On 12 May 2026, the Authority for Anti-Money Laundering and Countering the Financing of Terrorism (AMLA) published a press release announcing the publication of a reporting package for the identification of provisionally eligible obliged entities, which marks a key preparatory step toward the first selection cycle for entities to be placed under AMLA’s direct supervision.

The reporting package provides instructions for national supervisors to identify entities that may meet the criteria for inclusion in AMLA’s direct supervisory scope. This process supports the preparation for the formal selection of entities scheduled in 2027, with selected entities expected to come under AMLA supervision starting from 2028.

The package includes a standardised reporting template and an interpretative note outlining detailed specifications and guidance to ensure consistent and accurate data collection across Member States.

National supervisors are responsible for organising the data collection exercise from obliged entities within their jurisdiction, while AMLA acts as the central authority receiving and defining reporting requirements.

The initiative builds on a prior data collection exercise aimed at testing and calibrating AMLA’s risk assessment models. The process is structured with defined timelines, including data collection by 15 August 2026, followed by an alignment and validation phase. The provisional list of eligible entities is expected to be finalised by the end of September 2026.

The press release also indicates further stakeholder engagement through a planned public webinar to support implementation and clarify reporting requirements.

On 29 May 2026, the Authority for Anti-Money Laundering and Countering the Financing of Terrorism (AMLA) published an update following a public hearing on its draft Guidelines on business-wide risk assessment (BWRA), which forms part of the development of the EU’s new AML/CFT framework and the implementation of the risk-based approach.

The public hearing, held on 28 May 2026, brought together over 1,000 stakeholders, including obliged entities from both financial and non-financial sectors, as well as civil society organisations. The objective of the session was to gather feedback on the draft Guidelines and to facilitate direct engagement between AMLA and market participants.

The draft Guidelines focus on establishing minimum requirements for conducting business-wide risk assessments, including the identification and evaluation of AML/CFT risks and the sources of information that institutions should consider. AMLA highlighted that the drafting approach aims to simplify requirements by avoiding duplication with existing AML rules, while maintaining a strong focus on proportionality to reflect the diverse risk profiles of entities subject to the framework.

During the hearing, participants raised a broad range of questions reflecting differing operational realities across sectors. AMLA indicated that the feedback received during the public hearing will complement written submissions submitted through the ongoing consultation process and will play a role in shaping the final version of the Guidelines.

The consultation on the draft Guidelines remains open until 15 July 2026. AMLA encourages stakeholders to submit feedback to ensure that the final standards are clear, consistent, and effective across all obliged entities covered by the EU AML/CFT framework.

On 11 May 2026, the European Parliament and the Council of the European Union published Directive (EU) 2026/1021 on combatting corruption, which establishes minimum rules concerning the definition of corruption-related criminal offences, penalties and preventive measures across Member States.

The Directive aims to strengthen and harmonize the EU legal framework on corruption by replacing earlier instruments and ensuring a more consistent and effective approach across jurisdictions. It requires Member States to criminalize a broad range of intentional corruption offences, including bribery in the public and private sectors, misappropriation, trading in influence, obstruction of justice, enrichment and concealment of corruption-related proceeds.

The Directive sets minimum requirements for criminal penalties, including maximum imprisonment thresholds and additional sanctions such as fines, exclusion from public funding or procurement procedures, and disqualification from certain activities. It also introduces rules on the liability of legal persons, requiring proportionate and dissuasive penalties, including fines linked to turnover.

In addition to criminal provisions, the Directive establishes preventive obligations for Member States, including the development of national anti-corruption strategies, risk assessments, awareness measures and the creation or designation of specialized anti-corruption bodies. It also strengthens requirements for whistleblower protection, data collection, cross-border cooperation and investigative tools.

Member States must transpose the Directive into national law by 1 June 2028, with certain preventive measures subject to a later deadline of 1 June 2029. The Directive will enter into force 20 days after its publication in the Official Journal.

Overall, the Directive establishes a comprehensive and harmonized framework aimed at improving the prevention, detection and prosecution of corruption across the European Union.

On 08 May 2026, the European Commission published the Draft Guidelines on the implementation of the transparency obligations for certain AI systems under Article 50 of the AI Act, which provide practical guidance to competent authorities, providers, and deployers on complying with the transparency requirements in a consistent and effective manner.

