you are being redirected

You will be redirected to the website of our parent company, Schönherr Rechtsanwälte GmbH: www.schoenherr.eu

06 July 2026
Schoenherr publication
czech republic

to the point: financial regulation | 6/2026

Welcome to our to the point newsletter. Every month, we look back at the most relevant developments in financial regulation in the CEE region.

In this edition, you will get a mix of updates:

  • The EBA has published its final Pillar 3 ITS on ESG risks, equity exposures and shadow-banking exposures, completing the second wave of CRR3 disclosure standards. The ITS finalises quantitative and qualitative disclosure templates covering climate transition and physical risk, biodiversity and social risks, banks’ equity exposures under CRR3 permanent partial use, and cross-border shadow banking exposures. Templates include a mandatory ESG risk sensitivity analysis and updated GAR / BTAR breakdowns. Application from disclosure reference dates falling on or after 31 December 2026; large banks must publish annually and small non-complex banks biennially. CEE banking groups should coordinate with parent groups on data-collection uplift and factor the new templates into 2027 Pillar 3 report planning and 2026 year-end model runs.
  • The European Parliament’s ECON Committee has adopted its negotiating mandate on the Digital Euro / Single Currency Package, opening trilogues with the Council in the second half of 2026. ECON backed a digital euro with strong holding limits, offline functionality, mandatory zero-fee basic use for consumers, privacy safeguards and clear rules on private-sector distribution by banks and other PSPs. The mandate covers the Digital Euro Regulation, the Legal Tender Regulation and the Euro Cash Regulation. Trilogues will focus on distribution economics, private-sector compensation and the treatment of intermediaries. CEE banks in the euro area should already be planning distribution roles, IT integration and customer-facing propositions; non-euro-area CEE banks should track spillovers on wallets and correspondent banking.
  • The Council of the EU has formally endorsed the Retail Investment Strategy package, closing months of trilogues and setting a clear transposition path for MiFID II, IDD, PRIIPs, UCITS and AIFMD amendments. The package sharpens the value-for-money framework, introduces benchmark-based supervisory tests for costs and performance of retail investment products, tightens inducement rules for non-advised sales, and strengthens marketing communication and disclosure requirements. The final text preserves the ability of Member States to allow commissions in advised sales, but with enhanced quality-of-service and best-interest safeguards. Member States must transpose within 18 months; ESMA and EIOPA are already preparing Level 2 measures. CEE banks, insurers, distributors and fund managers should begin gap analyses now, particularly around cost benchmarking, inducement documentation and IDD/MiFID product-oversight processes.
  • The European Supervisory Authorities have published their first annual DORA ICT-related incidents report, marking one year of pan-EU financial-sector incident data. The Joint Committee report analyses 3,383 major ICT-related incidents notified by banks, investment firms, insurers, CCPs and CSDs under DORA between 17 January 2025 and 31 December 2025, roughly one-third with cross-border effects. Common causes were software failures, configuration errors and cyber incidents; recovery times materially exceeded the DORA thresholds for a non-trivial share of cases. The ESAs signal reinforced supervisory focus on ICT third-party risk, testing programmes and incident classification. CEE-based subsidiaries of EU groups — and locally headquartered firms — should benchmark their incident classification and reporting workflows before the 2026 annual submission cycle.
  • The European Commission has adopted the FRTB / market-risk delegated act, extending Basel III output-floor and market-risk relief for EU banks into 2029. The delegated act postpones full application of the new Fundamental Review of the Trading Book (FRTB) framework for a further year, into 2027, and calibrates the CRR3 output-floor transition so EU banks retain a competitive market-risk regime pending final US and UK implementation. The package also fine-tunes the treatment of certain equity, securitisation and internal-model exposures. The measure is subject to a three-month EP/Council non-objection period. CEE banking groups with significant trading operations, especially subsidiaries of EU G-SIIs, should incorporate the revised timeline into 2027 ICAAP submissions and Pillar 1 model change plans.
  • The CNB has raised the countercyclical capital buffer to 1.5% by Measure I/2026 on 4 June 2026, effective 5 June 2026 and binding for combined-buffer calculations from 1 July 2027. The 25 bp increase reflects strong credit growth, residential property prices rising around 10% year-on-year and elevated cyclical risk. The CNB signalled readiness for further adjustments if credit dynamics fail to moderate. Czech banks should update capital-planning models and MREL ladders; reciprocity applies for banks with Czech exposures under CRD Article 137. The measure lands alongside the CNB’s first 2W repo-rate hike of the cycle (to 3.75% on 18 June).
  • Hungary moved to scrap its home-grown crypto licensing rules on 30 June 2026, when the Deputy Prime Minister tabled Bill T/305 in Parliament. The Bill recognises that the mandatory "validation" regime Hungary imposed on crypto-asset exchange services clashes with the EU's MiCA Regulation, which already provides a single, Union-wide licensing framework for the sector. If adopted, the Bill will repeal the dedicated crypto offences from the Criminal Code, strip the Regulated Activities Supervisory Authority (SZTFH) of its crypto-oversight role, and remove the entire validation-service chapter — including licensing, supervision and related definitions — from the 2024 Crypto-Assets Market Act. Pending licence applications would be terminated automatically, and all associated personal data must be deleted within three business days. The changes would take effect on the eighth day after promulgation, marking a clear shift towards relying on the harmonised EU regime for crypto regulation in Hungary.
contact

our team of financial regulation experts

Our experienced team of financial regulation experts will be happy to support you if you have any questions or wish to be updated regularly via newsletters covering specific regulations affecting your business and/or via webinars on topics of your choice.

Do not hesitate to contact us.