The aim of the Pillar 2 processes is to enhance the link between an institution's risk profile, its risk management and risk mitigation systems, and its capital planning. Pillar 2 can be divided into two major components: (i) aimed at institutions, where those are expected to establish sound, effective and complete strategies and processes to assess and maintain, on an ongoing basis, the amounts, types and distribution of internal capital commensurate to their risk profiles (ICAAP), as well as […]
Issuers of asset-referenced tokens (ARTs) and electronic money tokens (EMTs) are required to hold the relevant authorisation to carry out activities in the EU. The relevant requirements are set out in the Markets in Crypto-assets Regulation (MiCAR) and are complemented by technical standards and guidelines developed by the EBA.
DocumentsStatement on the application of MiCAR to ARTs and EMTs | Priorities for the supervision of for ART and EMT issuersStatement on timely preparatory […]
The EBA identifies and addresses harm that arises for EU consumers as a result of their interactions with financial institutions. It does so for all retail banking products in the EBA’s scope of action, which are mortgage credit, consumer credit, payment accounts, payment services, electronic money, and deposits, including structured deposits. linksEBA's information for consumerESMA's Investor cornerEIOPA's Consumer ProtectionJoint Consultation on amendments to the PRIIPs KIDJoint ESAs […]
This page provides on overview of supervisory reporting requirements. With the entry into force of the CRD IV/CRR framework new reporting requirements become applicable which are defined by the EBA via technical standards or guidelines.A pathway for a more efficient and proportionate supervisory reporting.
DocumentsEBA Risk Reduction Package RoadmapsDecision on institutions ESG data ad-hoc collectionLinksOverview of IT solutions under CRR reporting | IT […]
The EBA has a statutory duty to monitor and assess market developments, including financial innovation, to achieve a coordinated approach and to provide advice to the co-legislators where needed. In 2026 the EBA has a priority to enhance the technological capacity of all stakeholders.In line with this mandate, the EBA continues a particular focus on i) artificial intelligence and machine learning, ii) crypto-asset markets, DLT use cases and iii) value chain evolutions […]
From 1 January 2026, responsibility for all EU‑level anti‑money laundering and counter‑terrorist financing (AML/CFT) tasks has moved from the European Banking Authority (EBA) to the new Anti‑Money Laundering Authority (AMLA).AMLA now develops and enforces the EU’s common AML/CFT rules, directly supervises selected high‑risk financial institutions, and coordinates the work of national Financial Intelligence Units (FIUs).For any AML/CFT‑related information going forward, please visit: https […]
This page presents the policy work undertaken by the EBA to promote transparency and enhanced public disclosures by financial institutions in order to reinforce market discipline.Following the recent updates to the regulatory frameworks for credit institutions and investment firms, and the publication in 2018 of the European Commission’s action plan on sustainable finance, the EBA is implementing a new policy strategy on institutions’ Pillar 3 disclosures that seeks to increase efficiency of […]
The EBA cooperates regularly and closely with the other two European Supervisory Authorities (ESAs), EIOPA and ESMA, through the ESAs' Joint Committee. The aim of this cooperation is to ensure cross-sectoral consistency of work and to reach joint positions in the area of supervision of financial conglomerates, under the Financial Conglomerates Directive (FICOD, 2002/87/EC). In this respect, the ESAs tasks include, in particular, contribution to the European Commission's fundamental review of […]
EU legislation requires that institutions have robust governance arrangements, including a clear organisational structure with well defined, transparent and consistent lines of responsibility, effective risk management processes, control mechanisms and gender neutral remuneration policies. The internal governance should be appropriate to the nature, scale and complexity of the institution. The main responsibility for internal governance lies with the management body, which is subject to […]
Investment firms authorised under the Markets in Financial Instruments Directive (MiFID) provide a range of services and activities to investors in financial markets. These services are essential for the functioning of the financial markets and include, among others, the reception and transmission of orders, the provision of investment advice, discretionary portfolio management and trading on own account.The population of investment firms across the EU is diverse and firms vary greatly in […]
