Banking Compliance: 2025 Upcoming Regulatory Requirements

The European Union has introduced a transformative package of banking regulations under the Basel III framework, signaling a critical moment for financial institutions to adapt to a more robust, transparent, and globally aligned regulatory landscape. With major reforms set for implementation on January 1, 2025, and additional measures like the Fundamental Review of the Trading Book (FRTB) postponed to January 1, 2026, these updates carry significant implications for banks.

For banks, these reforms are more than compliance hurdles—they are a strategic opportunity to strengthen operational resilience, manage emerging risks, and remain competitive in a rapidly evolving financial ecosystem. From the introduction of the output floor ensuring consistent capital standards to the integration of ESG risks and harmonized third-country branch supervision, each update requires careful preparation and strategic alignment.

This article serves as a comprehensive guide for banks, offering clear insights into the objectives of these reforms, detailed breakdowns of key updates, and actionable strategies for compliance. By navigating this guide, financial institutions can not only meet regulatory expectations but also leverage these changes as a foundation for long-term stability and growth.

Source

[1]

Banking package - Questions and answers

The European Commission adopted today a delegated act that postpones by one year the date of application of the Basel III fundamental review of the trading book (FRTB) standards in the EU for the banks’ calculation of their own funds requirements for market risk.

Finance

[2]

Prudential requirements

Prudential requirements aim to make the financial sector more stable, while ensuring that it is able to support households, firms, and other end-users of financial services.

Finance

1.Banking Compliance: Basel III Reforms in the EU

The Basel III framework was developed by the Basel Committee on Banking Supervision (BCBS) as a response to the 2007–2008 global financial crisis, which exposed critical weaknesses in the banking system. The reforms aim to enhance the resilience of financial institutions, reduce systemic risks, and improve the overall stability of the global financial system. Central to Basel III is the strengthening of capital adequacy, liquidity, and leverage standards to ensure that banks are better equipped to absorb economic shocks.

The European Union, committed to aligning with global standards, has adopted the Basel III framework through the Capital Requirements Regulation (CRR) and Capital Requirements Directive (CRD). By incorporating these reforms into EU law, the Union seeks to create a stable and uniform regulatory environment across its member states while addressing regional banking sector specificities. The latest phase of these reforms, set to be implemented on January 1, 2025, represents the culmination of over a decade of regulatory adjustments to enhance the EU’s banking resilience and supervisory framework.

Key Updates of the Reform

The latest updates under Basel III introduce critical measures designed to strengthen the EU’s banking sector:

1. Output Floor: One of the cornerstone changes is the introduction of an "output floor," ensuring that risk-weighted capital requirements calculated using internal models cannot fall below 72.5% of those calculated using standardized approaches. This measure addresses excessive variability in internal model outputs, enhancing transparency and comparability across banks.
2. Risk Management Enhancements: The reforms refine the treatment of credit, market, and operational risks. The Fundamental Review of the Trading Book (FRTB) introduces advanced methodologies for market risk calculation, aligning capital charges more closely with the actual risks banks face in capital markets.
3. Proportionality for Smaller Institutions: Recognizing the diversity of its banking sector, the EU introduces enhanced proportionality measures. These simplify compliance and reporting obligations for small and non-complex institutions, reducing administrative burdens without compromising regulatory standards.
4. Incorporation of ESG Risks: Reflecting the EU’s sustainability goals, the reforms require banks to integrate environmental, social, and governance (ESG) risks into their risk management practices and disclose their exposure to climate-related risks.
5. Harmonized Oversight for Third-Country Branches: The framework establishes stricter standards for third-country branches operating within the EU. It categorizes branches into higher-risk (Class 1) and smaller, non-complex (Class 2) entities, ensuring proportionate oversight.
6. Transition Periods for Complex Standards: To facilitate adaptation, the EU provides transitional arrangements for key elements like the FRTB. During this phase, banks will gradually align with new methodologies while maintaining stability in reporting and compliance.

Implementation Timeline

The EU’s Basel III implementation is structured in phases to ensure a smooth transition:

• 2008–2021: Initial Basel III measures were introduced following the global financial crisis, focusing on capital buffers, liquidity requirements, and leverage ratios.
• 2021: The European Commission proposed legislative amendments to fully align the CRR and CRD with the finalized Basel III standards.
• 2023: A political agreement on the reforms was reached, enabling legislative adoption.
• January 1, 2025: Full implementation of the latest Basel III reforms, including the output floor, enhanced risk frameworks, and ESG integration.
• 2026: Full adoption of the FRTB for market risk calculations, following transitional reporting and adaptation periods.

