European Commission A new digital package, including a “Digital Omnibus” and an “AI Omnibus”, has been proposed to streamline and align elements of the EU AI Act, the GDPR, the Data Act and related digital rules. The goal is to ease overlapping obligations and make the implementation of high-risk AI requirements more practical and proportionate, while still preserving the EU’s high standards for the protection of privacy and fundamental rights.
For European financial institutions, this does not so much remove regulatory pressure as change its shape: firms are still required to evidence strong data governance, operational resilience and AI accountability to supervisors in all jurisdictions, but now against a moving target. This makes it more important to create platforms and partnerships that can absorb regulatory change and turn compliance capabilities into a sustainable source of competitive advantage.
The regulatory landscape: what we know – and what we don’t
Over the past several years, financial institutions have faced increasingly stringent compliance requirements. Under the original AI Act text, firms faced extensive obligations for documentation, risk management and third-party assessments, as well as significant potential penalties for non-compliance with high-risk AI requirements.
At the same time, GDPR enforcement, the EU Data Act and the Digital Operational Resilience Act (DORA) are all driving banks, insurers and investment firms as well as market-infrastructure providers towards more flexible architectures, stronger data-subject controls and demonstrable end-to-end governance.
Now, regulatory simplification is on the table. But history teaches that policy rarely moves in the same direction for long. Even though some obligations have reduced, new demands are emerging. These include enhanced data-switching rights under the Data Act, expanded portability mandate and strict cyber security requirements under DORA.
“Trust in AI starts with trust in your data, your lineage and your ability to consistently trust European supervisors and national competent authorities,” said Kim Hatton.
Looking back: what financial services have already achieved
Prior to these proposed changes, major financial institutions had already invested heavily in integrated data architectures, automated compliance workflows, and explainable AI models. Leading European institutions such as Santander Bank Polska, Rabobank, Raiffeisen, Erste Group and ABN AMRO use the Databricks Data Intelligence Platform to combine strong governance with rapid innovation. ¹
For example, santander bank polska Databricks uses the Unity Catalog to address critical governance challenges, while other well-known European banks use a Lakehouse framework for financial crime detection that maintains the clear data lineage and audit trails required by European supervisors and national competent authorities.
Rabobank similarly leverages the platform to enhance its compliance infrastructure with scope-based access controls and automated data governance.
These organizations have implemented sophisticated data-management models with multilevel governance. They have decentralized platform ownership to subsidiaries, enforced tenant-based separation within departments, and applied scope-based access controls for each use case. At Raiffeisen, this approach achieved remarkable results: a complex annual compliance report that once took 30 days can now be prepared in minutes, in a solution approved by European supervisors and national competent authorities in Central and Eastern Europe.
These companies didn’t just check compliance boxes; They transformed governance into a strategic enabler, reducing false positives, accelerating regulatory reporting and freeing up teams for higher-value work.
What’s New: Strategic Positioning for an Uncertain Future
The question now is not whether the rules will change, but how companies will adapt to the rules when they change.
“To deliver operational resiliency and personalized customer experiences, you will need to weave together intentional partnerships, a modern data fabric, and agentic AI,” said Cyril Sembler in 2025. Sibos conference in Frankfurt. This means investing in platforms built for continuous growth, not one-time projects.
Three Strategic Steps for Financial Services Leaders
Strategic Step 1: Integrate governance across the data lifecycle
A unified control plane for governance makes it easy to demonstrate consistent policy enforcement from ingest to analytics and AI, including access management, PII discovery, and lineage.
Rabobank Uses Unity Catalog to transition to a secure, audit-ready architecture, addressing significant regulatory challenges in credit analytics.
Strategic Step 2: Automating Compliance with AI Agents
Databricks Agent Brix helps companies build production-grade agents for tasks like compliance checks, fraud monitoring, and reporting in weeks instead of months, by combining governed data, governance controls, and LLM tooling in one platform.
Erste Group Bank AGOne of the largest retail banks in Central and Eastern Europe, has already taken this approach by building a Agent for AI Governance On the Databricks platform.
Showcased at the Data + AI World Tour in Munich, the bank replaced ticket-based processes with a conversational compliance AI assistant. Users can “just talk” and the system automatically structures, validates, and enriches their input for AI-governance stakeholders. It then produces reviewer-ready packets that cover EU AI Act obligations, security, data protection and architecture, while maintaining an auditable trail.
Strategic Step 3: Take advantage of strategic partnerships
Leading consulting companies are already driving these changes.
Deloitte is partnering with Databricks to help financial institutions build enterprise-grade platforms that support both immediate use cases and long-term strategic goals, combining integrated architecture with expertise in governance, cloud migration and advanced analytics.
Equally, a broad ecosystem of partners is helping institutions modernize legacy architecture, improve data quality, and safely scale AI – turning governance and compliance capabilities into long-term competitive advantages.
Databricks’ Technical Advantage: Built for Change
What sets Databricks apart is not just governance, but intelligent governance that adapts in real time. Unity Catalog’s automated data classification scans and categorizes sensitive data, including common PII types, as it is ingested, generating dashboards for audit trails. Liquid clustering dynamically reorganizes data to optimize query performance, reducing costs and manual maintenance.
The platform captures runtime data lineage down to the column level in all languages, enabling root-cause analysis and troubleshooting in real-time. For compliance-heavy industries, this means faster audits, clearer accountability, and greater agility when regulations change.
ABN AMRO, the third-largest bank in the Netherlands, overcame legacy data-warehouse challenges by adopting Azure Databricks. The bank achieved 10x faster time to market for use cases, with deployment in approximately two months and empowered over 500 engineers, scientists and analysts. It now supports fraud detection, compliance monitoring, and near-real-time customer insights across hundreds of terabytes of data from various sources.
As Junta Nakai recently noted vodcast With Josue Borgen, vice president of data and architecture at Zeb: “When businesses democratize insights and automation, they don’t just reduce overhead. They uncover unseen risks and opportunities, enabling industry-defining steps forward.”
The way forward: governance as a competitive advantage
We stand at an inflection point. Regulatory scale-back is not a sign to relax; It is a window to strengthen the foundation and prepare for whatever comes next. This new era will be led by organizations that treat compliance not as a cost center, but as a source of strategic differentiation and growth.
With federation capabilities across the Unity Catalog, Agent Bricks, and a robust ecosystem of partners, Databricks prepares financial-services firms to manage continuous change, automate governance at scale, and turn regulatory uncertainty into competitive advantage. As the regulatory future unfolds, one constant remains: companies that invest in transparent, adaptive, intelligent data platforms today will define their industries tomorrow.
For European financial institutions, this is an opportunity to modernize data and AI foundations in a way that meets EU requirements today while also remaining flexible going forward.
Digital Omnibus/AI Omnibus proposals are under negotiation and timelines are subject to change.
Learn how Databricks can help your organization strengthen governance, conduct AI responsibly, and stay ahead of evolving EU regulations. Contact our team to start a conversation.
¹ On January 9, Santender completed the sale of 49% of its stake in Santendra Bank Polska to Erste Group.
