MitID: The Digital Identity Solution Every Danish Business Needs

In an increasingly digital world, businesses are constantly striving for innovative solutions that enhance security and streamline processes. In Denmark, one such innovation is MitID, a digital identity solution that has transformed the way companies interact with both customers and government entities. As Danish businesses continue to adapt and evolve amidst new digital challenges, understanding and implementing MitID is becoming more crucial than ever.

What is MitID?

MitID, short for "Mit Identitet," translates to "My Identity" in Danish and is a state-approved digital identification system designed for use in all digital interactions across various sectors in Denmark. Launched as a successor to the older NemID system, MitID provides a robust and unified identity verification process, making it simpler for businesses to authenticate their customers while complying with the stringent requirements of data protection and privacy.

Unlike traditional identification methods that may involve physical documents, MitID brings a digital twist, utilizing modern technology for secure online verification. By leveraging two-factor authentication and cryptographic techniques, MitID offers a reliable way for individuals to prove their identity online.

The Importance of Digital Identity in Danish Business

In Denmark, a well-established digital infrastructure supports various business operations, ranging from e-commerce transactions to government services. Consequently, the need for secure digital identity solutions becomes evident. Businesses in Denmark often handle sensitive information and must adhere to strict regulations regarding data protection. The application of MitID can significantly reduce risks associated with identity theft, data breaches, and fraudulent activities, ensuring a safer digital environment for all.

The Transition from NemID to MitID

The transition from NemID to MitID marked a substantial shift in how digital identification is approached in Denmark. While NemID served its purpose for many years, the evolution of technology called for a more advanced and resilient system. MitID was developed as a new response to challenges emerging from enhancing user experience, increasing security, and meeting compliance with the EU's General Data Protection Regulation (GDPR).

The process to switch from NemID to MitID involves considerable updates in both technology and user experience. Registered users of NemID are encouraged to transition to MitID seamlessly, ensuring minimal disruption in their digital access. Businesses, too, are provided up-to-date guidelines to facilitate a smooth integration process.

Key Features of MitID

MitID encompasses several features that make it advantageous for businesses operating in Denmark:

1. Enhanced Security

Given the increasing number of cyber threats faced by organizations, MitID employs state-of-the-art security protocols. The incorporation of two-factor authentication means that users must authenticate their identity via two distinct methods-a password and either a mobile app or a physical code. This reduces the risk of unauthorized access to sensitive data substantially.

2. User-Friendly Interface

MitID was designed with user experience in mind. The process of registering and using the identity system is straightforward, allowing businesses to adopt and implement it with minimal friction. Users can verify their identity quickly, making transactions seamless whether they are shopping online, signing a contract, or accessing government services.

3. Broad Acceptance

MitID is widely accepted across various industries in Denmark. From banking services to the healthcare system and public offices, businesses that opt for MitID can expect consistent usability across different platforms. This broad acceptance means that once businesses onboard mitigation solutions, they can utilize the same digital identification system across multiple sectors.

4. Compliance with Regulations

Regulatory compliance is crucial for any business in Denmark. With a solution that meets the European Union's GDPR requirements, MitID helps organizations remain compliant while offering digital services. By ensuring transparency in identity authentication and data processing, businesses are able to build customer trust.

Advantages of Integrating MitID for Danish Businesses

Implementing MitID within your business framework can lead to numerous advantages. Here are several reasons why Danish businesses should consider adopting MitID:

1. Increased Customer Trust

Trust plays a pivotal role in customer relationships. By utilizing a recognized and secure digital identification method like MitID, businesses can enhance their credibility. Customers are more likely to engage with businesses that prioritize their security through modern identification techniques.

2. Streamlined Operations

With MitID, Danish businesses can streamline their operations significantly. Processes like customer registration, identity verification, and transaction approvals can be expedited, reducing waiting times and improving overall efficiency. This is especially pertinent for businesses in industries with high volumes of customer interactions.

3. Cost-Effectiveness

Implementing MitID may lead to cost savings in the long run. By reducing the need for alternative, possibly more expensive security solutions, businesses can allocate financial resources more efficiently. The integration of MitID into existing systems can also lessen the burden on IT departments concerning identity verification processes.

4. Enhanced Customer Experience

Providing a fast, secure, and user-friendly identity verification method can significantly enhance the overall customer experience. Customers appreciate the convenience of MitID, which can lead to increased retention rates and positive word-of-mouth recommendations.

Challenges and Considerations

While MitID offers various benefits, integrating it into business operations is not without its challenges. Understanding these challenges can help businesses prepare for a smoother transition.

1. Adoption Process

Businesses need to plan the implementation of MitID carefully. Training for employees might be required to ensure everyone is well-versed in the new system. Additionally, informing customers about the switch and guiding them through the registration process is crucial to avoid any frustration.

2. Technical Compatibility

Before integrating MitID, businesses must ensure their existing systems are compatible. Hence, it is necessary to assess infrastructure limitations, software updates, or potential integrations that may be required. Working with IT experts during this phase can significantly ease the transition.

3. User Acceptance

Although MitID enhances security and usability, some customers may show reluctance in adopting new technologies. Businesses should actively encourage the adoption of MitID while addressing customer concerns transparently. Information campaigns may be useful in alleviating fears and promoting understanding of the system's benefits.

How to Implement MitID in Your Business

For businesses considering the implementation of MitID, a systematic approach will help ensure a successful adoption.

1. Research and Planning

Start with comprehensive research on MitID's capabilities, benefits, and requirements. Understand how it fits into your current operations, which processes will be affected, and the potential benefits to your business. Consulting with experts in digital transformation can provide additional insights.

2. Engage Stakeholders

Involve key stakeholders in discussions about the integration of MitID. This includes leadership, IT departments, customer service teams, and other relevant departments. Consensus among stakeholders fosters a collective sense of commitment to the transition.

3. Develop a Timeline

Create a well-defined timeline for transitioning to MitID. The plan should include key milestones such as registering for the service, conducting tests, employee training sessions, and customer notifications. Ensuring adequate time for each phase will facilitate a smoother transition.

4. Invest in Training

Training sessions for staff members are essential for effective usage of MitID. By educating employees on the functionalities of the identity solution, you can equip them to provide better support to customers. Additionally, staff familiar with the system will help alleviate customer queries more effectively.

5. Monitor the Integration

Following the integration of MitID, businesses should regularly monitor its implementation and usage. Track customer satisfaction levels, identify common issues, and assess how the implementation aligns with initial goals. This ongoing monitoring will allow for timely adjustments and improvements.

Future Trends in Digital Identity

As digital identification technologies continue to evolve, businesses in Denmark should keep an eye on future trends related to identity verification systems like MitID.

1. Biometric Authentication

The future of secure digital identity may lean towards biometric authentication methods. Face recognition, fingerprints, or other biometric factors could be integrated into systems like MitID, further increasing security and user experience.

2. Self-Sovereign Identity (SSI)

As digital identities are increasingly controlled by individuals, the concept of self-sovereign identity (SSI) is gaining traction. SSI allows users to maintain control over their personal data, sharing only what is necessary when required. This trend could align with MitID's goal of providing secure, user-controlled identification.

3. Integration with Other Services

Future iterations of MitID might explore integration with various digital platforms, enhancing convenience for users. This could include e-commerce, service subscriptions, or various loyalty programs, ensuring users can access multiple services seamlessly through a single identity verification method.

Legal and Regulatory Framework for MitID (eIDAS, Danish legislation, sector rules)

MitID is not just a technical solution – it is deeply embedded in the Danish and EU legal framework for digital identity, electronic signatures and secure online communication. Understanding this framework helps Danish companies use MitID correctly, avoid compliance risks and document that their digital processes are legally valid.

MitID and the EU eIDAS Regulation

At EU level, MitID is governed by the eIDAS Regulation (Regulation (EU) No 910/2014), which sets common rules for electronic identification and trust services in the internal market. Under eIDAS, electronic signatures are divided into three main levels: simple electronic signatures, advanced electronic signatures and qualified electronic signatures (QES). Qualified signatures have the same legal effect as a handwritten signature across all EU and EEA countries.

MitID is designed to comply with eIDAS requirements for secure authentication and to support solutions that can reach the advanced or qualified level when combined with approved trust service providers. For Danish businesses, this means that documents signed with MitID-based solutions can be recognised as legally binding in cross-border dealings, provided that the underlying trust service is eIDAS-compliant and, where relevant, qualified.

Danish legislation governing MitID

In Denmark, MitID operates within a national framework for digital identity and public IT infrastructure. The key elements include:

• Rules on electronic identification and digital post, which require companies to use approved digital solutions when communicating with public authorities
• Sector-specific regulations (for example in finance and accounting) that require strong customer authentication and secure login for access to sensitive data and services
• Requirements for public authorities and certain private providers to accept secure digital signatures and logins based on nationally approved eID schemes such as MitID

For most Danish companies, this means that MitID is the standard way to log in to public self-service portals, sign legally binding documents electronically and delegate rights to employees and external advisors such as accountants or auditors.

Data protection and GDPR obligations

MitID involves processing personal data, including identification data and log information about logins and signatures. This processing must comply with the General Data Protection Regulation (GDPR) and the Danish Data Protection Act. For businesses, the main obligations are:

• Ensuring that the use of MitID is based on a valid legal ground, typically legitimate interest or legal obligation
• Informing employees and authorised representatives about how their MitID is used in the company context
• Implementing appropriate technical and organisational measures to protect access credentials, authorisations and logs
• Entering into data processing agreements where external providers (for example accounting software vendors or ERP suppliers) process MitID-related data on behalf of the company

MitID itself is operated under strict security and data protection requirements, but companies remain responsible for how they integrate MitID into their own systems and workflows.

Financial sector rules and strong customer authentication

For banks, payment institutions and investment firms, MitID is closely linked to financial regulation. Danish financial institutions must comply with EU rules on strong customer authentication (SCA) under the revised Payment Services Directive (PSD2) and with Danish implementation rules issued by the Danish Financial Supervisory Authority (Finanstilsynet). MitID satisfies the SCA requirement by combining at least two independent factors (knowledge, possession and inherence).

Businesses using online banking, corporate payment solutions or investment platforms will typically authenticate with MitID when:

• Logging in to corporate online banking
• Approving payments, transfers and standing orders
• Granting or revoking payment rights for employees and external accountants

These processes must be configured so that authorisation levels in the bank match the company’s internal signing rules, board resolutions and powers of attorney, ensuring that MitID use reflects the company’s legal representation structure.

Public sector requirements and digital communication

Danish companies are legally required to communicate digitally with public authorities. MitID is the primary key to access:

• Tax administration (Skattestyrelsen and Motorstyrelsen) for VAT, corporate tax, payroll taxes and vehicle-related duties
• The Danish Business Authority (Erhvervsstyrelsen) for company registration, annual reports and changes in ownership or management
• Udbetaling Danmark and other agencies for social contributions and benefits related to employees
• Digital Post, where legally binding messages from authorities are delivered to the company’s digital mailbox

Legally, notifications and decisions sent via Digital Post are considered received when they are delivered to the company’s digital mailbox, not when someone reads them. It is therefore essential to ensure that at least two responsible persons have MitID-based access to Digital Post and that access is maintained when employees change roles or leave the company.

