Open search form Open menu
Search for an expert
Search
Financial Services
  • 21 Jul 2025
  • 16 min read

ESRB Annual Report on activities in 2024: Key developments, supervisory priorities and regulatory implications

Written by

Dr. Michael Huertas

RegCORE Client Alert | Financial Services

QuickTake 

The European Systemic Risk Board (ESRB) published its Annual Report on its activities in 2024 (the Report) in July 2025.  The Report assesses the impact of external shocks—including heightened geopolitical tensions, US trade restrictions and climate-related risks—on financial stability and outlines the resilience of banks, non-bank financial institutions (NBFIs) and critical financial infrastructure. It further details the evolution of macroprudential policy, stress testing exercises and the need for enhanced data sharing and coordinated regulatory responses to address emerging risks to the EU’s financial system and actions to be taken by the European System of Financial Supervision (ESFS). 

As explored in this Client Alert, the Report is especially relevant for regulated firms (across all sectors in the EU) as it signals both current supervisory priorities and anticipated regulatory developments that will shape compliance, risk management and strategic planning. This Client Alert should be read with standalone reports in this series assessing the key takeaways from Annual Reports of a similar nature as issued by the European Supervisory Authorities (EBA, ESMA and EIOPA) as well as the Banking Union supervisory authorities (ECB-SSM and SRB). 

Key takeaways from the Report

The Report focuses on a number of headline issues that the ESRB advanced during 2024. These include:

I. Systemic risk environment and supervisory focus

1. Geopolitical and macroeconomic risks

  • The Report highlights heightened geopolitical tensions (notably in the Middle East and Ukraine), trade restrictions (including significant US tariffs) and their impact on market volatility, inflation and economic growth.
  • Regulated firms must anticipate increased scrutiny of their exposures to geopolitical and trade risks, particularly those with significant cross-border activities or dependencies on vulnerable sectors.

2. Real estate market vulnerabilities

  • Both residential and commercial real estate (CRE) markets remain under close observation. While residential prices have rebounded, CRE markets show signs of stabilisation but with persistent downside risks.
  • Firms with material real estate exposures should expect continued supervisory focus on credit standards, risk-weighted asset calculations and the adequacy of capital and provisioning.

3. Cyber and hybrid threats

  • The nexus between cybercrime and nation-state actors is identified as a growing source of systemic risk. The ESRB, together with the ESAs, has established a pan-European Systemic Cyber Incident Coordination Framework.
  • The Report reminds regulated firms must ensure robust cyber resilience, incident response and information-sharing protocols, aligning with the Digital Operational Resilience Act (DORA) and related EU-level frameworks.

II. Macroprudential policy and regulatory developments

4. Countercyclical capital buffer (CCyB) and positive neutral rate

  • There is a trend towards the early and proactive build-up of CCyBs, even when systemic risks are not elevated (“positive neutral” approach). Seventeen EEA countries have adopted this framework.
  • Some banks must factor in higher baseline capital requirements and ensure that capital planning is sufficiently forward-looking to accommodate earlier buffer activation and potential releases during stress.

5. Buffers for systemically important institutions

  • The Report notes continued heterogeneity in the setting of buffers for other systemically important institutions (O-SIIs) and global systemically important institutions (G-SIIs), with a focus on ensuring that additional capital is not “double geared” within banking groups.
  • Some systemically important firms should expect ongoing review of buffer calibration and possible moves towards greater harmonisation and reciprocity across the EU.

6. Non-Bank Financial Intermediation (NBFI)

  • The ESRB is pushing for enhanced macroprudential tools for NBFIs, including leverage limits (as seen in Luxembourg and Ireland for certain alternative investment funds), improved liquidity management and harmonised leverage definitions.
  • Some asset managers, insurers and pension funds should anticipate stricter leverage controls, enhanced liquidity stress testing and greater transparency requirements, especially for funds with complex or cross-border structures.

