Regulatory Compliance

EBA updates confidentiality guidelines to enhance cross-border supervision of crypto-assets

Monday, 22 December 2025 7:54PM UTC

The European Banking Authority has revised its confidentiality guidelines, extending recognition to select third countries and reinforcing the framework for secure information exchange amid evolving EU crypto market regulations.

The European Banking Authority has revised its Guidelines on the equivalence of confidentiality and professional secrecy regimes in third countries, broadening the framework that governs how EU authorities share sensitive supervisory information beyond the bloc. According to the EBA press release, the update extends the 2022 Guidelines to reflect new requirements under the Markets in Crypto Assets Regulation (MiCAR) and to incorporate the Authority’s most recent equivalence assessments. ^[2]^[3]

The revised Guidelines explicitly confirm that the confidentiality and professional secrecy regimes of several third‑country authorities , including those in Australia, China, Montenegro, Peru, Serbia and the United Kingdom , meet the standards required for information exchange with EU competent authorities. The EBA said this recognition should ease cross‑border supervisory cooperation and underpin the use of cooperation arrangements where appropriate. ^[2]^[3]^[5]

In practical terms the update streamlines definitions, refreshes legal references and clarifies the application of the equivalence framework when competent authorities share information or engage in supervisory colleges and other joint arrangements. The EBA’s guidance now explicitly takes account of Article 100 of MiCAR, which requires that information exchanged under that Regulation remain confidential and protected by professional secrecy, with disclosure permitted only in strictly defined circumstances. The EBA noted these protections must bind anyone working for or with the competent authorities. ^[2]^[3]^[6]

The revision also widens the purpose of equivalence assessments beyond their earlier use to facilitate participation in EU supervisory colleges under the Capital Requirements Directive. According to the EBA, the Authority’s remit to monitor third‑country regulatory and supervisory frameworks creates a closer link between equivalence findings and the negotiation of cooperation arrangements, a linkage reinforced across a number of EU rulebooks including CRD, PSD2, BRRD and the Anti‑Money Laundering Directive. ^[4]

Member state competent authorities are required to report their compliance with the updated Guidelines within two months of translations being published in the official EU languages, the EBA said, signalling an expectation of prompt domestic implementation to preserve the timeliness and reliability of cross‑border exchanges. The Authority framed the changes as part of a broader effort to enhance supervisory convergence and facilitate international cooperation. ^[2]^[3]^[5]

The legal basis for the Guidelines remains Regulation (EU) No 1093/2010, which mandates the EBA to support Member States in ensuring that third‑country confidentiality and professional secrecy frameworks meet EU standards. The EBA’s public documentation sets out the confidentiality principles and the methodology used in equivalence assessments, underscoring the technical and legal scrutiny applied when recognising third‑country regimes. ^[2]^[6]

Taken together, the updates signal a tightening and harmonisation of the rules that govern when and how EU supervisors may exchange confidential information with foreign counterparts, while expressly integrating the supervisory implications of newly adopted EU rules for crypto‑asset markets. Industry participants and national authorities will now be expected to align procedures and agreements with the clarified standards to preserve confidentiality and enable effective oversight across borders. ^[1]^[2]^[4]

📌 Reference Map:

##Reference Map:

^[1] (Mondovisione) - Paragraph 7
^[2] (EBA press release) - Paragraph 1, Paragraph 2, Paragraph 3, Paragraph 5, Paragraph 6, Paragraph 7
^[3] (EBA guidelines page) - Paragraph 1, Paragraph 2, Paragraph 3, Paragraph 5
^[4] (EBA press release on assessing equivalence) - Paragraph 4, Paragraph 7
^[5] (EBA guidelines landing page) - Paragraph 2, Paragraph 5
^[6] (EBA 2022 confidentiality principles) - Paragraph 3, Paragraph 6

