BACKGROUND

On 16 December 2025, the AMLA published its Final Report on draft RTS concerning the assessment of the inherent and residual money laundering and terrorist financing (ML/TF) risk profiles of obliged entities, pursuant to Article 40(2) of Directive (EU) 2024/1620 (AMLD).

Article 40(2) mandates AMLA to establish a single supervisory methodology that all competent authorities must use to assess ML/TF risks at entity level. This initiative responds to long-standing fragmentation in national supervisory approaches, which has led to divergent risk assessments, inconsistent supervisory outcomes, and disproportionate compliance costs for cross-border financial institutions. The RTS aim to reinforce the effectiveness, comparability, and proportionality of AML/CFT supervision across the EU.

WHAT'S NEW?

The draft RTS introduce a fully harmonised, risk-based methodology that supervisors must apply when assessing the ML/TF risk exposure of obliged entities in the financial sector.

At the core of the framework is a common set of datapoints used across all Member States. These datapoints are structured around a core set applicable to all obliged entities, supplemented by sector-specific datapoints to reflect differences in business models and risk exposure. Importantly, data requests are capped in practice at around 100–150 datapoints, significantly below current supervisory practices in many jurisdictions, while preserving supervisors’ ability to request additional information for on-site or off-site supervision.

The methodology follows a three-step risk assessment process. Supervisors first assess the entity’s inherent ML/TF risk, then evaluate the quality and effectiveness of its AML/CFT controls, and finally determine the residual risk that remains after controls are taken into account. Inherent risk scores are generated automatically, while controls scores combine automated outputs with evidence-based supervisory judgement, ensuring both operational efficiency and supervisory robustness.

To ensure consistency across the EU, the RTS strictly limit discretionary adjustments. Any supervisory override is allowed only in duly justified circumstances, such as specific national risks or new supervisory findings indicating that automated results are insufficiently reliable. Thresholds and weightings are not hard-coded in the RTS; instead, AMLA will define them for each review cycle and monitor their consistent application across Member States.

The RTS also introduce a proportionate review frequency. As a general rule, obliged entities’ risk profiles must be reviewed annually. For very small or very low-risk entities, reviews may take place every three years, while ad hoc reassessments are required when material changes occur, such as significant business model shifts, ownership changes, or major AML/CFT control failures.

Finally, the RTS adopt a phased approach. This first set applies only to financial sector obliged entities and their supervisors. A separate RTS will be developed at a later stage for non-financial sector obliged entities, allowing additional time to define appropriate datapoints and supervisory practices for those sectors.

WHAT'S NEXT?

The draft RTS will be submitted to the European Commission for adoption and, once adopted, will be published in the Official Journal of the European Union. The RTS will enter into force 20 days after publication and will apply from 31 December 2027.

Following application, supervisors will be required to complete initial entity-level ML/TF risk assessments within the timelines set by the RTS and thereafter conduct reviews in line with the defined annual, triennial, or ad hoc cycles. The framework is intended to serve as a cornerstone of the new EU AML/CFT supervisory architecture, supporting consistent supervisory strategies, inspection planning, and risk prioritisation across the Union.

On 16 December 2025, the AMLA published Final Report on the draft RTS under Article 12(7) of Regulation (EU) 2024/1620.

Article 12(7) of Regulation (EU) 2024/1620 (AMLAR) mandates AMLA to define, through draft Regulatory Technical Standards (RTS), important aspects of the methodology it will use to select which obliged entities it will supervise directly. As a first step, AMLA will determine which entities are eligible to be directly supervised based on geographic criteria. To this effect, the draft RTS introduces thresholds to establish whether an obliged entity’s operations under the freedom to provide services are material. These thresholds are alternative, ensuring that both high-volume and high-customer scenarios are captured. They rely on data that is readily available to obliged entities. The draft RTS also sets out the risk assessment methodology that AMLA will use to decide which eligible obliged entities it will supervise directly. This methodology is aligned with the methodology supervisors will use to assess entity-level money laundering and terrorist financing risk. Aligning methodologies reduces administrative burden and promotes consistency. Finally, this draft RTS includes a group-wide risk scoring method that is based on a weighted average of entity-level residual risk scores. This method ensures that high-risk entities and significant operations are appropriately reflected in the group’s risk score. Based on the methodology set out in this draft RTS, AMLA will select the most complex, high-risk entities with significant EU presence to deliver a coordinated and consistent approach to cross border AML/CFT supervision.

On the 3 December 2025, the EC published regulation amending Delegated Regulation (EU) 2016/1675 to add Russia to the list of high-risk third countries with strategic deficiencies.

The European Commission has adopted a Delegated Regulation amending Delegated Regulation (EU) 2016/1675 to include the Russian Federation on the EU list of high-risk third countries with strategic deficiencies in their AML/CFT regimes. The measure is taken under Article 9(2) of Directive (EU) 2015/849 and follows the requirement introduced in 2025 for the Commission to conclude by the end of that year an autonomous assessment of third countries whose FATF membership has been suspended. Russia falls within this scope due to its suspension for gross violations of core FATF principles. The Commission confirms that this assessment was carried out using its established methodology and relied on information from public sources, Member State competent authorities, and the European External Action Service.

