The EBA and ESMA have launched a consultation on revised joint guidelines updating suitability assessments for management body members and key function holders in banks and investment firms, incorporating new requirements from the revised CRD and MiFID II to enhance harmonization and supervisory convergence. This matters for compliance professionals as it introduces mandatory assessments for additional roles, strengthens AML/CFT links, and includes simplifications to reduce burdens, potentially impacting governance processes once finalized and replacing the 2021 guidelines.
What Changed
Incorporation of revised CRD requirements for large institutions, including ex-ante applications where authorities perform ex-post assessments, and mandatory suitability assessments for key roles like heads of control functions and chief financial officers.
Expanded application to CRD-covered entities and MiFID II investment firms, with further specifications for third-country branches.
Strengthened integration with AML/CFT framework, providing guidance on identifying reasonable grounds to suspect money laundering or terrorist financing risks during assessments.
Introduction of targeted...
What You Need To Do
- Review full consultation papers on EBA (https
- Assess current suitability processes against new requirements (e
- For large institutions, evaluate EBA RTS on documentation and align internal templates (e
- Participate in public hearings on 15 April 2026 if relevant
- Plan governance updates, including ongoing monitoring of collective/individual suitability and corrective measures
Key Dates
25 May 2026 - Deadline for submitting comments on joint guidelines and EBA RTS. DEADLINE
15 April 2026, 14:00-15:30 - Public hearing on joint guidelines.
15 April 2026, 15:30-16:30 - Public hearing on EBA RTS.
Post-25 May 2026 - EBA publishes all contributions (unless requested otherwise).
TBD (post-consultation) - Revised guidelines enter into force, repealing 2021 guidelines.
Compliance Impact
Urgency: High - As a consultation launched today (25 February 2026), firms have ~3 months to engage, but final guidelines will repeal existing ones, mandating process updates for core governance/AML functions in banks and investment firms; delays risk non-compliance with harmonized EU standards, especially for large institutions facing RTS on documentation. Matters due to expanded scope (e.g., CFOs, third-country branches) and AML ties, amplifying fit-and-proper regime enforcement amid supervisory convergence push.