The role of regulation at the ACPR

Regulation plays an essential role within our institution  

The ACPR’s regulatory mission is twofold:

  • the ACPR monitors the compliance of institutions in the banking and insurance sectors with all regulations applicable to them as well as their implementation of regulations in force at national level; both on a day-to-day basis and through the Authority’s various supervisory tasks;

  • as a supervisory authority, the ACPR contributes to strengthening financial sector regulation, and represents France at international and European level in various fora.

The regulations that govern the banking and insurance industries

The banking and insurance industries are part of a complex and ever-changing regulatory landscape. Among other things, this regulatory framework makes it possible to keep pace with market developments and innovation.

A very brief summary of a few key regulations is available below:

What is the Basel III framework?

An international agreement 

Basel III is the name given to an international agreement concluded in 2010. This agreement aims to strengthen the soundness of the banking sector, drawing lessons from the 2008 financial crisis. Basel III follows on from the Basel I (1988) and Basel II (2004) agreements. These agreements were drawn up by the Basel Committee on Banking Supervision, which is responsible for establishing international rules.

 
In Europe, Basel III requirements have been transposed into two main regulatory frameworks: 

  • CRD IV (Capital Requirements Directive IV), a European directive that provides a framework for banks’ risk management and governance;
  • CRR (Capital Requirements Regulation), a European regulation that sets out directly applicable requirements for banks, including capital and liquidity ratio requirements.
     

Maintaining a sound banking system

Banks must comply with prudential regulations designed to ensure their financial soundness and prevent them from going bankrupt. In France, the ACPR is the regulator in charge of supervising banking institutions and ensuring that they comply with the rules. This oversight is conducted at European level, within the framework of the Single Supervisory Mechanism. Therefore, teams from both the ACPR and the ECB jointly supervise institutions. 

Exercising control over key risks 

Banks are required to exercise control over the main risks they incur: solvency risks, liquidity risk, credit risk, operational risk. To prevent these risks, the Basel III framework, as strengthened by CRD IV and CRR, requires banks to:  

  • hold significant levels of own funds, determined as a proportion of assets held;
  • ensure that the risks they are exposed do not exceed a specific amount, known as the “leverage ratio”, which is calculated on the basis of their own funds;
  • comply with liquidity ratios designed to ensure that undertakings remain able to meet their financial commitments at all times;
  • have in place reliable and appropriate governance and internal control systems.

What is Solvency II?

A European regulatory reform to strengthen the insurance sector

Solvency II is a European regulatory reform adopted in 2009, which applies to all insurance undertakings in EU Member States. 

Solvency II aims to better align the own fund requirements applicable to insurance and reinsurance undertakings with the risks they incur in the course of their business. 

In France, the ACPR is the designated regulator in charge of monitoring compliance with Solvency II. 

The three pillars of Solvency II

  • Quantitative requirements 

Pillar 1 sets out the quantitative standards used to calculate the amount of technical provisions and own funds that insurers must have on hand to cover their risks. 

  • Qualitative requirements

Pillar 2 sets out internal qualitative standards for risk monitoring and explains how supervisory authorities (such as the ACPR) are to apply their supervisory powers. 

  • Information for the public and for the supervisor 

Pillar 3 covers financial disclosure. Its purpose is to promote the transparency of information disclosed to the public and sent to supervisory authorities. 
 

What is DORA?

A European regulation to supervise the digital resilience of the financial system

The Digital Operational Resilience Act (DORA) is a European Union initiative aimed at harmonising provisions relating to cyber security and ICT risk management in the financial sector. 

DORA, which was adopted in 2022 and came into force in January 2025, imposes strict rules on banks, insurance undertakings, asset management companies and other financial entities. These financial entities must ensure that they can withstand, address and recover from any major operational disruption affecting their information and communication technology (ICT). 

The requirements introduced by DORA

DORA applies to any entity in the financial system, barring exceptions, and covers:

  • IT risk management;
  • incident reporting;
  • operational resilience testing;
  • the management of exposure to ICT third-party risks associated with ICT service providers.

The introduction of supervision for critical ICT service providers is a major development in the framework of European Union-level supervision. DORA focuses on the key issue of financial entities’ third-party risk management, reminding them of their obligations when it comes to choosing their service providers, defining their contractual obligations and applying risk controls at every level of their outsourcing model.  

What is the MiCA Regulation?

A European regulation for the supervision of markets in crypto-assets

The European Markets in Crypto-Assets (MiCA) Regulation, which was adopted in 2023 and came into force in December 2024, aims to regulate markets in crypto-assets (or digital assets). It is part of the Digital Finance Package, a package of European measures applicable to digital finance, and it is designed to provide better protection for investors while fostering innovation within the European Union. 

A harmonised European framework

The MiCA Regulation covers: 

  • the offer of crypto-assets to the public and their admission to trading;
  • the offer of stablecoins to the public and their admission to trading;
  • the provision of crypto-asset services by crypto-asset service providers;
  • the prevention of market abuse involving crypto-assets.

What is the SFDR?

A European regulation to enhance transparency with regard to sustainable finance

The Sustainable Finance Disclosure Regulation (SFDR) is a European regulation that came into force in March 2021. It is part of the regulatory framework applicable to sustainable finance, and it aims to strengthen the transparency requirements associated with sustainability-related disclosures in the financial services sector

This Regulation requires asset managers to be more transparent regarding: 

  • whether or not they integrate ESG (Environmental, Social and Governance) criteria;
  • the sustainability risks associated with investments;
  • their environmental and social impact. 

