On 14 February 2025, the European Securities and Markets Authority (ESMA) issued a press release stating that it was launching a common supervisory action (CSA) with Member State competent authorities on compliance and internal audit functions of UCITS management companies and Alternative Investment Fund Managers (AIFMs) across the EU. ESMA explains that the CSA will be conducted this year and will assess to what extent UCITS management companies and AIFMs have established effective compliance and internal audit functions with the adequate staffing, authority, knowledge, and expertise to perform their duties under the AIFM and UCITS Directives. ESMA will publish a final report with the results of the exercise in 2026.

On 13 February 2025, there was published in the Official Journal of the EU (OJ), Commission Delegated Regulation (EU) 2025/295 of 24 October 2024 supplementing the Regulation on digital operational resilience for the financial sector with regard to regulatory technical standards on harmonisation of conditions enabling the conduct of the oversight activities. The Delegated Regulation enters into force on the twentieth day following that of its publication in the OJ.

On 13 February 2025, the following delegated acts supplementing the Regulation on markets in crypto-assets (MiCA) were published in the Official Journal of the EU: Commission Delegated Regulation (EU) 2025/292 of 26 September 2024 supplementing MiCA with regard to regulatory technical standards (RTS) establishing a template document for cooperation arrangements between competent authorities and supervisory authorities of third countries. Commission Delegated Regulation (EU) 2025/293 of 30 September 2024 supplementing MiCA with regard to RTS specifying the requirements, templates and procedures for the handling of complaints relating to asset referenced tokens. Commission Delegated Regulation (EU) 2025/294 of 1 October 2024 supplementing MiCA with regard to RTS specifying the requirements, templates and procedures for the handling of complaints by the crypto-asset service providers. Commission Delegated Regulation (EU) 2025/296 of 31 October 2024 supplementing MiCA with regard to RTS specifying the procedure for the approval of a crypto-asset white paper. Commission Delegated Regulation (EU) 2025/297 of 31 October 2024 supplementing MiCA with regard to RTS specifying the conditions for the establishment and functioning of consultative supervisory colleges. Commission Delegated Regulation (EU) 2025/298 of 31 October 2024 supplementing MiCA with regard to RTS specifying the methodology to estimate the number and value of transactions associated to uses of asset-referenced tokens and of e-money tokens denominated in a currency that is not an official currency of a Member State as a means of exchange. Commission Delegated Regulation (EU) 2025/299 of 31 October 2024 supplementing MiCA with regard to RTS on continuity and regularity in the performance of crypto-asset services.

On 13 February 2025, the European Commission adopted a draft Delegated Regulation supplementing the Regulation on digital operational resilience for the financial sector with regard to regulatory technical standards specifying the criteria used for identifying financial entities required to perform threat-led penetration testing, the requirements and standards governing the use of internal testers, the requirements in relation to the scope, testing methodology and approach for each phase of the testing, results, closure and remediation stages and the type of supervisory and other relevant cooperation needed for the implementation of TLPT and for the facilitation of mutual recognition. The draft Delegated Regulation: Sets out the criteria for the identification of financial entities required to perform threat-led penetration testing (TLPT). Establishes the requirements regarding testing scope, testing methodology and the results of TLPT, including the testing process. Lays down the requirements and standards governing the use of internal testers. Contains the rules on supervisory cooperation and mutual recognition of TLPT. The draft Delegated Regulation enters into force on the twentieth day following its publication in the Official Journal of the European Union.

On 13 February 2025, the European Securities and Markets Authority (ESMA) issued a consultation paper on amendments to the regulatory technical standards (RTS) on settlement discipline. Background The Central Securities Depositories Regulation (CSDR) Refit (Regulation 2023/2845) introduced certain amendments to Article 6(5) and 7(10) of the CSDR mandating ESMA to develop draft RTS in relation to settlement discipline measures and tools to improve settlement efficiency. In ESMA’s view, this requires an amendment of the existing RTS on settlement discipline, i.e. Commission Delegated Regulation (EU) 2018/1229 on Settlement Discipline (CDR 2018/1229). Proposed changes In the consultation paper ESMA sets out proposals to amend Commission Delegated Regulation (EU) 2018/1229, such as on timing and means for sending allocations and confirmations, on requiring all central securities depositories (CSDs) to  offer hold and release and partial settlement functionalities and to enable automated use of intraday cash credit secured with collateral, as well as on the requirements for CSDs to report top failing participants, and the information on settlement fails to be published by CSDs. ESMA also explores additional tools to improve settlement efficiency, for which ESMA’s preliminary view is that no regulatory action is required, but on which ESMA would nevertheless like to receive stakeholders’ views. These include topics such as the CSD business day schedule, the Standard Settlement Instructions format, the Unique Transaction Identifier, Place of Settlement and Place of Safekeeping. Next steps The deadline for comments on the consultation is 14 April 2025. ESMA intends to submit draft RTS to the European Commission by October 2025.

