EIOPA peer review follow-up on product oversight and governance shows that the June 2026 follow-up report confirms overall progress in how national competent authorities supervise POG requirements across the European Economic Area — yet progress remains uneven across Member States, particularly where change demands new internal methodologies, organisational arrangements and resources. For manufacturers and distributors of life and IBIP products, the gap between fast-moving and laggard supervisors now has measurable consequences.
From 110 recommendations to concrete product withdrawals
The June 2026 findings are calibrated against a demanding baseline. When EIOPA published its original 2023 peer review on POG supervision, it sent a total of 110 recommended actions to the 30 participating NCAs. That exercise — the first peer review in the area of conduct-of-business supervision — covered the period from 1 October 2018 to 31 March 2022, capturing the early years of IDD application. The scorecard at that moment was sobering: 18 of the 30 NCAs met few expectations, while only 6 broadly met expectations.
Three years on, the June 2026 follow-up shows that supervisory work is now generating tangible market outcomes. Supervisory activity stemming from POG implementation has led to concrete remedial actions, including product changes, cost reductions and product withdrawals. That is precisely the chain of consequence that IDD Article 25 was designed to trigger. As EIOPA’s 2025 oversight report on supervisory convergence had already signalled, the authority is pushing NCAs to translate framework-building into measurable outcomes rather than process compliance alone.
How supervisory frameworks matured — and where they still lag
The 2026 report documents two broad advances. First, NCAs have strengthened their supervisory frameworks and advanced toward more operational, risk-based, product-focused oversight. Second, many authorities have built more developed conduct risk assessment frameworks that combine product-specific analysis with undertaking-level scrutiny — moving away from entity-wide assessments that could miss product-level consumer harm. In practice, this means greater use of off-site analysis, thematic reviews, product-focused assessments and on-site inspections.
Yet structural bottlenecks persist. Areas requiring changes to internal methodologies, organisational arrangements and resources remain the most unevenly covered. In other words, the NCAs that were already resource-constrained in 2023 face the steepest hill. For insurers operating across multiple EEA jurisdictions, this creates a patchwork: the same product-governance process may face rigorous thematic review in one country and minimal oversight in another. This divergence is exactly what makes EIOPA’s convergence mandate, as described in its Solvency II supervisory guidelines locked in for January 2027, so consequential for multinational carriers.
IBIP exposure and the IDD Article 25 compliance anchor
The stakes are particularly elevated for investment-based insurance products. IBIPs represented 23% of the EU insurance sector at end of 2021, making them the largest single conduct-risk exposure in the market — and the segment where mis-selling risk is most acute. IDD Article 25 requires manufacturers to maintain a product approval process that is proportionate and appropriate to the nature of the insurance product, and to ensure that the intended distribution strategy is consistent with the identified target market, with reasonable steps taken to ensure the product reaches that market. The overarching objective of POG supervision is to ensure consumer-centric approaches are implemented in practice, not merely documented in product governance policies.
For IBIP manufacturers, this means that an NCA moving from “few expectations met” to a risk-based, product-specific supervisory stance is likely to generate more intrusive engagement — thematic reviews, data requests, and potentially the product changes or cost-reduction demands already documented in the 2026 follow-up. French bancassurers have already experienced what a conduct-focused NCA can demand: the ACPR’s headline fine on Société Générale reshaped French bancassurance compliance expectations across the sector.
The six-month reporting deadline now running in Brussels
The June 2026 follow-up is not a terminal event. NCAs are required to report within six months of the follow-up publication on further progress with open recommendations. With the report dated June 2026, that clock expires around end-December 2026 — overlapping with the broader supervisory calendar that includes Solvency II guideline implementation in January 2027. NCAs with unresolved recommendations face a compressed window to demonstrate progress, and EIOPA retains visibility on each authority’s trajectory.
For the insurance industry, the practical implication is that the period between now and December 2026 is likely to see heightened NCA activity in jurisdictions that remain below convergence norms. Manufacturers distributing products through networks in those markets should anticipate questions on target market definitions, product testing documentation and distribution strategy alignment — precisely the obligations that IDD Article 25 frames as proportionate and appropriate to the nature of the insurance product. Building those compliance files proactively, rather than in response to supervisory demand, is the asymmetric risk-management play the 2026 follow-up makes visible.
Mini-FAQ
What did the 2023 EIOPA peer review on POG find?
What concrete outcomes has POG supervision produced so far?
What is the next regulatory deadline under the POG follow-up?
Sources used
- EIOPA — Peer review follow-up on POG supervision (June 2026)
- EIOPA — Original POG peer review findings and recommended actions (July 2023)
- EIOPA — Peer review on Product Oversight and Governance — full report (2023)
- EIOPA — IDD Article 25: product oversight and governance requirements
- EIOPA — Effective supervision of POG crucial for driving good consumer outcomes (2020)