List of Q&As

Scope of conversion factor estimation and application

Are positions with drawn amount without an underlying credit line (i.e. overdraft without credit line) within the scope of credit conversion factor estimation as per Article 166(8) CRR?

Legal act: Regulation (EU) No 575/2013 (CRR) as amended

COM Delegated or Implementing Acts/RTS/ITS/GLs: Not applicable

ID: 2017_3650| Topic: Credit risk| Date of submission: 29/12/2017

Use of Maturity Mismatch for Exposures arising under Master Netting Agreements

Do the requirements to adjust the value of collateral for maturity mismatch (Article 239) apply when using the supervisory volatility adjustments approach for Master Netting Agreements under Article 220?

Legal act: Regulation (EU) No 575/2013 (CRR) as amended

COM Delegated or Implementing Acts/RTS/ITS/GLs: Not applicable

ID: 2017_3375| Topic: Credit risk| Date of submission: 03/07/2017

Effective LGD

Could effective LGD (LGD*) be used both in AIRB and FIRB if the operation has an eligible financial collateral under Financial Collateral Comprehensive method?

Legal act: Regulation (EU) No 575/2013 (CRR) as amended

COM Delegated or Implementing Acts/RTS/ITS/GLs: Not applicable

ID: 2017_3304| Topic: Credit risk| Date of submission: 25/05/2017

CR IRB template – inclusion of haircut exposure value

In what column of the Credit Risk IRB templates shall the increase of the exposure value by the haircut exposure value be reported (in column 090, in column 110 or just in column 255 and 260)?

Legal act: Regulation (EU) No 575/2013 (CRR) as amended

COM Delegated or Implementing Acts/RTS/ITS/GLs: Regulation (EU) No 680/2014 - ITS on supervisory reporting of institutions (as amended)

ID: 2015_1868| Topic: Supervisory reporting - COREP (incl. IP Losses)| Date of submission: 03/03/2015

Reporting of e-commerce card-based payment transactions falling within the scope of EBA Opinion EBA-Op-2019-06 for which no strong customer authentication was applied

Should e-commerce card-based payment transactions – falling within the scope of the EBA Opinion on the elements of strong customer authentication under PSD2 (EBA-Op-2019-06) and for which no strong customer authentication was applied – be reported under the higher-level category “Of which authenticated via non-strong customer authentication”?

Legal act: Directive 2015/2366/EU (PSD2)

COM Delegated or Implementing Acts/RTS/ITS/GLs: EBA/GL/2018/05 - EBA Guidelines on fraud reporting under PSD2 (amended by EBA/GL/2020/01)

ID: 2020_5070| Topic: Fraud reporting| Date of submission: 02/01/2020

Data breakdown on fraud by different card functions for cash withdrawals

Does the breakdown on “card payments by fraud types” in Table E of the EBA Guidelines on fraud reporting under PSD2 refer only to cards with a credit/delayed debit function?

Legal act: Directive 2015/2366/EU (PSD2)

COM Delegated or Implementing Acts/RTS/ITS/GLs: EBA/GL/2018/05 - EBA Guidelines on fraud reporting under PSD2 (amended by EBA/GL/2020/01)

ID: 2019_5056| Topic: Fraud reporting| Date of submission: 19/12/2019

Recording of card payments

If a card has both an e-money and non e-money function, how should a payment be recorded? Should the recording be different based on the type of the reporting institution (for example, depending on whether is an electronic money institution (EMI) or a bank)?

Legal act: Directive 2015/2366/EU (PSD2)

COM Delegated or Implementing Acts/RTS/ITS/GLs: EBA/GL/2018/05 - EBA Guidelines on fraud reporting under PSD2 (amended by EBA/GL/2020/01)

ID: 2019_5046| Topic: Fraud reporting| Date of submission: 13/12/2019

Recording of e-money

If a card issued by an E-money institution has a cash function, how should the cash withdrawal from that card be recorded? Should it be recorded on the debit card withdrawal, as the E-money breakdown section does not include a cash withdrawal category?

Legal act: Directive 2015/2366/EU (PSD2)

COM Delegated or Implementing Acts/RTS/ITS/GLs: EBA/GL/2018/05 - EBA Guidelines on fraud reporting under PSD2 (amended by EBA/GL/2020/01)

ID: 2019_5044| Topic: Fraud reporting| Date of submission: 12/12/2019

Direct debts fraud reporting

In relation to the direct debits fraud, please clarify the reporting criteria for direct debit fraud.

