Skip to content

Welcome to the FIG Top 5 at 5

The Top 5 at 5 is a weekly update in which members of the Financial Institutions Group (FIG) identify five of the key legal and regulatory developments relevant to the financial services industry from the preceding week.

Priority is given, in the first instance, to Irish based developments but the update will also include important developments in European law and regulation.

The topics chosen are dictated by the developments during the relevant period but priority is given to cross sectoral developments. The FIG Top 5 at 5 is not intended to represent all developments of note for the relevant period but rather a snap shot of some of the issues which we feel are of particular importance. 

Should you have any queries in respect of the contents of the update, please do not hesitate to contact your usual Matheson LLP contact or any member of our team detailed below.

The Top 5 at 5

1. Regulations amending MCC to incorporate MiCA guidelines on assessment of knowledge and competence are published

 

On 26 June 2026, the Central Bank (Supervision and Enforcement) Act 2013 (Section 48(1)) (Minimum Competency) (Amendment) Regulations 2026 (“Regulations”), were published in Iris Oifigiúil.

The Regulations incorporate the European Securities and Markets Authority’s (“ESMA”) markets in crypto-assets regulation (“MiCA”) guidelines for the criteria on the assessment of knowledge and competence (“Guidelines”). The Guidelines aim to promote greater convergence in the criteria for the assessment of knowledge and competence of staff providing advice or information about crypto-assets or crypto-asset services and their application.

In March 2026, the Central Bank of Ireland (“Central Bank”) published a notice of intention to amend the Minimum Competency Code 2017 (“MCC”) to incorporate the Guidelines – for more information and an overview of the main changes, see FIG Top 5 at 5 dated 9 April 2026.

Regulations 2, 3, 7, 9, and 13 have been amended.

Next Steps

The Regulations come into force on 28 July 2026.

 

2. European Union (Investment Firms) (Amendment) Regulations 2026 are published

 

On 26 June 2026, the European Union (Investment Firms) (Amendment) Regulations 2026 (“Regulations”) were published in Iris Oifigiúil.

The Regulations amend the European Union (Investment Firms) Regulations 2021 (“Principal Regulations”) and aim to address the risks that investment firms are or might be exposed to, or the risks that they pose or might pose to others, including concentration risk arising from exposures to central counterparties (“CCPs”).

Some of the changes to the Principal Regulations include:

  • regulation 23(1) now requires that effective processes are in place to  identify, manage, monitor and report those risks, referred to above;
  • regulation 26 requires the management body to develop specific plans and quantifiable targets in accordance with the requirements specified in article 7a of regulation (EU) No 648/2012 to monitor and address the concentration risk arising from exposures to CCPs of substantial systemic importance; and
  • under regulation 32, the Central Bank of Ireland will assess and monitor developments as regards firms’ management of risks stemming from exposures to CCPs, including the plans referred to in regulation 26.

Next Steps

The Regulations came into force on 25 June 2026.

 

3. Credit Review Act 2026 Regulations 2026 are published

 

On 30 June 2026, the following statutory instruments, under the Credit Review Act 2026 (“Act”), were published in Iris Oifigiúil:

This statutory instrument (“SI”) provides for a quarterly levy on regulated financial services providers that are in scope of the Act (“Relevant Persons“) to meet the costs of An tSeirbhís um Athbhreithniú Creidmheasa (“the Service”). The levy is calculated based on the expenses incurred, in the previous quarter by the Service, minus the fees received by the Service from applicants for review of credit decisions. The levy is payable based on the Relevant Person’s share of the applications for review received by the Service during the quarter concerned.

This SI appoints 1July 2026 as the establishment day for the purposes of the Act.

  • Credit Review Act 2026 (Prescribed Amounts and Fee) Regulations 2026 [SI No. 297 of 2026]

This SI details a maximum and a minimum amount for the purpose of the definition of “credit facility” in section 2 of the Act, being €3 million and €1,000 respectively. This SI also sets out the fee payable to the Service as regards an application for a credit decision review.

