Skip to main content

Future-proof regulatory change for European banks

Helping banks turn DORA, CRD VI and the AML overhaul from a compliance backlog into a competitive edge.

For European banks, 2026 is the year multiple regulatory programmes hit their stride at the same time. CRD VI, CRR3 is now embedded in capital planning, DORA has moved from build-and-test to supervisory examination,. AMLA is operational in Frankfurt and the AML Single Rulebook (AMLR) is being interpreted, with the 2027 application date already shaping data, KYC and screening programmes today. and CSRD reporting in its second wave, the EBA’s ESG risk management guidelines, the AI Act’s high-risk obligations from August 2026, and a continuous tail of EBA and ECB technical standards.

The 2026 banking landscape: pressure on every front

For European banks, 2026 is the year multiple regulatory programmes hit their stride at the same time. CRD VI has been applicable since 11 January, sharpening expectations on third-country branches, governance and ESG risk integration. CRR3 is now embedded in capital planning, with the output floor and revised credit, market and operational risk approaches in live calibration.

DORA has moved from build-and-test to supervisory examination, with the ECB and national competent authorities pressing on third-party concentration, ICT incident classification and digital operational resilience as a board-owned matter. AMLA is operational in Frankfurt and the AML Single Rulebook (AMLR) is being interpreted, with the 2027 application date already shaping data, KYC and screening programmes today.

Layered on top: CSRD reporting in its second wave, the EBA’s ESG risk management guidelines, the AI Act’s high-risk obligations from August 2026, and a continuous tail of EBA and ECB technical standards. Each one alone is manageable. Together, they create a compounding load on second-line and operational teams that have not grown.

How ACE + Company helps

Two distinct offerings. ACE consulting, on the ground, in focused teams. And ACE Regulatory AI, our regulatory intelligence platform.

ACE consulting

A boutique change management practice with niche regulatory expertise in the European financial sector. Strategic and tactical services on the change programmes that have to land.

  • Regulatory change is the only thing we do. Structuring, orchestrating and implementing new regulations is the practice, not a sideline. Niche regulatory expertise runs through every engagement.
  • Change management as a discipline. A proven track record in change management in complex environments. We work in behaviour, governance, controls and stakeholder alignment, not just gap analysis.
  • Lean teams that integrate with yours. A focused team pairs with your legal, compliance, operations and product owners, transferring capability as we go.
  • Sustainable capabilities, lasting impact. Every engagement is engineered for the day after we leave. Documentation, controls, MI, training and ownership are designed in from day one, so the change holds when supervisors come back

Working alongside European banks on the regulatory change agenda set by CRD, CRR, DORA, AML, CSRD and the wider EU pipeline.

ACE Regulatory AI: our regulatory intelligence platform

RegAI reads regulatory texts, structures binding obligations, and maps them to your control framework, so you know where you stand on the regulations you onboard.

  • Nexus. A cross-regulation view, organised by operational domain and topic family rather than by document. The groups you actually own (DORA, AMLR, governance, ICT risk, conduct, third-party risk and so on) pulled together across the regulations onboarded for your firm, rather than read in document silos.
  • Posture. Defensible coverage by regulation and by domain, computed continuously from real artifact-to-requirement evidence. Not a self-assessed RAG. Numbers your board and your supervisor can both understand.
  • Pulse. Regulatory change monitoring that tells you what it means for you. When the EBA, ECB or DNB publishes a new technical standard, Pulse identifies which of your obligations are affected and shows the impact on your live posture.
  • Workbench. Close gaps in the same place you find them. Upload a new policy or amend an existing artifact, preview the projected posture change before approving, and leave a complete audit trail.
  • Mathilda. Your AI compliance assistant. Ask “How well are we covered on DORA Article 6?” in plain English and get a board-ready answer in seconds, with article references and suggested follow-ups.

RegAI’s library spans core EU financial regulations including DORA, CRD VI, MiFID II, GDPR, NIS2, AMLR and PSD3, with the architecture to add further regulations and jurisdictions over time.

What you can plan around

  • A defensible compliance position you can present to the ECB, the EBA or your board, backed by auditable evidence rather than self-assessed RAG.
  • A coordinated response across CRD VI, DORA, AMLR and CSRD that removes duplicated effort between siloed programmes.
  • Lower cost of regulatory change. Your most experienced people focus on judgement, not on summarising the same regulation a fifth time.
  • A control environment that holds after we leave, embedded in your operating model from day one.
  • A live view of how your compliance position evolves as new technical standards land and your controls change.

Future-proof your 2026 banking agenda

Whether you are firefighting CRD VI implementation, preparing for an ECB DORA examination, or building a credible AML target operating model for AMLR, we would like to talk.

Talk to us More about RegAI