ESMA publishes its Annual Work Programme 2026

RegCORE Client Alert | SIU/CMU

QuickTake

Typically, in the fourth quarter annually, EU-level authorities publish their Annual Work Programmes (AWPs). The European Securities and Markets Authority (ESMA) is among these authorities. AWPs delineate priorities and resource allocation for the forthcoming calendar year. Certain authorities, including ESMA, additionally issue a multi-year priority plan, known as a Single Programming Document (SPD). Both AWPs and SPDs are relevant to National Competent Authorities (NCAs) and entities subject to ESMA’s and NCAs' regulatory and supervisory mandates.

On 3 October 2025, ESMA published its AWP for 2026 outlining its focus on key strategic priorities and implementation of new mandates.Available here.Show Footnote The AWP 2026 should be read in conjunction with its SPD 2026-2028.Available here.Show Footnote Its earlier SPD for 2024-2026 was previously published on 31 January 2024. Both SPDs build upon the longer-term “ESMA Strategy 2023-2028”, which was published in October 2022.Available here.Show Footnote

The 2026 AWP is particularly significant. It coincides with major EU legislative and policy shifts. Notably, it marks the transition from the Capital Markets Union (CMU) to the Savings and Investments Union (SIU). It also involves implementing new and revised regulations across virtually all EU financial services sectors. The CMU focused on deepening and integrating EU capital markets to facilitate cross-border investment and access to finance. The SIU, however, signals a broader and more ambitious agenda. The SIU aims to enhance market integration and competitiveness. It also seeks to make EU capital markets more accessible, attractive and efficient for both retail and institutional investors. This shift is designed to support the EU’s long-term economic resilience, strategic autonomy and financing of key policy priorities like the green and digital transitions.

As in previous years, ESMA’s AWP addresses the evolving market context, legislative and regulatory changes (including the transition from CMU to SIU) and technological advancements impacting the financial services sector and financial market participants under its mandate. ESMA, as a regulator, serves as the gatekeeper for specific parts of the Single Rulebook for financial services within its mandate. It is tasked with ensuring regulatory and supervisory convergence among NCAs and across markets.

ESMA, particularly through the AWP, shapes how NCAs apply legislative and regulatory requirements and ESMA's supervisory expectations for financial market participants. ESMA also directly supervises credit rating agencies (CRAs), trade repositories (TRs), securitisation repositories (SRs), data reporting service providers (DRSPs), certain EU benchmark administrators and systemically important third-country central counterparties (CCPs). In 2025, ESMA began selecting consolidated tape providers (CTPs), supervised as DRSPs. Additionally, within the EU’s Regulation for a Digital Operational Resilience Act (DORA), ESMA will equally oversee designated critical third-party service providers (CTPPs) jointly with its sister European Supervisory Authorities (ESAs), the European Banking Authority (EBA) and the European Insurance and Occupational Pensions Authority (EIOPA).

This Client Alert discusses relevant issues and key legal and regulatory considerations for market participants. Readers should review this alert alongside other thematic deep dives on reforms and developments. It also complements our standalone analysis of all relevant 2026 work programmes from the European Commission, the ESAs, Banking Union authorities (ECB-SSM and SRB), AMLAAvailable here.Show Footnote as well as the EBA’s and ESMA’s efficiency, simplification and burden reduction reports published October 2025. Additionally, readers may find value in consulting excellent publications from PwC’s Risk Network and PwC Legal’s “Navigating 2026”. This comprehensive playbook provides a granular annual outlook from PwC Legal’s EU RegCORE on forthcoming regulatory policymaking, the supervisory cycle and an assessment of commonalities and trends across plans for 2026 and beyond.

Key takeaways from ESMA’s 2026 AWP

As in previous years, ESMA uses its 2026 AWP to outline its strategic priorities. It communicates a comprehensive roadmap and resourcing plan for ESMA's activities and publications. Primarily, these publications include Guidelines, Implementing Technical Standards (ITS) and Regulatory Technical Standards (RTS) that are mandated. Other rulemaking instruments and statements (Q&As, Opinions and Supervisory Briefings) set out ESMA’s supervisory expectations for NCAs and market participants. Annex IV to the AWP 2026 provides a list of ESMA outputs by type, assessed in further detail in “Navigating 2026”. ESMA expects firms to stay abreast of these communications and expectations. This ensures compliance and helps avoid potential enforcement actions.

The 2026 AWP contains close to 60 pages of detail. It focuses on the following key areas, summarised below, relating to both the market and ESMA’s own operational priorities:

1. ESMA’s expectations towards NCAs and financial market participants

ESMA’s 2026 AWP is structured around three ‘strategic priorities’ — (i) effective markets and financial stability, (ii) effective supervision and (iii) retail investor protection — supported by two ‘thematic drivers’: (a) sustainable finance and (b) the effective use of data and technological innovation.

