Author: Selwyn Manning

Posted on

The EBA publishes the results of its 2025 EU-wide stress test

Source: European Banking Authority

The European Banking Authority (EBA) today released the results of its 2025 EU-wide stress test involving 64 banks from 17 EU and EEA countries and covering 75% of EU banking sector assets. The results confirm that European banks remain resilient even under a severe hypothetical economic downturn. The simulated scenario involves a sharp deterioration in the global macro-financial environment, driven by a resurgence in geopolitical tensions, entrenched trade fragmentation, including increase in tariffs, and persistent supply shocks. EU banks, despite bearing losses of EUR 547bn,[1] maintain strong capital positions and their capacity to continue supporting the economy.

Key findings

  • The capital depletion under the adverse stress test scenario amounts to 370 bps, resulting in a CET1 ratio at the end of the scenario of 12%[2]. The strong income generation during the exercise helps banks to partly offset their losses and results in a lower depletion compared to the 2023 exercise.
  • Banks start the exercise with higher profitability and capital than in recent years. While banks are more risk-sensitive, showing higher nominal losses, they have better absorption capacity through income generation. Banks show more vulnerabilities in credit and market risk, which are the main contributors to the stress test losses.
  • Specific adverse scenarios affect economic sectors differently. Banks have improved their ability to differentiate the impact of adverse scenarios across sectors, but there is still a need to further improve their modelling efforts.
  • Strong performance of the EU banks in the 2025 EU-wide stress test is reassuring, nonetheless, maintaining adequate capital remains essential to ensure the safety of the EU banking system.

Summary of key results[3]

Transparency and input to the Supervisory Review and Evaluation Process

The EBA has published detailed, bank-level results from the stress test, including comprehensive data on both the starting point and the projected outcomes under the baseline and adverse scenarios.

While the EU-wide stress test does not apply a predefined pass/fail threshold, it serves as a critical input for the Pillar 2 supervisory assessment. The results will support Competent Authorities in evaluating banks’ ability to meet prudential requirements under stress and provide a robust basis for discussions between supervisors and individual institutions. These discussions cover capital adequacy and distribution plans as part of the regular Supervisory Review and Evaluation Process (SREP).

Notes to the editors

  1. Detailed information on bank-level results, including interactive tools, can be found on in the 2025 EU-wide stress test website.
  2. The 2025 EU-wide stress test involves 64 banks from 17 EU and EEA countries, covering 75% of the EU banking sector assets. This stress test allows supervisors to assess the resilience of EU banks over a three-year horizon under both a baseline and an adverse scenario. The full sample of banks can be found in Annex 1 of the EBA methodology.
  3. The EU-wide stress test is initiated and coordinated by the EBA and undertaken in cooperation with the EU Competent Authorities, including the European Central Bank (ECB) for the Banking Union, and the European Systemic Risk Board (ESRB).
  4. The EBA develops a common methodology and is responsible for the final dissemination of the outcome of the exercise. The adverse scenario is designed jointly by the ESRB and the ECB, and the baseline scenario is provided by the national central banks. Competent Authorities, including the ECB Banking Supervision for the euro area banks, are responsible for ensuring that banks correctly apply the common methodology. In particular, they are responsible for assessing the reliability and robustness of banks’ assumptions, data, estimates and results and the resulting supervisory actions.
  5. The EU-wide stress test is based on the implementation by the banks of the EBA methodology and the two scenarios, under the close scrutiny of their supervisors (“constrained bottom-up” exercise). Some parts of the stress test rely on top-down projections or have been centralised. The 2025 methodology benefits from enhancements, including the centralisation of net interest income (NII) projections with a revised NII scope and a more risk-sensitive market risk approach with enhanced proportionality. The changes are part of the medium-term plan of revising the stress test framework.
  6. The EU banking package regulation (CRR3/CRD VI), which applies from 1 January 2025, is reflected in the 2025 EU-wide stress test methodology and templates, which should, however, continue to be understood as a risk exercise, and not as an exercise that assesses the impact of regulatory changes. The Capital Requirements Regulation (CRR3) is introduced step by step using transitional arrangements until full implementation in 2033. The Report focuses on applicable CET1 capital ratios, i.e. “transitional ratios” taking into account all the applicable transitional arrangements specified in the CRR3 over the three-year scenario horizon. For completeness, the outcome of the exercise under the assumption of full implementation, i.e. “fully loaded ratios”, is also reported (see section 2.4 of the Report for further details).
  7. Detailed information about the baseline and adverse scenarios can be found in the note produced by the ESRB.
  8. The EBA’s 2025 stress test methodology can be found on the EBA website

 

[1] These are total credit, market and operational risk losses.

