Currently free during beta - premium features coming soon. Subscribe now to lock in early access.
All Changes

EU Regulatory Changes

51 changes tracked across 21 compliance frameworks including DORA, NIS2, GDPR, EU AI Act, Cyber Resilience Act, and more.

All DORA NIS2 GDPR CSRD MaRisk ISO27001 EU_AI_ACT CRA DSA DMA eIDAS2 SOC2 PCI_DSS HIPAA ISO42001 AMLD6 PSD3 DATA_ACT GPSR CER EUDR
DORA 26 Feb 2026 esma
ESMA sets out clearing thresholds under EMIR 3
ESMA has published its final report setting the clearing thresholds under the updated EMIR 3 framework, which is part of the broader DORA regulatory initiative. This establishes the quantitative le...
Read analysis →
NIS2 24 Feb 2026 enisa
How does ENISA cooperate with users of the EU Cybersecurity Reserve? Who decides which entity should benefit from ser...
ENISA has published operational details on the cooperation framework for the EU Cybersecurity Reserve, a key mechanism established under the NIS2 Directive. The update clarifies the process for req...
Read analysis →
MaRisk 24 Feb 2026 ecb
Claudia Buch: AMLA and ECB Banking Supervision: strengthening cooperation
In a February 2026 speech, ECB supervisory chair Claudia Buch outlined enhanced cooperation between the future Anti-Money Laundering Authority (AMLA) and ECB Banking Supervision. The key change is ...
Read analysis →
DORA 24 Feb 2026 cssf
DORA – Submission timeframe for register of information for third-country branches of credit institutions having thei...
The CSSF has published a communication specifying the submission timeframe for a key DORA requirement. It mandates that third-country branches of credit institutions, whose head office is outside t...
Read analysis →
NIS2 24 Feb 2026 enisa
How could a cybersecurity company join the EU Cybersecurity Reserve?
ENISA has published guidance on the process for cybersecurity companies to join the newly established EU Cybersecurity Reserve. This voluntary pool of trusted private sector incident response servi...
Read analysis →
NIS2 24 Feb 2026 enisa
How will the EU Cybersecurity Reserve be funded?
ENISA has published guidance clarifying the funding mechanism for the new EU Cybersecurity Reserve, a key operational capability established under the NIS2 Directive. The Reserve is designed to pro...
Read analysis →
NIS2 24 Feb 2026 enisa
Does the EU Cybersecurity Reserve only provide incident reponse and initial recovery actions?
ENISA has published a clarification on the scope of assistance available from the EU Cybersecurity Reserve. This operational tool, established under the NIS2 Directive, is confirmed to provide supp...
Read analysis →
NIS2 24 Feb 2026 enisa
Is any non-EU country eligible to receive support from the EU Cybersecurity Reserve?
ENISA has published a clarification confirming that non-EU countries are eligible to receive support from the EU Cybersecurity Reserve. This operational detail stems from the NIS2 Directive and the...
Read analysis →
DORA 24 Feb 2026 eba
The EBA publishes follow-up Report on ICT risk assessment under the Supervisory Review and Evaluation Process
The European Banking Authority (EBA) has published a follow-up report on integrating Information and Communication Technology (ICT) risk into the Supervisory Review and Evaluation Process (SREP). T...
Read analysis →
GDPR 23 Feb 2026 edpb
Making GDPR compliance easier through new initiatives: a key focus of the EDPB work programme 2026-2027
The European Data Protection Board (EDPB) has published its strategic work programme for 2026-2027, formally establishing a core objective of simplifying GDPR compliance. This represents a signific...
Read analysis →
GDPR 23 Feb 2026 edpb
EDPB Report on the public consultation on helpful templates for organisations to facilitate their GDPR compliance
The European Data Protection Board (EDPB) has published a report summarizing the feedback from its public consultation on proposed GDPR compliance templates. This report details stakeholder input o...
Read analysis →