Topics impacted

The Council of the European Union has published a Commission Delegated Regulation, dated 6 July 2026, amending the regulatory technical standards (RTS) on the information that Central Securities Depositories (CSDs) must provide to their competent authorities for periodic review and evaluation. The regulation, adopted by the Commission on 6 July 2026, implements changes introduced by the CSDR Refit (Regulation (EU) 2023/2845) and aims to streamline supervision while reducing the frequency of mandatory reviews from annually to every three years.

The delegated regulation, based on draft RTS submitted by the European Securities and Markets Authority (ESMA) on 20 February 2025 following a public consultation from 9 July to 9 September 2024, introduces new reporting requirements for CSDs. These include a summary report of key changes since the previous review covering group structure, management, shareholders, activities, services, outsourcing, and links. CSDs must also provide periodic information on changes in their risk management framework (legal, general business, operational risk), progress on addressing outstanding findings from competent authorities, and any changes in third-party risk ratings. Statistical data on cross-border activities, including jurisdictions of participants and issuers and governing law of securities, must be reported. Additionally, information on settlement fails prevention measures, default procedures testing, business continuity policy updates, and free-of-payment settlement tools is required.

competent authorities must provide review results to a wider range of authorities, including those under Article 22(7) of CSDR and Article 67 of Directive 2014/65/EU (MiFID II), reflecting the strengthened role of relevant authorities. Certain new requirements are deferred by one year from entry into force to allow CSDs time for IT and process adaptations.

Impact on stakeholders The regulation reduces the administrative burden on CSDs by extending the review cycle from one to three years, but increases the depth and scope of information required at each review. CSDs will need to invest in IT systems and processes to collect and report the new data, particularly on cross-border activities and risk management. Competent authorities benefit from more comprehensive and harmonised information, reducing the need for ad hoc requests. The broader information sharing enhances coordination among authorities, potentially improving supervisory consistency. Investors and market participants may gain from more stable and transparent CSD operations, though the direct impact is indirect. The one-year deferral for some requirements gives CSDs time to adapt, mitigating immediate compliance costs.

Institutional follow-up The delegated regulation will enter into force on the twentieth day following its publication in the Official Journal of the European Union. The European Parliament and the Council have the right to object within a specified period. Once in force, CSDs and competent authorities must comply with the new rules, with deferred requirements applying one year later.

← Atlas › News › Economy & Taxation