EBA launches consultation on Reporting Framework 4.3 – New AML and Third‑Country Branch reporting requirements

EU RegCORE Client Alert | Capital Markets Union + Savings and Investment Union

QuickTake

On 16 April 2026, the European Banking Authority (EBA) published a draft technical package for version 4.3 of its reporting framework, which covers two distinct reporting streams: (i) prudential supervisory reporting for third‑country branches based on the European Union (EU) Capital Requirements Directive (CRD VI), and (ii) anti‑money laundering (AML)‑related reporting supporting the Anti‑Money Laundering Authority (AMLA) framework for identifying entities subject to direct AMLA supervision. The draft technical package sets out the technical reporting specifications, including Data Point Model (DPM) definitions, eXtensible Business Reporting Language (XBRL) taxonomies, validation rules and an updated glossary, and is intended to provide institutions with early visibility of forthcoming supervisory reporting requirements ahead of finalisation expected in June 2026.EBA, Press release, “EBA seeks feedback on version 4.3 draft technical package of its reporting framework” (16 April 2026), available here.Show Footnote

The EBA has invited stakeholders to provide feedback on the draft package by 10 May 2026 In relation to third‑country branches, once finalised, the package will provide the technical basis for new Implementing Technical Standards (ITS) on prudential supervisory reporting under CRD VI. These requirements will apply to EU branches of non‑EU credit institutions, with a first reporting reference date expected in March 2027. For AML purposes, the package sets out the technical framework underpinning AMLA’s methodology for identifying obliged entities that may fall under direct AMLA supervision, with AML‑related reporting expected to commence from December 2026.

Key takeaways from the draft Reporting Framework 4.3

1. Early technical visibility of new reporting regimes
   
   Reporting Framework 4.3 represents the first technical articulation of upcoming supervisory reporting obligations relating both to third‑country branches operating in the EU under CRD VI and to AML‑related reporting connected to AMLA’s future supervision model. Although the package has been published in draft form, it provides institutions with early insight into expected data, reporting structures and technical requirements, allowing them to begin assessing systems readiness, data availability and reporting processes well in advance of formal application dates
2. New ITS on third‑country branch reporting
   
   With respect to third‑country branches, the draft technical package supports new ITS on supervisory reporting, adopted pursuant to Article 48l (1) of the CRD VI (Standard forms and templates and frequency of reporting). The first reporting reference date of 31 March 2027 reflects the objective of strengthening supervisory harmonisation, transparency and comparability of third‑country branch activities across EU Member States.
3. AMLA‑related reporting framework introduced
   
   In parallel, the package introduces a Data Point Model and XBRL taxonomy supporting AMLA’s methodology for identifying obliged entities that may fall within the scope of direct AMLA supervision. The first reference date for this reporting stream is 31 December 2026, and institutions are expected to assess the draft technical specifications together with AMLA’s templates and instructions developed for its testing and calibration exercises.
4. Limited scope of Reporting Framework 4.3
   
   Reporting Framework 4.3 has a clearly limited scope and does not introduce amendments to existing Common Reporting (OREP), Financial Reporting (FINREP), liquidity, environmental, social and governance (ESG) or resolution reporting frameworks. Changes to those reporting regimes are expected to be addressed separately under Reporting Framework 4.4, which is anticipated later in 2026.European Banking Authority (EBA), Reporting Framework – Overview and roadmap, available here.Show Footnote
5. Consultation open until 10 May 2026
   
   The EBA is seeking stakeholder feedback on both the draft technical packages, including the Data Point Model specifications, taxonomies and validation rules, and the updated glossary. Feedback must be submitted through the EBA consultation process by 10 May 2026.

Key considerations and recommendations for affected institutions

As an initial step, institutions should assess whether they operate third‑country branches within the EU or may qualify as AML‑relevant obliged entities potentially subject to direct AMLA supervision, as this scoping assessment will be critical in determining the relevance and timing of Reporting Framework 4.3.

Even at this draft stage, institutions are encouraged to initiate early technical impact assessments, including mapping relevant DPM data points against existing data models, evaluating implications for XBRL reporting solutions, and reviewing validation rules and associated data‑quality expectations. Early preparation may help mitigate implementation risk once the framework is finalised.

Institutions should also consider aligning AML‑related reporting preparations with broader AML governance, data and supervisory engagement strategies, considering AMLA’s phased approach to the assumption of direct supervisory responsibilities.

Given the operational and technical implications of the new requirements, affected institutions may also wish to submit targeted feedback to the EBA, particularly in relation to data feasibility, proportionality of reporting requirements, and clarity of technical definitions and validation logic.

Outlook and next steps

The final Reporting Framework 4.3 package is expected in June 2026, incorporating stakeholder feedback. Once finalised, institutions will need to factor these requirements into their regulatory change, data and reporting roadmaps.

More broadly, the publication reflects a growing emphasis on:

• Harmonised supervision of third‑country banking activities, and
• Centralised EU‑level AML supervision through AMLA.

Further technical developments are expected later in 2026 with Reporting Framework 4.4, which is likely to introduce changes to existing reporting regimes, including CRR3/CRD VI amendments, ESG and Digital Operational Resilience Act (DORA)‑related reporting streams.

About us

PwC Legal is assisting a number of financial services firms and market participants in forward planning for changes stemming from relevant related developments. We have assembled a multi-disciplinary and multijurisdictional team of sector experts to support clients navigate challenges and seize opportunities as well as to proactively engage with their market stakeholders and regulators.  

Moreover, we have developed a number of RegTech and SupTech tools for supervised firms, including PwC Legal’s Rule Scanner tool, backed by a trusted set of managed solutions from PwC Legal Business Solutions, allowing for horizon scanning and risk mapping of all legislative and regulatory developments as well as sanctions and fines from more than 2,500 legislative and regulatory policymakers and other industry voices in over 170 jurisdictions impacting financial services firms and their business. 

Equally, in leveraging our Rule Scanner technology, we offer a further solution for clients to digitise financial services firms’ relevant internal policies and procedures, create a comprehensive documentation inventory with an established documentation hierarchy and embedded glossary that has version control over a defined backward plus forward looking timeline to be able to ensure changes in one policy are carried through over to other policy and procedure documents, critical path dependencies are mapped and legislative and regulatory developments are flagged where these may require actions to be taken in such policies and procedures.   

The PwC Legal Team behind Rule Scanner are proud recipients of ALM Law.com’s coveted “2024 Disruptive Technology of the Year Award” and the “2025 Regulatory, Governance and Compliance Technology Award in 2025”.  

If you would like to discuss any of the developments mentioned above, or how they may affect your business more generally, please contact any of our key contacts or PwC Legal’s RegCORE Team via de_regcore@pwc.com or our website.