The guidelines clarify the scope, rationale, and application of Article 50 of Regulation (EU) 2024/1689 (AI Act), which introduces transparency obligations for specific categories of AI systems. These obligations apply to: (i) AI systems interacting directly with individuals, requiring users to be informed that they are interacting with AI; (ii) systems generating or manipulating synthetic content, requiring machine-readable marking and detection of AI-generated outputs; (iii) emotion recognition and biometric categorisation systems, requiring disclosure to exposed individuals; and (iv) deep fakes and AI-generated text used for public information purposes, requiring clear labelling of artificial origin.

The document specifies responsibilities of providers and deployers, sets out exceptions (e.g. obvious AI interaction, law enforcement use, minor content edits), and clarifies the interaction with other EU frameworks such as consumer protection, data protection, and the Digital Services Act. It emphasises that information must be clear, distinguishable, and provided at the latest at first interaction or exposure, and that technical solutions for marking and detection must be effective, robust, interoperable, and reliable.

The guidelines are non-binding and published for stakeholder consultation. They aim to support uniform implementation and may be updated based on practical experience.

Transparency obligations under Article 50 will apply from 2 August 2026, with enforcement by national market surveillance authorities and potential fines for non-compliance.

On 20 May 2026, the European Commission (DG FISMA) published a Targeted Consultation on the Review of the Regulation on Markets in Crypto‑Assets (MiCA), which seeks stakeholder feedback to assess whether the existing EU crypto‑asset framework remains fit for purpose in light of market, technological, and regulatory developments.

The consultation aims to support the Commission’s obligations under Articles 140 and 142 MiCA, including preparing reports to the European Parliament and Council and potentially proposing legislative amendments. It collects evidence on market developments not originally covered by MiCA, implementation experience since its application (from June and December 2024), and the effectiveness of current provisions.

The scope is structured into four parts:

Scope and definitions (Title II), including classification of crypto‑assets and disclosure requirements;
Stablecoin regime (Titles III–IV), covering asset‑referenced tokens (ARTs) and e‑money tokens (EMTs), including prudential requirements, reserves, redemption rights, and significance thresholds;
Crypto‑asset service providers (CASPs) (Titles V–VI), focusing on services, prudential safeguards, and potential simplification;
Topics beyond MiCA, including decentralised finance (DeFi), staking, lending/borrowing, NFTs, tokenised deposits, and legal certainty of token ownership.

The consultation also examines cross‑border issues, global stablecoins, supervisory coordination, and administrative burden. It explicitly seeks input on whether additional regulatory or supervisory measures are needed, including potential adjustments to investor protection, market integrity safeguards, and financial stability mechanisms.

Stakeholders are invited to submit responses via an online questionnaire by 31 August 2026, with responses informing future legislative or policy proposals.

On 6 May 2026, the ESMA published its Statement on results of the Common Supervisory Action on MiFID II sustainability aspects.

The CSA, conducted during 2024–2025 with participation from 29 national competent authorities (NCAs) and covering 245 firms, aimed to evaluate firms’ implementation of sustainability-related obligations introduced through the 2022 amendments to MiFID II Delegated Acts, including the handling of clients’ sustainability preferences, product categorisation, suitability assessments, and target market definitions.

The findings indicate that firms have made progress in integrating sustainability considerations into advisory and portfolio management processes, including adapting internal policies, questionnaires, and product-mapping methodologies. However, ESMA identified significant inconsistencies across firms and jurisdictions, alongside several deficiencies. Key issues include challenges in explaining sustainability preferences to clients, insufficient granularity and neutrality in questionnaires, incomplete procedures for clients without explicit sustainability preferences, and inconsistent approaches to handling multiple preference categories.

In product governance, firms have developed approaches to define sustainability-related objectives and categorise products, though implementation remains uneven and often constrained by limited or inconsistent ESG data. Deficiencies were also observed in negative target market assessments and record-keeping practices, particularly regarding the documentation of preference adaptations.

ESMA sets out high-level supervisory expectations, encouraging firms to enhance clarity, neutrality, and consistency in client engagement, improve product categorisation methodologies, ensure robust documentation, and apply proportionate approaches to updating client preferences. NCAs are invited to prioritise supervisory dialogue over enforcement during this transition period, except in cases of clear breaches.

ESMA notes that ongoing legislative developments (e.g. SFDR review and Retail Investment Strategy) may lead to future adjustments of the framework, with a focus on simplification, proportionality, and consistent application.

On 7 May 2026, the ESMA published its Report on 2025 Corporate reporting enforcement and regulatory activities.

