On 26 March 2026, the German Federal Ministry for Digital Affairs and State Modernisation published a draft bill for a Digital Identity Act (DIdG). The draft serves to implement the eIDAS Regulation at national level, as amended by Regulation (EU) 2024/1183, thereby further specifying the legal framework for the introduction of the EUDI Wallet in Germany. However, the draft does not merely supplement the requirements of the eIDAS Regulation. It also contains autonomous provisions of particular relevance to the financial sector, especially regarding the use of the EUDI Wallet as an identification instrument and the integration of existing payment instruments into the EUDI Wallet.
Table of Contents
The core element of the draft is the introduction of the Act implementing the European law provisions on the European Digital Identity Wallet (Gesetz zur Durchführung der unionsrechtlichen Vorschriften über die Europäische Brieftasche für die Digitale Identität, EBDIG-RefE). This article provides an overview of the provisions of particular relevance to the financial sector, namely Sections 15–18 and 21 EBDIG-RefE.
EUDI Wallet as an electronic identification means
- Section 15 EBDIG-RefE contains provisions on the use of the EUDI Wallet as an electronic identification means in a national context and complements the directly applicable requirements of the eIDAS Regulation.
- Section 15(1) EBDIG-RefE provides that the legal effects pursuant to Article 5f(1)–(3) of the eIDAS Regulation also apply to purely domestic situations. In our view, this provision is primarily clarificatory in nature, as there are strong arguments that Article 5f(1)–(3) eIDAS is not limited to cross-border scenarios in any case.
- Section 15(2) EBDIG-RefE ensures consistency with existing national eID procedures by providing that the EUDI Wallet may be used wherever the electronic proof of identity under the German Identity Card Act, the eID Card Act or the Residence Act is currently used, unless more specific statutory provisions provide otherwise.
In this context, questions arise regarding the relationship of this provision with the German Anti-Money Laundering Act (GwG). Pursuant to Section 12(1) sentence 1 no. 4 GwG, the identification of a natural person is permissible on the basis of an electronic identification system notified under Article 8(2)(c) in conjunction with Article 9 of the eIDAS Regulation. There are strong arguments that this also includes AML identification using the EUDI Wallet. Based on this view, the existing legal framework already provides a basis for using the EUDI Wallet for AML identification purposes, without the need to rely on Section 15(2) EBDIG-RefE. Nevertheless, the draft does not explicitly address this, as it leaves Section 12 GwG unchanged and merely amends Section 8(2) GwG. For reasons of legal certainty, it would be desirable to include an explicit clarification in the wording of Section 12 GwG.
Beyond mere identification, Section 15(3) EBDIG-RefE addresses the use of the EUDI Wallet in representation scenarios. This is already envisaged in the eIDAS Regulation and is further specified by this provision. In essence, Section 15(3) assigns responsibility for managing powers of representation to users and clarifies that proof of representation must be provided via electronic attribute attestations. In banking practice, this corresponds to the well-known distinction between identification and verification of representation, which can now be standardised and digitised.
The use of the EUDI Wallet is not limited to AML identification. The explanatory memorandum to Section 15 EBDIG-RefE clarifies that it may also be used for strong customer authentication under Section 55 of the German Payment Services Supervision Act (ZAG). The use of the EUDI Wallet in both identification and authentication processes opens up significant potential for process optimisation and efficiency gains for financial institutions.
Issuance of electronic attribute attestations
Section 16 EBDIG-RefE primarily concerns the user’s right to obtain electronic attribute attestations from public authorities. This provision is of indirect importance to the financial sector, as it creates the basis for standardised, digitally verifiable evidence that can be used in onboarding and KYC processes.
Integration of payment instruments into the EUDI Wallet
Section 17 EBDIG-RefE allows existing payment instruments of the user—such as payment cards or online payment services—to be integrated into the EUDI Wallet.
The legislator deliberately limits itself to integrating already existing payment instruments; the EUDI Wallet itself is not designed as an independent payment instrument.
At the same time, the integration is subject to substantive limits: it is inadmissible if it impairs the functionality or security of the EUDI Wallet or otherwise creates unreasonable risks for users or legal transactions. In addition, the intended integration must be notified to the Federal Office for Information Security (BSI) at least three months before it becomes operational.
From a practical perspective, it is particularly noteworthy that Section 17 EBDIG-RefE does not provide a conclusive regulatory classification under payment services law. In particular, it remains unclear whether and under what conditions the integration of payment instruments into the EUDI Wallet qualifies as a payment service within the meaning of the ZAG. This must be assessed on a case-by-case basis. The explanatory part of the draft EBDIG-RefE clarifies that existing supervisory requirements remain unaffected.
The specific design of the integration of payment instruments into the EUDI Wallet is left to contractual arrangements between the parties involved. This applies in particular to the delineation of responsibilities and liability issues.
Section 20 EBDIG-RefE authorises the legislator to lay down more detailed requirements for the integration of payment instruments into the EUDI Wallet by way of statutory instrument.
Regulatory sandbox clause
Section 21 EBDIG-RefE contains a broadly framed regulatory sandbox clause, allowing the Federal Ministry for Digital Affairs and State Modernisation to permit temporary deviations from and additions to the national legal framework.
This clause also includes the possibility of testing additional methods of user identification and authentication for the initial set-up of an EUDI Wallet, as well as extended functionalities of the wallet. It also opens the possibility of issuing personal identification data to natural persons from a minimum age of 12, provided that a corresponding risk assessment supports this.
The provision thus creates a regulatory testing environment intended to facilitate the further development of the EUDI Wallet ecosystem. However, the question arises as to the extent to which financial institutions will adapt their processes on the basis of the sandbox clause. Given the temporary nature of the testing arrangements and the associated legal uncertainties, this will require careful consideration by financial institutions.
Conclusion and outlook
The EBDIG-RefE further specifies the Union law framework for the EUDI Wallet and translates it into a national context.
- Section 15 EBDIG-RefE in particular structures the use of the EUDI Wallet as an electronic identification instrument and ensures its integration into the existing national identification regime.
- The provisions in Section 17 EBDIG-RefE on the integration of payment instruments address a key use case for the financial sector, but leave significant questions open, particularly with regard to payment services regulation as well as issues of responsibility and liability.
- While the sandbox clause in Section 21 EBDIG-RefE opens up additional scope for innovative use cases, it is to be expected that its practical relevance for financial institutions will remain limited due to the temporary nature of the testing arrangements and the associated legal uncertainties.
Overall, the EBDIG-RefE establishes a structural framework whose practical implementation will largely be shaped by sector-specific regulation, supervisory practice and contractual solutions.
The draft DIdG is currently in the consultation phase with the German federal states and relevant associations. Comments may be submitted until mid-April 2026. It remains to be seen to what extent the need for clarification identified in the financial sector will be addressed in the further legislative process. Following the evaluation of the comments, a revised government draft is expected before the parliamentary procedure is initiated.
