March 2025 Regulatory Roundup

INVESTMENT SERVICES & CAPITAL MARKETS

MIFID and MIFIR 

European Commission consultation extending procedural rules for penalties imposed on data reporting service providers to consolidated tape providers under MiFIR

On 6 February 2025, the European Commission launched a consultation on a draft Delegated Regulation amending Commission Delegated Regulation (EU) 2022/803 by specifying rules of procedure for the exercise of the power to impose fines or periodic penalty payments by ESMA regarding data reporting service providers (DRSPs).

Commission Delegated Regulation (EU) 2022/803 specifies the rules applying to ESMA for the exercise of power to impose fines or periodic penalty payments regarding two specific types of DRSPs, approved publication arrangements and approved reporting mechanisms. Consolidated tape providers (CTPs), which are also DRSPs, were intentionally left out of scope. This was due to the absence of entities providing consolidated tape services in the EU and because the review of the rules governing CTPs under MIFIR was still ongoing at that time.

Therefore, in light of the upcoming CTP authorisation process introduced by MIFIR II, it is necessary to amend the scope of Commission Delegated Regulation (EU) 2022/803 to ensure it covers all DRSPs, including CTPs.

The deadline for comments on the draft Delegated Regulation is 06 March 2025.

ESMA publishes SMSG advice on MiFID investment research changes under the EU Listing Act

On 17 February 2025, ESMA published advice from the Securities and Markets Stakeholder Group (SMSG) on the ESMA consultation paper of 28 October 2024, which set out draft technical advice to the European Commission in relation to investment research.

The technical advice relates to changes to the MiFID regime for investment research in the context of the EU Listing Act legislative package. These changes allow for joint payments to be made for execution services and research, subject to certain conditions. The ESMA consultation paper proposed amendments to article 13 of Directive (EU) 2017/593 (referred to as the MiFID Delegated Directive).

The SMSG advice includes a summary of findings from academic studies on MiFID research provisions, and notes that there has been an improvement in research quality and mitigation of conflicts of interest, but a reduction in the overall quantity of research. The SMSG advice also notes that there has been a shift from traditional sell-side research to sponsored research for SMEs, and that there is a trend among asset managers to continue to pay for research separately (even in circumstances where they would be able to pay for it jointly with other services) due to the operational complexity of running two separate invoicing systems.

The deadline for ESMA to deliver its technical advice to the European Commission is 30 April 2025.

ESMA publishes the results of the annual transparency calculations for equity and equity-like instruments

On 28 February 2025, ESMA published the results of the annual transparency calculations for equity and equity-like instruments, which will apply from 7 April 2025.

Currently, there are 1,283 liquid shares and 1,003 liquid equity-like instruments other than shares, subject to MiFID II/MiFIR transparency requirements.

Market participants are invited to monitor the release of the transparency calculations for equity and equity-like instruments on a daily basis to obtain the estimated calculations for newly traded instruments and the four-weeks calculations applicable to newly traded instruments after the first six-weeks of trading.

ESMA’s annual transparency calculations are based on the data provided to Financial Instruments Transparency System (FITRS) by trading venues and approved publication arrangements in relation to the calendar year 2024.

The full list of assessed equity and equity-like instruments will be available through ESMA’s FITRS in the XML files with publication date from 28 February 2025 and through the Register web interface.

The transparency requirements based on the results of the annual transparency calculations published from 1 March 2025 for equity and equity-like instruments will apply from 7 April 2025 until 5 April 2026. From 6 April 2027 the next annual transparency calculations for equity and equity-like instruments, to be published by 1 March 2026, will become applicable.

Central Securities Depositories Regulation (CSDR) 

European Commission proposes to shorten settlement cycle for EU securities from two days to one

On 12 February 2025, the European Commission published a proposal to shorten the settlement period for EU transactions in transferable securities from two days to one.

The proposed legislative amendment would shorten the settlement cycle on securities – such as shares or bonds executed on EU trading venues – from two business days (the so called “T+2”) to one after the trading takes place (“T+1”)

Settlement is the process through which the buyer receives the security, and the seller receives the cash. The move to T+1 aims to strengthen the efficiency and competitiveness of post-trade financial market services in the EU, which are vital to a well‑functioning savings and investments union (SIU).

