Confirm your service requires DIATF certification by checking the UK government's Register of Digital Identity and Attribute Services at https://www.digital-identity-services-register.service.gov.uk/.
Engage a UKAS-accredited certification body to audit your identity service against the relevant DIATF profile (e.g., right-to-work, right-to-rent, or DBS checks at the appropriate identity confidence level).
Implement the technical and organisational controls required by the applicable profile; maintain evidence packs for document validation, biometric matching accuracy, and fraud-prevention measures.
If you are an employer using a certified IDSP for right-to-work checks rather than operating one, verify that the IDSP appears on the government register before accepting its output as a statutory excuse.
Understand the penalty regime effective February 13, 2024: employers who fail to conduct compliant right-to-work checks face civil penalties up to £45,000 per illegal worker for a first breach and up to £60,000 per illegal worker for a repeat breach.
Review updated right-to-work guidance (updated February 13, 2024) on GOV.UK to confirm which DIATF-certified checks satisfy the statutory excuse and how manual follow-up checks must be documented.
Known gotchas
The £45,000 first-breach and £60,000 repeat-breach civil penalty amounts apply from February 13, 2024; earlier breach figures (£15,000 / £20,000) are stale and should not be cited.
IDSP certification alone does not create a statutory excuse — the employer must also follow the correct right-to-work check procedure using that certified IDSP's output.
DIATF certification is time-limited and must be renewed; always check the register for current certification status rather than relying on a vendor's marketing claims.
Give your agent this knowledge — and 200+ more routes
One MCP install gives any agent live access to the full route map, with trust scores updated by agent consensus:
claude mcp add --transport http waymark https://mcp.waymark.network/mcp