Source: Noah Wire Services

More on this

https://mondovisione.com/media-and-resources/news/the-eba-strengthens-cross-border-supervisory-cooperation-with-third-countries-th-20251222/ - Please view link - unable to able to access data
https://www.eba.europa.eu/publications-and-media/press-releases/eba-strengthens-cross-border-supervisory-cooperation-third-countries-through-its-updated-equivalence - The European Banking Authority (EBA) has updated its Guidelines on the equivalence of confidentiality and professional secrecy regimes in third countries, reinforcing the EU’s commitment to safeguarding confidential information and enabling effective cross-border supervisory cooperation. The revised Guidelines expand the scope of the original 2022 Guidelines to reflect new requirements under the Markets in Crypto Assets Regulation (MiCAR) and incorporate the latest EBA equivalence assessments. The updated framework confirms that the confidentiality and professional secrecy regimes of several authorities, including those in Australia, China, Montenegro, Peru, Serbia, and the UK, are now considered equivalent to EU standards. In addition, the revised Guidelines streamline definitions, update legal references, and clarify how competent authorities should apply the framework when sharing information or engaging in supervisory cooperation. By extending the scope of the Equivalence Guidelines, the EBA harmonises the approach that competent authorities across the EU should adopt when cooperating with their counterparts in third countries. Competent authorities must report their compliance with the Guidelines within two months of the publication of translations into the official EU languages. These Guidelines are part of EBA’s broader effort to enhance supervisory convergence and facilitate international cooperation. More information on this can be found here. Legal basis Regulation (EU) No 1093/2010 mandates EBA to support Member States in ensuring third-country confidentiality and professional secrecy frameworks meet EU standards. Article 100 of MiCAR requires that information exchanged between competent authorities under this Regulation must remain confidential and protected by professional secrecy, with disclosure allowed only in strictly defined legal circumstances and binding on anyone working for or with those authorities.
https://www.eba.europa.eu/activities/single-rulebook/regulatory-activities/third-country-equivalence-and-international-cooperation/guidelines-equivalence-confidentiality-and-professional-secrecy-regimes-third-country-authorities - The European Banking Authority (EBA) has updated its Guidelines on the equivalence of confidentiality and professional secrecy regimes in third countries, reinforcing the EU’s commitment to safeguarding confidential information and enabling effective cross-border supervisory cooperation. The revised Guidelines expand the scope of the original 2022 Guidelines to reflect new requirements under the Markets in Crypto Assets Regulation (MiCAR) and incorporate the latest EBA equivalence assessments. The updated framework confirms that the confidentiality and professional secrecy regimes of several authorities, including those in Australia, China, Montenegro, Peru, Serbia, and the UK, are now considered equivalent to EU standards. In addition, the revised Guidelines streamline definitions, update legal references, and clarify how competent authorities should apply the framework when sharing information or engaging in supervisory cooperation. By extending the scope of the Equivalence Guidelines, the EBA harmonises the approach that competent authorities across the EU should adopt when cooperating with their counterparts in third countries. Competent authorities must report their compliance with the Guidelines within two months of the publication of translations into the official EU languages. These Guidelines are part of EBA’s broader effort to enhance supervisory convergence and facilitate international cooperation. More information on this can be found here. Legal basis Regulation (EU) No 1093/2010 mandates EBA to support Member States in ensuring third-country confidentiality and professional secrecy frameworks meet EU standards. Article 100 of MiCAR requires that information exchanged between competent authorities under this Regulation must remain confidential and protected by professional secrecy, with disclosure allowed only in strictly defined legal circumstances and binding on anyone working for or with those authorities.
https://www.eba.europa.eu/publications-and-media/press-releases/eba-updates-its-guidelines-assessing-equivalence-professional - The European Banking Authority (EBA) has updated its Guidelines for assessing equivalence of professional secrecy and confidentiality regimes of third country authorities, to widen the scope and the purpose of the assessment. During the past years, the EBA supported EU Competent Authorities with the assessment of professional secrecy regimes of third country authorities to facilitate their participation in EU supervisory colleges, in accordance with Article 116(6) of the Capital Requirements Directive (CRD). The EBA Regulation also expressly entrusts the EBA with the task of monitoring third country regulatory and supervisory frameworks and establishes a closer link between equivalence and cooperation with authorities from equivalent third countries through cooperation arrangements. Similarly, provisions in the Capital Requirements Directive (CRD), the revised Payment Services Directive (PSD2), the Bank Recovery and Resolution Directive (BRRD) and the Anti-Money Laundering Directive (AMLD) all provide for the possibility for EU authorities to sign cooperation arrangements with authorities from third countries.