ESMA consultation on the Amendments to the RTS on Settlement Discipline

On 13 February 2025, ESMA launched a consultation on settlement discipline, with the objective of improving settlement efficiency across various areas.

ESMA is consulting on a set of proposals to amend the technical standards on settlement discipline that include:

• reduced timeframes for allocations and confirmations,
• the use of electronic, machine-readable allocations and confirmations according to international standards, and
• the implementation of hold and release and partial settlement by all central securities depositories.

ESMA also wants to gather stakeholders’ views on additional measures that could potentially enhance settlement efficiency, for which there are no specific policy proposals yet.

This consultation takes into account the transition to T+1 in the European Union and the legislative proposal published by the Commission on 12 February 2025. It is aligned with the roadmap outlined in ESMA’s Final Report on Shortening the Settlement Cycle.

ESMA will consider the feedback to this consultation until 14 April 2025 and expects to publish a final report and submit the draft technical standards to the European Commission by October 2025.

European Commission article on T+1 settlement

On 14 February 2025, the European Commission published an article on the legislative proposal to introduce a targeted amendment to the Central Securities Depository Regulation (CSDR).

The proposed amendment will reduce the settlement cycle for in-scope transactions in transferable securities executed on trading venues from two days to one (as required by article 5 of the CSDR). The article summarises key points relating to the background of the legislative proposal, including the impact of the evolution of financial markets and technology, and the shift to T+1 that has been, or is being, made by other jurisdictions. It also highlights the benefits of T+1 in terms of avoiding market fragmentation and costs linked to misalignment.

The article reiterates that the European Commission is proposing 11 October 2027 as the appropriate date for the move to T+1 settlement, and that coordination with the UK and Switzerland (both of which are also aiming to move to T+1 on 11 October 2027) is important.

EU T+1 Coordination Committee meeting summary published

On 18 February 2025, the EU T+1 Coordination Committee published its summary of a meeting held on 6 February 2025.

At the meeting, the European Commission representative indicated that the proposal to amend EU CSDR to shorten the securities settlement cycle was expected to be adopted shortly. A key point raised by the chair of the Industry Committee was that the strong will of the Industry Committee to exempt securities financing transactions from the T+1 requirement, and that it was important for the EU to align with the UK on this point. The meeting also discussed the consultation paper on proposed amendments to the RTS on settlement discipline (which was published on 13 February 2025) and the chair of the Industry Committee provided updates on the workstreams and workplan, and a timetable for deliverables.

EU CSDR Refit first set of technical standards published

On 20 February 2025, ESMA published technical standards in relation to the Central Securities Depositories Regulation (CSDR) Refit.

There are three final reports with the draft technical standards that have been published:

• the first covers the review and evaluation process of EU central securities depositories (CSDs), setting a harmonised approach for the information-sharing of CSDs and including a one-year implementation period for new reporting data that requires CSDs to update their processes (article 22 CSDR)
• the second covers the assessment of whether an EU CSD in a host member state could be considered of substantial importance for the functioning of securities markets and investor protection (article 24a(13) CSDR)
• the third relates to notification requirements for third-country CSDs and aims to streamline the notification process (articles 25 and 69 CSDR).

The final reports and draft technical standards have been submitted to the European Commission for adoption.

EMIR

ESMA updates its Q&As

On 21 February 2025, ESMA updated its Q&As on EMIR as follows:

• Assessment of significance for the purpose of the Error and Omission Notifications(2441)
• Reporting of Settlement Rate Options(2442)

Conduct

ESAs publish guidelines on exchange of information relevant to fit and proper assessments in the official EU languages

On 17 February 2025, ESMA published joint guidelines on the system established by the European Supervisory Authorities (ESAs) for the exchange of information relevant to the assessment of the fitness and propriety, in the official EU languages.

The joint guidelines were published previously with a final report on 20 November 2024, and relate to the assessment of fitness and propriety of holders of qualifying holdings, directors and key function holders of financial institutions and financial market participants. The ESAs have developed a system which consists of a cross-sectoral database and these joint guidelines, with the aim of fostering a timely exchange of information between competent authorities.

The guidelines in relation to data input in respect of natural persons and confidentiality apply from 17 February 2025, with the remaining guidelines applying in respect of natural persons from 15 May 2025. For legal persons, the guidelines in relation to data input apply from 30 January 2026, with the remaining guidelines applying from 30 April 2026.