The core aim of the large exposures regime is to act as a backstop to prevent an institution from incurring disproportionately large losses as a result of the failure of an individual client or group of connected clients due to the occurrence of unforeseen events. The objective of ensuring that risks arising from large exposures to individual clients or groups of connected clients are kept to an acceptable level is part of the overarching principles of prudential supervision, which are to […]
The leverage ratio is a measure which allows for the assessment of institutions’ exposure to the risk of excessive leverage. In accordance with the CRR, institutions have to report to their supervisors all necessary information on the leverage ratio and its components. In addition, institutions have to disclose information on the leverage ratio to the market. When necessary, the EBA updates its implementing technical standards providing uniform formats and modalities on reporting and […]
The EBA has a number of mandates on liquidity coverage ratio (LCR) and net stable funding ratio (NSFR) stemming from the Capital Requirements Regulation (CRR) and the LCR Delegated Regulation. The EBA's deliverables in the area of liquidity are mainly binding technical standards (BTS) and reports. The EBA also scrutinises the ways in which institutions and competent authorities have implemented the CRR and RTS provisions, mainly on the LCR using ongoing monitoring tools. Where necessary, the […]
The access to the market of regulated financial services is a critical 'gate keeping function' to ensure that only entities that are able to assure the safety and soundness of the business and the integrity of the market may provide such activities. For this reason, access to the market is subject to licensing by the competent authority. It includes authorisation, passporting notification, assessment of qualifying holdings and monitoring of regulatory perimeter also in light […]
With the entry into force of the EMIR and the CRD IV/CRR, several provisions require the EBA to issue regulatory technical standards, opinions and reports on the interaction between credit institutions and investment firms on the one hand and market infrastructures on the other hand. To guarantee the full and consistent implementation of the regulations, the EBA closely collaborates with the other European Supervisory Authorities (ESAs) and the European System of Central Banks (ESCB) for the […]
Market risk can be defined as the risk of losses in on and off-balance sheet positions arising from adverse movements in market prices. From a regulatory perspective, market risk stems from all the positions included in banks' trading book as well as from commodity and foreign exchange risk positions in the whole balance sheet. Counterparty credit risk can be defined as the risk that the counterparty to a transaction could default before the final settlement of the transaction cash flows. […]
The EBA is mandated to develop Binding Technical Standards (BTS), Guidelines and Reports to assess internal models with the aim of ensuring a harmonised implementation of the rules for Internal Rating Based (IRB) Approaches for credit risk, Internal Model Methods (IMM) for counterparty credit risk, Advanced Measurement Approaches (AMA) for operational risk and Internal Models Approaches (IMA) for market risk. The common denominator of this mandate is to harmonise the fundamentals of internal […]
Operational resilience is defined as the ability of an institution to deliver critical operations through disruption. This builds on the prudential operational risk framework, encompassing internal governance, outsourcing, business continuity and relevant risk management-related aspects. Such ability enables an institution to identify and protect itself from threats and potential failures, respond and adapt to, as well as recover and learn from disruptive events in order to minimise their […]
EU legislation requires that institutions adequately manage and mitigate operational risk, which is defined as the risk of losses stemming from inadequate or failed internal processes, people and systems or from external events. Operational risk includes legal risks but excludes reputational risk and is embedded in all banking products and activities. It has always existed in banking, and non banking, organizations but it has acquired a greater relevance given the increased complexity and […]
To be able to absorb losses in a going or in a gone concern situation, institutions need own funds in sufficient quantity and quality in accordance with applicable European legislation. The Capital Requirements Regulation (CRR) sets out the characteristics and conditions for own funds and specifies a series of mandates for the EBA. These include the development of Regulatory Technical Standards to further specify the quality criteria applying to institutions' regulatory own funds, as well the […]