By adopting this phased approach, the EU ensures that institutions have sufficient time to adjust to the regulatory changes while maintaining financial stability. These reforms aim to bolster the resilience of the banking sector, aligning the EU with global standards and promoting economic sustainability.

2. Introduction of the Output Floor

What is the Output Floor?

The "output floor" is a key element of Basel III reforms, introduced to ensure banks' capital requirements are consistent, robust, and comparable. It establishes a minimum threshold for risk-weighted assets (RWA), ensuring banks using internal models cannot report capital requirements below 72.5% of those calculated using standardized approaches. This measure addresses inconsistencies and variability arising from internal modeling, enhancing transparency and promoting a level playing field across institutions. By acting as a baseline, the output floor improves the reliability of risk-weighted capital measures and strengthens financial stability.

Key Updates Related to the Output Floor

1. Fixed Minimum Threshold: The output floor limits RWA calculated via internal models to at least 72.5% of standardized RWA across credit, market, and operational risks, ensuring comprehensive coverage.
2. Phased Implementation: The EU is gradually implementing the output floor, requiring full compliance by 2025. Transitional provisions allow banks to adjust their models and capital strategies incrementally.
3. Enhanced Risk Sensitivity: The output floor acts as a safeguard rather than a replacement for internal models, preserving their risk sensitivity while ensuring baseline standards.
4. Application Across Groups: It applies at both consolidated and subsidiary levels, ensuring consistent capital adequacy across jurisdictions and banking groups.
5. EU-Specific Proportionality: Smaller, non-complex institutions are exempt, reflecting the diverse nature of the EU banking sector. However, banks using internal models must adapt their calculations to meet the output floor.

Actions Required by Banks to Meet Output Floor Regulations

1. Model Adjustments: Banks using internal models must ensure their calculations align with standardized benchmarks, identifying and addressing variances through recalibration.
2. Strengthen Capital Reserves: Institutions falling below the floor must boost capital buffers through retained earnings, equity issuance, or capital optimization.
3. Enhance Governance: Robust oversight and governance frameworks are essential for monitoring compliance and managing risk.
4. Transition Planning: Banks need detailed plans to meet compliance milestones during the implementation phase.
5. Upgrade Reporting Systems: Dual reporting of RWA under internal and standardized approaches requires accurate, efficient systems.
6. Regulatory Engagement: Proactive engagement with regulators can address implementation challenges and clarify expectations.
7. Portfolio Adjustments: Banks may need to reassess asset allocation and pricing strategies to optimize capital efficiency.
8. Staff Training: Training programs ensure employees can navigate the complexities introduced by the output floor.

3.Management of Environmental, Social, and Governance (ESG) Banking Risks

What is ESG?

Environmental, Social, and Governance (ESG) refers to a set of criteria used to evaluate an organization’s impact on the environment, its relationship with stakeholders, and the quality of its internal governance practices. In the context of banking, ESG encompasses how financial institutions assess and manage risks stemming from climate change, social inequalities, and governance issues. ESG considerations are increasingly critical as regulators, investors, and stakeholders demand that businesses align their operations with sustainable and ethical practices.

ESG risks are multifaceted. Environmental risks include exposure to climate-related events, such as floods or droughts, and the transition risks linked to shifting toward a low-carbon economy. Social risks involve human rights, labor practices, and community relations, while governance risks include corporate ethics, transparency, and board accountability. For banks, these risks directly impact financial performance and reputational stability, underscoring the need for integration into risk management frameworks.

Key Updates Related to ESG

The EU’s new regulations under the Basel III framework aim to systematically integrate ESG risks into banking practices. These reforms reflect the EU’s commitment to achieving climate neutrality by 2050 and supporting the broader goals of the European Green Deal.

