The premise
Across regulated industries, digital identity is moving closer to the centre of commercial strategy, shaping onboarding costs, fraud exposure, customer conversion, and cross-border operations.
Organisations embedding identity into their core infrastructure are already reducing onboarding friction, recovering lost revenue, improving conversion rates, and preparing for a regulatory environment that will increasingly favour portable, verifiable credentials.
Over the next five years, identity will become a more important operational dependency across financial services, telecommunications, digital assets, and emerging AI-driven ecosystems. Institutions that continue treating identity primarily as an administrative function risk falling behind those integrating it directly into customer journeys, transaction flows, and cross-company operations.
This paper explores where business value is emerging today, the structural pressures reshaping identity infrastructure through 2031, and the practical considerations executives should prioritise when evaluating deployment strategies.
Where business value is being created
The strongest commercial opportunities tend to emerge in environments with repeated verification, fragmented trust between institutions, and high operational friction. In those settings, portable cryptographic credentials can remove substantial amounts of duplicated effort.
Financial services currently provide the clearest examples because of its regulatory complexity, transaction volume, and reliance on trusted data exchange.
KYC portability
Today, customers repeat the same onboarding and identity verification process every time they engage with a new regulated institution. The verification itself is rarely the issue. The problem is that the result cannot easily be reused across institutional boundaries.
Verifiable Credentials change that dynamic. An accredited institution can issue a credential confirming that a customer has been verified, including when the verification took place, who performed it, and which standards were applied. Another institution can validate that credential within seconds without requesting the underlying personal data again.
The longer-term opportunity lies in cross-border portability. Mutual recognition agreements between regulators, beginning with jurisdictions that already maintain strong regulatory cooperation such as the EU and Singapore, could allow onboarding and lending to happen internationally without rebuilding compliance infrastructure in every market.
Verified caller identity
Banks and financial institutions making millions of outbound calls face a growing trust problem. Consumers increasingly ignore calls from unknown numbers, while fraudsters use AI-generated voice cloning to imitate legitimate organisations with increasing sophistication.
A digitally verified calling identity changes the interaction before the call is even answered. The receiving network can validate who is calling, which organisation they represent, and the purpose of the interaction before the phone rings.
Deutsche Telekom is currently trialling an enterprise-focused verified caller ID service built on Hedera. But the commercial impact extends beyond customer engagement. As synthetic voice fraud becomes more convincing, cryptographic proof of identity is likely to become one of the few trust mechanisms that remains reliable at scale.
Digital asset compliance
Tokenised assets such as digital securities, stablecoins, and tokenised real-world assets create new compliance challenges, particularly under regulations such as MiCA.
Traditionally, identity checks happen when a customer first opens an account. After that, transactions can usually move without further verification. Tokenised assets change this model because compliance increasingly needs to be checked during the transaction itself.
For example, before a tokenised asset is transferred, the system may need to confirm automatically that both the sender and the receiver are verified, authorised to hold the asset, and not subject to restrictions or sanctions. If those checks fail, the transaction does not proceed.
Embedding compliance directly into the transaction process allows institutions to handle much larger transaction volumes without needing compliance teams to grow at the same pace.
Agent identity
The rise of agentic AI introduces an entirely new category of identity challenge. While the market is still early, AI systems are increasingly expected to negotiate contracts, procure goods, and execute transactions across organisational boundaries with limited human intervention. Yet many organisations still rely on shared credentials and weak audit structures for these systems.
A 2025 Okta study found that 78 percent of organisations running AI agents in production use shared credentials, making it difficult to determine which agent performed which action.
The lack of proper guardrails for agentic activity creates both operational and legal risk. Autonomous systems operating across company boundaries require accountable identities, verifiable authority, and auditable decision trails.
The organisations that establish trusted credential frameworks for AI agents within their industries are likely to shape participation rules for the next generation of cross-company workflows.
Beyond financial services, similar patterns are emerging in telecommunications, supply chain operations, and industrial ecosystems where fragmented trust between organisations creates operational friction and audit complexity.
The challenge facing current identity infrastructure
Most identity systems in production today were designed for institution-centric environments where trust relationships are relatively static and predefined. Increasingly, that assumption no longer holds.
Transactions now move across jurisdictions, competitors, cloud environments, digital platforms, and machine-driven workflows where no single organisation is naturally trusted by every participant. At the same time, privacy expectations and regulatory requirements are making unrestricted data sharing progressively harder.
Agentic AI compounds the challenge further. AI systems interacting autonomously across organisational boundaries require neutral trust mechanisms, portable authority models, and auditability that cannot depend entirely on one central operator.
Decentralised identity infrastructure addresses many of these pressures by allowing institutions to verify credentials independently without routing requests through proprietary platforms. Individuals retain control over their personal information because only cryptographic proofs are exchanged rather than underlying data records. Governance can also be distributed across multiple independent parties rather than concentrated within a single institution.
