eIDAS 2.0 Across EU-27: Implementation Status Eight Months Before the Deadline

On 2026-12-24, every Member State of the European Union is obliged to issue at least one European Digital Identity Wallet to its citizens, residents, and businesses. That date, fixed in Article 5a of Regulation (EU) 2024/1183 ¹, is the single most-referenced milestone in European digital-identity policy. It is also, read carefully, a deadline for notification (for having at least one wallet certified, listed, and available), not a deadline for continent-wide functional interoperability.

Eight months out, the landscape is heterogeneous. Some Member States run national wallets in production and will relabel them as EUDI-compliant. Others have beta programmes limited to a single use case. A third group has not yet disclosed a delivery plan. Meanwhile, the regulatory plumbing (roughly forty Implementing and Delegated Acts the Commission is tasked with adopting) only closed its largest packages in the second half of 2025. The parts of eIDAS 2 that matter most for business-identity verification, particularly the legal-person wallet and Qualified Electronic Attestations of Attributes for companies, sit on a longer clock than the consumer wallet.

What follows is the state of play as of April 2026: who is ready, which acts have landed, and what the December 2026 moment actually delivers for cross-border business identity.

The deadline, precisely

Regulation 2024/1183 amended the 2014 eIDAS framework and entered into force on 2024-05-20 ¹. The headline obligation in Article 5a(1) is that each Member State "shall provide at least one European Digital Identity Wallet" within 24 months of the adoption of the relevant implementing acts — a construction that ties the calendar to both the regulation's own timeline and the Commission's subsequent rulemaking. The European Commission's operational guidance fixes the deadline at 2026-12-24 ².

Two adjacent dates matter. Public-sector relying parties must accept notified wallets from the same 2026-12-24 cutoff. Mandatory acceptance by private-sector actors in regulated industries (banks, telcos, large platforms) follows later under sectoral transition rules, with most private-sector obligations landing in late 2027 rather than end-2026 ³. The distinction matters: what is mandated on the deadline is issuance and public-sector acceptance, not end-to-end private-sector adoption.

Three tiers of readiness

Member States sit in three visibly different positions eight months before the deadline. The grouping below covers the publicly disclosed cases; a full EU-27 census is not possible from public sources because several smaller states have not released delivery plans.

Tier 1 (production or near-production) covers France, Italy, Poland, Germany, and Sweden. France Identité has been live as a national eID since 2022 and is progressively being upgraded toward EUDIW conformance ⁴. Italy's IT-Wallet has been in public beta since October 2024, issuing the driving licence, the health card, and the European Health Insurance Card through the public IO app ⁵. Poland's mObywatel application reached production in 2023 for national use cases and is now the basis of its EUDIW track ⁶. Germany and Sweden entered beta programmes in early 2026.

Tier 2 (limited scope or delayed) is where the gap between "notified by the deadline" and "functionally broad at the deadline" becomes visible. Denmark's AltID is scheduled for spring 2026 but will launch as an age-verification-first wallet, with broader identity features deferred ⁷. The Netherlands and Malta have signalled partial launches.

Tier 3 (not publicly started or status unclear) includes Bulgaria, flagged in Commission monitoring, and several smaller states without a disclosed national wallet strategy. Analyst coverage assessing the deadline has concluded that a homogeneous EU-wide launch on 2026-12-24 is unlikely; what arrives is a first wave of compliant or near-compliant launches with varying functional breadth ⁸.

The Implementing Acts stack — still closing

A Member State cannot certify a wallet until the rulebook that wallet conforms to is final. Regulation 2024/1183 authorises the Commission to adopt roughly forty Implementing and Delegated Acts covering conformity assessment, interoperability, risk policies, trusted lists, and the specifications of each new trust service. Adoption has been concentrated in the second half of 2025.

The July 2025 package brought seven Implementing Regulations on trust services into the Official Journal ⁹. Implementing Regulation (EU) 2025/1944, published on 2025-09-29, set the reference standards for qualified electronic registered delivery services ¹⁰. On 2025-10-27 three further Implementing Acts landed — Regulations 2025/2160 (risk policies for non-qualified trust services), 2025/2162 (accreditation of conformity-assessment bodies and the conformity-assessment scheme for qualified trust service providers), and 2025/2164 (amending Implementing Decision 2015/1505 on the common template for trusted lists) ¹¹. The Qualified Ledgers Implementing Act was scheduled for 2025-12-16 ¹².

