List of Q&As

Clarification on whether a particular business model type constitutes the provision of an account information service as defined by Article 4 (16) of PSD2

Does a business model where the provider offers a service sending the account information to third parties (different from the payment service user)  (detail provided in the background) constitute the provision of an account information service, particularly as it is not proposed that the account information obtained will be given directly to the Payment Service User?

Legal act: Directive 2015/2366/EU (PSD2)

COM Delegated or Implementing Acts/RTS/ITS/GLs: Not applicable

ID: 2018_4098| Topic: Authorisation and registration| Date of submission: 11/07/2018

Validation rule e4898_n

Is the validation rule e4898_n of ITS consistent with the Article 134(7) of the CRR?

Legal act: Regulation (EU) No 575/2013 (CRR) as amended

COM Delegated or Implementing Acts/RTS/ITS/GLs: Regulation (EU) No 680/2014 - ITS on supervisory reporting of institutions (as amended)

ID: 2017_3548| Topic: Supervisory reporting - COREP (incl. IP Losses)| Date of submission: 09/10/2017

Originator obligations

What are the obligations of an originator who purchases third party's exposures and subsequently securitises them, in order to meet the requirements set out in Article 9 of the Securitisation Regulation?

Legal act: Regulation (EU) 2017/2402 (SecReg)

COM Delegated or Implementing Acts/RTS/ITS/GLs: Not applicable

ID: 2018_4368| Topic: Provisions applicable to all securitisations| Date of submission: 09/11/2018

Reporting of template C71.00 by significant currency

How is template C71.00 (concentration of counterbalancing capacity by counterparty) to be completed in the context of the reporting by significant currency (as referred to in Article 415(2) of Regulation (EU) No 575/2013 (CRR))? Specifically, are exposures in a significant currency going to rise in the ranking when being reported by significant currency (given that items denominated in a different currency will be disregarded in the separate currency reporting)?

Legal act: Regulation (EU) No 575/2013 (CRR) as amended

COM Delegated or Implementing Acts/RTS/ITS/GLs: Regulation (EU) No 680/2014 - ITS on supervisory reporting of institutions (as amended)

ID: 2019_4550| Topic: Supervisory reporting - COREP (incl. IP Losses)| Date of submission: 14/02/2019

Classification of multilateral development banks (MDBs) for the purpose of the reporting of the Additional Liquidity Monitoring Metrics (ALMM)

For the purpose of the reporting of the ALMM, are MDBs to be considered as financial counterparties, non-financial corporate counterparties or other counterparties?

Legal act: Regulation (EU) No 575/2013 (CRR) as amended

COM Delegated or Implementing Acts/RTS/ITS/GLs: Regulation (EU) No 680/2014 - ITS on supervisory reporting of institutions (as amended)

ID: 2019_4549| Topic: Supervisory reporting - Liquidity (LCR, NSFR, AMM)| Date of submission: 14/02/2019

Treatement of liquidity generated by the overnight maturity of Withdrawable Central Cank reserve in Counterbalancing Capacity panel of Template C66

How should “liquidity generated by the overnight maturity of withdrawable central bank reserve” be treated in Counterbalancing Capacity panel of Maturity Latter template C 66?

Legal act: Regulation (EU) No 575/2013 (CRR) as amended

COM Delegated or Implementing Acts/RTS/ITS/GLs: Regulation (EU) No 680/2014 - ITS on supervisory reporting of institutions (as amended)

ID: 2018_4318| Topic: Supervisory reporting - Liquidity (LCR, NSFR, AMM)| Date of submission: 09/10/2018

Counterparty classification of the ESM and the ESFS

How are ESM and ESFS to be classified for FINREP – as government or as non-financial corporations?

Legal act: Regulation (EU) No 575/2013 (CRR) as amended

COM Delegated or Implementing Acts/RTS/ITS/GLs: Regulation (EU) No 680/2014 - ITS on supervisory reporting of institutions (as amended)

ID: 2018_4282| Topic: Supervisory reporting - FINREP (incl. FB&NPE)| Date of submission: 19/09/2018

C 66.00, validation rule v5903_s

In an environment of negative (money market indexing) interest rates this rule may not be applicable.

Legal act: Regulation (EU) No 575/2013 (CRR) as amended

COM Delegated or Implementing Acts/RTS/ITS/GLs: Regulation (EU) No 680/2014 - ITS on supervisory reporting of institutions (as amended)

ID: 2018_4193| Topic: Supervisory reporting - COREP (incl. IP Losses)| Date of submission: 13/08/2018

Conditions for the filling of template C 33.00

If a bank will move to IFRS9 accounting standards starting from 1 July 2018, the first date for the Corep reporting under IFRS9 will be 30 September 2018. Therefore, at 30 June 2018 the new logic of the IFRS9 accounting portfolios is not available in data systems and it would be difficult to complete the new model C 33.00. We would like to know if the bank still need to fill in the template C 33.00 at 30 June 2018 and, if so, what logic it has to use.

