Slaughter and May | Sabine Dittrich | Jan Putnis

European Union | United Kingdom | USA

This article is an extract from In-Depth: Banking Regulation, Edition 16Click here for the full guide.

Introduction

This chapter provides an introduction to the most important EU legislation affecting the regulation of banks. It also analyses developments that have led to, and that are likely to continue to lead to, the concentration of regulatory powers in EU supervisory authorities.

European regulatory and supervisory framework

Rule setting process

The European Commission (the Commission) represents the interests of the EU as a whole and has the sole authority to propose new EU legislation. The Council of the European Union (the Council) represents the interests of the individual Member States, while the European Parliament (the Parliament) represents the interests of EU citizens and is directly elected by them.

The Commission, after consultation with interested stakeholders, will put forward a legislative proposal for joint adoption by the Council and the Parliament, which then usually goes through the ordinary legislative procedure (previously known as the co-decision procedure). In addition to its role in adopting legislation proposed by the Commission, the Parliament has limited power to request that the Commission submit appropriate proposals on matters in respect of which it considers an EU legislative measure would be appropriate.

In developing financial services legislation, the EU institutions follow the ‘Lamfalussy approach’. This is a four-tiered procedure that involves the following:

  1. framework legislation proposed and adopted under the ordinary legislative procedure as a legislative act. Individual articles in that legislation specify where power is delegated to the Commission to adopt Level 2 measures (Level 1);
  2. implementing measures drafted and adopted by the Commission, following advice from the European supervisory authorities (ESAs) (Level 2);
  3. Q&As and guidelines published by the ESAs on the implementation and interpretation of the rules and principles (Level 3); and
  4. supervision and enforcement, principally by the regulators in each Member State (Level 4).

The supervision of the financial sector is conducted at both micro-prudential and macro-prudential levels by different EU and national supervisory bodies.

Banking union

For banks, the EU has developed an integrated financial framework, the banking union. It comprises:

  1. a new role for the European Central Bank (ECB), giving it responsibility for the prudential regulation of all credit institutions (meaning all banks, mutuals and other deposit-taking entities) established in the eurozone, resulting in a single supervisory mechanism (SSM) for banking supervision;
  2. a harmonised recovery and resolution framework for credit institutions and other systemic firms in the eurozone based on the Commission’s current proposals in this area, resulting in a single resolution mechanism (SRM); and
  3. a single prudential rule book applicable across the European Union.

Single supervisory mechanism

The legislation establishing the SSM includes two regulations: one conferring supervisory tasks on the ECB (the SSM Regulation)1 and the other modifying the regulation establishing the European Banking Authority (EBA) (the EBA Amending Regulation).2 These are supplemented by the SSM Framework Regulation, which sets out detailed procedures for the SSM.

The SSM Regulation is the key piece of legislation establishing the SSM elements of the banking union. The key elements of the SSM Regulation include:

  1. direct supervisory responsibility for the ECB over significant credit institutions (generally, those with assets of more than €30 billion, representing more than one-fifth of a Member State’s national output (where those total assets exceed €5 billion) or with a ratio of cross-border assets or liabilities to total assets or liabilities (respectively) that exceeds 20 per cent). Other banks largely remain under the supervision of national regulators in the participating Member States. However, the ECB does have a supervisory role for licensing and authorising credit institutions, and for assessing the qualifying holdings of all credit institutions;
  2. the ECB should issue regulations, guidelines or general instructions to national supervisors for the performance of their supervisory responsibilities; and
  3. investigatory and enforcement powers for the ECB. It may impose fines of up to twice the amount of the profits gained or losses avoided as a result of a breach (where these can be determined) or up to 10 per cent of the total annual turnover of a legal person in the preceding business year. It does not, however, have the power to impose sanctions on individuals.