[2] This refers to the applicable capital ratios and stress test impacts computed considering all applicable CRR3 transitional arrangements (i.e. “transitional capital ratios“). See section 2.4 of the Report for more details about the implementation of CRR3.

[3]Bank projections are based on the regulatory regime applicable as of January 1, 2025, when CRR3 applies. The ratios are provided on transitional basis. The progressive phase-in of the regulation through transitional arrangements facilitates the adjustment of banks towards the new framework, which will apply in full as of 2033.

Documents

Digital publication of the 2025 EU-wide stress test results
2025 EU-wide stress test – Results

(2.9 MB – PDF)

2025 EU-wide stress test – FAQs

(254.11 KB – PDF)

2025 EU-wide stress test – Presentation

(939.85 KB – PDF)

Posted on

EU banks continue to meet their MREL requirements set by Resolution Authorities on the basis of the identified resolution strategies

Source: European Banking Authority

The European Banking Authority (EBA) today published its Q4 2024 semi-annual Dashboard on the minimum requirement for own funds and eligible liabilities (MREL), which discloses aggregated statistical information for 345 banks earmarked for resolution across the European Union (EU) and for which the EBA has received data about both decisions and resources. All in all, banks meet their MREL requirements in line with the Bank Recovery and Resolution Directive (BRRD) deadline of 1 January 2024, as shortfalls are reported only by a few banks, mostly in their transition period towards future requirements. The amount of instruments becoming ineligible over the next year for the sample reached EUR 242bn.

As of 31 December 2024, most banks met their MREL, including the combined buffer requirement (CBR). Only a small number of banks, mostly in their transitioning towards their final MREL targets, reported a shortfall, totalling EUR 2.3bn (or 2.1% of their combined risk-weighted assets).

Banks in the sample reported EUR 242bn of MREL instruments that will become ineligible by the end of December 2025 due to their residual maturity falling below one year. These account for around 20% of MREL eligible instruments other than own funds.

Bail-in strategies continue to be the preferred option in terms of RWAs (94%), whereas in terms of number of decisions, bail-in and transfer strategies rank on the same level (50% each). This reflects the fact that transfer strategies are favoured for smaller banks, while bail-in is the preferred option for the larger ones.

More details on MREL roll over needs are covered in the Spring and Autumn editions of the EBA Risk Assessment Report.

Note to the editors

The EBA is mandated by the BRRD to monitor the setting of MREL by authorities and the build-up of related resources by institutions.

MREL is the requirement that ensures that relevant EU institutions have sufficient loss absorbing capacity to support the execution of the preferred resolution strategy in case of failure.

The BRRD set 1 January 2024 as a deadline to meet MREL requirements except for those banks that recently changed resolution strategy, or those eligible for an extension in accordance with Art.45m of the BRRD.

Furter details on the transition period are provided in the EBA European Resolution Examination Programme (EREP). Discrepancies between the MREL Dashboard and the EREP MREL monitoring may reflect different reference dates. While the EREP is based on 2024 decisions only, the MREL Dashboard includes decisions in force as of 1 May 2025.

Posted on

The EBA consults on harmonised reporting for third-country branches across the EU

Source: European Banking Authority

The European Banking Authority (EBA) today launched a public consultation on its draft Implementing Technical Standards (ITS) for the supervisory reporting of third-country branches under the Capital Requirements Directive (CRD). This initiative aims to establish uniform formats, definitions, and reporting frequencies for third-country branches, ensuring a consistent and comprehensive approach to regulatory and financial information reporting across the EU. The consultation runs until 31 October 2025. 

The draft ITS not only aim at harmonising reporting formats and definitions but also at enhancing supervisory oversight of third-country branches. By introducing structured data collection –  covering both the third-country branches and their head undertakings – the ITS support the effective supervision of third-country branches by addressing previous inconsistencies in national approaches and enabling a standardised reporting of their activities across the Union. The new templates should provide a clear picture of the financial soundness, risk exposures, and intra-group dependencies of third-country branches, thereby supporting more effective and consistent supervision across the EU. Importantly, the ITS incorporate a proportionate approach through a “core + supplement” model, ensuring that reporting obligations are tailored to the systemic relevance of each third-country branch. This ensures that supervisory scrutiny is risk-sensitive while maintaining a level playing field. 

