1. Bank regulation
1.1 PRUDENTIAL REGULATION
a) General
(i) Germany
BaFin: Report on risks in focus 2025 (Report über Risiken im Fokus 2025)
Status: Final
BaFin has published its annual report on the risks it will focus on throughout the year in English and German. It sets out the main risks that BaFin has identified for the financial stability or integrity of the financial markets in Germany and that it will pay particularly close attention to in 2025. In particular, BaFin sets out that natural disasters which are made more likely by climate change, international tensions and the weak domestic economy could create new risks for the German financial system or exacerbate existing risks. It therefore urges companies in the German financial sector to ensure that their risk management incorporates more comprehensive information on the consequences of climate change in order to diminish the impact of extreme weather or natural disasters in the form of major fires, droughts or floods on banks' loan portfolios and insurers' loss amounts in future.
The main risks currently facing the German financial market are risks arising from: (i) corrections on the real estate markets; (ii) significant corrections on the international financial markets; (iii) corporate loan defaults; (iv) cyber incidents with serious consequences; (v) inadequate money laundering prevention; and (vi) market concentration due to the outsourcing of IT services.
Date of publication: 28/01/2025
(ii) EU
EC: Communication on EU competitiveness compass
Status: Final
The EC has published a communication on a Competitiveness Compass for the EU, which sets out an action plan in response to the Draghi report published in September 2024. The communication sets out the framework for the EC's work on competitiveness for the next five years and lists its initial priorities. One of the EC's key aims is to reduce the regulatory burden, which for the financial services sector will include publishing, in February, the first of a series of Simplification Omnibus packages relating to sustainable finance reporting, sustainability due diligence and the sustainable finance taxonomy. Additionally in Q1 2025 the Commission will set a strategy on a Savings and Investments Union (SIU), followed by a set of specific proposals, which will aim to promote low-cost saving and investment products at EU level for retail investors. Longer term work includes removing barriers to consolidation of financial markets infrastructure and taxation barriers to cross-border investment, promoting the EU's securitisation market, and pursuing the reform and harmonisation of insolvency frameworks in the EU. A tentative agenda for forthcoming College of Commissioners' meetings indicates that the EC will publish a communication on the SIU on 19 March.
Date of publication: 29/01/2025
(iii) International
BCBS: Innovation Hub work programme for 2025-26
Status: Final
The BCBS has set out its Innovation Hub's work programme for 2025-26. At the start of 2025, the Innovation Hub's project portfolio consists of 26 active projects, with 31 projects completed since its establishment in 2019. The BIS started 16 new projects in 2024. Highlights of the work programme include: (i) enhancing horizon scanning capabilities to identify trends and developments in financial technology that could have a meaningful impact on central banks; (ii) exploring synergies between different projects and themes, focusing on developing solutions to support central banks in their core responsibilities of the provision of money, monetary policy, payments infrastructure, financial stability, and regulation and supervision; (iii) launching two new projects using AI-enabled tools, including Project Gaia which will build on an already developed proof of concept which addressed the specific use case of climate-related risk analysis, by extending it to other uses cases in and beyond the area of green finance; (iv) further developing ongoing projects, such as Project Agora, in which partners from seven central banks and over 40 private sector financial institutions are exploring how tokenisation can enhance wholesale cross-border payments; and (v) exploring the potential of central bank community-driven ecosystems in the creation of code and other solutions that can add value to central banking.
Date of publication: 14/01/2025
b) Solvency/Own funds issues
(i) Germany
BaFin: Publication of the General Administrative Act on business credit balances for 2025 (Bekanntmachung der Allgemeinverfügung zum Geschäftsguthaben 2025)
Status: Final
BaFin has published a General Administrative Act on business credit balances for 2025, pursuant to Articles 26(3), 77(1)(a), 78(1)(b) CRR and Article 32(2) of the Delegated Regulation (EU) 241/2014. It regulates the extent to which newly issued shares in cooperative banks can be classified as instruments of common equity tier 1 capital. In the version valid from 1 January 2025, BaFin also stipulates the conditions under which the repayment of business credit balances based on cancelled cooperative shares is approved in advance.
Date of publication: 01/01/2025
(ii) EU
Status: Adopted by the EC
The EC has adopted the draft Delegated Regulation amending RTS as regards the specification of the formula for calculating the supervisory delta of call and put options mapped to the commodity risk category. The RTS specify the formula for the purposes of Article 279a(3) of the CRR in the standardised approach for counterparty credit risk. CRR III expanded the scope of Article 279a(3) to cover commodity risk, which requires amendment to the RTS.
The Council of the EU and the European Parliament will now scrutinise the Delegated Regulation. If neither objects, the Regulation will be published in the OJ and enter into force 20 days after publication.