Single resolution mechanism

The SRM Regulation3 has been fully effective since 1 January 2016. Its key elements are as follows:

  1. a Single Resolution Board (SRB). The SRB’s main role is to assess whether an individual bank needs to be placed under resolution, and to determine the application of the resolution tools and use of the Single Resolution Fund (SRF);
  2. the SRF, which is funded through contributions made by all banks established in participating Member States – the level of contributions payable by banks reflects their respective size and business model; and
  3. a resolution mechanism that is intended to reflect the mechanism used by national authorities under the Bank Recovery and Resolution Directive (BRRD),4 discussed below. The framework includes preparatory and preventive measures, early intervention measures and resolution tools, including bail-in.

The ‘Single Rulebook’

The Commission has committed itself to replacing separately implemented rules within Member States with a single set of harmonised prudential rules within the EU, termed the ‘Single Rulebook’. The ESAs advance this project by developing draft technical standards, which are adopted by the Commission as EU law, and by issuing guidance and recommendations with which national supervisors and firms must make every effort to comply. In addition, the Commission’s legislative proposals are increasingly taking the form of directly applicable EU regulations, or otherwise employ the ‘maximum harmonisation’ principle. This principle requires that national legislative implementation should not exceed the terms of the original EU legislation, and therefore prohibits the gold-plating of EU legislation by individual Member States. The Commission’s intention is that national discretion should be reduced, and that Member States should be permitted to apply stricter requirements to banks only where these are justified by national circumstances, financial stability or a bank’s specific risk profile.

ESAs

The Commission established a European System of Financial Supervision (ESFS) comprising the three ESAs: the EBA, the European Insurance and Occupational Pensions Authority (EIOPA) and the European Securities and Markets Authority (ESMA). The ESAs have significant powers:

  1. to develop binding technical standards in connection with specific areas of existing directives;
  2. to ensure the consistent application of EU rules by national regulators, including requesting the Commission to make decisions binding on national regulators;
  3. in cases designated by the Council as emergency situations, to make decisions that bind national regulators or to intervene directly in the supervision of financial institutions in limited cases. In these circumstances, the ESAs also have the power to require national regulators to take necessary action in accordance with EU law where developments threaten the orderly functioning and integrity of financial markets or the stability of the whole, or part, of the financial system of the EU; and
  4. to arbitrate disagreements between national regulators, including making decisions that bind regulators to end disagreements, and to address decisions to financial institutions if a national regulator does not comply with a decision made by ESMA in respect of requirements directly applicable to the institutions (i.e., under EU regulations).

In 2019, the role of the ESAs was further strengthened5 including in respect of stronger coordination of supervision across the EU, whereby the ESAs were given power to set EU-wide supervisory priorities and to monitor authorities’ practices in several areas, including by issuing no-action letters or allowing banks, fund managers and investment firms to delegate and outsource business functions to non-EU countries. Additional changes leading to a stronger role of the ESAs are on the horizon, particularly for ESMA.

AMLA

To further centralise the supervision of the financial sector (amongst others) and in particular to strengthen the EU’s ability to monitor and prevent financial crime, a new European authority for countering money laundering and financing of terrorism (AMLA) was established in June 2024 under the Anti-Money-Laundering Authority Regulation (AMLR). AMLA started initial operational tasks under the responsibility of the Commission and will be fully operational from 2026 with direct and indirect supervisory powers over certain high-risk financial sector entities from 2028. AMLA will have the power to monitor compliance with the EU sanctions regime, receive reports from whistle-blowers and settle disagreements between colleges of supervisors. The EBA will remain responsible in the EU for anti-money laundering and countering terrorist financing until AMLA becomes fully operational.

Prudential Regulation

Capital requirements framework

The central part of the EU’s response to the Basel III framework was the CRD IV Directive6 and the Capital Requirements Regulation (CRR)7 (together, CRD IV). CRD IV was subsequently amended in 2019 by CRD V and in 2024 by CRD VI.

CRD IV introduced prudential rules for banks on a solo and on a consolidated basis, including solo and consolidated capital and liquidity requirements. Consolidated supervision is, broadly, carried out in respect of groups or subgroups headed by parent undertakings incorporated in the European Economic Area (EEA).8 In addition, banks are required to include participations9 within the scope of consolidated supervision.