The Commission’s assessment, conducted with input from the European External Action Service and Member State authorities, identified significant strategic deficiencies in Russia’s AML/CFT framework. These include the lack of independence of Russia’s Financial Intelligence Unit and severe restrictions on international cooperation, reduced transparency, accuracy, and availability of beneficial ownership information and non-compliance with FATF Standards on crypto-asset regulation, creating heightened money-laundering and terrorism-financing risks. The Commission also notes Russia’s increased cooperation with the DPRK, aggravating proliferation-financing risks.

In view of these deficiencies and the risks they pose to the integrity of the Union’s financial system, the Commission concludes that Russia should be designated a high-risk third country. Because Russia does not fit within existing categories in Delegated Regulation 2016/1675, the amendment introduces a new category covering jurisdictions not listed by the FATF but whose FATF membership is suspended. Russia is added under this new heading in the Annex.

As a direct consequence, obliged entities across the Union must apply enhanced customer due diligence to business relationships and transactions involving Russia, in accordance with Articles 18 and 18a of Directive 2015/849. Additional implications arise under the EU Financial Regulation, which restricts entities implementing EU funds from entering into new or renewed operations with entities established in listed high-risk jurisdictions, subject to limited exceptions. The Commission further clarifies that the Delegated Regulation will only enter into force after the European Parliament and the Council complete their scrutiny period of one month, which may be extended by an additional month if either institution raises objections.

On the 2 December 2025, the ESMA launches a Common Supervisory Action on MiFID II conflicts of interest requirements.

The European Securities and Markets Authority (ESMA), the EU’s financial markets regulator and supervisor, will launch a Common Supervisory Action (CSA) with National Competent Authorities (NCAs) on conflicts of interest in the distribution of financial instruments.

The CSA will assess how firms comply with their obligations under MiFID II to identify, prevent, and manage conflicts of interest when offering investment products to retail clients.

The CSA will focus be on the possible impact of staff remuneration and inducements on what products are offered to investors, the role of digital platforms in directing investors towards certain products, and whether this serves their best interests and the ways firms manage potential conflicts between their own profits and the needs of retail investors.

ESMA expects that this initiative, together with the exchange of practices among NCAs, will contribute to the consistent application of EU rules and strengthen investor protection in line with its objectives.

ESMA and the NCAs will carry out the CSA during 2026.

On 15 December 2025, the EC published consultation on Savings & Investments Union – EU rules to foster market integration and efficient supervision.

The need to further integrate European capital markets and assess ways to improve supervision in the EU, deepen capital markets and create a ‘Savings and Investments Union’, has been highlighted in a number of key political statements.
The initiative to create more efficient supervision is part of efforts to address market fragmentation and inefficiencies in the EU’s capital markets.

As announced in the ‘Savings and Investments Union’ strategy, this directive aims to:

• foster more integrated, deeper and efficient EU capital markets by removing regulatory, supervisory and operational barriers hindering key market players and infrastructures;
• modernise and simplify the EU rules in this area; and
• reduce administrative burden.

The Consultation closes on 10 February 2026.

BACKGROUND

On 15 December 2025, the ESMA published its MiFIR Review Final Report on transparency for derivatives, package orders and input/output data for the derivatives consolidated tape. The report follows the adoption of Regulation (EU) 2024/791, which amended MiFIR to enhance transparency, revise trading and transparency obligations for non-equity instruments, and enable the establishment of consolidated tapes. Within this revised framework, ESMA was mandated to develop draft regulatory technical standards (RTS) specifying detailed transparency requirements for derivatives, the treatment of package orders, and the data to be transmitted to and disseminated by the consolidated tape provider (CTP) for OTC derivatives.

The Final Report consolidates ESMA’s assessment of feedback received to its April 2025 consultation and sets out final proposals to amend several Level 2 measures, notably Commission Delegated Regulation (EU) 2017/583 (RTS 2) on non-equity transparency, the RTS on package orders, and the RTS on input/output data for consolidated tapes as regards OTC derivatives.

WHAT'S NEW?

Revised scope and structure of derivatives transparency

The report reflects the MiFIR review’s separation of the non-equity transparency regime into two distinct frameworks: one for bonds, structured finance products and emission allowances, and a new regime for derivatives under Articles 8a and 11a MiFIR. Transparency obligations apply to exchange-traded derivatives and a defined subset of cleared OTC derivatives, with certain contracts (notably forward rate agreements and basis swaps) not specified pending policy clarification.

Static liquidity determination and deferral regime

ESMA proposes a shift from dynamic, annually recalculated transparency thresholds to a static determination of liquidity and size thresholds for derivatives. Five deferral categories are defined based on transaction size and liquidity status, aligning the derivatives framework with the revised approach already adopted for bonds. As part of this simplification, the obligation to report transparency calculation data to ESMA systems (FITRS) would be discontinued.

Pre-trade transparency adjustments

Pre-trade transparency is limited to trading venues operating central limit order books or periodic auction systems. Static Large-in-Scale thresholds are introduced, with a differentiated approach for equity derivatives based on average daily notional amounts, while other asset classes follow uniform static thresholds.

Post-trade transparency fields and flags

Targeted amendments are proposed to post-trade transparency reporting fields, including the use of the OTC derivatives identifier established under Commission Delegated Regulation (EU) 2025/1003, the addition of effective and expiry dates for OTC interest rate derivatives, and the removal of redundant fields. Proposals to add new price components for CDSs or spreads for interest rate swaps were ultimately not retained. Post-trade deferral flags are aligned with the revised MiFIR framework, and volume masking practices are clarified.

