Deloitte Banking Alert

On August 7th, 2025, the European Banking Authority (EBA) initiated a consultation regarding itsupdated Guidelines on internal governance according to the Capital Requirements Directive (CRD).The suggested amendments aim to further harmonize the internal governance arrangements,processes and mechanisms that institutions, third-country branches and investment firms shouldimplement to ensure their effective and prudent management, in line with the requirements of CRDIV and other pertinent legislation, such as the Digital Operational Resilience Acts (DORA).

The EBA’s new RTS on operational risk under CRR3 reshape how banks
classify, record, and report loss events, introducing a harmonized taxonomy,
ESG and greenwashing risk attributes, and alignment with DORA. Institutions
will need to reassess their operational risk frameworks, loss data history, and
ICT incident reporting to ensure compliance.

Continue reading to learn more about these standards and discover how Deloitte
can help — from gap assessments and taxonomy alignment to loss data
integration, DORA consistency checks, and post-merger operational risk data
reconciliation. Our experts can guide you through every step of implementation,
ensuring regulatory compliance while optimizing operational efficiency.

The European Banking Authority has released a detailed operational guide for conducting resolution simulation exercises (SimEx), providing a standardised framework for authorities and implications for institutions involved in resolution planning.Continue reading our alert for a summary of the structure and key expectations.

The European Banking Authority (EBA) has launched a public consultation on proposed amendments to its Guidelines on the definition of default under the CRR.The draft maintains the 1% NPV loss threshold for debt restructuring, aiming to balance flexibility with sound risk management. It also proposes extending the days past due from 30 to 90 for non-recourse factoring at the invoice level, to better reflect market practices and improve consistency in default classification.Continue reading to explore key topics and how these changes will enhance default classification across EU financial institutions.

Climate change is increasingly acknowledged as a source of credit risk for financial systems. Rising physical risks can potentially increase the likelihood of asset devaluation, supply chain disruptions, and credit defaults, especially impacting banks with exposure to vulnerable sectors and regions.Transition risks from policy and market shifts further affect clients’ creditworthiness. For banks, factoring climate into credit assessments is essential to managing long-term risk. Continue reading to learn how regulatory changes are driving banks to embed climate risk into credit models—a crucial step for enhancing compliance, resilience, and risk management.

On July 2, the EBA opened a public consultation on draft Guidelines for estimating and applying credit conversion factors (CCF) under the Capital Requirements Regulation (CRR). The consultation runs until 15 October 2025, ahead of the July 2024 application of Regulation (EU) 2024/1623.Part of the IRB repair programme, the Guidelines aim to ensure consistency across institutions by aligning CCF methodology with existing guidance on PD and LGD, while also introducing simplifications where appropriate. Continue reading to uncover the key regulatory updates.

On July 1st, the EBA published its final Guidelines on the treatment of acquisition, development, and construction (ADC) exposures to residential property under the CRR framework. These Guidelines bring much-needed clarity on when institutions can apply a reduced 100% risk weight instead of the standard 150%, provided specific credit risk-mitigating conditions are met. The new rules define in detail what qualifies as substantial cash deposits, equivalent financing, obligor-contributed equity, and significant contract thresholds, while introducing additional flexibility for public housing projects.These developments are part of the broader credit risk roadmap and will directly impact how banks structure, assess, and report ADC exposures going forward. Continue reading to discover what this means for your ADC portfolio and how to leverage potential capital optimization opportunities.

On 26 June 2025, the European Supervisory Authorities (ESAs) — namely the European Banking Authority (EBA), the European Insurance and Occupational Pensions Authority (EIOPA), and the European Securities and Markets Authority (ESMA) — published a Joint Consultation Paper on their draft Joint Guidelines on ESG stress testing. This marks a significant milestone in strengthening supervisory practices related to ESG risk management, ensuring comparability of results, and accommodating future methodological developments and improvements in ESG data availability.Continue reading to find out the main implications for banks, insurers, and financial industry associations.

The European Banking Authority has released three final drafts of technical standards for the Business Indicator approach to operational risk capital requirements. The newly released final drafts of standards cover critical areas for the operational risk capital requirements: from the nuanced treatment of various components of the BI to the adjustments for M&As and disposals and the mapping between BI components and FINREP. By providing these standards, the EBA brings clarity and consistency to bank’s application of the BI approach and contributes to a more robust and uniform approach to operational risk management across European financial institutions.Continue reading about these technical standards and their implications for banks.