On 24 June 2026, the European Council (“Council”) published a press release (“Press Release”) announcing that it has agreed its negotiating position on the proposal for a regulation amending regulation (EU) 2019/2088 (“SFDR”), regulation (EU) 1286/2014 (“PRIIPs”) and repealing commission delegated regulation (EU) 2022/1288.

The Press Release highlights that updating the sustainability transparency framework for financial products sold in the EU will “ease administrative burdens and help investors better understand and compare sustainability-related financial products.”

Council’s main amendments

Overall, the Council welcomed the proposed amendments to the SFDR, highlighting that the current framework needed updating to provide clarity, consistency and alignment with other sustainable finance efforts in the EU, along with the expectations of markets. Some of the Council’s amendments are as follows:

  • in the context of the sustainable and transition categories, when companies identify and disclose the principal adverse impacts of their investments on sustainability factors, they must use at least three indicators from a list to be provided by the European Commission to support their claims. The Council maintains that this will allow for better comparability between financial products;
  • investments in companies active in the fossil fuel sector which allocate 20% of their capital expenditureto economic activities aligned with EU taxonomy rules, and with a clear strategy to reduce greenhouse gas emissions, may be considered for inclusion in the transition category. In the interests of transparency, the Council has stated that such investments must also be subject to a fourth mandatory indicator when assessing adverse impacts;
  • the Council proposes to explicitly allow the inclusion of general-purpose issuances by public sector bodies by Union-established bodies in the transition categoryunder certain conditions; and
  • financial market participants do not need to apply the categorisation provisions for alternative investment funds offered exclusively to professional investors. This is in targeted at reducing administrative burdens.

Next Steps

This latest development represents the Council’s mandate to commence negotiations with the European Parliament (“Parliament”) on the updated SFDR, as soon as Parliament agrees its position on the matter. In that regard, the Parliament’s committee on economic and monetary affairs published a draft report on the proposed updated SFDR in May 2026 – for more information, see FIG Top 5 at 5 dated 7 May 2026.

1. AMLA publishes advisory note on ML / TF risks as MiCA transitional period ends

 

On 29 June 2026, the Anti-Money Laundering Authority (“AMLA”) published an advisory note (“Note”) on the money laundering (“ML”) and terrorist financing (“TF”) risks linked to the end of the regulation on markets in crypto-assets (“MiCA”) transitional period on 1 July 2026.

The Note sets out the potential  ML / TF risks and also details corresponding mitigating actions that can be taken by the crypto asset sector, AML / CFT supervisors and financial intelligence units (“FIUs”), ensuring the integrity of the EU’s financial system.

The Note highlights that the termination of activities by unauthorised virtual asset service providers (“VASPs”) and market reconfiguration after 1 July 2026, will result in significant structural changes to the EU crypto-asset ecosystem. The movement and termination of large volumes of customer relationships, and the concentration of crypto-asset activity in a smaller number of MiCA authorised crypto-asset service providers (“CASPs”) will, AMLA explains, have a material impact on the market.

In situations where VASP customers move to other EU CASPs, AMLA recommends that CASPs should carry out individual risk assessments and apply customer due diligence (“CDD”) to identified risks. Clients should not be subject to blanket de-risking.

The risks and suggested mitigation measures set out in the Note are categorised according to status as:

  • unauthorised VASPs;
  • authorised CASPs;
  • AML / CFT supervisors; and
  • FIUs

VASPs

Some of the risk and mitigation measures for VASPs are as follows:

  • risk of weakened AML / CFT controls during exit – there should be robust wind down and AML / CFT controls; and
  • risk of illicit flow concealment during exit – up to date customer information should be maintained and suspicious activity should be identified and reported.