The report covers financial reporting (IFRS), sustainability reporting (ESRS under CSRD), and digital reporting (ESEF), including alternative performance measures (APMs) and Taxonomy Regulation disclosures. Its objective is to promote transparency, consistent application of EU reporting frameworks, and convergence in enforcement practices, notably through the assessment of the 2024 European Common Enforcement Priorities (ECEP).

Enforcement activities were risk-based, combining full-scope and focused examinations, and resulted in corrective actions where material misstatements or omissions were identified. The 2025 exercise covered approximately 3,800 issuers for IFRS, around 2,000 for sustainability reporting, and 4,000 for ESEF filings. Examination rates reached 16% for financial statements, 18% for sustainability reports, and 76% for ESEF filings (with 19% detailed markup reviews).

Findings show that, in financial reporting, issues primarily related to presentation, financial instruments, impairment, and segment disclosures, with a 41% action rate across 628 examinations leading mainly to future corrections. For APMs, deficiencies concerned definitions, reconciliations, and labelling.

For sustainability reporting, this first year of ESRS application showed frequent issues in double materiality assessments, entity-specific disclosures, and connectivity between sustainability and financial information. Climate-related disclosures (ESRS E1) and general requirements (ESRS 2) were most affected, with a 30% action rate.

For ESEF, common errors included incomplete or incorrect markups, taxonomy misuse, scaling issues, and inconsistencies between formats, resulting in enforcement actions primarily requiring corrections in subsequent filings.

The report highlights the need for entity-specific disclosures, better integration between financial and sustainability information, and improved validation of digital reporting formats, while noting ongoing examinations and upcoming ESEF regulatory updates applicable from 2027.

On 7 May 2026, the European Commission published Commission Delegated Regulation amending Prospectus Regulation as regards the standardised format and sequence and the streamlined content, scrutiny and approval of the prospectus.

The Delegated Regulation aims to implement changes introduced by Regulation (EU) 2024/2809 (Listing Act) by:

• streamlining disclosure requirements,
• standardising prospectus structures, and
• enhancing supervisory convergence.

It applies to prospectuses for public offers of securities and admissions to trading on regulated markets, covering both equity and non-equity instruments.

In terms of structure the main changes are as follows:

• Introduces a more standardised format and sequence for prospectuses, with stronger standardisation for equity securities and greater flexibility for non-equity securities.
• Establishes a new “EU IPO prospectus” format for initial public offerings of shares, allowing preparation either as a single document or separate registration document and securities note, based on prescribed annex structures.
• Consolidates disclosure requirements into unified registration documents and securities notes, for non-equity securities, distinguishing between retail and wholesale investor disclosures.

Content requirements are streamlined by aligning disclosures with the former EU Growth prospectus regime, reducing duplication and administrative burden.

Additional ESG-related disclosures are required where securities are marketed as incorporating environmental, social, or governance factors, except where equivalent disclosures already exist (e.g. European Green Bonds).

The Regulation also harmonises scrutiny and approval processes by limiting additional scrutiny criteria, introducing clearer conditions for requesting supplementary information, and setting a maximum approval timeline of 90 working days (100 days for SMEs), with possible extensions. Competent authorities may impose deadlines for issuer responses, and mechanisms are introduced for cross-referencing information where standardised formats are not followed.

The Regulation enters into force three days after publication in the Official Journal and is directly applicable across Member States.

On 11 May 2026, the European Commission published a Commission Notice on the interpretation and implementation of certain legal provisions of Regulation (EU) 2017/1131 on money market funds (MMFs), which provides guidance to ensure consistent application of the MMF framework across the EU.

The Notice complements the 2026 MMF report and aims to clarify specific supervisory and operational aspects of the Regulation, particularly in relation to liquidity management, portfolio composition, and the use of liquidity management tools (LMTs).
The Commission confirms that the minimum liquidity thresholds set out in the MMF Regulation, including requirements on daily and weekly liquid assets, represent minimum levels and may need to be exceeded depending on the characteristics of the fund, its investor base, and stress testing outcomes. MMF managers are expected to ensure that portfolios remain sufficiently robust to withstand liquidity shocks, taking into account requirements under stress testing and “know your customer” provisions.

The Notice clarifies that breaching regulatory liquidity thresholds does not automatically trigger the activation of liquidity management tools. Instead, managers should prioritise restoring compliance while considering investors’ interests, and may, under certain circumstances, temporarily operate below thresholds, particularly in periods of market stress.
For CNAV and LVNAV MMFs, the board is required to perform a documented assessment when thresholds are breached and may determine appropriate corrective actions, including the possibility of not taking immediate measures beyond efforts to restore compliance. The Commission emphasises the importance of coordinated supervisory approaches and information sharing among national competent authorities to address risks to financial stability.