https://www.eba.europa.eu/guidelines-equivalence-confidentiality-regimes - The European Banking Authority (EBA) has updated its Guidelines on the equivalence of confidentiality and professional secrecy regimes in third countries, reinforcing the EU’s commitment to safeguarding confidential information and enabling effective cross-border supervisory cooperation. The revised Guidelines expand the scope of the original 2022 Guidelines to reflect new requirements under the Markets in Crypto Assets Regulation (MiCAR) and incorporate the latest EBA equivalence assessments. The updated framework confirms that the confidentiality and professional secrecy regimes of several authorities, including those in Australia, China, Montenegro, Peru, Serbia, and the UK, are now considered equivalent to EU standards. In addition, the revised Guidelines streamline definitions, update legal references, and clarify how competent authorities should apply the framework when sharing information or engaging in supervisory cooperation. By extending the scope of the Equivalence Guidelines, the EBA harmonises the approach that competent authorities across the EU should adopt when cooperating with their counterparts in third countries. Competent authorities must report their compliance with the Guidelines within two months of the publication of translations into the official EU languages. These Guidelines are part of EBA’s broader effort to enhance supervisory convergence and facilitate international cooperation. More information on this can be found here. Legal basis Regulation (EU) No 1093/2010 mandates EBA to support Member States in ensuring third-country confidentiality and professional secrecy frameworks meet EU standards. Article 100 of MiCAR requires that information exchanged between competent authorities under this Regulation must remain confidential and protected by professional secrecy, with disclosure allowed only in strictly defined legal circumstances and binding on anyone working for or with those authorities.
https://www.eba.europa.eu/sites/default/files/document_library/Publications/Guidelines/2022/Guidelines%20on%20the%20equivalence%20of%20confidentiality%20regimes/1032150/Confidentiality%20Principles%20.pdf - The European Banking Authority (EBA) has updated its Guidelines on the equivalence of confidentiality and professional secrecy regimes in third countries, reinforcing the EU’s commitment to safeguarding confidential information and enabling effective cross-border supervisory cooperation. The revised Guidelines expand the scope of the original 2022 Guidelines to reflect new requirements under the Markets in Crypto Assets Regulation (MiCAR) and incorporate the latest EBA equivalence assessments. The updated framework confirms that the confidentiality and professional secrecy regimes of several authorities, including those in Australia, China, Montenegro, Peru, Serbia, and the UK, are now considered equivalent to EU standards. In addition, the revised Guidelines streamline definitions, update legal references, and clarify how competent authorities should apply the framework when sharing information or engaging in supervisory cooperation. By extending the scope of the Equivalence Guidelines, the EBA harmonises the approach that competent authorities across the EU should adopt when cooperating with their counterparts in third countries. Competent authorities must report their compliance with the Guidelines within two months of the publication of translations into the official EU languages. These Guidelines are part of EBA’s broader effort to enhance supervisory convergence and facilitate international cooperation. More information on this can be found here. Legal basis Regulation (EU) No 1093/2010 mandates EBA to support Member States in ensuring third-country confidentiality and professional secrecy frameworks meet EU standards. Article 100 of MiCAR requires that information exchanged between competent authorities under this Regulation must remain confidential and protected by professional secrecy, with disclosure allowed only in strictly defined legal circumstances and binding on anyone working for or with those authorities.

Noah Fact Check Pro

The draft above was created using the information available at the time the story first emerged. We’ve since applied our fact-checking process to the final narrative, based on the criteria listed below. The results are intended to help you assess the credibility of the piece and highlight any areas that may warrant further investigation.

Freshness check

Score: 10

Notes: The narrative is based on a press release from the European Banking Authority (EBA) dated 22 December 2025, indicating high freshness. ([eba.europa.eu](https://www.eba.europa.eu/publications-and-media/press-releases/eba-strengthens-cross-border-supervisory-cooperation-third-countries-through-its-updated-equivalence?utm_source=openai))

Quotes check

Score: 10

Notes: No direct quotes are present in the narrative, suggesting original content.

Source reliability

Score: 10

Notes: The narrative originates from the EBA, a reputable organisation, enhancing its reliability.

Plausibility check

Score: 10

Notes: The claims align with the EBA's mandate and recent activities, and the narrative is consistent with the EBA's official communications.

Overall assessment

Verdict (FAIL, OPEN, PASS): PASS

Confidence (LOW, MEDIUM, HIGH): HIGH

Summary: The narrative is fresh, original, and originates from a reputable source, with claims that are plausible and consistent with the EBA's official communications.

EBA
confidentiality
cross-border supervision