Risk Horizon
Live

Intelligence generated by AI from public regulatory sources. Not investment or regulatory advice. Verify before relying on any output.

Signals
elevated·EBA · European Banking Authority

EBA Guidelines on AI Act Compliance for Credit Institutions

The EBA published guidelines clarifying how AI Act obligations intersect with CRR/CRD requirements for credit institutions. High-risk AI systems used in credit scoring, AML screening, and insurance pricing must satisfy both AI Act conformity requirements and EBA model risk governance standards. Dual compliance timelines apply from August 2026.

Materiality

Horizon

Near Term

Source Type

supervisory guidance

Published

28 January 2026

AI Commentary

The dual compliance requirement is operationally complex: AI Act conformity assessments must be conducted by a notified body, while EBA model validation remains internal. Firms should assess whether current model validation frameworks generate artefacts that satisfy both regimes.

Related Themes

1 theme

AI Model Risk & Explainability

Technology & Digital

crystallising

Intelligence Packs

1 pack
Scenario Pack
mediumECBPRAFCA

AI Model Governance Failure in Credit Decisioning

This scenario models the financial, regulatory, and reputational consequences of a systemic failure in AI model governance within the credit decisioning function of a large retail or wholesale bank. The triggering event is a supervisory finding — or public disclosure — that AI-driven credit scoring models have produced discriminatory outcomes or are materially unexplainable under current regulatory standards. The immediate impact is a supervisory direction to suspend or remediate the affected models, with secondary impacts flowing through capital, customer remediation, and operational risk channels. The scenario is rated medium time horizon (1–3 years) because the enabling conditions — widespread AI adoption in credit, regulatory frameworks now in force, and supervisory examination programmes underway — make a triggering event probable within that window for institutions that have not achieved full AI model governance maturity. Institutions should treat this scenario as a stress test of their current model risk management programme against the ECB, PRA, and EBA explainability standards that are simultaneously in force.

Trigger Conditions

  • Material enforcement action by ECB, PRA, or FCA citing AI model unexplainability in credit decisioning, resulting in a public censure or remediation order against a significant institution
  • Documented instance of regulatory-identified algorithmic bias causing customer detriment exceeding EUR 50 million, triggering a mandatory industry-wide self-assessment across affected jurisdictions