Overall, the Notice aims to provide legal certainty and support consistent supervisory practices while strengthening liquidity risk management across the MMF sector.

BACKGROUND

On 11 May 2026, ESMA published its Final Report on the 2025 CSA on compliance and internal audit functions of fund managers. The CSA assessed the establishment and effectiveness of compliance and internal audit functions in the investment management sector, with reference to the AIFMD, the UCITS Directive and their implementing measures.

The exercise was conducted under a common assessment framework developed by ESMA in 2024 and formally agreed in December 2024. All 27 EU NCAs and 3 EEA NCAs participated. NCAs reported their national findings to ESMA by 31 December 2025 and submitted follow-up survey responses by 31 January 2026.

The report applies to AIFMs and UCITS management companies. Its objective is to summarise the supervisory findings, identify good and poor practices, and promote supervisory convergence on how NCAs assess compliance and internal audit arrangements.

WHAT'S NEW?

Overall findings

ESMA reports that most NCAs assessed the overall level of compliance as satisfactory. However, the CSA identified areas for improvement, particularly in relation to independence, documentation, risk-based planning and reporting to senior management or the board.

Most NCAs did not identify regulatory breaches. Where breaches were identified, they mainly concerned the independence of compliance or internal audit functions and incomplete reporting to senior management. A larger number of NCAs identified vulnerabilities, including incomplete internal audit documentation, insufficient compliance risk assessments and weak risk-based approaches.

Compliance function

The report finds that compliance functions generally have broad and well-defined responsibilities, including monitoring regulatory developments, updating internal policies, performing compliance checks and escalating issues.

However, ESMA identifies several weaknesses. These include policies not being regularly updated, insufficiently detailed compliance monitoring plans, inadequate documentation of compliance reporting, weak follow-up of deficiencies and insufficient tailoring of group-level compliance frameworks to local entities.

Where compliance-related tasks are performed by third parties or group entities, ESMA notes divergent national practices on whether those arrangements qualify as delegation. ESMA reiterates that managers remain responsible for compliance with applicable rules.

Internal audit function

Most NCAs found that supervised entities had independent internal audit functions with sufficiently knowledgeable and experienced staff. Internal audit reports were generally considered satisfactory, but their quality and granularity varied.

Weaknesses included unclear audit reports, insufficient risk-based planning, incomplete audit documentation, weak follow-up mechanisms and cases where compliance had never been subject to internal audit. Some entities relied on group-level or external internal audit arrangements, with varying levels of documentation and local tailoring.

WHAT'S NEXT?

ESMA will continue promoting exchanges among NCAs on the CSA findings and related follow-up supervisory actions.

NCAs intend to follow up on individual cases through letters, bilateral communications, remediation requests, requests for additional information or meetings with managers.

Some NCAs also plan to engage with national industry associations or publish national reports reflecting the outcome of the ESMA report.

On 19 May 2026, the European Parliament adopted a legislative resolution approving the Regulation on the screening of foreign investments in the Union, repealing Regulation (EU) 2019/452.

The Regulation establishes a harmonised Union-wide framework requiring all Member States to screen foreign investments on grounds of security or public order, replacing the previous cooperative-only mechanism with binding minimum standards. Every Member State must establish a national screening mechanism and apply a mandatory prior authorisation requirement for foreign investments in a defined set of sensitive sectors — the "common minimum scope" — including dual-use and military goods, semiconductors, quantum and artificial intelligence technologies, strategic raw materials, critical transport/energy/digital infrastructure, specific financial market infrastructures (CCPs, CSDs, regulated market operators, systemically important institutions, global financial messaging providers), and electoral systems.

The screening procedure must include an initial review phase of no more than 45 calendar days and, where necessary, an in-depth investigation. A strengthened cooperation mechanism obliges Member States to notify the Commission and other Member States of qualifying transactions within defined deadlines (15 or 45 calendar days from filing), and harmonises the timelines for comments and Commission opinions.

The Regulation extends screening obligations to intra-Union investments made through subsidiaries controlled by third-country investors. A secure encrypted communication system and a central database of screening outcomes are to be established by the Commission. The Regulation enters into force 20 days after publication in the Official Journal and applies 18 months thereafter, with Regulation (EU) 2019/452 repealed at that same date.

