Search for Q&As Submit a question

List of Q&As

Report gross or netted cash flows in the row 360 of C66 (maturity ladder) of non-forex and non-option-like derivatives under a valid netting agreement but without collateral agreement

« In the Annex XXIII (Maturity Ladder Instructions), for the row 360 ("1.5 Derivatives amount payables other than those reported in 1.4") , paragraph 2(b), it is stated that "flows related to other contracts than those referred to in point (a) shall be included by projecting the gross contractual flows of cash in the respective time buckets in lines 1.5 ‘derivatives cash- outflows’ and 2.4 ‘derivatives cash-inflows...’". Suppose that there is a group of derivatives (non-forex, non-option-like transactions) traded with the same counterparty under a valid bilateral netting agreement but without a collateral agreement in place, should netted cash flows per counterparty or gross cash flows be reported in row 360? If the netted cash flows should be reported in row 360, should the netted amount be calculated per day, or per time bucket defined for C66 report? For example, in C66, there is a time bucket 'Greater than 7 days up to 2 weeks', can we net an inflow of day 8 with an outflow of day 9 and then report only the net amount in row 360 (if negative) or row 670 (if positive)?”

COM Delegated or Implementing Acts/RTS/ITS/GLs: Regulation (EU) No 680/2014 - ITS on supervisory reporting of institutions (as amended)

ID: 2018_3943| Topic: Supervisory reporting| Date of submission: 29/05/2018

Low Credit Risk Template 4.4.1 and 4.3.1

Regarding the Column "of which: Instruments with low credit risk" detailed in the Template 4 series. Is there an expectation to have this populated by institutions which have not elected to adopted the practical expediency which IFRS 9 allows for the implementation of the new standard?

COM Delegated or Implementing Acts/RTS/ITS/GLs: Regulation (EU) No 680/2014 - ITS on supervisory reporting of institutions (as amended)

ID: 2017_3594| Topic: Supervisory reporting| Date of submission: 16/11/2017

Reporting of fees and levies in FINREP template F 02

How each the following expenses should be classified in FINREP template F 02, that is, should they be reported in row 350 (Other operating expenses), row 380 (Other administrative expenses), or under a different item? - contribution to the deposit guarantee scheme pursuant to national legislation implementing Article 10(3) of Directive 2014/49/EU of the European Parliament and of the Council - contribution to the Single Resolution Fund pursuant to Article 70(3) of Regulation (EU) No 806/2014 of the European Parliament and of the Council and Council Implementing Regulation (EU) 2015/81; or to a national resolution fund - a bank levy or a supervisory fee, such as the SSM Supervisory Fee (Regulation (EU) No 1163/2014 of the European Central Bank) or the “Dutch bank tax”.

COM Delegated or Implementing Acts/RTS/ITS/GLs: Regulation (EU) No 680/2014 - ITS on supervisory reporting of institutions (as amended)

ID: 2017_3574| Topic: Supervisory reporting| Date of submission: 25/10/2017

Certfication in relation to a Technical Service Provider (TSP)

When performing the role of a Technical Service Provider (TSP) is the TSP required to update the certificate received from the Third Party Payment Service Providers (TPP) (to demonstrate our involvement) to enable the Account Servicing Payment Service Provider (ASPSP) to authorise the certificate and provide the appropriate requested data back through to the TPP and establish the session? Is this same certificate required for every type of transaction request and must it be real time checked by the ASPSP and how does this impact our role as a TSP?Also, by introducing a TSP between a TPP and an ASPSP is the concept of private keys and the transport layer broken, due to the introduction of a TSP between the TPP and the ASPSP? Finally, are there limits to the number of roles involved in the chain in terms of the certification or do we just need to be able to demonstrate the link back to the point of origin for the certificate (the TPP)?

COM Delegated or Implementing Acts/RTS/ITS/GLs: Regulation (EU) 2018/389 - RTS on strong customer authentication and secure communication

ID: 2018_4375| Topic: Strong customer authentication and common and secure communication (incl. access)| Date of submission: 19/11/2018

Authentication code

Is it allowed to use the (authenticated) session that a user has (after logging in (with or without SCA)) as 1 of the authentication factor when performing SCA for a payment transaction?For example: A customer logs in with its username & password (knowledge) + SMS One Time Password (possession). Once in his online banking environment he looks at his statements. Within that same session (that ends after 5 minutes inactivity) he makes a payment.The question is if for authenticating the payment it is required to perform SCA again or if the authenticated session (based on the previous authentication) and a second SMS One Time Password (possession) that dynamically links the payment would suffice.

