What the EBA’s 2026 priorities will mean for you

The European Banking Authority’s agenda for 2026 will emphasise stability, smarter oversight and readiness for emerging risks. Chris Monks delves into the details

A large euro symbol outside of the ECB

The European Banking Authority (EBA) has outlined its work programme for 2026, reaffirming its core mandates in policy development, supervisory convergence and risk analysis.

Alongside these existing priorities, the EBA will expand its oversight and supervisory functions in light of new responsibilities related to third-party providers, issuers of crypto-assets and the use of initial margin models.

To guide this work, the EBA has identified three strategic priorities for the year ahead.

Priority 1: Strengthening the single rulebook

The EBA will focus on developing and implementing a fit-for-purpose Single Rulebook to support an efficient, resilient and sustainable financial services market across the European Union.

This will see a shift in emphasis from ex-ante harmonisation to ex-post convergence, in line with the recommendations of the Task Force on Efficiency.

Efforts will be made to simplify and enhance the efficiency of prudential rules, reduce reporting costs and improve proportionality through a review of Supervisory Review and Evaluation Process (SREP) Guidelines and a holistic assessment of the European Union’s regulatory framework.

Work will continue on the EU Banking Package, with mandates covering credit and operational risk, governance, third-country branches and prudential assessments of institutional changes.

The EBA will prepare for revisions to the securitisation framework, including synthetic securitisations, and contribute to monitoring and reporting efforts.

Priority 2: Enhancing risk management and supervisory capabilities

The EBA plans to strengthen its risk assessment capabilities through regular and ad hoc analyses, while expanding its supervisory roles under the:

  • Digital Operational Resilience Act (DORA);
  • Markets in Crypto-Assets Regulation (MiCA); and
  • European Market Infrastructure Regulation (EMIR).

This will involve overseeing critical information and communications technology (ICT) third-party providers, crypto-asset issuers and validating initial margin models.

Preparations for the 2027 EU-wide stress test will focus on streamlining bottom-up methodologies, integrating climate and non-banking financial institution (NBFI) risks and developing top-down credit risk models.

The EBA will also monitor geopolitical, trade and climate-related risks, as well as the interconnectedness between banks and NFBIs. Outreach will be supported by dashboards and risk reports.

Under DORA, joint oversight of critical third-party providers will intensify, including thematic reviews and inspections.

MiCA supervision will involve significant assessments of electronic money tokens and asset-referenced tokens, potentially with direct supervisory actions.

There will be a push to reduce reporting costs by 25 percent through harmonised, integrated and proportionate supervisory and resolution reporting frameworks.

This will include revising reporting components, improving change management and developing a public EU-wide data request repository.

Priority 3: Supporting technological innovation and consumer protection

The EBA aims to enhance technological capacity across the financial sector, with an emphasis on consumer protection.

It will monitor innovation and contribute to EU initiatives, such as the EU Artificial Intelligence (AI) Act and Digital Finance Strategy, focusing on AI and machine learning, crypto assets, distributed ledger technology and value chain evolution.

Implementation of the AI Act will progress through sectoral mapping and the assessment of its implications for the financial sector. The EBA will also analyse general-purpose AI (GPAI) use cases and third-party dependencies to support supervisory work.

The role of decentralised finance in accessing email money transfers and Asset-Referenced Tokens, the use of commercial bank-issued tokens and big tech’s influence in EU finance will all be monitored.

The EBA will also evaluate progress in the cross-border supervision of retail financial services, update its repository of financial education initiatives and refine retail risk indicators to guide future priorities.

Data on payment fraud will be published to assess the effectiveness of its security requirements and support a coordinated EU-wide fraud reduction effort.

The EBA will also continue efforts to improve consumer understanding of digital financial products, especially through clearer disclosures in white-labelled services.

What does this mean for you?

For regulated entities, the EBA’s priorities should serve as a roadmap for shaping internal compliance and risk strategies.

Taking a forward-looking approach now will help avoid the rush to meet new requirements later.

Institutions should evaluate their current position against the EBA’s strategic goals, identify any gaps and develop a structured plan to address them.

Early engagement with these priorities will support smoother compliance and greater operational resilience in the long term.

Chris Monks is Head of Prudential Risk at Forvis Mazars