The European Securities and Markets Authority (ESMA), the European Union’s financial markets regulator and supervisor, announced that cyber risk and digital resilience will remain central to its Union Strategic Supervisory Priorities (USSPs) for 2026.

The authority said it welcomed the strong initial engagement from National Competent Authorities (NCAs) across the bloc and called for continued efforts to strengthen the security and resilience of the EU’s financial system.

ESMA introduced cyber and digital resilience as a Union-wide supervisory priority in January 2025, aligning it with the entry into force of the Digital Operational Resilience Act (DORA).

According to ESMA, this alignment allows European supervisors to better coordinate efforts to reinforce information and communications technology (ICT) risk management while improving the overall digital resilience of securities markets across the EU.

Since the start of the new supervisory cycle, ESMA and national regulators have shown what the authority described as strong commitment to overseeing financial entities’ compliance with DORA through proactive monitoring and capacity building.

“Given the importance of securing a resilient financial sector, ESMA is calling on NCAs to keep up their efforts in 2026 to continue ensuring effective supervisory implementation across the EU,” the authority said.

It added that coordination between national authorities’ supervisory work and the DORA oversight framework would be essential to ensure consistent enforcement and effective protection against cyber threats.

The European watchdog also highlighted progress on environmental, social and governance (ESG) disclosures, which have been one of its strategic priorities since 2022.

Through 2025, ESMA and NCAs conducted intensive supervisory work on ESG transparency, which the authority said has been crucial in promoting consistent application of sustainability requirements throughout the EU’s investment ecosystem.

ESMA said this supervisory focus has guided and supported market participants in strengthening disclosure practices and integrating ESG principles into their operations.

Looking ahead to 2026, NCAs are expected to consolidate the progress achieved under the ESG disclosures priority and focus on high-risk areas to ensure compliance and reliability in sustainable finance reporting.

The authority added that during 2026, it will assess potential new topics in other areas that may require intensified supervisory work across the EU in future years.

The regulator emphasised that its strategy reflects a long-term commitment to reinforcing trust and resilience in the EU financial sector through close collaboration with national regulators and continued supervisory vigilance.