On March 26, 2026, Verified sponsored the AML Arena in Helsinki.
On July 10, 2027, the new EU Anti-Money Laundering Framework, consisting of the 6th Anti-Money Laundering Directive (AMLD6) and the Anti-Money Laundering Regulation (AMLR), will take full effect. These rules will be overseen and harmonized by the newly established Anti-Money Laundering Authority (AMLA). The 2027 AML package introduces significantly higher penalties for non-compliance and stricter reporting mandates for Ultimate Beneficial Owners. A key shift is the requirement to identify any natural person holding an interest of 25% or more, while also accounting for individuals who exercise de facto control through voting rights, veto powers, or other means of influence within the organization.
Parallel to these reforms, the European Digital Identity (EUDI) Wallets will be introduced. The rollout begins with consumer-oriented apps provided by national governments, followed by the European Business Wallets (EUBW) for legal entities, expected between 2028 and 2029. Operating under the eIDAS 2.0 framework, these wallets enable both individuals and businesses to share verified identity data and attributes securely in the form of Electronic Attestation of Attributes (EAA). This creates a standardized, auditable environment for cross-border data exchange, significantly reducing friction in digital transactions.
Standardization as the Catalyst for Digital Trust
The standardization of data sets is the cornerstone of a functional digital ecosystem for sharing regulation driven information. Whether acting as a customer or a supplier, individuals and legal entities must share regulatory data, such as KYC attributes under AMLR, risk metrics under DORA or sustainability metrics under CSRD/ESG, with their counterparties.
The needed data points required by the customers or suppliers remain the same for the basic use cases when mirroring against the mentioned regulations. Establishing standard and unified data sets is essential for making digital wallets an attractive tool for both consumers and corporations. This shift is critical when reducing friction in customer onboarding and supplier assessment by allowing the counter-party to reuse their data sets. Key benchmarks for this evolution include the Open Insurance initiative and earlier the BIS (Bank for International Settlements) guidelines for digital KYC in bank account opening, both of which demonstrate the necessity of harmonized data protocols.
Balancing Standardization with Contextual Risk Data
While standardization provides the foundation, regulatory compliance often demands the exchange of unique data points. Driven by a risk-based approach, these requirements frequently arise during Enhanced Due Diligence or specific vendor assessments under DORA. To be effective, the digital wallet framework must support the sharing of both standardized identity attributes and bespoke, context-specific data points. This flexibility is essential for accommodating the nuanced information needs of regulated entities without compromising the efficiency of the digital ecosystem.
Formally the standardization means defining Attestation Rulebooks and Schemes within the Digital Wallet ecosystem for AML regulation driven use cases such as opening a bank account, which is currently under construction.
GRC WATCH by Verified has worked for ten years to standardize the questionnaires and data sets around the mentioned regulations to make it easy for the customer and supplier to reuse the information facilitating easy profile sharing without having to answer long unique questionnaires. Verified offering from automated AML screening to secure digital signatures covers also the composition of reusable data sets for our customers including secure storage and portability.
AUTHOR
Antti Kela is a Senior Account Executive with 25+ years of experience in digital transformation, digital identities, customer onboarding and payments. For the last 7 years his focus has been on the KYC & AML domain. He is a Certified Anti-Money Laundering Specialist (CAMS) and holds an Advanced Certification in practical Customer Due Diligence and a Certificate in Building a Sanctions Compliance Program.
VERIFIED
Want to hear more? Access tons of free and paid courses exploring the next chapter in banking, insurance and finance at the Digital Banking Academy!