Prospectus

ESMA proposes guidelines on product supplements

On 18 February 2025, ESMA published a Consultation Paper asking for input on Guidelines on supplements that introduce new types of securities to a base prospectus.

The aim of the guidelines is to harmonise the supervision of so-called ‘product supplements’ across national competent authorities (NCAs) as approaches to supervision in this area have diverged in the past.

Stakeholders are invited to send their contribution by 19 May 2025. ESMA will publish a Final Report and Guidelines in Q4 2025. These will bring more certainty for market participants when submitting supplements with security-related information to NCAs across the EU.[/vc_column_text][/vc_column][/vc_row][/vc_section][vc_section css=”.vc_custom_1609007282200{margin-bottom: 20px !important;}”][vc_row css=”.vc_custom_1609007241176{padding-right: 15px !important;padding-left: 15px !important;}”][vc_column css=”.vc_custom_1612794217189{margin-bottom: 20px !important;padding-top: 3px !important;padding-right: 20px !important;padding-bottom: 3px !important;padding-left: 20px !important;background-color: #283a66 !important;}”][vc_column_text]

OPERATIONAL RESILIENCE

[/vc_column_text][/vc_column][/vc_row][vc_row][vc_column][vc_column_text]DIGITAL OPERATIONAL RESILIENCE ACT (DORA)

TIBER-EU Framework updated to align with DORA

On 11 February 2025, the Eurosystem updated its European framework for threat intelligence-based ethical red-teaming (TIBER-EU framework), to align with the regulatory technical standards (RTS) of the Digital Operational Resilience Act (DORA) on threat-led penetration testing (TLPT).

The TIBER-EU framework provides comprehensive guidance on how authorities, entities, and threat intelligence providers and red-team testers should work together to test and improve the cyber resilience of entities by carrying out controlled cyberattacks. It also sets out detailed guidance on how to complete DORA TLPT in a qualitative, controlled and safe manner, applying a uniform approach across the EU. The Eurosystem encourages authorities to adopt and implement the TIBER-EU framework, which now includes the required deliverables and steps to conduct threat intelligence-based red-team testing at designated financial entities in line with DORA requirements.

EBA amending guidelines on ICT and security risk management in the context of DORA

On 11 February 2025, the European Banking Authority (EBA) published a final report with amending guidelines in respect of Guidelines EBA/GL/2019/04 on ICT and security risk management.

EBA narrowed down the scope of its existing Guidelines on ICT and security risk management measures, due to the application of harmonised ICT risk management requirements under the Digital Operational Resilience Act (DORA) from 17 January 2025.  These amendments aim at simplifying the ICT risk management framework and providing legal clarity to the market.

DORA has introduced harmonised requirements on ICT risk management that apply to financial entities across the banking, securities/markets, insurance and pensions sectors.

To avoid duplication of requirements and to provide legal clarity to the market, the EBA has amended its Guidelines on ICT and security risk management. In particular, the EBA has narrowed down:

• the entity scope of the Guidelines to only those that are covered by DORA, namely credit institutions, payment institutions, account information service providers, exempted payment institutions and exempted e-money institutions; and
• the scope of the Guidelines to the requirements on relationship management of the payment service users in relation to the provision of payment services.

It is important to note that security and operational risk management requirements under the Payment Services Directive (PSD2), which are applicable since March 2018, continue to apply to other types of payment service providers (PSPs), such as post-office giro institutions and credit unions, that are not covered by DORA. PSPs that are still subject to security and operational risk management under the PSD2 can potentially be subject to additional national requirements, regardless of the existence of the EBA Guidelines that would apply to them. Competent authorities or Member States’ governments wishing to retain the approach set out in the EBA Guidelines for those PSPs can continue to do so under their national legal framework or supervisory measures.

From 17 January 2025, DORA applied and introduced, inter alia, harmonised requirements for ICT risk management framework (RMF), incident reporting, and third-party risk management and testing.

The amended Guidelines will apply within two months of the publication of the translated versions.