COM Delegated or Implementing Acts/RTS/ITS/GLs: Regulation (EU) 2018/389 - RTS on strong customer authentication and secure communication

ID: 2018_4141| Topic: Strong customer authentication and common and secure communication (incl. access)| Date of submission: 18/07/2018

Information to be provided / made available by ASPSP to payment initiation service provider (PISP)

In the context of PIS:(a) shall the ASPSP, upon initiation of the payment session, provide or make available to the PISP the IBANs/account numbers for all payment accounts from which the user can transfer funds, and the associated currencies; and(b) shall the ASPSP, in each communication session, provide or make available to the PISP/AISP the name of the payment service user that is accessing the accounts.

COM Delegated or Implementing Acts/RTS/ITS/GLs: Regulation (EU) 2018/389 - RTS on strong customer authentication and secure communication

ID: 2018_4188| Topic: Strong customer authentication and common and secure communication (incl. access)| Date of submission: 08/08/2018

Breakdown of exposures by residual maturity

In the template C 33.00 breakdown of total exposures by residual maturity is required (rows 170 - 230). However from instructions it is not clear into which time bucket following exposures should be classified: - exposures at default - exposures without residual maturity - past due exposures.

COM Delegated or Implementing Acts/RTS/ITS/GLs: Regulation (EU) No 680/2014 - ITS on supervisory reporting of institutions (as amended)

ID: 2018_4164| Topic: Supervisory reporting| Date of submission: 25/07/2018

Validation rule v0682_m - DPM 2.7.0.1

Is the validation rule v0682_m correct?

COM Delegated or Implementing Acts/RTS/ITS/GLs: Draft ITS on Supervisory Reporting of Institutions

ID: 2018_3992| Topic: Supervisory reporting| Date of submission: 13/06/2018

Definition of a qualifying holding

In order to identify a qualifying holding in an undertaking, for the purposes of the definition laid down in Article 4(1)(36) CRR, has the possibility to exercise a significant influence over the management of an undertaking to be accompanied, as a necessary precondition, by an even minimum level of holding in that undertaking (as suggested by the English or Italian language version of CRR)?   Or, conversely, can the definition of qualifying holding in Article 4(1)(36) CRR be met, in cases where the possibility for a person to exercise a significant influence in an undertaking is established, even in the absence of a minimum level of holding in the undertaking by that person?

COM Delegated or Implementing Acts/RTS/ITS/GLs: Not applicable

ID: 2018_3762| Topic: Other topics| Date of submission: 13/03/2018

Application of the Low Value Transaction Limits

Should the limits according the Article 16 RTS be applied to the account itself (account holder and authorized persons together) or should they be applied to the account holder (owner) and each authorized person (i.e. proxy of account holder) separately? Subsequently should the limits be applied to all remote payment transactions together or should e.g. card transactions and credit transfers be counted separately. Also should the limit be applied to all cards belonging to one person together or should the limit be applied to each card separately?

COM Delegated or Implementing Acts/RTS/ITS/GLs: Regulation (EU) 2018/389 - RTS on strong customer authentication and secure communication

ID: 2018_4429| Topic: Strong customer authentication and common and secure communication (incl. access)| Date of submission: 20/12/2018

Wide usage portability between Member States

Could three months’ data, showing wide usage of the dedicated interface, produced in one Member State by a regulated entity (ASPSP) belonging to an ASPSP Group, be used as evidence to support the ‘widely used’ condition in a further Member State for a separate regulated entity (ASPSP) belonging to the same ASPSP Group, on the condition that both entities employ the same dedicated interface?

COM Delegated or Implementing Acts/RTS/ITS/GLs: EBA/GL/2018/07 - Guidelines on the exemption from the contingency mechanism under Regulation (EU) 2018/389

ID: 2019_4638| Topic: Other topics| Date of submission: 28/03/2019

Applicability of Article 34 (eIDAS certificates) prior to application date of Regulation (EU) 2018/389

Is the use of eIDAS certificates mandatory for accessing payment accounts via dedicated interfaces (APIs) already prior to the application date of the Commission Delegated Regulation (EU) 2018/389, i.e. 14 September 2019?

