Nos derniers articles

Cet article analyse un document de l'ESMA qui détaille les conclusions d'une action de surveillance coordonnée portant sur l'intégration des critères de durabilité ESG au sein de la directive MiFID II. L'examen révèle que, si les institutions financières progressent dans la collecte des préférences extra-financières de leurs clients, l'application des règles demeure hétérogène et complexe.

Le rapport détaille la coopération entre les trois autorités de surveillance européennes pour garantir la stabilité financière et la protection des consommateurs. Un axe majeur de ce document concerne l'application du règlement DORA, visant à renforcer la cyberrésilience face aux menaces numériques croissantes.

This final report from the European Banking Authority (EBA) introduces new Implementing Technical Standards (ITS) for the supervisory reporting of Third Country Branches (TCBs) operating within the European Union. Established under the CRD VI regulatory package, these standards create a harmonized framework to replace fragmented national rules and ensure effective oversight of foreign banking entities. The reporting requirements are structured around a proportionality principle, distinguishing between Class 1 and Class 2 branches to tailor the volume and frequency of data collection based on an entity's size and risk. Under the new mandate, branches must submit standardized templates covering their own financial and regulatory health, as well as critical information regarding their head undertakings and wider group activities. To ease the transition, the EBA has simplified several data requirements and set the initial reporting deadline for March 31, 2027. This initiative ultimately aims to strengthen financial stability and create a level playing field across the EU banking sector.

This report evaluates how competent authorities have implemented previous recommendations regarding ICT risk assessment within the Supervisory Review and Evaluation Process (SREP). The document highlights a significant shift in the regulatory landscape due to the application of DORA, which establishes a unified framework for financial sector resilience. According to the findings, supervisors have made notable progress by forming specialized ICT teams, enhancing technical expertise, and adopting automated monitoring tools. Furthermore, the report details the integration of ICT-specific guidelines into broader operational risk assessments to ensure a more cohesive supervisory approach. While most authorities have successfully adopted benchmarking and horizontal analysis, the EBA emphasizes that maintaining supervisory convergence remains an ongoing priority as technology evolves. Overall, the report confirms that the EU is moving toward a more harmonized and robust regime for managing digital risks in banking.

These Joint Guidelines on ESG Stress Testing provide a unified European framework for assessing how environmental, social, and governance risks impact the financial sector. These standards require competent authorities to evaluate both the short-term financial stability and long-term business model resilience of credit institutions and insurance firms. The methodology initially prioritizes climate-related environmental risks, examining both physical threats like weather events and transition risks such as policy shifts. To ensure practical application, the guidelines emphasize proportionality and materiality, allowing for simplified approaches based on the size and complexity of the entity. 𝗜𝗺𝗽𝗹𝗲𝗺𝗲𝗻𝘁𝗮𝘁𝗶𝗼𝗻 𝗶𝘀 𝘀𝗲𝘁 𝗳𝗼𝗿 𝗝𝗮𝗻𝘂𝗮𝗿𝘆 𝟭, 𝟮𝟬𝟮𝟳, following a refinement process that integrated public feedback on data granularity and scenario timelines. Ultimately, the guidelines aim to foster supervisory consistency across the EU while adapting to the evolving maturity of ESG data and modeling.

