EU Regulatory Hub
Tax · Audit · Accounting · Legal
Comprehensive intelligence on EU regulatory developments affecting professional services firms across tax, audit, accounting, and legal disciplines — with key deadlines, explainers, and practice tools.
EU Tax — Key Regulatory Developments
The EU tax landscape is undergoing fundamental restructuring across minimum taxation, VAT modernisation, mandatory disclosure, and carbon pricing. Each creates significant advisory obligations for member firm clients. This tab covers the six developments that most directly affect Abacus members' tax practices.
⚡ January 2026 — Pillar Two Side-by-Side Package
In January 2026, the OECD Inclusive Framework agreed the Side-by-Side (SbS) package — two new safe harbours for MNE Groups headquartered in jurisdictions with qualifying minimum tax regimes. This significantly changes Pillar Two planning for affected groups. Review client ETR models and update any Pillar Two advisory content referencing the prior rules.
The EU implemented Pillar Two through Directive 2022/2523, requiring all EU member states to enact domestic legislation implementing the Global Anti-Base Erosion (GloBE) Rules. The Income Inclusion Rule (IIR) applies from 1 January 2024 and the Undertaxed Profits Rule (UTPR) from 1 January 2025. All EU member states are required to have enacted Qualified Domestic Minimum Top-up Taxes (QDMTTs).
The January 2026 Side-by-Side package introduced two new safe harbours: the SbS Safe Harbour (exempts MNE Groups from IIR and UTPR in other jurisdictions where the UPE jurisdiction has a qualifying regime) and the UPE Safe Harbour. An evidence-based stocktake will assess competitive balance.
Key interaction with green incentives: the QRTC treatment under GloBE rules determines whether EU and non-EU clean energy credits protect or undermine ETR. Firms advising on ESG investment decisions must model Pillar Two impact.
DAC6 (Directive 2018/822/EU) requires intermediaries — including lawyers, accountants and tax advisers — to report cross-border arrangements that display one or more of the hallmark characteristics indicating potential tax avoidance. Reports go to national tax authorities who share information via automatic exchange. Mandatory for arrangements from 25 June 2018 onwards.
DAC7 (Directive 2021/514/EU) extended automatic exchange of information to digital platform operators, who must report sellers' income earned on their platforms. Effective 1 January 2023, with first exchange of 2023 data completed in early 2024.
DAC8 (Directive 2023/2226/EU) extends reporting to crypto-asset service providers (CASPs) and e-money issuers, requiring them to report crypto-asset transactions by EU tax residents. The OECD Crypto-Asset Reporting Framework (CARF) is incorporated. Member states must transpose by 31 December 2025, with reporting from 1 January 2026.
ViDA (Directive 2025/516/EU, adopted March 2025) is the most significant overhaul of EU VAT rules in decades. It has three pillars. First, digital reporting requirements: mandatory e-invoicing and real-time digital reporting for intra-EU B2B transactions, replacing the current EC Sales List from 2030. Second, platform economy VAT: digital platforms facilitating short-term accommodation and passenger transport become deemed suppliers and collect/remit VAT from 1 July 2028. Third, single VAT registration: the One-Stop Shop (OSS) is extended so businesses can handle all EU VAT obligations through a single registration in their home member state, phased in from 2025–2027.
E-invoicing mandates are already being introduced unilaterally by member states (France, Germany, Belgium, Romania, Italy) — ViDA creates the EU-wide framework to harmonise these national initiatives and reduce compliance fragmentation for cross-border operators.
CBAM (Regulation 2023/956/EU) puts a carbon price on imports of six emissions-intensive product categories — steel, cement, aluminium, fertilisers, electricity, and hydrogen — equivalent to the EU ETS carbon price. The transitional phase (October 2023 – December 2025) required quarterly reporting on embedded carbon only, with no financial payment. The definitive phase begins 1 January 2026: importers must purchase CBAM certificates corresponding to the embedded carbon in their imports.
EU-authorised CBAM declarants must register and submit annual declarations. The financial exposure depends on the EU ETS carbon price (currently €60–75/tonne) and the volume of covered imports. Firms advising manufacturing or trading clients importing CBAM goods need to assess current reporting compliance, estimate financial exposure, and support CBAM authorised declarant registration where needed.
The FASTER Directive (Directive 2024/3018/EU, adopted December 2024) aims to make withholding tax relief procedures faster and more efficient for cross-border investors in EU member states. Currently, reclaiming excess withholding tax on dividends and interest is slow, costly and paper-based — creating a significant barrier for cross-border investment.
