Future of AML
Identification.
By July 10, 2027, the way financial institutions verify identities of their customers will fundamentally change. With the introduction of the EU’s new Anti-Money Laundering Regulation (AMLR) and the expansion of eIDAS 2, traditional identification methods will no longer be sufficient. These regulatory shifts will redefine compliance requirements across the EU, demanding new standards of assurance, interoperability and digital-first verification.
To stay ahead of these changes, bookmark this page – your single, continuously updated
source for all AMLR and eIDAS 2 developments.
WHAT’S CHANGING?
What’s new in AML?
Find out here.
AML LANDSCAPE
Today: Standardization of AML regulations.
Since the 2014 update, AML regulations across EU member states have become more aligned with international standards, including customer due diligence (CDD), suspicious activity reporting (SAR), beneficial ownership checks and recordkeeping. This has led to more consistent compliance obligations and improved cross-border cooperation.
However, significant national differences remain, resulting in a fragmented AML landscape. Specifically it includes:
- Political will
- Supervisory practices
- Sector-specific obligations
- Enforcement
- Technologies and adaptation to new threats
These inconsistencies also affect remote identity verification and cross-border services. Although eIDAS 1 aimed to support cross-border electronic identification, it saw limited adoption, especially in the private sector, making it difficult for banks to use it effectively for cross-border KYC.
Tomorrow: Harmonization of AML regulations.
By July 10, 2027, the EU will implement a fully harmonized AML framework through the AMLR and eIDAS 2, replacing today’s patchwork of national rules with a single, EU-wide compliance standard.
All identity verification processes will need to follow the uniform rules outlined in the regulation, removing the national exceptions that have fragmented AML efforts.
While the speed of implementation and the way rules are enforced may differ slightly between member states, these differences must align over time – and sector-specific obligations will no longer be an excuse for divergence. Harmonization does not eliminate political will or innovation in technology, but it does remove discrepancies that have led to inconsistent supervisory practices and regulatory uncertainty.
eIDAS 2 will serve as the foundation for digital identity across the EU, enabling secure, cross-border, AML-compliant identity verification. While eIDAS 2 does not define AML standards itself, it supports AMLR by providing the technical infrastructure for digital trust.
Together, these regulations aim to deliver a cost-efficient, secure, and standardized compliance framework for financial institutions, making cross-border financial services simpler, faster and more consistent across the EU.
COMPLIANT IDENTIFICATIONS
Trust Services:
Trust Services, as defined under eIDAS, ensure the security, authenticity and integrity of electronic transactions – and play a key role in identity verification going forward. Two core components, Qualified Electronic Signatures (QES) and Qualified Electronic Attestations of Attributes (QEAA), support high-trust, cross-border KYC.
How they support KYC compliance:
- QES is issued only after a verified identity check, providing legal proof of identity.
- QEAA offers certified, verifiable proofs of key identity attributes such as name, age, address, nationality, or authority to act on behalf of a business.
Banks can rely on QES and QEAA to meet stringent KYC and identity verification requirements without repeating verification steps.
National Electronic Identification (eID):
National electronic identification (eID) schemes with a Level of Assurance (LoA) High or Substantial are eligible for use in KYC processes across the EU.
eIDs at LoA High can be used for onboarding in regulated financial services, remote KYC, issuing Qualified Electronic Signatures (QES) or Qualified Electronic Attestations of Attributes (QEAA), and for onboarding to the European Digital Identity (EUDI) Wallet. Examples of national eIDs already at LoA High:
- France: France Identité
- Austria: ID Austria
- Italy: SPID (LoA High & Substantial)
- Germany: nPA (eID)
eIDs at LoA Substantial also play a significant role, particularly in scenarios where a high, but not the highest, level of trust is required. This includes many financial services, access to government portals, and customer onboarding where regulatory requirements specify Substantial rather than High assurance. Examples of national eIDs at LoA Substantial:
- Italy: SPID
- Sweden: BankID
- Spain: Cl@ve
- Belgium: itsme®
These eIDs will play a key role in enabling secure, cross-border identity verification under the new AML and digital ID framework.
European Digital Identity (EUDI) Wallet:
Under eIDAS 2, banks will be required to accept the European Digital Identity (EUDI) Wallets. The Wallet enables individuals to securely share verified identity data, eliminating the need for banks to perform a new identity verification process.
How it works for KYC & AML:
- Banks can request verified personal attributes (e.g. name, date of birth, nationality) directly from the Wallet.
- The Wallet supports authentication (e.g. login or identity check) and data sharing with full user consent.
- Identity data is already verified, allowing banks to meet stricter KYC and Customer Due Diligence (CDD) requirements efficiently.
Another key advantage of digital wallets under the EU Digital Identity (EUDI) framework is that it allows users to prove specific attributes (e.g., “I am over 18” or “I live in France”) without revealing unnecessary personal data (e.g. full date of birth or address). This enhances user privacy and control by enabling them to share only what is needed for a specific service, in line with privacy-by-design and data minimization principles mandated by regulations like the GDPR. This means services can verify eligibility or compliance without full identity exposure, which is especially useful in sectors like gaming, healthcare, or financial services where privacy and compliance must coexist.