Sector-specific rules relevant for accounting and auditing

In accounting, payroll and auditing, MitID plays a central role in meeting statutory obligations. Examples include:

• Submitting VAT returns and SAF-T files to the tax authorities
• Reporting payroll data and withholding taxes through eIncome systems
• Filing annual financial statements with Erhvervsstyrelsen
• Granting auditors and external accountants the rights they need to access company data and submit reports on behalf of the company

These processes are governed by the Danish Bookkeeping Act, the Danish Financial Statements Act and detailed executive orders. Using MitID to log and sign these submissions helps create a clear audit trail that supports both internal control and external audits.

Liability, audit trails and evidence value

From a legal perspective, MitID creates a strong link between a specific person and a specific action, such as a login, approval or signature. Logs from MitID and from connected systems can be used as evidence in disputes about who approved a transaction or signed a document. Companies should therefore:

• Define clear internal policies for who may use MitID on behalf of the company and for which purposes
• Ensure that MitID credentials are strictly personal and never shared between employees
• Regularly review and revoke rights for employees who change roles or leave the company

Failure to manage MitID access properly can lead to disputes about unauthorised actions, potential liability for management and difficulties in demonstrating compliance during tax or regulatory audits.

Practical compliance steps for Danish businesses

To align with the legal and regulatory framework around MitID, Danish companies should at minimum:

• Map all systems and processes where MitID is used (public portals, banking, accounting, ERP, payroll, document signing)
• Document who has which MitID-based rights and on what legal basis (board resolution, power of attorney, employment contract)
• Integrate MitID use into internal control procedures, including segregation of duties for approvals and payments
• Ensure that external advisors, such as accountants, receive appropriate delegated rights instead of using the owner’s or director’s personal MitID
• Store MitID-related logs and access records in line with statutory retention periods for accounting and tax documentation

By treating MitID as part of the company’s compliance and governance framework, rather than just a login tool, Danish businesses can reduce legal risk, strengthen internal controls and streamline communication with authorities, banks and other stakeholders.

MitID Roles and Access Management for Company Employees and Advisors

MitID is not only a login tool, but also a structured system of roles and access rights that determines who can act on behalf of your Danish company. Proper role and access management is essential for secure communication with SKAT, banks, Erhvervsstyrelsen and other public and private services, and for ensuring that employees and external advisors only see and do what they are authorised to.

Basic principles of roles in MitID Erhverv

MitID Erhverv (the business version of MitID) is built around a clear separation between the company as a legal entity and the individuals who act on its behalf. Each person uses their personal MitID to log in, but their rights are defined by roles and permissions assigned in the company’s MitID Erhverv administration.

In practice, this means that:

• Every company has one or more MitID Erhverv administrators who manage users, roles and access
• Employees and external advisors receive access based on their function (e.g. accounting, payroll, management)
• Access can be limited to specific services (e.g. e-Boks, TastSelv Erhverv, online banking, virk.dk)
• All actions are logged, which supports internal control and audit requirements

Key roles: who does what?

While the exact naming of roles may vary slightly between systems (e.g. bank vs. public authorities), most Danish businesses work with a few core role types:

• Legal representative / owner – typically the managing director or owner registered with CVR. This person usually has full rights, including the ability to appoint MitID Erhverv administrators and sign binding agreements on behalf of the company.
• MitID Erhverv administrator – responsible for creating and removing users, assigning roles, and maintaining access. In small companies this is often the owner; in larger organisations it may be an IT or finance manager.
• Finance and accounting roles – employees or external accountants with access to SKAT’s TastSelv Erhverv, eIndkomst, VAT and tax declarations, payroll systems and banking. Their rights can be limited to “view only” or “create and sign” depending on internal policies.
• HR and payroll roles – access to eIndkomst reporting, ATP, pension providers and payroll systems, but usually without rights to change company master data or sign contracts.
• General employee roles – limited access to services needed for daily work (e.g. e-Boks for reading certain messages, sector-specific portals), without financial or legal signing authority.
• External advisor roles – accountants, auditors, lawyers or payroll bureaus who receive delegated access to specific services and tasks, often with time-limited or narrowly defined permissions.

Access management for employees

For employees, MitID-based access should reflect the company’s internal control structure. A practical approach is to align MitID roles with job descriptions and segregation-of-duties requirements. For example, the person preparing VAT returns should not be the only one authorised to approve and sign them.

Typical best practices include:

• Granting minimum necessary access (“need to know” and “need to do”)
• Separating preparation and approval/signing of tax returns, payments and official submissions
• Using named personal users only – never shared logins
• Reviewing access at least once a year, and always when roles change or employees leave

When an employee leaves the company, their access in MitID Erhverv must be removed immediately. This is particularly important for roles with access to SKAT, payroll data and online banking, as these systems allow actions with direct financial and legal consequences.

Access management for external accountants and advisors

Many Danish companies cooperate closely with external accountants, auditors and payroll providers. MitID makes it possible to give these advisors secure, traceable access without handing over the owner’s or director’s personal MitID.

In practice, the company’s MitID Erhverv administrator:

• Creates or invites the advisor as a user linked to the company
• Assigns roles that match the agreed scope of work (e.g. VAT, corporate tax, payroll reporting, annual accounts)
• Decides whether the advisor may only prepare or also sign and submit declarations and reports
• Can limit access to specific services (for example, SKAT and eIndkomst, but not online banking)

For many SMEs, a common model is that the accountant prepares VAT and tax returns and uploads them for review, while the owner or director uses their own MitID to sign the final submission. Larger companies sometimes allow their external auditor or chief accountant to sign within defined limits, based on internal policies and board decisions.

Segregation of duties and internal control

MitID roles should support, not undermine, your internal control framework. Danish tax and company law place responsibility on management for correct reporting and proper bookkeeping, and auditors increasingly look at how digital access is managed.

To strengthen internal control, many companies:

• Ensure that no single person can both create and approve large payments or tax submissions
• Use dual approval in online banking for payments above internal thresholds
• Limit the number of users with full administrator rights in MitID Erhverv
• Use MitID logs as part of their documentation for internal and external audits

Documenting roles and responsibilities

For compliance and audit purposes, it is important to document who has which MitID roles and why. This can be done in an internal IT and finance policy that describes:

• Which positions in the company may hold administrator rights
• Who is allowed to sign VAT, tax and other official declarations
• How external advisors’ access is granted, reviewed and revoked
• How often access rights are reviewed and by whom

Such documentation helps demonstrate to SKAT, auditors and banks that the company takes digital identity, access control and financial governance seriously.

Practical steps for setting up roles correctly

When your company implements or reviews MitID Erhverv, a structured approach saves time and reduces risk:

1. List all digital services the company uses (SKAT, e-Boks, online banking, Erhvervsstyrelsen, sector portals, ERP and payroll systems).
2. Map which job roles and external advisors need access to each service, and at what level (view, prepare, approve, sign).
3. Define a small group of trusted MitID Erhverv administrators and restrict full rights to them.
4. Create user profiles and assign roles according to the “minimum necessary access” principle.
5. Set up a routine for onboarding and offboarding employees and advisors, including immediate removal of access when cooperation ends.
6. Review access rights regularly and update them when responsibilities or organisational structure change.

Well-designed MitID roles and access management give Danish businesses a secure, efficient and auditable framework for delegating tasks to employees and external advisors. This reduces the risk of fraud and errors, supports compliance with Danish legislation and makes everyday accounting and administration significantly easier.

MitID Erhverv vs. Private MitID: What Businesses Need to Know

Many Danish business owners still mix up private MitID with MitID Erhverv. In practice, the difference is crucial for compliance, security and everyday workflows. Understanding when you can use a private MitID and when you must use MitID Erhverv helps you avoid errors in communication with SKAT, banks and other authorities – and reduces the risk that access to key systems depends on one person’s private login.

Private MitID – for individuals, not companies

Private MitID is a personal digital identity issued to a natural person with a CPR number. It is legally tied to the individual, not to the company, and must only be used for actions that the person performs in their own name.

Typical uses of private MitID include:

• Personal tax matters in TastSelv (SKAT) for the individual
• Private online banking and personal loans or investments
• Communication with public authorities about personal benefits, health, education or residence
• Signing private contracts, for example rental agreements or consumer loans

Even if you are a sole proprietor (enkeltmandsvirksomhed), your private MitID is still your personal identity. In some cases, authorities and banks allow you to access business-related services with your private MitID because you and the business are legally the same entity. However, this does not change the fact that the login is personal and must not be shared with employees, your accountant or other third parties.

What is MitID Erhverv?

MitID Erhverv is the business version of MitID. It is designed for companies, associations and public institutions and is linked to the company’s CVR number. With MitID Erhverv, you can create roles and user identities for employees, board members and external advisors, and you can control exactly which services each user can access on behalf of the company.

MitID Erhverv is typically required when the action is clearly performed in the name of the company, for example:

• Submitting VAT returns (momsangivelse) and tax returns for the company
• Reporting payroll and A-tax via eIndkomst
• Accessing business online banking, approving payments and managing company accounts
• Communicating with SKAT, Erhvervsstyrelsen and other authorities on behalf of the company
• Signing contracts, loan agreements or guarantees in the company’s name

MitID Erhverv is managed centrally by one or more administrators in the company, who can create, change and revoke user access without affecting the users’ private MitID.

Key differences businesses must understand

From a business and compliance perspective, the most important differences between private MitID and MitID Erhverv are:

• Legal responsibility: A private MitID represents the individual; MitID Erhverv represents the company. When an employee uses MitID Erhverv, the action is clearly linked to the company’s CVR and internal roles.
• Access control: With private MitID, you cannot legally share login details, and you cannot granularly control which business services another person may access. MitID Erhverv allows role-based access, delegation and separation of duties.
• Audit and documentation: MitID Erhverv creates clearer audit trails for who did what on behalf of the company. This is important for internal controls, external audits and potential disputes with authorities or banks.
• Continuity: If a director or owner leaves the company or becomes unavailable, access based on their private MitID may be lost. With MitID Erhverv, administrators can quickly transfer or revoke rights and keep business processes running.
• Compliance and security: Using private MitID for shared business tasks often leads to password sharing or informal arrangements, which conflicts with security requirements and good governance practices. MitID Erhverv is built to meet business security and compliance needs.

When can a business still use private MitID?

In practice, there are situations where a business owner legitimately uses private MitID in a business context, especially for:

• Sole proprietorships (enkeltmandsvirksomheder), where the owner and the business are legally the same person
• Very small businesses where the owner alone handles all contact with authorities and banks and no one else needs access
• Situations where an authority or bank explicitly allows or requires private MitID for a given service

However, as soon as more than one person needs to act on behalf of the company – for example an internal bookkeeper, external accountant or payroll clerk – relying solely on the owner’s private MitID becomes risky and impractical. In those cases, MitID Erhverv is the recommended and often required solution.

