.svg)
2025 regulatory activity in Europe was defined more by the weight of implementation than the adoption of new regulation. As the industry grappled with the operational realities of implementing Regulation (EU) 2023/1114 (Markets in Crypto-Assets - MiCA) and Regulation (EU) 2022/2554 (Digital Operational Resilience Act - DORA), a deceptively calm period transpired as the long and varied path to implementation began.
For financial institutions, however, 2026 will be about more than just managing the regulatory load as Europe moves into another adoption phase. It will also require building capabilities to deal with diverging geopolitical paths and technological shifts. It will be about surviving and thriving during a period of intense adjustment where compliance is no longer a back-office function, but a core strategic pillar.
The bigger picture: 2024 v 2025 - Volume of regulatory updates in Europe
In 2025, regulatory activity across 40 of the main European jurisdictions that Vixio PaymentsCompliance monitors generally trended lower than it did in 2024, signalling that regulatory focus was on the implementation of pivotal EU legislation, such as MiCA and DORA, rather than adoption of new regulatory frameworks.
Meanwhile, activity from Vixio Horizon Scanning’s two busiest jurisdictions — the UK and the EU — took diverging paths in 2025. Whereas activity from the UK decreased by more than half, regulatory activity from the EU increased by nearly 20 percent. This upward trajectory in the EU is likely to continue into 2026, driven by a new wave of upcoming legislation, including the third Payment Services Directive/Payment Services Regulation (PSD3/PSR). The Anti-Money Laundering Authority will also have settled into its new role, having already outlined its priorities and launched initial consultations, with more AML legislative deadlines looming.
Any rise in activity comes despite UK and European regulators having set out plans to reduce regulatory burden and simplify policies and rules. Although this could have been partly the reason for lower activity in the UK last year, Vixio Horizon Scanning data already shows that activity in the first few months of 2026 is higher than it was at the same time in 2025. The UK has already laid out plans to launch a crypto-assets regulatory regime and a regulatory regime for deferred payment credit, and as regulators look to catch-up with the national payments vision, it seems unlikely activity will lessen.
The effects of the EU’s simplification and implementation agenda may not yet be having an impact on regulatory activity; however, its influence can be seen in the approach that has been taken in relation to PSD3/PSR and the 6th Anti-Money Laundering Directive/Anti-Money Laundering Regulation (6th AMLD/AMLR), among others, whereby directives are being combined with directly applicable regulations to promote greater consistency across member states. However, before any new process can become simpler and easier, it first inevitably goes through a period of intense adjustment, experimentation and explanation, which is what may be seen in 2026 as these regulatory frameworks are rolled out.
This is typically followed by a period of operationalisation and application with further guidance, standards, rules and obligations being continually released and outlined at EU and member state level to ensure effective implementation. This seemed to be the main theme throughout Europe in 2025 in relation to the implementation of MiCA and DORA, and is even continuing to be seen at the beginning of 2026.
So although activity may have appeared lower throughout Europe in 2025, it progressed at a sustained level that continues into this year, indicating that implementation does not just end, but it ebbs and flows as regimes become more established. Looking forward, this activity will remain an undercurrent on which the next wave of regulation builds, and again indicates that activity may rise as another adoption phase approaches. Simplification and reduced regulatory burden are targets that might not be on the horizon just yet.
However, in 2026, the question is not just about whether increasing or decreasing regulatory activity will affect regulatory impact for financial institutions and their compliance teams, but whether external factors such as geopolitics and technical advancements will add to the load.
The added burden
Global geopolitical risks
We are at a stage in time where tensions and fractions among world leaders and jurisdictions that have previously been more aligned are rising; this, in turn, is resulting in fragmentation and diversification in relation to regulatory approaches, where previously the aim had been global alignment. Recent headlines include the UK looking to establish its own domestic card network following concerns around the reliance on US-based Visa and Mastercard, and there has also been recent movement in relation to the European Payments Initiative, again potentially because of the same concerns.
Although international standardisation has long been on the agenda of the EU and other regulators to create greater opportunities and less risk, this concept could erode more in 2026 as jurisdictions look to insulate and protect against escalating geopolitical fractions, and therefore financial institutions may need to deal with increasingly conflicting, competing and differing regulatory frameworks.
