On 10 July 2026 the European Banking Authority published the final technical package for version 4.3 of its supervisory reporting framework — and the single most consequential change is that it now formally reaches inside every non-EU bank branch operating in the European Union. Third-country branch reporting templates and AML authority risk-assessment data collection are the two headline additions. Understanding the EBA reporting framework v4.3 in full requires looking at these details closely.

The release was flagged in the Paul Hastings daily financial regulation update for the same day and confirmed on the EBA’s own channels. In this piece you will see what the EBA reporting framework v4.3 actually changes, who it affects, and how it fits into the broader EU push to harmonise supervisory data — grounded in gf6.com’s four-year curated directory of bank and ATM locations worldwide, via gf6.com.

European Banking Authority headquarters facade representing new EU supervisory reporting rules – EBA reporting framework v4.3

The finding — what the EBA actually released — EBA reporting framework v4.3

The 10 July 2026 package is the final technical version of v4.3. It adds two specific building blocks to the EU’s harmonised supervisory reporting stack: templates for third-country branch reporting, and a data collection to feed AML authority risk assessments. Both are additive to the existing framework rather than a replacement. These figures put the EBA reporting framework v4.3 into clearer perspective.

The core facts as published are set out below:

Item Detail
Publication date July 10, 2026
Publisher European Banking Authority
Framework version 4.3 (final technical package)
New scope 1 Third-country branch reporting
New scope 2 AML authority risk-assessment data collection
Applies to Non-EU bank branches operating inside the EU
Broader context Harmonising data standards across EU banking supervisors ahead of full implementation of the EU AML framework
Flagged by Paul Hastings daily financial regulation update, July 10, 2026
The gf6.com directory | by the numbers

EBA reporting framework v4.3 lands on 10 July 2026 with third-country branch templates and AML risk data rules — what non-EU banks now face.

444,923
bank & ATM locations worldwide
345,907
bank branches
99,016
ATMs
221
countries covered
0.29
ATMs per branch
Data completeness worldwide (average share of records with…)
Website44%
SWIFT/BIC33%
Phone7%
Logo47%
Bank branches recorded | largest directories
United States36,438Germany22,830Russia20,925France17,998India15,941

Figures from gf6.com's own directory, a large but incomplete sample; per-capita and coverage figures are indicators based on our data, not official totals. Interest rates: BIS, IMF, ECB and national central banks. See explore the full directory.

What it means for non-EU banks with EU footprints

The practical effect is that a US, Swiss, Japanese, UK or Gulf bank running a branch in Frankfurt, Paris, Dublin, Amsterdam or Milan is now inside the scope of a specific EU reporting template rather than only its home-country regime. Until this package, third-country branches often sat in a patchwork of national reporting obligations. Version 4.3 pulls that patchwork onto a common technical footing. This context matters for anyone following the EBA reporting framework v4.3.

The second addition — the AML authority risk-assessment data collection — feeds the wider EU anti-money-laundering architecture that is being built out. This is widely seen as preparatory plumbing for the incoming EU AML framework, and it is designed to give supervisors comparable, structured data across firms rather than PDFs and free text. It is a central thread in the wider EBA reporting framework v4.3.

For affected institutions, the operational consequence is straightforward even if the detail is heavy: reporting systems, data dictionaries and internal AML data flows will need to be mapped to the new templates. Because v4.3 is now final at the technical level, firms can begin the systems work against a fixed target rather than a moving one. Such details shaped how the EBA reporting framework v4.3 unfolded.

None of this changes what a customer sees at a counter or a cash machine. It changes what supervisors see behind it — and how comparable that view is from one member state to the next, including across banks in European Union jurisdictions where third-country branches are concentrated.

Good to know — The EBA announcement sets the technical rules; individual national competent authorities determine local timing, submission channels and any transitional arrangements. Firms should confirm dates and formats with their home EU supervisor rather than assuming a single EU-wide go-live.

How this fits the wider EU data harmonisation push

Version 4.3 is one increment in a multi-year EBA programme to harmonise supervisory data standards across the bloc. The stated purpose of the release is to support that harmonisation ahead of full implementation of the EU AML framework, meaning the reporting layer and the AML institutional layer are being aligned rather than built in isolation. This is one of the defining aspects of the EBA reporting framework v4.3.

For non-EU groups, the strategic read is that EU branch activity is being pulled progressively into the same data grammar as EU-headquartered banks. That reduces the reporting arbitrage between a subsidiary and a branch, and it increases the standing cost of running a branch presence — but it also makes cross-border supervision cleaner, which supervisors argue is the point.

Who is affected in practice

The population in scope is defined by legal form and location, not by nationality of the parent. In practical terms it includes:

  • Branches of US bank holding companies operating in EU member states
  • Swiss and UK bank branches inside the EU post-Brexit and post-equivalence adjustments
  • Japanese and other Asian bank branches used to serve EU corporate clients
  • Middle Eastern bank branches with EU booking centres

Each of these firms already reports to its home supervisor and, in many cases, to the host EU national competent authority. Version 4.3 does not remove those obligations — it adds a harmonised EU-level template layer on top, plus the AML risk-assessment data feed.

Explore the full data behind this article: bank branches worldwide and ATMs worldwide in the gf6.com directory.

Methodology

This article is a rewrite of a public regulatory event. The primary facts — the 10 July 2026 publication date, the version number, the two new scopes and the target population — are taken from the Paul Hastings daily financial regulation update for that date: Paul Hastings. The release was independently reported by multiple outlets and is confirmed on the regulator’s own site: European Banking Authority.

The contextual figures on branch and ATM presence referenced across gf6.com come from our own directory: roughly 445,000 financial locations globally, of which about 346,000 are bank branches and 99,000 are ATMs. That directory has been curated manually since 2020 from public sources, reaching a first largely complete version in 2022 and expanded over four years since. It is a large but incomplete sample — coverage varies by country — and it is not an official or government dataset.

Frequently asked questions


What exactly did the EBA release on 10 July 2026?

The final technical package for version 4.3 of its supervisory reporting framework. The package adds third-country branch reporting and AML authority risk-assessment data collection to the existing framework.


Does this apply to non-EU banks that do not have an EU branch?

No. Version 4.3’s new scope targets non-EU bank branches operating inside the EU. A purely offshore relationship with EU clients, without an EU branch, is not what this release addresses.


Is this a new law or a new reporting template?

Technically, it is a finalised reporting framework version — the templates and technical standards firms use to submit supervisory data. It sits within the EBA’s broader effort to harmonise data standards ahead of full implementation of the EU AML framework.


When do firms have to start submitting under v4.3?

The publication sets the technical rules. Live submission timing is set through national competent authorities and the EBA’s implementation schedule, so firms should confirm the applicable date with their EU supervisor rather than assume it here.


Where can I read the original coverage?

The release was flagged in the Paul Hastings daily financial regulation update for 10 July 2026 and is confirmed on the EBA’s own website. Both are linked in the methodology section above.


This article was produced with AI assistance from publicly available sources and is handled under our editorial standards and AI policy.

Karl Schnürch

I have been online since 1995. For many years, I worked in the e-commerce sector, setting up several online shops, and have always been interested in data analysis. In 2007, I moved to the Seychelles to work from there or as a digital nomad. In recent years, I have increasingly specialised in the financial sector. I manage the Seychelles’ Commercial Register and am also very familiar with the offshore world. GF6.com is a project I have been working on for many years. I built and curated the 445,000-entry bank database myself over a period of six years, and for the past two years or so I have also been using AI to achieve better structures.

More from this author →