FRfinancialregulations.eu

Reference Guide — Updated March 2026

EU Financial Regulation Map

A comprehensive overview of every major EU financial regulation: what it covers, who it applies to, key dates, supervisory authorities, and how regulations relate to each other. Covering 16 regulations across 9 regulatory domains.

Fully applicable
Partially applicable / phased
Transposition pending
Proposed
Digital FinanceSecurities & MarketsAsset ManagementSustainable FinanceBanking & PrudentialPaymentsAML / CFTRetail & ConsumerCybersecurity

Digital Finance

MiCAR

Markets in Crypto-Assets Regulation

Fully applicable since 30 Dec 2024

Establishes a harmonised EU framework for the issuance, offering, and provision of services related to crypto-assets. Covers white paper requirements, asset-referenced tokens (ARTs), e-money tokens (EMTs), and CASP authorisation with EU passporting.

Key Date

CASP transitional period ends 1 Jul 2026

Supervisor

ESMA + national competent authorities

Applies To

  • Crypto-asset issuers
  • Crypto-asset service providers (CASPs)
  • ART & EMT issuers
  • DeFi platforms (if centralised elements)

Key Articles

  • Art. 2(4) — MiFID II exclusion
  • Art. 16 — White paper requirements
  • Art. 63 — CASP authorisation
  • Art. 67 — Own funds requirements
Related:MiFID II / MiFIRAMLD / AML PackageDLT PilotEUR-Lex (32023R1114)Read guide

DORA

Digital Operational Resilience Act

Applicable since 17 Jan 2025

Harmonises ICT risk management, incident reporting, digital operational resilience testing, and ICT third-party risk management for financial entities. Introduces an oversight framework for critical ICT third-party service providers.

Key Date

All financial entities must comply now

Supervisor

ESAs (EBA, ESMA, EIOPA) + national competent authorities

Applies To

  • Credit institutions
  • Investment firms
  • Fund managers (AIFMs, UCITS ManCos)
  • Insurance & reinsurance undertakings
  • + 3 more

Key Articles

  • Art. 5-16 — ICT risk management framework
  • Art. 17-23 — Incident reporting
  • Art. 24-27 — Resilience testing (incl. TLPT)
  • Art. 28-44 — Third-party risk management
Related:NIS2CRR / CRDMiCAREUR-Lex (32022R2554)Read guide

DLT Pilot

DLT Pilot Regime Regulation

Applicable since 23 Mar 2023

Sandbox-style regulation allowing trading venues and CSDs to operate DLT-based market infrastructure with temporary exemptions from MiFID II and CSDR requirements. Enables tokenised securities trading and settlement on distributed ledgers.

Key Date

ESMA review report due 2026

Supervisor

ESMA + national competent authorities

Applies To

  • DLT multilateral trading facilities (DLT MTFs)
  • DLT settlement systems (DLT SSs)
  • DLT trading and settlement systems (DLT TSSs)

Key Articles

  • Art. 3-4 — Eligible DLT financial instruments
  • Art. 8 — DLT MTF requirements
  • Art. 9 — DLT SS requirements
  • Art. 10 — DLT TSS requirements
Related:MiFID II / MiFIRMiCARCSDREUR-Lex (32022R0858)

AI Act

Artificial Intelligence Act

Phased: prohibited AI (Feb 2025), high-risk (Aug 2026)

Risk-based framework for AI systems. High-risk AI in financial services (credit scoring, insurance pricing) requires conformity assessments, risk management systems, data governance, transparency, human oversight, and accuracy/robustness standards. Financial institutions using AI must comply alongside sector-specific rules.

Key Date

High-risk AI system obligations from 2 Aug 2026

Supervisor

AI Office (Commission) + national authorities

Applies To

  • AI system providers and deployers
  • Financial institutions using AI for credit scoring
  • Insurers using AI for risk assessment/pricing
  • Any entity deploying high-risk AI in financial services

Key Articles

  • Art. 6 + Annex III — High-risk classification
  • Art. 9 — Risk management system
  • Art. 13 — Transparency and information to deployers
  • Art. 14 — Human oversight requirements
Related:DORAMiFID II / MiFIRSFDREUR-Lex (32024R1689)

Securities & Markets

MiFID II / MiFIR

Markets in Financial Instruments Directive & Regulation

Applicable since 3 Jan 2018; MiFIR Review ongoing

Core EU framework for securities markets. Governs authorisation of investment firms, conduct of business, market structure, transparency (pre- and post-trade), transaction reporting, and commodity derivatives position limits.