CASPs

Some of the risk and mitigation measures for CASPs are as follows:

  • shifts in business models and customer portfolios following authorisation decisions may result in materially different risk profiles – it should be ensured that transaction monitoring systems are capable of dealing with increased volumes of crypto-asset transfers; and
  • rapid customer inflows may put pressure on transaction monitoring systems and compliance resources – affected CASPs should apply effective CDD and ensure proper integration of incoming customer risk information

AML / CFT supervisors and FIUs

Some of the risks and mitigating measures highlighted for AML / CFT supervisors include:

  • the risk that there could be supervisory blind spots during market exit and consolidation – a risk based focus on wind down processes is advised; and
  • inconsistent application of AML / CFT standards across transitioning entities – enhanced supervisory coordination and continuity of oversight is advised.

As regards FIUs, the Note highlights that the reallocation of customer bases may be used to obscure illicit flows, including through rapid asset movement across multiple CASPs or jurisdictions. The Note recommends that there should be enhanced cooperation and information exchange aimed at the maintenance of visibility of flows linked to exiting VASPs and / or receiving CASPs.

 

2. EBA publishes consultation on draft methodology for setting fines under MiCA

 

On 26 June 2026, the European Banking Authority (“EBA”) published a consultation (“Consultation”) on a draft methodology for setting fines under the regulation on markets in crypto-assets (“MiCA”).

Background

The EBA supervises issuers of significant asset-referenced tokens and significant e-money tokens under MiCA, and, in the case of an infringement of MiCA by such issuers, can impose fines under article 131. MiCA sets maximum amounts, but the exact amount is decided on a case-by-case basis.

In that context, and in the interests of a consistent and transparent approach to the imposition of sanctions, the EBA has developed the methodology, set out in the Consultation.

The Consultation details the EBA’s proposed approach to the calculation of fines, which can be used to explain how the EBA decided on a particular amount in a given case.

Two-step

The Consultation suggests a two-step approach, as follows:

  • step 1: determining the basic amount of a fine – this is based on a percentage of the annual turnover of the issuer in the preceding business year, depending on the severity of the infringement. Details as to the severity of the different types of infringements are set out in annexes V and VI of MiCA, also detailed in the Consultation, and are grouped into three categories relating to conflicts of interest, organisational or operational requirements / disclosure provisions to the public or transparency / obstacles to supervisory authorities’ activities. Here, the EBA has explained that some of the infringements listed in annexes V and VI of MiCA are similar to the infringements listed in other EU frameworks for fines, and so, they have been classified consistently with those other frameworks; and
  • step 2: adjustments for aggravating and mitigating factors – this step takes account of the need for the fine to be, not only proportionate to the type of infringement, but also appropriate to the specific infringement. The Consultation proposes aggravating or mitigating factors based on the factors set out in Article 131(2) MiCA. Some of these factors are as follows:
    • infringement committed for more than six months;
    • infringement committed intentionally;
    • financial crime occasioned, facilitated or attributable to the infringement;
    • the issuer has voluntarily taken meaningful measures to prevent the repetition of such an infringement; and
    • the issuer’s senior management can demonstrate that they have taken reasonable measures to prevent the breach.

Further adjustment

The resulting amount may be further adjusted by the EBA based on any of the criteria in article 131(2) of MiCA, which have not been taken into account in the second step, and also based on any need to reflect the EBA’s supervisory and consumer protection objectives. This final adjusted amount is subject to limitations set out in article 131(3) and (4) of MiCA.

Section 5 of the Consultation contains an overview of the specific questions

Next Steps

The Consultation is open for feedback until 28 September 2026. The EBA will hold a virtual public hearing on 16 of July – interested parties can register here.

 

3. Commission extends deadline for its consultation on functioning of MiCA

 

On 29 June 2026, the European Commission (“Commission”) updated its webpage regarding its targeted consultation (“Consultation”) on the review of the regulation on markets in crypto-assets (“MiCA”).

The Commission launched the Consultation in May 2026 – for more information, see FIG Top 5 at 5 dated 21 May 2026.

The Consultation is now open for feedback, for a further month, until 30 September 2026.