In 28 May 2026, the European Union Agency for Cybersecurity (ENISA) published its NIS360 report, which assesses the cybersecurity maturity and criticality of sectors classified as highly critical under the NIS2 Directive.

The report aims to support EU-level prioritisation and policymaking by benchmarking sectoral cybersecurity readiness, identifying gaps, and highlighting areas requiring further investment and supervision. It evaluates sectors through a structured methodology combining maturity indicators—such as policy frameworks, risk management practices, collaboration, and operational preparedness—with criticality factors including digitalisation, socio-economic impact, and time sensitivity of disruptions.

The findings indicate that cybersecurity maturity across EU critical sectors is steadily improving, although progress remains uneven. Sectors such as banking, electricity, and telecommunications continue to demonstrate the highest levels of maturity and criticality, while financial market infrastructures (FMIs), trust services, and aviation have advanced into the high maturity category.

In the financial sector, banks maintain a strong maturity level supported by well-established governance, structured risk management, and high operational preparedness. FMIs have improved significantly, largely driven by compliance with the Digital Operational Resilience Act (DORA), although some challenges remain in areas such as management-level cybersecurity expertise, vulnerability management, and data security.

The report also identifies a “risk zone” comprising sectors where cybersecurity maturity remains below criticality levels, including health, transport subsectors, ICT service management, public administration, and water services.

Key drivers of improvement include cybersecurity regulation—particularly NIS2 and DORA—which has increased investment and strengthened risk management practices, as well as growing awareness of supply chain risks, geopolitical threats, and emerging technologies such as artificial intelligence.

On 28 May 2026, the EC published a Commission Delegated Regulation supplementing Regulation (EU) No 575/2013 (CRR), which specifies regulatory technical standards on operational risk requirements for institutions.

The Regulation establishes detailed rules for the calculation of the business indicator, which serves as a proxy for operational risk. It defines the components of the business indicator, including interest, lease and dividend elements, services components, and financial components, while also specifying items to be excluded from its calculation.

In addition, the Regulation introduces methodologies for adjusting the business indicator in the context of mergers, acquisitions, and disposals. It sets out conditions for obtaining supervisory permissions for adjustments and details the related notification and documentation requirements for institutions.

The Regulation further establishes a harmonised operational risk taxonomy, including Level 1 event types and more granular Level 2 categories, along with a set of attributes to classify operational risk losses. Institutions are required to record and classify loss events accordingly, with specific provisions regarding the treatment of rapidly recovered losses and the inclusion of losses from legal proceedings.

It also sets conditions under which the calculation of annual operational risk loss may be considered unduly burdensome, particularly for institutions undergoing structural changes or those within certain size thresholds.

Finally, the Regulation specifies requirements for adjusting loss data sets following mergers or acquisitions, including the treatment of historical data and currency differences. The provisions aim to ensure consistency, comparability, and proportionality in the calculation of operational risk capital requirements across institutions.

On 13 May 2026, the European Securities and Markets Authority (ESMA) published an updated List of Central Counterparties authorised to offer services and activities in the Union which provides a comprehensive register of CCPs authorised under Regulation (EU) No 648/2012 (EMIR).

The document lists central counterparties authorised to provide clearing services within the European Union, including their legal identifiers (LEI), country of establishment, competent supervisory authority, and initial authorisation dates. The publication is issued pursuant to Article 88(1) of EMIR and serves as an official reference for authorised CCPs operating in the Union.

In addition to the core list of authorised CCPs, the document includes information on extensions of authorisation granted to CCPs over time, reflecting changes in their permitted activities. It also provides detailed tables outlining the classes of financial instruments covered by each CCP’s authorisation, including securities and derivatives across asset classes such as equity, debt, interest rate, credit, commodities, currencies, and crypto-assets.

The document further defines these instrument classes, distinguishing between over-the-counter (OTC) and regulated market (RM) transactions, and clarifies the scope of CCP authorisations in relation to different risk profiles. It also highlights cases where authorisations have been withdrawn or amended, including those linked to structural changes such as Brexit or voluntary renunciation of specific services.

Overall, the publication aims to ensure transparency regarding the CCPs permitted to operate in the EU and the scope of their authorised clearing activities under EMIR.

On 7 May2026, the EBA published its amendments to the Guidelines on the definition of default.

