EU Regulatory Outlook 2026

After a legislative cycle that culminated in the agreement of major reforms across banking, markets, digital finance and sustainability, EU lawmakers intend to go full steam ahead on financial regulation, with developments in the fields of simplification, competitiveness and market integration expected throughout the course of 2026. Far-reaching reforms in capital markets legislation will dominate headlines, as the EU moves to complete its ambitious Savings and Investment Union (SIU). The EU will also move to streamlining its digital and artificial intelligence (AI) rules. At the same time, multiple frameworks agreed between 2023 and 2025 across banking, markets, digital finance and sustainability, will begin to apply in parallel.

For firms operating across the EU, 2026 will be defined by sequencing challenges. Prudential reforms, market-structure changes, digital resilience requirements and significant changes in sustainability disclosures will all advance simultaneously, testing firms’ operational capacity and regulators’ supervisory bandwidth. At the same time, EU institutions are becoming more explicit about boosting competitiveness and reducing regulatory burden, setting the context for targeted reviews and adjustments of EU rules.

This outlook examines what to expect in 2026 across the following themes:

• Trading and markets
• Risk, capital, and financial stability
• Digital finance and technology
• Sustainable finance

Trading and markets

EU markets policy in 2026 will by marked by the practical reshaping of market structure rules. Reforms to transparency, market data and clearing are scheduled to take effect across multiple asset classes, while long-standing political ambitions around consolidated tapes move closer to reality. For firms, the year will bring material changes to execution, data procurement and clearing strategies, alongside intensified supervisory scrutiny of how new frameworks operate in practice.

Savings and Investments Union

The Commission’s SIU initiative represents the next phase of the Capital Markets Union (CMU) by focusing on mobilising the €33 trillion in European household savings into productive investments. Following a wide-ranging package tabled in December 2025 covering trading, post-trading, asset management, Distributed Ledger Technology (DLT) and centralised supervision, EU lawmakers will negotiate the Commission’s proposals throughout 2026.

The package seeks to remove obstacles to market integration, facilitate innovation, streamline supervision, and simplify regulation. Some of the key proposals put forward include enhancing passporting opportunities for central securities depositories (CSDs) and streamline the cross-border distribution of investment funds (UCITS and Alternative Investment Funds) in the EU. The Commission also proposes transferring direct supervisory competences over significant market infrastructures such as certain trading venues, central counterparties, CSDs, and all Crypto-Asset Service Providers (CASPs) to European Securities and Markets Authority (ESMA). Finally, the proposal will simplify the capital markets framework further by converting directives into regulations, cutting back on detailed rulemaking and implementing acts, and preventing gold-plating at the national level.

By the start of 2026, the foundational legislative packages proposed in late 2025 – including the Market Integration Package – are being actively negotiated. Further proposals are expected in areas such as private markets, venture capital and shareholder rights, alongside measures aimed at channelling household savings more effectively into capital markets and reducing structural barriers to cross-border investment. Taken together, the SIU agenda signals a move away from incremental market reforms toward a more systemic rethinking of how EU capital markets are structured, supervised and used to support long-term economic objectives.

MiFID/MiFIR and consolidated tapes

The revised Markets in Financial Instruments Directive (MiFID) / Markets in Financial Instruments Regulation (MiFIR) framework is now in force, with 2026 representing a decisive year for its implementation. New equity and bond transparency regimes are scheduled to apply from March 2026, reshaping pre- and post-trade disclosure obligations across asset classes.

In parallel, the new Reasonable Commercial Basis (RCB) requirements for market data will fully apply from August 2026, with implications for market data procurement and governance across trading venues, intermediaries and data users.

The political ambition remains for EU-level equity bond consolidated tapes to be operational by the end of 2026, while ESMA launched in early January the selection procedure for the derivatives consolidated tape. Together, these initiatives will have far-reaching implications and will bring a structural shift in how trading information is made available, produced and consumed.

EU Listing Act

Although the EU Listing Act entered into force in December 2024, many of its most significant amendments only begin to apply in 2026. From March and June 2026, changes to the Prospectus Regulation and Market Abuse Regulation will simplify secondary issuances, follow-ons, and ongoing disclosure obligations for listed companies.