• (i) Effective markets and financial stability
  
  ESMA will continue to develop a proportionate and effective Single Rulebook. It particularly focuses on simplification and burden reduction for market participants. ESMA will support the integration and competitiveness of EU capital markets. This includes providing technical advice and regulatory input into the SIU legislative agenda. In 2026, ESMA will review and update existing rules and guidance. This ensures they remain fit for purpose given evolving market practices, technological innovation and new business models. This also includes a focus on proportionality, ensuring rules are meaningful and effective without imposing unnecessary burdens. This is particularly important for smaller firms or those with limited cross-border activity.
  
  The European Commission's SIU Strategy drives further integration, aiming to deepen and unify EU capital markets. ESMA is expected to play a central role. It will support legislative proposals addressing trading and post-trading market infrastructure integration, facilitating cross-border fund provision and reducing operational barriers for asset managers. For regulated firms, this means the regulatory environment will become more harmonised, with less scope for national divergence. Firms operating across borders will benefit from more consistent rules and supervisory expectations. However, firms must also prepare for changes to existing processes and systems as rules are updated and harmonised.
  
  ESMA will also maintain its risk monitoring activities. It will publish bi-annual Trends, Risks and Vulnerabilities (TRV) reports and sectoral market reports. ESMA will coordinate with EU and international bodies to enhance financial stability and crisis preparedness. Firms should expect ESMA’s risk monitoring to increasingly leverage advanced analytics. This includes artificial intelligence (AI) and big data tools, to detect anomalies and potential market instability sources. This will likely result in more timely and targeted interventions, with less reliance on periodic or reactive supervision. Therefore, firms must ensure their risk management frameworks are robust, data-driven and capable of responding quickly to supervisory requests for information or action.
  
  Crisis preparedness is another focus area. ESMA coordinates closely with other EU and international bodies. These include the European Central Bank (ECB), the European Systemic Risk Board (ESRB) and the Financial Stability Board (FSB). This ensures a coordinated response to potential market shocks. Activities include participating in crisis management exercises, stress-testing CCPs and developing contingency plans for market disruptions. Regulated firms, especially those considered systemically important or interconnected (such as CCPs, Central Securities Depositories (CSDs) and large asset managers), should expect increased scrutiny of their crisis management and recovery plans, as well as potential participation in industry-wide stress tests or fire drills.
• (ii) Effective supervision
  
  The 2026 AWP marks a significant broadening of ESMA’s direct supervisory remit.See also analysis on ESMA’s Registration Guide available here.Show Footnote Historically, ESMA’s direct supervision was limited to a relatively narrow set of entities. These included credit rating agencies (CRAs), trade repositories (TRs), securitisation repositories (SRs), benchmark administrators and systemically important third-country central counterparties (TCE-CCPs). ESMA has historically and will continue to foster supervisory convergence among NCAs.
  
  From 2026, ESMA will directly supervise a wider range of market participants. This includes Consolidated Tape Providers (CTPs) for bonds and equities, Environmental, Social and Governance (ESG) rating providers and external reviewers under the European Green Bond Regulation. This expansion directly responds to the increasing complexity and cross-border nature of EU financial markets. It also addresses the need for consistent application of new regulatory frameworks in areas like sustainable finance and market transparency. ESMA will also focus on implementing and enforcing DORA, with particular emphasis on Information and Communication Technology (ICT) risk and cyber resilience.
  
  For regulated firms, this shift means that entities falling within these new categories will be subject to ESMA’s authorisation, ongoing supervision and enforcement processes. ESMA typically sets rigorous standards and expectations, with a strong emphasis on robust governance, internal controls, data quality and transparency. Firms should expect detailed scrutiny of their organisational arrangements, risk management frameworks and compliance cultures. The initial registration and authorisation processes will likely be resource-intensive, requiring comprehensive documentation and evidence of compliance with all relevant regulatory requirements. Once authorised, firms will be subject to ongoing reporting, periodic reviews and the possibility of on-site inspections and thematic investigations.
  
  A core theme of the 2026 AWP is the drive for greater supervisory convergence across the EU. ESMA is intensifying its efforts to harmonise supervisory practices among NCAs through various mechanisms. These include Common Supervisory Actions (CSAs), peer reviews, supervisory colleges and developing a single EU Supervisory Handbook. The aim is to ensure similar risks and issues are addressed consistently across all Member States. This reduces the scope for regulatory arbitrage and ensures a level playing field for market participants.
  
  For firms operating in multiple jurisdictions, supervisory expectations and enforcement approaches will become more uniform, regardless of the home Member State. ESMA’s convergence toolkit includes coordinating thematic reviews, sharing best practices and developing common supervisory priorities. This includes specific Union-wide Strategic Supervisory Priorities (USSPs) to be finalised in 2026. A particular focus will be placed on digital operational resilience (in light of DORA), ESG disclosures and implementing new requirements for CTPs and ESG rating providers. Firms should anticipate more frequent and coordinated supervisory actions, including joint inspections and information requests.
  
