Core Tools
Infrastructure
Product previews
From zero to regulator-ready
See how ComplyBridge walks you through a full MiCA CASP application — from entity setup to final submission package.
See how it works →The only AI that knows your firm
Reasons across the live EU rulebook and your own policies, KYB data, UBOs, and integrations.
Explore capabilities →Banking · CRD VI + CRR III
The banking regime, operationalised .
Credit-institution authorisation reshaped the rulebook — 43 obligations across nine domains, layered on top of every existing EU framework a bank already runs. ComplyBridge tracks the policy and the limit, surfaces what overlaps with frameworks you already operate, and keeps the artefact set audit-ready between cycles. The calculation engine stays where it belongs: in your treasury and risk systems.
At a glance
43
Obligations tracked across the register
25 · 15 · 3
Authored documents · linked reuse · scaffolded deliverables
9
Domains: authorisation, governance, risk, AML/CFT, ICT, conduct, data & AI, resolution, reporting
CRD VI / CRR III application dates
From 1 January 2025 (CRR III) · 11 January 2026 (CRD VI)
Output floor phases in to 2030 · ESG risk integration ongoing
43 obligations. Nine domains. Two-thirds of them you already run.
Banking is the framework with the largest overlap surface in EU finance. A typical credit institution is already operating AML/CFT, DORA, GDPR, EU AI Act, MiFID II, and PSD2 — and 15 of the 43 CRD VI / CRR III obligations resolve to templates already shipped under those regimes. ComplyBridge surfaces the overlaps explicitly so you author 25 new documents, not 43.
The remaining work — credit risk policy, IRRBB, operational risk framework, ESG risk integration, fit-and-proper, governance, recovery and resolution — is where ComplyBridge does the heavy lifting. Each obligation maps to a monitored control with cadence, owner, and status. ICAAP, ILAAP, and the Recovery Plan get structured scaffolds; the partner populates the analysis.
What the banking module covers.
Policy-able and trackable obligations only. Quantitative prudential calculation is deliberately out of category — that's the job of your treasury and risk-systems stack.
Governance & authorisation
Programme of operations, qualifying holdings, fit-and-proper for key function holders under CRD Art 91 (CRD VI), three-lines-of-defence charter.
Risk policies
Credit risk, concentration, IRRBB, liquidity framework, operational risk — qualitative frameworks, not the underlying ratio engine.
ICAAP, ILAAP, Recovery
Structured scaffolds for the three periodic deliverables — process, governance, evidence, sign-off — populated with the bank's own analysis.
Conduct & consumer
MiFID II conduct suite, market abuse, mortgage credit, consumer credit (CCD2), payment accounts (PAD), complaints framework.
Resolution & DGS
Recovery plan lifecycle, resolvability cooperation, MREL position monitoring, depositor-information procedure under DGSD.
Supervisory reporting governance
COREP, FINREP, AnaCredit submission cycles — calendar adherence and data-quality sign-off, not the calculation pipeline.
What ComplyBridge does for you.
A credit institution juggles more parallel frameworks than any other regulated entity in EU finance. The product is built for that reality.
- 43-obligation register live from day one — domain, legal reference, cadence, owner, status.
- Overlap engine surfaces the 15 obligations satisfied by your existing AML/CFT, DORA, GDPR, AI Act, MiFID II, and PSD2 templates — no banking-specific clones, no duplicate authoring.
- Policies Generator emits 25 new authored documents (governance framework, credit risk policy, IRRBB, op-risk, ESG, conduct procedures, supervisory reporting) with the right parent-child structure.
- Structured scaffolds for ICAAP, ILAAP, and the Recovery Plan — process and evidence shell, your analysis goes inside.
- Tracker per obligation: review cadence, second-line owner (CCO / CRO / MLRO / CISO / DPO / CFO), status workflow, audit trail.
- Applicability filter against entity flags (lending, investment services, payment services, crypto, deposit-taking, retail, mortgage, consumer, uses AI in scope) so the register is always sized to the bank's actual profile.
Getting to a working banking obligations stack.
First six months get the register live and the policy pack authored. After that, the rhythm is cadence-driven — annual reviews, on-change notifications, periodic deliverables.
Ingest the register
All 43 obligations ingested under the banking namespace with cadence, default owner, and applicability flags from your entity profile.
Reconcile overlaps
The 15 link items resolve to your existing AML/CFT, DORA, GDPR, AI Act, MiFID II, and PSD2 templates — surface the gaps before authoring anything new.
Author the 25 + scaffold the 3
Generator produces the standalone policies + procedures with parent-child structure; ICAAP / ILAAP / Recovery shells await your analysis.
Operate the rhythm
Tracker drives annual reviews, on-change notifications, and the supervisory reporting calendar — board pack and JST-ready exports one click away.
Frequently Asked Questions
Common questions about Banking · CRD VI + CRR III and how ComplyBridge supports compliance.
No, and deliberately so. Prudential calculation lives in treasury and risk systems with the right data lineage and review controls. ComplyBridge tracks the policy and the limit — the framework, the cadence, the sign-off — and links to your calculation source for the underlying numbers. Trying to be both would make us bad at both.
Eight new authored policies (governance framework, fit and proper, risk management, three-lines-of-defence, remuneration, conflicts of interest, ESG risk, credit risk), eleven authored procedures (the conduct + reporting + resolution + authorisation set), three structured scaffolds (ICAAP, ILAAP, Recovery Plan), and the unified 43-obligation Tracker view. Everything else reuses what you've already deployed — no duplicate authoring, no duplicate cadence.
The obligations register is live today as reference data — browseable, applicability-filterable, and ready to seed the Tracker the moment a banking client onboards. Per-firm state, the policy authoring engine, and the Reports framework card light up alongside the first banking design partner. CRD VI applies from 11 January 2026; we're sized to be ready well ahead of that for the institutions we're talking to.
ComplyBridge produces the artefacts the supervisor expects to see — Pillar 3 disclosure governance, board attestations, recovery plan, ICAAP and ILAAP documents — at the cadence the rulebook prescribes. Reporting submission itself stays with your existing COREP / FINREP / AnaCredit pipeline; we track the calendar, sign-off, and data-quality controls around it, not the wire format.