Why relying only on private MitID is risky for companies

From an accounting and governance perspective, building your business processes around private MitID creates several concrete risks:

• Dependency on one person: If the owner’s private MitID is blocked, lost or compromised, access to online banking, SKAT and other critical systems can be delayed, which may lead to missed deadlines for VAT, tax or payroll reporting.
• Informal access sharing: In many small companies, owners informally share codes or devices with employees or their accountant. This undermines security, makes it difficult to document who approved what, and can create liability issues.
• Weak internal controls: Without role separation, the same person may be able to both prepare and approve payments or reports, which increases the risk of errors and fraud.
• Problems during ownership changes: When the company is sold or new directors are appointed, access based on private MitID must be rebuilt from scratch, and historical actions are tied to a former owner’s personal identity.

How MitID Erhverv supports accountants and advisors

For companies working with external accountants or payroll providers, MitID Erhverv is particularly valuable. The company can:

• Grant the accountant specific rights to SKAT, eIndkomst and other relevant systems
• Limit access to exactly the services needed for bookkeeping, VAT and tax reporting
• Revoke or adjust access immediately if the cooperation ends or changes
• Document which external user submitted which reports or approved which actions

This structure makes it easier to comply with Danish bookkeeping rules, internal control requirements and expectations from banks and auditors.

Which solution should your business choose?

In practice, most Danish companies benefit from using both types of MitID in parallel:

• The owner and key individuals keep their private MitID for personal matters and any services that explicitly require a private identity.
• The company sets up MitID Erhverv for all business-critical processes, especially those involving multiple employees, external advisors or significant financial transactions.

If your company has employees, external accountants, multiple bank signatories or complex reporting obligations, MitID Erhverv is no longer optional in practice – it is the foundation for secure, efficient and compliant digital identity management in Denmark.

Security and Data Protection: How MitID Safeguards Business Transactions

MitID is designed as a high-assurance digital identity system that protects both individuals and companies when they log in, sign documents and approve payments. For Danish businesses, this means a secure, standardised way to verify who is acting on behalf of the company and to document every critical step in a transaction. Understanding how MitID protects data and reduces fraud risk is essential if you handle payroll, accounting, online banking or communication with Danish authorities.

Strong authentication and transaction signing

MitID uses multi-factor authentication to ensure that only authorised users can access business services. A typical login or signature combines something the user knows (a PIN or password) with something the user has (MitID app, code display or hardware token). This significantly reduces the risk of unauthorised access compared with simple username–password logins.

When a user signs a payment, a tax filing or a contract with MitID, the system creates a unique, cryptographic signature that is tied to the specific transaction data. This makes it extremely difficult to manipulate the content after signing and provides strong proof of who approved what and when. For companies, this is particularly important for high-value bank transfers, loan agreements, shareholder resolutions and other legally binding actions.

Encryption of data and secure communication channels

MitID relies on modern encryption standards to protect data in transit between the user, the MitID infrastructure and the service provider (for example, online banking, e-Boks, SKAT or accounting software). Communication is encrypted using strong TLS protocols, which prevents third parties from intercepting login credentials or transaction details.

Service providers that integrate MitID must comply with strict technical and organisational security requirements. This includes secure handling of authentication requests, protection of encryption keys and regular security testing. For your business, this means that when employees or external accountants log in with MitID, the identity verification process is handled in a controlled and audited environment.

Compliance with Danish and EU data protection rules

MitID is built to comply with the EU eIDAS Regulation on electronic identification and trust services, as well as the Danish rules that implement eIDAS and govern public digital services. From a data protection perspective, MitID is aligned with the General Data Protection Regulation (GDPR) and the Danish Data Protection Act, which supplements GDPR in Denmark.

The personal data processed in connection with MitID – such as CPR numbers for private users and CVR-related data for business use – is handled under strict purpose limitation, data minimisation and storage limitation principles. MitID operators and connected service providers must have appropriate legal bases for processing and must implement technical and organisational measures to ensure confidentiality, integrity and availability of data.

Role-based access and reduced internal fraud risk

When you use MitID Erhverv, you can assign roles and rights to employees, board members and external advisors. Each person receives access only to the systems and functions that match their responsibilities. For example, one employee may be allowed to prepare payments, while another must approve them with their own MitID credentials.

This separation of duties is a key control against internal fraud and errors. Because each action is linked to a specific MitID user, it becomes much harder for someone to hide unauthorised transfers, change bank details for suppliers without approval or submit false reports to SKAT or Erhvervsstyrelsen. Clear digital traces also make it easier to detect irregularities early.

Audit trails and traceability of business actions

Every login, signature and approval performed with MitID generates logs that can be used for internal control and external audits. These logs typically include the identity of the user, the time of the action and the service that was accessed. For accounting and compliance purposes, this provides a reliable way to document that the right person approved a payment, signed a contract or submitted a VAT return.

For companies subject to stricter regulatory requirements – for example in financial services or regulated industries – MitID-based logs can support documentation towards auditors, banks and supervisory authorities. Combined with your accounting and ERP system logs, they help create a complete picture of who did what in key financial and administrative processes.

Protection against phishing and identity theft

Phishing and social engineering are major threats to businesses, especially around online banking and tax-related communication. MitID mitigates these risks in several ways. The user must confirm actions in the MitID app or device, and the interface clearly shows which service is requesting login or signature. This helps users spot suspicious requests that do not match what they expect.

MitID also supports risk-based security measures. If unusual login patterns or suspicious behaviour are detected, additional checks can be triggered, or access can be temporarily blocked. For your company, this reduces the likelihood that stolen passwords or fake emails will lead to successful account takeovers or fraudulent payments.

Data minimisation and limited sharing with third parties

When an employee or advisor uses MitID to access a service, only the information necessary for identification and authorisation is shared with that service. Typically, this means a unique identifier and, where relevant, information about roles or rights in relation to the company. Sensitive personal data is not broadly distributed across systems without a clear purpose.

This data minimisation approach reduces the amount of information that can be exposed in case of a breach at a single service provider. It also helps your business comply with GDPR principles when you rely on external platforms for accounting, payroll, banking or document signing.

Business continuity and incident handling

MitID includes procedures for dealing with lost devices, suspected compromise and other security incidents. Users can block their MitID if they suspect misuse, and companies can revoke or adjust access rights for employees and external accountants through MitID Erhverv administration. This allows you to react quickly if an employee leaves the company, a device is stolen or suspicious activity is detected.

From a business continuity perspective, it is important to define internal procedures that align with MitID’s security features: who is responsible for managing access, how quickly changes must be made, and how you document these changes. When combined with MitID’s technical safeguards, clear internal rules significantly strengthen your overall security posture.

By integrating MitID into your daily business processes, you gain a robust layer of security around logins, approvals and digital signatures, while also supporting compliance with Danish and EU data protection requirements. For companies operating in Denmark, using MitID consistently is not only a practical necessity, but also a central element of a modern, secure internal control environment.

MitID in Communication with SKAT, Erhvervsstyrelsen and Other Public Authorities

MitID is now the standard way for Danish companies to identify themselves digitally when dealing with SKAT (Skattestyrelsen), the Danish Business Authority (Erhvervsstyrelsen) and most other public authorities. Without MitID, it is practically impossible to handle core obligations such as VAT reporting, corporate tax filings, registration of company changes or access to official digital mail. For foreign owners and directors, or for companies working closely with external accountants, understanding how MitID works in public-sector communication is crucial for staying compliant and avoiding penalties.

In day-to-day practice, MitID is used whenever your company logs in to public self-service portals. For tax and duties, this primarily means TastSelv Erhverv at skat.dk, where you report and pay VAT (moms), payroll taxes (A-skat and AM-bidrag), and corporate income tax. For corporate law and registration matters, MitID is used on virk.dk and in the systems of Erhvervsstyrelsen, for example when you register a new ApS or A/S, change directors, update ownership information, file annual reports or register beneficial owners (reelle ejere). The same digital identity is also required to access Digital Post, where all official letters from authorities are sent to the company.

From a compliance perspective, MitID is central to meeting Danish tax and reporting deadlines. Companies that are VAT registered must typically submit VAT returns either monthly, quarterly or half-yearly depending on their turnover, and late filing or payment can trigger surcharges and interest. Payroll taxes must be reported and paid on fixed monthly deadlines, and corporate income tax is settled through preliminary tax (a conto skat) and final tax assessments. In all these processes, MitID ensures that only authorised persons can submit or change information, which is essential because the company is legally bound by what is reported through these systems.

For communication with SKAT, MitID is used both by internal staff and by external advisors such as accountants and payroll providers. The company’s legal representatives or administrators assign roles and rights so that, for example, the accountant can log in with their own MitID and access the company’s tax account, VAT periods and payroll data without sharing personal login details. This role-based access is important for audit trails: SKAT and the company can see which user submitted a specific VAT return or changed bank account details for tax refunds, which helps in internal control and in case of a tax audit.

When dealing with Erhvervsstyrelsen, MitID is equally important. Filing the annual report is mandatory for most Danish companies, and failure to file can lead to daily fines and ultimately compulsory dissolution. The person submitting the report, whether a director or an external accountant, signs digitally with MitID, which replaces a handwritten signature. The same applies when registering changes to the company’s articles, management or share capital. Because these filings have legal effect, authorities rely on MitID to verify that the person acting on behalf of the company has the necessary authority.

MitID also plays a key role in accessing and managing Digital Post, which is the official channel for communication between public authorities and companies in Denmark. Tax assessments, reminders about VAT deadlines, decisions from SKAT, notifications from Erhvervsstyrelsen about missing annual reports, and letters from other authorities such as ATP, Udbetaling Danmark or municipalities are all delivered to the company’s digital mailbox. If no one with the correct MitID access checks this mailbox regularly, the company risks missing important deadlines, incurring fines or losing the right to appeal decisions within the statutory time limits.

For foreign owners and directors, using MitID in communication with Danish authorities can be challenging, but it is still mandatory in most cases. Many non-resident board members or shareholders obtain MitID through a Danish bank or via special procedures at Borgerservice, sometimes using a passport and documentation of their role in the company. In practice, many foreign owners grant power of attorney to a Danish accountant or local director, who then uses their own MitID to handle tax filings, annual reports and other official communication. This setup should be documented clearly to satisfy both Danish rules and the company’s internal governance requirements.

From an accounting and administrative perspective, integrating MitID into your workflows with SKAT, Erhvervsstyrelsen and other public authorities brings several benefits. It reduces the need for paper forms and physical signatures, shortens processing times for registrations and changes, and provides a clear digital trail of who did what and when. For companies working with a Danish accounting firm, MitID-based access allows the accountant to manage VAT, payroll, corporate tax and annual reports efficiently, while the company’s management retains full control over who has access and can revoke rights immediately if an employee leaves or an advisor relationship ends.

To use MitID effectively in communication with public authorities, it is important to establish clear internal procedures. Decide who is responsible for logging into skat.dk and virk.dk, who monitors Digital Post, and how often these systems are checked. Ensure that at least two people have the necessary MitID roles so that illness, holidays or staff turnover do not lead to missed deadlines. Regularly review access rights for employees and external advisors to make sure they match current responsibilities. By treating MitID as a core part of your compliance and accounting processes, you significantly reduce the risk of errors, penalties and unnecessary disputes with Danish authorities.

