ARTICLE
11 February 2025

ESMA Publishes Its Programming Document 2026-2028

PL
PwC Legal Germany

Contributor

PwC Legal Germany logo
In today’s rapidly evolving marketplace, our clients are increasingly concerned with business collaborations, restructuring, mergers and acquisitions, financing and questions of social responsibility. They need legal security when dealing with such complex issues. That is why we work closely with PwC’s tax, human resources and finance experts and draw on the resources of our legal network in more than 100 countries to deliver comprehensive advice. Whether a global player, a public body or a wealthy individual, each client can rely on a personal account manager to address his or her specific legal needs. This dedication helps us ensure our client’s long-term business success. PwC Legal. More than 220 lawyers at 18 locations. Integrated legal advice for the real world.
Explore Firm Details
As explored in an earlier Client Alert,Show Footnote the European Securities and Markets Authority (ESMA) published its annual work programme (AWP) for 2025 on 1 October 2024.
European Union Finance and Banking
Michael Huertas
Your Author LinkedIn Connections

RegCORE Client Alert | Capital Markets Union

QuickTake

As explored in an earlier Client Alert,a.jpg the European Securities and Markets Authority (ESMA) published its annual work programme (AWP) for 2025 on 1 October 2024. ESMA's AWP sets out what the authority will focus on and how it will approach key strategic priorities and the implementation of new mandates.a.jpg ESMA, like some of its sister authorities, also publishes a multi-year priority plan in what is known as a Single Programming Document (SPD). Both the AWPs and SPDs are of relevance to national competent authorities (NCAs) and more importantly to the relevant firms within the scope of ESMA's and NCA's regulatory and supervisory mandate.

On 31 January 2025 ESMA published its SPD i.e., the 2026-2028 Programming Document.a.jpg The SPD for 2024-2026 was published on 31 January 2024. Both SPDs build upon the longer-term 'ESMA Strategy 2023-2028,' published in October 2022.a.jpg Markets and geopolitical realities have however certainly changed considerably since then.

As with ESMA's 2025 AWP, the 2026-2028 SPD, which also hints at what will be in the SPD for 2027-2029, sets out what, how and by when ESMA will advance certain key priorities, publications (in particular technical standards and guidelines) as well as operationalisation of ESMA's new mandates that extend or refine how it directly supervises various types of market participants.

Like with the 2025 AWP, the 2026-2028 SPD also in numerous instances indicates that ESMA will, within the aspects in its control, advance points raised in its Position Paper "Building More Effective and Attractive Capital Markets in the EU" (the ESMA CMU Position Paper).a.jpg This is certainly the case concerning ESMA's contribution to the completion of the EU's Capital Markets Union (CMU), albeit now with the current (less catchy but perhaps more (national) politically palatable) rebrand as an "European Savings and Investment Union (E-SIU)".

As in previous publications, ESMA's SPD for 2026-2028 is structured to address the evolving market context, legislative and regulatory changes as well as technological advancements impacting the financial services sector and those financial market participants within its mandate. As a regulator, ESMA is the gatekeeper of parts of the Single Rulebook for financial services and is tasked with ensuring regulatory and supervisory convergence among NCAs and across markets. Accordingly, ESMA shapes how NCAs apply the legislative and regulatory requirements as well as ESMA's expectations in the supervision of financial market participants within ESMA's mandate. That being said, ESMA also directly supervises credit rating agencies (CRAs), trade repositories (TRs), securitisation repositories (SRs), data reporting service providers (DRSPs), certain benchmark administrators EU and systemically important third-country central counterparties (CCPs). As of 2025, ESMA will begin with the selection of consolidated tape providers (CTPs), supervised as DRSPs and ESMA will, in the context of the EU's Regulation for a Digital Operational Resilience Act (DORA),a.jpg equally oversee designated critical third-party service providers (CTPPs) jointly with its sister European Supervisory Authorities (ESAs), the European Banking Authority (b) and the European Insurance and Occupational Pensions Authority (EIOPA).