1. Mandatory Risk Assessment: Banks are now required to systematically identify and quantify ESG risks as part of their overall risk management processes. This includes assessing the impact of climate-related risks on credit, market, and operational risks.
2. Disclosure Requirements: Financial institutions must disclose their exposure to ESG risks, detailing how these risks are identified, measured, and managed. These disclosures aim to increase transparency and allow stakeholders to better evaluate a bank’s resilience and commitment to sustainability.
3. Inclusion in Stress Testing: ESG risks are being integrated into supervisory stress testing and scenario analysis. Banks must evaluate their resilience under various climate scenarios, including transition and physical risks.
4. Enhanced Governance: Institutions are expected to embed ESG factors into their corporate governance structures. This includes board-level oversight of ESG risks and the alignment of business strategies with sustainable practices.
5. Support for Green Finance: The regulations encourage banks to develop products and services that support green investments and sustainable projects, such as renewable energy financing or green bonds.
6. Alignment with EU Taxonomy: Banks must align their activities with the EU taxonomy for sustainable finance, ensuring consistency with defined sustainability objectives.

Actions Required by Banks to Meet ESG Regulations

1. Develop Comprehensive ESG Frameworks: Banks need to establish robust frameworks for identifying, measuring, and mitigating ESG risks. This involves integrating ESG considerations into existing risk management processes and ensuring consistency across all risk categories.
2. Enhance Data Collection and Analysis: Accurate and comprehensive data is essential for assessing ESG risks. Banks must invest in data collection systems and methodologies to evaluate the impact of environmental and social factors on their portfolios.
3. Implement Transparent Reporting Systems: To meet disclosure requirements, banks need to enhance their reporting capabilities. This includes creating standardized ESG reporting templates and ensuring compliance with EU taxonomy regulations.
4. Build Expertise in ESG Risks: Banks must develop internal expertise to effectively manage ESG risks. This includes hiring specialists, providing staff training, and fostering collaboration between risk, compliance, and sustainability teams.
5. Align Governance Structures: Boards and senior management must take an active role in overseeing ESG integration. Banks should establish dedicated ESG committees and ensure ESG considerations are embedded in strategic decision-making.
6. Stress Testing and Scenario Analysis: Banks must prepare for supervisory stress tests by incorporating ESG factors into scenario analysis. This involves evaluating the financial impact of potential climate events and regulatory transitions.
7. Adapt Product Offerings: To support the green transition, banks should expand their portfolio of sustainable financial products, such as green loans, ESG-linked credit facilities, and renewable energy financing.
8. Engage with Stakeholders: Transparent communication with investors, regulators, and customers is vital. Banks must demonstrate their commitment to sustainability through regular updates on ESG initiatives and progress toward regulatory compliance.

4. Harmonisation of Third-Country Banks Branches Supervision

Harmonization of third-country branch supervision refers to the standardization of rules and oversight mechanisms for branches of non-EU banks operating within the European Union. Historically, supervision and regulation of these branches have varied across EU member states, leading to inconsistencies in how risks associated with these entities were managed. This fragmented approach created vulnerabilities, as some branches faced stricter scrutiny while others operated under lighter regimes.

The reforms aim to establish a uniform framework for the authorization, operation, and supervision of third-country branches (TCBs). By setting minimum requirements applicable across all member states, the EU seeks to ensure a consistent level of financial stability, market integrity, and consumer protection. This initiative aligns with broader efforts to deepen the EU's Banking Union and strengthen the resilience of its financial system against external risks.

Key Updates Related to Third-Country Banks Harmonisation

The reforms introduce several important updates to address the risks and operational inconsistencies associated with third-country branches:

1. Minimum Authorization Requirements: TCBs must now meet standardized criteria to obtain authorization to operate within the EU. This includes stricter scrutiny of the financial soundness and governance frameworks of the parent entity.
2. Risk-Based Classification: TCBs are categorized into two classes based on their size, complexity, and systemic importance. Class 1 branches are considered higher-risk due to larger asset bases or retail deposit-taking activities. These branches are subject to more stringent requirements compared to Class 2 branches, which are smaller and less complex.
3. Supervisory Framework: The reforms introduce uniform supervisory standards for TCBs, mandating regular reporting, risk assessments, and compliance checks. Supervisory authorities must ensure that TCBs align with EU regulatory expectations, including anti-money laundering (AML) and counter-terrorist financing (CTF) standards.
4. Consolidated Oversight: The regulations enhance cooperation between EU supervisory authorities and third-country regulators. By requiring information-sharing agreements, the reforms aim to create a seamless supervisory process for branches and their parent institutions.
5. Harmonized Reporting: TCBs must now comply with standardized reporting obligations across the EU. This ensures that regulators have access to consistent and transparent data on the activities and financial health of third-country branches.
6. Consumer Protection: Branches authorized to accept retail deposits must demonstrate robust measures to safeguard depositors’ interests, reducing the risk of disruptions to consumer confidence in the EU banking system.
7. Transition Periods: To facilitate compliance, existing TCBs are provided with transitional periods to meet the new requirements. This phased approach ensures stability while allowing institutions adequate time to adapt.