Date of publication: 28/01/2025
c) Securitisation
(i) Germany
BaFin: Publication of Circular 01/2025 on securitisation (Veröffentlichung des Rundschreibens 01/2025 zur Verbriefung)
Status: Final
Date of application: 15/01/2025
BaFin has published a Circular on securitisation, specifying the criteria for simple, transparent and standardised (STS) balance sheet securitisation. The Circular also aims to implement modified Guidelines for asset-backed commercial paper (ABCP) and non-ABCP securitisation. With the circular, BaFin is adopting the EBA Guidelines on the STS criteria for on-balance-sheet securitisations into its administrative practice.
Date of publication: 15/01/2025
(ii) International
FSB: Report on the evaluation of the effects of the G20 financial regulatory reforms on securitisation
Status: Final
The FSB has published an evaluation report on the effects of the G20 financial regulatory reforms on securitisation. It focuses, in terms of scope, on the collateralised debt/loan obligation (CDO/CLO) and the nongovernmentguaranteed part of the residential mortgage-backed securities (RMBS) markets; and, in terms of reforms, on the IOSCO minimum retention recommendations to address incentive problems and the BCBS revisions to prudential requirements for banks' securitisation-related exposures. These reforms aimed to address the vulnerabilities in the securitisation market that contributed to the amplification of losses during the 2008 global financial crisis.
This report has been accompanied by a note summarising the feedback received on the consultation regarding this report – both from the public responses and from the workshop – and setting out the main changes made to the final report in order to address them. The note also provides a short overview of additional analysis carried out by the FSB since the consultation report to enhance the robustness of the results.
Date of publication: 22/01/2025
d) Risk management/SREP/Pillar 2/Outsourcing/NPL
(i) Germany
BaFin: Protocol of the MaRisk expert meeting (Protokoll der MaRisk Fachgruppensitzung)
Status: Final
BaFin has published the protocol from an expert meeting discussing topics regarding the Minimum requirements for the risk management (Mindestanforderungen an das Risikomanagement – MaRisk). In particular, the meeting deliberated on an update to the LSI SREP methodology and questions for interpretation regarding the seventh MaRisk update.
Date of publication: 15/01/2025
BaFin: Update of the Circular 10/2017 on banking supervisory requirements for IT (Update des Rundschreibens 10/2017 über die Bankaufsichtlichen Anforderungen an die IT – BAIT)
Status: Final
BaFin has updated the Circular 10/2017 on banking supervisory requirements for IT (Bankaufsichtlichen Anforderungen an die IT – BAIT) as part of its gradual repeal of this Circular. This repeal aims to avoid double regulation following the application of the supervisory requirements for IT set out in DORA from 17 January 2025. From then on, institutions that must operate risk management for information and communication technology (ICT) in accordance with Articles 5 to 15 or Article 16 DORA will be excluded from the BAIT user group. In addition, BaFin is repealing Chapter 11 of the BAIT.
The Financial Market Digitisation Act (Finanzmarktdigitalisierungsgesetz – FinmadiG) revised Section 1a(2) of the Banking Act (Kreditwesengesetz – KWG), according to which other institutions must apply DORA from 1 January 2027. As of 31 December 2026, the BAIT will therefore be completely repealed.
Date of publication: 10/01/2025
(ii) EU
EBA: Opinion on interaction between Pillar 2 requirements and the output floor
Status: Final
The EBA has published an opinion on the interaction between the output floor and Pillar 2 requirements under CRD IV. The opinion describes how competent authorities should operationalise the temporary cap that ensures that Pillar 2 requirements do not increase as a result of a firm becoming bound by the output floor. The EBA is mandated to issue Guidelines on the interaction between the output floor and Pillar 2 requirements. However, the Guidelines need to be incorporated into the SREP Guidelines, which will soon be reviewed as part of the assessment of the impact of the new Banking Package. In the meantime, the opinion aims to harmonise the approach on the described narrow interaction.
Date of publication: 21/01/2025
EBA: Peer review on the application of proportionality under the SREP
Status: Final
The EBA has published a peer review on the application of proportionality under the Supervisory Review and Evaluation Process (SREP). Despite the overall positive results of the peer review on the application on proportionality in SREP and in the liquidity risk assessment under SREP, the deficiencies identified concerned consistency of implementation of the SREP Guidelines, sources used for SREP categorisation, and implementation of the minimum supervisory engagement model. The EBA notes that while these do not lead to material risks being unaddressed, they undermine the aim of the SREP Guidelines of having a more consistent approach across the EU. To address these deficiencies, the EBA identified a number of follow-up measures addressed to all competent authorities across the EEA. These include incorporating the classification of 'large' and 'small and non-complex' institutions under the CRR into the categorisation of institutions for SREP purposes and aligning to the minimum supervisory engagement model and in the area of liquidity stress testing. The report also sets out several best practices observed, such as the use of benchmarking tools, 'pilot inspections' where several institutions use the same service provider, and spot checks on the quality, accuracy and reliability of information provided by institutions in self-assessment questionnaires. The EBA will conduct a follow-up peer review of the implementation of the measures included in this report in two years. It will also consider the outcome of this peer review in the context of the upcoming review of the SREP Guidelines. In particular, it will consider providing more clarity on how the focus and granularity of the SREP assessment could be adapted to the risk profile of the institution and on the scope and level of assessments to be performed under the minimum supervisory engagement model.
