CryptaCount
EN
EnglishENDeutschDEEspañolESFrançaisFRItalianoIT日本語JA한국어KONederlandsNLPolskiPLPortuguêsPT
Log in Start Free

ECB Streamlines IRB Model-Change Approval: What EU Banks Must Do Before October 2026

CryptaCount Editorial · · 7 min read
ACCOUNTING STANDARDS ECB Streamlines IRB Model-ChangeApproval: What EU Banks Must Do BeforeOctober 2026

The European Central Bank is changing how it approves material changes to internal models used by IRB banks, and the new regime starts on 1 October 2026. The headline benefit is a faster path to implementation, but that speed comes with a hard condition: credible, substantive sign-off from internal control functions. Banks that treat this as a rubber-stamp exercise will find supervisory scrutiny has not diminished, it has simply shifted.

What the ECB Actually Announced

The Core Change to IRB Supervision

On 30 March, the ECB announced its intention to streamline approval of material changes to the internal models (IMs) that IRB banks use to calculate risk-weighted exposure amounts (RWEAs). From 1 October 2026, banks will be able to implement material model changes shortly after submitting a completed application package, rather than waiting for the ECB to complete its assessment and conduct an on-site internal model investigation (IMI). Put simply, a material model change will no longer automatically trigger an IMI before implementation.

On the same day, the European Banking Authority published proposed revisions to the regulatory technical standards (RTS) on material model changes. Those revisions are designed to reduce the number of changes that qualify as material, by placing greater weight on quantitative thresholds and narrowing the scope of qualitative criteria. The revised RTS still requires EU endorsement and will only take effect after publication in the Official Journal, so the October start date applies to the ECB's supervisory process change, not the EBA materiality revisions.

Two Important Caveats Banks Must Not Miss

The streamlined path is not unconditional. Two significant carve-outs apply:

  • The ECB will apply a temporary floor to any RWEA reduction resulting from a model change, until a dedicated IMI has been completed after implementation.
  • For what the ECB labels "sensitive cases", the standard approval process, including a dedicated IMI, remains available to Joint Supervisory Teams (JSTs). Because "sensitive cases" is not precisely defined, JSTs retain meaningful discretion, particularly where a bank's internal control track record has been unsatisfactory.

The Internal Control Condition Is the Whole Point

What Credible Confirmation Actually Means

The faster approval route is contingent on an internal control function, Internal Audit or an Independent Validation Unit, formally confirming that the model change complies with applicable regulation and is ready for implementation. The ECB's expectation is that this goes well beyond a sign-off letter. Based on how supervisors have signalled their intentions, the confirmation will need to demonstrate a thorough review of compliance with regulation, ECB guidelines, and supervisory expectations, supported by evidence of the staff, skills, experience, and resources that make the confirmation credible.

Banks that currently operate a light-touch or formulaic validation process will need to upgrade both capacity and seniority within their internal control functions before October. A formal statement without substantive analysis behind it is unlikely to satisfy JSTs, and a weak confirmation could result in the ECB reverting to the standard process or, worse, an ex-post IMI that generates material findings and requires the reversal of implemented changes.

Where Supervisory Risk Has Not Gone Away

The ECB has been explicit that streamlining supervision does not mean reducing scrutiny. JSTs are expected to concentrate their investigative focus on higher-risk model changes, banks with previous IM-related findings, and institutions whose models show outlier behaviour in horizontal analysis. In practice, this means supervisory resources are being reallocated rather than reduced. Banks with persistent weaknesses in data quality, governance, or internal controls may find that the new regime actually increases the scrutiny they face, since those weaknesses disqualify them from the streamlined path and flag them as candidates for standard review.

The risk of an IMI conducted after a model change has been implemented, which could force extensive remediation and even reversal of the change, is real. That supervisory risk needs to sit inside a bank's model risk management framework, not just its compliance calendar.

