The European Commission (EC) is moving forward with a legislative package designed to make EU digital regulation simpler and easier to follow. Known as the Digital Omnibus, the initiative forms part of the Simpler and Faster Europe agenda.
Its aim is to cut complex overlaps within Europe’s digital rulebook, while still protecting data privacy and cybersecurity. The ambition is to remove unnecessary admin, improve consistency and boost competitiveness across the financial sector and wider digital economy, said Moody’s.
At its core, the Digital Omnibus is not a rollback of regulation. Instead, it consolidates and harmonises existing obligations, giving organisations clearer guidance on how to meet requirements. The EC has signalled that the proposal will rationalise key digital frameworks, including the GDPR, AI Act, Data Act, NIS2 Directive, ePrivacy Directive, Data Governance Act, Cyber Resilience Act and Cybersecurity Act. The intention is to merge duplicated rules, remove ambiguity and ensure that similar obligations are aligned across instruments.
A central proposal is to integrate the Data Governance Act and Open Data Directive into a single Data Act. Incident reporting and cybersecurity obligations would also be streamlined across NIS2, DORA and the Cyber Resilience Act. Similarly, the EC wants to create consistency between requirements in the AI Act and GDPR. The Commission’s initial evidence-gathering phase, which closed in October 2025, focused heavily on proportionality and outcome-based regulation. The plan aims to reduce administrative and reporting burdens by 25% for all organisations and 35% for SMEs by 2030.
Industry support has been visible from groups such as the Data and Technology for Compliance (DT4C) Alliance, which counts Moody’s among its founding members. DT4C views simplification as a driver of digital transformation. Its recommendations prioritise clarifying GDPR’s legitimate interest basis for AML and fraud checks, encouraging interoperable APIs and digital identity tools, and preventing duplicated obligations across AI, AML and cybersecurity rules.
From a supervisory perspective, the European Banking Authority (EBA) has also been pursuing simplification, although within prudential frameworks rather than digital law. Recently, the EBA has been refining reporting requirements, streamlining resolution planning and reducing data requests for small and non-complex institutions. It has proposed digitalising the Single Rulebook in order to establish a public data repository, finally tackling multiple data requests from different supervisory bodies.
While the Digital Omnibus seeks horizontal simplification across digital rulemaking, the EBA is targeting regulatory efficiency in the banking system. Both efforts point to a similar outcome: fewer duplicative processes, greater predictability and regulation that supports innovation rather than hindering it. For financial institutions and technology providers, the EC’s proposals could reduce compliance workloads, accelerate new product delivery and support the EU’s position as a competitive digital marketplace.
Copyright © 2025 RegTech Analyst
Copyright © 2018 RegTech Analyst