1. EBA publishes final report on revised guidelines on SREP and supervisory stress testing under CRD IV

 

On 26 June 2026, the European Banking Authority (“EBA”) published its final report (“Report”) on revised guidelines (“Revised Guidelines”) on common procedures and methodologies for the supervisory review and evaluation process (“SREP”) and supervisory stress testing under directive 2013/36/EU (“CRD”).

The Revised Guidelines consolidate all relevant SREP provisions into a single, comprehensive framework, retaining the core elements while integrating new aspects such as ESG factors, operational resilience, third-country branches. The EBA consulted on the Revised Guidelines in October 2025 – for more information, see FIG Top 5 at 5 dated 30 October 2025.

The Report highlights that some changes were made to the Revised Guidelines on foot of responses received during the consultation period, some of which are as follows:

  • explanatory text has been added in the ‘Background’ section along with an amendment in paragraph 121, to address concerns relating to clarifications on information and reporting requests between DORA, SREP and other frameworks;
  • as regards comments around references to regulatory products, the EBA has removed related tables and developed a separate list of legal acts facilitating SREP assessments that will be published on the EBA’s website; and
  • there were some comments received dealing with future proofing with reference to the new EU AML package and AMLA supervision and, in that regard, the EBA has provided additional clarity in the ‘Background’ and the definitions, together with the addition of a transitional provision for aspects becoming applicable with the new AMLD6 / AMLR.

The EBA has stated that the Revised Guidelines “pave the way for a more risk-focused, efficient, proportionate and forward-looking framework for supervisors across the EU.”

Next Steps

The Revised Guidelines will be translated into the official EU languages and published on the EBA’s website. The revised Guidelines will apply from 1 January 2027 and from that date, the existing SREP guidelines and the guidelines on ICT risk assessment under SREP will be repealed and replaced.

In advance of 1 January 2027, competent authorities are encouraged to consider the Revised Guidelines and, where possible, to introduce its elements at an earlier stage of their supervisory planning cycles.

 

2. ECB announces comprehensive review of its publications on banking supervision

 

On 26 June 2026, the European Central Bank (“ECB”) published a press release (“Press Release”) announcing that it is carrying out a comprehensive review (“Review”) of its publications on banking supervision. The Review aims to improve transparency, consistency and ease of use for banks and other stakeholders, including the wider public.

The Review forms part of broader work as regards making European banking supervision more efficient, effective and risk-based, with the EBA explaining that the Review supports these goals by:

  • streamlining guidance;
  • clarifying the purpose of different supervisory tools; and
  • ensuring clear, consistent and accessible communication.

Discontinued

As part of Review, the ECB has examined approximately 130 guides, letter and methodologies. From that number, around 40 documents have been discontinued due to their being outdated, superseded or no longer relevant.  The EBA has also published an annex setting out all of the discontinued publications. However, these publications will continue to be accessible in the interests of transparency.

Revisions

The Press Release highlights that a limited number of publications have been, or soon will be, revised so as to clarify specific matters or reflect recent regulatory developments, for example:

  • supervisory expectations for the management buffer will be clarified in the guide to the internal capital adequacy assessment process, where it will be made clearer that the management buffer is a bank’s view on the capital it needs for its business model to remain sustainable;
  • an updated version of the ECB’s guide to internal models has been published – all content related to supervisory expectations on the credit conversion factor has been removed as the EBA is currently preparing guidelines on this topic; and
  • updated versions of the guide on assessment methodology and the guide on materiality assessment, have been published – references to the credit valuation adjustment have been removed to reflect new rules under the capital requirements regulation (“CRR III”).

More in depth revisions

Some publications have been earmarked for more in-depth revisions – taking account of upcoming legislative developments and feedback on publications received from banks and other stakeholders. The ECB has highlighted that it will launch public consultations where substantial changes are required. Some of the publications that, so far, will be subject to more extensive revisions, are as follows:

  • the draft guide on governance and risk culture – this will be replaced by a report focused solely on good practices and is planned for publication in Q1 2027 after the EBA finalises its revised guidelines on internal governance;
  • the guide to licence applications – further clarification on procedural matters will be provided and express reference will be made to the European Banking Authority’s guidelines on a common assessment methodology for granting authorisation as a credit institution. Publication is expected in Q3 2026;
  • the guide on effective risk data aggregation and risk reporting – further clarification around key expectations will be provided with publication planned for Q4 2026;
  • the guide to on-site inspections and internal model investigations – certain processes will be further clarified. Publication is expected by the end of 2026; and
  • the guidance of leveraged transactions is being reviewed – it is expected that this will be completed by the end of 2026.

