At the end of each month, the SAFE Regulatory Radar highlights a selection of important news and developments on financial regulation at the national and EU level.
SFDR 2.0: European Commission proposes new sustainable funds categories
On 20 November 2025, the Commission published a proposal to amend the Sustainable Finance Disclosure Regulation (SFDR), aiming for simpler sustainability disclosures in line with market preferences. The concept misalignment between the definitions in the SFDR and other EU sustainable finance legislation, coupled with challenges for financial market participants to access reliable and comprehensive Environmental, Social and Governance (ESG) data, has contributed to the complexity of the framework.
Against this background, the Commission proposes new sustainability categories for financial products to replace the current Article 8 (“light green) and Article 9 (“dark green”) categories with three product categories that offer distinguishable strategies to investors. The “sustainable” category includes products that invest at least 70% of their portfolio according to a pre-defined sustainability strategy. Financial products in the “transition” category must include at least 70 percent of their assets in projects that are credibly on the path to sustainability. In the “ESG basics” category, at least 70 percent of assets are invested in other products that take various ESG investment approaches into account but do not meet the criteria of the aforementioned categories. Principal Adverse Impacts (PAIs) must be disclosed under all three categories and investment exclusion conditions for weapons, tobacco, or fossil fuels apply, however, to differing degrees.
Moreover, the proposal adjusts the scope of the SFDR and simplifies entity-level disclosure requirements by deleting Articles 4 and 5, which govern the provisions on entity-level disclosures of PAIs, aligning remuneration policies with sustainability risks. Removing these specific firm-level impact and remuneration disclosures is intended to avoid duplication with the broader sustainability reporting already required for large companies under the Corporate Sustainability Reporting Directive (CSRD).
The proposed amendments will be negotiated and agreed on by the European Parliament and the Council as part of the ongoing SFDR review, with the aim of establishing a simpler, more retail-friendly transparency framework for sustainable financial products.
Digital Omnibus proposal and targeted digital simplifications
On 19 November 2025, the European Commission proposed a “digital simplification package” built around two omnibus acts: a Digital Omnibus on the digital acquis and a Digital Omnibus on AI. The package also includes a new Data Union Strategy and a European Business Wallets proposal, which builds on the EU Digital Identity Wallet by adapting it to the specific needs of economic operators and public sector bodies. These measures are designed to streamline and rationalize the growing body of EU rules on data, platforms, and AI by merging overlapping instruments and repealing obsolete provisions, while explicitly preserving the underlying policy goals on fundamental rights, safety.
Within this package, the Digital Omnibus proposes to amend the General Data Protection Regulation (GDPR) by easing transparency and access-request duties in clearly low-risk situations, creating clearer conditions for using personal data to train AI and conduct research, and tying personal-data breach notifications into a future single EU reporting entry point. The Data Act would absorb and replace the Free Flow of Non-Personal Data Regulation (FFDR), the Data Governance Act, and the Open Data Directive. Meanwhile, the Data Act will also tighten trade-secret safeguards, narrow business-to-government data access to public emergencies, and soften cloud-switching and smart-contract obligations, especially for Small and Medium-Sized Enterprises and Small Mid-Cap companies.
The omnibus proposes a single entry point for reporting cyber and data breach incidents, as well as critical-entity resilience incidents managed by the European Union Agency for Cybersecurity (ENISA), by amending both the NIS 2 Directive and the Critical Entities Resilience (CER) Directive. The “report once, share many” approach will require a common template to eliminate duplicate reporting obligations for operators. Technical tweaks to the Single Digital Gateway Regulation and the EU institutions' data-protection Regulation align cross-border procedures and EU-body processing with the updated data framework. The Platform-to-Business Regulation is repealed as its role is largely overtaken by the Digital Services Act and Digital Markets Acts.
The Digital Omnibus on AI Regulation proposal sits alongside the general Digital Omnibus and amends the AI Act and the civil-aviation basic Regulation to make AI implementation more practical. For instance, the proposal removes the direct legal obligation for providers and deployers of AI systems to ensure their staff are AI literate. Instead, member states and the Commission would be required to encourage them through non-binding measures.
The proposal further organizes and reinforces cooperation at the EU level between AI regulatory sandboxes, clarifying and aligning how these sandboxes are governed. It also extends the possibility to carry out real-world testing outside AI regulatory sandboxes for high-risk AI systems covered by the Union harmonization legislation.
All elements of the digital simplification package will move into the ordinary EU legislative and political process. The Digital Omnibus, the Digital Omnibus on AI, and the European Business Wallets Regulation will be negotiated by the European Parliament and the Council, where their technical calibration and the distribution of simplification gains and residual compliance burdens across firms, sectors, and member states will be determined.
Updates:
- European Banking Authority: On 5 November 2025, the European Banking Authority (EBA) published its final Guidelines on environmental scenario analysis, complementing Guidelines on ESG risk management that were reported on the SAFE Regulatory Radar in January 2025. The new text establishes supervisory expectations for how banks should conduct short- and long-term environmental scenario analyses.
- Federal Financial Supervisory Authority (BaFin): The German financial supervisory authority has published a new resolution circular. It aims to enhance the resolvability of institutions for which a bail-in resolution instrument is planned to be applied. This circular, building on its previous version, primarily focuses on aligning MaBail-in with the “Minimum Bail-in Data Template” (MBDT) of the Single Resolution Board (SRB), which was first published in November 2024.
- European Parliament: On 13 November 2025, the European Parliament backed a mandate to reduce and streamline sustainability reporting and due diligence duties well beyond the Commission proposal. The reporting will be lighter and will only be necessary for larger companies. Due diligence obligations are limited to large EU and non-EU corporations. The updated rules are part of the Omnibus I simplification package that was previously covered on the SAFE Regulatory Radar in February 2025 and October 2025.
Public consultations
|
Sara Fadavi is Financial Policy Analyst at the SAFE Policy Center.