Actions Banks Must Take to Meet Updated Regulations

Third-country banks operating branches within the EU must undertake significant adjustments to align with the new harmonized supervisory framework:

1. Assess Authorization Criteria: Banks must review the eligibility of their existing branches under the new authorization requirements. This includes evaluating the financial health, governance structures, and risk management frameworks of both the branch and its parent entity.
2. Classify Branches: Institutions need to determine whether their branches fall under Class 1 or Class 2. This classification dictates the regulatory requirements they must meet, including reporting and operational standards.
3. Strengthen Governance and Compliance: Parent institutions must ensure that their branches have robust governance systems in place. This includes compliance with AML/CTF requirements and ensuring adequate resources to manage risks effectively.
4. Establish Supervisory Cooperation: Banks must engage with both EU and home-country regulators to facilitate seamless information sharing. Establishing formal agreements and complying with cross-border supervisory standards are essential.
5. Enhance Reporting Capabilities: Institutions must upgrade their reporting systems to comply with standardized EU reporting obligations. This includes ensuring timely, accurate, and transparent submissions to supervisory authorities.
6. Bolster Risk Management: TCBs must develop or enhance internal risk management systems to meet EU supervisory expectations. This includes aligning risk assessment methodologies with the new framework and preparing for regular compliance checks.
7. Adapt Consumer Protection Measures: For branches authorized to accept retail deposits, banks must implement additional safeguards to protect depositors. This includes ensuring adherence to EU standards for deposit guarantees and consumer protection.
8. Prepare for Transition: Banks must create clear transition plans to ensure compliance within the designated timelines. This involves allocating resources, training staff, and conducting internal audits to address gaps in readiness.

5.Banking Transitional Prudential Regime for Crypto Assets

The Transitional Prudential Regime for Crypto Assets is an interim regulatory framework introduced to address the growing presence of digital assets in the financial sector. It establishes temporary capital requirements for banks' exposures to crypto assets, ensuring these activities are adequately capitalized while long-term regulations are developed. This regime mitigates risks associated with crypto assets, such as volatility and cybersecurity threats, and ensures financial stability and market integrity during the transition.

Transitional Prudential Regime Regulations for Banks

1. Interim Capital Requirements: Banks must hold adequate capital reserves proportional to their exposure to crypto assets, with higher charges for volatile and unregulated assets.
2. Categorization of Crypto Assets: The regime differentiates between regulated assets, like stablecoins, and unregulated ones, applying varying risk weights accordingly.
3. High Risk Weight Assignments: Unregulated and volatile crypto assets are assigned high-risk weights, requiring substantial capital buffers.
4. Limited Exemptions: Small exposures or client trading purposes may qualify for limited exemptions to encourage innovation without compromising prudence.
5. Disclosure and Reporting: Banks must disclose their exposures, risk management practices, and capital allocations, and provide regular reports to regulators.
6. Alignment with Future Regulations: The regime aligns with forthcoming comprehensive frameworks, such as the EU’s MiCA regulation and Basel Committee guidelines.

Actions Banks Need to Take for their Compliance Standards

To comply with the Transitional Prudential Regime for Crypto Assets, banks must take several strategic and operational steps:

1. Evaluate Current Crypto Asset Exposure: Banks must conduct comprehensive assessments of their existing and planned exposures to crypto assets. This includes identifying the types of assets held, their risk profiles, and the corresponding capital requirements.
2. Enhance Risk Management Frameworks: Institutions need to update their risk management frameworks to incorporate the unique characteristics of crypto assets. This includes developing robust strategies to address volatility, cybersecurity risks, and operational challenges.
3. Allocate Capital Reserves: Banks must ensure they hold sufficient capital to meet the regime’s requirements. This involves recalibrating capital buffers for different classes of crypto assets based on their assigned risk weights.
4. Upgrade Reporting and Disclosure Systems: Complying with the detailed reporting requirements necessitates investments in data collection, analysis, and reporting infrastructure. Banks must implement systems that can accurately track crypto asset exposures and generate timely reports for regulators and stakeholders.
5. Engage with Supervisory Authorities: Banks should actively engage with regulators to clarify compliance expectations and address uncertainties related to the transitional regime. This collaboration ensures that institutions align their practices with regulatory intent.
6. Develop Expertise in Crypto Asset Management: As crypto assets introduce novel risks, banks must invest in training and hiring specialists with expertise in digital asset management, blockchain technology, and regulatory compliance.
7. Monitor Regulatory Developments: Given that the transitional regime is an interim measure, banks need to closely monitor the evolution of long-term regulatory frameworks, including MiCA and Basel guidelines. Preparing for these upcoming changes will ensure seamless compliance as the regulatory landscape evolves.
8. Adapt Product Offerings: Banks may need to revise their product portfolios to balance innovation with regulatory compliance. This includes evaluating the viability of offering crypto-related services, such as custody solutions or trading platforms, under the new prudential requirements.