Package orders and consolidated tape data

The report updates the RTS on package orders to reflect the revised scope of derivatives and the new liquidity determination. It also sets out final proposals on the regulatory and core market data to be transmitted to and disseminated by the OTC derivatives consolidated tape, ensuring consistency with the new transparency regime.

WHAT'S NEXT?

ESMA submitted the Final Report to the European Commission on 11 December 2025. In accordance with the ESMA Regulation, the Commission has three months to decide whether to endorse the proposed RTS amendments. Subject to endorsement and publication in the Official Journal, the amended transparency regime for derivatives is proposed to apply from 1 March 2027, providing a single, coordinated application date aligned with the revised OTC derivatives identifier and the planned launch of the derivatives consolidated tape

BACKGROUND

On 18 December 2025, the ESMA published a report on amended guidelines on Liquidity Management Tools (LMTs) for UCITS and open-ended AIFs. The revised AIFMD and UCITS Directive (Directive (EU) 2024/927) mandates ESMA to develop (i) guidelines on the selection and calibration of LMTs for liquidity risk management and mitigation of financial stability risks, and (ii) draft RTS specifying the characteristics of LMTs available to UCITS and AIFMs managing open-ended AIFs.

ESMA had previously published, on 15 April 2025, both its final report on the RTS on LMTs and its final report on the guidelines. The draft RTS were subsequently transmitted to the European Commission. The Commission formally adopted the RTS on 17 November 2025, with amendments to ESMA’s original draft text. ESMA notes that some of those Commission amendments affect the guidelines; the purpose of the 18 December 2025 report is therefore to introduce targeted changes to ensure full consistency between the guidelines and the RTS as adopted.

WHAT'S NEW?

ESMA’s amendments are deliberately limited and focus on two points where the European Commission’s adopted RTS changed the underlying assumptions of the April 2025 guidelines.

1) Redemption gates: explicit recognition of investor-level gates for certain AIFs
The adopted AIFMD RTS introduce the possibility of investor-level redemption gates. To mirror that change, ESMA inserts a new paragraph 27.a in the guidelines. It states that, for AIFs with no retail investors and a limited number of professional investors, fund managers should consider using investor-level redemption gates—either on a standalone basis or combined with fund-level gates—as a way to mitigate first mover advantage.

2) Anti-dilution tools: a more proportionate approach to implicit transaction costs
The adopted RTS clarify that implicit transaction costs (including material market impact) should not be treated as a universal input for anti-dilution tools. ESMA therefore amends paragraph 37 so that the “estimated cost of liquidity” used when activating anti-dilution tools:

• must always include explicit transaction costs; and
• should include implicit transaction costs only where appropriate to the fund’s investment strategy, and on a best-effort basis.

To keep the text consistent throughout, ESMA also adjusts paragraphs 38, 44 and 52 to reflect the same principle when discussing calibration and review of anti-dilution tools.

WHAT'S NEXT?

• The amended guidelines (Annex I) will be translated into the official EU languages and published on ESMA’s website.
• Publication of the translations triggers a two-month period during which national competent authorities (NCAs) must notify ESMA whether they comply or intend to comply with the guidelines (or provide reasons for non-compliance).
• The guidelines will apply from the application date of the RTS.
• For funds existing before the RTS application date, managers should apply the guidelines after twelve months from the RTS application date (i.e., a 12-month transitional period for existing funds).

On 23 December 2025, the EU published Regulation (EU) 2025/2005, amending EU Investment programmes (as described in Regulations on "InvestEU" - (EU) 2015/1017 and (EU) 2021/523, on "Horizon Europe" - (EU) 2021/695, and on "Connecting Europe Facility" - (EU) 2021/1153). The amendments proposed to these existing programmes are meant to increase the efficiency of the EU guarantee granted to projects withinthis scope of EU investments and to simplify reporting requirements for their beneficiaries.

While financial institutions are not directly obliged under this framework, the publication may be of interest to revise opportunity assessments performed on EU funding options it opens. Whether it is to fund ones' own initiatives, to advise clients or evaluate public-private funding options, this could be of interest e.g., for SPVs, financial institutions for intermediation, equity/debt funds and any other form of collective investment vehicles, investment platforms.

The regulation significantly enhances the InvestEU Fund's financial capacity by increasing the EU guarantee from approximately EUR 26.2 billion to EUR 29.05 billion in current prices, with an additional EUR 2.9 billion increase supported by EUR 1.16 billion in reflows from legacy instruments.

Four main policy windows shall be supported by this investment strategy:

• sustainable infrastructure (including energy, digital connectivity, transport, circular economy, sustainable oceans, and bio-economy),
• research, innovation and digitisation,
• SMEs, and
• social investment and skills.

Key objectives include addressing the Union's massive financing needs estimated at EUR 750-800 billion annually by 2030, supporting the green and digital transition, enhancing competitiveness, strengthening the defence technological and industrial base, and addressing the housing crisis.

Main requirements include the introduction of an InvestEU financial instrument allowing Member States to contribute from shared management funds, Recovery and Resilience Facility resources, or national budgets alongside the existing EU guarantee mechanism.

The regulation simplifies reporting requirements by exempting implementing partners from reporting on most key performance indicators for operations below EUR 300,000 and reducing the frequency of reports. It also simplifies the SME definition to enterprises with fewer than 250 employees and annual turnover not exceeding EUR 50 million.