Finally, the ECB has updated how it classifies supervisory publications on its website to clarify the purpose and intended use of different types of material.

1. EIOPA publishes report on 2025 oversight activities

 

On 26 June 2026, the European Insurance and Occupational Pensions Authority (“EIOPA”) published its oversight activities report 2025 (“Report”). The Report, which aims to provide an overview of EIOPA’s oversight activities across 2025, states that EIOPA’s work, alongside national competent authorities (“NCAs”), was focused on strengthening supervisory capacity and enhancing collaboration, particularly in a cross-border context.

Some of the main findings of the Report are as follows:

  • EIOPA worked in close collaboration with NCAs in 2025, by way of bilateral engagements, including ten on-site country visits. The visits covered a number of topics, such as prudential supervision, conduct supervision and institutions for occupational retirement provision implementation;
  • in terms of EIOPA’s participation in colleges of supervisors, EIOPA actively participated in 33 of the 60 colleges, highlighting that the topical focus of colleges in 2025 has been closely aligned with EIOPA’s strategic objectives and the Union-wide strategic supervisory priorities. Areas focused on included DORA implementation / the use of AI / value for money / governance and fitness and propriety;
  • the finalisation, by EIOPA, of a technical assessment of an insurance undertaking’s technical provisions gross and net of reinsurance as well as of its solvency capital requirement computation;
  • EIOPA participated in three joint onsite inspections, with one focused on internal model use test and two on conduct of business;
  • EIOPA, together with four NCAs, finalised a project to develop a SupTech tool designed to identify products at higher risk of greenwashing, ultimately promoting more effective supervision;
  • EIOPA carried out a range of thematic activities aimed at identifying, monitoring, and addressing conduct risks across the EEA or across several markets, for example:
    • activities as regards value for money and retail risks indicators;
    • a new coordinated mystery shopping exercise focusing on the digital customer journey. Additionally, EIOPA followed up on the first coordinated mystery shopping exercise focused on the sale of insurance-based investment products;
    • detailed analysis of insurance product information documents to assess whether there is sufficient clarity in coverage and exclusions; and
    • reports monitoring and reporting on consumer trends and trends in costs and past performance of retail financial services.
  • close cooperation with NCAs as regards the use of internal models, targeted at the promotion of a consistent supervisory framework and also to support a level playing field; and
  • EIOPA continued its monitoring activities as regards equivalence, for example, in Bermuda and Switzerland.

 

2. EIOPA publishes follow-up report to its 2023 peer review on product oversight and governance

 

On 30 June 2026, the European Insurance and Occupational Pensions Authority (“EIOPA”) published a follow-up report (“Report”) to its 2023 peer review (“Peer Review”) on product oversight and governance (“POG”).

The Peer Review assessed the maturity of POG supervisory frameworks and identified areas for improvement across national competent authorities (“NCAs”) – for more information on the Peer Review, see FIG Top 5 at 5 dated 27 July 2023.

The Report examines how NCAs have implemented the recommended actions set out in the Peer Review. These recommended actions were set out across five areas – organisation and resources of POG supervision / risk-based approach / setting and communicating supervisory expectations / supervisory methodologies and tools / supervisory activities.

Main findings

The Report shows that POG supervision has been strengthened but also that supervisory convergence is a work in progress.