𝗜𝗡𝗦𝗨𝗥𝗔𝗡𝗖𝗘 𝗘𝗨𝗥𝗢𝗣𝗘 𝗔𝗡𝗗 𝗧𝗛𝗘 𝗘𝗨𝗥𝗢𝗣𝗘𝗔𝗡 𝗜𝗡𝗦𝗨𝗥𝗔𝗡𝗖𝗘 𝗖𝗙𝗢 𝗙𝗢𝗥𝗨𝗠 𝗥𝗘𝗦𝗣𝗢𝗡𝗗 𝗧𝗢 𝗧𝗛𝗘 𝗘𝗙𝗥𝗔𝗚 𝗖𝗢𝗡𝗦𝗨𝗟𝗧𝗔𝗧𝗜𝗢𝗡 𝗢𝗡 𝗧𝗛𝗘 𝗘𝗫𝗣𝗢𝗦𝗨𝗥𝗘 𝗗𝗥𝗔𝗙𝗧𝗦 𝗢𝗙 𝗧𝗛𝗘 𝗘𝗨𝗥𝗢𝗣𝗘𝗔𝗡 𝗦𝗨𝗦𝗧𝗔𝗜𝗡𝗔𝗕𝗜𝗟𝗜𝗧𝗬 𝗥𝗘𝗣𝗢𝗥𝗧𝗜𝗡𝗚 𝗦𝗧𝗔𝗡𝗗𝗔𝗥𝗗𝗦
Insurance Europe and the European Insurance CFO Forum responded to the EFRAG consultation on the revised Exposure Drafts of the European Sustainability Reporting Standards (ESRS). In their joint letter, views were expressed that while simplification efforts were welcomed, the standards remain too complex and burdensome.
The organizations called for 𝗳𝗮𝗶𝗿 𝗽𝗿𝗲𝘀𝗲𝗻𝘁𝗮𝘁𝗶𝗼𝗻 to be confirmed as an overarching principle prioritizing relevance and proportionality. They stated the 𝗗𝗼𝘂𝗯𝗹𝗲 𝗠𝗮𝘁𝗲𝗿𝗶𝗮𝗹𝗶𝘁𝘆 𝗔𝘀𝘀𝗲𝘀𝘀𝗺𝗲𝗻𝘁 (𝗗𝗠𝗔) is still overly complex and suggested the materiality filter should apply across all standards. They also recommended requiring only 𝗾𝘂𝗮𝗹𝗶𝘁𝗮𝘁𝗶𝘃𝗲 𝗱𝗶𝘀𝗰𝗹𝗼𝘀𝘂𝗿𝗲𝘀 for anticipated financial effects and supported 𝗲𝘅𝗲𝗺𝗽𝘁𝗶𝗻𝗴 𝗳𝗶𝗻𝗮𝗻𝗰𝗶𝗮𝗹 𝗶𝗻𝘀𝘁𝗶𝘁𝘂𝘁𝗶𝗼𝗻𝘀 𝗳𝗿𝗼𝗺 𝗱𝗶𝘀𝗰𝗹𝗼𝘀𝗶𝗻𝗴 𝗮𝗯𝘀𝗼𝗹𝘂𝘁𝗲 𝗚𝗛𝗚 𝗿𝗲𝗱𝘂𝗰𝘁𝗶𝗼𝗻 𝘁𝗮𝗿𝗴𝗲𝘁𝘀 when intensity targets are set, arguing the latter better reflects their role in financing transition.

The EBA, alongside ESMA and EIOPA, plans 𝗷𝗼𝗶𝗻𝘁 𝗼𝘃𝗲𝗿𝘀𝗶𝗴𝗵𝘁 𝗼𝗳 𝗖𝗿𝗶𝘁𝗶𝗰𝗮𝗹 𝗜𝗖𝗧 𝗧𝗵𝗶𝗿𝗱-𝗣𝗮𝗿𝘁𝘆 𝗣𝗿𝗼𝘃𝗶𝗱𝗲𝗿𝘀 (𝗖𝗧𝗣𝗣𝘀) from 2026, following their 2025 designation. Measures include direct engagement on governance, thematic contract reviews, and 𝗼𝗻𝘀𝗶𝘁𝗲 𝗶𝗻𝘀𝗽𝗲𝗰𝘁𝗶𝗼𝗻𝘀 𝗼𝗳 𝗵𝗶𝗴𝗵-𝗿𝗶𝘀𝗸 𝗮𝗿𝗲𝗮𝘀, with recommendations passed to financial entities. Supervisors will assess institutions’ 𝗜𝗖𝗧 𝘁𝗵𝗶𝗿𝗱-𝗽𝗮𝗿𝘁𝘆 𝗿𝗶𝘀𝗸 𝗺𝗮𝗻𝗮𝗴𝗲𝗺𝗲𝗻𝘁, 𝗶𝗻𝗰𝗶𝗱𝗲𝗻𝘁 𝗿𝗲𝘀𝗽𝗼𝗻𝘀𝗲, 𝗮𝗻𝗱 𝗰𝘆𝗯𝗲𝗿𝘀𝗲𝗰𝘂𝗿𝗶𝘁𝘆 𝗽𝗿𝗲𝗽𝗮𝗿𝗲𝗱𝗻𝗲𝘀𝘀, 𝗶𝗻𝗰𝗹𝘂𝗱𝗶𝗻𝗴 𝗹𝗲𝗴𝗮𝗰𝘆 𝘀𝘆𝘀𝘁𝗲𝗺 𝗿𝗶𝘀𝗸𝘀. The EBA will analyze major ICT incidents, contribute to a pan-European coordination framework for systemic events, collect new datasets via EUCLID, and support supervisory convergence to ensure 𝗰𝗼𝗻𝘀𝗶𝘀𝘁𝗲𝗻𝘁 𝗗𝗢𝗥𝗔 𝗶𝗺𝗽𝗹𝗲𝗺𝗲𝗻𝘁𝗮𝘁𝗶𝗼𝗻 𝗮𝗰𝗿𝗼𝘀𝘀 𝘁𝗵𝗲 𝗘𝗨.