Key Date

Consolidated tape provisions from 2026

Supervisor

ESMA + national competent authorities

Applies To

  • Investment firms
  • Credit institutions providing investment services
  • Trading venue operators (RMs, MTFs, OTFs)
  • Systematic internalisers
  • + 1 more

Key Articles

  • Art. 4 — Definitions (financial instruments)
  • Art. 25 — Suitability and appropriateness
  • Art. 27 — Best execution
  • MiFIR Art. 26 — Transaction reporting
Related:MiCARPRIIPsEMIRMAREUR-Lex (32014L0065)

EMIR 3

European Market Infrastructure Regulation (refit)

EMIR 3 entered into force Dec 2024; phased application

Framework for OTC derivatives clearing, CCP supervision, and trade repository reporting. EMIR 3 introduces the active account requirement (euro-denominated derivatives must be partially cleared through EU CCPs), enhanced CCP supervision, and revised clearing thresholds.

Key Date

Active account requirement from mid-2026

Supervisor

ESMA + national competent authorities

Applies To

  • OTC derivative counterparties (financial & non-financial)
  • Central counterparties (CCPs)
  • Trade repositories

Key Articles

  • Art. 4 — Clearing obligation
  • Art. 7a-7d — Active account requirement (EMIR 3)
  • Art. 9 — Trade reporting
  • Art. 10-11 — Non-financial counterparty thresholds
Related:MiFID II / MiFIRCRR / CRDEUR-Lex (32024R2987)

Asset Management

AIFMD II

Alternative Investment Fund Managers Directive (recast)

Transposition deadline: 16 Apr 2026

Major revision of the AIFMD. Introduces a harmonised framework for loan-originating AIFs, mandatory liquidity management tools, enhanced delegation rules, revised depositary requirements, and improved regulatory reporting.

Key Date

16 Apr 2026 — Member States must transpose

Supervisor

ESMA + national competent authorities

Applies To

  • Alternative investment fund managers (AIFMs)
  • UCITS management companies (where amended)
  • Depositaries
  • Loan-originating AIFs

Key Articles

  • Art. 15-16 — Loan origination requirements
  • Art. 16a — Liquidity management tools (mandatory)
  • Art. 20 — Delegation framework (substance)
  • Art. 21 — Depositary passport considerations
Related:UCITSSFDRCRR / CRDEUR-Lex (32024L0927)Read guide

UCITS

Undertakings for Collective Investment in Transferable Securities Directive

Applicable; amended by AIFMD II

Framework for cross-border marketing of retail investment funds. Harmonised authorisation, investment rules, depositary requirements, and investor disclosures. AIFMD II introduces mandatory liquidity management tools and revised delegation substance requirements for UCITS ManCos.

Key Date

AIFMD II amendments apply 16 Apr 2026

Supervisor

ESMA + national competent authorities

Applies To

  • UCITS management companies
  • Self-managed UCITS
  • UCITS depositaries

Key Articles

  • Art. 1-2 — Scope and definitions
  • Art. 29-30 — Management company authorisation
  • Art. 52-57 — Investment policies and limits
  • Art. 69 — KIID requirements
Related:AIFMD IIPRIIPsSFDREUR-Lex (32009L0065)

Sustainable Finance

SFDR

Sustainable Finance Disclosure Regulation

Applicable; SFDR 2.0 proposal published Nov 2025

Requires sustainability-related disclosures by financial market participants. Current framework: entity-level (Art. 3-5) and product-level (Art. 6, 8, 9) disclosures, PAI statements. SFDR 2.0 will replace Article 8/9 categories with Sustainable, Transition, and ESG Collection products.

Key Date

SFDR 2.0 expected to apply 2027-2028

Supervisor

ESAs (joint) + national competent authorities

Applies To

  • Financial market participants (AIFMs, UCITS ManCos, pension providers)
  • Financial advisers
  • Insurance-based investment product providers

Key Articles

  • Art. 6 — Product sustainability risk disclosure
  • Art. 8 — Environmental/social characteristics
  • Art. 9 — Sustainable investment objective
  • Art. 4 — PAI statement (entity level)
Related:Taxonomy RegulationCSRDAIFMD IIEUR-Lex (32019R2088)Read guide

Taxonomy Regulation

EU Taxonomy Regulation

Applicable; Delegated Acts evolving

Establishes a classification system for environmentally sustainable economic activities. Six environmental objectives: climate mitigation, adaptation, water, circular economy, pollution, biodiversity. Activities must contribute substantially, do no significant harm (DNSH), and meet minimum safeguards.

