Understanding EBA Connected Clients Guidelines

Author: Steven Renwick, CEO, Tilores. Reviewed for accuracy against the European Banking Authority's published guidelines and 2026 updates.

TL;DR: The European Banking Authority (EBA) guidelines on connected clients require financial institutions to identify and manage clients whose relationships — familial, business, or shared economic interests — create conflicts of interest or elevated risk. Detecting those connections at scale is an entity resolution problem: institutions use data analysis and network analysis to link records to the same real-world entity, then map the relationships between entities. When evaluating entity resolution technology for a regulated banking use case in 2026, the criteria that matter are data-quality handling (does it clean and transform messy inputs before matching?), privacy and data-protection controls, and the ability to monitor dynamic relationships in real time. As of 2026 the EBA guidelines remain in force in a streamlined form — see the dated update below.

How do I evaluate entity resolution vendors for connected clients detection in banking?

The original article identifies three implementation challenges that double as evaluation criteria for any entity resolution technology used to meet the connected clients guidelines. The table maps each challenge to the capability to look for; the full explanation of each is preserved verbatim in the sections below.

Evaluation criterion	Why it matters for connected clients	What to look for
Data quality and availability	Accurate, reliable data is fundamental to detecting connected clients; messy inputs cause missed or false connections	Entity resolution that transforms data to improve its quality before matching — as Tilores does — rather than requiring clean inputs upfront
Privacy and data protection	Detecting connections must be balanced against data privacy regulations and due-diligence obligations	Technology that operates within the framework of data privacy and security and safeguards sensitive information throughout the process
Dynamic relationships	Client relationships evolve over time, so a one-off scan goes stale	Regular monitoring and real-time data analysis so risk management adapts as relationships change
Detection technique	Connections are both record-level and network-level	Both data analysis (linking records to one entity) and network analysis (mapping relationships across complex networks of clients)

In the ever-evolving landscape of the financial industry, managing risks associated with clients is of paramount importance. Financial institutions face the challenge of identifying and mitigating potential conflicts of interest and increased risks that arise from relationships among clients. To address this, the European Banking Authority (EBA) has introduced guidelines on connected clients.

This article aims to provide risk managers with a comprehensive understanding of the connected clients guidelines, including their purpose, technical aspects, and the challenges involved in their implementation.

What are Connected Clients?

Connected clients, as defined by the EBA, refer to clients who have relationships with each other that may create conflicts of interest or elevate risks for financial institutions. These relationships can be familial, business-related, or involve shared economic interests. The EBA guidelines aim to ensure that financial institutions have effective measures in place to identify and manage such risks appropriately.

<section id="The-Purpose-of-Connected-Clients-Guidelines">
  <h3>The Purpose of Connected Clients Guidelines</h3>
  <p>The connected clients guidelines serve as a regulatory framework to facilitate sound risk management practices within the European Union's financial sector. By implementing these guidelines, financial institutions can:</p>
  <ol>
    <li><strong>Identify Potential Risks</strong>: The guidelines help institutions identify clients who are connected in ways that may lead to conflicts of interest or higher risks. By doing so, financial institutions can better assess and mitigate these risks, thereby protecting themselves and their clients.</li>
    <li><strong>Ensure Compliance</strong>: Compliance with the EBA guidelines is crucial for financial institutions to demonstrate their adherence to regulatory requirements. It helps institutions align with the EBA's objectives of fostering stability and confidence in the financial industry.</li>
  </ol>
</section>

<section id="Technical-Aspects">
  <h3>Technical Aspects of Detecting Connected Clients: Leveraging Entity Resolution Technology</h3>
  <p>Detecting connected clients can be a complex task, but financial institutions can employ advanced techniques and methodologies, including the use of entity resolution technology, to enhance their ability to identify and manage potential connections.</p>
  <p>Entity resolution technology plays a vital role in the detection process by effectively linking and identifying entities across vast amounts of data. Here's how financial institutions can leverage this technology along with other approaches to detect connected clients:</p>
  <ol>
    <li><strong>Data Analysis</strong>: Financial institutions leverage comprehensive data analysis, including entity resolution, to uncover patterns and relationships among clients. By examining transactional data, account histories, and shared personal or business information, entity resolution technology can accurately establish connections and associations among clients.</li>
    <li><strong>Network Analysis</strong>: Network analysis techniques, combined with entity resolution, provide a powerful means of visualizing and analyzing relationships among clients. By mapping connections based on shared associations, financial institutions gain valuable insights into potential conflicts of interest and risks. Entity resolution technology aids in identifying the intricate links within complex networks of clients.</li>
  </ol>
  <p>However, the implementation of connected clients guidelines does present challenges for financial institutions:</p>
  <ol>
    <li><strong>Data Quality and Availability</strong>: Accurate and reliable data is fundamental to the effective detection of connected clients. Financial institutions may encounter challenges related to data quality, completeness, and timeliness. Entity resolution technology works best when the data inputs are of a high-quality although advanced entity resolution technologies, such as Tilores, will transform data to improve its quality before entity resolution. Collaborative efforts, such as data standardization initiatives, can also help address these issues.</li>
    <li><strong>Privacy and Data Protection</strong>: Balancing the need to identify connected clients with data privacy regulations is a delicate challenge. Financial institutions must ensure compliance with privacy laws and implement robust data protection measures while conducting necessary due diligence. Entity resolution technology must operate within the framework of data privacy and security, safeguarding sensitive information throughout the process.</li>
    <li><strong>Dynamic Relationships</strong>: Relationships among clients can evolve over time, making it challenging to maintain an up-to-date understanding of connections. Regular monitoring and real-time data analysis, aided by entity resolution technology, are essential to identify and respond to changes in client relationships. This technology enables financial institutions to adapt their risk management practices dynamically.</li>
  </ol>
</section>