The practical consequence is timing. Conformity-assessment bodies could not complete formal assessments of candidate wallets until the October 2025 acts were in force, giving roughly fourteen months between final rulebook and the December 2026 deadline. For a new trust-service category, that is tight.

The expanded trust-services catalogue

Before eIDAS 2, the EU Trusted List catalogued roughly 200 qualified trust service providers across electronic signatures, seals, timestamps, website authentication, and registered delivery ¹³. Regulation 2024/1183 adds three new categories.

Qualified Electronic Attestation of Attributes (QEAA) is a trust service dedicated to attesting facts about natural or legal persons — for example, a company's VAT identifier, its registered address, the scope of its operating licence, or the mandate of a named representative ¹⁴. Only a qualified trust service provider can issue a QEAA; the legal weight of the attestation is equivalent to a paper original ¹⁵.

Qualified Electronic Archiving covers long-term preservation of signed documents under legally recognised integrity guarantees.

Qualified Electronic Ledger is the newest category and the one where implementation is least mature. It provides legal certainty for records held on distributed ledger infrastructure, with a governmental trust anchor — in practice, the European Blockchain Services Infrastructure operated by the Member States via EDIC/Europeum is the reference substrate ¹⁶. The Implementing Act arrived only at the end of 2025 ¹².

As of April 2026 the QEAA and Qualified Ledger categories are formally open but thinly populated on the Trusted List. Most existing QTSPs are scoping their conformity-assessment work against the new categories rather than running them at scale.

The legal-person wallet and what it means for business identity

The business-identity parts of eIDAS 2 sit on a different clock than the citizen wallet. Article 5a of the regulation covers natural persons first; the legal-person wallet (a wallet held and controlled by a company or legal entity rather than by a named individual) is a distinct notification track. Several Member States are sequencing it explicitly after the citizen wallet ships, treating it as Phase 2 of national delivery.

The shape of this track matters for cross-border Know Your Business (KYB) workflows, which are currently the most fragmented part of European identity practice. A KYB check on a German GmbH from a Spanish bank today involves manual review of Handelsregister extracts, tax-authority confirmations, beneficial-ownership filings, and in many cases notarised translations — with no common machine-readable standard across the 27 national registers.

Under eIDAS 2, the intended architecture is that the company's legal-person wallet holds a set of Qualified Electronic Attestations of Attributes, each issued by a QTSP against an authoritative source — typically the national commercial register for identity and representation data, the tax authority for VAT registration, a professional body for sector-specific licences, and so on. A cross-border relying party can then request presentation of the specific attributes required for its compliance check and receive cryptographically verifiable credentials in a standard format (OID4VP / OID4VCI per the Architecture and Reference Framework ¹⁷).

What this produces on 2026-12-24 is the trust chain, not the finished workflow. For the chain to function cross-border, three things need to be true simultaneously: the issuing QTSPs for legal-person attributes must be certified and operational in each Member State; the receiving wallets must be able to consume legal-person credentials, not only natural-person ones; and the relying-party interoperability layer must be deployed by the consuming institution. As of April 2026, no Member State has all three in production for outbound legal-person credentials, and the interoperability specifications for legal-person flows are still being finalised in working groups.

The implication for anyone designing KYB tooling between now and 2028 is practical. eIDAS 2 does not replace the commercial-register landscape in December 2026; it starts to build a parallel, credential-based pathway alongside it. For the next two to three years, most cross-border business-identity verification will continue to rely on the existing register infrastructure, with the eIDAS 2 trust chain gradually adding optional verified attributes.

What the Large Scale Pilots leave behind

Between 2023 and 2025, four Large Scale Pilots tested EUDIW use cases across 26 Member States plus Norway, Iceland, and Ukraine, with more than 350 public- and private-sector participants on roughly €46M of EU funding ¹⁸. POTENTIAL covered governmental services, banking, telecommunications, driving licences, electronic signatures, and health. NOBID tested payment authorisation across the Nordic and Baltic countries with Italy and Germany, and formally concluded its pilot work in early 2026 ¹⁹. EWC focused on Digital Travel Credentials and continues in a narrower scope. DC4EU worked on educational and social-security records.