Legal act: Directive 2015/2366/EU (PSD2)

COM Delegated or Implementing Acts/RTS/ITS/GLs: EBA/GL/2018/05 - EBA Guidelines on fraud reporting under PSD2 (amended by EBA/GL/2020/01)

ID: 2019_5043| Topic: Fraud reporting| Date of submission: 12/12/2019

Reporting of PISP transactions

Should payment initiation service provider (PISP) initiated payments be reported under both Table A (1.1) and Table H (8.x)? More specifically how should these transactions be reported where the customer initiates a payment via a PISP, from their bank account, to one of their payees flagged in the bank’s online channel as “trusted beneficiaries” (Article 13 of the RTS on SCA&CSC).

Legal act: Directive 2015/2366/EU (PSD2)

COM Delegated or Implementing Acts/RTS/ITS/GLs: EBA/GL/2018/05 - EBA Guidelines on fraud reporting under PSD2 (amended by EBA/GL/2020/01)

ID: 2019_5042| Topic: Fraud reporting| Date of submission: 12/12/2019

Reporting of PISP initiated payments

Is there a requirement to segregate the Payment Initiation Service Provider (PISP) initiated payments which were executed without Strong customer authentication (SCA), by the relevant availed exemption used? Or are PISP initiated payments, only required to be presented in Bulk (Value, Volume, SCA/Non-SCA)?

Legal act: Directive 2015/2366/EU (PSD2)

COM Delegated or Implementing Acts/RTS/ITS/GLs: EBA/GL/2018/05 - EBA Guidelines on fraud reporting under PSD2 (amended by EBA/GL/2020/01)

ID: 2019_5041| Topic: Fraud reporting| Date of submission: 12/12/2019

Reporting of fraud by the acquirers

Regarding the fraud definition, could you please clarify how the following fraud examples should be classified by the acquirers

Legal act: Directive 2015/2366/EU (PSD2)

COM Delegated or Implementing Acts/RTS/ITS/GLs: EBA/GL/2018/05 - EBA Guidelines on fraud reporting under PSD2 (amended by EBA/GL/2020/01)

ID: 2019_5039| Topic: Fraud reporting| Date of submission: 12/12/2019

Reporting of card transactions that are out-of-scope from the requirement for SCA

In the Fraud Reporting, how should payment service providers (PSPs) report card transactions without Strong Customer Authentication (SCA) that are out of scope of the requirement for SCA, i.e. one-leg transactions and merchant-initiated transaction?

Legal act: Directive 2015/2366/EU (PSD2)

COM Delegated or Implementing Acts/RTS/ITS/GLs: Not applicable

ID: 2019_4866| Topic: Fraud reporting| Date of submission: 12/08/2019

Report of fraud rates by issuers and acquirers

For card-based transactions: - When the issuer reports frauds under the EBA Guidelines on fraud reporting (EBA/GL/2018/05), shall the issuer provide information on the unauthorised transactions for which the acquirer has applied an exemption? If so, shall the issuer provide a break-down according to the different exemptions applied by the acquirer?- When the acquirer reports frauds under the EBA Guidelines on fraud reporting, shall the acquirer provide information on the unauthorised transactions for which the issuer has applied an exemption? If so, shall the acquirer provide a break-down according to the different exemptions applied by the issuer?

Legal act: Directive 2015/2366/EU (PSD2)

COM Delegated or Implementing Acts/RTS/ITS/GLs: EBA/GL/2018/05 - EBA Guidelines on fraud reporting under PSD2 (amended by EBA/GL/2020/01)

ID: 2019_4703| Topic: Fraud reporting| Date of submission: 09/05/2019

Transaction risk analysis (TRA) exemption – Calculation of fraud rate – Impact of unauthorized transactions on issuers and acquirers

In the case of card-based transactions, shall issuers include in their fraud rate calculation only the unauthorized transactions for which they apply strong customer authentication (SCA) or an exemption?  Or, shall issuers also include unauthorised transactions for which the acquirer applies an exemption?Shall acquirers include in their fraud rate calculation only the unauthorised transactions for which they apply an exemption?  Or shall acquirers also include unauthorised transactions for which the issuer applies an exemption?