On 13 February 2025, HM Treasury (HMT) and the Bank of England (BoE) published an updated version of the 2018 Memorandum of Understanding (MoU) on their financial relationship, along with a joint statement. The updated MoU, which takes effect from the date of publication, maintains the capital and income framework for the BoE. HMT also notes that the MoU continues to reinforce the BoE’s independence and resilience to deliver its statutory policy objectives of monetary and financial stability, and provides transparency concerning the BoE’s finances. In their joint statement, HMT and the BoE explain that they have concluded a 5-yearly review of the parameters of the BoE’s capital framework as set out in Section 2B of the MoU, and the review concluded that: The capital framework has been effective in delivering its intended objectives at inception in 2018. The existing parameters of the capital framework remain adequate to support the BoE’s balance sheet. The existing BoE-HMT financial arrangements, as set out in the MoU, are sufficient to support the BoE’s planned transition to a demand-driven operating framework fully backed by repo. The BoE and HMT plan to keep these arrangements under review during the BoE’s balance sheet transition to a new steady state in coming years and to ensure close engagement as per the existing governance and information sharing channels set out in the MoU.

On 13 February 2025, HM Treasury (HMT) and the European Commission issued a joint statement on the third EU-UK Financial Regulatory Forum, which took place in London on 12 February 2025. The forum was established following the signing of the UK-EU Memorandum of Understanding on Financial Services Cooperation on 27 June 2023, and the joint statement has been published as a public record of what was discussed at the latest forum. HMT and the Commission explain that the forum agenda focused around 5 themes: The policy outlook, and macroeconomic and financial stability outlook. Banking regulation, including resolution and Basel III. Digital and technology, including cryptoassets regulation and AI. Markets reform, including the move towards T+1 securities settlement and capital markets regulation developments. Sustainable finance, including disclosures, credible transition planning, transition finance and green taxonomies. 

On 11 February 2025, the Eurosystem updated its European framework for threat intelligence-based ethical red-teaming (TIBER-EU framework) to align with the regulatory technical standards (RTS) of the Digital Operational Resilience Act (DORA) on threat-led penetration testing (TLPT). Background The TIBER-EU framework sets out comprehensive guidance on how authorities, entities, and threat intelligence providers and red-team testers should work together to test and improve the cyber resilience of entities by carrying out controlled cyberattacks. It also contains detailed guidance on how to complete DORA TLPT in a qualitative, controlled and safe manner, applying a uniform approach across the EU. Authorities are encouraged to adopt and implement the TIBER-EU framework. Updates to align with DORA The updates made to the TIBER-EU framework to incorporate regulatory requirements and align with other measures set out in DORA include: Aligning the process steps with the deliverables derived from the DORA RTS on TLPT (for which strict timelines have been introduced by the DORA RTS and are now incorporated into the TIBER-EU framework). Specifying purple-teaming as mandatory under TIBER-EU, as prescribed in the DORA RTS. Introducing changes to terminology to ensure consistency with DORA terminology. Establishing TIBER-EU guidance documents to facilitate the implementation of different parts of the framework and to ensure a secure and controlled TLPT execution. Providing advice on how to assess the quality of a provider in the updated Guidance for Service Provider Procurement. Moving away from the requirement for authorities that want to implement TIBER-EU to publish a full national implementation guide; authorities can instead refer to the adoption of the TIBER-EU documentation and publish a short implementation document described in the framework

On 12 February 2025, the European Commission published a proposal to shorten the settlement cycle for EU securities from two days to one, through a targeted amendment to the Central Securities Depositories Regulation (CSDR). The proposed legislative amendment would shorten the settlement cycle on securities, such as shares or bonds executed on EU trading venues, from two business days (known as ‘T+2’) to one business day after the trading takes place (‘T+1’). This change is intended to strengthen the efficiency and competitiveness of post-trade financial market services in the EU. The Commission states that its proposal for a move to T+1 is intended to: Promote settlement efficiency and increase the resilience of EU capital markets, as well as developing deeper and more liquid capital markets. Avoid market fragmentation and costs linked to misalignment between the EU and other global financial markets, which the Commission notes would contribute to the competitiveness of EU capital markets. The proposed date for the transition to T+1 settlement is 11 October 2027, which the Commission explains would give market participants time to develop, test and agree processes and standards to ensure an orderly and successful introduction of T+1 on EU capital markets. Next steps The proposal will be submitted to the European Parliament and the Council for consideration and adoption. The changes will enter into force once the co-legislators have reached an agreement on the proposal and after publication in the Official Journal of the EU.