European Commission adopts Delegated Regulation on RTS on threat-led penetration testing under DORA

On 13 February 2025, the European Commission (EC) adopted Commission Delegated Regulation supplementing the Digital Operational Resilience Act (DORA) with regard to RTS specifying the criteria used for identifying financial entities required to perform threat-led penetration testing (TLPT).

Article 26(11) of DORA mandates the European Supervisory Authorities (ESAs), in agreement with the European Central Bank (ECB), to develop joint draft RTS in accordance with the ECB’s European framework for threat intelligence-based ethical red teaming (TIBER-EU framework) to specify further the following: (i) the criteria to identify financial entities required to perform TLPT; (ii) the requirements regarding test scope, testing methodology and results of TLPT; (iii) the requirements and standards governing the use of internal testers; and (iv) the rules on supervisory and other cooperation needed for the implementation of TLPT and for mutual recognition of testing.

The Delegated Regulation will enter into force on the twentieth day following its publication in the Official Journal of the EU. The ECB has also published an updated version of the TIBOR-EU framework that aligns with the DORA RTS on TLPT.

ESAs roadmap for designation of critical ICT third-party service providers under DORA

On 18 February 2025, the European Supervisory Authorities (ESAs) published a roadmap for the designation of critical ICT third-party service providers (CTPPs) under the EU Digital Operational Resilience Act (DORA).

To designate the CTPPs in 2025, the ESAs will perform the following steps:

• Collection of the Registers of Information: Competent Authorities are required to submit to the ESAs, by 30 April 2025, the Registers of Information on ICT third-party arrangements they received from financial entities.
• Criticality assessments: The ESAs will perform the criticality assessments mandated by DORA and notify ICT third-party service providers of their classification as critical by July 2025. This notification will start a six-week period during which ICT third-party service providers may object to the assessment with a reasonable statement and relevant supporting information.
• Final Designation: After the six-week period, the ESAs will designate CTPPs and start oversight engagement with them.

ICT third-party service providers not designated as critical may voluntarily request to be designated as critical once the list of CTPPs is published. Details on how to request this will be provided in due course.

The ESAs plan to organise an online workshop with ICT third-party providers in the second quarter of 2025.

EU DORA technical standards published in the Official Journal

On 20 February 2025, two delegated acts were published in the Official Journal of the European Union in respect of the Digital Operational Resilience Act (DORA):

• Commission Delegated Regulation (EU) 2025/301, which comprises regulatory technical standards specifying the content and time limits for the initial notification of, and intermediate and final report on, major ICT-related incidents, and the content of the voluntary notification for significant cyber threats.
• Commission Implementing Regulation (EU) 2025/302, which comprises implementing technical standards for the standard forms, templates and procedures for financial entities to report a major ICT-related incident and to notify a significant cyber threat.

Both sets of technical standards relate to ICT-related incident management, one of the key pillars of the DORA legislation, and are mandated by article 20 of DORA which seeks to harmonise reporting content and templates in relation to ICT-related incidents and cyber threats.

The Delegated and Implementing Regulations will enter into force on the twentieth day following their publication in the Official Journal.[/vc_column_text][/vc_column][/vc_row][/vc_section][vc_section css=”.vc_custom_1609007282200{margin-bottom: 20px !important;}”][vc_row css=”.vc_custom_1609007241176{padding-right: 15px !important;padding-left: 15px !important;}”][vc_column css=”.vc_custom_1612794217189{margin-bottom: 20px !important;padding-top: 3px !important;padding-right: 20px !important;padding-bottom: 3px !important;padding-left: 20px !important;background-color: #283a66 !important;}”][vc_column_text]

FUNDS

[/vc_column_text][/vc_column][/vc_row][vc_row][vc_column][vc_column_text]UCITS and AIFs

ESMA launches a Common Supervisory Action with NCAs on Compliance and Internal Audit Functions

On 14 February 2025, ESMA launched a Common Supervisory Action (CSA) with National Competent Authorities (NCAs) on compliance and internal audit functions of UCITS management companies and Alternative Investment Fund Managers (AIFMs) across the EU.

The CSA will be conducted throughout 2025 and aims to assess to what extent UCITS management companies and AIFMs have established effective compliance and internal audit functions with the adequate staffing, authority, knowledge, and expertise to perform their duties under the AIFM and UCITS Directives.