On May 22, 2025, the EBA published its Draft ITS on disclosure for ESG risks, equity exposures and the aggregate exposure to shadow banking entities (EBA/CP/2025/07) and thus supplements the disclosure requirements set out in Regulation (EU) 2024/3172, introducing requirements that go beyond the Basel III framework. The draft ITS specifies the new requirements for the implementation of Articles 449a, 449b and 438, which have been newly added or revised by CRR III.

Continue reading to learn how this marks a major step forward in the implementation of Step 2 of the Pillar 3 disclosure framework, extending ESG-related disclosure obligations to all CRR institutions.

The European Banking Authority (EBA) published on the 7th of May the updated final draft implementing technical standards (ITS) on resolution planning reporting. The objective of the ITS is to achieve full harmonization of reporting requirements in the EU and avoid duplication of data requests, thus reducing the cost of compliance with resolution planning reporting obligations by institutions.

Read more for key insights from the final report on the draft ITS regarding resolution planning and reporting obligations.

Banks are navigating heightened geopolitical tensions and cyber risks, making operational resilience a critical priority. The latest trends reveal a shift towards cloud-based solutions to enhance agility and scalability. However, vulnerabilities in IT outsourcing have prompted the ECB to issue supervisory expectations and the EU to mandate resilience testing through DORA.

Continue reading about current trends and key takeaways for banks.

The European Central Bank has issued key clarifications on capital
and liquidity adequacy processes, reinforcing the need for strong governance,
forward-looking risk assessments, and robust management buffers.

The updated submission process applies from March 2025, marking a significant
step towards enhanced financial resilience in the European banking sector.

Continue reading about key takeaways and next steps for banks.

The European Banking Authority (EBA) has published its final guidelines on the management of ESG risks, aimed at ensuring that financial institutions develop robust governance, risk management, and strategic planning frameworks to address environmental, social, and governance (ESG) risks. These guidelines represent a critical step in the EU’s efforts to align the financial sector with the European Green Deal, achieving sustainability objectives such as net-zero emissions by 2050, as set out in Regulation (EU) 2021/1119.
Continue reading for an overview of the guidelines’ key takeaways, timelines, scope of applicability, and practical implications for banks, referencing critical components such as the role of materiality assessments, plans under Article 76(2) of Directive 2013/36/EU, and methodologies for ESG risk measurement.

The European Banking Authority (EBA) published on the 8th of January a Consultation Paper on its draft Regulatory Technical Standards (RTS) to specify the technical elements necessary for institutions to calculate and aggregate crypto-asset exposures in relation to the prudential treatment of such exposures.

Taking into account the ongoing European developments in this area and the regulatory requirements introduced in CRR 3 which provide transitional prudential treatment for banks' exposures to crypto assets.

Continue reading to learn more about the consultation process and what RTS is proposing.

The priorities are based on the key risks that supervised banks face in the current macro-financial and geopolitical environment and take into account the results of the supervisory and evaluation process (SREP) as well as the progress made compared to the priorities of previous years.
Given the persistently high geopolitical tensions and the associated uncertainty about the macroeconomic outlook, ECB recommend banks to remain cautious and vigilant, regularly assessing the implications that such events could have on their business, operations and risk profile.
Continue reading to learn more about the supervisory priorities for 2025-2027.

The Basel IV framework elevates regulatory standards for banks by improving transparency and consistency in public disclosures. Adopted by the EBA and aligned with international standards, the new Implementing Technical Standards (ITS) streamline reporting in areas like risk management, ESG factors and operational risks. With compliance starting January 2025, the ITS includes standardized templates and guidelines for clear, comparable, and actionable financial data.Continue reading about key takeaways from the ITS.

The European Banking Authority (EBA) launched on Friday, the 11th of October, a consultation on the Pillar 3 data hub, which will centralise prudential disclosures by institutions through a single electronic access point on the EBA website. This project is part of the Banking Package laid down in the Capital Requirements Regulation (CRR3) and Capital Requirements Directive (CRD6). This consultation runs until 11th of November.

Continue reading for gaining insights on the tentative implementation timeline and the implications for banks.