FASTER introduces a common EU digital tax residence certificate, a fast-track relief at source procedure (where the withholding is reduced or eliminated at the point of payment), and a quick refund procedure if full relief is not applied at source. Financial intermediaries including large custodians and brokers will be required to act as certified financial intermediaries and implement the new procedures. Member states must transpose by 31 December 2028, with application from 2030.
ATAD1 (Directive 2016/1164/EU) introduced five anti-avoidance measures across all EU member states: interest limitation rules (30% EBITDA cap), exit taxation, general anti-abuse rule (GAAR), CFC rules, and hybrid mismatch rules. ATAD2 (Directive 2017/952/EU) extended and strengthened the hybrid mismatch provisions to cover third-country mismatches and reverse hybrids.
These are now fully transposed and in force. The ongoing advisory focus is on application to specific client structures — particularly interest deductibility for acquisitions, cross-border reorganisations triggering exit tax, and CFC charges on low-taxed foreign subsidiaries. Transfer pricing documentation requirements under local implementations of OECD BEPS Actions 8-10 and 13 (CbCR, Master File, Local File) continue to evolve.
EU Audit — Key Regulatory Developments
EU audit regulation is evolving on two parallel tracks: sustainability assurance becoming mandatory under CSRD/ISSA 5000, and a review of the core statutory audit framework that has been in place since 2014. Member firms need to track both to stay ahead of engagement acceptance, quality management, and scope changes.
ISSA 5000, issued by the IAASB in November 2024, is the global standard for sustainability assurance engagements. Under CSRD, Wave 1 companies (large PIEs with >500 employees) publishing their first sustainability statements in 2025 require limited assurance from an independent assurance provider. ISSA 5000 is the standard under which that assurance is conducted, effective for periods beginning on or after 15 December 2026 (early application encouraged).
The CSRD framework does not require auditors specifically — it is open to all assurance practitioners meeting competency requirements. However, statutory auditors and audit firms are well-positioned and have a head start on engagement infrastructure. The EU has also indicated a pathway to reasonable assurance in approximately 2028–2030 for Wave 1 companies, making investment in ISSA 5000 capability urgent.
EU-specific considerations include the interaction with ESRS (the reporting framework against which assurance is provided), the role of national professional bodies in setting competency requirements, and the European Supervisory Mechanism coordination between national competent authorities.
ISQM 1 (firm-level quality management) and ISQM 2 (engagement quality reviews) replaced the old ISQC 1 and ISA 220 framework effective 15 December 2022. The shift from a policies-and-procedures approach to a risk-based system of quality management represents a fundamental change in how audit firms design and operate their quality management systems.
In the EU, transposition and adoption vary by member state. Some jurisdictions have formally adopted ISQM 1 & 2 by reference; others have issued national equivalents. All EU member states are expected to have national quality management standards aligned with ISQM 1 & 2, though the precise effective dates and local modifications differ. The January 2026 IAASB narrow-scope amendments (arising from the IESBA External Experts project) also affect ISQM 1 and 2, effective for periods beginning on or after 15 December 2026.
The core EU audit framework — Audit Regulation 537/2014 (PIE audits) and Audit Directive 2006/43/EC (all statutory audits) — has been in place for over a decade. The European Commission has been conducting a review of this framework, examining whether the rules remain fit for purpose in light of audit quality concerns, market concentration among the Big Four, and the emergence of sustainability assurance.
Key areas under consideration include the definition of Public Interest Entities (PIEs), mandatory firm rotation (currently a maximum 10-year initial period, 24 years with retendering), non-audit services restrictions for PIE auditors, joint audit, audit committee requirements, and the role of the competent authority oversight structure. A legislative proposal is expected in 2026.
The Committee of European Auditing Oversight Bodies (CEAOB) coordinates audit oversight across EU member states and facilitates cooperation between national competent authorities. For Abacus member firms with audit practices, CEAOB activity is relevant because it drives convergence in oversight standards, transparency reporting requirements, and inspection methodologies across jurisdictions.
CEAOB has been developing guidance on ISSA 5000 implementation from an oversight perspective and coordinating with ESMA and the European Supervisory Authorities on the intersection of audit and sustainability disclosure oversight. Annual transparency reports and firm inspections are conducted at national level but informed by CEAOB standards.