Key Date

Climate + environmental DAs applicable

Supervisor

European Commission + Platform on Sustainable Finance

Applies To

  • Financial market participants (SFDR scope)
  • Large undertakings (CSRD scope)
  • EU and Member States (public measures)

Key Articles

  • Art. 3 — Criteria for sustainable activities
  • Art. 8 — Transparency in non-financial statements
  • Art. 9 — Environmental objectives
  • Art. 18 — Minimum safeguards
Related:SFDRCSRDGreen Bond StandardEUR-Lex (32020R0852)

CSRD

Corporate Sustainability Reporting Directive

Phased: large PIEs (2024), large companies (2025), SMEs (2026)

Replaces the NFRD. Requires detailed sustainability reporting under European Sustainability Reporting Standards (ESRS). Double materiality assessment, limited assurance, digital tagging (XBRL), and mandatory inclusion in the management report.

Key Date

Listed SMEs first report for FY2026

Supervisor

National competent authorities + EFRAG (standards)

Applies To

  • Large public-interest entities (> 500 employees) — since FY2024
  • All large companies — since FY2025
  • Listed SMEs — from FY2026 (opt-out to FY2028)

Key Articles

  • Art. 19a — Sustainability reporting in management report
  • Art. 29a — Consolidated sustainability reporting
  • ESRS 1 — General requirements
  • ESRS E1-E5 — Environmental standards
Related:SFDRTaxonomy RegulationCSDDDEUR-Lex (32022L2464)

Banking & Prudential

CRR III / CRD VI

Capital Requirements Regulation III & Directive VI

CRR III: 1 Jan 2025; CRD VI transposition: 11 Jan 2026

Implements Basel III final reforms in the EU. Key changes: output floor (phased 50%-72.5%), revised credit risk standardised approach, FRTB for market risk, CVA risk framework, ESG risks in Pillar 2, fit-and-proper requirements, and third-country branch regime.

Key Date

Output floor phase-in 2025-2030 (50% to 72.5%)

Supervisor

EBA + national competent authorities (ECB/SSM for significant institutions)

Applies To

  • Credit institutions
  • Investment firms (Class 1)
  • Financial holding companies

Key Articles

  • Art. 92 — Own funds requirements (with output floor)
  • Art. 115-166 — Revised standardised approach for credit risk
  • Art. 325a+ — FRTB market risk framework
  • CRD Art. 87a — ESG risk management
Related:DORABRRDMRELAIFMD IIEUR-Lex (32024R1623)Read guide

Payments

PSD3 / PSR

Payment Services Directive 3 & Payment Services Regulation

Proposed June 2023; trilogue ongoing

Successor to PSD2. Merges the Payment Services Directive and E-Money Directive into a single framework. Key changes: enhanced strong customer authentication, open banking evolution, fraud liability, IBAN/name matching, and alignment with the digital euro framework.

Key Date

Expected application 2026-2027

Supervisor

EBA + national competent authorities

Applies To

  • Payment institutions
  • E-money institutions
  • Account servicing payment service providers
  • Open banking third-party providers (AISPs, PISPs)

Key Articles

  • PSR — Strong customer authentication (revised)
  • PSR — IBAN/name verification
  • PSD3 — Authorisation of payment institutions
  • PSR — Open finance data access rights
Related:FiDADigital EuroAMLD / AML PackageEUR-Lex (COM/2023/366)

AML / CFT

AML Package

EU Anti-Money Laundering Package (AMLR, AMLD6, AMLA)

AMLA operational 2025; AMLR applies 10 Jul 2027

Comprehensive overhaul of EU AML/CFT framework. Creates a new EU authority (AMLA) with direct supervisory powers. Single rulebook via directly-applicable AML Regulation (AMLR). Harmonises CDD, beneficial ownership, cash payment limits (EUR 10,000), and crypto transfer rules.

Key Date

AMLD6 transposition: 10 Jul 2027; AMLR direct application: 10 Jul 2027

Supervisor

AMLA (Frankfurt) + national FIUs + national competent authorities

Applies To

  • Credit institutions
  • Payment & e-money institutions
  • CASPs
  • Investment firms
  • + 3 more

Key Articles

  • AMLR — Customer due diligence (harmonised)
  • AMLR — Beneficial ownership transparency
  • AMLR — EUR 10,000 cash limit
  • AMLA Regulation — Direct supervision of high-risk entities
Related:MiCARPSD3 / PSRTransfer of Funds RegulationEUR-Lex (32024R1624)

Retail & Consumer

PRIIPs

Packaged Retail and Insurance-based Investment Products Regulation

Applicable since 1 Jan 2018 (KID format revised 2023)

Requires a Key Information Document (KID) for all PRIIPs sold to retail investors. Standardised format covering risk, reward, costs, and recommended holding period. The Retail Investment Strategy proposal may significantly revise the framework.