On 12 February 2025, the European Banking Authority (EBA) published its final draft implementing technical standards (ITS) on the Pillar 3 data hub for large and other institutions, which will centralise prudential disclosures by institutions through a single electronic access point on the EBA website. The project is part of the Banking Package laid down in the Capital Requirements Regulation (CRR3) and Capital Requirements Directive (CRD6). Background The new Banking Package, which will implement the latest Basel III reforms in the EU, includes a mandate for the EBA to develop a Pillar 3 data hub. CRR3 (at Articles 434 and 434a) mandates the EBA to publish on its website the prudential disclosures for all institutions subject to those requirements, so that it is readily and centrally available to all relevant stakeholders through a single electronic access point on its website. The EBA is building a data hub to comply with this mandate, putting together all the disclosures required under Part Eight of the CRR. Draft ITS The final draft ITS set out the IT solutions and processes to be followed by large and other institutions when submitting their respective Pillar 3 disclosures. This includes the IT solutions to be used, the data exchange formats to be considered and the technical validations to be performed by the EBA. The EBA plans to provide additional detailed information to the submitters of Pillar 3 information in the onboarding communication plan, which it expects to publish by the end of the first quarter of 2025. For submitting the information to the EBA, there will be a transition period for institutions for information with disclosure reference dates from June to December 2025, to allow them time to prepare for the new publication process. In parallel, the EBA finalised a pilot exercise on a voluntary basis to test the process for large and other institutions, and it has taken on board the conclusions from that exercise when finalising the draft ITS, along with feedback received during its consultation phase. Next steps The draft ITS for small and non-complex institutions and on the resubmission policy will be subject to a separate consultation, which the EBA intends to launch in the first half of 2025.

On 13 February 2025, eight Commission Delegated Regulations supplementing the Regulation on markets in cryptoassets (MiCAR) were published in the Official Journal of the EU (OJ). The Delegated Regulations supplement MiCAR with regulatory technical standards (RTS) in relation to the following topics: A template document for cooperation arrangements between competent authorities and supervisory authorities of third countries. The requirements, templates and procedures for the handling of complaints relating to asset referenced tokens (ARTs). The requirements, templates and procedures for the handling of complaints by the crypto-asset service providers. Harmonisation of conditions enabling the conduct of the oversight activities. The procedure for the approval of a crypto-asset white paper. The conditions for the establishment and functioning of consultative supervisory colleges. The methodology to estimate the number and value of transactions associated to uses of ARTs and of e-money tokens denominated in a currency that is not an official currency of a Member State as a means of exchange. Continuity and regularity in the performance of crypto-asset services. Each of the Delegated Regulations will enter into force on the twentieth day following their publication in the OJ.

On 13 February 2025, the European Central Bank (ECB) published a speech: From concept to delivery: accounting for climate and nature in maintaining price stability and keeping banks safe and sound, which was delivered by Frank Elderson, a member of the ECB’s Executive Board and vice-chair of its Supervisory Board, at the MNI Webcast on Climate Change. In the speech, Mr Elderson discusses what the ECB is doing to account for climate and nature in its monetary policy and in banking supervision. Points covered in the speech include: The fundamental principle – that climate and nature are relevant for both monetary policy and banking supervision and, therefore, must be taken into account in the exercise of the ECB’s tasks – is independent of the actions of climate and nature policymakers. However, the intensity and configuration of the risks that will ultimately materialise is not.  The physical risks of climate and nature hazards are currently materialising at an ever-increasing scale and frequency and will continue to do so, which will cause an increase in transition risks. Reporting requirements in the EU’s sustainable finance framework will improve the availability of reliable and comparable data that are needed to identify and manage financial risks, and this is essential to ensure that the broader sustainable finance framework can serve its purpose of unlocking finance for the green transition and thereby contributing to Europe’s competitiveness agenda.