Consultation Process 

Comments on the draft ITS can be submitted to the EBA by clicking on the “send your comments” button on the consultation page. The deadline for the submission of comments is 31 October 2025. All contributions received will be published after the consultation closes, unless requested otherwise. 

A public hearing on the draft ITS will take place on 5 September from 10:00 to 12:00 CEST. The deadline for registration is 2 September 2025, 16:00 CEST. 

Legal Basis and next steps 

The EBA has developed these draft ITS in accordance with Article 48l(1) of Directive 2013/36/EU, which mandates the EBA to specify uniform formats, definitions, and reporting frequencies for the supervisory reporting of third-country branches. 

The consultation period will run for three months, during which the EBA invites comments and feedback from stakeholders. Following the consultation, the EBA will finalise the draft ITS and submit them to the European Commission by January 10, 2026. The first reference date for the application of these ITS is anticipated to December 2026, so as to grant Competent Authorities and third-country branches to have an implementation period of approximately one year.  

Posted on

The EBA publishes additional data guidance ahead of the release of its 2025 EU-wide stress test

Source: European Banking Authority

The European Banking Authority (EBA) today published the metadata, the data dictionary, and the guide for data exploitation. This information is intended to assist data users in automating the analysis of the 2025 EU-wide stress test data, which will be released on 1 August at 18:00 CET.

For more information, visit the dedicated stress test page

Posted on

A careless use of innovative compliance products can lead to money laundering and terrorism financing risks, the EBA says in its Opinion

Source: European Banking Authority

The European Banking Authority (EBA) today published its 2025 Opinion on money laundering and terrorist financing (ML/TF) risks affecting the EU’s financial sector. 2025 marks a significant change in the ML/TF risk landscape. In a context of important geopolitical developments, legislative reforms and digitalisation new ML/TF vulnerabilities are emerging. The consistent application of the new EU legal framework will be key to addressing these risks. At the same time, thanks to a greater supervisory engagement some sectors are now better equipped to tackle financial crime.

The EBA’s assessment has highlighted the following observations:

  • FinTech: 70% of competent authorities report high or rising ML/TF risks in the financial sector. They point to weak AML/CFT controls and poor governance, as firms appear to prioritise growth over compliance.
  • RegTech: over half of serious compliance failures reported to the EBA’s EuReCA database involved the improper use of RegTech tools. Despite its potential to enhance compliance, RegTech is often poorly implemented due to lack of expertise and oversight.
  • Crypto Assets: this remains a high-risk sector, with a 2.5-fold increase in authorised crypto-asset service providers (CASPs) between 2022 and 2024. Many CASPs lack effective AML/CFT systems, and some attempt to bypass regulatory oversight.
  • Fraud and AI: criminals are increasingly using AI to automate laundering schemes, forge documents, and evade detection. Financial institutions struggle to keep pace with these sophisticated threats, highlighting the need for responsible AI use and robust monitoring.
  • Restrictive Measures: the complexity of EU sanctions regimes poses compliance challenges. Institutions often lack adequate systems to implement sanctions effectively. The EBA’s new Guidelines, applicable from end-2025, aim to harmonise standards across the EU.

Legal basis

The Opinion has been issued in accordance with Article 6(5) of (EU) 2015/849 (The Fourth EU Anti-Money Laundering Directive), which requires the EBA to issue an Opinion on ML/TF risks affecting the EU’s financial sector every two years. The Opinion and its related report inform the European Commission’s Supranational Risk Assessment (SNRA), as well as the risk assessments carried out by competent authorities and the EBA’s policies and priorities.

Posted on

EBA announces date and time of the publication of the 2025 EU-wide stress test results

Source: European Banking Authority

The European Banking Authority (EBA) announced today that the results of the 2025 EU-wide stress test, including individual results for participating banks, will be published on Friday, 1 August 2025 at 18:00 CEST.

Note to the editors

  1. The baseline scenario for EU countries is based on projections from the national central banks of December 2024. The adverse scenario assumes the materialisation of the main financial stability risks that have been identified by the ESRB in the fourth quarter of 2024, including recent risks assessments done by the EBA and the ECB.
  2. The new EU banking package, which applies from 1 January 2025, is reflected in the 2025 EU-wide stress test methodology and templates, which should however continue being understood as a risk exercise, and not as an exercise that assesses the impact of regulatory changes.
  3. Detailed information about the adverse scenario can be found in the note produced by the ESRB.
  4. The full sample of 64 banks participating in this year exercise can be found in Annex 1 of the EBA methodology.
Posted on

​The EBA publishes Report on direct provision of banking services from third countries

Source: European Banking Authority

​The European Banking Authority (EBA) today published a Report on the direct provision of banking services from third countries.  The quantitative and qualitative analysis performed didn’t provide evidence to recommend the amendment of the new Article 21c of the Capital Requirement Directive (CRD) which identifies how core banking services should be provided in a Member State. However, the EBA suggests a clarification of the interaction between Article 21c of the CRD and other sectorial legislations could be beneficial to authorities and market participants. 