The Guidelines confirm the retention of the 1% threshold for the net present value (NPV) loss when assessing whether a forbearance measure results in a diminished financial obligation and therefore triggers default. The EBA concludes that the existing framework is sufficiently risk-sensitive and flexible, and that raising the threshold would create inconsistencies, delay default recognition, and undermine the robustness and comparability of credit risk assessment.

The framework for identifying default continues to require a qualitative assessment of financial difficulty and concessional treatment alongside a quantitative NPV test comparing pre- and post-restructuring cash flows. Exposures exceeding the 1% threshold must be classified as defaulted, while those below it remain subject to further assessment for unlikeliness to pay.

The EBA decided not to introduce additional flexibility in key areas. No changes were made to the one-year probation period for returning to non-defaulted status, due to alignment with the non-performing exposure (NPE) framework. Similarly, no specific treatment for legislative or private moratoria was introduced, as the current framework already provides sufficient flexibility and avoids automatic default classification.

Targeted amendments include extending the technical “days past due” exception for factoring from 30 to 90 days at invoice level, reflecting operational realities. Additional technical updates align the Guidelines with CRR3, including replacing “distressed restructuring” with references to forbearance measures and removing obsolete provisions such as the former 180-day past-due discretion.

The Guidelines will apply three months after publication in all EU official languages, with competent authorities required to confirm compliance within two months of translation publication.

On 29 May 2026, the European Securities and Markets Authority (ESMA) published a 2025 report assessing the quality and use of supervisory data across EU financial markets, highlighting key developments in data reporting, data quality, and the increasing role of data in supervision.

The report constitutes ESMA’s sixth edition and expands its scope to include additional datasets, such as Prospectus reporting, credit rating agency data, CCP supervisory reporting, crowdfunding data, and DORA incident reporting. It aims to evaluate how supervisory data supports core regulatory objectives, including investor protection, financial stability, and market integrity, while identifying improvements in data quality and supervisory use.

A central focus of the report is ESMA’s objective to enhance the efficiency and usability of supervisory data while reducing reporting complexity for market participants. During 2025, ESMA advanced several initiatives aimed at simplification and burden reduction, including a Call for Evidence on financial transaction reporting, the development of integrated reporting for funds, and the promotion of a “report once” approach to streamline reporting obligations.

The report also outlines the application of data quality frameworks (DQEFs) across major regulatory regimes, including EMIR, MiFIR, SFTR, AIFMD, and MMFR. These frameworks focus on key quality dimensions such as completeness, accuracy, consistency, and timeliness, with the report noting measurable improvements in reporting quality across several datasets, particularly following recent regulatory reforms such as EMIR REFIT.

In parallel, ESMA highlights technological advancements supporting supervisory activities, including increased automation, the operational deployment of generative artificial intelligence, and the establishment of a SupTech Network to enhance cooperation across authorities.

Looking forward, ESMA outlines further developments, including the preparation of technical standards for integrated reporting by April 2027 and alignment with the European Single Access Point (ESAP), aimed at improving data accessibility and comparability across the EU

On 4 May 2026, the ESMA published Final report on the integrated collection of funds’ data.

Based on the feedback received from more than 100 respondents to the previous call for evidence on transaction reporting simplification, ESMA has identified the main challenges in the current reporting frameworks, and the most promising approaches to overcome them: instrument‑based and dual-side simplifications and the implementation of a “report once” framework across EMIR, MiFIR and SFTR in the long term.

Most respondents indicated that overlapping and inconsistent reporting requirements, frequent and unsynchronised regulatory changes, fragmented reporting channels and dual reporting are major drivers of cost and complexity.

The report aims to address fragmentation in the current reporting landscape, characterised by overlapping EU, national and statistical reporting regimes, inconsistent data definitions and limited data reuse. It identifies key shortcomings including duplication, semantic inconsistencies and data gaps, which hinder supervisory effectiveness and increase the reporting burden for market participants.

To resolve these issues, ESMA proposes a single, integrated and dynamic reporting framework built on a modular structure. Core elements include a common reporting template applicable across funds, complemented by additional modules tailored to fund characteristics, risk profiles and supervisory needs. The framework is supported by a harmonised regulatory data dictionary ensuring consistent definitions, a “report once, use many times” architecture, and the systematic use of standard identifiers.

The report recommends maintaining national data collection while introducing a centralised EU data hub for validation, storage, analytics and data sharing among authorities. Centralised validation rules and common analytics are expected to improve data quality and enable cross-border supervisory convergence. Proportionality principles are embedded through differentiated data granularity, scope and reporting frequency, with a baseline monthly frequency and potential event-driven reporting.

