EU Regulatory Changes

The European Data Protection Board has published the agenda for the IAPP Global Summit 2026, serving as a key forward-looking resource on the operationalization of the EU AI Act. This agenda outlin...

In an interview published on 24 March 2026, ECB Supervisory Board member Patrick Montagner outlined evolving supervisory expectations regarding risk management in a fragmented credit market. The fo...

The European Data Protection Board (EDPB) has published its agenda for the IAPP Global Summit 2026, highlighting key regulatory priorities. This agenda signals the EDPB's focus on the operational c...

The European Data Protection Board and European Data Protection Supervisor have issued a joint opinion on the proposed Cybersecurity Act 2 and amendments to the NIS 2 Directive. This opinion provid...

The EDPB and EDPS have issued a joint opinion endorsing the European Commission's draft implementing acts for the NIS2 Directive. This opinion supports measures designed to standardize and clarify ...

The European Data Protection Board (EDPB) has launched its 2026 Coordinated Enforcement Framework (CEF) action, focusing on the practical application of GDPR transparency and information obligation...

The CSSF has published an update regarding the collection of information for the DORA Register. This involves the formal issuance of templates and technical specifications that financial entities m...

ESMA has launched a public consultation on proposed technical standards for post-trade risk reduction (PTRR) services under the revised EMIR framework (EMIR 3). This initiative, developed within th...

ESMA has published its final report setting the clearing thresholds under the updated EMIR 3 framework, which is part of the broader DORA regulatory initiative. This establishes the quantitative le...

ENISA has published operational details on the cooperation framework for the EU Cybersecurity Reserve, a key mechanism established under the NIS2 Directive. The update clarifies the process for req...

In a February 2026 speech, ECB supervisory chair Claudia Buch outlined enhanced cooperation between the future Anti-Money Laundering Authority (AMLA) and ECB Banking Supervision. The key change is ...

The CSSF has published a communication specifying the submission timeframe for a key DORA requirement. It mandates that third-country branches of credit institutions, whose head office is outside t...

ENISA has published guidance on the process for cybersecurity companies to join the newly established EU Cybersecurity Reserve. This voluntary pool of trusted private sector incident response servi...

ENISA has published guidance clarifying the funding mechanism for the new EU Cybersecurity Reserve, a key operational capability established under the NIS2 Directive. The Reserve is designed to pro...

ENISA has published a clarification on the scope of assistance available from the EU Cybersecurity Reserve. This operational tool, established under the NIS2 Directive, is confirmed to provide supp...

ENISA has published a clarification confirming that non-EU countries are eligible to receive support from the EU Cybersecurity Reserve. This operational detail stems from the NIS2 Directive and the...

The European Banking Authority (EBA) has published a follow-up report on integrating Information and Communication Technology (ICT) risk into the Supervisory Review and Evaluation Process (SREP). T...

The European Data Protection Board (EDPB) has published its strategic work programme for 2026-2027, formally establishing a core objective of simplifying GDPR compliance. This represents a signific...

The European Data Protection Board (EDPB) has published a report summarizing the feedback from its public consultation on proposed GDPR compliance templates. This report details stakeholder input o...