​The EBA considers that several factors make it difficult to measure the impact of the prohibition of direct provision of services from third countries set out in Article 21c CRD. At the same time, Article 21c of the CRD provides flexibility to EU financial sector entities that remain free to solicit core banking services from third country undertakings or may rely on services provided by third country branches or subsidiaries in the EU. 

​However, the EBA notes that Article 21c CRD does not expressly address the interaction with the Undertakings for the Collective Investment in Transferable Securities (UCITS) and the Alternative Investment Fund Managers Directive (AIFMD), in particular those provisions entitling EU financial sector entities to receive core banking services for their ongoing operationality in third countries in accordance with their business model. The EBA suggests that additional clarification could also be provided via the EBA Q&A tool. ​ 

Legal basis and background  

Article 21c CRD aims to regulate when a third country branch needs to be established for the provision of core banking services in a relevant Member State. Article 21c CRD also provides exemptions and carve outs, embedding some flexibility in the articulation of such requirement. Notably, the establishment of a third-country branch is not required in case of interbank or intragroup transactions, or where the core banking services are provided via reverse solicitation. Additionally, Article 21c provides for a Markets in Financial Instruments Directive (MiFID) carve out, which excludes its application where investment services under MiFID and related ancillary services are provided. Lastly, to facilitate the transition to the new regime, a contract grandfathering is envisaged.  

The EBA has been mandated by article 21c(6) CRD to develop a Report to assess whether it is appropriate to extend the possibility for third country undertakings to provide core banking services directly from third countries – i.e. without a branch in the Union – not only to EU credit institutions, but to any EU financial sector entity, having regard to financial stability and EU competitiveness considerations. For this purpose, the EBA has to consult the European Securities and Markets Authority (ESMA) and the European Insurance and Occupational Pensions Authority (EIOPA).  

Posted on

Quantum computers are coming, and the Netherlands is ready

Source: Government of the Netherlands

News item | 17-07-2025 | 14:49

Whenever you share sensitive information, caution is essential. Strong passwords and two-step verification offer protection. But what if a new technology could soon render that security ineffective? That’s exactly what quantum computers are capable of. Fortunately, the Netherlands is a leader in this field, as we demonstrated in the run-up to the NATO Summit.

Image: ©TU Delft
Part of a facility used to create qubits.

Quantum computers explained

So what exactly does this technology involve? Quantum computers operate differently from the computers we know today. Instead of bits that are either 0 or 1, they use qubits that can be both 0 and 1 at the same time. That may sound abstract, but it has far-reaching implications. Quantum computers can solve certain mathematical problems much faster than traditional computers. And it just so happens that complex mathematics forms the basis of almost all current forms of encryption – the secure way to protect information.

Threat

The biggest threat is that in a short time quantum computers will be able to crack existing security methods such as RSA (an algorithm developed in 1977 by Ron Rivest, Adi Shamir and Len Adleman), which is widely used in internet security, email encryption and digital signatures. What would take an ordinary computer millions of years could take a powerful quantum computer just minutes. This means that information encrypted today could potentially be accessed in the future. A dangerous scenario is ‘store now, decrypt later’, where malicious actors intercept encrypted data now, such as state secrets, medical records or financial information. Although they cannot read this data today, they store these files in anticipation of quantum technology that can break the encryption. No wonder the European Commission has emphasised in its roadmap that the digital future must be quantum-safe.

Solution

Post-quantum cryptography offers a solution. This is cryptography based on mathematical problems that are believed to be unbreakable even by a quantum computer. Dutch central government’s Quantum-Secure Cryptography programme is working on tools to manage the risks quantum technology poses to cryptography in a timely manner. When it comes to information and communication security, the Dutch quantum technology ecosystem also offers an additional measure: quantum key distribution. This method enables two parties to share secret cryptographic keys with each other, and any attempt to eavesdrop immediately triggers an alert. As a result, the sender and receiver instantly notice if someone is trying to spy and can break the connection. The key cannot be intercepted or copied unnoticed, something that is possible with traditional cryptographic keys.