Implementation timelines specify that support under the InvestEU financial instrument may be granted for an investment period ending 31 December 2027, with contracts to be signed by 31 December 2028. The regulation mobilizes approximately EUR 55 billion in additional investment through enhanced efficiency measures combining legacy instrument capacities with the InvestEU Fund.

The Regulation enters into force on 24 December 2025.

On 1 December 2025, EC published consultation on Review of the Regulation on a pan-European personal pension product.

The proposal aims to address the low uptake and limited commercial success of the existing PEPP framework by simplifying and enhancing its functionality. Its scope covers improving consumer protection, transparency, market appeal, and regulatory flexibility.

Key amendments include removing the fixed 1% fee cap, abolishing the mandatory two-sub-accounts requirement, allowing providers to offer multiple tailored PEPP options without the obligation to offer a Basic PEPP, and embedding a value-for-money framework within the product governance. The proposal also strengthens supervisory powers, enhances disclosure requirements, supports employer contributions, and facilitates the transfer and portability of PEPPs across Member States.

The Regulation intends to create a more attractive, cost-effective, transparent, and flexible product to increase citizen participation in supplementary pensions, support long-term investment in the EU economy, and align with the EU's social and economic goals. The proposed amendments are designed to apply one year after entry into force, with ongoing monitoring and evaluation planned every five years to ensure effectiveness and market development.

The Consultation closes on 27 January 2025.

BACKGROUND

On 2 December 2025, the Council of the European Union and the European Parliament announced that they had reached a provisional agreement on a new EU directive aimed at stepping up the fight against corruption.

The initiative seeks to modernise and strengthen the EU’s legal framework by replacing fragmented and outdated instruments, notably the 2003 framework on private-sector corruption and the 1997 convention on corruption involving EU and member state officials. The new directive also aligns EU rules with international standards binding on the EU, in particular those stemming from the United Nations Convention Against Corruption.

WHAT'S NEW?

Harmonised definition of corruption offences
The directive introduces EU-wide minimum standards for the definition of corruption-related crimes, ensuring consistent criminalisation across all member states. Offences covered include bribery in the public and private sectors, misappropriation, trading in influence, obstruction of justice, illicit enrichment linked to corruption, concealment, and serious violations related to the unlawful exercise of public functions.

Penalties for individuals and legal persons
Member states must harmonise sanctions for corruption offences. For natural persons, maximum prison sentences must range from at least three to five years, depending on the offence. Additional penalties may include fines, removal or disqualification from public office, withdrawal of permits, and exclusion from public procurement or access to public funds.
Legal persons, including companies, will also be subject to penalties. These take the form of fines, with maximum levels set at 3% to 5% of total worldwide turnover or €24 to €40 million, depending on the offence.

Jurisdiction rules
The directive clarifies when member states have jurisdiction and are required to initiate proceedings. Jurisdiction generally applies to offences committed on national territory or by nationals. Member states may also extend jurisdiction to offences committed abroad in cases involving habitual residents, offences against nationals or residents, or offences committed for the benefit of legal persons established or operating, in whole or in part, within their territory.

Preventive measures
Beyond criminal sanctions, the directive introduces reinforced corruption prevention obligations. Member states must raise public awareness, ensure transparency and accountability in public administrations, and establish dedicated bodies or units responsible for corruption prevention and repression. These bodies must operate independently and be adequately resourced.
Additional measures include periodic risk assessments to identify high-risk sectors or occupations and the implementation of protection, support, and assistance mechanisms for individuals reporting corruption or cooperating with authorities.

WHAT'S NEXT?

The provisional agreement must now be formally confirmed by both the Council and the European Parliament before the directive is adopted. Once adopted, member states will be required to transpose the new rules into national law, replacing existing EU instruments and establishing a unified framework for combating corruption across both the public and private sectors.

On 17 December 2025, the EBA published its Q3 2025 Risk Dashboard.

Final supervisory data for Q3 2025 confirms preliminary indications from the EBA’s recently published Risk Assessment Report. Key indicators show resilience across the sector:
The common equity tier 1 (CET1) ratio (transitional in the revised Capital Requirements Regulation - CRR3), remained robust at 16.3% and risk-weighted assets (RWA) totalled EUR 10.1 trillion, unchanged from the previous quarter (Figure 1 left).

The liquidity coverage ratio (LCR) declined slightly to 160.7% (from 161.7% in Q2) reflecting a stronger rise in the denominator than the numerator. The net stable funding ratio (NSFR) edged down to 126.8% from 127.2% in Q2. (Figure 1 right).

Total assets held steady at EUR 29.1 trillion. Debt securities increased by 2%, raising their share of total assets to 14.9%. The growth in outstanding loans remained subdued, with loans to households and non-financial corporations (NFCs) up just 0.2%. Loans collateralised by residential real estate (RREs) declined slightly, after a strong first half of 2025.

Total liabilities rose marginally to EUR 27.1 trillion., Customer deposits from households decreased slightly, while NFC deposits volumes grew by nearly 3%. The loans-to-deposits ratio for households and NFCs fell by 70bps to 105.6%.
Non-performing loan (NPL) volumes remained broadly stable at EUR 373 billion, with the NPL ratio at 1.8%. Consumer credit and SMEs continued to show the highest NPL ratios (Figure 2 left). Stage 2 loans continued decreasing slowly to 9.3%. The cost of risk stood at 0.47%, the lowest since Q3 2023.

