ESMA's Final Report On Management Bodies: What Boards Need To Prioritise Now

ESMA has finalised its principles for supervising the management bodies of entities under its direct remit. Although the document is framed as guidance, it will shape ESMA's day-to-day supervisory dialogue. Boards should treat this as an actionable governance checklist.

What ESMA has done – and who it applies to

On 15 October 2025, ESMA published its Final Report on Supervisory Expectations for the Management Body. The report consolidates its governance expectations into 12 principles and replaces the more granular approach proposed during consultation.

The expectations apply to entities directly supervised by ESMA, including: critical and recognised third-country benchmark administrators, Tier 2 third-country CCPs, credit rating agencies, data reporting service providers, securitisation repositories and trade repositories.

ESMA will begin incorporating these expectations into supervisory interactions three months after publication. For groups with both ESMA-supervised and MiFID/UCITS/AIFM entities, the document inevitably becomes a wider benchmark.

The core themes across the 12 principles

Rather than rules, ESMA focuses on outcomes. Three themes dominate:

1. Strategy, risk and accountability

Boards must set and oversee strategy, retain ultimate accountability and exercise effective challenge even when a parent group drives decisions. ESMA is clear that local boards cannot act as a formality. If group strategy conflicts with regulatory obligations, the local board is expected to intervene.

2. Culture, information flows and record-keeping

ESMA places notable emphasis on how boards shape culture, which is a key priority for other regulators, including the FCA. Key points include:

• Incentives and senior tone must reinforce compliant behaviour;
• Control functions must have direct, unfiltered access to the board;
• Reporting should be concise, risk-focused and decision-ready;
• Minutes must clearly capture challenge, escalation and follow-up.

As highlighted in the report, the role of the chair is to facilitate meaningful challenge and ensure board composition and skills remain fit for purpose.

3. Composition, diversity and board effectiveness

Boards should maintain a balanced mix of skills, actively promote diversity and conduct proportionate effectiveness reviews. ESMA also warns against individuals sitting on multiple boards within a group if it undermines their capacity to engage properly.

What firms should do now

Even though the report is guidance, ESMA intends to use it as the basis for future supervision.

Practical steps for boards include:

• Run a proportionate gap analysis against the 12 principles and associated guidance.
• Review board reporting to ensure it highlights real risks, not operational detail.
• Check access for compliance, risk and internal audit, especially where functions are group-level or outsourced.
• Assess board composition and time commitments across group entities.
• Formalise training and succession planning, maintaining evidence of their implementation.

For firms outside ESMA's direct remit, the principles still matter. Many market participants rely on ESMA-supervised infrastructures or have senior individuals sitting across in-scope entities. Regulators also tend to align over time, so these principles are likely relevant for more firms than are directly in scope.

Khadijah Hasan, Paralegal, also contributed to this article.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.