Implementation is envisaged through a phased approach. Phase 1 focuses on consolidating AIFMD and UCITS reporting via RTS and ITS to be developed by April 2027, with potential go-live from 2029. Phase 2 extends integration to MMFR and statistical frameworks.

The report highlights the need for significant resources, governance arrangements and stakeholder engagement, while acknowledging legal constraints that may limit full integration in the short term.

On 4 May 2026, the ESMA published its Interim Report on the Simplification of Financial Transaction Reporting which summarises feedback received to its June 2025 Call for Evidence (CfE) on simplifying and harmonising transaction reporting under Regulation (EU) No 600/2014 on markets in financial instruments (MiFIR), Regulation (EU) No 648/2012 on OTC derivatives, central counterparties and trade repositories (EMIR), and Regulation (EU) 2015/2365 on transparency of securities financing transactions (SFTR). The report validates that market participants broadly agree with ESMA’s identification of the main cost drivers in EU transaction reporting, notably duplicative reporting obligations, dual-sided reporting, fragmented reporting channels, inconsistent data standards, and frequent unsynchronised regulatory changes.

ESMA confirms that two simplification approaches merit further assessment. First, Option 1a would simplify reporting by delineating obligations based on instrument type, notably separating exchange-traded derivatives (ETDs) and over-the-counter (OTC) derivatives while revising dual-sided reporting requirements under EMIR and SFTR. Second, Option 2a would implement a long-term “report once” framework integrating MiFIR, EMIR, and SFTR reporting into a single harmonised reporting architecture. ESMA notes that stakeholders strongly rejected Option 1b (event-based delineation) and Option 2b (broader integration including additional regimes such as REMIT or Solvency II).

The report highlights broad support for reducing reconciliation burdens linked to dual-sided reporting and for simplifying reporting channels through greater harmonisation and potential centralisation. Stakeholders also stressed the importance of preserving supervisory data quality, maintaining alignment with international standards, and implementing reforms through phased and proportionate approaches supported by detailed cost-benefit analyses (CBAs). ESMA confirms that an independent consultancy is currently conducting a comprehensive CBA covering both market participants and competent authorities.

The Final Report, including legislative recommendations and detailed CBAs, is expected by July 2026 and will be submitted to the European Commission.

On 5 May 2026, the European Commission published Commission Delegated Regulation supplementing EMIR (Regulation (EU) No 648/2012) by specifying the European Banking Authority (EBA) fee methodology and payment modalities for validation of pro forma collateral calculation models under Article 11(3) EMIR.

The Regulation implements provisions introduced by EMIR 3, which assigns the EBA a central validation role for pro forma based models used by certain financial and non-financial counterparties to calculate collateral requirements for non-centrally cleared OTC derivatives. To recover the costs of this function, the EBA is mandated to charge annual fees to counterparties using validated models.

The Regulation establishes that fees must be based on a full cost-recovery principle and be proportionate to the average notional amount of relevant derivatives portfolios over a 12 month reference period. It specifies detailed rules for calculating this notional amount, including a standard methodology based on converting initial margin amounts into equivalent notional exposures, as well as alternative simplified approaches and threshold-based estimation options.
It introduces differentiated fee structures:

• Ongoing annual fees allocated proportionally across counterparties based on their relative notional exposures;
• Transitional fees for models already in use before EMIR 3, covering the period from the EBA readiness date;
• Fixed initial fees for new models, set at EUR 500,000 per model (shared among applicants), with transitional arrangements depending on validation timing.

The Regulation also sets out:

• The EBA’s methodology for estimating annual costs (including validation activities, IT tools, and administration);
• Obligations for counterparties to submit required data (including notional calculations and billing information);
• Payment modalities, including invoicing, deadlines (45 days), and late payment interest.

The Regulation enters into force 20 days after its publication in the Official Journal and applies directly across Member States.

On 12 May 2026, the European Securities and Markets Authority (ESMA) published its updated Manual on pre-trade and post-trade transparency under MiFID II/MiFIR which provides consolidated Level 3 guidance to promote consistent supervisory practices and clarify the application of transparency requirements across EU markets.

The Manual serves as a convergence tool, bringing together existing Q&As, new guidance, and explanations of legal provisions to support competent authorities and market participants in implementing transparency obligations. It covers pre- and post-trade transparency requirements, transparency calculations, and reporting to consolidated tape providers (CTPs) across equity, equity-like, and non-equity financial instruments. The updates brought to the manual are listed in the table pages 12 to 21.