On 13 February 2025, the Financial Conduct Authority (FCA) published, as part of its artificial intelligence (AI) research series, a research note: An empirical analysis of pricing differences by demographic characteristics in the UK mortgage market. The research note seeks to understand whether there are differences in the prices paid for mortgage products by a series of demographic characteristics. The conclusion set out in the research note is that, after adjusting for mortgage type and controlling for risk factors, there appears to be no difference in mortgage pricing across the 4 demographics analysed: ethnicity, sex, sexual orientation, and having a health condition (as a characteristic of vulnerability). Instead, the research found that groups appear to have different types of mortgage products, although it was unclear whether that difference was driven by consumer choice or due to the types of mortgages those consumers were able to access. However, the FCA notes that from the research, whilst it observes that there is no evidence of a lack of direct pricing fairness (through differences in pricing by demographic characteristics alone), it cannot conclude that there are not issues with ‘demand fairness’ via the availability of products to different groups, as there are other potential drivers of differential outcomes such as the impact of society on individuals’ financial conditions at the time of taking out a mortgage.  The FCA has been carrying out research in the area of AI bias to help deepen its understanding of AI and its potential impact on financial services, and to spark discussion on these issues. 

On 12 February 2025, the Financial Conduct Authority (FCA) updated its webpage on notification and disclosure of net short positions to provide a short selling update. In the update, the FCA notes that the final Short Selling Regulations 2025 were published in January 2025, setting out high level requirements for the new UK short selling regime. The Regulations also give the FCA powers to set out more detailed rules to complete and implement the new regime. The FCA flags that it aims to consult on its new short selling rules in Q3 2025. Certain aspects of the regulation will be implemented once the FCA has finalised the new rules and allowed time to make any technical and operational changes, including the new requirement to publish aggregated and net short positions by issuer. In the interim, the FCA confirms that the existing UK short selling regime will continue to apply, including the current public disclosure of individual firms’ net short positions in issuers at the 0.5% threshold and above. The update also flags that the FCA published its updated UK list of exempted shares on 1 January 2025.

On 12 February 2025, the Greenhouse Gas Emissions Trading Scheme (Amendment) (No. 2) Order 2025 (the Order) was laid before Parliament and published on legislation.gov.uk, along with an explanatory memorandum. The Order makes amendments to the legislation that gives effect to the UK Emissions Trading Scheme (UK ETS), which incentivises decarbonisation by requiring operators to purchase allowances based on carbon emissions. Some operators are given free allocation of allowances to mitigate the risk of carbon leakage, and there are two allocation periods – 2021-2025 and 2026-2030 – during which free allocation is calculated and provided to eligible operators. The Order moves the start of the second allocation period for stationary installations from 2026 to 2027, making 2026 a standalone year, and provides for the calculation of free allocation in the 2026 standalone scheme year. In addition, the Order makes three changes to other aspects of the scheme, to: Require the publication of full details of transactions between accounts in the scheme’s Registry after a three year delay. Add limited exceptions to the prohibition on disclosure of Scheme data in order to support the development and implementation of related policies, and support the statutory functions of the Climate Change Committee. Extend qualification criteria so that installations with low levels of emissions which started operations between 2nd January 2021 and 1st January 2024 inclusive can apply to be classed as Ultra-Small Emitters during the 2026-2030 period, thereby benefitting from a reduced administrative burden. The Order will come into force on 31 March 2025.

The European Commission (Commission) has published its work programme for 2025. The work programme consists of a communication discussing the Commission’s main plans and priorities and is accompanied by an Annex listing new initiatives and their expected timings, as well as initiatives the Commission intends to withdraw. The communication emphasises that the Commission intends to publish number of legislative packages that would simplify regulation for businesses, which is in line with its goal to reduce administrative burdens for enterprises by at least 25 percent. The first Omnibus proposal on simplification is expected on 26 February 2025 and will address the Taxonomy Regulation, the Corporate Sustainability Reporting Directive and the Corporate Sustainability Due Diligence Directive. The Commission will also propose the introduction of a new category of small mid-cap enterprises with tailored requirements. To ensure that the simplification agenda is effective, the Commission states that it will hold regular implementation dialogues with stakeholders and practitioners. The Commission’s Savings and Investment Union (SIU) initiative, which will be published on 19 March 2025, is part of a package to enhance the competitiveness of the EU. The main aims of the SIU, which will take the form of an action plan for future legislative and non-legislative actions, are to create a more integrated EU capital market and to channel more private savings to the capital markets. This would provide for better funding opportunities for EU businesses. In connection to these goals, the Commission will work on an EU Start-up and Scale-up strategy, which would also address access to finance. As mentioned, the Annex to the work programme provide an overview of the concrete new initiatives the Commission intends to publish over 2025, and the existing legislative proposals it intends to withdraw. The following new initiatives are related to financial services: Q1 2025First Omnibus simplification package (expected 26 February).Action Plan on affordable energy (expected 26 February).Communication on Savings and Investment Union (expected 19 March). Second Omnibus package on investment simplification. Q2 2025EU Start-up and Scale-up Strategy. Review of the Securitisation Framework. Q4 2025Review of the Sustainable Finance Disclosure Regulation. Evaluation of state aid rules for banks in difficulties.

