Identity verification in Romania
Romania is a Tier-2 European market of ~19 million people, an EU member since 2007 with a regulatory stack led by ONPCSB (Oficiul Național de Prevenire și Combatere a Spălării Banilor — the FIU), BNR (Banca Națională a României — banks, payment institutions, EMIs, non-banking financial institutions / IFNs), ASF (Autoritatea de Supraveghere Financiară — capital markets, insurance, private pensions,
Documents supported
(Government IDs from 220+ countries)
Average verification time
Countries covered
(Government-issued IDs validated)
Market overview
Romania is the EU's sixth most populous member state and one of Central/Eastern Europe's fastest-growing digital economies. The population is around 19 million, with smartphone penetration above 85% and internet penetration around 88%. More than 70% of adults hold a bank account, and digital banking adoption has accelerated sharply since 2020 — Revolut alone has more than 4 million Romanian users, making Romania one of its top-three EU markets, and domestic incumbents such as Banca Transilvania, BCR, BRD and Raiffeisen Bank Romania have rolled out fully remote onboarding on top of their branch networks. The Romanian fintech ecosystem tracked by the Romanian Fintech Association and Legal 500 counts dozens of authorized payment institutions, EMIs and non-banking financial institutions (IFNs)
Supported documents
Didit templates cover national IDs, passports, residence permits and regional documents — plus 14,000+ documents globally for cross-border flows.
DEPABD / Direcția Generală de Pașapoarte, Ministerul Afacerilor Interne (MAI)
Polycarbonate card, no chip (legacy format)
The workhorse ID. Carries the CNP (Cod Numeric Personal). Main fraud patterns: photo substitution, lamination tampering, fake MRZ on older plastic models. Being phased out in favour of the eCI fro
MAI / DEPABD
EU Reg. 2019/1157-compliant polycarbonate card with contact + contactless chip, ICAO 9303 MRZ, biometric face and fingerprints
The new standard. Chip supports eIDAS-compliant authentication and is the physical substrate behind ROeID. First 5 million cards issued free. Legacy non-compliant IDs must be phased out by **3 August
Direcția Generală de Pașapoarte
ICAO-compliant biometric passport with contactless chip
Mandatory fallback for non-CI holders and for travel outside Schengen. Chip holds LDS face image and (where applicable) fingerprints.
Direcția Regim Permise de Conducere și Înmatriculare a Vehiculelor (DRPCIV)
EU-format polycarbonate driving licence
Not* a primary AML identification document under BNR Reg. 2/2019 but accepted by many marketplaces, gig platforms and age-gating flows.
Inspectoratul General pentru Imigrări
EU Reg. 1030/2002-format residence permit card with chip
Required alongside the CNP assigned to residents. Common fraud: expired permits, tampered category fields.
Member State authorities
ICAO chip cards or passports
Accepted under free-movement principles; obliged entities must apply the same rigor as for Romanian documents.
Regulators
Oficiul Național de Prevenire și Combatere a Spălării Banilor
Banca Națională a României
Autoritatea de Supraveghere Financiară
Oficiul Național pentru Jocuri de Noroc
Autoritatea Națională de Supraveghere a Prelucrării Datelor cu Caracter Personal
DEPABD (Direcția pentru Evidența Persoanelor și Administrarea Bazelor de Date)
regulated
National Population Records Register. CNP (Cod Numeric Personal) assigned to all citizens. Electronic access for authorized entities.
DEPABD
regulated
Electronic ID card with chip. Rollout in progress. Will support eIDAS electronic identification.
Ministry of Justice
open
National Trade Register. Free online search available.
Government & regulated databases
Compliance framework
AML framework
Supervised by ONPCSB
Primary AML law. Legea nr. 129/2019 pentru prevenirea și combaterea spălării banilor și finanțării terorismului, precum și pentru modificarea și completarea unor acte normative, published in Monitorul Oficial on 18 July 2019, transposes EU Directive 2015/849 (4AMLD) and subsequent amendments up to 5AMLD. The law has been amended several times, most significantly by Legea 86/2025 (in force 26 May 2025) — which rebalanced UBO register access around interes legitim, strengthened lawyers' profession
Data protection
Supervised by National DPA
- GDPR Chapter V governs transfers outside the EEA: adequacy decisions, Standard Contractual Clauses + Transfer Impact Assessment, or derogations. - ANSPDCP publishes guidance on international transfers and has fined Romanian private and public controllers for inadequate transfer safeguards. - Biome
Penalties for non-compliance
- Legea 129/2019 sanctioning regime. Fines for legal persons reach up to RON 5,000,000 (approximately €1,000,000) or up to 10% of annual turnover, whichever is higher, with higher ceilings for credit and financial institutions. Directors can be personally fined and barred, and the supervisor may pro
Use cases
Neobanks, EMIs, payment institutions, lenders, brokerages.
