The European Central Bank has published an occasional paper examining how large non-bank groups offering bank-like services in the European Union are challenging the regulatory perimeter. The paper finds that sector-specific and entity-level rules can leave supervisors with limited visibility over group-wide risks when financial services are delivered through embedded finance, white-label arrangements, platform ecosystems and cross-border structures, particularly in payments, non-bank lending, crypto-asset activities and other digitally re-bundled models. Using five EU case studies, the paper shows how neo-conglomerates can combine regulated and unregulated activities across jurisdictions without consolidated prudential supervision, while complex partnerships can blur accountability for customer onboarding, compliance, safeguarding, fraud handling and consumer protection. It also highlights data and information-sharing gaps, including around passported services, ancillary activities and crypto lending, borrowing and staking, and sets out four priority areas for consideration: stronger perimeter governance through harmonised definitions and intervention powers, tighter licensing and supervisory reach for complex multi-partner and white-label models, group-wide oversight through an EU financial holding structure for large and complex non-bank groups, and better cooperation, reporting and data-sharing across national and EU authorities. As next-step directions, the paper points to more intensive perimeter monitoring, scenario analysis and use of EU-level sandboxes under existing mandates, alongside possible legislative changes. These include reviewing licensing thresholds, extending intermediate parent undertaking requirements, introducing harmonised minimum prudential rules for non-bank lenders, clarifying the treatment of bank-like and crypto-related activities, and strengthening the role of the European Supervisory Authorities in supervising systemically important non-bank and crypto market actors.