This Client Alert discusses the relevant issues and key legal and regulatory considerations for relevant market participants stemming from the 2026-2028 SPD. This Client Alert should be read together with other thematic deep dives on reforms and developments as well as our standalone analysis of all relevant 2025 work programmes from the European Commission, the ESAs as well as those of the Banking Union authorities (ECB-SSM and SRB). Readers may also find benefit in consulting "Navigating 2025", a comprehensive playbook providing a more granular annual outlook from PwC Legal's EU RegCORE on the forthcoming regulatory policymaking agenda, the supervisory cycle and assessment of any commonalities and trends across plans for 2025 and beyond.

Key takeaways from ESMA's 2026-2028 SPD

As in previous years ESMA uses its 2026-2028 SPD to outline its strategic priorities and communicate a comprehensive roadmap plus resourcing plan for ESMA's activities and publications. Primarily, these publications take the form of Guidelines, Implementing Technical Standards (ITS) and Regulatory Technical Standards (RTS) that are mandated to be published along with other rulemaking instruments and statements (Q&As, Opinions and Supervisory Briefings) setting out ESMA's supervisory expectations as addressed to NCAs and market participants. ESMA expects that firms stay abreast of these communications and expectations to ensure compliance and avoid potential enforcement actions.

While the ESMA's SPD 2026-2028 general direction of travel is in keeping with previous AWPs and SPDs, the 108 pages of this current SPD details what it plans to do with respect to (a) strategic priorities and thematic drivers as well as (b) key regulated sectors and entities (both within its direct supervisory mandate as well as where ESMA coordinates the activities of NCAs):

The SPD 2026-2028's strategic priorities and thematic drivers – which include:

1. Effective markets and financial stability:

ESMA aims to contribute to the development of a meaningful, proportionate and effective Single Rulebook (certainly for the Chapters) within its remit. This includes ESMA assisting in:

  • Development of the CMU to a Savings and Investments Union (E-SIU): ESMA will support (i) the creation of an integrated Single Market in financial services by promoting global standards and (ii) the E-SIU's efforts on re-focusing priorities from previous ESMA AWPs and CMU and action plans.
  • Future-proofing the Single Market for financial services: ESMA will lead on the selection, authorisation, and supervision of consolidated tape providers, the establishment of a one-stop shop for financial disclosures in the European Single Access Point (ESAP) and the transition to a shorter settlement cycle (T+1), which ESMA has recommend is achieved by what it considers to be the "optimal date" of Monday 11 October 2027.a.jpg The compression of the settlement cycle to T+1 aims to reduce risk in the system, which should translate into lower margin requirements, reduced costs and improve the competitiveness of EU markets.
  • Risk monitoring and financial stability: ESMA will continuously monitor market developments and new financial activities to assess risks to investors, markets and financial stability. This includes bi-annual Trends, Risks and Vulnerabilities (TRV) reports and the ESMA Market Report series. ESMA also plans in line with the EMIR 3 reforms to focus on enhancing CCP resilience by updating the CCP rulebook, conducting CCP stress tests, promoting supervisory convergence, including by conducting peer reviews of CCP supervision by NCAs as well as establishing and chairing a Joint Monitoring Mechanism (JMM) to monitor clearing developments and interconnectedness risks.

2. Effective supervision:

One of ESMA's core objectives includes promoting a common, effective, risk-based, data-driven and outcome-focused supervisory and enforcement culture across EU supervisors and more efficiency in the regulatory framework (including reflecting and delivering upon recommendations from the Draghi and Letta Reports).a.jpg Key activities during the 2026–2028 period (and indeed in further SPDs and AWPs) include a focus on:

