Feedback on the EU Business Wallet Initiative Call for Evidence

The European Commission requests feedback on the European Business Wallet initiative in a Call for Evidence for an Impact Assessment published in the ‘Have your say’ portal.
By encouraging public sector organisations to issue and accept digital credentials, the legislation will reduce administrative burden and enable better services for European businesses.
Focus on Credentials, Not Wallets
The core value of digital credentials—electronic attestations of attributes—lies in their ability to facilitate automated processing and verification. These capabilities enable businesses and organisations to significantly improve efficiency and trust in their digital transactions. When credentials are structured and machine-readable, they can be processed automatically. When digitally signed, their authenticity and integrity can be verified without manual intervention.
Digital wallets, or agents, serve as convenient tools for acquiring, managing, and sharing these credentials. Whether embedded in enterprise systems (such as ERP, HR, and CRM) or integrated via suitable protocols, these agents make credential use seamless for businesses. The specific form of the wallet is less important than the ability to participate in trusted digital interactions.
Prioritise Flexibility and Innovation
The legislation should prioritise flexibility in implementation. Allowing room for innovation will enable market dynamics to shape the most effective solutions. This ensures that businesses can adopt tailored approaches that align with their operational needs and strategic goals.
Regulate the Public Sector
Regulatory focus should be on empowering public sector organisations to issue and accept digital credentials. Businesses naturally adopt more efficient methods when incentivised by market forces. In contrast, public sector entities often require regulatory mandates to modernise. Ensuring public sector participation will accelerate adoption and interoperability across industries.
Enable Accountable Authorities
To ensure the reliability of digital credentials in business contexts, a robust trust framework is essential. While current eIDAS legislation focuses on natural persons, the initiative must also support credentials for legal entities, such as licences, certifications, and attestations. The credibility of these credentials depends on the authority and verifiability of their issuers.
Competent authorities should attest to the legitimacy of issuers. For example, a banking authority should confirm which organisations are licensed banks; a healthcare authority should validate healthcare providers; and an education authority should identify accredited institutions. This framework underpins real, verifiable trust.
Provide a Legal Framework, Not Software Design
The regulation should define the legal environment for trusted digital interactions, not prescribe technical implementations. Liability and accountability for credential issuers must be clearly defined to unlock the full benefits of verifiable credentials.
Interoperability is crucial. While it may be tempting to regulate technical specifications, the amended eIDAS regulation already provides sufficient guidance. Additional technical mandates could stifle innovation. The legislation should instead support the evolution of standards that respond to emerging business needs.
Policymakers and technical experts should focus on enabling automated agents to act on behalf of their owners in verifiable, multi-stakeholder transactions, creating new opportunities for businesses to engage in secure and efficient digital ecosystems.
Conclusion
The EU Business Wallet initiative has the potential to reduce administrative burden and improve regulatory compliance by fostering the use of digital credentials. By focusing on credentials, enabling public sector participation, and supporting a flexible trust framework, the initiative can unlock new opportunities for businesses to thrive in the digital economy, where authorisations and transaction outputs are not just documents, but dynamic, verifiable instruments of automation and trust.