EUDI Wallets could be the trust layer agentic AI needs — but the law hasn't caught up yet

When AI moved from generating outputs to taking actions, it crossed a legal threshold most teams haven't noticed yet.

Generative AI produces text, images, summaries. You review it, decide what to use, and take action. The accountability chain is clear: a human made the call. Agentic AI is different. It books the meeting, submits the form, executes the transaction. Nobody reviewed that specific decision. The question shifts from "what did the AI produce?" to "who authorized it to act?" — and Europe's framework for answering authorization questions, eIDAS, wasn't built with software agents in mind. What digital identity is for in EU law

The European digital identity framework is built around one precise concept: legal actors. Under eIDAS, identity belongs to natural persons, legal persons, and authorized representatives acting on their behalf. Wallets, credentials, and mandates all operate within this structure. That structure assumes the holder can bear rights, obligations, and accountability.

AI agents can't. Under the EU AI Act, they're almost certainly classified as AI systems — tools deployed by an organization, operated under its responsibility. Not actors. Tools. That classification is why the authorization problem doesn't have a clean solution yet.

The EU Digital Identity Wallet — now rolling out across member states — works because it attaches to a recognized legal actor. A Business Wallet lets a company prove its attributes and issue delegations. That combination is powerful. But it was designed for human employees and organizational representatives, not for software making decisions at machine speed.

Acting on behalf of is a legal concept, not a UI feature

Here's where it gets complicated. The delegation model — where you authorize an agent to act within defined scope — sounds like it should work cleanly. In EU law, it doesn't. "Acting on behalf of" is a formal legal relationship. Mandates flow between legal persons. A company authorizes its employee. A person authorizes their representative. You can't grant a mandate to software the same way you grant one to a colleague.

When you delegate to an AI agent, you're configuring a tool. The legal responsibility stays with you — which is accurate, but it creates a documentation problem you probably haven't planned for.

If your agent executes a contract, submits a regulatory filing, or processes a payment: who authorized it, under what constraints, and how do you prove that after the fact? Not philosophically — practically. In a dispute. In a regulatory audit. In an incident review where a regulator asks to see the authorization chain. "The system was configured to do it" isn't an answer. It's the start of a very uncomfortable conversation.

The wallet model: close, but not there yet

Here's what's promising. EUDI Wallets, combined with verifiable credentials and the mandate framework taking shape in eIDAS 2.0, give you most of what you need technically.

The practical architecture: your organization holds a Business Wallet. Your agent operates under a credential issued from that wallet — a verifiable assertion of scope, authority, and duration. "This agent, deployed by Acme GmbH, is authorized to submit purchase orders up to €10,000 through Q2 2026." The agent doesn't have its own identity. It carries evidence of delegated authority from yours. That's the right model.

OAuth has done something similar for software systems for years. What EUDI Wallets add is standardization across EU member states, legal-grade credential formats, and interoperability with existing identity infrastructure. For enterprises operating across jurisdictions, that matters enormously. The problem isn't the technology. It's that mandates under current EU frameworks were designed for legal actors — and nobody has formally decided whether a verifiable credential issued to an AI agent constitutes a legally enforceable authorization.

That question is still open. Build on it with your eyes open.

What needs to change

Three things, in order of urgency.

The mandate framework needs explicit guidance on AI agents. The European Commission has started acknowledging agentic AI as a design consideration — its April 2025 analysis on leveraging EU regulatory assets for agentic AI adoption signals awareness of the gap — but the regulatory text hasn't moved. The eIDAS 2.0 implementing acts are still taking shape. This is the right moment to get agent mandates on the agenda, before the framework calcifies around assumptions that don't account for automated delegation.

You should start building for verifiable delegation now, before the regulatory clarity arrives. Using Business Wallets to issue scoped, time-bounded credentials for agent activity creates the audit trail you'll need — even if it's not legally required today. The OpenID Foundation's 2025 guidance on identity management for agentic AI and NIST's recent concept paper on identity and authorization controls both point in this direction. Building the infrastructure ahead of the requirement is how you avoid retrofitting governance into running systems under pressure.

Standards bodies need to close the gap between technical capability and legal recognition. The pieces exist — verifiable credentials, trust frameworks, wallet interoperability. What's missing is the formal acknowledgment that these mechanisms can carry legally meaningful delegations to automated systems. Without it, you're making a bet that your technical controls will hold up in a legal context that hasn't explicitly validated them. That bet may well pay off. But you should know you're making it.

Europe has the infrastructure. What it lacks is the legal plumbing that makes agent delegation enforceable when something goes wrong. And something will go wrong. The question is whether you can answer the authorization question when it does.

www.digitalidentity.blog/digital-identity/digital-identity-in-the-age-of-ai-agents