They Can Walk In. Can You Pass the Audit?
Fair Work Agency launches
maximum penalty per illegal worker
to verify with Certifyd
The reality of fwa compliance in the UK.
Fair Work Agency compliance requires businesses to demonstrate verifiable identity and right-to-work checks for every worker. Certifyd creates the evidence trail the FWA will demand: tamper-proof verification records linking each worker’s cryptographically verified identity to their right-to-work status, employment relationship, and every assignment or shift. Unlike photocopied documents in filing cabinets, Certifyd records cannot be backdated, fabricated, or altered. They provide the kind of audit-ready evidence that withstands regulatory scrutiny.
The Fair Work Agency represents the most significant change to UK employment enforcement in decades. It consolidates powers from HMRC’s National Minimum Wage team, the Gangmasters and Labour Abuse Authority (GLAA), and the Employment Agency Standards Inspectorate into a single body with enhanced inspection, enforcement, and penalty powers.
The FWA will have the authority to enter any business premises — not just those in traditionally regulated sectors. Butchers, dog groomers, tech startups, and law firms will all be within scope. The FWA can demand evidence of right-to-work checks for every person working on the premises, including agency workers, contractors, and casual staff. The burden of proof falls on the employer.
Current compliance practices — photocopied passports filed in cabinets, Excel spreadsheets of check dates, scanned share code confirmations — were designed for a less rigorous enforcement environment. The FWA will expect better. Certifyd provides tamper-proof, cryptographically verified records that prove not just that a check was done, but that the specific person was verified through their device-bound identity at a specific time and place. This is the difference between compliance on paper and compliance in practice.
This is broken.
Here's why.
The FWA can enter any business and demand compliance evidence — not just traditionally regulated sectors.
Current practices (photocopied passports, spreadsheets) don’t provide the level of evidence the FWA will expect.
Agency and temp workers create compliance gaps — the employer often relies on the agency to have done the checks.
Penalties of up to £60,000 per worker, plus potential criminal prosecution, make non-compliance existentially risky.
Simple verification.
Every time.
Register your organisation on Certifyd and add each employee and worker as a member
Each worker’s identity is cryptographically bound to their device through a passkey
Right-to-work status is linked to their verified identity, not just filed as a document
Every verification event creates a tamper-proof audit record — exportable, searchable, and FWA-ready
Ready to see it in action?
Book a demo or tell us about your needs.
“A lot of people are sleeping on what’s about to happen. The Fair Work Agency will have the right to walk into any business — butchers, dog kennels, anyone — and ask for an audit.”— HR Director, UK employer
Common questions.
The Fair Work Agency is expected to launch in April 2026. It consolidates employment enforcement from HMRC (national minimum wage), the GLAA (labour exploitation), and the Employment Agency Standards Inspectorate into a single body. The FWA will have enhanced powers including the ability to enter business premises, demand records, and issue penalties without prior warning.
All of them. Unlike sector-specific regulators, the FWA will have jurisdiction across every UK business that employs people. This includes sectors not traditionally subject to employment inspections: professional services, technology, retail, agriculture, manufacturing, and hospitality. If you employ people — including through agencies or as contractors — the FWA can inspect you.
The FWA will expect employers to demonstrate that they have conducted right-to-work checks on every worker, that the checks were conducted correctly, and that they can identify every person working on their premises. Certifyd provides tamper-proof records that demonstrate all three: who was verified, when, through what method, and linked to which identity and documentation. These records go beyond the current minimum standard.
A compliance checklist confirms that a process was followed. Certifyd provides cryptographic evidence that a specific person was verified through their device-bound identity at a specific time. Checklists can be backdated or fabricated. Certifyd records cannot. The difference is between saying ‘we did the check’ and proving ‘we verified this specific person through unforgeable cryptographic authentication.’
Explore more use cases.
Related Solutions
Related Reading
External Resources
Get audit-ready before April 2026
Book a demo to see how Certifyd works for your team, or tell us about your verification needs and we'll get back to you within 24 hours.
Read: Walk-In Compliance Audit Prep