Search

The European Banking Authority (EBA) today launched a public consultation on the draft Guidelines on the sound management of third-party risk. The draft Guidelines focus on third-party arrangements in relation to non-ICT related services provided by third-party service providers and their subcontractors with a particular focus on the provision of critical or important functions. These Guidelines revise and update the previous EBA Guidelines on outsourcing, published in 2019, in line with the Digital Operational Resilience Act (DORA). The consultation runs until 8 October 2025.

The European Banking Authority (EBA) narrowed down the scope of its existing Guidelines on ICT and security risk management measures, due to the application of harmonised ICT risk management requirements under the Digital Operational Resilience Act (DORA) from 17 January 2025. These amendments aim at simplifying the ICT risk management framework and providing legal clarity to the market.

To enhance the information exchange between supervisory authorities within the European Union, also across different parts of the financial sector, the ESAs have developed an ESAs F&P Information System. The Joint Guidelines clarify its use and how data can be exchanged.

The European Banking Authority (EBA) and the European Securities and Markets Authority (ESMA) today published joint guidelines on the suitability of members of the management body, and on the assessment of shareholders and members with qualifying holdings for issuers of asset reference tokens (ARTs) and crypto-asset service providers (CASPs), under the Markets in Crypto Assets regulation (MiCAR).

The European Banking Authority (EBA) today published its final Guidelines on the assessment of adequate knowledge and experience of the management or administrative organ of a credit servicer as a whole, under the Non-Performing Loans Directive. The Guidelines aim at ensuring that the organs are suitable to conduct the business of the credit servicer in a competent and responsible manner.

The three European Supervisory Authorities (EBA, EIOPA and ESMA – the ESAs) today launched a second consultation related to the joint Guidelines on the system for the exchange of information relevant to fit and proper assessments. The consultation covers amendments extending the scope of the joint Guidelines to legal persons, thus ensuring the complete coverage of data subjects. These Guidelines aim to increase the efficiency of the information exchange between sectoral supervisors by harmonising practices and covering both natural and legal persons. The consultation runs until 15 January 2024.

​​​​​​​The European Banking Authority (EBA) and the European Securities and Markets Authority (ESMA) today published a Consultation Paper on two draft Joint Guidelines covering suitability assessment of members of the management body, and suitability of shareholders and members with qualifying holdings of issuers of asset referenced tokens (ARTs) and of crypto-asset service provider (CASPs). The guidance will provide clarity and harmonisation with respect to the criteria to assess the suitability of the management body, the shareholders and members with qualifying holdings, thus reducing the risk of arbitrage in the application of the rules. The consultation runs until 22 January 2024.

​​​​​​​The European Banking Authority (EBA), jointly with the European Securities and Markets Authority (ESMA), today published a Report assessing the implementation of the Shareholder Rights Directive 2 (SRD2). This assessment, carried out in response to a European Commission’s request, identifies areas for further progress and provides detailed suggestions for policy action, in relation to the Directive’s effectiveness, difficulties in practical application and the appropriateness of the scope of application.