The European Commission just proposed attaching a verified digital identity to every company operating across the EU.
The framework, called EU Inc., pairs a new pan-European corporate legal structure with something called the EU Business Wallet: a credential holding a company’s identity, ownership structure, and legal status, shareable with public authorities across all 27 member states on request.
The pitch is speed and simplicity. Under EU Inc., businesses can register anywhere in the EU within 48 hours for a maximum fee of €100. The Commission wants the European Parliament and Council to agree on the proposal by the end of 2026, with the full single market vision operational by 2028.
Commission President Ursula von der Leyen framed it as the opening move in something larger: “This crucial step is just the beginning. Our goal is clear: one Europe, one market, by 2028.”
Reclaim Your Digital Freedom.
Get unfiltered coverage of surveillance, censorship, and the technology threatening your civil liberties.
That goal has a data architecture attached to it that is a plan for something bigger.
The EU Business Wallet isn’t a filing cabinet for company documents. It creates a standardized, machine-readable identity layer for businesses, one that links verified corporate credentials to the individuals authorized to act on the company’s behalf.
The wallet builds on eIDAS 2, the regulation already requiring all 27 member states to provide digital identity wallets to citizens by the end of 2026.
The corporate credential and the individual credential tie together. A company’s legal structure, its beneficial owners, and the people signing on its behalf all become traceable through a chain of verified, shareable credentials.
The EU Business Wallet was first announced in November 2025 and isn’t yet fully operational.
The justification is administrative efficiency and anti-fraud. Cross-border registration harmonized across national registers. Compliance paperwork that stops getting lost at borders. These are real problems. The question, as always with identity infrastructure at this scale, is what gets built in solving them.
The playbook is recognizable. Governments that have struggled to sell digital identity schemes directly to citizens are finding a more compliant entry point: business. Make it a compliance requirement, frame it as anti-fraud, attach it to something people already have to do, and watch enrollment climb. By the time anyone objects at scale, the infrastructure is built, and the identifiers are issued.
The UK ran this experiment first, and recently, with company directors. From 18 November 2025, all directors or persons with significant control of a UK-registered company will be legally required to complete a digital identity verification check with Companies House.
The government estimates that 6 to 7 million individuals will need to verify their identity by mid-November 2026. The verification routes through GOV.UK One Login. Without a verified personal code, directors cannot file confirmation statements, appoint other directors, or update any company records. The system won’t let them proceed.
A flaw introduced during a Companies House system update in October 2025 left directors’ residential addresses, dates of birth, and email addresses potentially visible to other logged-in users for five months, the same five months the agency was enrolling millions of those directors into its mandatory identity verification system.
Companies House insists this doesn’t constitute a digital ID. The claim is technically careful and substantively hollow. A situation where directors must upload their passport or driving licence, and receive a persistent digital code linking them to their company record, is a state-controlled digital ID by any common-sense definition.
The British public had already noticed: a parliamentary petition against mandatory digital ID gathered almost 3 million signatures. That opposition formed around a separate national ID announcement, but the Companies House rollout was moving in parallel, mostly below the noise threshold. By the time the petition was making headlines, the director verification system had been running for weeks.
The justification in the UK was anti-fraud, specifically the Economic Crime and Corporate Transparency Act 2023, targeting shell companies and money laundering.
Fraud reduction doesn’t require universal enrollment of everyone who runs a business, from the director of a logistics company to the trustee of a local charity. Universal enrollment does. HMRC has since joined GOV.UK One Login, bringing the number of government services accessible through the platform to over 200. The Companies House requirement didn’t create this system. It populated it. Millions of verified identities, enrolled under a compliance obligation, now form the foundation for whatever One Login becomes next.
The EU Inc. proposal follows the same structural logic at the continental scale.
The scheme is technically optional. Companies don’t have to register under EU Inc. or use the wallet. For now. What isn’t optional is the compliance obligation that makes the verification necessary to access the benefits.
Once every public authority across 27 member states is set up to accept and request wallet-based credentials, the calculus for any business wanting smooth access to EU markets shifts considerably. Optional frameworks have a way of becoming the path of least resistance, then simply the path.
What’s being built, in both cases, is persistent verified identity at scale, enrolled through commercial obligation rather than civic choice. The UK version covers millions of company directors.