On 11 February 2025, the European Systemic Risk Board (ESRB) issued a report that provides a compliance assessment of the implementation of the ESRB’s  recommendation of 2 December 2021 on reform of money market funds (MMFs). The recommendation was addressed to the European Commission (Commission) as is the report. The ESRB’s recommendation addressed certain policy recommendations to the Commission regarding the regulation and supervision of MMFs and aimed to address vulnerabilities stemming from the MMF sector. Recommendations issued by the ESRB are not legally binding but are subject to an “act or explain” regime which means that the addressee has to communicate to the European Parliament, the Council of the EU, the Commission and the ESRB the actions they have taken to comply with the recommendations or provide adequate justification for inaction. The report reflects the implementation status as at 31 December 2023. The compliance assessment is therefore based on the Commission’s actions and explanations up until the end of 2023. A key source of information is the Commission’s July 2023 report to the European Parliament and the Council on the functioning of Regulation (EU) 2017/1131 on money market funds.

On 12 February 2025, the Prudential Regulation Authority (PRA) issued Policy Statement 2/25: Streamlining firm-specific capital communications (PS2/25). In PS2/25 the PRA provides feedback on the responses it received to its earlier consultation paper (CP9/24) and sets out its final policy and rules which are intended to streamline firm-specific capital communications, which simplify the content and process of firm-specific capital communications used to set Pillar 2A, the systemic buffers and the Additional Leverage Ratio Buffer (ALRB). Final policy The final policy and rules are set out in: PRA Rulebook: CRR Firms: Buffers Instrument 2025. The instrument makes changes to the following Parts of the PRA Rulebook: Glossary, Leverage Ratio – Capital Requirements and Buffers, Disclosure (CRR), Reporting (CRR), Capital Buffers, and Own Funds and Eligible Liabilities (CRR). Supervisory Statement (SS) 31/15 – The Internal Capital Adequacy Assessment Process and the Supervisory Review and Evaluation Process. This statement was amended to reflect changes to, and avoid confusion with, rule 4.1 of the Capital Buffers Part of the PRA Rulebook. SS45/15 – The UK Leverage Ratio Framework. The changes reflect that the PRA will no longer use its powers under section 55M or section 192C of the Financial Services and Markets Act 2000 to set the ALRB. The calculation of the ALRB and related requirements are now set out in the PRA Rulebook. In response to feedback, the PRA has made one small change to paragraph 5.18 of SS31/15. This change has no meaningful effect on the policy. This is explained in chapter 2 of PS2/25. Next steps The changes have no impact on firms’ capital requirements. The new policy and rules will take effect on 31 March 2025. The PRA will reflect the changes in the capital communications at the time of the firm’s next Pillar 2A capital reset following 31 March 2025. Further information on timing can be found in paragraphs 1.15 to 1.20 of PS2/25.

On 6 February 2025, the European Commission published a set of draft guidelines on the definition of ‘artificial intelligence (AI) system’ for the purposes of the EU AI Act, which began to apply on 2 February 2025. Background Under the EU AI Act (which aims to promote innovation while ensuring high levels of health, safety, and fundamental rights protection), AI systems are classified into different risk categories, including prohibited, high-risk, and those subject to transparency obligations. Guidelines The Commission explains that, by issuing these guidelines, it aims to assist providers and other relevant persons in determining whether a software system constitutes an AI system to facilitate the effective application of the rules. They have been published in addition to the Guidelines on prohibited AI practices, as defined by the EU AI Act. The guidelines on the AI definition are not binding. The Commission notes that they are designed to evolve over time and will be updated as necessary, in particular in light of practical experiences, new questions and use cases that arise.  Next steps The Commission has approved the draft guidelines but they will now need to be formally adopted.

On 11 February 2025, the Treasury Committee published letters to the Financial Conduct Authority (FCA) and Financial Ombudsman Service (FOS) about the circumstances that surrounded the departure of the Chief Ombudsman, Abby Thomas, last week.  The letters were written following a session in which members of the Committee were not satisfied that they received the answers to their questions on the subject. The Committee raises concerns in the letters that the circumstances surrounding the departure of Ms Thomas did not appear to be fully shared with it, preventing its members from forming a full understanding of the process that led to her exit and what it means for the administration of the FOS. The Committee asks for further information including in relation to: The events surrounding Ms Thomas’ departure and the nature of the discussions as they progressed. Any settlement agreed with Ms Thomas. Whether senior officials had concerns regarding her performance.