Return on equity (RoE) was stable at 10.7% on a quarterly basis. The net interest margin (NIM) decreased slightly, to 1.58%, with the downward trend stabilising. The cost-to-income ratio continued its gradual decrease to 52.3%, as both costs and income decreased, though costs fell faster than income, reflecting banks’ cost control measures (Figure 3).

On 11 December 2025, the ECB published Simplification of the European prudential regulatory, supervisory and reporting framework.

The document sets out a strategic simplification agenda for EU banking rules, supervision and reporting, developed by the ECB’s High-Level Task Force on Simplification (HLTF) and endorsed by the ECB Governing Council in December 2025. Its overarching objective is to remove undue complexity and reporting burden that hampers euro area banks’ competitiveness, while strictly preserving resilience, effective risk coverage and alignment with Basel standards.

The regulatory chapter proposes a more streamlined capital and leverage architecture by reducing the number of risk weighted and leverage ratio stack elements, merging certain buffers into releasable and non releasable buckets, and reviewing the role of AT1 and Tier 2 in the going concern stack. It also calls for a materially simpler but prudent regime for smaller banks by expanding and harmonising the small and non complex institutions (SNCI) framework, alongside automatic reciprocation of macroprudential measures up to a threshold and closer alignment of MREL and TLAC stacks to avoid overlapping constraints and improve buffer usability. Further, the HLTF recommends shifting from directives to directly applicable regulations and rationalising level 2 and 3 acts to reduce national divergences, support cross border banking and make the Single Rulebook more transparent.

On supervision, the report argues that divergent national powers and options/discretions add complexity and cost for cross border groups and impede integrated risk management. It therefore advocates strengthening and completing the Single Rulebook (including on licensing, qualifying holdings, governance and fit and proper) and reducing the prescriptiveness of rules on supervisory processes, for example by allowing more risk based flexibility on internal model reviews, stress test frequencies and prior approval requirements. A key governance proposal is to give the ECB Governing Council, via an enhanced Macroprudential Forum, a holistic, system level view of overall capital demand across the banking union, to identify overlaps and gaps in combined micro and macroprudential requirements without changing existing national or ECB powers.

For the reporting framework, the HLTF identifies fragmented data collections and weak cross authority data sharing as major sources of burden. It recommends a “request once” approach driven by stronger coordination and mutual data sharing among the ECB, ESAs, SRB, NCAs and NCBs, supported by targeted legislative changes to enable sharing of supervisory data and common change management via the Joint Bank Reporting Committee (JBRC). In parallel, it sets a long term “report once” vision of an integrated reporting system across statistical, prudential and resolution domains, using a single dataset, with the JBRC tasked to steer and monitor integration, standardisation and redundancy free data collections based on clear “need to have” principles.

On the 8 December 2025, the EU published Regulation (EU) 2025/2475 amending the implementing technical standards laid down in Implementing Regulation (EU) 2024/3117 as regards operational risk supervisory reporting of institutions.

Commission Implementing Regulation (EU) 2025/2475 updates the EU’s supervisory reporting framework for credit institutions to reflect the revised operational risk regime introduced by Regulation (EU) 2024/1623 as part of the Basel III implementation. It amends Implementing Regulation (EU) 2024/3117 in order to incorporate the new reporting templates covering the business indicator, its sub-components and the detailed categories of operational losses, ensuring that institutions report operational risk data in a manner fully aligned with the updated prudential requirements. The Regulation also introduces a template dedicated to entities benefiting from the derogation laid down in Article 314(3) of the Capital Requirements Regulation, enabling supervisors to obtain complete information on the treatment of operational risk within groups.

The introduction of the new own funds requirements for market risk has been deferred to 1 January 2027, and the Regulation therefore prolongs the transitional use of the existing reporting framework under Implementing Regulation (EU) 2021/451. As a result, institutions must continue to report market risk using the templates set out in that Regulation throughout 2026, and the repeal of its market risk provisions is postponed accordingly. These amendments are based on the draft implementing technical standards submitted by the European Banking Authority following public consultation, ensuring consistency with the underlying regulatory framework and supporting continued convergence in supervisory reporting across Member States.

It enters into force on the 29 December 2025.

On 12 December 2025, the EBA issues revised list of ITS validation rules.

This update highlights rules that have been deactivated due to inaccuracies or IT-related issues. Competent Authorities across the EU are reminded that data submitted according to these ITS should not be formally validated against the deactivated rules.

Additionally, the EBA has released a small validation package, which includes:

• a micro taxonomy package;
• Data Point Model validation rules (DPM VR) deactivation updates scripts.

These components are required from release 4.0 for each deactivation exercise to ensure consistent deactivation of rules in both the taxonomy and the DPM.

A hotfix for reporting framework 4.2 will be issued in January 2026. Any necessary review of the validation rules for this framework will be incorporated in that hotfix. Therefore, no changes affecting release 4.2 are part of the current publication.

On 12 December 2025, the EBA published final draft RTS on Structural FX.

The document transposes the EBA's 2020 Guidelines on structural FX into binding regulatory technical standards following a CRR3 mandate, ensuring consistent EU-wide implementation of this provision that allows competent authorities to permit institutions to exclude deliberately taken FX risk positions from market risk capital requirements when used to hedge capital ratios (CET1, Tier 1, or Total Capital) against adverse exchange rate movements. The RTS clarifies that only net long FX positions of a structural nature, managed under an appropriate risk management framework, can qualify for this treatment.