Two new Large Scale Pilots launched in late 2025 to bridge the pilot-to-production transition, including the Aptitude consortium. The institutional lesson from the first four pilots is visible in the focus of the second wave: less about proving use-case feasibility and more about wiring production-grade conformity, scale, and cross-border handover.

Realistic outlook

The December 2026 moment is the start of the compliance window, not its endpoint. What to expect on the date:

None of this reduces the significance of 2026-12-24. It is the switch from "voluntary pilot" to "regulated obligation" for Member States, and the start of a compliance window that runs for at least two years. Anyone buying or building identity infrastructure over that window should plan against three separate delivery curves (wallets, trust services, legal-person credentials), not one deadline.

References

Footnotes

1. European Parliament and Council, "Regulation (EU) 2024/1183 amending Regulation (EU) No 910/2014 as regards establishing the European Digital Identity Framework," Official Journal of the European Union, 30 April 2024. Verified at https://eur-lex.europa.eu/eli/reg/2024/1183/oj, April 2026. ↩ ↩²

2. European Commission, "European Digital Identity (EUDI) Regulation," DG CONNECT policy page. Verified at https://digital-strategy.ec.europa.eu/en/policies/eudi-regulation, April 2026. ↩

3. European Commission, "Questions & Answers on Trust Services under the European Digital Identity Regulation." Verified at https://digital-strategy.ec.europa.eu/en/faqs/questions-answers-trust-services-under-european-digital-identity-regulation, April 2026. ↩

4. République française, "France Identité," official service portal. Verified at https://france-identite.gouv.fr, April 2026. ↩

5. PagoPA S.p.A. and Ministero dell'Economia e delle Finanze, "IT-Wallet nell'app IO." Verified at https://io.italia.it, April 2026. ↩

6. Ministerstwo Cyfryzacji, "mObywatel — aplikacja mObywatel." Verified at https://www.gov.pl/web/mobywatel, April 2026. ↩

7. Digitaliseringsstyrelsen, "AltID — digital identity for Denmark." Verified at https://digst.dk, April 2026. ↩

8. Biometric Update, "Will the EUDI Wallet be ready in 2026? Experts say probably not," December 2025. Verified at https://www.biometricupdate.com, April 2026. ↩

9. Cryptomathic, "eIDAS 2.0 Implementing Acts: Clear Compliance Guidance for Trust Providers," summary of the July 2025 package. Primary texts in OJEU. Verified at https://www.cryptomathic.com, April 2026. ↩

10. "Commission Implementing Regulation (EU) 2025/1944 of 29 September 2025," Official Journal of the European Union. Verified at https://eur-lex.europa.eu, April 2026. ↩

11. "Commission Implementing Regulations (EU) 2025/2160, 2025/2162 and 2025/2164 of 27 October 2025," Official Journal of the European Union. Verified at https://eur-lex.europa.eu, April 2026. ↩

12. ETSI, "eIDAS 2 Electronic Ledgers," CEN/ETSI workshop materials, September 2024; Implementing Act scheduled 16 December 2025. Verified at https://docbox.etsi.org, April 2026. ↩ ↩²

13. European Commission, "EU/EEA Trusted List Browser." Verified at https://eidas.ec.europa.eu/efda/tl-browser/, April 2026. ↩

14. Sproof, "What are Electronic Attestations of Attributes (EAAs)?" Verified at https://www.sproof.com, April 2026. ↩

15. Entrust, "What is eIDAS 2? Compliance Landscape." Verified at https://www.entrust.com, April 2026. ↩

16. Schwalm, Steffen, "The role of EBSI in eIDAS — how a qualified ledger with a governmental trust anchor could shape the eIDAS ecosystem," research paper, 2025. Verified at https://www.researchgate.net, April 2026. ↩

17. European Digital Identity Wallet project, "Architecture and Reference Framework," GitHub repository. Verified at https://github.com/eu-digital-identity-wallet/eudi-doc-architecture-and-reference-framework, April 2026. ↩

18. European Commission, "What are the Large Scale Pilot Projects." Verified at https://ec.europa.eu/digital-building-blocks/sites/spaces/EUDIGITALIDENTITYWALLET, April 2026. ↩

19. NOBID Consortium, "NOBID wraps up successful pilot under the European Digital Identity Wallet Programme." Verified at https://www.nobidconsortium.com, April 2026. ↩