At the end of each month, the SAFE Regulatory Radar highlights a selection of important news and developments on financial regulation at the national and EU level.
EBA final guidelines on retail diversification
On 13 February 2026, the European Banking Authority (EBA) published final Guidelines on proportionate retail diversification methods under the Capital Requirements Regulation (CRR) (Regulation (EU) 575/2013). Under the CRR standardized approach for credit risk, retail exposures can receive the preferential 75% risk weight only if the CRRs retail conditions are met, including that the exposure belongs to a sufficiently diversified retail portfolio. The EBA Guidelines specify how institutions using the standardized approach should prove that retail exposures are part of a sufficiently diversified (“granular”) retail portfolio to qualify for the preferential 75% risk weight.
As a baseline, the international Basel III framework deems a retail portfolio sufficiently granular, if no single exposure to a counterparty exceeds 0.2% of the overall regulatory retail portfolio. The EBA kept this 0.2% benchmark, but explicitly acknowledged that smaller institutions tend to have more concentrated retail portfolios and may therefore struggle to consistently meet that granularity metrics. Consequently, the final Guidelines require:
- Granularity benchmark: “As a starting point”, no single exposure to a counterparty or group of connected clients should exceed 0.2% of the total eligible retail portfolio.
- Proportionate diversification allowance: where some exposures exceed 0.2%, the portfolio may still be treated as sufficiently diversified provided that no more than 10% of the eligible retail portfolio is above the 0.2% threshold.
The Guidelines are addressed to the prudential supervisory authorities responsible for the application of the CRR, including the European Central Bank (ECB) for tasks carried out under the Single Supervisory Mechanism, and to supervised financial institutions within the scope of the European Banking Authority Regulation (Regulation (EU) No 1093/2010). Competent authorities are expected to incorporate the Guidelines into supervisory practice and notify the EBA of compliance under the EBA Guidelines framework.
PSD2 and MiCA: EBA Opinion as the “No-Action Letter” transition ends
On 12 February 2026, the EBA published an Opinion on supervisory actions as the transition period under its No-Action Letter (NAL) on the interplay between the Payment Services Directive 2 (PSD2) and the Markets in Crypto-Assets Regulation (MiCA) expires on 2 March 2026. The Opinion is addressed to National Competent Authorities (NCAs) designated under PSD2 and MiCA and focuses on Crypto-Asset Service Providers (CASPs) carrying out transactions in Electronic Money Tokens (EMTs) that may fall within the scope of PSD2 payment services.
The Opinion distinguishes three practical outcomes for CASPs providing EMT-related services that may qualify as PSD2 payment services:
- Scenario 1 – Authorized route: continuation is expected where the CASP is authorized as a Payment Institution (PI) or Electronic Money Institution (EMI) or delivers the relevant services via an authorized Payment Service Provider (PSP) arrangement.
- Scenario 2 – Application pending (conditional continuation): NCAs may allow temporary continuation while a PSD2 application is assessed, but only where the file is complete, the applicant responds promptly, there are no material supervisory concerns (including under the MiCA or national transitional regimes and anti-money laundering requirements), and authorization is expected within a “very short timeframe” (with the EBA indicating this should not run beyond 1 July 2026 for CASPs relying on MiCA transitional arrangements). Where allowed, the EBA expects at least no marketing and no onboarding of new clients for the relevant EMT payment services during the pending period.
- Scenario 3 – No viable pathway: where no PSD2 application has been submitted or Scenario 2 conditions are not met, the EBA advises NCAs to require cessation of the relevant EMT payment services and offboarding of clients from 2 March 2026, coordinating with MiCA supervisors as needed.
The EBA’s approach aims to balance business continuity with the need to avoid a prolonged period in which payment services are provided without PSD2 authorization. From 2 March 2026, the EBA sets out a narrow set of conditions under which CASPs may continue EMT-related payment services pending a PSD2 decision; otherwise, NCAs are advised to require discontinuation and client offboarding. The Opinion also stresses coordination between PSD2 and MiCA authorities when applying restrictions or enforcement measures.