Compliance and internal audit functions are designed to ensure that the internal control mechanisms to monitor, identify, measure, and mitigate any possible risks of non-compliance with the applicable rules are in place. Therefore, ensuring that the entities have robust internal controls is crucial to avoid investor detriment and preserve financial stability.

The work will be done using a common assessment framework developed by ESMA, which sets out the scope, methodology, supervisory expectations, and timeline on how to carry out a comprehensive supervisory action in a convergent manner.

During the year, NCAs will share knowledge and experiences through ESMA to foster convergence in how they supervise the compliance of UCITS management companies and AIFMs with the relevant rules in the area.

ESMA will publish a final report with the results of the exercise in 2026.

Money Market Funds (MMFs)

ESRB report on Recommendation on reform of MMFs

On 12 February 2025, the European Systemic Risk Board (ESRB) published a compliance report on the implementation of its Recommendation ESRB/2021/9 on the reform of money market funds (MMFs).

In accordance with Section 2(3) of the Recommendation, the European Commission was asked to explain the measures taken to comply with the Recommendation or provide adequate justification for inaction by 31 December 2023. The ESRB assessed the European Commission as materially non-compliant given three of the four Recommendations were not implemented, including: Recommendation A – reducing threshold effects; Recommendation B – reducing liquidity transformation; and Recommendation D – enhancing monitoring and stress testing. Recommendation C – imposing on redeeming and subscribing investors the cost of their redemptions and subscriptions – was the only Recommendation implemented and assessed as largely compliant.

Since the justifications of non-compliance were not considered adequate, they were all assessed as insufficiently explained.

ESMA guidelines on stress test scenarios under MMF Regulation

On 24 February 2025, ESMA published official translations of its guidelines on stress test scenarios under the money market funds (MMF) Regulation.

These guidelines apply to competent authorities, MMFs and managers of MMFs in relation to Article 28 of the MMF Regulation. In particular, and as specified in Article 28(7) of the MMF Regulation, they establish common reference parameters of the stress test scenarios to be included in the stress tests.

The parts of the guidelines shown in red text will apply from 24 April. The other parts of the guidelines already apply from the dates specified in Articles 44 and 47 of the MMF Regulation.[/vc_column_text][/vc_column][/vc_row][/vc_section][vc_section css=”.vc_custom_1609007282200{margin-bottom: 20px !important;}”][vc_row css=”.vc_custom_1609007241176{padding-right: 15px !important;padding-left: 15px !important;}”][vc_column css=”.vc_custom_1612794217189{margin-bottom: 20px !important;padding-top: 3px !important;padding-right: 20px !important;padding-bottom: 3px !important;padding-left: 20px !important;background-color: #283a66 !important;}”][vc_column_text]

SUSTAINABLE FINANCE

[/vc_column_text][/vc_column][/vc_row][vc_row][vc_column][vc_column_text]European Commission Omnibus package

The European Commission proposes omnibus sustainability package

On 26 February 2025, the European Commission published two omnibus proposals on sustainability and EU investments, designed to address overlapping, unnecessary or disproportionate rules that are creating unnecessary burdens for EU businesses.

The package includes amendments to the Corporate Sustainability Reporting Directive (CSRD), the Corporate Sustainability Due Diligence Directive (CSDDD), and the Carbon Adjustment Mechanism (CBAM). In particular, the proposals seek to make sustainability reporting more accessible and efficient, simplify due diligence to support responsible business practices, strengthen the carbon border adjustment mechanism for a fairer trade and unlock opportunities in European investment programmes.

The package is also accompanied by a draft Taxonomy Delegated Act for public consultation (see below). The European Commission published a Q&A explaining in further detail the purpose of the omnibus legislation and the changes that are proposed.

The legislative proposals will now be submitted to the European Parliament and the Council for their consideration and adoption. The changes on the CSRD, CSDDD, and CBAM will enter into force once the co-legislators have reached an agreement on the proposals and after publication in the Official Journal.

The Commission invites the co-legislators to treat this omnibus package with priority, in particular the proposal postponing certain disclosure requirements under the CSRD and the transposition deadline under CSDDD, as they aim to address key concerns identified by stakeholders.

The draft Delegated Act amending the current delegated acts under the Taxonomy Regulation will be adopted after public feedback and will apply at the end of the scrutiny period by the European Parliament and the Council.