CRD IV introduced:

  1. new liquidity standards (a 30-day liquidity coverage ratio to promote short-term resilience to the risk that liquidity will cease to be available to a bank, and a net stable funding ratio to promote resilience to liquidity risks over longer periods), and a set of common monitoring metrics and application standards;
  2. measures to strengthen capital through the redefinition of capital into Common Equity Tier 1, Additional Tier 1 and Tier 2 with minimum ratios for Common Equity Tier 1 and total Tier 1 capital set at 4.5 and 6 per cent, respectively;
  3. new capital conservation and countercyclical capital buffers, which apply on top of the increased capital ratios and are intended to address the procyclicality inherent in risk-based capital standards. The capital conservation buffer is set at 2.5 per cent of risk-weighted assets and must consist of common equity, with the bank’s ability to make distributions limited if its capital ratio falls into the buffer. The countercyclical capital buffer is intended to supplement the capital conservation buffer and is set by national regulators and used as a tool to require banks to build up capital during periods of credit growth. This buffer must also be met by common equity;
  4. a leverage ratio acting as a cap on the ratio of banks’ Tier 1 capital to total non-weighted assets and off-balance sheet exposures, intended to form a backstop to risk-based capital measures; and
  5. new rules on counterparty credit risk (increasing requirements in respect of exposures arising from derivatives, repurchase transactions (repos) and securities financing activities).

CRD IV also introduced EU specific rules and:

  1. strengthened requirements on corporate governance arrangements and processes, including risk-management;
  2. strengthened sanctioning powers where banks breach CRD IV requirements, including the establishment of minimum administrative sanctions to be applied by national regulators;
  3. reduced the banks’ reliance on external credit ratings, including requirements for banks to develop internal models to assess risks in portfolios and related exposures; and
  4. introduced a bonus cap under which the variable remuneration of material risk-takers (and others) at banks is ordinarily limited to 100 per cent of their fixed remuneration, but can be increased, subject to shareholder approval under certain circumstances, to 200 per cent.

The CRR II10 and the CRD V Directive11 (together, CRD V) made significant amendments to CRD IV, introducing:

  1. a 3 per cent binding leverage ratio to prevent institutions from taking on excessive leverage, for example to compensate for low profitability;
  2. a binding net stable funding ratio, which requires institutions to finance their long-term activities (assets and off-balance sheet items) with stable sources of funding (liabilities); and
  3. a total loss-absorbing capacity (TLAC) requirement for global systemically important institutions (G-SIIs) to hold minimum levels of capital and other instruments that bear losses in resolution by setting the minimum requirement for own funds and eligible liabilities (MREL).

CRD V introduced proportionality measures for smaller and less complex institutions in respect of some disclosure, reporting and complex rule book-related requirements. It also required certain banks headquartered in third countries to set up an intermediate holding company for their EU subsidiaries.

The latest reform package12 consisting of the CRR III and the CRD VI Directive (together, CRD VI) came into force on 9 July 2024. CRD VI implements the remaining Basel III reforms, including:

  1. in respect of credit risk, revisions to both the standardised approach and the internal ratings-based (IRB) approach. The standardised approach will be updated, including in respect of off-balance sheet items, exposures to credit institutions and corporates, equity exposures and certain real estate exposures. For banks using internal models in accordance with the IRB approach, an ‘output floor’ will be introduced setting a lower limit on the capital requirements. The output floor is set as a percentage of the capital requirement that would apply if the bank used the standardised approach instead. It will apply at both consolidated and solo or individual level and will be subject to transitional arrangements, coming into force fully by 2030;
  2. in respect of market risk, a number of additional provisions implementing Basel III standards for banks with wholesale trading activities (the Fundamental Review of the Trading Book (FRTB)). This will elevate the existing alternative standardised approach (A-SA) and alternative internal model approach (A-IMA) from reporting requirements to fully fledged own funds requirements replacing the existing internal models approach (IMA). The reforms also include new mandates for the Commission to specify certain elements of the market risk framework based on the EBA technical standards;
  3. in respect of operational risk, the existing provisions will be replaced entirely. The new rules will introduce a simplified risk-based calculation of capital requirements (referred to as the ‘business indicator component’), which will be calculated based on a ‘business indicator’, a new metric derived from the banks’ financial statements; and
  4. in respect of credit valuation adjustment (CVA) risk, the calculation of the CVA will be revised to introduce three possible approaches: (1) the ‘standardised approach’ based on internally-modelled fair value sensitivities to specified risk factors (which will be available only to banks with a dedicated risk management and CVA risk hedging desk and subject to prior approval of the competent authority); (2) the ‘basic approach’, which calculates a CVA capital requirement for each counterparty; and (3) the ‘simplified approach’ based on the counterparty credit risk.

