This requires you to use enterprise-oriented features that blast you with warnings telling you not to do it. After you ignore those warnings they can install anything they want on your device.
This is basically sideloading for corporations.
And it is exactly an example of what will happen (and be quite common) if regular sideloading and alternative app stores with no Apple validation are forced on us.
It's a problem on Android, already. Banking apps disable themselves if your device is rooted due to malicious Trojans that exploit that feature to gain easy access to your data.
I'm sure they'll make sideloading a miserable enough experience for all involved (but not miserable enough to make it obvious that it's in bad faith and incur the wrath of the EU) that both users and devs will just opt not to do it