6.Postponement of Market Risk Rules Implementation

The EU has postponed the implementation of the Fundamental Review of the Trading Book (FRTB) standards to January 1, 2026. These Basel Committee standards aim to enhance the market risk framework by improving risk sensitivity and ensuring consistent capital requirements. The delay aligns the EU with other major jurisdictions and provides banks more time to adapt to the complex changes.

FRTB introduces a dual framework—standardized and internal models approaches—to strengthen risk measurement and ensure comparability across institutions. The reforms are designed to reduce regulatory arbitrage, promote financial stability, and enhance market discipline.

Key Updates Related to FRTB

1. Enhanced Risk Sensitivity: The standardized approach under FRTB is more granular, considering sensitivities to risk factors such as interest rates, credit spreads, and equity prices. This makes the risk quantification process more reflective of actual market conditions.
2. Clear Boundaries Between Books: FRTB establishes clearer boundaries between the trading book (for short-term positions) and the banking book (for long-term holdings), ensuring risks are appropriately categorized and capitalized.
3. Risk Factor Eligibility Test (RFET): For banks using internal models, RFET ensures only risk factors supported by sufficient historical data are considered, improving model reliability and reducing subjectivity.
4. Default Risk Charge (DRC): FRTB introduces a specific capital charge for default risks within the trading book. This is critical for addressing risks tied to credit-sensitive instruments.
5. Profit and Loss (P&L) Attribution: The internal models approach includes P&L attribution tests to validate the accuracy of models in capturing trading book risks. Failure to meet these standards can result in banks reverting to the standardized approach.
6. Integration with Output Floor: The FRTB framework aligns with the output floor, ensuring that capital requirements from internal models do not fall below 72.5% of standardized calculations, thereby limiting excessive reductions.
7. Transparency through Reporting: The reforms include detailed reporting requirements, requiring banks to provide regulators with comprehensive data on their risk exposures and compliance with FRTB methodologies.
8. Transition Periods and Parallel Reporting: During the transition, banks must perform dual reporting—calculating market risk under both the current framework and FRTB standards. This helps identify compliance gaps and ensures readiness for full implementation.

FRTB Compliance: How to achieve it?

1. Upgrade Risk Models: Banks using the internal models approach must enhance their risk frameworks to meet FRTB’s rigorous requirements. This includes incorporating RFET, DRC, and P&L attribution tests into their systems.
2. Reassess Trading Book Boundaries: Institutions need to classify assets properly into trading or banking books based on FRTB’s stricter definitions. Misclassification can lead to higher capital charges or non-compliance.
3. Build Capital Buffers: Banks must review and adjust capital reserves to accommodate new requirements like the default risk charge and the output floor. This ensures resilience against market fluctuations.
4. Enhance Data Infrastructure: Reliable and comprehensive historical data is critical for meeting RFET and sensitivity-based calculations. Banks must invest in robust data management systems to support FRTB compliance.
5. Implement Parallel Reporting: During the transition, banks must report market risk using both current and FRTB methodologies. This dual reporting helps ensure accurate implementation and addresses potential challenges early.
6. Strengthen Governance: Boards and risk committees must actively oversee FRTB preparation efforts. This includes setting clear timelines, allocating resources, and ensuring internal accountability for compliance.
7. Train Staff: Risk management teams must be trained to understand and implement FRTB requirements. This includes building expertise in advanced risk modeling, sensitivity analysis, and regulatory reporting.
8. Engage with Regulators: Banks should collaborate with supervisory authorities to clarify compliance expectations, address implementation challenges, and ensure alignment with transitional provisions.
9. Monitor Global Developments: With staggered FRTB implementation timelines across jurisdictions, banks must stay informed about global progress to ensure competitiveness and consistency in their market risk practices.