Across Europe, a quiet revolution in digital identity is accelerating. With the enforcement of eIDAS 2.0 in 2024 and the rollout of the European Digital Identity Wallet (EUDI Wallet) by 2026, the way individuals and organizations prove who they are and how institutions verify them, is about to fundamentally change.
But this isn’t just another compliance update. It’s a structural shift that will redefine trust, data exchange, and the economics of onboarding. And it raises an important question for every regulated organization: Are we designing our systems for compliance or for trust?
The original eIDAS Regulation (EU 910/2014) gave Europe its first cross-border legal framework for electronic identification and trust services. Yet it was still a federation of national solutions, often siloed and uneven in adoption.
Enter eIDAS 2.0 (Regulation (EU) 2024/1183): It introduces the EUDI Wallet, a secure and standardized digital wallet that will allow every EU citizen and business to store and share verified identity attributes—everything from diplomas to professional licenses, payment data, and digital signatures.
By December 2026, every Member State must make at least one wallet available.
By December 2027, major public and private relying parties—banks, telecoms, energy providers, and others—must accept it for strong authentication.
Although this timeline is extremely short given the current implementation progress across EU, and a tacit extension is — likely and unofficially — expected by the majority of stakehodlers, it does more than mandate adoption; it establishes a new trust fabric across Europe’s digital economy.
For decades, Know-Your-Customer (KYC) and Anti-Money Laundering (AML) frameworks have lived in parallel with trust service regulations. One focused on risk mitigation, the other on technical assurance.
eIDAS 2.0 and the forthcoming Anti-Money Laundering Regulation (AMLR) change that dynamic:
Together, these frameworks are converging into a shared identity infrastructure: a world where a Qualified Electronic Attestation of Attributes (QEAA) issued under eIDAS could also satisfy AML verification requirements.
That means onboarding no longer starts with “collect documents” but with “verify attributes”—securely, digitally, and under the user’s control.
The EUDIW isn’t just a new identity tool; it’s a potential compliance accelerator. With the right architecture, wallets can:
In other words, trust becomes portable. But this portability challenges established models:
If attributes are qualified and verified at issuance, where does the accountability for continuous due diligence reside?
Can financial institutions rely on third-party attestations without duplicating verification steps?
And who governs the liability chain when a wallet-based identity is accepted across borders?
These are not technical but rather, strategic questions.
eIDAS 2.0 references 3 Levels of Assurance (LoA): low, substantial, high.
The challenge for digital onboarding designers is not only meeting these levels but doing so without introducing friction.
At SpearIT, we see a shift toward assurance-by-design rather than compliance-by-checklist.
That means integrating digital identity verification, trust services, and AML compliance into a seamless flow—built around user experience and regulatory interoperability.
As regulatory streams such as PSD3, MiCAR, and AMLR evolve alongside eIDAS, onboarding systems will need to orchestrate multiple trust anchors: wallets, certificates, attestations, and risk models.
The organizations that thrive will be those that view compliance as a design principle, not a barrier.
This convergence also calls for a new skill set—professionals fluent in both the technical and regulatory languages of trust.
Roles like Digital Trust Engineer, Identity Proofing Specialist, and Qualified Trust Services Manager will need to understand how eIDAS frameworks interact with AMLR and national supervisory regimes.
Training, credentialing, and cross-border recognition of these roles will be vital to scaling this ecosystem.
To this end, SpearIT is especially proud to be a supporter of the vendor-neutral, public-interest mission of the Digital Trust Center of Excellence, through its subject-matter experts who contribute to the efforts of the credentialing organization in developing a series of professinoal certifications for the digital identity and trust services workforce.
Ultimately, EU’s trust infrastructure will only be as strong as the professionals who build and govern it.
As eIDAS 2.0 moves from legislation to implementation, one principle stands out: trust is no longer an afterthought—it’s an architecture.
The organizations that adapt early—by embedding wallet interoperability, qualified attestations, and assurance-based onboarding—will not just meet compliance deadlines; they will define the new standard of digital trust.
So perhaps the question we should ask isn’t how do we comply with eIDAS 2.0?
It’s how do we use eIDAS 2.0 to build the next generation of trustworthy digital ecosystems?
