The EUDI Wallet and the RegTech Reckoning: What Europe's Digital Identity Shift Means for Compliance

By Jan Szajda - CEO, IDENTT

For years, identity verification in Europe has been a patchwork of national systems, fragmented standards, and inconsistent user experiences. A KYC process that satisfies regulators in one member state may require costly duplication in another. This is the landscape that the EU Digital Identity Wallet (the EUDI Wallet) is designed to transform.

Established by Regulation (EU) 2024/1183, which entered into force in May 2024, the EUDI Wallet is a legal mandate: every EU member state must make at least one certified wallet available to citizens by December 2026. By December 2027, regulated sectors, including banking, financial services, telecommunications, and others, must accept it as a valid method of strong customer authentication. The EU's Digital Decade target: 80% of citizens using a digital identity solution by 2030.

For the RegTech community, these are not aspirational milestones. They are operational deadlines, and the window to prepare is narrowing.

What Changes for KYC and AML

The compliance implications are significant. At its core, the wallet introduces selective disclosure: users can prove a specific attribute, such as age, residency, or a professional licence, without sharing any unnecessary personal data. This privacy-by-design approach, built on W3C Verifiable Credentials and the OpenID4VP protocol, fundamentally changes how identity evidence is gathered and verified.

Under the new Anti-Money Laundering Regulation (AMLR, EU 2024/1624), Qualified Electronic Attestations of Attributes (QEAAs) issued via the EUDI Wallet are explicitly recognised as valid for Customer Due Diligence. Wallet-based credentials are reusable: once verified, periodic KYC refreshes and enhanced due diligence reviews no longer require starting from scratch. Cross-border standardisation means the same credential that satisfies a Polish bank also satisfies a Dutch payment provider, without additional friction or duplication. Stronger audit trails and reduced manual handling are further operational gains.

The Challenges Cannot Be Ignored

The potential is real, but so are the obstacles. The EUDI Wallet ecosystem is still being built: implementing acts continue to be published. Member state readiness varies considerably. Countries with mature national eID infrastructure, such as Poland, where the mObywatel app has over 18 million downloads and was among the first to participate in the EUDI Wallets Launchpad pilot in Brussels, are well-positioned. Others face steeper technical and institutional challenges.

There is also the cold start problem: businesses have limited incentive to integrate digital IDs until users adopt them, and users have limited reason to adopt until services support them. The mandatory acceptance deadlines are designed to break this deadlock, but the transition will be uneven. Critically, the EUDI Wallet is not automatically AML-ready. A recent analysis following the EU's Implementing Act on remote onboarding noted that the wallet shifts the debate from the absence of rules to how eIDAS 2.0, AMLR, assurance levels, and identity proofing must be coordinated in practice. The three assurance levels in the eIDAS framework (Low, Substantial, and High) do not map precisely onto PSD2's Strong Customer Authentication requirements. These are solvable gaps, but they demand deliberate work.

What RegTech Firms Should Do Now

The strategic posture should be one of active preparation. Four priorities stand out.

Register as a relying party.

Begin engagement with your national eIDAS 2.0 authority now. Understanding registration and certification timelines is a foundational step before the December 2026 deadline.

Audit existing identity workflows.

Map current onboarding and KYC processes against the wallet architecture: where do they align or diverge from ISO/IEC 18013-5, W3C Verifiable Credentials, and the Architecture and Reference Framework (ARF)?

Review data minimisation practices.

The wallet is built around collecting only what is strictly necessary. Organisations gathering more than compliance requires should adapt now, before integration becomes urgent.

Plan for a hybrid period.

The EUDI Wallet will complement, not immediately replace, existing verification methods. Systems must handle multiple authentication channels simultaneously during transition.

A Structural Shift, Not a Feature Update

The regulatory convergence now underway, spanning eIDAS 2.0, AMLR, AMLD6, PSD3, and MiCAR, is not coincidental. The EU is constructing an integrated digital trust infrastructure, and the EUDI Wallet is its centrepiece. The compliance community often  encounters regulation as a burden to absorb. The EUDI Wallet offers something different: the possibility of building compliance processes that are genuinely faster, more privacy-respecting, and more cost-efficient than what exists today. That opportunity is real; but it depends on how well industry engages with the transition, and the deadlines will not move.

About IDENTT 

IDENTT is a Wrocław-based company specialising in AI-driven identity verification, document authentication, and KYC solutions. With full integration access to the mObywatel platform and active involvement in eIDAS 2.0 and EUDI Wallet implementation across Europe, IDENTT is at the forefront of digital identity innovation.