Romanian fintechs and banks run a standardized remote-onboarding flow anchored in BNR Regulament 2/2019 on AML/CFT (as amended), Legea 129/2019, and the horizontal video-identification norms approved by Decizia ADR 564/2021 (Normele privind reglementarea, recunoașterea, aprobarea sau acceptarea proc
Exchanges, custodians, wallets, on/off-ramps.
Until 30 December 2024, Romanian VASPs operated under a registration regime introduced by Legea 129/2019 (Art. 5) and administered with the support of the Ministry of Finance. ONPCSB's 2024 Sectoral Assessment for Virtual Asset Service Providers in Romania documented the sector's size and risk profi
Sports betting, online casinos, age-gated platforms.
Romanian online gambling is licensed and supervised by ONJN under OUG 77/2009 (as amended, most recently by Legea 107/2024) and its secondary norms. Romania is one of the EU's most active online gambling markets, with ~50+ Class I licensees and a channelization rate above 90%.
Gig platforms, delivery, creator economy, e-commerce.
Pure consumer marketplaces are generally not obliged entities under Legea 129/2019, so their KYC obligations come from three other directions:
Biometric liveness
Remote biometric liveness is effectively mandatory for Romanian AML-grade onboarding. The framework: - BNR Regulament 2/2019 (as amended) requires banks, IFNs, payment institutions and EMIs that adopt remote onboarding to have technology that authenticates the document and detects presentation attacks, to record the video evidence, to store it securely, and to notify BNR 30 days before go-live. - Decizia ADR 564/2021 (President of the Romanian Digital Authority) approved the horizontal Norms on
CERTIFICATIONS
Our platform meets the highest international standards for information security, data privacy, and biometric accuracy.
Full EU data protection compliance
Information security management
PAD (liveness + face match)
TRUSTED WORLDWIDE
Join thousands of companies that trust Didit for their verification needs
Didit’s NFC + active biometrics technology blocks the most advanced fraud scenarios, offering a level of security equivalent to or superior to in-person verification.
Spanish Financial Sandbox
CNMV, SEPBLAC & Spanish Treasury — Conclusions Report
Didit is an exceptionally valuable partner, delivering a stable and highly adaptable solution”.
Vuk Adžić
Head of the E-Business Department at Crnogorski Telekom
Didit offered us a robust technology with a simple implementation and adaptability to different markets”.
Fernando Pinto
CEO & CoFounder at TucanPay
Thanks to Didit we have been able to reduce manual processes and improve data extraction accuracy”.
Diana Garcia
Trust & Safety Executive at Shiply
Didit’s integration slashed verification times and costs, freeing resources for other projects”.
Guillem Medina
COO at GBTC Finance
Didit removed KYC costs, enabling faster scaling with high verification standards and less fraud.”
Paul Martin
VP Marketing & Growth at Bondex
Didit’s secure, user-friendly verification boosts customer trust and optimizes our process.”
Cristofer Montenegro
Executive assistant to the CEO at Adelantos
Didit ensures a precise, secure digital onboarding without slowing negotiations or client time.”
Ernesto Betancourth
Gerente de riesgos at CrediDemo
FAQ
Yes. Romania permits remote KYC onboarding under its national AML framework, including document verification, biometric liveness and video identification where required by regulation.
Didit verifies all major national IDs, passports and residence permits issued in Romania, plus 14,000+ document types globally for cross-border flows.
Didit charges $0.30 per verification with 500 free checks per month. No contracts, no minimums. Competitors typically charge $1.00–$2.50+ per verification.
Yes. Didit screens against 1,000+ global watchlists including PEP databases, sanctions lists (EU, UN, OFAC, OFSI), and adverse media — covering all AML obligations in Romania.
Most regulated sectors in Romania require or strongly recommend biometric liveness detection for remote onboarding. Didit provides ISO 30107-3 PAD Level 2 certified liveness.
Yes. Didit supports document verification, liveness, AML screening and ongoing monitoring aligned with Romania’s crypto regulatory framework, including EU Travel Rule compliance where applicable.
Yes. Didit provides document-based age verification and identity confirmation suitable for Romania’s iGaming regulatory requirements.
500 free verifications per month. No contracts, no minimums. $0.30 per verification after the free tier.