Transparency and classification

The SFDR imposes a duty of transparency: financial institutions must report and disclose information that makes it possible to assess the extra-financial impact of their investments.  

The SFDR also introduces a classification system for financial participants according to ethical criteria. It provides investors with clear and comparable information on the sustainability of their investments: 

  • “Article 6” investment products: ‘conventional’ products that have no sustainability objectives and do not meet ESG criteria; 
  • “Article 8” investment products: products that integrate and promote environmental and/or social characteristics without explicitly seeking to meet sustainable objectives;
  • “Article 9” investment products: products that have sustainable investment as their objective, that contribute to an environmental and/or social objective and do so without doing significant harm to any of their environmental and/or social objectives.

The sustainability objectives introduced by the SFDR

The SFDR focuses on four key areas: 

  • increasing financial product transparency to lend credibility to sustainable finance;
  • supporting green and energy transition through a sustainable economy driven by informed investors;
  • aligning the European Union’s sustainability targets, including the Paris Climate Agreement, with the United Nations’ Sustainable Development Goals;
  • fighting “greenwashing” by avoiding misleading practices. The SFDR incorporates the double materiality principle, which requires companies to use a dual-materiality approach in their assessment: on the one hand, analysing the impact of environmental and social considerations on their business, and on the other hand, analysing the impact of their business on the environment and on society. By integrating this approach, the SFDR strengthens sustainability objectives by taking into account both the financial impact and the impact on biodiversity.

What is the EU’s green taxonomy?

A European regulation to recognise "green" -environmentally sustainable- activities

The green taxonomy is a European regulation that came into force in 2020. This regulation offers a classification system for economic activities to identify environmentally sustainable investment.

The taxonomy's 6 environmental objectives 

For an activity to be labelled "green" within the meaning of the taxonomy, it must:

  • contribute to at least one of the six environmental objectives;
  • do no significant harm to the achievement of the other five objectives;
  • meet minimum safeguard standards in terms of human rights and labour law. 

The six objectives established by the EU taxonomy regulation are listed below:

  1. mitigation of climate change;
  2. adaptation to climate change;
  3. sustainable use and protection of water and marine resources;
  4. transition to a circular economy, including waste prevention and recycling;
  5. pollution prevention and control;
  6. the prevention and restoration of biodiversity and ecosystems.

What is MiFID 2?

A revision of a European directive

MiFID II (which stands for Markets in Financial Instruments Directive, and is also referred to as MIF 2), is a revision of the MiFID I European Directive on financial markets. In 2011, the European Commission proposed this revision to address the weaknesses that had emerged in the wake of the 2008 financial crisis. MIF 2 was adopted in 2014, and came into force in 2018.  
It aims to improve:

  • transparency in financial markets, with strict pre-trade and post-trade transparency requirements;
  • the protection of investors, and especially retail investors, from complex risks and products. 

The integration of sustainable investment objectives 

MiFID II requires financial advisors to integrate investors’ sustainability preferences into their investment advice process (Environmental, Social and Governance preferences, or ESG preferences).

What is AML/CTF?

Combating money laundering and terrorist financing: a major concern for the European Union

Money laundering and the financing of terrorism pose serious risks to the financial system of the European Union and to the security of EU citizens. The European Union has adopted a series of regulations to provide a framework for the fight against money laundering and the financing of terrorism, and to step up action in that regard.

The first anti-money laundering directive was adopted in 1991. Since then, the rules it established have been constantly evolving to cover all emerging risks, and in particular, the risks associated with technological innovation and with the global nature of terrorist organisations. 

The regulatory requirements introduced by the 4th Directive for supervised entities in the financial sector

The 4th anti-money laundering and terrorist financing Directive was published in June 2015, and its requirements were transposed into the French Monetary and Financial Code in December 2016. 
These requirements include: 

  • for each entity, a requirement to assess its own AML/CTF risks;
  • a requirement to implement an identification process for customers and beneficial owners and to cross-check their identity;
  • a requirement to implement due diligence measures upon entry into a business relationship and throughout the business relationship;
  • the obligation to report to TRACFIN;
  • internal control requirements as well as requirements to report to the AMF;
  • the implementation of asset-freezing measures.

The regulatory requirements introduced by the 5th Directive

The 5th Directive entered into force in July 2018 and was transposed into French law in February 2020.

It complements the 4th Directive. Its main objectives are establishing: 

  • greater transparency for complex legal structures, through the creation of beneficial ownership registers; 
  • harmonised rules for business relationships with high-risk third countries; 
  • AML/CTF supervision for digital asset service providers.

Recent regulatory developments in the European Union

Recent regulatory requirements laid down by EU law include: 

  • the establishment of a new European Anti-Money Laundering Authority (AMLA);
  • a regulation concerning anti-money laundering requirements applicable to the private sector;
  • a directive on anti-money laundering mechanisms at national level;
  • a revision of the regulation on transfers of funds adopted in 2023.

Updated on the 25th of June 2025

Our current topics

Fintech Protecting customers Combating money laundering Authorisation Supervisory Resolution