EU Accounting — Key Regulatory Developments
The EU accounting landscape in 2025–2026 is dominated by the CSRD/ESRS sustainability reporting rollout and the Omnibus simplification package. The intersection of financial and sustainability reporting is creating new demands on accounting functions — firms advising on financial reporting need to track both tracks simultaneously.
⚡ Omnibus Package — Major CSRD Scope Reduction
The EU Omnibus package (Stop-the-clock Directive, adopted April 3, 2025) significantly reduces CSRD scope — from approximately 50,000 companies to approximately 5,000. The revised threshold is 1,000 employees and €450m net turnover. Wave 2 and Wave 3 reporting has been delayed. ESRS is being revised to reduce mandatory datapoints. Review your client list immediately — many previously in-scope companies are now out of scope under the revised rules.
The Corporate Sustainability Reporting Directive (CSRD, Directive 2022/2464/EU) replaced the NFRD and dramatically expanded the scope of mandatory sustainability reporting in the EU. Wave 1 companies (large PIEs with >500 employees) published their first CSRD-compliant reports in 2025 for FY2024. These reports must comply with the European Sustainability Reporting Standards (ESRS) and include a double materiality assessment.
The Omnibus simplification package (adopted April 2025) has significantly changed the trajectory. The Stop-the-clock Directive delays Wave 2 (FY2025 large EU companies) and Wave 3 (FY2026 listed SMEs) by two years. The revised CSRD threshold is 1,000 employees and €450m turnover — removing most medium-large companies from mandatory scope. A delegated act revising the ESRS to reduce mandatory datapoints is expected by end of 2025.
Non-EU companies with more than €150m EU turnover and an EU subsidiary or branch remain in scope from FY2028 — this remains unchanged and highly relevant for Abacus members' non-EU clients with EU operations.
The twelve ESRS (ESRS 2 cross-cutting + E1-E5 environmental + S1-S4 social + G1 governance) form the mandatory reporting framework for CSRD-in-scope companies. ESRS 2 (General Disclosures) is mandatory for all in-scope entities regardless of materiality. All other standards apply on a materiality basis following the Double Materiality Assessment (DMA).
The Omnibus package has triggered a revision of the ESRS delegated act. The Commission has committed to reducing the number of mandatory datapoints significantly, with a revised delegated act expected as soon as possible and at the latest six months after the Omnibus Directive enters into force. EFRAG is supporting the revision process. Sector-specific ESRS, originally expected from 2026, have been indefinitely delayed.
EFRAG's Q&A platform continues to publish guidance on ESRS application questions — currently one of the most practically useful sources for firms supporting CSRD compliance work.
The EU Taxonomy (Regulation 2020/852/EU) is the EU's classification system for environmentally sustainable economic activities. Companies in scope for CSRD must disclose what proportion of their turnover, capex and opex relates to Taxonomy-aligned activities. The Taxonomy currently covers climate change mitigation and adaptation, with delegated acts also covering water, circular economy, pollution prevention, and biodiversity (the remaining four environmental objectives).
A key accounting challenge is the Technical Screening Criteria (TSC) and Do No Significant Harm (DNSH) assessments required to demonstrate Taxonomy alignment. These require significant data collection and judgement. The Omnibus package has proposed targeted simplifications to Taxonomy disclosure requirements, including allowing partial alignment disclosures and reducing the complexity of TSC assessments for certain activities.
The EU endorses IFRS Standards issued by the IASB for use in consolidated financial statements of EU-listed companies under the IAS Regulation (EC 1606/2002). The IAS Regulation itself is under review — the European Commission is consulting on whether it remains fit for purpose, particularly regarding the endorsement process speed, interaction with ESRS, and whether EU-specific carve-outs should be revised.
Key upcoming standards: IFRS 18 (Presentation and Disclosure in Financial Statements, replacing IAS 1) is effective 1 January 2027 and represents the most significant change to income statement presentation in decades — the new subtotals (operating profit, investing income, financing costs) will require system changes for most reporters. IFRS 19 (Subsidiaries without Public Accountability) provides an optional reduced disclosure framework for eligible subsidiaries.
EU Legal — Key Regulatory Developments
EU legal regulation is generating new advisory demands across corporate sustainability due diligence, artificial intelligence compliance, anti-money laundering, and data protection. Law firm members and accounting firms with legal advisory practices need to track these developments both for their own compliance and for client advisory work.