  ESMA’s supervisory approach is increasingly risk-based and data-driven. The authority leverages large volumes of regulatory data to identify emerging risks, prioritise supervisory actions and assess the effectiveness of firms’ controls and governance. This approach is supported by the ongoing development of the ESMA Data Platform, which will facilitate the integration and analysis of data from multiple sources, enabling more sophisticated risk monitoring and early detection of potential issues.
  
  Firms should be prepared for a supervisory environment where data quality, timely reporting and transparency are paramount. ESMA will likely use advanced analytics, including AI-powered tools, to detect anomalies, market abuse and other forms of misconduct. This will require firms to invest in their own data management and compliance infrastructures. They must ensure they can meet ESMA’s expectations for accurate, complete and timely data submissions.
  
  Another important aspect of ESMA’s 2026 agenda is promoting supervisory independence among NCAs. ESMA, together with the ESAs, will conduct joint assessments of supervisory independence. This ensures NCAs are free from undue influence and can take robust enforcement actions when necessary. This is particularly relevant where national interests may conflict with EU-wide objectives, such as supervising large cross-border groups or enforcing new sustainability requirements.
  
  For firms, enforcement actions will likely become more consistent and potentially more stringent across the EU. ESMA will continue to promote a common enforcement culture. This includes using common enforcement tools, publishing sanctions and administrative measures and sharing enforcement outcomes. Firms, particularly those newly subject to ESMA’s direct supervision, should ensure their compliance frameworks are robust enough for increased scrutiny. They must also prepare to respond to enforcement actions in a timely and effective manner.
• (iii) Retail investor protection
  
  Retail investor protection is a central pillar of ESMA’s 2026 AWP. This reflects both the EU’s political priorities and the evolving financial services landscape. The AWP underscores ESMA’s commitment to achieving greater convergence and consistency in supervisory approaches to investor protection. This is particularly important given technological innovation, the digitalisation of financial services and the evolving sustainable finance framework. The focus is on adequately protecting retail investors as they increasingly participate in EU capital markets, whether directly or through digital channels. This includes, in particular:
  
  1. Retail Investment Strategy (RIS):The EU’s RIS is a comprehensive framework aimed at enhancing the participation of retail investors in the financial markets. This strategy is designed to ensure that retail investors have access to a wide range of investment opportunities, while also being protected through robust regulatory measures. The primary objectives of the strategy include increasing transparency, improving financial literacy and ensuring that retail investors receive fair treatment. One of the key components of the RIS is the emphasis on transparency. This involves providing retail investors with clear and comprehensible information about investment products, including their risks and costs. The strategy mandates that financial institutions disclose all relevant information in a manner that is easily understandable, enabling investors to make informed decisions. Additionally, the strategy seeks to enhance the comparability of different investment products, allowing investors to evaluate their options more effectively. Improving financial literacy is another crucial aspect of the RIS. The EU recognises that a well-informed investor base is essential for the proper functioning of the financial markets. As such, the strategy includes initiatives aimed at educating retail investors about the basics of investing, the risks involved and the importance of diversification. These educational efforts are intended to empower investors to take control of their financial futures and make decisions that align with their long-term goals. Ensuring fair treatment of retail investors is also a central tenet of the strategy. This involves implementing measures to prevent conflicts of interest and ensuring that financial advisors act in the best interests of their clients. The strategy includes provisions for stricter oversight of financial advisors and the introduction of standards for professional conduct. By fostering a culture of integrity and accountability, the EU aims to build trust in the financial system and encourage greater participation from retail investors.Show Footnote The EU’s (formerly CMU now SIU-driven) RIS aims to enhance transparency, comparability and value for money for retail investors, while also simplifying and clarifying the information provided to them. ESMA is set to introduce new requirements for disclosures, costs, charges and benchmarks. ESMA is likely to be tasked with further developing technical standards and providing technical advice to the European Commission on these topics Firms will need to review and, where necessary, overhaul their disclosure practices to ensure compliance with new RIS requirements and ESMA guidelines. This includes providing clear, reliable and comparable information in both traditional and digital formats and ensuring that disclosures are tailored to the needs and understanding of retail investors. 
  
  2. Product governance and suitability: ESMA will review and potentially update its guidelines on product governance and suitability, considering the outcomes of 2025’s common supervisory actions and consultations on the retail investor experience. This will include a focus on the appropriateness of products offered to retail clients, the processes for assessing suitability and the governance of product design and distribution. Firms must ensure robust product governance frameworks, with clear processes for assessing the suitability and appropriateness of products for retail clients. This includes regular reviews of product performance, costs and target market definitions, as well as effective oversight of distribution channels.
  
  3. Digitalisation and the retail investor journey: The AWP highlights the increasing importance of digitalisation in the provision of investment services to retail clients. ESMA is conducting a holistic analysis of the “retail investor journey,” including how information is presented and accessed in digital environments, the use of digital marketing and social media and the risks and opportunities presented by new technologies such as AI. The aim is to ensure that digitalisation enhances, rather than undermines, investor protection. As digital channels become increasingly important, firms must pay close attention to the design and delivery of digital disclosures, the use of digital marketing and social media and the management of risks associated with online investment recommendations and the use of AI. Firms should be prepared for supervisory scrutiny of their digital practices, including through mystery shopping and thematic reviews.
  