This creates a secure, standardized, and cross-border solution for identity verification in financial services across the EU.
Trust services
Using Trust Services in KYC and AML.
Trust Services, as defined under eIDAS, ensure the security, authenticity and integrity of electronic transactions – and play a key role in identity verification going forward. For cross-border, high-trust transactions, two core components will be used to support secure identification:
- Qualified Electronic Signatures (QES) is issued only after a verified identity check, providing legal proof of identity.
- Qualified Electronic Attestations of Attributes (QEAA) offers certified, verifiable proofs of key identity attributes such as name, age, address, nationality, or authority to act on behalf of a business.
Banks and other regulated institutions can rely on QES and QEAA to meet stringent KYC and identity verification requirements without repeating verification steps.
Using QES for identity verification.
By July 10, 2027, Qualified Electronic Signatures (QES) will become a key method for identity verification under the new regulatory framework. QES ensures a secure, legally binding digital signature – issued only after a verified identity check – making it ideal for high-trust onboarding use cases. IDnow’s automated, expert-led and in-person solutions have already integrated QES into their flow to streamline compliance and enable remote customer onboarding that meets the highest regulatory standards now and tomorrow.
Using QEAA for identity verification.
By July 10, 2027, Qualified Electronic Attestation of Attributes (QEAA) will also serve as a compliant method for identity verification. As certified proofs of key identity attributes – such as name, birth, nationality, or address – QEAAs can be used to fulfill KYC and AML requirements. Integrated into IDnow’s solutions, they enable secure, cross-border onboarding and verification with high assurance, aligning with both eIDAS 2 and AMLR standards.
IDNOW SOLUTIONS
Future-proof identity verification with IDnow Trust Platform for total compliance.
IDnow is building the identity backbone for the eIDAS 2 and AMLR era, offering a powerful, interoperable identity platform that simplifies compliance and adapts to the evolving digital landscape.
The IDnow Trust Platform brings together digital wallets, national eIDs, trust services, and advanced fraud prevention in a unified solution – ensuring organizations can meet the highest standards of security and user convenience. By combining these elements, businesses can address a broad range of use cases and regulatory requirements through a single, integrated platform.
Select and combine the identity verification methods that best suit your business needs, and offer a flexible user experience where appropriate. Leverage integrated Qualified Electronic Signature (QES) for secure, legally binding authentication from the very start, all through one seamless integration.
Designed to support all onboarding methods no matter the industry or market, IDnow’s identity verification suite enables organizations to scale and adapt according to their specific risk appetite and regulatory requirements – offering a compliant, flexible, and holistic approach to identity verification with automated, expert-led, in-person and hybrid verification methods.
IDnow identity verification methods: Comprehensive, secure & future-proof.
IDnow offers a full suite of identity verification solutions designed to meet diverse business needs and regulatory requirements – whether automated, expert-led, or in-person. Our approach combines advanced AI technology, human expertise and robust hardware to deliver secure, compliant and seamless onboarding experiences.
- Automated identity verification leverages AI-powered document verification and biometric matching for fast, seamless, and secure identity checks. Chip-based document verification with NFC-enabled smartphones adds an extra layer of convenience and security, supporting remote KYC and ensuring AML compliance.
- Expert-led identity verification combines advanced technology with trained identity specialists via live video identification. This human-centric approach is particularly effective for complex or regulated scenarios and excels at recognizing subtle signs of social engineering – such as off-screen prompts, suspicious behavior, or repeated backgrounds – enhancing fraud prevention and ensuring the highest level of trust. It also supports users who are less digitally confident, providing reassurance and guidance throughout the process.
- In-person identity verification enables secure, on-site ID checks using advanced hardware to authenticate documents and match biometrics. This method is ideal for high-security or high-risk environments where face-to-face verification is required or preferred, ensuring maximum reliability and trust.
Across all methods, the integration of Qualified Electronic Signatures (QES) ensures strong legal certainty, robust assurance, and readiness for evolving regulatory demands. IDnow’s identity verification solutions empower businesses to confidently address a variety of risk profiles and compliance standards while delivering a secure and trusted customer experience.
FRAUD PREVENTION
Real-time protection against fraud threats.
IDnow’s AI-powered platform detects and stops fraud in real time, protecting your business without slowing it down. Our document verification engine checks over 3,700 ID types from 215+ authorities, using advanced OCR, MRZ, and security feature analysis to spot forgeries and tampering fast. At the biometric level, passive liveness detection blocks deepfakes, 3D masks, and injection attacks with no awkward user actions required. Behind the scenes, we cross-check signals like reused faces, devices, or identity data to uncover synthetic identities and fraud rings. Every verification is enriched with risk signals, from IP reputation to geolocation mismatches, ensuring threats are flagged early and genuine users move quickly.
Whether you need automated flows, manual reviews, or video verification, our dynamic platform flexes to your risk level, fast-tracking low-risk users and escalating high-risk ones. It’s intelligent security that keeps fraud out and conversion up.