CRD VI also contains EU-specific reforms, including:

  1. a new regulatory framework for third-country branches;
  2. enhanced supervisory powers of competent authorities in respect of banks’ acquisitions of material holdings in other entities, mergers and divisions, and material transfers of assets and liabilities;
  3. a harmonised ‘fit and proper’ regime for key function holders in banks; and
  4. measures to ensure credit institutions incorporate environmental, social and governance (ESG) risks into their risk management systems.

The majority of CRR III has applied since 1 January 2025. The Commission decided last summer to delay part of the FRTB on the calculation of own funds for market risk to January 2026. Amendments to the related disclosures have likewise been postponed by technical standards of the EBA, which also confirmed that the rules on the boundary between the trading and non-trading books will not be actioned until 2026. Similarly, the EBA extended its existing no-action letter in relation to FRTB reporting requirements under CRR II. Given persistent uncertainty as to the implementation of the FRTB in the US and the UK, the Commission is considering its own options, including by further delaying the FRTB framework.

The directive under the CRD VI package has to be transposed into national law by 10 January 2026 and will apply by 11 January 2026.

BRRD and resolution and recovery

The BRRD established new tools and powers for resolution authorities to deal with crises, including:

  1. rules requiring banks to prepare recovery plans and requiring resolution authorities to prepare resolution plans based on consultations with the institution concerned;
  2. new powers facilitating supervisory intervention at an early stage of, and during, a crisis, designed to prevent a failure of the institution (such as the power to require a bank to implement its recovery plan); and
  3. new tools to deal with the failure of the institution once it occurs (such as sale-of-business bridge institution, asset-separation and bail-in mechanisms).

The BRRD also introduced new procedures for cross-border cooperation.

In November 2016, the Commission adopted BRRD II which made significant amendments to the BRRD. The purpose of these reforms, which form part of the Commission’s efforts to implement the TLAC requirements, was primarily to amend existing MREL provisions to align them with the TLAC requirement. The reforms included:

  1. targeted amendments to the insolvency ranking of holders of debt instruments issued by EU banks for the purposes of the BRRD and TLAC requirements concerning loss absorption and recapitalisation capacity of banks;
  2. a requirement for contractual recognition of (1) the fact that a relevant liability may be subject to write-down and conversion powers; and (2) resolution stay powers in the BRRD; and
  3. a moratorium power on banks’ payment or delivery obligations.

BRRD II had to be transposed into national law by Member States by 28 December 2020. The BRRD II is expected to be further amended as part of the CMDI Reforms (see further below).

The CRR and the BRRD were further amended by a new regulation13 (the Daisy Chain Regulation) that largely came into force on 14 November 2022 (although certain amendments only took effect from 1 January 2024). The Daisy Chain Regulation focused on:

  1. improving the resolvability of G-SIIs by incorporating dedicated treatment for the indirect subscription for instruments eligible for internal MREL;
  2. further aligning the treatment of G-SII groups with a multiple point-of-entry resolution strategy with the TLAC requirement; and
  3. clarifying the eligibility of instruments in the context of internal TLAC.