COM Delegated or Implementing Acts/RTS/ITS/GLs: Regulation (EU) 2018/389 - RTS on strong customer authentication and secure communication

ID: 2019_4630| Topic: Strong customer authentication and common and secure communication (incl. access)| Date of submission: 27/03/2019

Content of eIDAS certificates if agents or outsource providers are involved

Who shall be the Subject Distinguished Name (DN) in the situation described in EBA Opinion on eIDAS (EBA-Op-2018-7) item 21? Does information on agents or outsource providers has to show up in the certificates? 

COM Delegated or Implementing Acts/RTS/ITS/GLs: Not applicable

ID: 2019_4507| Topic: Strong customer authentication and common and secure communication (incl. access)| Date of submission: 01/02/2019

Passporting and eIDAS certificates

Do account servicing payment service providers (ASPSPs) have to check that third party providers (TPPs) are authorised to operate in their Member State via freedom to deliver services passporting? If so, how shall this be done?

COM Delegated or Implementing Acts/RTS/ITS/GLs: Regulation (EU) 2018/389 - RTS on strong customer authentication and secure communication

ID: 2018_4432| Topic: Passporting| Date of submission: 21/12/2018

Interpretation of the concept of senior management laid down in Article 3(1)(9) of CRD IV

Does the concept of “senior management” foreseen in Article 3(1)(9) of CRD IV refer to members of the management body in executive functions or does it refer to persons at an hierarchical level immediately below that of the management body in executive functions (i.e., the so-called MB-1 level), as far as these persons are involved in the day-to-day management of the institution?

COM Delegated or Implementing Acts/RTS/ITS/GLs: Not applicable

ID: 2018_4286| Topic: Internal governance| Date of submission: 24/09/2018

Fraud rate calculation for TRA exemption – country dimension

Could – or should – the fraud rate for the TRA exemption be calculated per member state where a PSP provides payment services (one legal entity with branches in different countries), or should the fraud rate be aggregated as one for the whole legal entity?

COM Delegated or Implementing Acts/RTS/ITS/GLs: Regulation (EU) 2018/389 - RTS on strong customer authentication and secure communication

ID: 2018_4439| Topic: Strong customer authentication and common and secure communication (incl. access)| Date of submission: 27/12/2018

fall back exemption

Article 33, § 6 of the RTS for strong customer authentication and common and secure open standards of communication (the “RTS”) provides that “Competent authorities, after consulting EBA to ensure a consistent application of the following conditions, shall exempt the account servicing payment service providers that have opted for a dedicated interface from the obligation to set up the contingency mechanism […]” (the “fall back exemption”). a) Which authority - the home authority or the host authority ?- is the compentent authority under article 33, § 6 of the RTS, when the “fall back exemption request” concerns the dedicated interface used in a Member state where a branch of the ASPSP is located? b) Does the answer differ if the same dedicated interface is used in the home member state and in the host member state where a branch is located?

COM Delegated or Implementing Acts/RTS/ITS/GLs: Regulation (EU) 2018/389 - RTS on strong customer authentication and secure communication

ID: 2018_4163| Topic: Strong customer authentication and common and secure communication (incl. access)| Date of submission: 25/07/2018

Calculation of the number of directorships held (privileged counting of mandates).

How should the mandates be counted in a situation where one person is an active board member in several connected (through IPS, group or qualified holdings) credit institutions and the privileged counting of mandates shows different results depending on the perspective from which the mandates are counted? Especially how the mandates should be counted where there is more than one notifying institution, in particular where the institutions are connected through qualified holdings? How should such a situation be resolved in cases where different competent authorities (in more than one Member State and / or the ECB) are involved?

COM Delegated or Implementing Acts/RTS/ITS/GLs: Not applicable

ID: 2018_4158| Topic: Internal governance| Date of submission: 24/07/2018

Is a gradual reduction of the overdraft facility with a current account a forborne measure?

Should an exceeded overdraft facility, which is gradually reduced by the bank as stipulated in terms and conditions, be classified as forborne exposure even if the customer does not meet any criteria for default?

COM Delegated or Implementing Acts/RTS/ITS/GLs: Regulation (EU) No 680/2014 - ITS on supervisory reporting of institutions (as amended)

ID: 2018_4346| Topic: Supervisory reporting| Date of submission: 29/10/2018

Validation rule on C_17.01 template - v5839_m

Is validation rule v5839_m correct?

COM Delegated or Implementing Acts/RTS/ITS/GLs: Regulation (EU) No 680/2014 - ITS on supervisory reporting of institutions (as amended)

ID: 2018_4259| Topic: Supervisory reporting| Date of submission: 10/09/2018

PDF