European Banking Authority – EBA: new package 4.2 for DORA reporting.

The European Banking Authority (EBA) has published the final technical package for version 4.2 of its supervisory reporting framework , with application from December 2025. This is an important step because it effectively closes the transition to the new DPM 2.0 data model and the related semantic glossary, i.e. the standard "vocabulary" with which all European banks must represent and transmit supervisory data. In practice, instead of each intermediary "speaking its own language" in the reporting layouts, the EBA imposes a uniform and clearer data structure, based on the Data Point Model (DPM) and XBRL taxonomies, so that the national authorities and the EBA itself can read and compare the information in a homogeneous way.

Package 4.2 contains standard technical specifications that intermediaries will have to use to comply with various reporting obligations under EU law. Firstly, it makes DPM 2.0 fully operational on all reporting modules, with the exception of the part related to the DORA regulation on digital operational resilience, which will be postponed to version 4.3. In addition, it transposes the Technical Implementation Standards (ITS) on the reporting of instant payments, linked to the new SEPA framework: payment service providers will be required to report structured data on expenses, transactions and wastes, with harmonised traces, to the competent national authorities. Another block concerns the planning of bank resolution, with a revision of the ITS to strengthen the quality and granularity of the data that resolution authorities must collect in view of possible interventions on intermediaries in crisis. On the operational risk front, the package updates the COREP modules in line with the new CRR3/CRD6 package (the reform of EU capital requirements), with a specific focus on own funds to hedge operational risk. The technical rules for the transmission to the EBA of MREL decisions, i.e. the minimum requirements for own funds and liabilities subject to bail-in, are also updated, and data collection for market risk supervisory benchmarking is scaled down, limiting it to banks that use the so-called alternative standardised approach (ASA).

The final version of package 4.2 follows a draft version published in September 2025 and incorporates comments received from operators and authorities during the technical consultation. It is part of a process that began as early as June 2024, when the EBA illustrated the DPM 2.0 implementation plan, and continued with FAQs dedicated to the transition, updated in December 2024, which explain in detail not only the restructuring of the data model, but also fine-tuning changes to the templates and validation rules. In essence, version 4.2 is not just a "technical update", but the moment in which the new information model becomes the stable reference for the entire European prudential reporting.

From an operational point of view, for banks and other obliged entities the message is twofold. On the one hand, regulatory complexity does not decrease: flows on instant payments, resolution, operational risk and MREL are introduced or updated, which require non-trivial adjustments to internal data collection and quality systems. On the other hand, the complete transition to DPM 2.0 offers the opportunity to rationalize the internal "data factory", because the language required by the EBA is now more coherent, semantic and reusable across the board. The EBA also reports the possibility of a targeted corrective action (a so-called "hotfix") in the week of 5 January 2026, to quickly manage any critical issues that emerged in the early stages of implementation, without waiting for a new release cycle. For intermediaries, this means that the adaptation work does not end with the entry into force in December, but requires continuous monitoring of technical updates and application interpretations, in a context in which compliance with reporting requirements is increasingly closely linked to the ability to govern data at the group level.