Using MitID to Access Online Banking and Financial Services for Companies

MitID is now the standard way for Danish companies to access online banking and a wide range of financial services. Whether you run a small ApS or a larger A/S, you will typically need MitID Erhverv to log in to corporate netbank, approve payments, sign loan documents and manage day-to-day liquidity. For most banks, MitID has fully replaced NemID for business customers.

In practice, your company’s legal representatives and authorised employees use their personal MitID identities, which are then linked to the company’s CVR number and specific roles in the bank. This allows the bank to verify both who is logging in and on behalf of which company they are acting. For many businesses, this setup is also coordinated with their accountant or external bookkeeper, who can be granted limited access to view accounts or initiate payments without full signing rights.

When you log in to corporate online banking with MitID, the login flow usually consists of entering your user ID or username, confirming the login request in the MitID app or hardware token, and then selecting the relevant company profile if you are connected to more than one CVR. The same identity is used to authorise critical actions such as approving salary payments, supplier transfers, SEPA and international payments, or changes to account and card settings. Banks typically require dual approval (four-eyes principle) for higher-risk transactions, and MitID is used to document each step in the approval chain.

MitID is also central when your company applies for or manages financial products. Many banks and leasing companies require MitID signatures for credit agreements, overdraft facilities, guarantees, leasing contracts and changes to loan terms. The digital signature based on MitID is legally equivalent to a handwritten signature under Danish law and the EU eIDAS regulation, which means that loan documents and guarantees signed with MitID are fully binding and can be used as evidence in case of disputes.

For companies using integrated accounting or ERP systems, MitID often plays a role in secure bank integration. When setting up a bank connection from systems such as e-conomic, Dinero or larger ERP platforms, an authorised person must typically authenticate with MitID to approve the connection and define which accounts and functions the system may access. Subsequent automatic bank feeds and payment files then run under this approved mandate, while MitID is used again when mandates are changed or renewed.

Foreign owners and directors of Danish companies who do not have a Danish CPR number may face additional steps when using MitID for banking. In many cases they must first obtain a MitID for foreigners or an equivalent eID accepted under eIDAS, and then be registered with the bank as authorised signatories. Banks will usually require in-person or video identification and documentation of ownership and control before linking such identities to the company’s accounts.

From a compliance perspective, using MitID for online banking helps companies meet Danish anti-money laundering and bookkeeping requirements. Each login and approval is tied to a specific person, time and action, which creates a clear audit trail. This is particularly important for companies that are subject to stricter internal control rules, for example due to size, sector regulation or external audit. In case of internal investigations, tax audits or disputes with suppliers, MitID-based logs can be used to show who approved which payment and when.

To ensure smooth daily operations, it is important to keep MitID access for banking up to date. When directors or finance staff leave the company, their banking roles and MitID mandates should be revoked without delay. New employees who need access should be onboarded through the bank’s role management, and their rights should reflect their actual responsibilities, for example view-only access for junior staff and full signing rights only for authorised signatories. This reduces the risk of unauthorised transactions and helps demonstrate sound internal controls to banks, auditors and authorities.

Practical Use Cases: Everyday Business Processes Simplified by MitID

MitID is not just a login method – it is the backbone of how Danish companies handle day‑to‑day digital administration. When it is set up correctly, many routine tasks become faster, more secure and easier to delegate to employees and external advisors such as accountants.

Submitting VAT (Moms) and Tax Declarations

One of the most common business uses of MitID is access to TastSelv Erhverv at Skattestyrelsen. With MitID Erhverv, authorised users can:

• Report and pay VAT (moms) for monthly, quarterly or half‑year periods
• Submit payroll tax (AM-bidrag and A‑skat) and reconcile eIndkomst data
• View and approve preliminary tax assessments and company tax accounts

Instead of the owner logging in with a private MitID every time, roles can be assigned so that the bookkeeper or external accountant logs in with their own MitID and acts on behalf of the company. This reduces the risk of sharing personal credentials and speeds up recurring VAT and tax workflows.

Communication with SKAT, Erhvervsstyrelsen and Other Authorities

MitID is used whenever your company interacts digitally with Danish public authorities. In practice this means that, with the right authorisations, you can:

• Access Digital Post (e-Boks / mit.dk) for official letters from SKAT, Erhvervsstyrelsen, municipalities and other authorities
• Register changes in the Central Business Register (CVR) via Virk.dk, such as changes in management, address or company form
• Apply for registrations (e.g. VAT registration, payroll tax, import/export numbers)
• Submit annual reports and financial statements to Erhvervsstyrelsen

For accounting and audit purposes, this centralises all official communication in one digital channel, which can be accessed by the people you authorise through MitID roles.

Online Banking and Daily Cash Management

Danish banks require MitID for secure access to corporate online banking. Typical daily processes that rely on MitID include:

• Approving supplier payments and salary transfers
• Setting up and managing payment agreements and direct debits
• Viewing account statements for bookkeeping and reconciliation
• Managing company credit cards and limits

Many banks allow dual approval workflows, where one person creates a payment file from the accounting system and another person approves it via online banking using their own MitID. This supports internal control and segregation of duties in the finance function.

Signing Contracts, Board Resolutions and Agreements

MitID is widely used for digital signatures that are legally recognised in Denmark and across the EU under eIDAS. In everyday business this is relevant for:

• Signing customer and supplier contracts
• Approving board minutes and shareholder resolutions
• Signing loan agreements and leasing contracts with banks and finance companies
• Approving engagement letters and agreements with auditors and accountants

Digital signing with MitID shortens turnaround times, reduces printing and scanning, and creates a clear audit trail of who signed what and when.

Access to Accounting, ERP and Payroll Systems

More and more Danish accounting, ERP and payroll platforms integrate with MitID for login and authorisation. For a typical company this can mean:

• Employees and external accountants log in to the accounting system using their personal MitID
• Role‑based access to sensitive modules such as payroll, bank reconciliation or financial reporting
• Secure approval of payment files generated by the ERP system before they are sent to the bank

For a Danish accounting firm serving multiple clients, MitID makes it possible to switch securely between companies without mixing data or sharing passwords, while still keeping a full log of user activity for audit purposes.

Onboarding and Offboarding Employees and Advisors

MitID Erhverv supports structured onboarding and offboarding processes. In practice, this simplifies:

• Granting new employees access to Digital Post, SKAT, Erhvervsstyrelsen and banking according to their role
• Giving external accountants and payroll providers the rights they need without giving them full control over everything
• Revoking access immediately when an employee leaves the company or when cooperation with an advisor ends

This reduces the risk that former employees or advisors retain access to sensitive financial data or can act on behalf of the company after their role has ended.

Managing Foreign Owners and Directors

Many Danish companies have foreign owners or directors who need to sign documents or access public services. MitID supports this by allowing eligible foreign individuals to obtain a MitID and then be linked to the company in the relevant registers. Everyday examples include:

• Foreign board members signing annual reports and board minutes digitally
• Non‑resident owners approving capital increases, shareholder resolutions or loan agreements
• Directors abroad accessing Digital Post and official correspondence without physical presence in Denmark

This makes corporate governance and compliance significantly easier for international structures with Danish entities.

Business Continuity and Daily Risk Management

MitID also plays a key role in business continuity. By distributing roles across several trusted persons, companies can ensure that:

• VAT, tax and salary payments can still be handled if one key person is ill or unavailable
• Access to online banking is not dependent on a single director’s private MitID
• Critical deadlines from SKAT and Erhvervsstyrelsen are not missed because no one can open Digital Post

For companies working closely with an accounting firm, this means the accountant can step in and handle urgent filings or payments using their own MitID, while the company retains full control through clearly defined roles and logs.

Used in this structured way, MitID becomes an everyday tool that supports secure, efficient and compliant handling of all key financial and administrative processes in a Danish business.

Onboarding New Employees and External Accountants with MitID Access

Efficient onboarding of new employees and external accountants to MitID is critical for keeping your Danish company compliant and ensuring smooth access to public authorities, banks and accounting systems. A clear process reduces security risks, avoids delays in payroll and VAT reporting, and makes it easier to delegate tasks safely.

Prerequisites: CVR, NemKonto and correct registration

Before you can give MitID access to staff or advisors, your company must be correctly registered in Denmark:

• Valid CVR number registered in the Central Business Register
• Company NemKonto set up for payments and refunds from public authorities
• Registered company address and contact details in Virk / Erhvervsstyrelsen
• At least one person with the role of legal representative or signatory who can approve MitID roles and rights

Without these elements in place, you will not be able to assign MitID Erhverv roles or grant access to SKAT, e-Boks Erhverv, banking or accounting portals.

Defining roles and access before onboarding

Before you invite a new employee or external accountant, define what they actually need to do with MitID. Typical access needs include:

• Submitting and correcting VAT returns (moms) and EU sales listings
• Handling payroll, A-tax and AM-contribution reporting to Skattestyrelsen
• Accessing e-Boks Erhverv and digital post from SKAT, Erhvervsstyrelsen and municipalities
• Approving or initiating online banking payments and viewing account statements
• Managing company registrations in Virk (changes to owners, directors, capital, etc.)

Map these tasks to the available MitID Erhverv roles and rights. As a rule, give the minimum necessary access and avoid granting full signatory rights unless it is clearly required.

Onboarding new employees with MitID Erhverv

New employees usually use their private MitID to log in, but receive specific business roles linked to the company’s CVR. The typical onboarding flow is:

1. Collect identification data
   Make sure you have the employee’s full name, CPR number and contact details. For non-Danish employees, check if they already have a CPR and MitID, or if they first need to obtain a CPR and tax number.
2. Assign roles in MitID Erhverv
   The company’s administrator or signatory logs into the MitID Erhverv administration portal and assigns roles such as:
   • Access to SKAT for VAT and tax reporting
   • Access to e-Boks Erhverv
   • Access to specific banking agreements (view, initiate, approve payments)
   • Access to accounting or ERP systems that support MitID login
3. Send invitation and activation instructions
   The employee receives an invitation and links their private MitID to the company roles. Provide internal instructions describing which systems they can access and what they are allowed to do.
4. Document access in internal controls
   Update your internal access register or IT policy to show who has which MitID-related rights. This is important for audit trails and for demonstrating compliance to auditors and banks.

Onboarding external accountants and advisors

External accountants, payroll providers and tax advisors often need broad access to your company’s digital channels, but they are not employees. For them, you should:

1. Sign a written engagement and data processing agreement
   Define responsibilities, scope of work, confidentiality and data protection in line with the Danish Data Protection Act and GDPR. Specify which systems they may access via MitID.
2. Use role-based delegation instead of full signatory rights
   Grant them access to:
   • Submit VAT returns, tax returns and payroll reports
   • Access accounting data and digital post relevant to finance
   • Prepare but not necessarily approve bank payments, depending on your internal policy
   Avoid giving external accountants the ability to change company ownership, sign major registrations or manage other users unless strictly necessary.
3. Set clear approval workflows
   Decide which tasks the accountant may complete independently (e.g. submitting VAT) and which require internal approval (e.g. large bank transfers). Configure your bank and systems accordingly.
4. Time-limit and review access
   For project-based engagements, set end dates for access and schedule regular reviews, for example annually or when changing accounting firms.

