Skip to content
  • Home
  • Recent
  • Tags
  • Popular
  • Groups
Skins
  • Light
  • Cerulean
  • Cosmo
  • Flatly
  • Journal
  • Litera
  • Lumen
  • Lux
  • Materia
  • Minty
  • Morph
  • Pulse
  • Sandstone
  • Simplex
  • Sketchy
  • Spacelab
  • United
  • Yeti
  • Zephyr
  • Dark
  • Cyborg
  • Darkly
  • Quartz
  • Slate
  • Solar
  • Superhero
  • Vapor
  • Default (No Skin)
  • No Skin
Collapse
Brand Logo

Supervisory Priorities - UK & Europe

Scheduled Pinned Locked Moved General Discussion
prafcaebaecbregulation
1 Posts 1 Posters 2 Views 1 Watching
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • This user is from outside of this forum
    This user is from outside of this forum
    User 375
    wrote last edited by
    #1

    Supervisory Priorities - UK & Europe

    Across the UK and EU, supervisors are sharpening their focus on resilience, data, and disciplined execution amid significant regulatory change. In the UK, both the PRA and FCA are balancing competitiveness and growth objectives with heightened expectations around risk management, operational robustness, capital readiness, and consumer and financial crime outcomes—alongside efforts to modernise supervisory processes and reporting. In the EU, the EBA and ECB are driving rulebook delivery, supervisory convergence, and technology-related oversight, with particular emphasis on geopolitical resilience, ICT and third-party risk, and the governance of emerging digital and AI use cases. Collectively, the agenda signals sustained supervisory intensity, with firms expected to demonstrate strong fundamentals while adapting to evolving frameworks and innovation-led risks.

    UK

    Prudential Regulatory Authority (PRA)

    Strategic risk management (incl. trade finance, private markets, NBFI exposures, CCR, SRT discipline, model risk, new tech)

    • Expect continued supervisory pressure on risk identification/aggregation (especially around NBFI counterparty credit risk and private markets connectivity) and board-level visibility of exposures; also tighter governance expectations around SRT capital relief and model risk remediation

    Operational resilience (incl. cyber resilience and third‑party dependencies)

    • Banks should anticipate deeper challenge on operational resilience testing, plus more scrutiny of cyber preparedness and outsourcing/third‑party concentration, including expectations for contingency/exit testing and “don’t rely solely on vendor assurance” approaches.

    Financial resilience (capital & liquidity) with major regime change ahead

    • PRA is explicitly linking 2026 supervisory work to readiness for Basel 3.1 implementation on 1 Jan 2027, alongside the Strong and Simple regime for SDDTs on the same date; banks should expect material focus on capital planning, RWA accuracy, and permissions. The PRA also flags variable Pillar 2 requirement rebasing in 2026 with a 31 March 2026 data submission deadline, which can drive near‑term workload and potentially affect requirements.

    Data risk (incl. BCBS 239 benchmarking and potential skilled person reviews)

    • Banks should expect continuing pressure to strengthen data governance, architecture and validation; the PRA signals willingness to use specialist/skilled person reviews where weaknesses persist—so data programmes can become a supervisory-critical path item.

    Competitiveness & growth (see below for secondary objectives)

    • Reporting burden reduction (Future Banking Data programme)
      Alongside higher data quality expectations, the PRA is explicitly pushing streamlining/modernising reporting via the Future Banking Data programme—this can mean change in reporting processes and architecture (even if intended to reduce burden over time).

    • Supervisory approach / efficiency: shift to a two‑year cycle for PSMs and other streamlining
      PRA plans to move remaining firms from annual to biennial PSM cycles and accelerate certain approval timelines; banks may see fewer formal cycle-driven engagements but should expect continued cadence on material issues, plus operational changes in PRA interaction models

    Financial Conduct Authority (FCA)

    A smarter regulator (more efficient/effective; proportionate and predictable)

    • Banks can expect continuing changes in data collection and regulatory interactions (including FCA efforts to stop some returns, digitise processes, and enable ad‑hoc “flexi collections”), plus an FCA supervision model that aims to focus resources on the highest harm and act faster in higher-risk cases.