The time period covered by the Report is August 2023 to June 2025. Some of the main findings of the Report are as follows:

  • in the main, NCAs have strengthened their supervisory frameworks and advanced the maturity of POG supervision, with the Report highlighting this as an important step as regards consumer protection outcomes across the EU, although some differences remain;
  • many NCAs have significantly advanced their risk-based frameworks – this strengthens the ability to prioritise supervisory attention in areas with the greatest potential for consumer detriment;
  • significant progress was made as regards setting and communicating supervisory expectations and activities;
  • there was notable progress made regarding supervisory methodologies and organisational arrangements, but the Report notes that this was uneven, concluding that this reflects the complexity and time required to embed these elements effectively in practice; and
  • remaining gaps, the Report details, are limited to a small number of NCAs and relate mostly to situations where supervisory frameworks are still under development, internal guidance remains too high-level or not yet formally approved, or the practical implementation of supervisory tools has not yet been fully evidenced.

Ireland

The recommended action for Ireland in the Peer Review focused on setting and communicating supervisory expectations, with it being recommended that the Central Bank of Ireland (“Central Bank”) develop a comprehensive set of supervisory expectations covering all the elements of POG requirements applied to insurance-based investment products (“IBIPs”) and that these expectations be communicated to industry. The main findings in the Report, as regards the Central Bank’s actions on foot of the Peer Review, are as follows:

  • supervisory expectations regarding POG were communicated via formal publications and industry communications, alongside supervisory dialogue and follow-up engagement;
  • the Report notes that the Central Bank identified its regulatory and supervisory outlook reports 2024 and 2025 and consumer protection outlook reports 2022 and 2023, as the main ways to set out cross sectoral expectations. The June 2023 insurance newsletter was also highlighted in the Report, in that the Central Bank communicated findings and expectations from a thematic inspection of POG arrangements, including that POG should not be treated as a “tick-box” exercise and that appropriate oversight should be provided by executive boards; and
  • expectations set out in the Central Bank’s various communications were reinforced by way of letters and follow–up supervisory actions, such as:
    • a dear CEO Letter setting out findings and expectations following a thematic review on the ongoing suitability of long-term life products; and
    • a risk mitigation programme was issued following an on-site inspection of an overseas branch of an Irish-authorised undertaking, requiring strengthened POG arrangements and the documentation of annual value for money analysis.

Requirements fulfilled

The Report highlights that Ireland, based on an assessment of the information that was provided, has fulfilled the recommended action in the Peer Review.

Browse previous FIG 5 @5 Editions

View All
Insights
25/06/2026

FIG Top 5 at 5 – 25/06/2026

Read More
Insights
18/06/2026

FIG Top 5 at 5 – 18/06/2026

Read More
Insights
11/06/2026

FIG Top 5 at 5 – 11/06/2026

Read More
Insights
04/06/2026

FIG Top 5 at 5 – 04/06/2026

Read More
Insights
28/05/2026

FIG Top 5 at 5 – 28/05/2026

Read More
Insights
21/05/2026

FIG Top 5 at 5 – 21/05/2026

Read More
Insights
14/05/2026

FIG Top 5 at 5 – 14/05/2026

Read More
Insights
07/05/2026

FIG Top 5 at 5 – 07/05/2026

Read More
Insights
30/04/2026

FIG Top 5 at 5 – 30/04/2026

Read More
Insights
23/04/2026

FIG Top 5 at 5 – 23/04/2026

Read More
An image of an architectural stairwell

Thought Leadership

Matheson Talks Financial Regulation Podcast

The Matheson Financial Institutions Group are delighted to share with you some useful podcasts.

Our Team

Darren  Maher

Darren

Maher

Managing Partner

Joe Beashel

Joe

Beashel

Partner

Gráinne Callanan

Gráinne

Callanan

Partner

Caroline  Kearns

Caroline

Kearns

Partner

Elaine  Long

Elaine

Long

Partner

Niamh  Mulholland

Niamh

Mulholland

Partner

Ciaran O'Boyle

Ciaran

O'Boyle

Partner

Ian O'Mara

Ian

O'Mara

Partner

© 2026 Matheson LLP | All Rights Reserved