The Corporate Sustainability Due Diligence Directive (Directive 2024/1760/EU) entered into force on 25 July 2024. It requires large companies to identify and address adverse human rights and environmental impacts in their own operations, subsidiaries, and value chains. Companies must also adopt a climate transition plan aligned with the Paris Agreement.
The Omnibus package has significantly simplified and delayed the CSDDD. The transposition deadline has been extended to July 2026 (one year delay). Entry into application is now in three waves: Wave 1 from July 2027 (>5,000 employees, >€1.5bn turnover), Wave 2 from 2028 (>3,000 employees, >€900m), Wave 3 from 2029 (>1,000 employees, >€450m). The scope of value chain due diligence obligations has been narrowed — full chain DD is no longer required, focusing instead on established business relationships.
The civil liability provisions — a key feature of the original directive — remain in place, though the conditions for liability have been modified. For law firms, CSDDD creates significant advisory work: contract reviews, supplier questionnaire frameworks, grievance mechanism design, and SPA warranty guidance.
The EU AI Act (Regulation 2024/1689/EU) entered into force on 1 August 2024. It establishes a risk-based framework for AI systems: prohibited AI practices (banned from 2 August 2025), high-risk AI systems (stricter requirements from 2 August 2026), and limited/minimal risk systems (lighter touch). General-purpose AI (GPAI) models — including large language models — face specific obligations from 2 August 2025.
For professional services firms, the AI Act creates obligations on two levels. First, as deployers: firms using AI tools in client-facing work (automated legal research, AI-assisted audit procedures, tax calculation engines) must assess whether the tools constitute high-risk AI and implement appropriate governance, human oversight, and transparency measures. Second, as advisors: clients deploying AI in HR, credit scoring, critical infrastructure, or biometric systems need legal and compliance support for AI Act compliance programmes.
The AI Office (established within the European Commission) is the primary supervisory body for GPAI models. National market surveillance authorities supervise deployers of high-risk AI systems. Penalties reach up to €35m or 7% of global turnover for prohibited practices violations.
The EU's sixth-generation AML package is the most comprehensive overhaul of anti-money laundering rules since the first directive in 1991. It consists of three instruments. The AML Regulation (AMLR, 2024/1624/EU) directly replaces much of the current directive-based framework with a directly applicable regulation, eliminating transposition differences between member states. It covers enhanced due diligence, beneficial ownership, PEPs, correspondent relationships, and crypto-asset obligations. Application from 2027.
The 6th AML Directive (AMLD6, 2024/1640/EU) covers national FIUs, supervisory authorities, and member state-level implementation. Transposition deadline is July 2027. The Anti-Money Laundering Authority (AMLA) is a new EU supervisory body based in Frankfurt, became operational in 2025 and will directly supervise the highest-risk financial entities from 2028.
For accounting and law firms: the AMLR maintains and strengthens the existing AML/CTF obligations for professional services. Client due diligence, beneficial ownership verification, suspicious activity reporting, and record-keeping requirements all continue with updated and harmonised rules. The AML Regulation's crypto provisions are particularly relevant for firms with clients in digital assets.
The GDPR (Regulation 2016/679/EU) remains the foundational EU data protection framework. While the regulation itself has not changed, enforcement has intensified significantly — cumulative fines across EU supervisory authorities have exceeded €4 billion since 2018, with large single fines becoming increasingly common (Meta, LinkedIn, TikTok). National DPAs are also pursuing systemic investigations into sectors including HR data, adtech, and AI systems.
The most active 2025–2026 enforcement themes are: AI systems and GDPR legal basis requirements (particularly for GPAI training data); employee monitoring and workplace surveillance; international data transfers following the EU-US Data Privacy Framework (adequacy decision July 2023) which remains subject to legal challenge; and the new data portability and right to explanation requirements being tested in connection with automated decision-making.
For professional services firms: GDPR compliance in the context of AI tool deployment (see EU AI Act above) is a growing advisory area. Client personal data handled in audit, tax, and legal work must have a valid legal basis and appropriate safeguards — with transfer impact assessments required for any processing involving non-EEA countries without adequacy decisions.
Key EU Regulatory Deadlines — 2025–2029
Consolidated deadline timeline across all four disciplines. Dates reflect the latest position following the Omnibus package. Always verify at source before advising clients — EU legislative timelines can shift.
EU Regulatory Hub — Downloads
Practice-ready templates and reference documents for Abacus member firms advising on EU regulatory matters. Upload PDFs via Settings → EU Hub Settings to activate download links.