  • New mandates: ESMA will experience a significant evolution in the coming years as new entities will fall under its remit including Consolidated Tape Providers (CTPs), external verifiers of EU Green Bonds and ESG rating providers. ESMA will in addition have an enhanced role as regards EU CCPs. Together with the other European Supervisory Authorities, ESMA is also establishing a joint team to oversee critical ICT third-party providers and contribute to strengthen the resilience of the financial system to information security risk in line with DORA. Under CSDR Refit changes, ESMA will also participate in supervisory colleges of certain central securities depositories (CSDs). More crucially ESMA has a number of tasks on its to do list as part of the full operationalisation of the EU's legislative, regulatory and supervisory framework, since 30 December 2024 under the Markets in Crypto-Assets Regulation (MiCAR) and since 17 January 2025 on DORA – details of which are discussed in dedicated coverage in a series of Client Alerts.
  • Amendments to existing direct supervision: ESMA will make targeted amendments in how and whom it directly supervises Credit Rating Agencies (CRAs), Trade Repositories (TRs), Securitisation Repositories (SRs), Benchmark Administrators and certain Data Reporting Service Providers (DRSPs). These firms may face more rigorous and data-driven supervision, requiring ever more robust internal controls and compliance systems. ESMA also expects these firms to place a greater emphasis on mitigating supervisory risks, necessitating proactive risk management and compliance strategies.
  • Supervisory convergence: ESMA plans to step up its work with NCAs to further develop a common understanding of key risks and promote effective supervisory practices and more consistent enforcement actions across the EU.

3. Retail investor protection:

Another core task of ESMA is achieving greater convergence and consistency in NCAs' supervisory approaches and practices related to investor protection, particularly in light of technological developments and the evolution of the sustainable finance framework. This includes:

  • Monitoring retail investor trends: ESMA will make greater use retail risk indicators to identify potential causes of consumer and investor harm and review product-related consumer trends. ESMA will increased scrutiny on financial services firms' marketing practices, especially those involving social media and innovative products and together with NCAs be clearer in requiring firms to adopt transparent and compliant marketing strategies.
  • Simplification of disclosures: ESMA will increase its efforts to ensure that financial services firms and market participants use simplified disclosures and clear language to enhance retail investor participation in capital markets. Furthermore, financial services firms must be prepared for potential regulatory changes under the Retail Investment Strategy (RIS)a.jpg, including new disclosure requirements and principles on cost transparency.

4. Sustainable finance:

ESMA remains committed to facilitating the EU's transition towards a more sustainable economy, promoting high-quality sustainability disclosures and addressing greenwashing risks. This includes specifically:

  • Addressing greenwashing risks: ESMA will monitor and mitigate greenwashing risks in the funds industry and promote high-quality sustainability disclosures.
  • Enhancing ESG expertise: ESMA will support the development of supervisors' ESG expertise through targeted training and capacity-building initiatives.

5. ESMA's effective use of data and technological innovation:

During 2026 to 2028, ESMA aims to deliver on its Data Strategy and enhance its role as a data hub plus data driven regulator, improve data access and quality and leverage technological innovations such as artificial intelligence (AI) and blockchain for supervisory purposes. Key initiatives include:

  • ESMA's delivery of its "Data Strategy" and role as a data hub: is set to grow through the implementation of the subsequent phases of the ESAP for financial market information. ESAP aims to help enhance market transparency and promote investor protection. ESMA will, as part of its wider Data Strategy progress with implementing integrated reporting envisaged under the AIFMD and UCITS Directives. This serves to reduce compliance costs for market participants and enhance the quality of data for relevant authorities notably for UCITS where a new EU-wide reporting regime is to be established. Moreover, the creation of a CCP supervisory database under EMIR 3 and the expansion of ICT systems resulting from reforms from the MiFIR review will trigger compliance action points by financial services firms as well as ESMA's own organisational set-up
  • Development of the ESMA Data Platform: This platform will integrate data from various sources to improve risk monitoring and supervisory convergence. Equally, as a result of RIS, ESMA may need to develop benchmarks and tools allowing the comparison of information on the cost and performance of investment funds, to facilitate retail investors' access to information on whether investment products offer good value for money
  • AI-powered tools for supervision: ESMA will explore the use of AI for anomaly detection and market abuse prevention.

ESMA's priorities in the SPD 2026-2028 for key regulated sectors and entities:

A. Investment management:

ESMA will focus on the development of the Single Rulebook for the investment management sector, including AIFMD, UCITS, MMF Regulation and SFDR. Notable activities include:

  • Guidelines on fund suspensions: ESMA will develop guidelines for NCAs on the activation of fund suspensions. Enhanced stress testing and risk monitoring will require firms to strengthen their liquidity and leverage management practices.
  • Tackling greenwashing: A project on tackling greenwashing risk in the sustainable investment fund market will be finalised. Firms must comply with new guidelines on fund suspensions, greenwashing risk management and integrated supervisory data collection.