It also introduced a requirement for intermediate holding companies in banking groups to deduct their holdings of internal MREL capital (i.e. instruments issued by their subsidiaries belonging to the same resolution group).

An additional Daisy Chain Directive14 made further targeted amendments to the SRM Regulation and BRRD to:

  1. remove, in certain circumstances, the liquidation entities from the scope of MREL requirements. Liquidation entities are entities that, in accordance with the relevant bank’s resolution plan, are planned to be wound down in the normal insolvency process; and
  2. subject to certain conditions, give competent authorities the power to set internal MREL on a consolidated basis. Where the power is exercised, intermediate entities in the affected banking group will not be subject to the requirement (introduced by the Daisy Chain Regulation) to deduct their individual holdings of internal MREL capital from their MREL resources (the Commission identified these deductions as disproportionately detrimental to certain banking groups).

Member States had to transpose the changes to the BRRD by 13 November 2024, and apply those changes from 14 November 2024. The changes giving resolution authorities the power to set internal MREL on a consolidated basis have applied since 13 May 2024, and the changes in respect of liquidation entities have applied from 14 November 2024.

Deposit protection

DGSD

The Deposit Guarantee Scheme (DGS) has been established by the Deposit Guarantee Scheme Directive15 (DGSD) requiring Member States to provide minimum levels of protection to depositors of banks on a national level. The minimum deposit coverage level is currently €100,000.

On 2 July 2014, a recast version of the DGSD16 came into force. Its key provisions include:

  1. reducing the time permitted for payout from 25 to 7 working days by 2024, requiring managers of schemes to inform authorities of likely bank failures (to facilitate payouts on the shorter timeline) and requiring banks to be able to provide a breakdown of the aggregated deposits of a depositor at any time;
  2. requiring the provision of standard information to depositors about the scheme that applies to them;
  3. requiring funds of schemes to reach 0.8 per cent of covered deposits within 10 years of the Directive coming into force. The Commission may permit a Member State to set a lower level (although not less than 0.5 per cent) where that Member State has a concentrated banking sector; and
  4. introducing a principle of risk-based contributions, whereby riskier banks are required to make greater contributions to the relevant DGS.

The DGSD is expected to be further amended as part of the CMDI Reforms (see below).

European deposit insurance scheme

In November 2015, the Commission adopted a legislative proposal for a regulation establishing a European deposit insurance scheme (EDIS). The proposal reflects the Commission’s concern that national DGSs established under the amended DGSD may be vulnerable to large local events, and forms one of the key components of the proposals for a European banking union. The Commission’s proposals would only apply in Member States that are participants in the SSM.

Under the legislative proposals, the EDIS would provide a harmonised EU deposit-insurance framework to participating DGSs, funding a participating DGS where it is required to contribute to a resolution or make a payout under the DGSD. This would be funded by risk-based contributions paid by banks to a deposit insurance fund.

On 11 October 2017, the Commission – noting that it had been two years since the presentation of the EDIS proposal, which remains on the table unchanged – proposed revisions to the operation of the EDIS regulation, with a view to ensuring agreement by the end of 2018. These revisions included introducing the EDIS in a more gradual manner, starting with a more limited reinsurance phase and moving gradually to co-insurance. This approach was confirmed on 4 March 2024, in a draft report issued by the Parliament. The Parliament recommended the EDIS be established in three sequential stages, beginning with a reinsurance scheme that covers the liquidity shortfall and excess losses of participating DGSs. This would be followed by a co-insurance scheme designed to gradually increase the share of liquidity and losses of participating DGSs covered by the EDIS and finally resulting in a full insurance scheme covering the liquidity shortfalls and losses of participating DGSs entirely. At the time of writing no further progress has been achieved.

The bank crisis management and deposit insurance reforms

The SRM Regulation, BRRD and the DGSD together form the bank crisis management and deposit insurance (CMDI) legislative framework. The Commission adopted legislative proposals to reform the CMDI in April 2023 (CMDI Reforms).

