📋 Compliance & Identity Verification⏱ 4 min read
Companies House has issued updated guidance for all registered Authorised Corporate Service Providers (ACSPs), covering two areas that are causing avoidable problems in practice: correcting client identity verification records, and setting up GOV.UK One Login accounts correctly.
If your firm submits identity verification details on behalf of clients or manages access to Companies House services, the steps below are important — getting either process wrong can create access issues and duplicate records that are disruptive to resolve.
Errors happen. If you spot a mistake in a client's verification record — whether it's a misspelt name, an incorrect date of birth, or any other inaccuracy — there is a specific process for putting it right.
The correct route is to use the ACSP04 form, titled 'Correct someone's identity verification details'. This form is available directly within your authorised agent account dashboard.
Some agents are resubmitting client details through the 'Tell us you've verified someone's identity' service instead of using the correction form. This creates a duplicate verification record for the client, which causes problems whenever their personal code is needed. Do not use this route for corrections.
If you work within a firm, make sure every agent who submits verification details on behalf of clients is aware of this process. It is worth raising at your next team or compliance meeting.
As an ACSP, GOV.UK One Login is your gateway to Companies House services. Setting it up properly from the start prevents security vulnerabilities and avoids frustrating access issues down the line.
If you receive security codes at a time when you are not attempting to sign in, treat this as a sign of unauthorised access and change your password immediately.
Do not share your GOV.UK One Login credentials with colleagues. Instead, add them as individual users to your authorised agent account so they can sign in using their own login details.
Each team member must use their own unique contact details — including a separate phone number for security codes, or their own authenticator app. This also protects business continuity: if you are temporarily unable to access your account, colleagues can continue operating without disruption.
Using the same phone number across multiple GOV.UK One Login accounts will cause access issues. Each account must have unique contact details.
If you support clients in creating their own GOV.UK One Login, there are a few clear rules to follow to prevent access problems and protect both parties:
These are straightforward but worth restating, particularly when onboarding new staff or reviewing firm-wide procedures:
To help you share this with your team quickly, here are the two key takeaways from the latest Companies House guidance for ACSPs:
At Spondoo, we keep a close eye on updates from Companies House and HMRC so that our clients are always working to the latest guidance. If you have any questions about identity verification procedures or your obligations as an ACSP, our team is happy to help.
This article is based on official guidance issued by Companies House to registered Authorised Corporate Service Providers (ACSPs). It is intended as a practical summary and does not constitute legal advice. For the most current information, refer directly to GOV.UK.