The fragile and tumultuous relationships between some Western jurisdictions also mean that focus areas need to change at short notice, with regulators needing to be reactive rather than proactive to deal with shifting priorities or immediate threats. These rising tensions could have an impact on regulatory activity in 2026. For example, in recent years, following the war in Ukraine, there has been a rise in sanctions regulatory activity, and following Trump’s recent actions in Venezuela and the Middle East, and rhetoric around Greenland, conflicting agendas could result in a regulatory response moving further up the priority list for European regulators.
Building resilience
For organisations facing a constantly evolving and changing geopolitical landscape outside their control, preparation is difficult, with market strategies and operating models requiring updates almost instantaneously. In 2026, it will be vital for businesses to continuously track, understand and manage the costs of operating in jurisdictions where regulation is divulging; just one example is the deviating approaches that jurisdictions are taking in relation to regulating digital assets.
As jurisdictions look to insulate and protect at regional level, so too are financial institutions as they aim to build resilience, security and protection, to ensure sustained growth, while remaining compliant with evolving regulation. With circumstances which have previously been seen as unprecedented and unlikely becoming more of an actual possibility, ensuring an institution’s structure, operations, systems, people and customers are safe and secure is even more critical, and this means that compliance needs to become part of the strategic agenda. However, this also means the role of compliance is having to evolve and expand, as it is now not just about understanding and applying regulation, but also having to try to do the impossible of predicting the unpredictable.
Evolving technology
Another factor at play in the ever expanding list of regulatory concerns is AI, if it is either looking at how to use it to aid efficiency or temper it to ensure security, what seems evident is that technology is outpacing regulatory advancements. Many regulators seem to be embracing a wait and see approach, not wanting to define prescriptive rules, such as the UK’s Financial Conduct Authority. Even the EU regulators that implemented the EU AI Act (Regulation (EU) 2024/1689) in 2025 are considering rolling back or delaying specific requirements because of concerns about stifling innovation. The high-risk obligations that are set to come into effect in August 2026 could get delayed, with the European Commission already missing a deadline to issue guidelines on the practical implications of these requirements.
Regulatory activity in relation to technological advancements such as AI may be nominal at this point; however, is it inevitable that regulations and supervision will come as it did around another technical evolution in the financial world: crypto.
The EU has established a crypto regulatory regime under MiCA and the UK is set to start rolling out its own regime at the end of 2026. However, the longer the time lags between technological advancements and regulatory responses the divide between them grows wider, and leaves institutions in an even bigger state of flux and unknown, and provides regulators with an even bigger hill to climb when they decide to regulate. Low regulatory activity may not be reflective of the impact that technology is having on the industry, and could just be temporary.
Looking ahead
With major regulatory developments on the horizon in Europe in 2026 and beyond, it is difficult to see regulatory activity slowing any further. In fact, as implementation of DORA and MiCA continues into this year, other incoming rules will need to be layered on top, potentially driving further regulatory activity. Understanding the behaviour of regulators and the legislative process are, therefore, essential to ensuring financial institutions can focus on what is important. Categorising developments according to priorities or whether action needs to be taken is useful in planning in an ever more unpredictable world.
In 2025, a year of implementation rather than adoption across Europe, the EU still issued 20 percent more updates, a pace that is likely to continue into 2026 as further developments require additional instructional guidance. Even where simplification is the end goal, the initial rollout of such regimes often introduces complexity, with the need for clear interpretation producing more regulatory activity in the near term. Regulators are also no longer just satisfied with seeing a policy created, and instead want to see how it is being applied and maintained - if things change in the world, how are policies and controls being adapted to respond?
Predicting and planning for regulatory developments is something that compliance and regulatory teams are used to. However, the added regulatory burden is going to be determined by volatile geopolitics, fragmenting frameworks and emerging technology advancements. Compliance and business development are now closely intertwined, and if they are not in step then the risks can outweigh the rewards. Having early warning systems and resilient operating models in place, alongside people who understand the wider context of developments, can help ensure institutions anticipate rather than merely react to changing global dynamics.