The document details the scope of transactions and instruments subject to transparency, including the conditions under which trades must be made public and the distinction between on-venue and off-venue transactions. It provides guidance on reporting responsibilities, including the definition of the reporting entity, timing of publication, and required data fields. It also clarifies the use of deferral regimes for large or illiquid transactions and explains the application of transparency flags and aggregation mechanisms.

In addition, the Manual explains transparency calculations used to determine liquidity and thresholds, noting the progressive replacement of legacy systems such as FITRS with transaction reporting data. It reflects updates linked to the MiFIR review and RTS amendments, including changes applicable from 2025 and 2026.

Overall, the Manual aims to enhance the quality, consistency, and comparability of transparency data, supporting investor protection, market integrity, and the effective functioning of EU financial markets.

On 8 May 2026, the ECB published its report on good practices for climate and nature-related risk stress testing, providing illustrative examples observed in banks following the 2022 ECB climate risk stress test and subsequent follow-up activities conducted between 2023 and 2025. The report aims to support banks in strengthening their climate and nature-related stress-testing capabilities, in particular in light of the ECB Guide on climate-related and environmental risks and the upcoming EBA Guidelines on environmental scenario analysis, which will apply from 1 January 2027.

The ECB notes that significant institutions have made progress since 2022, with all significant institutions having integrated climate risk into their stress-testing frameworks by the end of 2024. However, the report highlights that further improvements remain necessary to ensure frameworks are comprehensive and modelling approaches sufficiently robust.

The good practices cover three main areas.

• First, banks are expected to define the scope of climate stress-testing frameworks based on materiality assessments, include portfolios materially exposed to climate and nature-related risks, and consider both transition and physical risk scenarios across different time horizons.
• Second, the report underlines the importance of granular data, including sector classification, geolocation data, greenhouse gas emissions data and energy performance certificate data, while acknowledging persistent data limitations. - Third, the ECB identifies more advanced modelling practices for integrating climate risks into credit risk parameters, including probability of default and loss given default models.

The 2026 update places particular emphasis on physical risk modelling and emerging approaches for nature-related risks. Good practices include the use of granular hazard-specific indicators, modelling damages to collateral values and corporate financials, and exploratory scenario analysis for risks linked to natural resource scarcity, degradation and environmental regulation.

The report is non-binding and does not introduce new regulatory requirements or supervisory expectations. It provides illustrative practices to support banks’ internal development of climate and nature-related stress-testing frameworks, taking into account proportionality, materiality and institution-specific circumstances.

On 8 May 2026, the ECB published an updated report on good practices for climate and nature risk management, presenting observations gathered through its five-year supervisory programme on climate and nature-related risks conducted between 2020 and 2025. The report updates the original 2022 publication and reflects the progress made by significant institutions in integrating climate and nature-related risks into their governance, strategy, risk management and capital adequacy frameworks.

The report is intended to support institutions in strengthening their management of climate and nature-related risks, particularly in light of the ECB Guide on climate-related and environmental risks and the EBA Guidelines on the management of ESG risks, which became applicable to most institutions from 11 January 2026.

The publication provides illustrative examples of observed practices across five main areas: business strategy, governance and risk appetite, risk management, capital adequacy, and nature-related risks. It highlights how institutions increasingly integrate prudential transition planning into their strategic frameworks, including the use of climate targets, portfolio alignment metrics, transition-related key risk indicators and client transition plan assessments.

The report also identifies emerging practices for the management of physical and nature-related risks. Examples include the integration of biodiversity and ecosystem-related indicators into risk appetite frameworks, the use of geolocation and environmental datasets to assess physical risks, and the development of due diligence and scoring methodologies for nature-related exposures. The ECB notes that methodologies for nature-related risks remain at an early stage but that institutions have significantly expanded their capabilities since 2022.

In addition, the report outlines good practices related to governance and remuneration, internal reporting and data governance, collateral valuation, loan pricing, expected credit loss calculations, stress testing and ICAAP integration. The ECB emphasises that institutions are increasingly incorporating climate and nature-related considerations into credit risk models, capital adequacy assessments and long-term strategic planning.

The report does not create new legal or supervisory requirements and remains non-binding. The ECB states that the examples are intended solely as illustrative practices that institutions may adapt depending on their size, business model, risk profile and degree of exposure to climate and nature-related risks.