7. Money market funds (MMFs) and investment funds

  • The ESRB continues to press for reforms to address vulnerabilities in MMFs, including the introduction of fluctuating net asset values, higher liquidity requirements and mandatory liquidity management tools.
  • Some MMFs and investment funds should prepare for legislative changes that may affect product design, redemption policies and investor disclosures.

8. Central clearing and margining

  • The ESRB supports increased central clearing in government bond and repo markets and calls for margin requirements in bilaterally cleared transactions.
  • All market participants, including NBFI, must take steps to ensure margin preparedness and robust liquidity management to meet margin calls during periods of market stress.

III. Data, reporting and supervisory coordination

9. Enhanced data sharing and reporting

  • The ESRB calls for improved access to granular, high-quality data and removal of legal obstacles to data sharing between the ESAs and the ESRB.
  • A number of regulated firms should expect expanded and more frequent data requests, particularly regarding derivatives, securitisation and fund exposures and should (further) invest (and evidence this) in data infrastructure and governance.

10. Cross border and cross-sectoral coordination

  • The ESRB is strengthening frameworks for the reciprocation of macroprudential measures across Member States to prevent regulatory arbitrage and ensure a level playing field.
  • Firms operating in multiple jurisdictions must monitor and comply with both home and host country macroprudential measures, including sectoral buffers and borrower-based limits.

IV. Compliance and Enforcement

11. “Comply or Explain” regime

  • The ESRB uses the Report to remind readers that its published “recommendations”, while not legally binding, are subject to a “comply or explain” regime and compliance is closely monitored and publicly reported.
  • Firms should be aware that non-compliance or inadequate explanations may attract supervisory attention and reputational risk.

12. Supervisory engagement and accountability

  • The ESRB’s increased engagement with the European Parliament and other EU institutions signals a more transparent and accountable macroprudential regime.
  • Regulated firms should anticipate more direct communication from supervisors regarding systemic risk assessments and policy changes.  

The ESRB also uses the Report to point the spotlight on what it sees as risks to the stability and operation of the EU’s financial system. These include:

13. Systemic risk landscape and financial sector resilience

  • Despite a modest improvement in EU economic growth (real GDP growth of 0.8% in 2024), the outlook remains subdued due to ongoing uncertainties. Inflation moderated in early 2025, supporting household resilience through lower unemployment and financing costs.
  • Corporate vulnerabilities persisted, with rising insolvencies and profit pressures, particularly among smaller firms and those with significant US exposures. The household sector remained robust, aided by a rebound in real estate prices. 

14. Key risk areas

  • Geopolitical and macroeconomic shocks: The materialisation of such risks could result in balance sheet stress for non-financial corporations and trigger disorderly market corrections, potentially amplified by the non-bank sector.
  • Sovereign debt sustainability: Elevated public debt-to-GDP ratios and increased defence spending requirements pose fiscal sustainability challenges for several EU Member States.
  • Banking sector: While banks posted record profits and maintained strong capital positions (EU banking sector return on equity at 10.5% in Q4 2024), future challenges include potential funding pressures, asset quality deterioration (notably in CRE and SME portfolios) and operational risks from cyber threats.
  • Real estate: Residential real estate prices rebounded in 2024, while commercial real estate (CRE) markets showed signs of stabilisation but remain vulnerable to structural and cyclical risks.
  • Cyber and hybrid risks: The incidence of cyberattacks reached new highs in 2024, with the ESRB and ESAs establishing a pan-European systemic cyber incident coordination framework to enhance preparedness and response.

15. Policy developments and regulatory initiatives

  • As discussed below, the ESRB advanced a system-wide approach to macroprudential policy, recommending activity-based regulation to address risks in asset management, clearing and lending, regardless of whether activities are conducted by banks or NBFI.
  • The Report highlights the need for harmonised regulation of crypto-assets, noting divergent approaches between the EU (MiCAR) and the US and the potential risks from stablecoin multi-issuance schemes.
  • The ESRB supported international proposals to enhance margin preparedness and transparency in centrally cleared markets and called for further legislative action to address vulnerabilities in money market funds and investment funds.
  • Sector-specific policy work included proposals to strengthen the prudential framework for banks (notably through the positive neutral approach to the countercyclical capital buffer) and NBFI (including leverage limits for alternative investment funds and enhanced liquidity management tools for investment funds). 