The report discusses the growing threat of cyber risk to the EU's financial stability. Key points include:

• Cyber risk is a significant and systemic threat to the EU's financial sector, with increasing frequency and sophistication of attacks.

• Factors amplifying risk include geopolitical tensions, third-party IT dependencies, and the dual-edged impact of AI.

• The financial sector, including banks and insurers, faces tangible impacts from cyber threats.

• DORA is seen as a critical step requiring ongoing commitment to vigilance and resource allocation for digital infrastructure defense.

This comprehensive report from 𝗘𝗜𝗢𝗣𝗔 provides a 𝗳𝗼𝗹𝗹𝗼𝘄-𝘂𝗽 𝘁𝗼 𝗮 𝗽𝗲𝗲𝗿 𝗿𝗲𝘃𝗶𝗲𝘄 𝗼𝗻 𝗼𝘂𝘁𝘀𝗼𝘂𝗿𝗰𝗶𝗻𝗴, assessing the progress made by 𝗡𝗮𝘁𝗶𝗼𝗻𝗮𝗹 𝗦𝘂𝗽𝗲𝗿𝘃𝗶𝘀𝗼𝗿𝘆 𝗔𝘂𝘁𝗵𝗼𝗿𝗶𝘁𝗶𝗲𝘀 (𝗡𝗦𝗔𝘀) in strengthening their oversight of 𝗼𝘂𝘁𝘀𝗼𝘂𝗿𝗰𝗶𝗻𝗴 𝘄𝗶𝘁𝗵𝗶𝗻 𝘁𝗵𝗲 𝗶𝗻𝘀𝘂𝗿𝗮𝗻𝗰𝗲 𝘀𝗲𝗰𝘁𝗼𝗿. It details the 𝗺𝗲𝘁𝗵𝗼𝗱𝗼𝗹𝗼𝗴𝘆 used, the 𝘀𝗰𝗼𝗽𝗲 of the review, and the 𝗲𝘃𝗮𝗹𝘂𝗮𝘁𝗶𝗼𝗻 𝗰𝗿𝗶𝘁𝗲𝗿𝗶𝗮 applied to recommended actions. The document highlights 𝘀𝗶𝗴𝗻𝗶𝗳𝗶𝗰𝗮𝗻𝘁 𝗮𝗱𝘃𝗮𝗻𝗰𝗲𝗺𝗲𝗻𝘁𝘀 by NSAs in areas such as 𝗼𝘂𝘁𝘀𝗼𝘂𝗿𝗰𝗶𝗻𝗴 𝗳𝗿𝗮𝗺𝗲𝘄𝗼𝗿𝗸𝘀, 𝗻𝗼𝘁𝗶𝗳𝗶𝗰𝗮𝘁𝗶𝗼𝗻 𝗽𝗿𝗼𝗰𝗲𝘀𝘀𝗲𝘀, 𝗮𝗻𝗱 𝗱𝗼𝗰𝘂𝗺𝗲𝗻𝘁𝗮𝘁𝗶𝗼𝗻 𝗺𝗮𝗻𝗮𝗴𝗲𝗺𝗲𝗻𝘁, with many recommended actions being 𝗳𝘂𝗹𝗳𝗶𝗹𝗹𝗲𝗱 𝗼𝗿 𝗽𝗮𝗿𝘁𝗶𝗮𝗹𝗹𝘆 𝗳𝘂𝗹𝗳𝗶𝗹𝗹𝗲𝗱. However, it also identifies 𝗿𝗲𝗺𝗮𝗶𝗻𝗶𝗻𝗴 𝗴𝗮𝗽𝘀, particularly in 𝗼𝗳𝗳-𝘀𝗶𝘁𝗲 𝘀𝘂𝗽𝗲𝗿𝘃𝗶𝘀𝗶𝗼𝗻 and the 𝗳𝘂𝗹𝗹 𝗼𝗽𝗲𝗿𝗮𝘁𝗶𝗼𝗻𝗮𝗹𝗶𝘇𝗮𝘁𝗶𝗼𝗻 𝗼𝗳 𝘀𝘂𝗽𝗲𝗿𝘃𝗶𝘀𝗼𝗿𝘆 𝘁𝗼𝗼𝗹𝘀, emphasizing the need for 𝗰𝗼𝗻𝘁𝗶𝗻𝘂𝗲𝗱 𝗲𝘃𝗼𝗹𝘂𝘁𝗶𝗼𝗻 𝗼𝗳 𝘀𝘂𝗽𝗲𝗿𝘃𝗶𝘀𝗼𝗿𝘆 𝗽𝗿𝗮𝗰𝘁𝗶𝗰𝗲𝘀 to ensure effective and continuous oversight of outsourcing arrangements.

