EU regulatory change webinar – what you need to know

Regulation in the EU is implemented and updated regularly to harmonise rules as far as possible across all Member States. During a detailed briefing, Aztec Group’s Head of Luxembourg and Group Head of Centres of Excellence Loic Choquet, and Head of Regulatory Control Angel Ramon Martinez Bastida, discussed the implications regulatory change will have on private markets throughout 2025 and the practical steps EU based managers should take to maintain compliance.

You can watch the full webinar recording here:

AIFMD 2.0

The primary changes associated with AIFMD 2.0 relate to cross-border depositary services, a formalisation of the rules around loan origination, and enhanced reporting and disclosure requirements. The changes include:

• The opportunity to appoint depositaries in other EU countries.
• Adhering to the new liquidity management rules for open-ended funds.
• Ensuring compliance with enhanced reporting standards.
• More scrutiny on delegation for AIFMs.

The AIFMD is the primary rulebook by which private markets funds operate in the EU, and these amendments are designed to harmonise regulation further across Europe. The changes aren’t seismic, rather they are adjustments to support fund managers and regulators to fulfil their stakeholders’ requirements more efficiently.

Read more here.

Digital Organisational Resilience Act (DORA)

DORA has been brought in to harmonise rules around operational resilience for the financial sector. It applies to 20+ different types of financial entities, including providers of information and communication technology (ICT) services to financial institutions. Complying with DORA has different levels of complexity depending on the size and the role of the firm. These include:

• Aligning ICT frameworks and governance with DORA standards.
• Ensuring sufficient ICT knowledge at Board level and the establishment of roles around ICT risk management.
• Proper management and monitoring of ICT supply-chain, reviewing contracts with providers.
• Administrative burden around some of the detailed requirements (i.e., contracts, register).

An important part of this Act is reporting major incidents. These reports are done using a decision tree method, which classifies incidents based on their impact across teams and geographies, for example. The deadline for reporting an incident has been slightly relaxed to ensure risk departments have time to both resolve the incident and report it correctly. By April, organisations will need to share their registers of core suppliers with regulators.

Read more here.

EU AML package

The European Parliament’s comprehensive new AML/CTF legislative package includes the new decentralised body of the EU, which will be fully operational by January 2028. Its purpose is to tone-up the AML/CFT framework, ensure high-quality supervision, promote harmonisation, and facilitate information exchange among competent authorities within the Union. The package includes the EU AML Single Rulebook (AMLR), Directive (EU) 2024/1640 (AMLD6), and Regulation (EU) 2024/1620 (AMLAR). The following actions are necessary:

• Keeping up to date with enhanced Ultimate Beneficial Ownership (UBO) duties.
• Ensuring consistent declarations and information sharing with authorities.
• Ensuring compliance with enhanced due diligence requirements.
• Compliance with the new AML rules and adjusting the existing AML internal framework.
• The broadening of the scope of obliged entities means reassessing all client organisational structures and potentially requalifying beneficial owners.

The EU is making these changes to align UBO standards at an EU level. This cross-jurisdictional approach should harmonise the activities of Member State regulators and the new European authority to report and investigate suspicious activity reports more efficiently.

Read more here.

EU AI Act

While not a regulation specific to the financial industry, the Act will capture all entities with a presence in the EU, including those not headquartered in the EU but do operate here. The Act is designed to ensure all entities have a comprehensive artificial intelligence (AI) strategy in place. Actions include:

• Establishing an AI strategy.
• Establishing AI governance and a risk management framework.
• Promoting AI literacy among staff.
• Identifying all uses of AI, including throughout the supply chain.

In the long-term, fund administrators may become providers of AI to GPs and LPs, offering services like portfolio performance reporting and risk prediction. Primarily entities will need to ensure that their AI use is properly governed and that their use of the technology matches their risk appetite. These regulations should stimulate innovation within companies, providing parameters within which to experiment.

Read more here.

ESG Terminology Rules

The European Securities and Markets Authority (ESMA) has released final guidelines on the use of environmental, social, and governance (ESG) or sustainability-related terms in fund names. This is to prevent greenwashing and ensure that fund names accurately reflect their investment strategies. This is already in force for new entities, and for existing funds the deadline is May 2025. Managers need to do the following:

• Ensure compliance with the new guidelines by reassessing fund names and investment strategies to ensure they meet the new thresholds.
• Review and update investment strategies or names when needed.

Managers will need to substantiate their claim to ESG credentials, providing evidence of their alignment with social, governance or environmental sustainability goals. Article 8 and 9 funds will likely be the most impacted. These rules don’t replace the Sustainable Finance Disclosure Regulation (SFDR), they are complementary to it.

Read more here.

Additional recent regulatory changes

In Luxembourg, Circular 24/866 is expected to streamline reporting, rather than requiring new reports it is designed to eliminate duplicate reporting.

This follows the requirement for all directors of Luxembourg-based entities to provide identity numbers and the requirements to maintain the business registers updated with the correct information. There will be sanctions for those whose information isn’t correct including potential fines and suspension from activity while corrective action is taken.

Across the EU, other notable regulations include the EU Omnibus which is a compendium of modifications to a variety of ESG rules. It softens certain requirements for smaller operations and as a result 90% of private markets will be out of scope. It is not deregulation, but rather a recognition of how many smaller operations were overwhelmed by the Corporate Sustainability Reporting Directive (CSRD) reporting requirements.

As a specialist private markets fund administrator, Aztec Group keeps abreast of all regulatory changes, keeping clients informed, and supporting them to implement necessary changes to maintain compliance across all their operations.