16. Review of national macroprudential measures

  • Most EEA countries tightened macroprudential policy stances, particularly through increases in countercyclical capital buffer (CCyB) rates and the introduction of new or sectoral systemic risk buffers (SyRBs).
  • Borrower-based measures (BBMs) were adjusted in several countries, with new LTV, DSTI and maturity limits introduced in Bulgaria and Croatia and targeted loosening for green loans in Hungary and Norway.
  • Risk weight measures for real estate exposures were implemented or extended in Norway and the Netherlands, while some countries removed stricter risk weights following the implementation of revised EU capital requirements.
  • The ESRB continued to recommend the reciprocation of key national measures to ensure a level playing field and prevent regulatory arbitrage. 

17. Institutional developments and accountability

  • The ESRB maintained high levels of compliance with its recommendations, with most addressees assessed as “fully compliant” or “largely compliant.” However, the European Commission was found “materially non-compliant” with recommendations on money market fund reform.
  • The High-Level Group on the ESRB Review issued strategic recommendations to strengthen the ESRB’s holistic approach, including the introduction of a top-down system-wide stress test and improved access to granular data.
  • The ESRB continued its engagement with the European Parliament and other EU institutions, emphasising the importance of a robust, system-wide regulatory framework and enhanced data sharing to address emerging risks. 

The Report underscores the resilience of the EU financial system but highlights a complex and evolving risk landscape shaped by geopolitical, macroeconomic, technological and climate-related challenges. Accordingly, the Report advocates for a shift from entity- to activity-based regulation plus the development of new policy tools for both banks and NBFIs will be critical in addressing the risks and vulnerabilities identified in the supervisory cycles ahead.

A shift from entity-based to activity-based regulation

The Report explicitly advocates for a transition from a predominantly entity-based regulatory framework—where rules and oversight are focused on specific types of financial institutions (e.g., banks, insurers, investment funds)—to a more activity-based approach. This shift is rooted in the recognition that financial activities such as asset management, clearing and lending are increasingly performed by a diverse range of entities, including both banks and NBFIs. The traditional entity-based approach, while effective in a bank-centric system, is now seen as insufficient to address systemic risks that can arise from similar activities conducted outside the banking sector.
The ESRB justifies the need for a system-wide approach—one that combines both entity-based and activity-based regulation—by highlighting the profound changes in the structure and functioning of the EU financial system. Historically, regulation focused on specific types of entities (such as banks, insurers, or investment funds), which was effective in a bank-centric environment. However, the financial landscape has evolved:

Key points from the Report include:

  • Diversification of financial intermediation: Lending, asset management and clearing activities are now performed by a wide range of entities, including NBFIs, not just traditional banks.
  • Interconnectedness and interdependencies: The lines between different sectors (banks, insurers, investment funds, etc.) have become increasingly blurred. Activities and risks can now propagate across sectors, amplifying vulnerabilities and potentially leading to systemic crises. Where current legislation is fragmented, with different rules for different types of entities and does not adequately account for the interactions between them. For example, central counterparties (CCPs), clearing members and bank clients form an integrated ecosystem where risks can be absorbed or amplified across sectors.
  • Risk shifting and regulatory arbitrage: When regulation targets only certain entities, there is a risk that activities—and their associated risks—will migrate to less regulated sectors, undermining the effectiveness of macroprudential oversight.
  • System-wide approach: The ESRB calls for a system-wide approach to macroprudential policy, combining the prevailing focus on entities with a focus on activities. This approach is designed to capture vulnerabilities and risks in the context of the business model of each entity type, regardless of whether the activity is performed by a bank or a non-bank.
  • Regulatory perimeter expansion: Given the above, the Report notes that current regulation does not sufficiently account for the potential impact on financial stability of activities performed by entities outside the traditional regulatory perimeter. Some forms of asset management, for example, are not subject to any EU-wide prudential regulation.
  • Policy proposals: The ESRB recommends that the European Commission consider expanding the regulatory perimeter and introducing reporting requirements for more opaque forms of asset management. It also suggests the introduction of margin requirements in bilaterally cleared government bond cash and repo transactions and the establishment of activity-based regulation for lending, enabling authorities to set borrower-based measures (BBMs) and exposure concentration limits on highly indebted firms, regardless of the lender’s status as a bank or non-bank.
  • Activity-based tools: The ESRB suggests introducing borrower-based measures and exposure concentration limits that apply to all lenders, not just banks and margin requirements for certain transactions regardless of the entity involved.
  • Harmonisation and coordination: The ESRB stresses the need for harmonised rules and better coordination among supervisory authorities to address cross-sectoral and cross-border risks.


