The government has set a firm switch‑on date for the UK’s digital verification services regime. Regulations made on 19 November 2025 bring most of Part 2 of the Data (Use and Access) Act 2025 into force from 1 December, but hold back sections 45 to 48 on data sharing. The instrument was signed by DSIT minister Ian Murray, according to legislation.gov.uk.

From 1 December the registration regime opens. The Act requires the Secretary of State to establish and maintain a public DVS register of providers. This creates a formal, searchable route for organisations to evidence that their services meet the statutory rules.

Entry won’t be automatic. To appear on the register, a provider must already hold a certificate from an accredited conformity assessment body that is accredited by the UK national accreditation body under Regulation 765/2008. In practice, UKAS is the UK national accreditation body, as UKAS itself confirms.

On readiness, DSIT’s Enabling Digital Identity team says the “gamma” (0.4) trust framework took effect on 1 July 2025, with supplementary codes republished for right to work, right to rent and DBS checks. Existing certifications under the beta framework remain valid until 31 March 2026, providing a practical runway for uplift.

What is not switching on in December is the new information gateway. Sections 45 to 48, which would allow public authorities to disclose information to registered providers-with additional safeguards for HMRC, the Welsh Revenue Authority and Revenue Scotland-remain paused.

The immediate effect is that public‑sector data cannot yet flow via the Act’s gateway. Hansard records ministers stating that HMRC sharing will only commence once the commissioners are satisfied that technology and processes protect taxpayer confidentiality. A statutory code of practice for disclosures must also be prepared and approved before routine use.

For providers, this shapes go‑to‑market. Registration can support private‑sector deals and existing use cases governed by the supplementary codes, but any propositions dependent on direct government data feeds will face a staggered rollout until the gateway and code are live. DSIT also indicates the Office for Digital Identities and Attributes (OfDIA) will maintain the DVS register on the Secretary of State’s behalf, reinforcing a single front door for buyers.

Pricing will matter. Section 39 allows the Secretary of State to charge both application and ongoing fees for registration and to set them above administrative cost-framed to fund governance of the framework. For SMEs, that’s a line‑item to model alongside UKAS‑based certification costs.

Brand claims also tighten. Once designated, the government DVS trust mark can only be used by registered providers, and the Secretary of State may enforce misuse. Marketing teams should plan for this before refreshing sales collateral.

What to watch next: publication of the application requirements under section 38; fee regulations under section 39; the disclosure code under section 49; and a start date for sections 45 to 48. Until then, our read is simple-registration and certification can progress now, but public‑sector data sharing will remain a later phase.