B. Investment services:

ESMA will continue to develop the single rulebook for the investment services sector, focusing on retail investor protection and supervisory convergence. Key activities include:

  • Mystery shopping exercises: Increased coordination of mystery shopping exercises to assess services provided to retail clients. An increased focus on cross-border investment services will require firms to enhance their compliance with EU-wide supervisory practices.
  • Prudential regime for investment firms: Cooperation with the EBA on the development of the prudential regime for investment firms and new technical standards which may require some firms to review and possibly adjust their capital and risk management framework.

C. Issuer disclosure standards:

ESMA will promote supervisory convergence in financial and sustainability reporting, the EU's Prospectus Regulation framework and corporate governance. Enhanced disclosure requirements under the Prospectus Regulation and the Listing Act's reforms will necessitate more comprehensive and transparent reporting. Some firms must equally further align their reporting practices with updated European Sustainability Reporting Standards (ESRS) and International Financial Reporting Standards (IFRS). ESMA's key activities include:

  • Annual European common enforcement priorities (ECEP): Supervisory convergence through ECEP and subsequent reporting.
  • Support for digital reporting requirements: Implementation of new digital reporting requirements under the European Single Electronic Format (ESEF).

D. Market integrity:

ESMA will step up its focus on monitoring market developments, enhancing coordination under the Market Abuse Regulation (MAR) and the Short Selling Regulation (SSR). Firms must ensure robust market surveillance and compliance with MAR and SSR requirements. Increased scrutiny by ESMA and NCAs on social media and AI in trading may require some firms to adopt advanced monitoring and compliance tools.

Outlook and next steps

In light of ESMA's 2025 AWP but also the communicated outlook set out in the 2026-2028 and the 2027-2029 SPDs, financial services firms and market participants must prepare for a more rigorous and harmonised regulatory environment. The stronger emphasis on supervisory convergence and the implementation of new legislative frameworks such as DORA and MiCAR may necessitate significant adjustments in compliance strategies for some firms and market participants.
Accordingly, stakeholders may wish for forward plan for ESMA's actions and in particular increased scrutiny for existing but also new mandates from both ESMA and NCAs, in particular in areas such as digital operational resilience, sustainable finance and retail investor protection. Firms should also expect more frequent and more rigorous use of ESMA-coordinated common supervisory actions, including joint on-site inspections and collaborative efforts within Colleges of Supervisors.

Given the above, it is imperative that all firms (not just those subject to direct ESMA supervision) proactively engage with these legislative, regulatory and supervisory developments, ensuring that their internal controls, governance structures and IT systems are robust and compliant with the evolving standards and expectations.

About us

PwC Legal is assisting a number of financial services firms and market participants in forward planning for changes stemming from relevant related developments. We have assembled a multi-disciplinary and multijurisdictional team of sector experts to support clients navigate challenges and seize opportunities as well as to proactively engage with their market stakeholders and regulators.

In order to assist firms in staying ahead of their compliance obligations we have developed a number of RegTech and SupTech tools for supervised firms. This includes PwC Legal's Rule Scanner tool, backed by a trusted set of managed solutions from PwC Legal Business Solutions, allowing for horizon scanning and risk mapping of all legislative and regulatory developments as well as sanctions and fines from more than 2,500 legislative and regulatory policymakers and other industry voices in over 170 jurisdictions impacting financial services firms and their business.

Equally, in leveraging our Rule Scanner technology, we offer a further solution for clients to digitise financial services firms' relevant internal policies and procedures, create a comprehensive documentation inventory with an established documentation hierarchy and embedded glossary that has version control over a defined backward plus forward looking timeline to be able to ensure changes in one policy are carried through over to other policy and procedure documents, critical path dependencies are mapped and legislative and regulatory developments are flagged where these may require actions to be taken in such policies and procedures.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.

Authors
Photo of Michael Huertas
Michael Huertas
Your Author LinkedIn Connections
See More Popular Content From

Mondaq uses cookies on this website. By using our website you agree to our use of cookies as set out in our Privacy Policy.

Learn More