On 13 January 2026, the European Securities and Markets Authority (ESMA) announced that it had adopted a new Digital Strategy and updated its Data Strategy.
Data Strategy
The Data Strategy 2023–2028 has been updated to reflect the focus on burden reduction, the evolving technological landscape, and ESMA’s desire for unlocking efficiency opportunities. While
On 13 January 2026, the G7 Cyber Expert Group (G7 CEG) issued a statement on advancing a coordinated roadmap for the transition to post-quantum cryptography in the financial sector. The statement follows an earlier statement that the G7 CEG issued in September 2024 which highlighted the benefits and risks associated with quantum computing.
On 12 January 2026, the International Regulatory Strategy Group (IRSG) published a report mapping how jurisdictions are approaching artificial intelligence (AI) in financial services. The report identifies where global coherence is emerging and outlining practical steps for policymakers and regulators to promote the safe and responsible innovation of AI.
Key findings
On 17 December 2025, the Joint Committee of the European Supervisory Authorities (ESAs) issued a report setting out its response to the European Commission’s request under Article 58(3) of Regulation (EU) 2022/2554 (DORA) to assess whether statutory auditors and audit firms should be subject to strengthened digital operational resilience requirements by
On 17 December 2025, the European Banking Authority (EBA) published a letter (dated 21 November 2025) that it had sent to John Berrigan, DG FISMA, and Roberto Viola, DG CNECT, regarding the outcome of its AI Act mapping exercise. In the Annex to the letter, the EBA sets out a detailed identification of
On 21 November 2025, the European Banking Authority (EBA) issued a factsheet on the AI Act and its implications for the EU banking and payments sector.
The factsheet notes that there are not significant contradictions between the EU’s AI Act, which entered into force in August 2024, and EU banking and payments legislation.
On 17 October 2025, the European Securities and Markets Authority (ESMA) updated its Q&As under the Markets in Crypto-Assets Regulation (MiCA) with two new entries (Q&A 2653 and Q&A 2654). The updates provide further clarification on (i) how to distinguish between different execution services, and (ii) the treatment of
On 10 October 2025, the Financial Stability Board (FSB) issued a report that examines how financial authorities can monitor artificial intelligence (AI) adoption and assess related vulnerabilities. The report builds on the FSB’s 2024 report and incorporates findings from a member survey on AI monitoring approaches, interviews with member authorities, publicly
On 9 October 2025, the European Banking Authority (EBA) published a report on tackling money laundering and terrorist financing risks in Cryptoasset services, including what can be learned from recent supervisory cases across the EU and how competent authorities can strengthen their approach to supervision.
Key findings
The report summarises lessons learnt from
On 20 August 2025, Commission Delegated Regulation 2025/885, supplementing the Regulation on markets in crypto-assets 2023/1114 (MiCA) with regard to regulatory technical standards (RTS) on market abuse, was published in the Official Journal of the European Union.
The RTS specify regulations regarding systems and controls, templates for reporting, and co-operation