  4. Thematic reviews and mystery shopping: ESMA will continue to coordinate thematic reviews and mystery shopping exercises across Member States, focusing on the quality of services provided to retail clients, the effectiveness of disclosures and the conduct of firms in digital and cross-border contexts. These exercises are designed to identify areas of potential consumer harm and to promote best practices among firms. Firms operating across multiple Member States should expect more consistent supervisory expectations and less scope for regulatory arbitrage. ESMA’s focus on cross-border activities means that firms must ensure compliance with harmonised standards and be prepared for coordinated supervisory actions.
  
  5. Financial education and awareness: In collaboration with NCAs, ESMA will promote financial education initiatives to increase retail investors’ understanding of investment products and processes. This is particularly important as the range and complexity of products available to retail investors continues to grow. Firms are encouraged to support financial education initiatives and to engage proactively with clients to enhance their understanding of investment products and processes. This not only supports regulatory objectives but can also enhance client trust and satisfaction.
  
  (a) Sustainable finance
  
  Supporting the EU’s sustainability agenda, ESMA will work to streamline sustainability-related requirements, enhance the quality of ESG disclosures and address greenwashing risks. The authority will build on previous work, including greenwashing reports and supervisory actions and will develop practical and digital supervisory tools to support NCAs and market participants. ESMA will also contribute to international standard-setting in sustainable finance.
  
  ESMA is working closely with the European Commission to streamline the regulatory framework for sustainability, aiming to reduce unnecessary burdens and ensure that requirements are both effective and proportionate. This includes leveraging the 2024 ESMA Opinion on simplifying the legislative framework and supporting the reduction of duplicative or inconsistent obligations for market participants. For regulated firms, this means that whilst the volume and complexity of sustainability-related rules may increase in the short term, there is a clear policy direction towards greater coherence and simplification in the medium term. Firms should monitor ongoing consultations and be prepared to adapt their compliance frameworks as new, more integrated requirements are phased in.
  
  A notable development in the 2026 AWP is ESMA’s specific attention to transition finance - the financing of activities and sectors that are moving towards greater environmental sustainability but are not yet fully “green.” ESMA will publish thematic notes on transition finance, providing guidance and expectations for market participants. This focus is likely to influence the design and marketing of financial products, the structuring of transition bonds and the assessment of transition plans by corporates and financial institutions. Firms should ensure that their transition finance strategies are robust, credible and well-documented, as these will be subject to increasing regulatory and supervisory scrutiny.
  
  From mid-2026, ESMA will assume direct supervisory responsibility for ESG rating providers and external reviewers of European Green Bonds. This is a significant regulatory development, as it introduces new registration, authorisation and ongoing compliance obligations for these entities. ESG rating providers will need to prepare for a rigorous application process, ongoing supervisory engagement and the possibility of enforcement action in the event of non-compliance. ESMA will also provide guidance and organise workshops to clarify regulatory expectations and facilitate the registration process. For issuers and users of ESG ratings and green bond reviews, this enhanced oversight is expected to improve the reliability and transparency of ESG assessments but may also lead to increased costs and operational requirements.
  
  (b) Effective use of data and technological innovation
  
  ESMA’s 2023–2028 Data Strategy underpins a multi-year transformation of how data is collected, processed and used by both regulators and market participants. In 2026, ESMA will continue to implement this strategy by developing the ESMA Data Platform - a cloud-based, collaborative environment designed to integrate data from multiple sources and provide advanced analytics and dashboards to both ESMA and NCAs. This platform will facilitate more efficient risk monitoring, supervision and supervisory convergence across the EU.
  
  A key element of this strategy is the drive towards integrated and simplified reporting frameworks. ESMA is working with the European Commission and other ESAs to streamline reporting requirements, eliminate duplicative or inconsistent obligations and promote the use of common data formats and identifiers (such as Legal Entity Identifiers (LEIs) and International Securities Identification Number (ISINs)). In 2026, firms can expect further progress on the holistic review of transactional reporting under Markets in Financial Instruments Regulation (MiFIR), European Market Infrastructure Regulation (EMIR) and Securities Financing Transactions Regulation (SFTR), as well as the development of integrated supervisory data collection for funds under Alternative Investment Fund Managers Directive (AIFMD) and Undertakings for Collective Investment in Transferable Securities (UCITS). The aim is to reduce compliance costs for firms while ensuring that regulators have timely access to high-quality, standardised data.
  
  A major milestone for 2026 will be the completion of the first phase of the European Single Access Point (ESAP). ESAP will provide a centralised portal for public access to financial, sustainability and capital markets information disclosed by regulated entities. For firms, this means that disclosures will need to be machine-readable, standardised and accessible to a wide range of stakeholders, including investors, analysts and regulators. The increased transparency and comparability of data will likely intensify market scrutiny and competition but also offer opportunities for firms that can leverage high-quality disclosures as a competitive advantage.
  