    Supporting growth (competitiveness, productivity, innovation)

    • For banks, this tends to translate into a mix of (i) enabling frameworks (e.g., Open Banking/Open Finance) and (ii) regime-building work (e.g., crypto/stablecoins) that can create opportunities but also new compliance and operating model requirements. The FCA’s work programme explicitly funds major growth-oriented initiatives like Open Finance and crypto regime work.

    Helping consumers navigate their financial lives

    • Banks (especially retail) should expect continued FCA focus on consumer outcomes—resilience to shocks, saving/investing, and consistently good experiences—often manifesting as supervisory attention to product design, customer journeys and (where relevant) market-wide reviews (e.g., the FCA signals work like a public discussion on the future mortgage market).

    Fighting financial crime

    • Banks should expect ongoing emphasis on measures that slow fraud growth, protect market integrity and tackle money laundering; that typically drives scrutiny of AML systems/controls, governance, and how firms prevent/identify/respond to fraud typologies

    EU

    European Banking Authority (EBA)

    Priority 1 — Rulebook: efficient, resilient and sustainable single market

    • Banks should expect sustained EBA focus on single-rulebook delivery and consistent implementation, with major workload tied to CRR/CRD mandates (the SPD references a large pipeline of mandates through 2028 and explicitly flags prioritisation of Basel III implementation and issues like third‑country branch access/consolidation topics).

    Priority 2 — Risk assessment: tools, data and methodologies for effective analysis/supervision/oversight

    • Expect continued evolution in EU supervisory analytics and benchmarking—i.e., more structured use of data and methodologies to support supervisory convergence and risk monitoring, which can translate into data/reporting expectations and more comparable supervisory scrutiny across Member States.

    Priority 3 — Innovation: enhancing technological capacity

    • This priority explicitly connects to the EBA’s expanding perimeter and tech-related supervisory roles, including new responsibilities tied to DORA and MiCA; for banks, this typically elevates expectations on ICT/third-party risk and on how firms interact with crypto-asset ecosystems (directly or via clients/counterparties).

    Cross-cutting: simplifying/streamlining the regulatory and supervisory framework

    • The EBA states it is pursuing efficiency and simplification, including actions aimed at reporting burden and the production of Level 2/3 products. If executed, this could reduce duplicative requirements over time, but it can also trigger transition costs (systems/process change) as the reporting stack is redesigned.

    European Central Bank (ECB)

    Priority 1 — Resilience to geopolitical risks and macro‑financial uncertainties

    • The ECB signals planned work that includes thematic review(s) of credit underwriting standards, follow-on reviews (e.g., loan pricing where relevant), and continued attention to capitalisation and CRR III implementation—all of which can affect supervisory findings, remediation programmes, and (indirectly) capital planning and RWA governance. Climate and nature-related risk management and transition planning also sit within Priority 1’s vulnerabilities/work programme.

    Priority 2 — Operational resilience and robust ICT capabilities

    • Expect supervisory intensity around DORA implementation (especially ICT third‑party and incident response), plus OSI campaigns, targeted reviews (e.g., ICT change management), and threat-led testing. ECB also highlights the need to remediate longstanding RDARR (risk data aggregation/risk reporting) issues and sets out a system-wide strategy with escalation if remediation is slow.

    Medium-to-longer term focus — digital and AI strategies, governance and risk management

    • The ECB is explicitly moving toward more structured engagement on banks’ AI (incl. generative AI) use cases, governance and controls—this can drive enhanced model risk management practices, data controls, and tech risk governance expectations over the 2026–28 horizon.
    1 Reply Last reply
    0

    Terms of Use Privacy Notice Cookie Notice Manage Cookies
    • Login
    • First post
      Last post
    0
    • Home
    • Recent
    • Tags
    • Popular
    • Groups