The Consequences of Ignoring Connected Clients

In the world of consumer fintech we have a wonderful example from cash app (NYSE:SQ) of what happens if you just ignore the connections between your clients. Let's just say it involves a 20% share price hit. More about that here.

Conclusion

The connected clients guidelines provide crucial guidance to financial institutions for identifying and managing risks arising from client relationships. By leveraging advanced techniques such as data analysis, network analysis, and entity resolution technology, institutions can improve their ability to detect connected clients accurately. Despite challenges related to data quality, privacy, and dynamic relationships, the implementation of these guidelines promotes sound risk management practices within the financial industry. Through collaboration and the intelligent use of technology, financial institutions can navigate the complexities of connected clients and foster stability and trust in their operations.

<section id="More-Reading">
  <h3>More Reading</h3>
  <p>For more information on the EBA Connected Clients Guidance, see the <a href="https://www.eba.europa.eu/regulation-and-policy/large-exposures/guidelines-on-connected-clients">EBA website</a>.</p>
</section>

Are the EBA connected clients guidelines still current? (2026 update)

Yes — but the framework was streamlined in 2026, so risk managers should read the original guidance alongside the latest EU rules. The EBA Guidelines on connected clients (EBA/GL/2017/15) were first adopted in 2017 and remain in force in a consolidated, streamlined form:

April 2026 streamlining. On 29 April 2026 the EBA published a decision to partially delete sections of the guidelines (Decision EBA/DC/644), explaining that "these rules now apply directly across the EU, certain provisions of the EBA Guidelines are no longer necessary to ensure a common and consistent application of Union law."
Why the change. Commission Delegated Regulation (EU) 2024/1728 now provides directly applicable regulatory technical standards specifying when institutions must identify groups of connected clients — covering control relationships, economic dependency, and combined control relationships and economic dependencies. Because the regulation is directly applicable, the overlapping guideline provisions were no longer needed.
What still applies. Per the consolidated guidelines (EBA/GL/2017/15-rev1), institutions must still identify groups of connected clients across control relationships, economic dependency, and combined scenarios — the streamlining removed duplicated text, not the underlying obligation.

What does that mean for detection? The regulatory obligation to find connected clients is, if anything, more firmly established in directly applicable EU law. The practical detection problem is unchanged: institutions still have to link messy, fragmented client records to the same real-world entity and map the relationships between them. That is exactly what entity resolution technology does, and why data-quality handling, privacy controls, and real-time monitoring remain the right evaluation criteria for a regulated banking deployment.

Detect connected clients in your own data: create a free Tilores account and match a sample file in a few clicks, or explore Tilores entity resolution software to see how it transforms and links fragmented client records in real time for AML, KYC, and connected-clients risk management.

Frequently asked questions

What are connected clients under the EBA guidelines?: Connected clients, as defined by the EBA, are clients who have relationships with each other that may create conflicts of interest or elevate risks for financial institutions. These relationships can be familial, business-related, or involve shared economic interests. The EBA guidelines aim to ensure that financial institutions have effective measures in place to identify and manage such risks appropriately.
How do financial institutions detect connected clients?: Financial institutions employ advanced techniques including entity resolution technology, which links and identifies entities across vast amounts of data. Through data analysis they uncover patterns and relationships among clients by examining transactional data, account histories, and shared personal or business information; through network analysis they visualise and map connections based on shared associations to surface potential conflicts of interest and risks.
How does entity resolution help with connected clients compliance?: Entity resolution accurately establishes connections and associations among clients by linking scattered records to the same real-world entity. It works best with high-quality data inputs; advanced entity resolution technologies such as Tilores transform data to improve its quality before resolution. It must also operate within the framework of data privacy and security, and regular monitoring with real-time analysis helps keep up with dynamic relationships that evolve over time.
What happens if a financial institution ignores connections between clients?: Ignoring connections between clients exposes institutions to unmanaged conflicts of interest and concentration risk. In consumer fintech, Cash App (NYSE:SQ) is a widely cited example of what happens when connections between clients are ignored — an episode associated with a roughly 20% share price hit after duplicate and inter-linked customer accounts were highlighted.
Are the EBA connected clients guidelines still in force in 2026?: Yes. The EBA Guidelines on connected clients (EBA/GL/2017/15) remain in force in a streamlined, consolidated form. On 29 April 2026 the EBA published a decision (EBA/DC/644) partially deleting sections of the guidelines because Commission Delegated Regulation (EU) 2024/1728 now provides directly applicable rules covering the same ground. The consolidated guidelines still address control relationships, economic dependency, and combined control and economic dependency.