EU Regulatory Changes

The European Data Protection Supervisor (EDPS) has published a new informational episode concerning the implementation of the eIDAS2 framework, specifically focused on Digital Identity Wallets. Thi...

The French National Agency for the Security of Information Systems (ANSSI) has published new guidance and support initiatives to aid in the implementation of the transposed NIS2 Directive. This upd...

The French National Cybersecurity Agency (ANSSI) has announced the opening of a pre-registration portal for entities in scope of the NIS 2 Directive. This is a key procedural step ahead of the form...

The German Federal Office for Information Security (BSI) has officially assumed the chairmanship of the Administrative Cooperation Group (AdCo) for the Cyber Resilience Act (CRA). This group is the...

The German Federal Office for Information Security (BSI) has been officially designated as the national market surveillance authority for the Cyber Resilience Act (CRA). This announcement confirms ...

The European Parliament has published a press release confirming a delayed application timeline for the EU AI Act. The core prohibition on banned AI practices, including the specific ban on 'nudifi...

The European Parliament has issued a critical press release concerning the EU's Global Gateway strategy, operating under the framework of the recently enacted Cyber Resilience Act (CRA). MEPs forma...

A new security advisory has been published regarding multiple vulnerabilities in Red Hat Enterprise Linux (RHEL) that could enable Denial of Service (DoS) attacks. The advisory, identified as WID-S...

The European Data Protection Board has published the agenda for the IAPP Global Summit 2026, serving as a key forward-looking resource on the operationalization of the EU AI Act. This agenda outlin...

In an interview published on 24 March 2026, ECB Supervisory Board member Patrick Montagner outlined evolving supervisory expectations regarding risk management in a fragmented credit market. The fo...

The European Data Protection Board (EDPB) has published its agenda for the IAPP Global Summit 2026, highlighting key regulatory priorities. This agenda signals the EDPB's focus on the operational c...

The European Data Protection Board and European Data Protection Supervisor have issued a joint opinion on the proposed Cybersecurity Act 2 and amendments to the NIS 2 Directive. This opinion provid...

The EDPB and EDPS have issued a joint opinion endorsing the European Commission's draft implementing acts for the NIS2 Directive. This opinion supports measures designed to standardize and clarify ...

The European Data Protection Board (EDPB) has launched its 2026 Coordinated Enforcement Framework (CEF) action, focusing on the practical application of GDPR transparency and information obligation...

The CSSF has published an update regarding the collection of information for the DORA Register. This involves the formal issuance of templates and technical specifications that financial entities m...

ESMA has launched a public consultation on proposed technical standards for post-trade risk reduction (PTRR) services under the revised EMIR framework (EMIR 3). This initiative, developed within th...

ESMA has published its final report setting the clearing thresholds under the updated EMIR 3 framework, which is part of the broader DORA regulatory initiative. This establishes the quantitative le...

ENISA has published operational details on the cooperation framework for the EU Cybersecurity Reserve, a key mechanism established under the NIS2 Directive. The update clarifies the process for req...

In a February 2026 speech, ECB supervisory chair Claudia Buch outlined enhanced cooperation between the future Anti-Money Laundering Authority (AMLA) and ECB Banking Supervision. The key change is ...

The CSSF has published a communication specifying the submission timeframe for a key DORA requirement. It mandates that third-country branches of credit institutions, whose head office is outside t...