Key requirements include: institutions must demonstrate that positions hedge the capital ratio and reduce volatility; the exemption is capped at the maximum open position that neutralises the sensitivity of the capital ratio to FX movements, calculated using prescribed formulas; positions must remain excluded for at least six months; and institutions must establish comprehensive risk management frameworks with clear hedging strategies, governance structures, tolerance levels, and monthly monitoring obligations.

The RTS removes the previous currency significance threshold, allowing institutions to apply for any currency, and introduces a simplified calculation approach permitting institutions to consider only credit risk own funds requirements when these drive ratio variability (where the credit risk RWA ratio exceeds 75%). Special provisions address non-monetary items at historical cost, internal hedges between trading and banking books, and currencies subject to liquidity constraints or Union restrictive measures.

The framework applies at both individual and consolidated levels, with specific approval required for each application level. Institutions must report quarterly on structural FX positions through COREP, with reporting expected to commence in 2027.

On 17 December 2025, the EBA published guidance to banks on enhanced reporting requirements for operational risk.
Key points for institutions:

• Extended preparation period: Banks now have until the end of June 2026, rather than March 2026, to comply with the new reporting requirements, ensuring at least six months to adapt to the change after the Regulation enters into force;
• Guidance on reporting: the EBA clarifies that institutions should use the COREP OF module (release 4.2) for operational risk reporting. Templates C 16.02, C 16.03, and C 16.04 will not be required for the March 2026 reference date, and their first mandatory submission will be in June 2026. However, banks may choose to report these templates voluntarily from March 2026;
• Ongoing requirements: Institutions must still report template C 16.01 using the updated technical tables in release 4.2, but information on “other operating expenses” will not be required for March 2026;
• Updated instructions and other IT solutions: the EBA has published amended instructions for both reporting and disclosure of operational risk, correcting references and ensuring consistency. They shall apply starting with reference date end June 2026. These updates are available on the EBA website, along with translations in all EU languages. The “Overview of the IT solutions” file, which covers the reporting obligations by linking the Articles of the ITS with the ITS templates to be reported, has also been revised to help banks navigate the amended requirements;
• Support for implementation: the EBA will soon update its signposting tool to reflect the new obligations. The mapping tool, which links reporting and disclosure templates, has also been updated.

On 19 December 2025, the Council of the EU agreed its negotiating position on key proposals to strengthen the euro currency by enabling the introduction of a digital euro and by better clarifying the legal tender status of euro cash. In turn, these initiatives will help improve the EU’s strategic autonomy, economic security and resilience.

The proposals relate to two regulations setting out the legal framework for the potential issuance of a digital euro, and a regulation to safeguard the role of cash in the EU by ensuring its wide acceptance and availability.

The digital euro would complement cash and would be available to the general public and businesses to make payments anytime and anywhere in the euro area. As a truly public facility directly backed by the European Central Bank (ECB), it would help preserve central bank money as the main anchor for a well-functioning payments system.

Under the proposal, the digital euro would:

• be available online or offline and therefore usable even without an internet connection;
• allow for payments and money transfers with a high degree of privacy;
• exist alongside national and international private means of payment, such as cards or applications run by privately-owned providers.

The proposal on which the Council has now reached its position aims to clarify these rules, including their interplay with the digital euro, to ensure consistency among the two forms of public money. The proposal’s main provisions aim to:

• safeguard acceptance of cash as a payment method throughout the euro area;
• guarantee that people have access to cash and are free to choose their preferred payment method.

Once the proposal to establish the legal framework is adopted by the European Parliament and Council, it will ultimately be for the ECB to decide whether to issue the digital euro. The ECB has recently indicated that the digital euro could be up and running by 2029.

With this agreed position, the Council can enter into negotiations with the European Parliament on the digital euro and the legal tender status of cash.

On 10 December 2025, the EU published Commission Implementing Regulation (EU) 2025/2303 of 14 November 2025 laying down implementing technical standards with regard to procedures, standard forms and templates for the provision of information for the purposes of resolution plans for credit institutions and investment firms pursuant to Directive 2014/59/EU of the European Parliament and of the Council, and repealing Commission Implementing Regulation (EU) 2018/1624.

Commission Implementing Regulation (EU) 2025/2303 updates and repeals the prior framework in Commission Implementing Regulation (EU) 2018/1624, drawing on accumulated supervisory experience and amendments to the Bank Recovery and Resolution Directive (BRRD). Its primary scope encompasses credit institutions and investment firms subject to resolution planning obligations by competent authorities, ensuring a harmonized minimum dataset for resolution-relevant information. Key objectives focus on standardizing the provision of timely, comparable data to support authorities in drafting and maintaining resolution plans, particularly for cross-border groups, while enhancing resolvability assessments, critical function identification, MREL calibration, and crisis preparedness strategies.

The regulation details comprehensive procedural requirements, including step-by-step instructions for authorities requesting information and institutions responding, alongside a revised suite of standard forms and templates. These cover qualitative and quantitative disclosures such as detailed group structures, activities, liabilities, financial resources, funding profiles, intragroup exposures, operational continuity arrangements, critical functions, and loss-absorbing capacity metrics. Proportionality is embedded to tailor reporting intensity by institution size, complexity, and resolution strategy, aiming to minimize compliance burdens for smaller entities without compromising depth for systemic ones. Submission formats emphasize structured, IT-enabled reporting via EBA-provided technical packages (data point models, validation rules, taxonomies, and instructions), facilitating automated processing and reducing duplicative requests.