A new EU-wide code of conduct for issuer-sponsored investment research is also expected to apply in mid-2026, aimed at improving research coverage, particularly for small and mid-cap issuers.

EMIR 3.0

European Market Infrastructure Regulation (EMIR) 3.0 has been in force since December 2024, but its most consequential elements continue to phase in. The active account requirement at EU Central Counterparties (CCPs) began applying in June 2025, while revised counterparty categorisation, clearing obligations and reporting requirements will be fully operational by July 2026.

For EU banks and clearing members, 2026 will be a key year for reassessing clearing strategies, particularly for systemically important derivatives, and for operationalising new reporting expectations linked to “representative” EU clearing activity.

Retail Investment Strategy

EU lawmakers reached a political agreement in late 2025 on the core elements of the Retail Investment Strategy, which revises multiple files, including Packaged Retail and Insurance-based Investment Products (PRIIPs), MiFID, Insurance Distribution Directive (IDD), Undertakings for Collective Investment in Transferable Securities (UCITS), Alternative Investment Fund Managers Directive (AIFMD), and Solvency II. The package introduces new inducements tests, enhanced value-for-money assessments and peer-group comparisons, alongside simplified suitability assessments for non-complex products.

The final text is anticipated in the first quarter of the year, though the technical specifics, such as peer grouping methodology and data needs, are scheduled for development following the publication of the primary legislation.

Risk, capital, and financial stability 

In 2026, the EU’s prudential agenda will be dominated less by new rulemaking and more by the operational consequences of reforms already agreed. Banks and insurers will be deep into implementation cycles for Basel 3.1 and Solvency II, while supervisors increasingly focus on model readiness, data quality, and governance. At the same time, questions around competitiveness, climate-related risk and the cumulative impact of prudential requirements are becoming more explicit in the policy debate, even as near-term recalibration remains limited.

CRR3/CRD6 and FRTB

The revised Capital Requirements Regulation and Directive (CRR3/CRD6), implementing the EU’s version of the Basel 3.1 standards, entered into force in 2025. By 2026, banks will already be reporting under the new framework, including revised approaches to credit risk, operational risk and the output floor.

However, one of the most consequential elements of the package, the Fundamental Review of the Trading Book (FRTB), has again been deferred, with application now delayed to 1 January 2027. The EU has framed the decision as necessary to avoid competitive distortions arising from divergent implementation timelines across major jurisdictions, particularly the United States, where the final shape of the Basel “endgame” remains unsettled.

As a result, 2026 will be a key model development and parallel-run year for banks with trading activities. Firms will continue to invest heavily in data, risk infrastructure, governance and validation processes while maintaining legacy frameworks alongside future FRTB requirements.

Alongside implementation, the European Commission is expected to publish its report on the banking system in the Single Market, including the evaluation of competitiveness, in Q3 2026. While industry has called for a broader reassessment of the EU prudential framework, the Commission has so far resisted reopening CRR3/CRD6. The report is therefore more likely to shape the medium-term policy narrative than to trigger near-term legislative change.

Solvency II

For insurers, 2026 will represent the most operationally intensive phase of the Solvency II review. Following the publication of delegated act amendments and European Insurance and Occupational Pensions Authority (EIOPA) technical standards and guidelines in 2025, firms will be expected to progress balance-sheet modelling, recalibrate capital requirements and implement governance and risk-management changes ahead of application in 2027.

This work will coincide with increased supervisory attention on climate-related catastrophe risk. EIOPA has warned that Europe’s insurance sector cannot absorb rising natural catastrophe losses without higher capital buffers and expanded public-private reinsurance arrangements. During 2026, further work is expected on catastrophe risk calibrations, climate underwriting practices and potential risk-sharing mechanisms, bringing together prudential, fiscal and policy considerations.

Digital finance

Digital finance regulation enters a new phase in 2026, as large parts of the EU’s extensive digital rulebook move from design to enforcement. With the Digital Operational Resilience Act (DORA) now in application, firms face heightened expectations around operational resilience and third-party risk. At the policy level, the Commission is advancing a simplification agenda for the EU’s digital rulebook, aiming to reduce duplication and operational friction across overlapping requirements.