By focusing on both who is performing an activity (entity-based) and what the activity is (activity-based), authorities can better identify, monitor and mitigate risks that may arise anywhere in the financial system, regardless of the legal form of the entity and thus apply a “same rules to same activity” substance over form approach.

The ESRB’s system-wide approach is reflected in its response to the European Commission’s consultation on the adequacy of macroprudential policies for non-bank financial intermediation and in its policy work on asset management, clearing and lending. The Report also highlights the need for harmonisation and clarification of the regulatory perimeter for crypto activities and the implementation of international recommendations on margining. 

Strategic and operational implications for regulated firms

In light of the above and the ESRB’s views expressed in the Report, regulated firms (across all sectors) should consider reviewing their readiness and steps for tackling the following focus areas that the ESRB as well as the wider breadth of stakeholders in the ESFS. 

1. Capital and liquidity planning

  • Firms should (further) integrate macroprudential buffer requirements, stress test outcomes and liquidity risk indicators into their capital and funding strategies.

2. Risk management and governance

  • Enhanced focus on cyber resilience, climate-related risks and cross-sectoral exposures requires firms to update risk frameworks, scenario analysis and board-level oversight.

3. Product and business model adaptation

  • Anticipated EU-level regulatory changes may affect the viability of certain products (e.g., MMFs, highly leveraged funds) and business models (e.g., non-bank lending, cross-border activities).

4. Regulatory change management

  • Firms should establish robust regulatory watch and change management processes to track and implement evolving EU and national requirements, including those stemming from ESRB recommendations and ESAs’ technical standards.

The shift to activity-based regulation, as described by the ESRB, has significant and far-reaching implications for regulated firms across the EU financial sector:

5. Expansion of regulatory perimeter and scope: 

  • Firms engaged in financial activities that were previously outside the direct scope of prudential regulation—particularly non-bank lenders, asset managers and entities involved in clearing—should anticipate being brought within the regulatory perimeter.
  • Activities such as lending, asset management and clearing will be subject to new or enhanced regulatory requirements, even if performed by non-traditional entities.

6. New and enhanced reporting requirements

  • The ESRB calls for the introduction of reporting requirements for currently less transparent or unregulated activities, especially in asset management. Firms should prepare for increased data collection, reporting and transparency obligations.

7. Application of macroprudential tools to Activities, not just entities

  • Macroprudential measures such as borrower-based measures (BBMs), leverage limits and exposure concentration limits may be applied based on the nature of the activity rather than the type of institution.
  • As an example, the ESRB expresses its view that non-bank lenders could be subject to the same BBMs as banks. This could level the playing field but also increase compliance complexity for firms operating across multiple activities and legal forms.

8. Increased supervisory scrutiny and harmonisation

  • Supervisors will focus more on the risks posed by specific activities, regardless of the entity performing them. This may result in more harmonised rules across sectors and a reduction in regulatory arbitrage opportunities.
  • Firms with cross-sectoral or cross-border business models may need to ensure (greater) compliance with a broader and more harmonised set of rules.