Security, segregation of duties and internal controls

MitID makes it easy to prove who did what and when, but only if you structure access correctly. For finance and accounting processes, consider:

• Segregation of duties – ideally, the person who prepares payments or VAT returns is not the same person who approves them.
• Two-person approval for high-value bank transfers or changes to master data, configured in your online banking and ERP.
• Regular access reviews – at least once a year, verify that all employees and advisors still need their current MitID roles.
• Logging and documentation – keep records of role assignments, changes and removals. Use MitID and system logs to support internal and external audits.

Offboarding: removing MitID access quickly and safely

Offboarding is just as important as onboarding. When an employee resigns or you change accounting firm, you should:

1. Immediately revoke MitID roles
   Remove all business roles for the person in MitID Erhverv, including access to SKAT, e-Boks, banking and accounting systems.
2. Update banking and system rights
   Ensure that the person is removed from all payment approval chains and user lists in ERP, payroll and other integrated platforms.
3. Reassign responsibilities
   Transfer tasks such as VAT filing, payroll and digital post handling to another employee or advisor without gaps in deadlines.
4. Document the offboarding
   Record the date and scope of access removal for audit and compliance purposes.

Best practices for smooth MitID onboarding in accounting and finance

To make onboarding efficient and compliant, many Danish companies adopt the following practices:

• Create a standard onboarding checklist for finance staff and external accountants, covering MitID roles, banking rights and system access.
• Align MitID roles with your accounting policies, including approval limits, documentation requirements and deadlines for VAT, tax and payroll.
• Train new users on how to use MitID securely, including handling of authentication devices and recognising phishing attempts.
• Coordinate with your accounting software provider to ensure that MitID integration is correctly configured for each user role.

With a structured onboarding and offboarding process, MitID becomes a powerful tool for secure, efficient and compliant handling of your company’s accounting and tax obligations in Denmark.

Costs, Licensing and Administrative Overhead Related to MitID for Businesses

When planning the implementation of MitID in a Danish company, it is important to understand not only the technical side, but also the costs, licensing model and day‑to‑day administrative workload. For most businesses, MitID is not a large direct cost item, but it does require clear internal procedures, role management and ongoing maintenance.

Direct costs of MitID for businesses

MitID for private individuals is financed via the public system and banks, while MitID Erhverv (the business solution) is organised through so‑called identity brokers and service providers. In practice, most Danish companies encounter MitID costs in three main areas:

• Fees to MitID brokers / service providers – banks, payroll/ERP providers and specialised identity brokers may charge setup or subscription fees for business access to MitID, especially for advanced integrations (e.g. signing services, SSO, API access). Pricing is typically tiered per company or per active user, and often bundled with other services (online banking, ERP, digital signing).
• Hardware and devices – if employees cannot or should not use the MitID app on a private smartphone, the company may need to provide:
  • company smartphones with the MitID app installed, or
  • MitID code display / chip (if offered via the chosen provider), or
  • secure workstations for login via MitID app on a separate device.
  The cost here is mainly the purchase and replacement of devices, mobile subscriptions and internal IT support.
• Implementation and consultancy – for more complex setups (e.g. integration with ERP, payroll, document signing or custom business portals) companies may incur:
  • IT consultancy hours for integration and testing
  • configuration of roles and access rights in MitID Erhverv
  • documentation and internal training materials.

Small companies that only use MitID for communication with public authorities and online banking often face very limited or no explicit MitID licence fees, as access is included in their banking or accounting software packages. Larger organisations with many users and system integrations should, however, expect recurring subscription and support costs from their providers.

Licensing and user management

MitID itself is a national infrastructure, but companies access it through licensed providers. This has a direct impact on how licensing and administration are handled:

• User‑based or role‑based licensing – some providers price per named user (e.g. per employee with MitID access to a portal), others per role or per transaction (e.g. per digital signature). For accounting‑heavy businesses that sign many documents, a transaction‑based model can be more relevant than a pure user‑based model.
• Multiple environments – if your company uses MitID in several systems (bank, ERP, document signing, industry‑specific portals), you may effectively “pay” for MitID access several times through different providers. It is therefore important to map where MitID is used and negotiate bundled or volume‑based agreements where possible.
• Licences for external advisors – external accountants and tax advisors often use their own MitID to access your company’s data via power of attorney (fuldmagt) or system‑to‑system access. In many cases, this does not create extra licence costs for your company, but it does require correct setup of authorisations in e.g. TastSelv Erhverv, E‑Boks Erhverv and accounting systems.

From a cost‑control perspective, it pays to regularly review which employees actually need MitID‑based access, and to deactivate users who have changed roles or left the company. This reduces both licence costs and security risks.

Administrative overhead and internal processes

The main “price” of MitID for many businesses is the internal administration. Proper role and access management is essential to remain compliant with Danish rules and to pass audits. Key administrative tasks include:

• Appointing and maintaining administrators – MitID Erhverv requires one or more administrators who can create, change and revoke user access. These people need clear job descriptions and backup arrangements so that access does not depend on a single individual.
• Onboarding and offboarding – new employees, board members and external accountants must be granted the correct MitID‑based rights to SKAT, Erhvervsstyrelsen, online banking, payroll and ERP. When they leave or change roles, these rights must be removed or adjusted without delay. Many companies link this to their HR processes and checklists.
• Role‑based access control – instead of assigning rights user by user, it is more efficient to define standard roles (e.g. “accountant”, “payroll specialist”, “CFO”, “director”) and attach MitID‑based permissions to these roles. This reduces manual work and the risk of errors.
• Documentation and audit trail – Danish companies are expected to be able to document who has access to which systems and why. MitID logs and access lists should be stored and reviewed regularly, especially in companies subject to statutory audits or sector‑specific regulation (e.g. financial institutions).

For many SMEs, the administrative overhead can be significantly reduced by letting the external accountant or payroll provider act as a central administrator, within clearly defined powers of attorney and written agreements.

Hidden costs: training, support and downtime

Beyond direct fees and licences, MitID can generate indirect costs that are easy to overlook:

• Training and change management – employees must learn how to use the MitID app or device, recognise phishing attempts and handle login problems. Short, targeted training and clear internal guidelines reduce support requests and security incidents.
• Internal support – IT or administrative staff will spend time helping users with new phones, lost access, expired IDs or changed roles. The more standardised your procedures, the lower this cost will be.
• Downtime and delays – if MitID is unavailable, or if a key person loses access, important tasks such as VAT reporting, payroll approval or bank transfers can be delayed. This can lead to late‑payment interest, reminder fees or reputational damage. A documented business continuity plan (e.g. backup administrators, alternative signatories, clear contact to provider support) helps minimise these risks.

How to keep MitID costs and overhead under control

To ensure that MitID remains a cost‑effective and efficient solution for your Danish business, consider the following practical steps:

1. Map all systems where MitID is used (public authorities, banks, ERP, payroll, signing platforms, industry portals).
2. Consolidate providers where possible and negotiate transparent pricing (per user, per transaction or bundled).
3. Define clear roles and responsibilities for MitID administration, including backups.
4. Integrate MitID onboarding and offboarding into your HR and IT processes.
5. Provide short, recurring training for employees on secure and efficient use of MitID.
6. Review access rights and user lists at least once a year, preferably in connection with the financial audit.

Handled correctly, MitID does not have to be a heavy cost or administrative burden. With the right setup and cooperation between management, accounting and IT, it becomes a stable, predictable part of your company’s digital infrastructure, supporting secure communication with authorities, banks and business partners in Denmark.

Common Mistakes When Setting Up MitID and How to Avoid Them

Many Danish companies run into avoidable problems when they first set up MitID for business use. These mistakes can lead to blocked access to SKAT, online banking, e-Boks, and accounting systems, or even to non-compliance with Danish rules on digital signatures and access control. Below are the most common pitfalls and how to avoid them in practice.

1. No Clear Assignment of Roles and Responsibilities

A frequent mistake is starting the MitID setup without deciding who is responsible for what. Companies often mix up the roles of legal representatives, administrators, and regular users, which later causes confusion when someone leaves the company or needs extra rights.

Before you start, define in writing:

• Who is the legal signatory in CVR (e.g. director, owner) who can approve MitID Erhverv setup
• Who will be the primary MitID Erhverv administrator (IT, finance, external accountant)
• Who only needs limited access (e.g. employees who just file VAT or approve invoices)

Document these decisions in your internal procedures so you can easily update roles when your organisation changes.

2. Mixing Private MitID and MitID Erhverv

Another common issue is using private MitID for business processes where MitID Erhverv should be used. While private MitID can be used in some situations, relying on it for company-critical processes makes it harder to separate personal and company responsibilities and complicates audits.

As a rule of thumb:

• Use MitID Erhverv for access to SKAT, eIndkomst, virk.dk, NemRefusion, and other public business services
• Use MitID Erhverv for company online banking and financial approvals where possible
• Limit the use of private MitID to situations where the service provider does not yet support MitID Erhverv or where a person is acting clearly in a private capacity

This separation supports better internal control and clearer responsibility in case of disputes or audits.

3. Not Aligning MitID Rights with Internal Authorisation Rules

Many businesses give employees or external accountants broader MitID rights than their internal authorisation rules allow. For example, a bookkeeper who may only prepare VAT returns internally is given full rights in MitID to submit and sign on behalf of the company.

To avoid this, map your internal authorisation matrix to MitID roles:

• Who may prepare vs. who may approve and sign VAT, tax returns, and payroll reports
• Who may view bank accounts vs. who may approve payments
• Who may grant or revoke access for others in MitID Erhverv

Ensure that MitID rights never exceed the person’s formal authority in your internal policies and employment contracts.

4. Incomplete or Incorrect Company Data in CVR and Systems

MitID Erhverv relies on correct information in the Danish Business Register (CVR). If your company’s legal representatives or addresses are outdated, the setup process may fail or require manual intervention.

Before initiating MitID Erhverv:

• Check that directors, owners and authorised signatories are correctly registered in CVR
• Ensure the company’s email and contact details are up to date in relevant public registers
• Verify that your bank and key service providers have the same legal information as in CVR

This reduces delays and prevents situations where the wrong person is treated as the official representative in digital services.

5. Underestimating Identification Requirements for Owners and Directors

Foreign owners or directors, or Danish residents without a standard CPR-registered address, often face extra identification steps. A common mistake is assuming that everyone can be onboarded with MitID in the same way and at the same speed.

Plan ahead if you have:

• Foreign board members or ultimate beneficial owners without Danish CPR numbers
• Directors living abroad who cannot easily visit a Danish bank branch
• Complex ownership structures that require additional documentation

Contact your bank and MitID Erhverv support early to clarify which documents are needed (passport, proof of address, company documents) and how long verification typically takes.

