167. Identity Verification for Directors: A Minor Admin Task That Can Become a Major Headache

Posted on

It begins innocently enough. You’re a director of an SME and you receive an email explaining that, under new legislation, you must verify your identity with Companies House. It sounds straightforward. Two steps: A login. Possibly a photograph. “No big deal, I’ll sort that later,” you think, sensibly prioritising revenue, staff issues, and suppliers who want to be paid.

Fast forward three weeks, and the confirmation statement deadline looms. The date of birth on the Companies House register does not quite match your passport, the GOV.UK login is linked to an email address nobody has used since 2018, and someone has just discovered that being both a director and a PSC means doing the process twice.

At this point, what was described as ‘a simple compliance update’ has quietly become a time-consuming administrative snare with genuine legal consequences.

Why This Matters

Under the Economic Crime and Corporate Transparency Act (ECCTA), all company directors and People with Significant Control (PSCs) must verify their identity with Companies House. The aim is entirely sensible: greater transparency over who runs and controls UK companies.

The problem is not the principle, it’s the execution, particularly for busy directors already operating at capacity.

Verification is a two-stage process:

  1. Verify your identity via GOV.UK One Login or an Authorised Corporate Service Provider (ACSP).

  2. Link your personal code to each role you hold.

If you are both a director and a PSC (as most owner-directors are) you must complete the second step separately for each role, and within specific deadlines that vary depending on the capacity in which you serve.

This is not difficult, but it is detailed. And in a busy SME, detail is where friction accumulates.

The Hidden Risks of Delay

The most common problems are predictable:

  • Companies House details do not precisely match ID documents.

  • Personal codes are not retrieved or stored safely.

  • Deadlines are misunderstood.

  • Directors assume one submission covers all roles.

  • Verification is left until confirmation statements are due.

None of these are catastrophic in isolation, but non-compliance carries real consequences, and banks, investors, and counterparties are increasingly sensitive to governance signals.

In other words, something that feels like low-grade admin can quickly escalate into reputational risk, operational delay, or regulatory discomfort.

Where Directors Get Caught Out

Three recurring pressure points tend to surface.

  • Mismatched data.

If your date of birth, spelling, or historical details do not align exactly with your identification documents, the process halts. Updating Companies House records takes time, which is rarely factored in when directors attempt last-minute compliance.

  • Role complexity.

Directors who are also PSCs must provide their personal code twice — once linked to the director role and once separately within a 14-day PSC window. The system does not infer this for you.

  • Technology friction.

Device compatibility requirements, One Login account limitations (only one email address per account), and authentication processes can become surprisingly awkward when handled between meetings.

Again, none of this is unreasonable. It is simply designed for careful execution, not hurried improvisation.

The Sensible Approach: Treat Compliance as Infrastructure

The correct way to approach identity verification is not as a one-off task, but as part of your governance infrastructure.

That means:

  • Checking Companies House data before starting.

  • Clarifying all roles you hold across all companies.

  • Establishing clear internal ownership for deadlines.

  • Storing personal codes securely and accessibly.

  • Ensuring communication between directors, accountants, and advisers.

If you use an Authorised Corporate Service Provider (ACSP), such as an accountant or solicitor, you should confirm they are registered appropriately and ensure email details align, particularly if you intend to access your code later. In short, do it deliberately, not reactively.

Why This Is a Leadership Issue, Not Just an Admin One

Identity verification may feel like paperwork, but it sits within a broader shift towards increased corporate transparency, accountability, and scrutiny. Directors who treat governance as peripheral often discover, usually at inconvenient moments, that banks, investors, and regulators do not.

Well-run SMEs increasingly differentiate themselves not only through growth, but through the quality of their governance, financial reporting, and control environment. This is where the conversation moves beyond ticking boxes.

Identity verification under ECCTA is not complicated, nor is it optional. It is simply another example of the increasing expectations placed on company directors in a more transparent and regulated environment. Handled calmly and early, it’s a minor administrative exercise.

Handled late and casually, it becomes an avoidable distraction at precisely the wrong moment.

The Role of Financial Leadership

If you are finding that governance tasks, financial reporting, and compliance requirements are starting to crowd out strategic focus, a conversation with Tectona can help you assess whether your financial leadership structure is keeping pace with your business. Because while identity verification may only require two steps, building a resilient, well-governed company requires rather more — and it is usually easier to put those foundations in place before anyone starts asking awkward questions.

A part-time FD or CFO does not personally complete your GOV.UK login, but they do ensure that:

  • Governance requirements are anticipated, not reacted to.

  • Role structures across companies are clear.

  • Confirmation statements and statutory filings are coordinated.

  • There are no unpleasant compliance surprises during funding or transaction discussions.

They integrate regulatory obligations into the operating rhythm of the business, rather than leaving them as sporadic administrative burdens that interrupt strategic focus.

For many growing SMEs, this shift from reactive compliance to structured governance marks a subtle but significant maturation point. If you’d like to explore what that could look like in practice, email mark.nicholls@tectonapartnership.com Bottom of Form

Posted in Uncategorized.