The purpose of the CMDI Reforms is to address the findings of the CMDI review and in particular to incentivise competent authorities to use their resolution powers in responding to the failure of small and medium-size banks (as opposed to bailouts) and to improve the depositor protection framework.

The proposals comprise three pieces of primary legislation: a directive amending the BRRD,17 a regulation amending the SRM Regulation18 and a directive amending the DGSD.19 The main changes introduced by these proposals are as follows:

  1. revising the provisions on early intervention measures in the BRRD and the SRM Regulation;
  2. introducing new cooperation and notification duties in the run-up to resolution;
  3. updating the resolution objectives to state that industry funding is preferable to taxpayer funding and that resolution should both protect depositors and minimise the losses for the DGS to discourage using national insolvency proceedings where they are more costly than the exercise of resolution powers;
  4. clarifying provisions relating to the resolution process, including on use of public funds and the DGS in resolution, triggers for resolution, hierarchy of claims on resolution (with depositors ranking above all unsecured creditors) and insolvency processes where resolution is not appropriate;
  5. certain limited amendments to BRRD and SRM provisions on MREL; and
  6. amendments to various provisions of DGSD and the scope of its protections, including harmonising protected amounts of temporary high balances (€500,000), revising the process for repayment from DGS, claims against DGS and use of DGS funds (both in resolution and as a preventative measure).

At the time of writing, the CMDI is in trilogue negotiations.

Securities markets

The Markets in Financial Instruments Directive and the Markets in Financial Instruments Regulation

The Markets in Financial Instruments Directive (MiFID)20 is very important to the large number of EU banks that provide investment services as well as carry on deposit-taking and lending activities, and also imposes a number of organisational requirements that apply to all banks regardless of the services that they provide. Although the effect in each Member State has varied, MiFID had some key consequences for the investment services market in the EEA as a whole:

  1. the scope of regulation of the investment services sector required by EU law was expanded, with the addition of important new regulated investment services and products;
  2. as a result, the investment services passport enabled firms to provide a wider range of investment services on a cross-border basis, or from branches within the EEA;
  3. national-level barriers to investment services within the EU single market were reduced;
  4. important core business standards for investment services were prescribed in detail at the EU level; and
  5. the rules applying to different securities trading venues were harmonised to a significant degree, resulting in a wider range of regulated trading venues, such as multilateral trading facilities (MTFs).

A legislative package amending MiFID (MiFID II) came into force on 2 July 2014, comprising the MiFID II Directive21 and the Markets in Financial Instruments Regulation (MiFIR).22

Key elements of MiFID II include the following:

  1. a new type of trading venue, the organised trading facility (OTF), was brought within the scope of MiFID II. OTFs are subject to the same core requirements for a trading venue’s operation as existing platforms, and are defined broadly to capture all forms of organised trading not matching existing categories;
  2. all trading of derivatives that are eligible for clearing and are sufficiently liquid was moved to regulated markets, MTFs or the new OTFs;
  3. improved transparency of trading activities in equity markets, including dark pools, and a new trade transparency regime for non-equity markets;
  4. new safeguards for algorithmic and high-frequency trading activities;
  5. in coordination with ESMA or the EBA and under defined circumstances, supervisors were given the ability to ban specific products, services or practices in the case of threats to investor protection, financial stability or the orderly functioning of markets;
  6. new powers for regulators to monitor and intervene in commodity derivatives trading, including the imposition of position limits;
  7. stricter requirements for portfolio management, investment advice and the offer of complex financial products, such as structured deposits; and
  8. a ban (subject to exceptions) on third-party inducements in the case of portfolio management and for firms providing independent advice.

The most recent significant amendments of the MiFID II Directive and MiFIR23 entered into force on 28 March 2024. The amendments sought to promote market transparency by enabling smaller and retail investors to access consolidated market data. The amendments also include changes relating to trade transparency, the share trading obligation and the derivatives trading obligation, a prohibition on payment for order flow (the practice of charging fees for transmitting client orders to trading platforms) as well as new rules on commodity derivatives.