Key Date

Retail Investment Strategy review ongoing

Supervisor

ESAs + national competent authorities

Applies To

  • PRIIP manufacturers
  • Persons advising on or selling PRIIPs
  • Fund managers (UCITS KID alignment)

Key Articles

  • Art. 5 — KID requirement
  • Art. 8 — KID content requirements
  • Art. 13 — Review and revision of KID
  • Delegated Regulation — SRI methodology
Related:MiFID II / MiFIRIDDUCITSEUR-Lex (32014R1286)

Cybersecurity

NIS2

Network and Information Security Directive 2

Transposition deadline: 17 Oct 2024 (most MS late)

Broadens the scope of EU cybersecurity obligations beyond the original NIS Directive. Covers risk management, incident reporting (24h early warning + 72h notification), supply chain security, and management body accountability. For financial entities, DORA applies as lex specialis.

Key Date

DORA is lex specialis for financial entities

Supervisor

National CSIRTs + ENISA

Applies To

  • Essential entities (energy, transport, banking, health, digital infra)
  • Important entities (postal, food, chemicals, digital providers)
  • Note: financial entities primarily subject to DORA, not NIS2

Key Articles

  • Art. 21 — Cybersecurity risk management measures
  • Art. 23 — Incident reporting obligations
  • Art. 20 — Governance and management body liability
  • Art. 4 — Lex specialis relationship with sector-specific acts
Related:DORACRAAI ActEUR-Lex (32022L2555)Read guide

EU Supervisory Authorities

ESMA

European Securities and Markets Authority

Securities markets, investment firms, CCPs, trade repositories, CASPs, fund managers, credit rating agencies

www.esma.europa.eu

EBA

European Banking Authority

Credit institutions, payment institutions, e-money institutions, prudential regulation

www.eba.europa.eu

EIOPA

European Insurance and Occupational Pensions Authority

Insurance undertakings, reinsurance, IORPs, insurance-based investment products

www.eiopa.europa.eu

AMLA

Anti-Money Laundering Authority

Direct AML/CFT supervision of high-risk obliged entities, FIU coordination (operational from 2025, Frankfurt)

www.amla.europa.eu

ECB / SSM

European Central Bank / Single Supervisory Mechanism

Direct prudential supervision of significant credit institutions in the euro area (approx. 110 banking groups)

www.bankingsupervision.europa.eu

Frequently Asked Questions

How many EU financial regulations are there?

The EU financial regulatory framework consists of approximately 20 major regulations and directives at Level 1, supplemented by hundreds of Level 2 delegated and implementing acts (RTS, ITS), and Level 3 guidelines from the ESAs. The regulations span securities markets, banking, insurance, payments, sustainable finance, digital finance, and anti-money laundering.

What is the difference between an EU Regulation and a Directive?

An EU Regulation (e.g., MiCAR, CRR, EMIR) is directly applicable in all Member States — it becomes law without national transposition. A Directive (e.g., MiFID II, AIFMD, CRD) must be transposed into national law by each Member State, which can lead to implementation differences across jurisdictions.

Which EU regulations apply to crypto-asset companies?

The primary framework is MiCAR (Regulation (EU) 2023/1114) for crypto-asset issuance and service provision. CASPs must also comply with DORA for ICT risk management, the AML Package for anti-money laundering, and potentially MiFID II if dealing in tokenised securities. The DLT Pilot Regime applies to DLT-based trading venues.

Which EU regulations apply to fund managers?

AIFMs are subject to AIFMD II (transposition by April 2026), SFDR for sustainability disclosures, DORA for ICT resilience, the AML Package, and CRR/CRD if part of a banking group. UCITS management companies fall under the UCITS Directive, with AIFMD II amendments also applying. If products qualify as PRIIPs, the PRIIPs KID regulation applies.

What are the key EU financial regulation deadlines in 2026?

Key 2026 deadlines include: AIFMD II transposition (16 April 2026), MiCAR CASP transitional period end (1 July 2026), AI Act high-risk obligations (2 August 2026), AML Package phased provisions, ESG Ratings Regulation application, and EMIR 3 active account requirements.

Ask Any Question About These Regulations

financialregulations.eu covers 15,000+ provisions across all major EU financial regulations. Get AI-powered answers with article-level citations from the actual regulatory text.

Try It Free →Read Our Analysis