On 14 May 2025, the European Parliament’s Economic and Monetary Affairs Committee published a draft report on the impact of artificial intelligence (AI) on the financial sector.
The report examines the use and impact of AI in the EU’s financial services sector and the regulatory landscape. The Rapporteur provides policy recommendations to enable
On 15 May 2025, there was published in the Official Journal of the EU a Corrigendum to Commission Delegated Regulation (EU) 2024/1774 of 13 March 2024 supplementing Regulation (EU) 2022/2554 with regard to regulatory technical standards specifying ICT risk management tools, methods, processes, and policies and the simplified ICT risk management framework. The Corrigendum amends
On 29 April 2025, the European Commission adopted a Delegated Regulation supplementing the Regulation on markets in crypto-assets (MiCA) with regard to regulatory technical standards (RTS) specifying the arrangements, systems and procedures to prevent, detect and report market abuse, the templates to be used for reporting suspected market abuse, and the coordination procedures
On 15 April 2025, the Financial Stability Board (FSB) published its finalised Format for Incident Reporting Exchange (FIRE), a global standardised format aimed at streamlining cyber and operational incident reporting and enhancing cross-border cooperation.
FIRE is a common framework that financial firms can use to report operational incidents, including cyber
On 11 April 2025 the European Commission (“the Commission”) launched a public consultation on the review of Regulation (EU) 2019/881 on the European Union Agency for Cybersecurity (ENISA) and on information and communications technology cybersecurity certification (Cybersecurity Act). The consultation forms part of the Commission’s simplification agenda, which is a key
On 9 April 2025 the European Commission (the Commission) launched a public consultation on the proposal for a Cloud and AI Development Act. The initiative forms part of the Commission’s AI Continent Action Plan that was published the same day. In the accompanying Call for Evidence, the Commission sets out background to its proposed
We have published a new online briefing note which discusses the draft Financial Data Access Regulation.
Our briefing note is here.
On 24 March 2025, the European Commission adopted a draft Delegated Regulation supplementing the Regulation on digital operational resilience for the financial sector (DORA) with regard to regulatory technical standards specifying the elements that a financial entity has to determine and assess when subcontracting ICT services supporting critical or important functions.
The draft
On 24 March 2025, there was published in the Official Journal of the EU (OJ), Commission Delegated Regulation (EU) 2025/420 of 16 December 2024 supplementing the Regulation on digital operational resilience for the financial sector (DORA) with regard to regulatory technical standards to specify the criteria for determining the composition of the joint
On 18 March 2025, the European Securities and Markets Authority published the official translations of the joint European Supervisory Authority (ESA) guidelines on the estimation of aggregated annual costs and losses caused by major ICT-related incidents under the Regulation on digital operational resilience for the financial sector (DORA).
The joint guidelines