Sustainability legislation

There are numerous sustainability initiatives that apply to EU banks (some of them under broader corporate reporting legislation), including in the context of CRR (as mentioned above). It is not the purpose of this chapter to provide an exhaustive overview of these initiatives.

The two initiatives worth mentioning, however, are

  • the Sustainable Finance Disclosure Regulation (SFDR),24 which sets out various sustainability reporting and disclosure obligations in respect of both products and services of financial market participants (which includes certain banks), and
  • the Taxonomy Regulation,25 which includes requirements relating to banks’ environmental claims and disclosures under the SFDR in relation to their activities and products.

Changes relating to the Taxonomy Regulation (and its delegated acts) are currently being discussed under the sustainability omnibus proposal26 of the Commission. Proposals for a review of SFDR is expected in the second half of 2025.

Non-securities markets

The Mortgage Credit Directive

The Mortgage Credit Directive27 introduced requirements in the EU for residential mortgage lending, and placed obligations on credit intermediaries and creditors in relation to, inter alia, advertising and marketing, standard pre-contractual information, calculation of the annual percentage rate of charge, creditworthiness and suitability assessments and advice, and also introduced a right of the borrower to make early repayment.

Payment services

The provision of payment services is regulated separately from the provision of banking services. The revised Payment Services Directive (PSD2)28 has harmonised conduct of business rules for all providers of payment services across the EU and created a tiered prudential authorisation regime for non-bank payment service providers, known as payment institutions. It affects banks, building societies, e-money issuers, money remitters, non-bank credit card issuers, non-bank merchant acquirers and their customers. PSD2 focuses on electronic means of payment, including direct debits, debit cards, credit cards, standing orders, mobile or fixed phone payments and payments from other digital devices, as well as money remittance services. It does not apply to physical cash-only transactions or paper cheque-based payments.

Electronic money institutions are partially affected by the PSD2 framework where they provide payment services in respect of electronic money. However, they are primarily subject to a separate set of rules for electronic money institutions under the Electronic Money Directive.29

Digital finance

On 29 June 2023, the Regulation on Markets in Crypto-assets (MiCA)30 came into force. MiCA forms part of the Commission’s digital finance strategy designed to support digital finance and promote innovation and competition, while mitigating against the risks that may arise from it.

In addition to MiCA, the the Digital Operational Resilience Act (DORA) has applied since 17 January 2025. DORA is accompanied by a directive seeking to align certain existing EU financial services directives. DORA covers a broad range of financial entities, including crypto-asset service providers and issuers, Central Counterparties (CCPs), trade repositories, credit rating agencies and insurance and reinsurance undertakings. It establishes a harmonised digital operational resilience framework across the EU financial sector, requiring the relevant financial entities to manage their information and communication technology risks effectively.

On 28 June 2023, the Commission adopted a legislative proposal for a regulation on a framework for financial data access (FIDA).31 The purpose of FIDA is to facilitate the transfers, access to and processing of business and consumer data relating to certain financial products and financial services and thereby pave the way towards an ‘open banking’ approach to financial services. FIDA builds on the existing EU legislation on data protection and PSD2 and introduces rules for data holders (for example, banks) to make customer data available to data users (other financial institutions) and to establish the necessary technical solutions and IT infrastructure for doing so. Providers of financial information services (FISPs) will be subject to a bespoke authorisation regime and related operational requirements. FIDA also strengthens the rights of customers and requires data holders to provide customers with easy access to their data. FIDA is currently in trilogue negotiations .

Outlook and conclusions

Legislative agenda of the next Council and Parliament

The EU elections took place in June 2024, starting a new EU legislative cycle (2024–2029). The legislative priorities for this new EU legislative cycle have since been published, with a strong focus on simplifying EU regulations, pulling back on certain sustainability initiatives and a continued focus on digital finance. With competitiveness of the EU financial sector high on the agenda, the further integration and promotion of the capital markets union and a savings and investment union as well as the revitalisation of the securitisation market will also be relevant.

This article was originally featured on Lexverify | Source