6. No Backup Administrators or Recovery Plan

Many companies appoint only one MitID Erhverv administrator. If that person leaves, is on long-term sick leave, or loses access to their MitID, the company may be locked out of critical services.

To avoid this risk:

• Always appoint at least two MitID Erhverv administrators
• Ensure that administrators are from different departments (e.g. finance and management) where possible
• Document a clear recovery process if an administrator’s MitID is lost, stolen, or blocked

Regularly test your recovery procedures so you know how quickly you can restore access in a real incident.

7. Granting Access to External Advisors Without Clear Time Limits

It is common to give external accountants, payroll providers, or tax advisors MitID-based access to SKAT and other systems. The mistake is forgetting to revoke or limit this access when the engagement ends or changes.

Best practice is to:

• Grant access based on specific tasks (e.g. VAT filing, payroll reporting) rather than “full access”
• Set calendar reminders to review all external access at least once a year and whenever you change advisor
• Include access management and revocation rules in your contracts with external accountants and consultants

This reduces the risk of former advisors still being able to see sensitive data or act on behalf of your company.

8. Weak Internal Security Around Devices and Login Methods

Even though MitID itself uses strong authentication, many security incidents start with poor protection of the devices or email accounts used for login and recovery. Companies sometimes treat MitID as “secure by default” and ignore basic IT hygiene.

To strengthen your setup:

• Require strong, unique passwords and multi-factor authentication for email accounts used for MitID communication and recovery
• Ensure that company devices used for MitID are protected with up-to-date antivirus, encryption and regular security updates
• Train employees to recognise phishing attempts that try to trick them into approving MitID logins they did not initiate

Combine technical controls with clear policies on how and when employees may use MitID on private devices.

9. Skipping Documentation and Audit Trails

Many SMEs treat MitID setup as a one-off technical task and fail to document decisions. This becomes a problem during internal control reviews, bank compliance checks, or tax audits, where you must show who had which access and why.

From the start, keep a simple but complete record of:

• Who is administrator, who is user, and what rights each person has
• When access was granted, changed, or revoked
• The internal justification for granting higher-level rights (e.g. signing authority)

Use MitID logs and your accounting system’s audit trails together to demonstrate proper segregation of duties and approval workflows.

10. Poor Communication and Training for Employees

Finally, many businesses activate MitID for employees without explaining how it should be used in daily work. This leads to mistakes such as approving the wrong transaction, using private MitID by accident, or sharing devices inappropriately.

Provide short, targeted training that covers:

• When to use MitID Erhverv vs. private MitID
• Which actions employees are allowed to perform (view, prepare, approve, sign)
• How to react if they receive unexpected MitID prompts or suspect misuse

Update this training when you change banking arrangements, accounting software, or internal approval flows so that your MitID setup always reflects how the business actually operates.

By avoiding these common mistakes and treating MitID as part of your broader access control and compliance framework, you can ensure secure, efficient digital processes and reduce the risk of operational disruptions or regulatory issues in Denmark.

MitID Support, Helpdesks and Resources for Danish Companies

Reliable MitID support is essential for Danish companies that depend on digital self-service with SKAT, Erhvervsstyrelsen, banks and other authorities. Knowing where to get help and how to structure internal support will save time, reduce errors and lower the risk of access problems that can delay VAT reporting, payroll or annual accounts.

Official MitID support channels

The primary source of help for technical and identification issues is the official MitID support provided by the Danish authorities and the MitID operators. Typical topics handled here include problems logging in, blocked MitID, issues with the MitID app or code display, and questions about identification requirements.

Companies and their employees can use:

• MitID support website – step-by-step guides, FAQ, troubleshooting for the app, code display and hardware tokens, plus information on identification requirements and known incidents.
• Phone support – for users who cannot log in, have lost access to the app or code display, or need help reactivating MitID. Support can guide users through identification and reactivation but cannot bypass security procedures.
• In-person support – at selected citizen service centres (borgerservice) and banks, where users can be identified physically and get help activating or recovering MitID.

These channels primarily support individual MitID users (including company owners and employees). For company-wide setup and rights management in MitID Erhverv, businesses should also rely on their own internal administrators and, where relevant, their accounting or IT advisors.

Support from SKAT, Erhvervsstyrelsen and banks

Many MitID problems arise when logging in to specific services rather than in MitID itself. In these cases, the correct support channel is often the service provider:

• SKAT (TastSelv Erhverv) – supports issues related to logging in with MitID to file VAT (moms), payroll tax (AM-bidrag), A-tax (A-skat), import VAT, excise duties and corporate tax. They can help distinguish between MitID problems and access rights issues in TastSelv Erhverv.
• Erhvervsstyrelsen – helps with MitID login to the Virk.dk portal, registration of beneficial owners, company changes in CVR, and digital mail (Digital Post). They can clarify which MitID roles are required for specific filings.
• Banks and financial institutions – support MitID login to business online banking, authorisation of payments, access for external accountants and auditors, and setup of signing rules. They can explain how MitID interacts with the bank’s own authorisation model.

When an employee or external accountant cannot access a specific system, it is often necessary to check both the MitID setup and the access rights in the relevant portal or bank.

Internal support structure in the company

For most Danish businesses, the most effective “first line” of MitID support is internal. A clear structure reduces the number of urgent calls to external helpdesks and ensures that access problems do not delay critical deadlines such as VAT filing, payroll or annual reporting.

Best practice includes:

• Appointing one or more MitID administrators (for MitID Erhverv) responsible for assigning and revoking roles, managing employee access and coordinating with external advisors.
• Documenting who may contact official support on behalf of the company and what identification documents they must have available.
• Creating simple internal guides for employees on how to:
  • Activate and use the MitID app or code display
  • Handle a lost phone or code display
  • Recognise phishing and fake MitID pages
• Ensuring that at least two people in key areas (management, finance, payroll) have the necessary MitID roles so that the company is not dependent on a single person.

Support for external accountants and advisors

Many Danish companies rely on external accountants, bookkeepers or payroll providers who use MitID to act on behalf of the company. Clear procedures and support for these advisors are crucial to avoid delays in compliance and reporting.

Companies should:

• Define which tasks the external advisor will perform (e.g. VAT filing, payroll, corporate tax, annual accounts, changes in CVR).
• Grant the correct MitID roles and rights in MitID Erhverv and in each relevant portal (SKAT, Virk.dk, bank, payroll system).
• Agree on who contacts which support in case of problems – for example, the advisor contacts SKAT or the accounting software provider, while the company handles MitID identification issues for its own employees.
• Review access rights regularly, especially when changing accountant, changing bank or restructuring the company.

Online resources, guides and training

There is a growing number of online resources that help Danish businesses use MitID more efficiently and securely. These include:

• Official MitID user guides and video tutorials explaining activation, login, security settings and recovery options.
• Guides from SKAT and Erhvervsstyrelsen on how to use MitID for specific filings, such as VAT returns, payroll reporting, registration of beneficial owners and digital mail.
• Documentation from ERP, accounting and payroll software providers showing how MitID integrates with their systems, including role mapping and typical error messages.
• Short internal training sessions or e-learning modules for employees who regularly use MitID for business purposes.

For companies with many employees or complex access structures, investing a small amount of time in structured training often pays off quickly through fewer support cases and smoother workflows.

When to involve your accounting firm or IT provider

Some MitID issues are deeply connected with accounting processes, ERP systems and internal controls. In these cases, it is more efficient to involve your accounting firm or IT provider rather than only relying on generic MitID support.

Typical situations include:

• Setting up role-based access in ERP, payroll and banking systems that matches the company’s internal approval workflows.
• Ensuring that MitID-based logins and signatures are correctly logged for audit purposes and can be used as evidence during internal or external audits.
• Designing backup procedures so that critical filings (VAT, payroll, corporate tax) can still be completed if one or more key users lose access to MitID.
• Integrating MitID with single sign-on or identity management solutions in larger organisations.

An accounting firm that specialises in Danish companies can also help interpret the interaction between MitID, tax rules, bookkeeping obligations and documentation requirements, ensuring that digital signatures and logins support compliance rather than create uncertainty.

Practical tips for efficient MitID support in your business

To minimise downtime and stress around deadlines, Danish companies should implement a few practical measures:

• Keep an up-to-date contact list with phone numbers and links for MitID support, SKAT, Erhvervsstyrelsen, the bank and key software providers.
• Maintain a simple MitID access overview showing who has which roles for SKAT, Virk.dk, online banking, payroll and accounting systems.
• Test access well before important deadlines such as VAT due dates, payroll runs or submission of annual accounts.
• Regularly review and update access when employees join, change roles or leave the company, and when changing external advisors.

With the right combination of official helpdesks, internal procedures and support from accounting and IT partners, MitID can function as a stable and secure foundation for all key digital processes in a Danish business.

MitID and Accounting Software: Integration with ERP and Payroll Systems

For most Danish companies, MitID is now a central element in daily financial routines: approving payments, filing VAT, accessing e-Boks and communicating with SKAT and Erhvervsstyrelsen. To avoid manual logins and risky workarounds, it is crucial to understand how MitID interacts with your ERP and payroll systems and where the technical and legal boundaries lie.

MitID is designed as a personal digital identity, not as a generic “company login”. In practice this means that every approval, login or signature in your accounting or payroll software must be clearly linked to a specific person – director, employee or external accountant – who has the appropriate MitID role and rights. This personal attribution is not only a security feature; it also supports audit trails, internal controls and compliance with Danish bookkeeping rules and anti‑money laundering requirements.

Typical integration models between MitID and business software

Most accounting, ERP and payroll solutions used in Denmark do not “embed” MitID directly in the software. Instead, they rely on one of the following models:

• Browser‑based MitID login – the user starts the ERP or payroll system in a browser, is redirected to the official MitID login page, authenticates with the MitID app or code display, and is then sent back to the system with a confirmed identity. This is the standard model for cloud‑based systems.
• MitID Erhverv for system‑to‑system access – for integrations with public authorities (for example automatic retrieval of data from SKAT or Erhvervsstyrelsen), the software uses MitID Erhverv and organisation identities. Here, the company sets up roles and rights in MitID Erhverv, and the ERP or payroll system uses these to access public services on behalf of the company.
• API‑based integrations via providers – some vendors use certified identity brokers or service providers that connect their software to MitID. The user still authenticates with MitID, but the technical connection is handled by the provider’s API.

Regardless of the model, the key point is that the ERP or payroll system never “stores” or replaces MitID. It only uses the identity and authorisation information returned by MitID to grant access and register who performed which action.

MitID in everyday accounting workflows

Well‑configured MitID integration can significantly streamline daily accounting and payroll processes. Typical examples include:

• Approving supplier payments – many Danish companies use ERP systems that connect directly to online banking. Payment batches are prepared in the ERP, but final approval in the bank requires MitID. The system logs which MitID user approved each batch, supporting the four‑eyes principle and internal control requirements.
• Submitting VAT (moms) and tax returns – when your accountant or internal bookkeeper files VAT or corporate tax via TastSelv Erhverv, they log in with their personal MitID or MitID Erhverv role. If your ERP system exports data directly to SKAT, MitID is used to authenticate the person or organisation behind the submission.
• Accessing e‑Boks and public messages – many accounting systems import documents from e‑Boks (for example SKAT letters, public fee invoices or decisions from Erhvervsstyrelsen). Access to these documents is based on MitID Erhverv roles that allow the system or user to read the company’s digital mail.
• Payroll approvals and salary payments – payroll systems generate salary files that are sent to the bank. Final release of salary payments typically requires MitID authentication by a person with payment rights on the company account. The payroll system records who approved the payroll run and when.

