RegTech Associates - Frank Joshi Digital Identity Blog 2

In the eighth blog in our cyber, identity and privacy (CIP) series, guest writer Frank Joshi continues his thoughts on digital identification and concludes with insights which will apply to 2021 and beyond. 

Readers of my previous post will recall how I urged Regulated Institutions and their service providers to wake up and tool up. In this blog, I would like to turn your attention towards how you need to skill up, to be ready for all that 2021 will throw at you.

Skill up 

Regulated institutions need to think of 2021 as the year in which they manage to get their data science properly sorted. Skilling up in data science is probably one of the most advantageous things to do, not only because your competitors will be but also because the advances in data science are sufficiently rapid as to deserve up-skilling your teams, in particular your actuarial teams. 

The new art of the possible with data science will astonish some and frighten others. The tools are there. The skills are not, which means the relative scarcity of them is driving salaries of Data Scientists ever higher. Skilling up may prove more cost-effective than hiring in. But either way, I hope that 2021 will be the year for regulated institutions to differentiate themselves and data science will feature in that effort. 

RegTech has a massive part to play in helping you realise those ambitions. 

It is impossible to draft a blog like this without a passing nod, at the very least, to specialist advisors such as RegTech Associates. 

This is not shameless advertising nor ‘a plug’ as a contra deal for posting one of my blogs. This is a call to action. Regulated institutions need the range and depth of specialism that reside in RegTech Associates and other companies like these. Use them or lose them. If they are lost, where will you be? The answer includes keywords of creek and paddle. Therefore, my advice is to use them. Often. Repeatedly. Consistently. Continually. That is all. 

In conclusion, well, almost

In these pieces, I have dealt with subheaders of snappy two-syllables (i) wake up, (ii) tool up and (iii) skill up. Under each of those, I have stayed with, not strayed from, what I believe to be the key takeaways as succinctly as possible. 

There are a myriad of things vying for your attention, but I hope I have been able to persuade you to think about each of the points made and, crucially, take some action on them. 

If you will permit me a last word then I would like to press your attention span just a little further without deviating from the thrust of this post, which is digital identity.  

The UK government in Westminster has not exactly covered itself in glory; for example, the identity assurance scheme that nobody in RegTech has ever heard of, GOV.UK Verify, has cost UK taxpayers upwards of £170 million but delivered only a fraction of its forecasted adoption of sign-ups and sign-ins. 

The point of including this here rather than earlier in my piece illustrates precisely what the Verify scheme has come to signify, namely government and vital parts of the public sector arriving ‘too late to the party’ when it comes to digital identity. Therefore, my exhortation is that regulated institutions and participants in the RegTech sector will set the pace rather than being encumbered by government moves, or the lack of them. The private sector is more than capable to be a forerunner in this most important of RegTech areas. 

Government looks to overseas models for examples of identification systems done well. And so they should but that doesn’t mean you should fall into the trap of believing all you might be told about some of these country models.

Everyone loves to cite Estonia and to hold it up a lighthouse of good practice in digital identification. But what they will all fail to do is contextualise Estonia for you. Estonia with a population of 1.3M is comparable in size to cities such as Birmingham 1.1M and Manchester 0.51M. 

The States of Jersey looked to adopt the Estonian model but it doesn’t work out too well, which goes to show once again that a lot of your success hinges on your choice of partner. Not only that, have you seen who Estonia’s nearest neighbour is? Size matters but geopolitics matter more it seems.

Canada has progressed well with its digital identification programme. Look for the Pan-Canadian Trust Framework. Read all you can about Digital ID & Authentication Council of Canada (DIACC) and its work. 

You may find it helpful to do a web search on people such as Joni Brennan, President of DIACC, Ann Cavoukian and Tim Bouma who post some interesting and differing ideas on this and related subjects. 

Closer to home, one to watch in 2021 could potentially be ‘Digital Identity Scotland’, a programme of work being run out of the Digital Directorate at Scottish Government in Edinburgh. Seek and find individuals such as Michael Crockart who might be willing to enrich your understanding on some of the finer points. 

If participants in this programme, and others like them, are able to understand the terminology, the nuances of digital identity, and the fact that not all roads necessarily lead to Self Sovereign Identity or to Blockchain, then they stand a fighting chance. 

Why does progress always seem to require a new technology? Why can’t what is needed today be built from technology which exists today? I am no Luddite, ask anyone who knows me, but delivering something groundbreaking is still perfectly possible with the tools, skills and knowledge already at our disposal.  

A word of caution though. In digital identification, definitions are being tied to technologies and they should not be; it is not a technology-only issue. 

Latest buzzwords in tech are as misrepresented as woke terms in society. People coming to the debate about digital identity need to do so with a language that needs to be aligned. Otherwise, the inevitability of a good general trajectory turning into a crash landing will be what people like me will be blogging about this time next year. 


Cyber, Identity and Privacy are topics which regulated institutions ignore at their peril. The smart money in RegTech is in investing and advancing cyber and identity and privacy more as a tripod of activity than as discrete activities. There is a singularity here which in 2021 is not to be missed. 

Until such time, the question in the title ‘What does digital identification in 2021 look like’ cannot be answered fully. What should…? What could…? may have been more accurate. But that aside, highlighting the ‘banana skin’ which will make people slip up is what my two posts have been about.

Mvine’s Co-Founder and Director Frank is an accomplished entrepreneur with 28 years of experience in the technology sector. Frank was the Co-Founder of Martex Communications plc, a successful B2B portal that operated in 26 vertical sectors by the time he sold it in 2000 to the Tarsus Group for £16.5 million. Frank was Chairman of ChangeBase Ltd before successfully negotiating the sale of the business to Quest Software (now acquired by Dell) in October 2011 for $30 million. His investments included a large stake in Ovum plc, which achieved a successful AIM listing before being sold to Datamonitor for £36 million in 2006. He is Liveryman of the City of London and member of the Worshipful Company of Information Technologists.

Comments are closed