  ESMA is actively exploring the use of supervisory technology (SupTech) and regulatory technology (RegTech) to enhance its own supervisory capabilities and to support NCAs. In 2026, ESMA will continue to pilot and implement AI-powered tools for anomaly detection, market abuse prevention and data quality assurance. These tools are expected to improve the efficiency and effectiveness of supervision, enabling earlier identification of risks and more targeted interventions.
  
  For regulated firms, this signals a shift towards a more data-driven and technologically sophisticated supervisory environment. Firms should anticipate that supervisors will increasingly use advanced analytics and AI to detect patterns of non-compliance, market manipulation, or emerging risks. This will require firms to invest in their own data governance, analytics and compliance monitoring systems to ensure they can respond effectively to regulatory inquiries and demonstrate robust controls.
  
  Beyond data collection and analytics, ESMA is monitoring and supporting the adoption of innovative technologies such as blockchain, distributed ledger technology (DLT) and AI across the financial sector. The authority is participating in European and international workstreams on digital finance and will contribute to the implementation of the AI Act in the financial sector. ESMA will also continue to assess the impact of tokenisation and DLT on market structure, regulatory frameworks and the entities it supervises.
  
  Firms deploying AI or DLT in their business models should be prepared for increased regulatory scrutiny, including potential new guidelines on AI governance, risk management and transparency. ESMA’s monitoring of AI use cases and risks will inform future policy and supervisory convergence and firms should expect that best practices in AI ethics, explainability and risk controls will become increasingly important.
  
  ESMA recognises that the value of data-driven supervision depends on the quality and usability of the underlying data. In 2026, the authority will continue to issue data quality outputs, validation rules and technical reporting instructions and will work to foster data literacy both within ESMA and among NCAs. Firms should expect ongoing engagement with ESMA on data quality issues and may be required to participate in consultations or pilot projects aimed at improving data standards and reporting processes.  

2. ESMA’s work in key regulated sectors and entities

The 2026 AWP details ESMA’s planned activities across a broad range of sectors. Each sector has specific objectives aimed at promoting effective markets, financial stability, supervision convergence, retail investor protection, sustainable finance, technological innovation and effective use of data. This can be summarised as follows:

• a. Investment management:
  
  The investment management sector will experience significant regulatory and supervisory developments in 2026. ESMA’s focus will be on further harmonising the regulatory framework for alternative investment funds (AIFs), UCITS, money market funds (MMFs) and other collective investment vehicles. Notably, ESMA will issue new guidelines on the suspension of subscriptions and redemptions, providing clarity for competent authorities and market participants on when and how such powers should be exercised. This is particularly relevant in times of market stress, where liquidity management is critical.
  
  ESMA will also advance the integration of supervisory data collection under the AIFMD and UCITS regimes, aiming to reduce duplicative reporting and enhance data quality. Firms should prepare for more standardised and possibly more frequent data submissions, as well as increased scrutiny of leverage, liquidity and interconnectedness risks. The annual update of MMF stress testing guidelines will continue, reflecting evolving market conditions and risk factors.
  
  Sustainability remains a central theme, with ESMA finalising its project on tackling greenwashing risks in sustainable investment funds. Asset managers should expect heightened supervisory attention to the accuracy and substantiation of ESG claims, as well as the alignment of fund names and marketing materials with actual investment strategies and portfolio holdings. The sector will also be impacted by potential changes to the Packaged Retail and Insurance-based Investment Products (PRIIPs) Regulation and the Sustainable Finance Disclosure Regulation (SFDR) frameworks, which may introduce new or revised disclosure and governance requirements.
• b. Investment services:
  
  Continued work on Markets in Financial Instruments Directive II (MiFID II), Crowdfunding Regulation and the Investment Firms Regulation; emphasis on retail investor protection, cross-border services and simplification of reporting. For investment firms and providers of investment services, ESMA’s 2026 agenda includes a strong focus on retail investor protection, digitalisation and cross-border activity. The implementation of the RIS may bring new technical standards and guidance on disclosures, costs, charges and benchmarks. ESMA will also review and update guidelines on suitability and product governance, particularly in light of digital distribution channels and the increasing use of technology in client interactions.
  
  Supervisory convergence will be promoted through CSAs, peer reviews and the development of methodologies for consumer testing. Firms should anticipate more harmonised supervisory expectations across Member States, especially regarding the provision of cross-border services and the use of digital platforms for marketing and distribution. ESMA’s annual reports on cross-border investment services and crowdfunding will provide further insights into supervisory priorities and emerging risks.
• c. Issuer disclosure:
  
  Issuer disclosure requirements will continue to evolve, with ESMA playing a key role in the development and enforcement of rules under the Prospectus Regulation, Transparency Directive, Corporate Sustainability Reporting Directive (CSRD) and related frameworks. The implementation of the Listing Act will require issuers to adapt to new disclosure obligations, particularly regarding the timing and content of inside information disclosures.
  