What Banks Should Do Before October 2026

Five Practical Priorities

The time between now and 1 October is short. Banks that want to benefit from the streamlined approach should focus on the following areas:

  • Remediate existing findings first. Any outstanding findings related to governance, data quality, or model performance should be addressed before a bank attempts to use the faster path. JSTs will look at track record, and open findings are a red flag.
  • Upgrade internal control capacity. Internal Audit and validation units need the seniority, technical depth, and bandwidth to issue substantive, well-evidenced confirmations. Shifting from a sign-off culture to an analysis-based one takes time and resourcing investment.
  • Engage JSTs early and proactively. The ECB is unlikely to make isolated, point-in-time decisions on each application. Banks that open constructive dialogue with their JSTs before submitting an application, clarifying classification and signalling readiness, will be better placed to use the streamlined route and plan supervisory and internal workstreams more effectively.
  • Sequence model change submissions strategically. Not every model change is equally suited to the faster path. Banks should prioritise changes that combine clear upside benefits with strong internal readiness and a low probability of triggering an IMI after the fact.
  • Consider third-party support where gaps exist. Independent technical support for model change submissions or internal control function strengthening can be a practical bridge while banks build internal capability, provided that support is substantive rather than cosmetic.

The Broader Context for EU Banks and Accounting Teams

For accounting and finance teams at IRB institutions, the ECB's changes intersect with a busy regulatory calendar. The same period has brought significant structural shifts across EU financial services supervision, including the expiry of MiCA transitional arrangements and new ESMA guidance on crypto-asset classification, which are covered in our articles on MiCA transitional period expiry and mandatory CASP authorisation and ESMA's MiCA white paper exemption clarifications. While IRB model governance sits in a different regulatory lane, the underlying theme is consistent: EU supervisors are consolidating and concentrating scrutiny on institutions that cannot demonstrate robust internal processes.

For CFOs and heads of regulatory reporting, the practical implication is that model risk management is no longer purely the preserve of the risk function. The credibility of an internal control confirmation will depend partly on the quality of underlying data, governance documentation, and audit trails, all of which touch finance and accounting operations. Institutions that have invested in clean, well-governed data infrastructures will find it easier to support the substantive confirmations the ECB requires.

Key Dates and Conditions at a Glance

ECB IRB Model Change Reform: Summary
Element Detail
ECB streamlined approval start date 1 October 2026
EBA revised RTS on materiality Subject to EU endorsement and Official Journal publication; date not yet confirmed
Condition for faster approval Credible confirmation from Internal Audit or Independent Validation Unit
RWEA floor Applies to any reduction arising from model changes until post-implementation IMI is complete
Sensitive cases Standard process, including IMI, retained at JST discretion; no precise definition published
IMI focus going forward Higher-risk changes; banks with previous findings or outlier model behaviour

Frequently Asked Questions

From 1 October 2026, can any IRB bank use the faster model change approval route?

Not automatically. The streamlined path is available to banks whose internal control function, Internal Audit or an Independent Validation Unit, can issue a credible, substantive confirmation of compliance and implementation readiness. Banks with open supervisory findings, data weaknesses, or thin internal control capacity may find JSTs direct them to the standard process instead.

Will the EBA's revised materiality RTS also apply from October 2026?

No. The EBA's proposed revisions to the RTS on material model changes are still subject to EU endorsement and must be published in the Official Journal before they take effect. The October date applies only to the ECB's supervisory process changes.

What is a "sensitive case" under the new regime?

The ECB has not published a precise definition. JSTs retain discretion to classify a model change as sensitive and apply the standard process, including an on-site IMI. Banks with a history of unsatisfactory internal control performance should assume a higher likelihood of being treated as sensitive cases.

What happens if an IMI conducted after implementation identifies material problems?

The ECB could require extensive remediation and, in serious cases, the reversal of the implemented model change. This ex-post supervisory risk is one of the most significant practical considerations for banks deciding which changes to submit under the streamlined route.

How should accounting and finance teams engage with this change?

Finance and accounting operations contribute to the data quality, governance documentation, and audit trails that underpin a credible internal control confirmation. CFOs and heads of regulatory reporting should ensure their teams understand the data and documentation requirements and are coordinated with the risk and validation functions that will issue the formal confirmations.

Source: KPMG ECB Office

EUGeneralEffectiveAccounting Standards

Related articles

Accounting Standards
AMF Finalises Transparency Directive Transposition: Disclosure Rules Now in Force
Accounting Standards
Crypto Audit Software: Poland Accounting and Audit Requirements Explained
Accounting Standards
Crypto Audit Software: Meeting Switzerland's Accounting Requirements
Accounting Standards
DAC8 Reporting and Crypto Financial Reporting Standards: What Firms Need to Know