For companies working with external accountants, MitID is also the basis for granting and revoking access. Instead of sharing passwords, the company assigns the accountant a specific MitID Erhverv role and rights in the ERP or payroll system. This makes it easy to document who had access during a given financial year, which is important for both internal governance and external audits.

Security, compliance and audit trails

From a compliance perspective, MitID integration with ERP and payroll systems supports several key requirements under Danish law. The Danish Bookkeeping Act requires companies to ensure reliable documentation, traceability and protection against unauthorised changes. By linking each login, approval and change in the system to a specific MitID user, you create a clear audit trail that shows:

• who created or changed a transaction or master data
• who approved payments, salary runs or VAT submissions
• when each action was performed and from which user account

This level of traceability is also relevant for anti‑money laundering controls, internal fraud prevention and cooperation with external auditors. During a statutory audit, it is much easier to demonstrate robust internal controls if the ERP and payroll logs can be linked directly to MitID‑authenticated users.

At the same time, companies must respect data protection rules. MitID itself is managed centrally, but your ERP and payroll systems store user profiles and logs that may contain personal data. Access to these logs should be restricted, retention periods should be defined, and the company should be able to document how MitID‑based access is managed as part of its general GDPR compliance.

Practical considerations when choosing or configuring software

When selecting or configuring accounting, ERP or payroll software for use in Denmark, it is worth checking in detail how the system works with MitID and MitID Erhverv. Key questions include:

• Does the system support MitID login for all relevant user types (management, finance staff, external accountants)?
• Can user roles in the software be aligned with MitID Erhverv roles, so that access to sensitive functions (for example payment approval, master data changes) is properly restricted?
• How are logs stored and presented – can you easily see which MitID user performed which action, and can you export this information for audit purposes?
• Does the system integrate with Danish banks, SKAT, e‑Boks and Erhvervsstyrelsen using MitID‑based authentication, or are manual steps still required?
• How does the vendor handle situations where a MitID is lost, blocked or replaced – is there a clear process to update user accounts without losing traceability?

For many small and medium‑sized Danish companies, the most efficient setup is a cloud‑based ERP or accounting system that already has standard integrations with major banks, SKAT and e‑Boks using MitID. This reduces the need for custom development and ensures that the solution is kept up to date when MitID or public interfaces change.

Role of your accountant or accounting firm

A Danish accounting firm that understands both MitID and the local software landscape can help you design a secure and efficient setup. In practice, this often includes:

• advising on choice of ERP and payroll systems with robust MitID support
• setting up user roles and access rights based on MitID and MitID Erhverv
• documenting procedures for approvals, payment workflows and VAT submissions
• reviewing logs and access rights regularly to ensure compliance and reduce fraud risk

By combining proper MitID configuration with well‑designed accounting and payroll processes, your company can simplify daily work, strengthen internal control and meet Danish regulatory requirements – all while keeping digital identity and access management under control.

Business Continuity: What Happens if MitID is Lost, Stolen or Unavailable

Even the most secure digital identity system cannot fully eliminate the risk of loss, theft or temporary unavailability. For Danish businesses, planning for MitID disruptions is essential to keep accounting, tax reporting and banking operations running smoothly. A clear continuity plan reduces downtime, limits the risk of missed deadlines with SKAT and other authorities, and helps prevent fraud.

Typical scenarios: when MitID becomes a problem

Business access to MitID can be interrupted in several ways:

• MitID app or code display is lost, stolen or physically damaged
• Employee leaves the company without properly transferring roles and access
• Wrong attempts or suspected misuse cause MitID to be blocked
• Technical outages on the user’s device (phone, tablet, PC) or network issues
• Foreign owners or directors cannot authenticate due to missing or incorrectly set up MitID Erhverv access

Each of these situations can affect your ability to submit VAT (moms), payroll (eIndkomst), corporate tax returns, annual reports to Erhvervsstyrelsen, or to approve payments in online banking.

Immediate steps if MitID is lost or stolen

If a MitID device or login method is lost or suspected to be compromised, the priority is to block access and prevent unauthorised use. In most cases, the user or the company’s MitID Erhverv administrator should:

1. Block the MitID identity via the official MitID self-service or by contacting MitID support
2. Inform the company’s internal IT or security responsible and the finance or accounting department
3. Review recent logins and approvals in MitID Erhverv and in online banking for suspicious activity
4. Notify the bank immediately if there is any risk that payment approvals or account access have been compromised

Blocking MitID quickly is crucial because MitID is used to sign legally binding documents, approve bank transfers and submit declarations to public authorities. A fraudulent action performed with MitID can be treated as if the company itself had approved it.

Restoring access: reactivation and replacement

Once the compromised MitID is blocked, the next step is to restore secure access. Depending on the situation, this may involve:

• Issuing a new MitID app or code display to the affected user
• Re-identification of the user, for example via passport or national ID at an authorised MitID agent or online using video identification if available
• Reassigning roles in MitID Erhverv so the user can again act on behalf of the company
• Updating access rights in online banking, ERP and payroll systems that rely on MitID

For companies working with external accountants or payroll providers, it is important to coordinate reactivation so that the advisor can continue to file VAT, payroll and corporate tax on time.

MitID Erhverv administrators and backup roles

Business continuity with MitID depends heavily on proper role management in MitID Erhverv. At least two administrators should be appointed so that the company is not dependent on a single person. If the only administrator loses access, adding new users or changing roles becomes significantly more complicated and time-consuming.

Good practice is to:

• Have at least two active MitID Erhverv administrators with broad rights
• Ensure that key finance and accounting staff have the necessary roles to sign, approve and submit declarations
• Grant external accountants or auditors clearly defined roles that allow them to work independently within agreed limits
• Review roles regularly, especially after organisational changes or staff departures

This structure allows another administrator to quickly revoke rights for a lost or stolen MitID and assign temporary or permanent access to replacement staff.

Handling staff changes and long-term absences

Many MitID continuity issues arise when employees leave the company or are on long-term leave. To avoid disruptions:

• Include MitID access review in the offboarding checklist for all employees and external advisors
• Revoke MitID Erhverv roles immediately when an employee leaves or changes position
• Transfer critical roles (for example, those needed for SKAT, Erhvervsstyrelsen and banking) to another employee or advisor before the change takes effect
• For long-term sickness or parental leave, assign temporary backup roles to ensure that deadlines for VAT, payroll and tax filings can still be met

Well-managed role transfers reduce the risk that the company suddenly cannot sign necessary documents or access key systems because the only authorised person is unavailable.

MitID downtime and deadlines towards public authorities

MitID is required for most digital communication with SKAT, Erhvervsstyrelsen and other Danish authorities. If MitID is unavailable close to a statutory deadline, the company can face interest, surcharges or penalties. For example, late VAT returns can trigger daily interest and possible administrative fines, and late corporate tax payments can lead to interest and surcharges calculated as a percentage of the outstanding amount.

To minimise this risk:

• Do not wait until the last day to submit VAT, payroll or tax returns
• Ensure that more than one person can submit and sign on behalf of the company
• Monitor upcoming deadlines in the accounting system and plan submissions in advance
• If a serious technical problem with MitID or public systems occurs, document it (screenshots, error messages, support tickets) in case you need to argue for remission of penalties

Although Danish authorities can in some cases grant relief if the company can document extraordinary technical issues, this is not guaranteed. A proactive approach with multiple authorised users is far more reliable than relying on exceptions.

Continuity in online banking and payment approvals

Most Danish banks require MitID for company logins and approval of payments, including supplier invoices, salaries and tax payments. If the primary approver loses MitID, the company may be unable to pay suppliers or employees on time.

To secure continuity in banking:

• Set up at least two users with approval rights for payments and payroll in each bank agreement
• Align bank user rights with MitID Erhverv roles so that access can be managed consistently
• Test that backup approvers can log in and approve payments before an emergency occurs
• For larger companies, define clear rules for dual approval and limits per user to reduce fraud risk

For accounting firms managing client payments, it is important that both the accountant and at least one person in the client company can approve payments, so that operations can continue if one party’s MitID is unavailable.

Foreign owners and directors: special continuity considerations

Foreign owners and directors of Danish companies often rely on MitID to sign annual reports, approve tax filings and access online banking. If their MitID is not properly set up or becomes unavailable, the company can face delays in fulfilling Danish obligations.

To avoid this, foreign stakeholders should:

• Ensure they obtain MitID and are correctly linked to the company in MitID Erhverv
• Designate a trusted Danish representative (for example, a local director or accountant) with sufficient MitID-based rights to act on behalf of the company
• Regularly test access to SKAT, Erhvervsstyrelsen and banking systems, especially before peak reporting periods

For groups with several Danish entities, it is often efficient to centralise MitID Erhverv administration with a Danish finance or accounting function that can step in if a foreign director is temporarily unavailable.

Documented MitID continuity plan

From a governance and audit perspective, companies should treat MitID as a critical part of their internal control environment. A simple, written continuity plan helps both internal staff and external auditors understand how the company manages access risks. The plan should typically cover:

• Who are the primary and backup MitID Erhverv administrators
• Which key processes depend on MitID (tax, VAT, payroll, banking, reporting)
• Procedures for blocking and replacing MitID in case of loss, theft or suspected misuse
• Steps for urgent role reassignment if a key employee becomes unavailable
• How MitID logs are used to monitor access and support internal and external audits

For accounting firms and outsourced finance departments, such a plan is also a strong selling point, as it demonstrates that the provider can maintain operations and compliance even in case of MitID incidents.

By combining robust MitID Erhverv role management, multiple authorised users, timely submissions and a documented continuity plan, Danish businesses can significantly reduce the operational and compliance risks associated with lost, stolen or unavailable MitID. This ensures that everyday accounting, tax and banking processes remain stable, even when individual digital identities fail.

MitID for Foreign Owners and Directors of Danish Companies

Foreign owners and directors of Danish companies are fully expected to use MitID in the same way as Danish residents when they act on behalf of a business. This applies whether you own an ApS, A/S or another Danish legal entity, and whether you live inside or outside the EU. Without MitID, it is increasingly difficult – and in many cases impossible – to handle day-to-day obligations such as reporting to SKAT, filing with the Danish Business Authority (Erhvervsstyrelsen) or approving online banking payments.

Can a foreigner get MitID for business use?

Yes, foreign individuals can obtain MitID and MitID Erhverv access, but the process depends on whether you already have a Danish civil registration number (CPR) and whether you are registered in the Danish population register.