Taxonomy

EU Platform on Sustainable Finance publishes report on enhancing usability of EU Taxonomy framework

On 5 February 2025, the EU Platform on Sustainable Finance published a report on enhancing the usability of the EU’s Taxonomy regime.

The report takes account of the European Commission’s stated ambition to streamline ESG reporting requirements through the proposed Omnibus simplification regulation. 

The Platform makes four core proposals for simplifying Taxonomy-related reporting, namely:

• reducing the corporate reporting burden by over a third by taking steps such as enhancing the alignment with financial reporting and simplifying reporting templates;
• simplifying the green asset ratio (GAR) by ensuring a symmetrical GAR with similar numerator and denominator composition and allowing for estimates and proxies for reporting;
• taking a practical approach to the do-no-significant-harm criteria under the Taxonomy regime; and
• helping SMEs access sustainable finance by adopting a streamlined and voluntary approach for banks’ and investors’ exposures to unlisted SMEs and a simplified approach to the Taxonomy for listed SMEs.

European Commission call for evidence on amendments to Delegated Regulation under Taxonomy Regulation

On 26 February 2025, the European Commission published a call for evidence on a draft Commission Delegated Regulation amending Commission Delegated Regulation 2021/2178 in relation to the simplification of the content and presentation of information to be disclosed concerning environmentally sustainable activities.

The draft also proposes amendments to Commission Delegated Regulations 2021/2139 and 2023/2486 as regards simplification of certain technical screening criteria for determining whether economic activities cause no significant harm to environmental objectives. The proposals in the Draft Regulation include a 10% de minimis threshold and excluding from the denominator of the key performance indicators (KPIs) exposures of financial institutions to undertakings with an average number of over 1000 employees until the Commission’s review of Delegated Regulation 2021/2178 is finalised.

The application of the trading book and the fees and commission KPIs is also postponed until 2027. The European Commission also proposes to simplify templates such as summary KPIs and ‘per activity’ information to no longer duplicate elements that are covered by general reporting templates.

The call for evidence closes on 26 March 2025.

Green Bonds

ESMA final report on the European Green Bonds Regulation

On 14 February 2025, ESMA published a final report on the technical standards in respect of the external reviewer regime under the European Green Bonds Regulation (EuGB).

The regime requires external reviews of the pre-issuance factsheet and allocation report after full allocation of proceeds and imposes certain requirements on external reviewers. The final report covers the regulatory technical standards (RTS) in relation to:

• assessing senior management, board members and others involved in assessment activities;
• assessing sound and prudent management and conflicts of interest management;
• assessing knowledge and experience of analysts; and
• criteria applicable to outsourcing of assessment activities.

Respondents were broadly in support of ESMA’s proposals. However, a key architectural change has been made in that the RTS on assessing knowledge and experience of analysts (under article 28(1) of the EuGB Regulation) has been merged into the RTS on assessing senior management, board members and others involved in assessment activities (under article 23(6) of the EuGB Regulation).

A transitional period is currently in force for the external review regime, which is due to end on 21 June 2026.[/vc_column_text][/vc_column][/vc_row][/vc_section][vc_section css=”.vc_custom_1609007282200{margin-bottom: 20px !important;}”][vc_row css=”.vc_custom_1609007241176{padding-right: 15px !important;padding-left: 15px !important;}”][vc_column css=”.vc_custom_1612794217189{margin-bottom: 20px !important;padding-top: 3px !important;padding-right: 20px !important;padding-bottom: 3px !important;padding-left: 20px !important;background-color: #283a66 !important;}”][vc_column_text]

MICA

[/vc_column_text][/vc_column][/vc_row][vc_row][vc_column][vc_column_text]ESMA consults on the criteria for the assessment of knowledge and competence under MiCA

On 17 February 2025, ESMA launched a consultation on the criteria for the assessment of knowledge and competence of crypto-asset service providers’ (CASPs) staff giving information or advice on crypto-assets or crypto-asset services.

ESMA is seeking stakeholder inputs about, notably:

• the minimum requirements regarding knowledge and competence of staff providing information or advice on crypto-assets or crypto-asset services;
• organisational requirements of CASPs for the assessment, maintenance and updating of knowledge and competence of the staff providing information or advice.