  ESMA will update its Q&As and guidelines to reflect changes introduced by the Listing Act  and will monitor the implementation of these changes through annual market reports and enforcement activities. The authority will also contribute to the development of European Sustainability Reporting Standards (ESRS) and the endorsement of International Financial Reporting Standards (IFRS), ensuring that EU issuers remain aligned with global best practices. Issuers should prepare for increased scrutiny of both financial and sustainability disclosures, as well as potential changes to the Shareholder Rights Directive and the Taxonomy Regulation.
• d. Market integrity:
  
  Market integrity remains a core priority, with ESMA enhancing its supervisory convergence efforts under the Market Abuse Regulation (MAR) and the Short Selling Regulation (SSR). The authority will issue revised guidelines on the delayed disclosure of inside information, taking into account new rules introduced by the Listing Act. ESMA will also provide guidance on the prevention and detection of market abuse in crypto-asset trading, reflecting the growing importance of digital assets in EU markets.
  
  Firms should expect increased monitoring of suspicious transaction and order reports (STORs), as well as greater coordination between NCAs and ESMA in the detection and investigation of market abuse. The use of AI and advanced analytics in market surveillance will be explored, potentially leading to new supervisory expectations for firms’ own surveillance systems.
• e. Benchmark providers:
  
  ESMA’s direct supervision of benchmark administrators, particularly those providing critical or third-country benchmarks, will intensify. The authority will focus on the robustness and resilience of benchmark methodologies, as well as the transparency and governance of benchmark administration. The ongoing review of the Benchmarks Regulation (BMR) may result in new or revised supervisory mandates for ESMA, requiring firms to adapt their compliance frameworks accordingly.
  
  Following the completion of a CSA on ESG disclosures by benchmark administrators, ESMA will identify and implement follow-up actions to address any deficiencies or concerning practices. Administrators should ensure that their internal controls, periodic reporting and ESG disclosure practices meet the highest standards of accuracy and transparency.
• f. CRAs:
  
  Ongoing supervision of critical benchmarks (e.g., EURIBOR) and CRAs, with a focus on methodology robustness, transparency and compliance with evolving regulatory requirements. ESMA will continue its risk-based, data-driven supervision of EU-based CRAs, with a particular focus on business strategies, rating methodologies and operational resilience. The authority will closely monitor the use of AI-based tools in rating processes, as well as outsourcing practices and compliance with DORA.
  
  CRAs should expect updates to ESMA’s guidelines on disclosure and periodic reporting, as well as increased scrutiny of their governance and internal control frameworks. The authority will also maintain its engagement with international standard-setters and third-country supervisors, ensuring the continued integrity and comparability of credit ratings in the EU.
• g. ESG Rating Providers and External Reviewers:
  
  From mid-2026, ESMA will begin the registration and direct supervision of ESG rating providers and external reviewers of European Green Bonds. These entities will be subject to new authorisation, reporting and compliance requirements, with ESMA providing guidance and support during the initial registration phase. Firms in these categories should engage early with ESMA’s processes and ensure that their methodologies, governance and disclosure practices are robust and transparent.
• h. Market transparency infrastructures:
  
  ESMA’s supervision of market transparency infrastructures—including trade repositories (TRs), data reporting service providers (DRSPs) and securitisation repositories (SRs)—will focus on data quality, operational resilience and compliance with DORA. The authorisation and supervision of the first CTPs for bonds and equities will be a major development, requiring firms to adapt to new data reporting and transparency obligations.
  
  Firms should also prepare for the implementation of new or updated technical standards and guidelines, particularly in relation to EMIR, SFTR, MiFIR and the Securitisation Regulation.  ESMA’s annual reports on data quality and the use of transaction data will provide further insights into supervisory expectations and emerging risks.
• i. CCPs and CSDs:
  
  The supervision of CCPs and CSDs will be shaped by the implementation of EMIR 3 and the Central Securities Depositories Regulation (CSDR) Refit, with ESMA focusing on the resilience, governance and risk management of these critical market infrastructures. The transition to T+1 settlement will require significant operational changes, with ESMA playing a central role in coordinating the preparedness of the EU financial sector.
  
  CCPs and CSDs should expect new or revised technical standards, guidelines and reporting requirements, as well as increased participation in supervisory colleges and crisis management exercises. ESMA’s annual stress tests and peer reviews will continue to inform supervisory priorities and best practices.
• j. Trading, Crypto-assets and DLT:
  
  In the trading space, ESMA will oversee the implementation of revised MiFID II/MiFIR requirements, with a focus on transparency, market structure and the operation of CTPs. The authority will also continue its work on the implementation of the Markets in Crypto-Assets Regulation (MiCAR) and the DLT Pilot Regime, providing guidance on the authorisation and supervision of crypto-asset service providers (CASPs) and DLT market infrastructures.
  
  Firms active in these areas should prepare for new supervisory expectations around market surveillance, classification of crypto-assets and the prevention of market abuse. The use of AI and advanced analytics in both firm-level and supervisory surveillance will be a key area of focus.
• k. DORA
  
  DORA will remain a cross-cutting priority, with ESMA (in coordination with the other ESAs) overseeing the designation and supervision of CTPPs. All regulated entities will need to ensure compliance with new requirements on ICT risk management, incident reporting and operational resilience. ESMA will provide guidance and support to facilitate the consistent implementation of DORA across the financial sector.

