Arnas Lasys
AcrossLimits
Opening a financial account is now as simple as downloading an app, yet the very first step, proving who you are, can still make or break the customer journey. Across Europe, friction at onboarding remains stubbornly high: Signicat’s consumer study found that 68% of people abandoned at least one financial application in 2022, an increase from 2020 when it stood at 63%, citing cumbersome checks and privacy worries. That results in a direct hit to the potential customer base, and as a result raises acquisition spending. At the same time, the cost of fighting financial crime keeps climbing; LexisNexis estimates Europe, the Middle East and Africa financial institutions alone now spend about $85 billion annually on compliance, a figure that continues to rise as regulations tighten and fraudsters evolve. Together, these pressures explain why digital identity has become a board-level concern for FinTechs and their investors.
The EU has spent the last several years working toward building a common foundation for trustworthy, privacy-preserving digital identity. The 2024 revision of the eIDAS framework establishes the legal basis for a European Digital Identity (EUDI) Wallet that citizens, residents and businesses can use to prove their identity and share verified attributes online, including with private services. Wallet use is ultimately voluntary and it is intended that users retain full control of the data they disclose two principles that matter enormously for consumer trust and for meeting GDPR expectations. Every Member State is obliged to make at least one wallet available by late 2026. The Commission has already funded large-scale pilots to test payments, mobile driver’s licences, and education credentials. For FinTechs eyeing cross-border growth, a standards-based, certified identity primitive is a major simplifier.
In its public Q&A, the Commission noted that the policy direction is that service providers legally obliged to identify customers (a category that includes many financial services) will be obliged to accept the wallet for authentication, and to present it as an option for potential customers, therefore, reducing the fragmentation that plagues today’s onboarding. The EUDI ecosystem builds on verifiable credentials (e.g., name, date of birth, address, professional qualification) that a user can store in a wallet and present to a service provider. Because credentials are machine-verifiable and revocable, relying parties can check authenticity without forcing customers to upload raw documents every time.
For FinTechs, if a prospective customer can authenticate and share verified attributes from a wallet in seconds, the benefits include sign-up flows shrink, error rates fall, and abandonment drops, precisely the pain point called out by Signicat’s European research. Meanwhile, reusing high-assurance attributes across product lines (current account, savings, trading, lending) can lower repeated KYC checks and associated tickets, helping address related costs. For investors the main attraction is in increased efficiency and reduction in risk, facilitating scaling up.
The supervisory context continues to evolve rapidly to keep up with the changing dynamics. The European Banking Authority’s Guidelines on Remote Customer Onboarding have applied since late 2023, setting a clear indication for what “good” looks like in remote identity proofing, governance, and record-keeping. In parallel, the EU is establishing a new Anti-Money Laundering Authority (AMLA) in Frankfurt as part of a broader AML package adopted in 2024; among other things, which is to bring about more uniform rules and raising the bar for auditability across the Single Market. Wallet-based identity, cryptographically verifiable credentials, and consistent onboarding guidelines together point toward continuous, portable KYC.
Privacy and security considerations are paramount, and the framework addresses them explicitly. The regulation requires that issuance, use and revocation of the wallet be free of charge for natural persons, that users retain control, and that personal data related to the wallet be kept logically separate from any other data the provider holds unless the user requests otherwise. On the relying-party side, the new implementing acts introduce certification and assurance levels, so FinTechs can prefer certified wallets and issuers and layer them with device binding, liveness detection and behavioural analytics to counter deepfakes and synthetic identities. Taken together, these controls enable a privacy-by-design identity flow that is stronger than document scans and faster than manual review.
This development puts pressure on FinTech firms to start making their onboarding flows wallet-ready in markets where pilot wallets are maturing, mapping wallet attributes to customer due-diligence policy and documenting assurance levels as the EBA expects. It requires working closely with compliance and data-protection teams so implementation respects selective disclosure and minimises stored personal data. It also calls for ensuring that exception handling, when a wallet is unavailable, a credential is revoked, etc, does not trap legitimate customers in dead ends. And begin planning for cross-border reuse. The commercial benefits from a common EU identity building block is being able to scale into additional Member States without rebuilding KYC each time. None of this eliminates the need for transaction monitoring or device-risk analytics; rather, it allows allocating human review where risk is real instead of asking every customer to upload the same documents again and again.
Member States are expected to be preparing national wallet deployments in anticipation of the 2026 deadline. From 2027, acceptance obligations for sectors legally required to perform strong customer identification will further normalise the wallet experience for consumers. In parallel, the establishment of the AMLA and the application of the new EU AML Regulation will drive supervisory convergence. Together, these measures will benefit firms able to demonstrate consistent, explainable, and cross-border compatible identity workflows.
The winners in FinTech will be those who deliver frictionless onboarding with verifiable trust, who embed privacy by default, and who design for cross-border reuse from day one. With eIDAS 2.0 now in force, implementing acts adopted, a 2026 deadline for wallet availability, and harmonised standards anchoring interoperability, Europe has laid the foundations for exactly that kind of scale. It is now up to product teams and investors to seize the opportunity.