This Regulation enters into force on 30 December 2025.

BACKGROUND

On 9 December 2025, the European Council and the Council of the European Union announced that the Council presidency and the European Parliament had reached a provisional agreement to simplify EU sustainability reporting and corporate due diligence requirements.
This initiative responds to repeated calls from EU leaders to reduce administrative and regulatory burdens on companies, particularly in light of competitiveness concerns highlighted in the Letta and Draghi reports and the Budapest Declaration of November 2024.

The agreement builds on the Commission’s Omnibus simplification package of February 2025 and follows the earlier adoption of the “stop-the-clock” mechanism, which already postponed the application timelines of sustainability reporting and due diligence rules. The overarching objective is to create a clearer, more proportionate regulatory framework while maintaining the core objectives of EU sustainability legislation.

WHAT'S NEW?

Corporate Sustainability Reporting (CSRD)
The agreement significantly narrows the scope of sustainability reporting obligations. The employee threshold is raised to 1,000 employees, combined with a new net turnover threshold of over €450 million. Listed SMEs are removed from scope, and financial holding undertakings are exempted. Companies that started reporting for financial year 2024 but fall outside the revised scope benefit from a transition exemption for 2025 and 2026. A review clause is introduced to reassess a possible future extension of scope.

Corporate Sustainability Due Diligence (CS3D)
The scope is substantially reduced by increasing thresholds to 5,000 employees and €1.5 billion net turnover, limiting obligations to the largest companies. The approach to identifying adverse impacts is simplified: companies may focus on areas of their value chain where risks are most likely, without conducting comprehensive mapping exercises, and may rely on reasonably available information.

The obligation to adopt climate transition plans is removed. The agreement also deletes the EU-level harmonised civil liability regime, retaining only a review clause. Administrative penalties are capped at 3% of global net turnover.

WHAT'S NEXT?

The provisional agreement is subject to formal endorsement by the Council and the European Parliament before adoption.
Once adopted, the transposition deadline for CS3D is postponed to 26 July 2028, with companies required to comply from July 2029. The review clauses included in both CSRD and CS3D indicate that the scope and liability framework may be reassessed at a later stage, depending on implementation outcomes and broader competitiveness considerations.

BACKGROUND

On 16 December 2025, the European Parliament adopted its position at first reading with a view to the adoption of a Directive amending Directives 2006/43/EC, 2013/34/EU, (EU) 2022/2464 and (EU) 2024/1760 as regards certain corporate sustainability reporting and corporate sustainability due diligence requirements. The initiative forms part of the European Commission’s broader simplification and burden-reduction agenda set out in its Communication “A simpler and faster Europe” of 11 February 2025, while maintaining the policy objectives of the European Green Deal and the Sustainable Finance Action Plan.

WHAT'S NEW?

Sustainability reporting – scope and thresholds

The Directive significantly narrows the scope of mandatory sustainability reporting under Directive 2013/34/EU. Reporting obligations at both individual and consolidated level are limited to undertakings and groups exceeding EUR 450 million net turnover and an average of more than 1,000 employees. This revised scope also applies to credit institutions and insurance undertakings. Small and medium-sized undertakings with securities admitted to trading on regulated markets are excluded from mandatory sustainability reporting.

Value chain protections and reporting flexibility

New safeguards are introduced for undertakings in reporting entities’ value chains with up to 1,000 employees (“protected undertakings”). Reporting undertakings may not require information exceeding the content of voluntary sustainability reporting standards, and protected undertakings are granted a statutory right to refuse excessive information requests. A three-year transition period applies for value-chain information gathering. Specific exemptions are also introduced allowing the omission of certain commercially sensitive, classified, trade secret or security-related information, subject to defined conditions.

Sustainability reporting standards (ESRS)

The Commission is mandated to revise the first set of European Sustainability Reporting Standards (ESRS) within six months of the Directive’s entry into force. The revision aims to reduce datapoints, prioritise quantitative information, clarify materiality application, improve interoperability with other EU and global frameworks, and enhance consistency with financial services legislation. Sector-specific mandatory standards are removed, while the Commission may issue non-binding sectoral guidance.

Voluntary sustainability reporting standards

A new framework for voluntary sustainability reporting standards is introduced for undertakings below the mandatory reporting thresholds. These standards will be adopted by delegated act and based on Commission Recommendation 2025/1710 (VSME), with periodic review every four years.

Assurance of sustainability reporting

The deadline for adopting limited assurance standards is postponed to 1 July 2027, while the empowerment to adopt reasonable assurance standards is removed. Audit firms carrying out sustainability assurance are required to designate at least one key sustainability partner, without being subject to full statutory audit firm approval requirements. Transitional and simplified registration conditions are introduced for third-country auditors and audit entities until 31 December 2030.

Digitalisation and support measures

Until detailed digital tagging rules are adopted, undertakings are not required to digitally mark up sustainability reporting. The Commission is tasked with establishing a dedicated digital portal for sustainability reporting guidance and with reporting on technological solutions enabling secure and automated sustainability data exchange.