Netherlands sets the tone at pre-NATO Summit event

To keep the Ministry of Foreign Affairs and the Ministry of Justice and Security safe in the quantum era, a pilot project has been launched to experiment with the complementary use of quantum key distribution.

It involves a trial set-up of a quantum network, which has been used to investigate a number of cases for the Ministry of Foreign Affairs, enabling the method to be tested in an isolated environment. The significance of this became clear during the pre-NATO Summit event ‘Securing the Future.’ Here, the ministries gave a presentation with a live demonstration showing that the Dutch government now has an operational quantum network, and demonstrating how quantum key distribution and post-quantum cryptography work in a complementary way. This made quantum-secure communication tangible and showed that it is no longer just a future prospect but is already working in practice.

The pilot is a joint initiative of several ministries, including the Ministry of Justice and Security and the Ministry of Foreign Affairs, in partnership with Quantum Delta NL, Q*Bird, RINIS, Sogeti, the Ministry of Justice and Security’s ICT organisation and Eurofiber.

International quantum computing

The European Commission has presented its roadmap for a quantum-safe digital future. The Netherlands is ready to lead by example, by investing in strengthening cryptographic resilience through research and testing in quantum technology, and fostering close collaboration between government organisations, academia and businesses. Together, we are building a digital infrastructure that will remain secure for generations to come.

Urgency

The urgency is clear: once quantum computers truly breakthrough in a few years, all government networks and systems must be quantum-secure. This means switching to post-quantum cryptography – encryption that can withstand attacks from quantum computers. It also requires targeted investment in quantum technologies like quantum key distribution and careful choices about what data we should already be protecting against future decryption. Because what appears secure today could be out in the open and up for grabs tomorrow.

Posted on

​EBA publishes Handbook on simulation exercises for resolution authorities

Source: European Banking Authority

​The European Banking Authority (EBA) today published the latest chapter of its resolution Handbook on simulation exercises for resolution authorities. The Handbook provides, for the first time, a comprehensive framework of best practices, methodologies and processes to support resolution authorities in enhancing their preparedness and operational capabilities through structured simulation exercises. 

​Testing requirements are already imposed to institutions through the EBA Guidelines on resolvability testing, and simulations are becoming more prevalent in ensuring preparation among authorities, the EBA’s Handbook proposes a taxonomy for simulation exercises for resolution authorities to harmonise the use of main concepts within the financial stability framework. 

​In addition, the Handbook distinguishes between testing, simulations and dry runs and introduces six main types of simulation exercise: brainstorms, desktop exercises, walkthroughs, fire drills, decision-making exercises and operational simulations. This new chapter also presents the concept of end-to-end simulations, which combine multiple exercise types to replicate real-world resolution scenarios. 

​The Handbook describes in operational terms how to initiate, plan, prepare and deliver a simulation exercise. It provides practical guidance on defining objectives and scope, designing scenarios, allocating resources, managing delivery, and collecting feedback. The Handbook also includes templates and examples to support authorities in implementing effective and proportionate simulation exercises. 

​Legal basis and background 

​This initiative is part of the EBA’s broader mandate under Article 8(1)(ab) of Regulation (EU) No 1093/2010 to maintain an up-to-date Union resolution handbook. The Handbook draws on the experience of resolution authorities across the EU and aims to foster convergence, interoperability and cross-border cooperation. 

​Simulation exercises are a key tool for resolution authorities to test and refine their internal procedures, decision-making processes and coordination mechanisms as well as to train their staff. 

​The Handbook is available on the EBA’s website and is intended for use by all resolution authorities in the EU. It complements the EBA’s existing Guidalines on resolvability testing and supports the ongoing development of a robust and credible resolution framework. 

Posted on

ESAs publish guide on DORA Oversight activities

Source: European Banking Authority

The European Supervisory Authorities (EBA, EIOPA, ESMA – the ESAs) today published a guide on oversight activities under the Digital Operational Resilience Act (DORA). The aim of this guide is to provide an overview of the processes used by the ESAs through the Joint Examination Teams (JET) to oversee critical Information and communication technology (ICT) third party service providers (CTPPs).

This guide provides high-level explanations to external stakeholders regarding the CTPP Oversight framework. Furthermore, it provides an overview of the governance structure, the oversight processes, the founding principles and the tools available to the overseers.

However, the guide is not a legally binding document and does not replace the legal requirements laid down in the relevant applicable EU law.

The ESAs invite the public, financial entities and, crucially, third-party providers to use this document to prepare for the oversight implementation.

Additional information on the oversight implementation

For more information on the implementation of the DORA Oversight framework, please refer to this presentation.