According to the EU regulation eIDAS, trust service providers must be accredited nationally and follow the national laws, rules, and regulations given by the national supervisory authority. Suppose there are other EU-wide regulations with specific rules in place. Trust service providers must follow them, e.g., advanced electronic signature standards, security levels of eID, or EU regulation NIS-2. In addition, every EU member state has different national standards for trust service providers; the German Federal Office for Information Security or the French institute ANSII must approve certain aspects so that a trust service provider becomes accredited. In some countries, video identification is allowed, and in others forbidden. Third countries only permit short-term certificates.
The EU regulation eIDAS regulates that all EU member states must accept all qualified electronic signatures from any nationally accredited TSP in any EU country. For example, an accredited French trust service provider can sell qualified electronic signatures according to French laws and regulations in Germany and vice-versa. Swisscom as an Austrian trust service provider has to follow Austrian laws and regulations and is allowed to sell their qualified electronic signatures in other EU member states. The EU trusted it is the legal basis and confirmed that qualified electronic signatures of a listed trust service provider must be accepted.
With eIDAS 2.0, the EU member states try to harmonize even more parts of the accreditation, e.g., registering a trusted service or creating an EU e-Wallet as a base for future identification.