Corporate sustainability due diligence (CSDDD)

The scope of Directive (EU) 2024/1760 is substantially reduced. Due diligence obligations apply only to companies with more than 5,000 employees and EUR 1.5 billion net worldwide turnover, with adjusted thresholds for franchising and licensing models. Due diligence obligations are clarified and streamlined, including scoping-based risk identification, proportional information requests to business partners, prioritisation rules, and revised suspension-of-relationship requirements. Climate transition plan obligations are repealed. A uniform maximum cap of 3% of net worldwide turnover is introduced for pecuniary penalties, while the specific EU-level civil liability regime is removed in favour of national rules ensuring access to justice and full compensation.

WHAT'S NEXT?

Following the European Parliament’s first-reading position, the Directive will proceed under the ordinary legislative procedure, requiring formal adoption by the Council and subsequent publication in the Official Journal of the European Union. The Directive will enter into force on the twentieth day following publication. Member States are required to transpose most provisions within 12 months of entry into force, with specific deadlines set for due diligence-related amendments by 26 July 2028. Application of the revised corporate sustainability due diligence regime is deferred to 26 July 2029, with certain reporting obligations applying from 1 January 2030. The Commission is mandated to adopt multiple delegated acts and guidance documents, including revised ESRS, voluntary reporting standards, and due diligence reporting criteria, according to the timelines set out in the Directive.

On the 4 December 2025, the Commission adopted a comprehensive package of measures designed to remove barriers and unlock the full potential of the EU single market for financial services.

This package is a central component of the savings and investments union (SIU) strategy, aiming to create a more integrated, efficient, and competitive financial system providing EU citizens better options for growing their wealth and supporting businesses in accessing funding.

More integrated capital markets are essential for fortifying the EU’s economic strength and achieving strategic priorities such as competitiveness, digital and green transitions, defence and security. Deeper integration of financial markets is not an end, but a means to create a single market for financial services greater than the sum of its national parts. Simplified access to capital markets reduces costs and makes the markets more appealing for investors and companies across all Member States, irrespective of size.

Despite recent progress, EU financial markets remain significantly fragmented, small and lack competitiveness, missing out on potential economies of scale and efficiency gains. In 2024 the market capitalisation of stock exchanges amounted to 73% of EU GDP, compared to 270% in the US. Financial institutions still face varying requirements and practices across Member States, hindering cross?border operations and restricting opportunities for both citizens and businesses, negatively impacting the economy and the EU’s competitiveness.

Today's package simplifies the EU regulatory and supervisory framework significantly, and comes just nine months after its announcement in the SIU strategy, underscoring the political importance and urgency of this issue.

On the 4 December 2025, EC publishes initiative on Listing Act and MiFID draft delegated act focusing on rules on payment for research and execution services. This draft act is open for feedback for 4 weeks, until 1 January 2026.

The draft Delegated Directive amends Delegated Directive (EU) 2017/593 to reflect recent changes introduced by Directive (EU) 2024/2811, which modified MiFID II to make EU public capital markets more attractive and strengthen the availability of investment research, particularly for small and medium-sized companies. Earlier reforms under the Capital Markets Recovery Package allowed bundled payment for research and execution only when research concerned issuers below EUR 1 billion in market capitalisation, but this did not halt the decline in investment research. The 2024 Listing Act therefore introduced broader flexibility, enabling investment firms to choose whether to pay jointly or separately for research and execution services, while maintaining transparency obligations.

To ensure consistent EU application of these new rules, the draft Delegated Directive revises the framework governing third-party research supplied to investment firms providing portfolio management, investment services or ancillary services. It requires firms using research payment accounts to inform clients in advance about research budgets and estimated charges, and to report annually on total research costs. For firms choosing separate payment structures, additional transparency obligations apply, including information on research providers, amounts paid and how expenditures compare to the research budget. Firms must also ensure that research charges are based solely on their assessed research needs and not linked to transaction volume or value. Senior management oversight, internal controls, and audit trails must ensure that research budgets are managed in the best interests of clients, and internal research cannot be funded from these accounts.

A central requirement introduced by the Directive is that all investment firms, regardless of the payment method used, must conduct an annual assessment of the quality, usability and value of third-party research, and take remedial action when research does not contribute to better investment decisions. The Directive aligns its transposition and application dates with Directive (EU) 2024/2811, requiring Member States to implement the new rules by 5 June 2026 and apply them from 6 June 2026.

On 17 December 2025, the ESMA published analysis on Impact of ESMA guidelines on the use of ESG or sustainability-related terms in fund names.

The study found that ESMA’s Guidelines have:

• Improved consistency in the use of ESG terms by increasing alignment of fund names and their actual investment strategies.
• Enhanced investor protection by reducing greenwashing risks.

Drawing on nearly 1,000 shareholder notifications in reaction to the guidelines from the 25 largest EU asset managers with EUR 7.5 trillion in assets under management, the study found that:

• 64% of the funds mentioned in shareholder notifications changed their name, in most cases to avoid the use of ESG related terminology.
• 56% updated their investment policies to strengthen their sustainability focus.

The study then focuses on the impact of the fossil-fuel related exclusions on 4,000 EU funds using ESG terminology in their names, with EUR 2 trillion in assets under management. The analysis shows that:

• Funds with higher fossil fuel exposures were more likely to remove ESG terms from their names, underscoring how portfolio composition influences compliance choices.
• Since the publication of the guidelines, funds retaining ESG terms in their names have reduced their portfolio share of fossil fuel holdings more than all other funds, suggesting efforts to green their portfolios.