As ecosystems become more interconnected, the operational challenge increasingly shifts from identity issuance to interoperability, trust coordination, and scalable verification across organisational boundaries.
Three forces reshaping the next five years
Three developments are converging simultaneously: regulation, agentic AI, and the maturation of interoperability standards. Together, they are reshaping how identity infrastructure will be designed and governed through the end of the decade.
Regulation
The EU Digital Identity Wallet under eIDAS 2.0 represents the first government-backed digital identity framework with legal recognition across all EU member states. For the first time, relying parties across the EU will be able to validate credentials through a common infrastructure layer without negotiating proprietary bilateral integrations.
At the same time, the Anti-Money Laundering Regulation (AMLR), coming into force from 2027, shifts financial compliance toward continuous monitoring rather than one-time onboarding checks. At the scale of millions of customers, real-time credential verification and automated revocation become operational necessities.
These developments carry broader strategic implications. Institutions whose business models depend on controlling proprietary verification networks may find parts of that value chain gradually bypassed by open credential ecosystems.
Agentic AI
Agentic AI systems introduce accountability challenges that current enterprise infrastructure was never designed to handle.
Human employees operate within clearly defined structures involving contracts, delegated authority, organisational hierarchy, and auditability. AI agents increasingly act across systems and organisational boundaries without equivalent identity controls.
Credential-based identity models offer a scalable framework for managing that complexity. An AI agent can hold credentials defining its authority, delegate narrower permissions to sub-agents, and maintain auditable records of actions across multiple organisations.
In cross-company workflows, neutral infrastructure becomes essential. Few organisations will willingly allow a competitor to control the underlying trust layer governing autonomous interactions.
Standards maturity
Core standards including W3C Decentralised Identifiers, Verifiable Credentials, and OpenID4VC have now matured substantially. The challenge increasingly lies in interoperability between implementations.
Two wallets may technically comply with the same specification while still failing to work together in practice. Bridging that gap requires independent interoperability testing, live implementation validation, and neutral infrastructure that no single ecosystem participant controls.
Open registries and publicly verifiable trust frameworks are likely to play an increasingly important role as adoption grows.
Hedera’s role in enterprise identity infrastructure
The underlying infrastructure layer matters significantly in enterprise identity deployments. Real-time verification flows, cross-border transactions, machine-to-machine interactions, and large-scale credential ecosystems require infrastructure that can support predictable costs, rapid settlement, interoperability, and accountable governance.
Hedera was designed with several of these enterprise requirements in mind:
- Fast transaction finality suitable for real-time identity verification
- Predictable low-cost transactions at enterprise scale
- Governance through the Hedera Council, composed of major global organisations rather than anonymous validators
- W3C-compliant DID and credential infrastructure supporting interoperability across standards-based wallets and ecosystems
As identity systems become increasingly cross-organisational and machine-driven, neutral trust infrastructure becomes more operationally important. Public distributed ledgers governed by recognised institutions are likely to play a growing role in enabling interoperable verification at global scale.
A practical guide for executives
Start with governance, not technology
Institutions do not automatically trust one another enough to share critical infrastructure. Governance frameworks therefore need to be established early, particularly around liability, breach response, data minimisation, and operational accountability.
Successful programmes typically secure alignment between anchor institutions before deployment begins.
Focus on one measurable corridor first
The initiatives that reach production usually begin with a single high-friction corridor where value is measurable and operational complexity is manageable.
A single production deployment creates more momentum than multiple disconnected pilots that stall at experimentation.
Bring regulators into the process early
Regulatory uncertainty often persists because regulators are asked to evaluate systems they had little involvement in shaping. Programmes that involve regulators early, particularly through structured sandboxes with defined policy outcomes, tend to move faster and create more durable precedents.
Many of the implementation approaches likely to shape the European identity landscape later this decade are already being established through the EU’s large-scale EUDI pilots today.
Design for interoperability from day one
Interoperability problems rarely appear in early pilots because ecosystems remain small and controlled. Complexity emerges later, when organisations need to exchange credentials across different wallets, networks, jurisdictions, and governance models.
Infrastructure choices made early can significantly influence long-term scalability and ecosystem participation.
Conclusion
The commercial value of digital identity infrastructure is already visible in reduced onboarding friction, lower compliance costs, improved engagement rates, and stronger fraud resilience.
Over the next five years, the importance of those capabilities is likely to increase as organisations face continuous compliance requirements, autonomous AI systems, and increasingly interconnected digital ecosystems.
The institutions building identity infrastructure for cross-border, multi-party, and agentic operations today are positioning themselves for a structural advantage in the next generation of financial and commercial systems.
