On 17 October 2025, the European Securities and Markets Authority (ESMA) updated its Q&As under the Markets in Crypto-Assets Regulation (MiCA) with two new entries (Q&A 2653 and Q&A 2654). The updates provide further clarification on (i) how to distinguish between different execution services, and (ii) the treatment of
On 10 October 2025, the Financial Stability Board (FSB) issued a report that examines how financial authorities can monitor artificial intelligence (AI) adoption and assess related vulnerabilities. The report builds on the FSB’s 2024 report and incorporates findings from a member survey on AI monitoring approaches, interviews with member authorities, publicly
On 9 October 2025, the European Banking Authority (EBA) published a report on tackling money laundering and terrorist financing risks in Cryptoasset services, including what can be learned from recent supervisory cases across the EU and how competent authorities can strengthen their approach to supervision.
Key findings
The report summarises lessons learnt from
On 30 September 2025, the Dutch Authority for Financial Markets (Autoriteit Financiële Markten, the AFM) issued a newsletter on the Markets in Crypto-Assets Regulation (MiCAR). In this newsletter, the AFM, among other things, provides an update on proprietary trading under MiCAR.
The AFM refers to the Q&As issued by the European
On 20 August 2025, Commission Delegated Regulation 2025/885, supplementing the Regulation on markets in crypto-assets 2023/1114 (MiCA) with regard to regulatory technical standards (RTS) on market abuse, was published in the Official Journal of the European Union.
The RTS specify regulations regarding systems and controls, templates for reporting, and co-operation
On 12 August 2025, the European Systemic Risk Board (ESRB) published a report that provides a compliance assessment on sub-recommendation A(1) of the ESRB recommendation of 2 December 2021.
Overview
On 2 December 2021, the General Board of the ESRB adopted Recommendation ESRB/2021/7 (Recommendation) on a pan-European systemic cyber incident coordination
On 16 July 2025, the European Central Bank (ECB) published a guide on outsourcing cloud services to cloud service providers.
The publication of the guide follows an earlier public consultation and the ECB has also published a feedback statement which provides an overview of the comments received and the ECB’s assessment of them.
On 12 June 2025, the Dutch Authority for the Financial Markets (Autoriteit Financiële Markten, the AFM) issued its latest newsletter outlining developments related to the Markets in Crypto-Assets Regulation (Regulation 2023/1114, MiCAR). A key focus of this update is the AFM’s supervisory strategy following the end of the transitional period.
After
On 14 May 2025, the European Parliament’s Economic and Monetary Affairs Committee published a draft report on the impact of artificial intelligence (AI) on the financial sector.
The report examines the use and impact of AI in the EU’s financial services sector and the regulatory landscape. The Rapporteur provides policy recommendations to enable
On 15 May 2025, there was published in the Official Journal of the EU a Corrigendum to Commission Delegated Regulation (EU) 2024/1774 of 13 March 2024 supplementing Regulation (EU) 2022/2554 with regard to regulatory technical standards specifying ICT risk management tools, methods, processes, and policies and the simplified ICT risk management framework. The Corrigendum amends