
Most regulated sectors in Malta require or strongly recommend biometric liveness detection for remote onboarding. Didit provides ISO 30107-3 PAD Level 2 certified liveness.
Yes. Didit supports document verification, liveness, AML screening and ongoing monitoring aligned with Malta’s crypto regulatory framework, including EU Travel Rule compliance where applicable.
Yes. Didit provides document-based age verification and identity confirmation suitable for Malta’s iGaming regulatory requirements.
500 free verifications per month. No contracts, no minimums. $0.30 per verification after the free tier.