The 𝗘𝗜𝗢𝗣𝗔 has evaluated 𝗵𝗼𝘄 𝗘𝘂𝗿𝗼𝗽𝗲𝗮𝗻 𝗶𝗻𝘀𝘂𝗿𝗲𝗿𝘀 𝗮𝗿𝗲 𝗶𝗻𝗰𝗼𝗿𝗽𝗼𝗿𝗮𝘁𝗶𝗻𝗴 𝗰𝗹𝗶𝗺𝗮𝘁𝗲 𝗰𝗵𝗮𝗻𝗴𝗲 𝗿𝗶𝘀𝗸𝘀 𝗶𝗻𝘁𝗼 𝘁𝗵𝗲𝗶𝗿 𝗿𝗶𝘀𝗸 𝗮𝘀𝘀𝗲𝘀𝘀𝗺𝗲𝗻𝘁𝘀, specifically within their 𝗢𝗥𝗦𝗔. The findings indicate that most insurers are now including both 𝗽𝗵𝘆𝘀𝗶𝗰𝗮𝗹 𝗮𝗻𝗱 𝘁𝗿𝗮𝗻𝘀𝗶𝘁𝗶𝗼𝗻 𝗿𝗶𝘀𝗸𝘀 in their ORSA, utilizing 𝘀𝗰𝗲𝗻𝗮𝗿𝗶𝗼 𝗮𝗻𝗮𝗹𝘆𝘀𝗶𝘀 more frequently to understand potential financial impacts. While progress has been made, challenges remain, such as 𝗶𝗻𝗰𝗼𝗻𝘀𝗶𝘀𝘁𝗲𝗻𝘁 𝗮𝗽𝗽𝗿𝗼𝗮𝗰𝗵𝗲𝘀 𝗮𝗰𝗿𝗼𝘀𝘀 𝗱𝗶𝗳𝗳𝗲𝗿𝗲𝗻𝘁 𝗿𝗲𝗴𝗶𝗼𝗻𝘀 and a 𝘀𝗵𝗼𝗿𝘁𝗮𝗴𝗲 𝗼𝗳 𝗵𝗶𝗴𝗵-𝗾𝘂𝗮𝗹𝗶𝘁𝘆 𝗱𝗮𝘁𝗮. EIOPA aims to continue fostering 𝘀𝘂𝗽𝗲𝗿𝘃𝗶𝘀𝗼𝗿𝘆 𝗰𝗼𝗻𝘀𝗶𝘀𝘁𝗲𝗻𝗰𝘆 and building capacity in this area.