3. ESMA’s own internal operational priorities:

As discussed in a standalone Client Alert, ESMA is embedding simplification and burden reduction (SBR) principles across all new mandates, aiming to reduce duplicative and inconsistent requirements. The expansion of ESMA’s mandates will be funded by new fee regimes, which will impact the cost structures of supervised entities. Firms should monitor ESMA’s SBR initiatives for opportunities to streamline compliance processes, but also budget for potential increases in supervisory fees. 

In terms of ESMA specific activities these can be summarised as follows:

• a. ESMA’s governance and external affairs
  
  ESMA’s 2026 AWP places significant emphasis on strengthening its own governance structures and external engagement. The authority is committed to ensuring the robust functioning of its governance bodies, including the Board of Supervisors, Management Board and the Securities and Markets Stakeholders Group (SMSG). This includes strategic planning, transparent reporting and effective communication both internally and with external stakeholders such as EU institutions, NCAs and international regulatory bodies.
  
  For regulated firms, this means ESMA will be a more visible and active participant in shaping the EU’s financial regulatory landscape. Firms can expect more frequent and structured opportunities for consultation, as ESMA seeks input through formal channels (e.g., working groups, open hearings and targeted outreach).
  
  ESMA’s focus on transparency and accessibility—such as making documents easily available and using infographics and social media—will also make it easier for firms to stay informed about regulatory developments and expectations.
• b. ESMA’s focus on its legal and compliance measures
  
  Internally, ESMA is prioritising the minimisation of legal risks and the enhancement of the legal soundness of its actions. This includes systematic legal review of all key documents, technical standards, guidelines and supervisory decisions. ESMA is also focused on defending its actions in case of legal challenge, handling requests for access to documents and promoting a strong compliance and integrity culture within the organisation.
  
  For regulated firms, this internal focus translates into more robust and defensible regulatory outputs. Firms should expect ESMA’s technical standards and guidelines to be more thoroughly vetted for legal clarity and consistency, reducing the risk of ambiguity or conflicting interpretations.  ESMA’s commitment to transparency in its own processes (e.g., handling complaints, access to documents) also sets a standard for regulated entities, particularly around good administration and data protection.
• c. ESMA’s human resources and organisational development
  
  ESMA’s People Strategy 2024–2028 and Diversity, Equity and Inclusion Strategy 2024–2027 underpin its internal HR priorities. The authority is investing in attracting and retaining diverse talent, promoting flexible talent management and fostering a culture of engagement and continuous learning. This includes competency-based recruitment, internal mobility, secondments and a wide range of training opportunities, including digital and bite-sized learning formats.
  
  The implications for regulated firms are potentially twofold. First, ESMA’s growing and increasingly skilled workforce will be better equipped to handle complex supervisory and policy challenges, leading to more sophisticated and data-driven supervision. Second, ESMA’s focus on diversity and inclusion may influence expectations for similar values and practices within regulated firms, especially as these themes become more prominent in the broader EU policy context.
• d. ESMA’s finance, procurement and fee structures
  
  With the expansion of its mandates, ESMA is also evolving its financial and procurement processes. The authority is integrating new fee-funding sources, such as those from ESG rating providers and external reviewers under the European Green Bond Framework and is working with the European Commission to streamline its fee model for greater flexibility and sustainability.  ESMA’s budget planning is increasingly activity-based, supported by advanced cloud-based tools and its procurement processes are being digitalised for efficiency.
  
  For regulated firms, this means that the cost of supervision may rise, particularly for those in newly supervised sectors. Firms should monitor ESMA’s fee consultations and budgetary developments, as changes in the fee model could impact their operational costs. The move towards more transparent and activity-based budgeting may also provide firms with greater clarity on how supervisory fees are determined and allocated.
• e. ESMA’s corporate services and ICT operations
  
  ESMA is committed to providing a modern, safe and sustainable working environment for its staff and visitors. This includes planning for new office premises, maintaining and adapting facilities and supporting environmental performance through the Eco-Management and Audit Scheme (EMAS). On the ICT front, ESMA is focused on maintaining and upgrading digital workplace tools, enhancing cybersecurity and ensuring business continuity through crisis preparedness drills.
  
  For regulated firms, ESMA’s investment in ICT and cybersecurity is particularly relevant. As ESMA strengthens its own digital infrastructure and resilience, it is likely to expect similar standards from regulated entities, especially in the context of DORA. Firms should anticipate more rigorous supervisory expectations around ICT risk management, incident reporting and cyber resilience.
• f. ESMA’s data strategy and digital transformation
  
  A cornerstone of ESMA’s internal priorities is the effective use of data and technological innovation. The authority is developing the ESMA Data Platform to integrate data from various sources, provide advanced analytics and support both internal and NCA users. ESMA is also exploring AI-powered tools for supervision, anomaly detection and market abuse prevention and is fostering data literacy within its organisation.
  