The guidelines aim to ensure staff giving information or advising on crypto-assets or crypto-asset services have a minimum level of knowledge and competence, enhancing investor protection and trust in the crypto-asset markets. 

ESMA will consider all comments received by 22 April 2025.  

Based on the input received, ESMA will prepare the final report for the subsequent submission of the guidelines to the European Commission.[/vc_column_text][/vc_column][/vc_row][/vc_section][vc_section css=”.vc_custom_1609007282200{margin-bottom: 20px !important;}”][vc_row css=”.vc_custom_1609007241176{padding-right: 15px !important;padding-left: 15px !important;}”][vc_column css=”.vc_custom_1612794217189{margin-bottom: 20px !important;padding-top: 3px !important;padding-right: 20px !important;padding-bottom: 3px !important;padding-left: 20px !important;background-color: #283a66 !important;}”][vc_column_text]

CySEC DEVELOPMENTS

[/vc_column_text][/vc_column][/vc_row][vc_row][vc_column][vc_single_image image=”8217″ img_size=”full” alignment=”center”][vc_column_text]Circular C683: Sustainability-related obligations of CIFs

On 13 February 2025, CySEC issued Circular C683 to outline the sustainability-related obligations of CIFs as defined under European and national legislative acts. The Circular emphasises that these obligations align with the European Green Deal, which promotes a greener and more sustainable economy. It highlights the role of the financial sector in sustainable finance, a key EU priority with harmonised rules across member states.

Through the Circular, CySEC provides an overview of key legislative acts and obligations applicable to CIFs, including:

• Sustainability-Related Disclosures Regulation (SFDR) – CIFs providing portfolio management and/or investment advice must ensure clear and transparent disclosures on sustainability risks, adverse impacts, and sustainability-related financial information at both the entity and product levels.
• EU Taxonomy Regulation – CIFs must align their sustainability-related disclosures with the Taxonomy Regulation, applying the technical screening criteria outlined in delegated acts by the European Commission.
• SFDR Delegated Regulation – CIFs must comply with standardised disclosure templates across pre-contractual documents, websites, and periodic reports, ensuring accessible and consistent communication.
• Integration of Sustainability into MiFID II – CIFs must incorporate sustainability risks into their organizational processes, risk management frameworks, conflict-of-interest policies, information to be provided about investment advice and client suitability assessments.
• Product Governance Obligations – CIFs involved in manufacturing and/or distributing financial instruments must incorporate sustainability-related objectives into their target market identification, product distribution strategies, and periodic reviews.

CySEC urges all CIFs to take appropriate actions to comply with these sustainability-related requirements.

CySEC’s Announcement and Press Release for its Supervisory Priorities for 2025

On 12 February 2025 CySEC issued an announcement and a press  release, providing insight into its supervisory priorities for the year 2025 within the fields of investment services and asset management.

Priorities for Investment Services

For 2025, CySEC will focus on the following regulatory priorities:

1. Monitoring of high and medium-risk Cyprus Investment Firms (CIFs) and periodic checks on samples of lower-risk firms.
2. Emphasis on cross-border oversight.
3. Thematic initiatives targeting emerging trends such as Artificial Intelligence (AI) and Fin-fluencers.
4. Evaluating the resilience of CIFs’ business models.
5. Enhancing the quality and oversight of regulatory data.

Priorities for Asset Management

In 2025, CySEC will prioritise the following:

1. Supervision of high and medium-high-risk fund managers.
2. Evaluating the compliance and internal audit functions.
3. Empasis on Sustainability and ESG Compliance.
4. Reviewing the systemic risk due to leverage and to commercial real estate exposure.
5. Enhancing the quality and oversight of regulatory data.

Furthermore, CySEC stresses the importance of its Regulated Entities’ compliance with the implementation of the DORA and MiCA Regulations, respectively. It is important to note that Regulated Entities shall expect ongoing engagement from CySEC’s supervisory teams with various ways (e.g. publication of guidance, onsite inspections, thematic reviews, webinars and workshops) on the areas mentioned in the Announcement and the Press Release, as well as open communication to promote a culture of proactive compliance.