Updates:
- On 5 February 2026, the European Commission published Commission Delegated Regulation (EU) 2026/323 that amends the ESMA fee regime for benchmark supervision, including fees for EU administrators endorsing third-country benchmarks. The delegated act reflects ESMA’s expanded supervisory remit under the EU Benchmarks Regulation, under which since 1 January 2026, ESMA supervises EU benchmark administrators that endorse third-country benchmarks, making ESMA the single entry point for third-country benchmarks in the European Union.
- On 3 February 2026, the European Commission published the Commission Delegated Regulation (EU) 2026/305 (AAR RTS), specifying operational conditions, the representativeness obligation and reporting requirements for the active account requirement under the European Market Infrastructure Regulation (EMIR). This follows ESMA’s consultation on the conditions of the active account requirement under EMIR 3, previously covered in the SAFE Regulatory Radar in February 2024.
- On 18 February 2026, ESMA published a press release announcing its support for simplified European Sustainability Reporting Standards (ESRS). Read more on the simplified EU sustainability reporting in the SAFE Regulatory Radar in July 2025.
- On 2 February 2026, following Council Decision (EU) 2026/258 authorizing enhanced cooperation, the Council agreed its position on the legal framework for the €90bn Ukraine Support Loan (2026–2027) and will now seek swift agreement with the European Parliament, including on related changes to the Ukraine Facility and the budget guarantee layer; the Council indicates the first disbursement is intended early in Q2 2026 once the remaining steps are completed. See also SAFE Regulatory Radar in October 2024 on the Ukraine Loan Cooperation Mechanism.
- On 17 February 2026, Basel Committee on Banking Supervision (BCBS) published a report on Synthetic Risk Transfers (SRTs), describing how banks transfer credit risk to third parties while retaining the underlying assets, and reviewing recent market growth, typical structures and funding arrangements, and the range of supervisory approaches to recognizing risk transfer (and related capital relief) across jurisdictions. The report also flags areas for ongoing supervisory attention, including limited disclosure, banks’ dependence on SRTs, and risks linked to banks’ financing of SRT investors/protection providers. For background on the growth of non-bank financial intermediaries and related financial-stability channels, see SAFE White Paper No. 114.
- On 29 January 2026, ESMA published its 2027–2029 Programming Document. Building on the European Commission’s market integration and supervision package highlighted in the SAFE Regulatory Radar in December 2025, notably the focus on strengthening ESMA’s supervisory powers and changes to ESMA governance, the 2027–2029 Programming Document provides a forward-looking view of how the Authority expects its work to evolve if the legislative agenda advances, including an explicit emphasis on the Savings and Investments Union (SIU), further simplification and burden reduction, and continued investment in supervisory convergence and data or technology capabilities.
- On 23 February 2026, ESMA announced its decision to withdraw its 2021 Guidelines on MiFID II / MiFIR obligations on market data because the clarifications have now been incorporated into the Regulatory Technical Standards (RTS) on making market data available on a reasonable commercial basis (Commission Delegated Regulation (EU) 2025/1156). These guidelines were previously reported in the SAFE Regulatory Radar in June 2021.
- On 24 February 2026, the Council of the European Union gave its final approval to the “Omnibus I” simplification package on sustainability reporting and due diligence, simplifying the Corporate Sustainability Reporting Directive (CSRD) and the Corporate Sustainability Due Diligence Directive (CS3D); the Council indicates the legislative act will be published in the Official Journal in the coming days and will enter into force 20 days after publication. This follows earlier SAFE coverage of the file’s parliamentary agreement/approval (SAFE Regulatory Radar in December 2025) and the Commission’s presentation of Omnibus I (SAFE Regulatory Radar in February 2025).
Public consultations
|
Sara Fadavi is Financial Policy Analyst in the SAFE Policy Center.