Date of publication: 16/01/2025
e) Cyber security
(i) EU
ESAs: Approval of terms of reference for new EU-SCICF Forum under DORA
Status: Final
The ESAs have published the terms of reference for the EU systemic cyber incident co-ordination framework Forum established under DORA. The Forum will be composed of representatives of EU and national bodies, including the ESAs and the EC. The Forum is tasked with: (i) developing and maintaining documents, protocols, procedures, arrangements, taxonomy and plans to support co-ordination in case of crisis mode, taking into account the existing coordination frameworks and the cyber threat landscape; (ii) preparing the set-up of a dedicated adhoc group responsible for managing crisis mode; and (iii) exercise and test the protocols and procedures to ensure continued preparedness in the event of activation of crisis mode. The terms of reference will be subject to review and endorsement by the Joint Committee and subsequent approval by the ESAs' Boards of Supervisors, and adapted to reflect any new developments, as relevant and appropriate, every two years. The terms of reference came into effect on 17 January.
Date of publication: 27/01/2025
Status: Final
The ESAs have published a joint report on the feasibility of further centralisation of the reporting of major ICTrelated incidents by financial entities to competent authorities. In line with the DORA mandate, the ESAs' joint report explores the potential for further centralisation through the establishment of a single EU hub, assessing the feasibility of three different models: (i) the baseline model; (ii) a model with enhanced data sharing arrangements; and (iii) a fully centralised model (i.e., an EU hub). The report considers the potential burden and cost reductions, as well as the efficiency and effectiveness gains that each model would bring for cross-sector supervisory practices.
The report concludes that all three models are feasible, noting that the baseline scenario must be implemented this year. For the other two models, their implementation is considered feasible within three years for the data sharing solution, given this could be implemented progressively from the baseline solution, and from five years onwards for the fully centralised hub. In terms of costs, the analysis shows that there is no significant difference among the three scenarios assessed and from overall cost perspective all three solutions are in a similar range. The report also discusses the local solutions that have already been or are in the process of being built at national level to enable reporting by 17 January. Therefore, while there are some envisaged advantages and cost reductions in absolute terms for the fully centralised scenario, it inevitably becomes less attractive with limited advantage and incentives for changing the existing reporting channels. The ESAs stress that is thus important that co-legislators continue to assess and consider further centralisation into a single EU hub, having regard to the different elements and aspects highlighted in this report, especially minimising costs of a transition to a fully centralised EU hub solution.
Date of publication: 17/01/2025
Status: Published in the OJ
Date of entry into force: 04/02/2025
Date of application: 04/02/2025
The Cyber Solidarity Act has been published in the OJ. It aims to strengthen capacities in the EU to detect, prepare for and respond to significant and large-scale cybersecurity threats and attacks in a more resilient and reactive manner and to improve cooperation mechanisms.
Date of publication: 15/01/2025
ESMA: New Q&A on the application of the DORA
Status: Final
ESMA has published four new Q&A on the application of the DORA regarding the following topics: (i) questions on Microenterprises and RMF; (ii) ICT-related incidents on critical services affected; (iii) ICT-related incidents on duplicate ICT incident reporting; and (iv) oversight framework of CTPPs on an exemption for non-EU ICT intra-group service providers.
Date of publication: 10/01/2025
f) Remuneration
(i) Germany
BReg: Second government draft of the Second Future Financing Act (Regierungsentwurf des Zweiten Zukunftsfinanzierungsgesetzes)
Status: Final
The Federal Government (Bundesregierung – BReg) has published another government draft on the Second Financing for the Future Act (Zweites Zukunftsfinanzierungsgesetz – 2. ZuFinG). The aim of this planned legislative package is to ensure increasing investment in growth companies and infrastructure projects by way of establishing a more attractive legal and tax framework. This is intended to further strengthen the competitiveness and attractiveness of Germany as a financial centre and, in particular, to improve financing options for young and dynamic companies.
In particular a loosening of employment protection rules which so far only applied to managers in systemically important banks, should in future also apply to smaller financial institutions, insurance companies and investment firms. In addition, the federal government is planning to create a legally secure framework for investments in renewable energies and infrastructure in order to implement urgently needed projects and accelerate the transition to a more sustainable future.