Circular C684: ESRB Recommendation on Commercial Real Estate Vulnerabilities – Second Pilot Exercise

On 25 February 2025, CySEC issued Circular C684 regarding the second pilot exercise related to Recommendation 2022/9 of the European Systemic Risk Board (ESRB) on vulnerabilities in the commercial real estate sector within the European Economic Area. The Macroprudential Authority will conduct this exercise to assess potential risks.

Reporting Requirements

• The CRE-IF Form must be submitted by all sub-funds/funds active as of 30 June 2024.
• Entities that had not raised capital by this date are exempt.
• Each sub-fund/fund must submit a separate form.
• CySEC will share the collected data with the Central Bank of Cyprus, the designated national macroprudential authority.

Key Reporting Details

• Data to be reported includes investment policy, real estate exposures, lending standards, and financial system indicators.
• Stock information should reflect balances as of 30 June 2024, while flow information should cover the period from 1 January 2024 to 30 June 2024.
• Detailed instructions for completing the Form are available in the ‘Instructions’ section of the document.
• Before submission, specific validation checks must be performed to ensure accuracy.

The deadline for submission via CySEC’s Transaction Reporting System (TRS) is Friday, 28 March 2025

CySEC urges all regulated entities to ensure timely and accurate reporting to comply with the ESRB’s recommendations.

Amendments in the Law on Investment Services and Activities and Regulated Markets of 2017

On 26 February 2025, Law 12(I)/2025 was officially published in the Gazette of the Republic of Cyprus. This Law introduces amendments to the main legislation concerning Articles 2, 17, 18, 48, and 49, aligning the legal framework with Regulation (EU) 2022/2554 (“DORA”) on digital operational resilience in the financial sector. The revised Law has transposed EU Directive 2022/2556 into the Cypriot Law.

Amendments in the Capital Adequacy of Investment Firms Law

On 26 February 2025, Law 11(I)/2025 was officially published in the Gazette of the Republic of Cyprus. This Law introduces amendments to the primary legislation, Articles 2, 28, 35, 46, and 55, aligning the Cypriot legal framework with Regulation (EU) 2022/2554 (“DORA”) on digital operational resilience in the financial sector. The revised Law has transposed EU Directive 2022/2556 into the Cypriot Law.

Amendments to the Open-Ended Collective Investment Undertakings Laws of 2012-2022

On 26 February 2025, Law 10(I)/ 2025 was officially published in the Gazette of the Republic of Cyprus. This Law introduces amendments to the primary legislation, aligning the Cypriot legal framework with Regulation (EU) 2022/2554 (“DORA”) on digital operational resilience in the financial sector. The revised Law has transposed EU Directive 2022/2556 into the Cypriot Law.

Amendments to the Alternative Investment Fund Managers (Amendment) Law of 2013 – 2021

On 26 February 2025, Law 9(I)/2025 was officially published in the Gazette of the Republic of Cyprus. This Law introduces amendments to the primary legislation, aligning the Cypriot legal framework with Regulation (EU) 2022/2554 (“DORA”) on digital operational resilience in the financial sector. The revised Law has transposed EU Directive 2022/2556 into the Cypriot Law.

Circular C685: Guidance on Sanctions Screening Systems

On 27 February 2025, CySEC issued Circular C685 to notify regulated entities about the issuance of the Guidance for maintaining effective and efficient Sanctions Screening Systems, also available on CySEC’s website.

CySEC carried out thematic inspections between April and November 2024, on a sample of regulated entities, to evaluate the effectiveness and efficiency of their Sanctions screening systems used by these entities. CySEC’s inspections focused on whether these regulated entities comply with their legal obligations arising from the provisions of the UN Sanctions and EU Restrictive Measures, in relation to screening practices.

Through the Guidance, CySEC shares with all the regulated entities the results and feedback from the thematic inspections and addresses its expectations regarding screening practices to ensure overall compliance.

Regarding the overall outcome of these inspections, CySEC noted that while several best practices were identified, the systems used for sanctions screening require further improvement. These best practices and the relevant weaknesses/deficiencies identified are outlined in the Guidance along with CySEC’s expectations, with an emphasis on ongoing screening practices, system management, and quality assurance and testing methodologies.

Finally, CySEC urges regulated entities to consider the supervisory expectations outlined in the Guidance and implement the best identified practices in a risk-based and proportionate manner.[/vc_column_text][/vc_column][/vc_row][/vc_section]