Legal act: Directive 2015/2366/EU (PSD2)

COM Delegated or Implementing Acts/RTS/ITS/GLs: Regulation (EU) 2018/389 - RTS on strong customer authentication and secure communication

ID: 2019_4702| Topic: Strong customer authentication and common and secure communication (incl. access)| Date of submission: 09/05/2019

Strong Customer Authentication (SCA) possession element requirement for cryptographic validation

For a device to be considered possession:-a) should the device perform "cryptographically underpinned validity assertions using keys or cryptographic material stored in" the device?b) should the device be in the physical possession of the  Payment Service User (PSU)? I.e. it cannot be held and operated remotely.

Legal act: Directive 2015/2366/EU (PSD2)

COM Delegated or Implementing Acts/RTS/ITS/GLs: Regulation (EU) 2018/389 - RTS on strong customer authentication and secure communication

ID: 2019_4532| Topic: Strong customer authentication and common and secure communication (incl. access)| Date of submission: 11/02/2019

Electronic chip transactions authenticated with a hand signature

As a Payment Service Provider (PSP) acquirer, how should we report the German chip + signature transactions in the “EBA fraud report under PSD2” given the fact this kind of transactions are non-Strong Customer Authentication (SCA) and do not fall under any allowed exemption?

Legal act: Directive 2015/2366/EU (PSD2)

COM Delegated or Implementing Acts/RTS/ITS/GLs: EBA/GL/2018/05 - EBA Guidelines on fraud reporting under PSD2 (amended by EBA/GL/2020/01)

ID: 2018_4399| Topic: Fraud reporting| Date of submission: 03/12/2018

Exposures towards QCCPs under CRR Art. 306 (2) under standardised method (C 07.00) - validation rules v0010_h, v0306_m, v0307_m, v0308_m and v0312_m

"Under Article 306 (2)of the CRR, where assets posted as collateral to a CCP or a clearing member are bankruptcy remote, should have Exposure Value (C 07.00, column {200}, rows {100}, {120}) of zero. Our understanding of the ITS on Supervisory Reporting is that the Original exposure pre conversion factors (C07.00, column {010}, rows {100}, {120}) of the transactions in question should hence also be zeroed out. The institution is currently reporting the Original exposure pre conversion factors as non-zero to avoid the blocking errors mentionned in the background, which is contrary to Article 306 (2) of the CRR. Could you please confirm if our understanding of the ITS is correct?"

Legal act: Regulation (EU) No 575/2013 (CRR) as amended

COM Delegated or Implementing Acts/RTS/ITS/GLs: Regulation (EU) No 680/2014 - ITS on supervisory reporting of institutions (as amended)

ID: 2019_4749| Topic: Supervisory reporting - COREP (incl. IP Losses)| Date of submission: 28/05/2019

FINREP Validation rule v2822_m

V2822_m: sum({F 32.01, r110, (c010, c060)}) = sum({F 05.01, r090, (c020-060)}) - Economic agents inconsistency : F 32.01, r110, (c010, c060) = non-financial corporation and households; F 05.01, r090, (c020-060) = all agents

Legal act: Regulation (EU) No 575/2013 (CRR) as amended

COM Delegated or Implementing Acts/RTS/ITS/GLs: Regulation (EU) No 680/2014 - ITS on supervisory reporting of institutions (as amended)

ID: 2019_4611| Topic: Supervisory reporting - FINREP (incl. FB&NPE)| Date of submission: 14/03/2019

Clarification on the reporting of "maturing" columns in COREP ALMM C 70.00 "Roll-over of funding"

In the "Maturing" columns of C 70 .00, do we have the option of reporting in two different ways? We can either report "Maturing" amounts according to all liabilities contractually withdrawable by the providers of funding for each day of the month. Or we can report only the amounts "Maturing" which are due on the relevant day.

Legal act: Regulation (EU) No 575/2013 (CRR) as amended

COM Delegated or Implementing Acts/RTS/ITS/GLs: Regulation (EU) No 680/2014 - ITS on supervisory reporting of institutions (as amended)

ID: 2019_4581| Topic: Supervisory reporting - Liquidity (LCR, NSFR, AMM)| Date of submission: 27/02/2019