• Foreigners with CPR number and address in Denmark usually obtain a private MitID in the same way as Danish citizens, via their bank or Borgerservice, and can then be assigned roles in MitID Erhverv for company use.
• Foreigners with CPR number but no Danish address can normally still get MitID, but identification is more often handled via a Danish bank or a visit to Borgerservice when in Denmark.
• Foreigners without CPR number cannot get a standard private MitID. In business contexts they typically use MitID Erhverv “business identity” (erhvervsidentitet) or other cross-border eID solutions accepted under eIDAS, depending on the specific service.

For company management, the most practical solution is often to ensure that key foreign owners and directors are registered with a CPR number and then granted the necessary MitID Erhverv roles. Where this is not possible, the company must plan alternative access routes, for example through a Danish-resident director or an authorised advisor such as an accountant.

MitID Erhverv for foreign directors and board members

MitID Erhverv is the business version of MitID used to log in to public business services (for example TastSelv Erhverv at SKAT, virk.dk and e-Boks Erhverv) and many private platforms such as online banking and accounting systems. Foreign directors and board members can be given access through MitID Erhverv in the same way as Danish residents, provided that:

• They are correctly registered in the Central Business Register (CVR) as directors, board members or authorised signatories, and
• The company’s MitID Erhverv administrator assigns them the appropriate roles and permissions.

Typical roles for foreign company officers include access to file annual reports with Erhvervsstyrelsen, approve VAT and tax returns in TastSelv Erhverv, sign digital documents, and receive secure digital post on behalf of the company. It is important that the role structure reflects the company’s signing rules, for example whether the company has single or joint signatory requirements.

Identification and onboarding challenges for non-residents

The main practical challenge for foreign owners and directors is identity verification. Danish rules require strong, documented identification before a MitID or MitID Erhverv identity can be issued. For non-residents this often means:

• Presenting a valid passport and, in some cases, proof of address and residence status
• Appearing in person at a Danish authority (such as Borgerservice) or a participating bank branch when in Denmark
• In certain cases, using video identification or notarised documentation if allowed by the chosen issuer

Because of these requirements, foreign directors should plan the onboarding process well in advance of deadlines for company formation, VAT registration, first VAT return or first annual report. Many companies coordinate the MitID setup with their Danish bank or accounting firm, so that access to online banking, payroll and SKAT can be granted in a structured way.

Using MitID to communicate with SKAT and Erhvervsstyrelsen

Foreign owners and directors remain responsible for ensuring that the company complies with Danish tax and reporting rules. MitID is the standard way to access:

• SKAT’s TastSelv Erhverv for VAT returns, payroll tax (A-skat and AM-bidrag), corporate tax (selskabsskat) and other declarations
• Virk.dk and Erhvervsstyrelsen for registration changes, beneficial owner (reelle ejere) reporting, annual accounts filing and company changes such as capital increases or changes in management
• Digital Post (e-Boks Erhverv) where official letters from SKAT, Erhvervsstyrelsen and other authorities are delivered

If a foreign director does not have MitID, the company must ensure that someone else with proper authority – for example a Danish-resident director or an external accountant with a power of attorney – can access these systems via their own MitID Erhverv. Otherwise, the company risks missing statutory deadlines, which can lead to fines, late-payment interest or in serious cases compulsory dissolution.

MitID and online banking for foreign signatories

Most Danish banks require MitID for access to corporate online banking. Foreign owners and directors who are authorised signatories on the company’s bank accounts will usually need:

• A personal MitID or MitID Erhverv user identity accepted by the bank
• Assignment of the correct signing and approval rights within the bank’s own system

Without MitID, foreign signatories may only be able to sign paper forms or rely on another authorised person to execute payments, which is slower and less secure. For companies with foreign private equity owners or international groups, it is therefore important to clarify early with the Danish bank how foreign signatories can be onboarded with MitID-based access.

Foreign beneficial owners and transparency requirements

Danish law requires companies to register their beneficial owners (reelle ejere) with Erhvervsstyrelsen. Foreign individuals who ultimately own or control more than 25% of the capital or voting rights must be registered, even if they are not directors. While beneficial owners do not always need MitID themselves, their information is used in public registers and in banks’ and accountants’ anti-money laundering (AML) checks.

Where a foreign beneficial owner is also a director or has signing authority, MitID becomes the practical tool that allows them to exercise that authority in a compliant way. Proper MitID setup therefore supports both transparency and AML requirements, which are closely monitored by Danish banks and authorities.

Risk management and continuity for foreign-led companies

Companies with foreign management should pay particular attention to continuity if a key person’s MitID is lost, blocked or becomes unavailable. Because many critical functions – tax reporting, banking, digital post – depend on MitID, it is wise to:

• Have more than one director or authorised person with MitID Erhverv access
• Grant controlled access to a trusted Danish accountant or advisor who can act on the company’s behalf
• Regularly review and update MitID Erhverv roles when management or ownership changes

By planning MitID access carefully for foreign owners and directors, a Danish company can operate smoothly across borders, meet all Danish compliance obligations and avoid unnecessary administrative bottlenecks. For many international businesses, working closely with a local accounting firm to design and maintain the right MitID setup is the most efficient way to stay compliant and keep daily operations running without interruption.

Compliance and Audit Trails: Using MitID Logs for Internal and External Audits

MitID is not only a secure login tool. For Danish companies, it is also a powerful source of audit evidence that can support compliance with Danish bookkeeping rules, tax legislation and sector-specific requirements. Properly configured MitID logs help you document who approved which transaction, when access was granted or revoked, and how sensitive actions were carried out in your accounting and ERP systems.

Why MitID logs matter for compliance in Denmark

Danish companies are required to keep reliable documentation of business transactions and internal controls. This follows in particular from the Danish Bookkeeping Act, the Danish Financial Statements Act and tax rules administered by Skattestyrelsen. Authorities increasingly expect digital traceability: it must be possible to see who has done what, and when.

MitID supports this by creating a strong link between a specific person and a specific action. When employees, management or external accountants log in with MitID to approve payments, submit VAT returns (moms), sign annual reports or access e-Boks, the authentication event can be logged and used as part of your audit trail.

What exactly is logged when using MitID

The technical logging depends on the MitID-integrated system (for example online banking, ERP, payroll or e-tax). However, a compliant setup will typically record at least:

• Unique identifier of the user (MitID ID mapped to an employee, director or external advisor)
• Time and date of login and critical actions (with time zone information)
• Type of action performed (for example approval of payment, submission of VAT return, signing of document)
• Device or channel used (web, mobile app, API integration)
• Result of the authentication (success, failure, reason for failure)

These data points are usually stored in the log files of the service provider (for example the bank or software vendor) and in some cases in your own internal systems. For audit purposes, it is essential that logs are retained, protected against manipulation and can be exported in a readable format.

Internal audits: strengthening internal control with MitID

Internal audits and control reviews increasingly focus on access management and segregation of duties. MitID can support this in several ways:

• Clear assignment of roles: each employee, director or external accountant has their own MitID, which can be linked to specific roles in your systems (for example “payment approver”, “VAT filer”, “payroll responsible”).
• Verification of approvals: internal auditors can compare MitID logs with internal approval workflows to confirm that only authorised persons approved payments, salary runs or filings.
• Monitoring of high-risk actions: actions such as changing bank account details, granting new access rights or approving large payments can be flagged and periodically reviewed based on MitID log data.
• Detection of irregularities: repeated failed logins, unusual login times or access from unexpected locations can trigger internal investigations.

For many Danish SMEs, this does not require a complex GRC system. A practical approach is to ensure that your accounting software, online banking and payroll system can export MitID-related logs, and to review these at least once per year or in connection with the annual financial statement process.

External audits: how auditors use MitID logs

External auditors in Denmark increasingly rely on digital evidence when assessing the design and effectiveness of internal controls. MitID logs can be used to:

• Substantiate who approved bank payments, salary payments and major purchases
• Confirm that the same person is not both creating and approving transactions, where segregation of duties is required
• Verify that access rights for former employees and external advisors have been revoked in a timely manner
• Support the audit trail for electronic signatures on annual reports, board minutes and significant contracts

For companies subject to statutory audit under the Danish Financial Statements Act, it is helpful to discuss with the auditor which MitID-based logs they would like to see and in which format. Preparing standard exports from your systems can reduce audit time and costs.

Retention periods and storage of MitID-related logs

Under the Danish Bookkeeping Act, accounting records and related documentation must generally be stored for 5 years from the end of the financial year. In practice, MitID-related logs that form part of the documentation for business transactions and approvals should be retained for at least the same period.

For some sectors, such as financial institutions and regulated businesses, longer retention periods may apply based on sector-specific rules or anti-money laundering (AML) requirements. Companies should therefore:

• Clarify which systems hold MitID-related logs that are relevant for bookkeeping and compliance
• Ensure that log retention settings in these systems are aligned with legal requirements and internal policies
• Store logs in a way that prevents unauthorised changes and ensures availability for the entire retention period

Data protection and access to MitID logs

MitID logs often contain personal data, as they can identify specific employees, directors and external advisors. This means that the General Data Protection Regulation (GDPR) and the Danish Data Protection Act apply. Companies should:

• Limit access to logs to persons who need them for compliance, security or audit purposes
• Define clear retention and deletion rules for logs that are no longer needed
• Inform employees and external advisors in internal policies that MitID-based access and actions are logged
• Ensure that any transfer of logs to auditors or IT providers is covered by appropriate data processing agreements

When used correctly, MitID logs help demonstrate accountability under GDPR by showing that access to sensitive systems is controlled and monitored.

Practical steps to make better use of MitID logs

To turn MitID logs into a practical compliance tool, Danish businesses can take the following steps:

1. Map where MitID is used: identify all systems where employees, management or advisors log in with MitID (for example online banking, ERP, payroll, e-tax, e-Boks, sector portals).
2. Check logging capabilities: review with your software vendors and bank which MitID-related events are logged, how long they are stored and how they can be exported.
3. Align roles and access: ensure that each MitID user is linked to the correct role in each system, and that role changes are documented and logged.
4. Integrate logs into procedures: include the review of MitID logs in your internal control procedures, for example as part of monthly reconciliations or the year-end closing process.
5. Coordinate with your auditor: agree on a standard set of log exports that will be used as audit evidence, so you can prepare them efficiently each year.

MitID logs as part of a robust governance setup

For Danish companies, especially those with multiple owners, foreign directors or external accountants, MitID provides a transparent and reliable way to document who has done what in the company’s digital environment. When combined with clear access policies, up-to-date user lists and regular log reviews, MitID logs become a central element of good governance, risk management and compliance.

By actively using MitID-based audit trails, your business not only meets legal requirements, but also strengthens trust with banks, authorities, auditors and business partners.

Conclusion-like Thoughts on MitID for Danish Businesses

MitID represents a revolutionary advancement in digital identity verification, making it an essential component for businesses operating in Denmark. With increasing demands for security, compliance, and efficiency, adopting a platform like MitID can substantially benefit organizations. By ensuring higher customer trust, streamlined operations, and improved user experience, MitID is not just an identity solution but a strategic partner in the digital age. Embracing this technology enables business in Denmark to thrive, adapt, and succeed amidst the rapidly evolving digital landscape.