  For regulated firms, this signals a shift towards a more data-driven and technologically advanced supervisory approach. Firms will need to ensure high-quality, timely and accurate data reporting and may face increased scrutiny through advanced analytics and AI-driven supervisory tools.  ESMA’s own digital transformation will likely accelerate the adoption of similar technologies and practices across the industry.
• g. ESG in ESMA’s operations
  
  ESMA is integrating ESG considerations into its own operations, including setting targets for greenhouse gas emissions reduction and promoting diversity and inclusion. The authority’s internal ESG agenda is aligned with its external supervisory priorities, reinforcing the importance of sustainability across the financial sector.
  
  Regulated firms should note that ESMA’s internal ESG commitments are likely to inform its supervisory expectations and policy initiatives. Firms may be expected to demonstrate similar commitments to sustainability, diversity and responsible governance in their own operations and disclosures.

Outlook and next steps

ESMA’s 2026 AWP signals a period of significant regulatory and supervisory transition, with a strong focus on supporting the SIU Strategy, implementing new legislative mandates and enhancing the efficiency and resilience of EU capital markets. Market participants should anticipate increased supervisory scrutiny, particularly in areas such as digital operational resilience, sustainable finance and data reporting. Firms are advised to monitor ESMA’s outputs closely, ensure robust compliance frameworks and engage proactively with forthcoming regulatory developments.

Considering ESMA's 2026 AWP, financial services firms and market participants must prepare for a more rigorous and harmonised regulatory environment. The stronger emphasis on supervisory convergence and the implementation of new legislative frameworks such as DORA and MiCAR will necessitate significant adjustments in compliance strategies. Firms should anticipate increased scrutiny for existing but also new mandates from both ESMA and NCAs, in particular in areas such as digital operational resilience, sustainable finance and retail investor protection. It is imperative that all firms (not just those subject to direct ESMA supervision) proactively engage with these legislative, regulatory and supervisory developments, ensuring that their internal controls, governance structures and IT systems are robust and compliant with the evolving standards and expectations. Firms should anticipate more rigorous and coordinated supervisory actions, including joint on-site inspections and collaborative efforts within Colleges of Supervisors.

Moreover, the focus on enhancing data quality and leveraging technology for supervision underscores the need for firms to invest in advanced data management and reporting systems. The implementation of the ESAP and the development of a common data dictionary will require firms to ensure that their data is accurate, consistent and timely. This will not only facilitate compliance but also enable firms to better manage risks and improve operational efficiency. Additionally, the continued emphasis on sustainable finance and combating greenwashing will require firms to enhance their ESG disclosures and integrate sustainability risks into their business models.

Finally, the evolving market context, characterised by legislative and regulatory transitions as well as the overall shift to the SIU strategy, presents both challenges and opportunities for financial services firms and the wider market as well as for regulators and supervisors. The (welcome) shift towards a more agile framework, including one that embraces SBR, aims to reduce compliance burdens while promoting market efficiency and investor protection but it does not mean a scaling back in full. Firms should leverage this opportunity to streamline their operations, innovate and enhance their competitive edge but not hope for a reversal but rather targeted streamlining of standards and requirements. By aligning their strategies with ESMA's strategic priorities and thematic drivers, firms can navigate the complex legislative, regulatory and supervisory landscape effectively, contributing to a more resilient and sustainable financial sector in the EU.

About us

PwC Legal is assisting a number of financial services firms and market participants in forward planning for changes stemming from relevant related developments. We have assembled a multi-disciplinary and multijurisdictional team of sector experts to support clients navigate challenges and seize opportunities as well as to proactively engage with their market stakeholders and regulators.  

Moreover, we have developed a number of RegTech and SupTech tools for supervised firms, including PwC Legal’s Rule Scanner tool, backed by a trusted set of managed solutions from PwC Legal Business Solutions, allowing for horizon scanning and risk mapping of all legislative and regulatory developments as well as sanctions and fines from more than 2,500 legislative and regulatory policymakers and other industry voices in over 170 jurisdictions impacting financial services firms and their business.  

Equally, in leveraging our Rule Scanner technology, we offer a further solution for clients to digitise financial services firms’ relevant internal policies and procedures, create a comprehensive documentation inventory with an established documentation hierarchy and embedded glossary that has version control over a defined backward plus forward looking timeline to be able to ensure changes in one policy are carried through over to other policy and procedure documents, critical path dependencies are mapped and legislative and regulatory developments are flagged where these may require actions to be taken in such policies and procedures.   

The PwC Legal Team behind Rule Scanner are proud recipients of ALM Law.com’s coveted “2024 Disruptive Technology of the Year Award” as well as the “2025 Regulatory, Governance and Compliance Technology Award”.

If you would like to discuss any of the developments mentioned above, or how they may affect your business more generally, please contact any of our key contacts or PwC Legal’s RegCORE Team via de_regcore@pwc.com or our website.