Date of publication: 15/01/2025
g) Qualifying holdings
(i) Germany
BaFin: Translation of the updated Holder Control Regulation (Übersetzung der aktualisierten Inhaberkontrollverordnung)
Status: Final
BaFin has published an updated English version of the Holder Control Regulation (Inhaberkontrollverordnung – InhKontrollV), the Regulation on Notifications in Accordance with Section 2c of the German Banking Act (Kreditwesengesetz – KWG) and Section 104 of the German Insurance Supervision Act (Versicherungsaufsichtsgesetz – VAG).
Date of publication: 16/01/2025
h) Supervisory reporting
(i) Germany
BaFin: Consultation 03/2025 on a General Administrative Act regarding diversity reporting (Konsultation 03/2025 über eine Allgemeinverfügung zu Diversitätsanzeigen)
Status: Consultation
Deadline for the submission of comments: 21/02/2025
BaFin has launched a consultation on a General Administrative Act regarding diversity reporting, aiming to comply with the EBA Guidelines on benchmarking of diversity practices, including diversity policies and gender pay gap under the CRD. The Guidelines specify which data must be collected to comply with the requirement for national competent authorities (NCAs) to collect data on diversity in institutions pursuant to Article 91(11) CRD. They will be applied for the first time this year, starting from 30 April 2025. In future, selected institutions will have to submit the notification every three years. The legislative process to adapt the German Banking Act (Kreditwesengesetz – KWG) and the Notification Regulation (Anzeigenverordnung – AnzV) could not be completed by these reporting deadlines. Therefore, a General Administrative Act is necessary.
The target group of these Guidelines are significant credit institutions pursuant to Section 1(3c) KWG. BaFin will inform the other participating institutions individually about their participation. In addition, the EBA has published the list of participating institutions on its website.
Date of publication: 31/01/2025
i) Accounting/Prudential filter/Audit
(i) EU
Status: Published in the OJ
Date of entry into force: 04/02/2025
Date of application: 01/01/2025
The Commission Delegated Regulation (EU) 2025/19 of 26 September 2024 amending the regulatory technical standards laid down in Delegated Regulation (EU) 2019/815 as regards the 2024 update of the taxonomy for the single electronic reporting format has been published in the OJ.
The EC has published a draft Delegated Regulation amending the RTS laid down in Delegated Regulation (EU) 2019/815 as regards the 2024 update of the taxonomy for the single electronic reporting format (the European Single Electronic Format – ESEF). This RTS aims to amend the existing RTS on ESEF to reflect, in combination, the 2023 and the 2024 updates of the IFRS Accounting taxonomies.
Date of publication: 15/01/2025
1.2 RECOVERY AND RESOLUTION
(i) Eurozone
SRB: Revised operational guidance on operational continuity in resolution
Status: Final
The SRB has published a revised version of the operational guidance on operational continuity in resolution. The guidance provides further clarifications to banks on how to implement SRB expectations for resolvability related to: (i) service identification and mapping; (ii) assessment of operational continuity risk; and (iii) mitigating measures, such as having adequately documented, resolution-resilient contracts, appropriate management information systems, and governance arrangements. The guidance was originally published in 2021, the new revisions follow the development of new frameworks, such as DORA, and new provisions, such as the EBA Guidelines on improving resolvability. The SRB notes that some of the additions will, in practice, depend for their application on measures currently pending.
Date of publication: 23/01/2025
1.3 STRESS TESTS/MACROPRUDENTIAL TOPICS
(i) EU
EBA: EU-wide stress test for banks
Status: Final
The EBA has published a press release announcing the launch of the 2025 EU-wide stress test for banks. The aim of the stress test is to provide supervisors, banks and other market participants with a common analytical framework to compare and assess the resilience of EU banks and the EU banking system to shocks, as well as challenging the capital position of EU banks. The resilience will be assessed under a common macro-economic baseline and common adverse scenario covering 2025-2027, and includes hypothetical worsening of geopolitical tensions. The EBA has published a methodological note defining how banks should calculate the stress impact of the common scenarios and sets of constraints for their calculations, as well as providing further guidance to banks for performing the test. Accompanying this note is a Template Guidance, also provided by the EBA, to further assist banks with populating their templates for the stress test. The EBA have also published a set of FAQs on the key features of the stress test. The new banking package, which has applied since 1 January, is also embedded in the stress test accordingly. The stress test covers a sample of 64 banks representing about 75% of banks' total assets in the EU and Norway. The ECB has also published a press release together with FAQs on their role in the stress test as prudential supervisor of banks in the single supervisory mechanism. The EBA expects to publish the results of the exercise at the beginning of August.
Date of publication: 20/01/2025
To view the full article, click here.
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.