DORA

DORA has applied since 17 January 2025, establishing a harmonised framework for ICT risk-management requirements across more than 20 categories of financial entities. During 2025, firms focused on implementing the core building blocks of the regime, including governance arrangements, ICT risk controls, incident classification and reporting processes, and digital operational resilience testing frameworks designed to strengthen operational resilience. By late 2025, the European Supervisory Authorities had also designated the critical ICT third-party providers (CTPPs), subject to EU-level oversight regime.

In 2026, the focus shifts to effective operationalisation. Firms are expected to fully integrate DORA requirements within day-to-day risk management and control environments. For many institutions, this will mark a transition from initial implementation to remediation and optimisation, as firms assess the effectiveness of their operational resilience frameworks in line with supervisory approaches.

Digital Omnibus package

At the policy level, the Commission is pursuing simplification of the EU’s digital rulebook, addressing operational complexity arising from overlapping requirements across DORA, the AI Act, NIS2 (Network and Information Security Directive 2), General Data Protection Regulation (GDPR) and the Data Act. This approach was formalised in November 2025 with the tabling of the “Digital Omnibus” package, which proposes targeted streamlining of obligations across these regimes.

Key elements include a proposed “stop-the-clock” for certain high-risk AI obligations, the creation of a single EU incident-reporting hub, and targeted amendments to data protection and data-sharing rules. Negotiations are expected to dominate 2026, with early operationalisation discussions running in parallel.

EU Cybersecurity Act review

The Commission published its proposal of the EU Cybersecurity Act review in January 2026. Building upon the existing NIS2 Directive and the original EU Cybersecurity Act, the proposal further integrates cybersecurity considerations into the broader EU industrial and security policy strategy. Proposed measures include the phase-out of high-risk vendors from critical supply chains with the identification of third countries posing heightened cybersecurity risks through Commission implementing acts. To ease the compliance burden, the proposal also includes targeted NIS2 amendments aimed at maximum harmonization. This includes new guidelines for supply chain security requirements.

Legislative negotiations are expected to continue throughout 2026, adding another layer to the EU’s cyber-governance framework. The European Commission is expected to follow this proposal with additional updates in the upcoming Industrial Accelerator Act and the Cloud and AI Development Act, planned later this year.

Sustainable finance 

Sustainable finance policy in 2026 will focus on further recalibration of the EU’s sustainability framework, as adjustments to Corporate Sustainability Reporting Directive (CSRD) take effect and policymakers advance reforms to SFDR. The emphasis is shifting towards more targeted requirements, creating a transitional period as firms adjust to evolving disclosure expectations.

Sustainability Omnibus (CSRD and CSDDD)

The Sustainability Omnibus introduces substantial changes to both the CSRD and the Corporate Sustainability Due Diligence Directive (CSDDD). The provisional agreement significantly reduces the number of EU and non-EU companies in scope, removes the requirement for transition plans under CSDDD, and limits the extent to which large firms can request sustainability data from smaller value chain partners.

While these changes reduce compliance burdens, they also imply reduced data availability for investors, lenders, and supervisors. CSRD is already applying to first wave firms, with further application phases extending into 2027 and beyond. By contrast, CSDDD obligations will not apply until 2029, making 2026 primarily a period of adjustment rather than enforcement.

SFDR

In November 2025, the Commission tabled a major overhaul of the Sustainable Finance Disclosure Regulation (SFDR), proposing a shift from the current Articles 6, 8, and 9 to new product categories – Sustainable, Transition and ESG Basics – each with embedded minimum criteria.

Negotiations will take place during 2026, though an agreement is unlikely before late 2026 or 2027.

ESRS and EU Taxonomy

The European Financial Reporting Advisory Group (EFRAG) has proposed a reduced set of sector-agnostic European Sustainability Reporting Standards (ESRS), removing many narrative disclosures and refocusing on quantitative information. A final version is expected in the second half of 2026.

In parallel, EU Taxonomy reporting requirements are being reduced, while work continues on reviewing the Taxonomy’s screening criteria and considering further adjustments to reporting obligations during 2026.

EU ESG ratings regime

The EU regime for ESG ratings providers will apply from 2 July 2026. Final regulatory technical standards and detailed implementing rules are expected in the first half of the year, making 2026 a critical preparation period for both ratings providers and market participants that use ESG ratings in investment and risk management processes.