9. Strategic and operational adjustments

  • Firms may need to reassess their business models, product offerings and risk management frameworks to ensure compliance with activity-based requirements.
  • Investment in systems, controls and governance will be necessary to meet new reporting and risk management standards.

10. Enhanced data and coordination requirements

  • The ESRB stresses the need for better data and coordination among authorities. Firms should expect more granular and frequent data requests and may be required to participate in system-wide stress testing and risk assessments that cut across traditional sectoral boundaries.

11. Implications for innovation and new entrants

  • FinTechs, crypto-asset service providers and other new market entrants may face increased regulatory scrutiny as their activities become subject to activity-based rules, reducing the regulatory gap between them and traditional financial institutions.

Outlook

The ESRB’s Report signals a period of heightened regulatory vigilance, increased macroprudential intervention and a move towards a more integrated, system-wide approach to financial stability. More fundamentally the ESRB uses the Report to communicate a clear policy direction towards activity-based regulation, reflecting the realities of a more interconnected and diversified financial system. For regulated firms, this means preparing for a regulatory environment where the nature of the activity, rather than the legal form of the entity, determines the applicable rules and supervisory expectations. Proactive adaptation—through enhanced compliance, risk management and strategic planning—will be essential to navigate this evolving landscape and maintain competitiveness and resilience.

Regulated firms should thus step up their efforts to proactively assess their exposures, enhance their risk management and compliance frameworks and prepare for a more complex and dynamic regulatory environment. Early engagement with supervisors, investment in data and technology and strategic adaptation will be critical to maintaining resilience and competitiveness in the EU’s evolving financial landscape. 

About us

PwC Legal is assisting a number of financial services firms and market participants in forward planning for changes stemming from relevant related developments. We have assembled a multi-disciplinary and multijurisdictional team of sector experts to support clients navigate challenges and seize opportunities as well as to proactively engage with their market stakeholders and regulators.

Moreover, we have developed a number of RegTech and SupTech tools for supervised firms, including PwC Legal’s Rule Scanner tool, backed by a trusted set of managed solutions from PwC Legal Business Solutions, allowing for horizon scanning and risk mapping of all legislative and regulatory developments as well as sanctions and fines from more than 2,500 legislative and regulatory policymakers and other industry voices in over 170 jurisdictions impacting financial services firms and their business.

Equally, in leveraging our Rule Scanner technology, we offer a further solution for clients to digitise financial services firms’ relevant internal policies and procedures, create a comprehensive documentation inventory with an established documentation hierarchy and embedded glossary that has version control over a defined backward plus forward looking timeline to be able to ensure changes in one policy are carried through over to other policy and procedure documents, critical path dependencies are mapped and legislative and regulatory developments are flagged where these may require actions to be taken in such policies and procedures.

The PwC Legal Team behind Rule Scanner are proud recipients of ALM Law.com’s coveted “2024 Disruptive Technology of the Year Award” and the “2025 Regulatory, Governance and Compliance Technology Award in 2025”.

If you would like to discuss any of the developments mentioned above, or how they may affect your business more generally, please contact any of our key contacts or PwC Legal’s RegCORE Team via de_regcore@pwc.com or our website

Contact us

Dr. Michael Huertas

Partner Frankfurt am Main
Financial Services

Tel.  +49 160 97375760

Email  E-Mail

Show profile

Other Expert Articles and Blogs

Litigation, Arbitration
Together or alone? The unexplored potential of caucus in the German mediation landscape
  • 17 Jul 2025
  • 13 min read
Financial Services
Court of Justice of the European Union clarifies obligations of bankruptcy courts to assess unfair contract terms in consumer insolvency proceedings
  • 14 Jul 2025
  • 12 min read
Financial Services
Court of Justice of the European Union clarifies expectations on consumer protection and mortgage enforcement
  • 03 Jul 2025
  • 13 min read
All Expert Articles and Blogs