Legal act: Regulation (EU) No 575/2013 (CRR) as amended

COM Delegated or Implementing Acts/RTS/ITS/GLs: Regulation (EU) No 680/2014 - ITS on supervisory reporting of institutions (as amended)

ID: 2018_4072| Topic: Supervisory reporting - COREP (incl. IP Losses)| Date of submission: 03/07/2018

Double counting of intra-group funding in C68.00

"In C68.00 Unsecured wholesale funding (row 110) should be split per product type: - of which loans and deposits from financial customers (row 120) - of which loans and deposits from non-financial customers (row 130) - of which loans and deposits from intra-group entities (row 140) Should intragroup funding be reported exclusively in row 140? Or should it be reported in row 140 AND in row 120/130 depending if the intragroup entity is a financial or a non-financial customer? The same question applies to the split of wholesale funding."

Legal act: Regulation (EU) No 575/2013 (CRR) as amended

COM Delegated or Implementing Acts/RTS/ITS/GLs: Regulation (EU) No 680/2014 - ITS on supervisory reporting of institutions (as amended)

ID: 2018_3962| Topic: Supervisory reporting - Liquidity (LCR, NSFR, AMM)| Date of submission: 07/06/2018

Incorrect validation rule v4456_m

The validation rule v4456_m is not correctly defined in the taxonomy 2.7. Prerequisites are following: C 47.00 and C 43.00.a and C 43.00.b and C 43.00.c It means that all tables have to be reported. However a bank with a standardised approach to credit risk do not report table C 43.00.c. Consequently the rule can not be applied. In theory a bank can have no data for the table C 43.00.a as well.

Legal act: Regulation (EU) No 575/2013 (CRR) as amended

COM Delegated or Implementing Acts/RTS/ITS/GLs: Regulation (EU) No 680/2014 - ITS on supervisory reporting of institutions (as amended)

ID: 2018_3950| Topic: Supervisory reporting - COREP (incl. IP Losses)| Date of submission: 01/06/2018

Is the scope of the RTS on strong customer authentication (SCA) and secure communication one-leg or two-leg?

Does the PSD2 requirement on SCA, and subsequently the detailed requirements in the RTS on SCA including the practical usage of the allowed exemptions, apply also to one-leg transactions, with regards to:Transactions with the payer’s payment service providers (PSP) outside the EEA (credit transfers as well as card-based payments)?Credit transfers with the payer’s PSP inside the EEA and the payee’s PSP outside the EEA?Card-based payments with the payer’s PSP (the issuer) inside the EEA and the payee’s PSP (the acquirer) outside the EEA, when the non-EEA acquirer do support SCA?Card-based payments with the payer’s PSP (the issuer) inside the EEA and the payee’s PSP (the acquirer) outside the EEA, when the non-EEA acquirer does not support SCA?

Legal act: Directive 2015/2366/EU (PSD2)

COM Delegated or Implementing Acts/RTS/ITS/GLs: Regulation (EU) 2018/389 - RTS on strong customer authentication and secure communication

ID: 2018_4233| Topic: Strong customer authentication and common and secure communication (incl. access)| Date of submission: 06/09/2018

The Implementation of the electronic communications exclusion in the voiced-based premium rate services market

Considering the organisation of the voiced-based premium rate services market, and considering the interpretations proposed for the electronic communications exclusion (ECE) in the different countries, as far as a payment transaction complies with the conditions imposed by the ECE, does the ECE apply to the whole value chain, and therefore, all the providers of electronic communications networks or services involved in payment transactions covered by the ECE should not have to register as payment institutions or agents for these operations?

Legal act: Directive 2015/2366/EU (PSD2)

COM Delegated or Implementing Acts/RTS/ITS/GLs: Not applicable

ID: 2018_4181| Topic: Other topics| Date of submission: 06/08/2018

Geographical scope of application of the RTS on strong customer authentication (SCA) and secure communication requirements – ‘Two-leg’ transactions

Is it necessary that issuer, acquirer, cardholder and merchant be all located in the EEA for the RTS on SCA requirements to apply to two-leg transactions?May the issuer use the merchant’s location as a proxy (in lieu of the acquirer’s location)?

Legal act: Directive 2015/2366/EU (PSD2)

COM Delegated or Implementing Acts/RTS/ITS/GLs: Regulation (EU) 2018/389 - RTS on strong customer authentication and secure communication

ID: 2018_4030| Topic: Strong customer authentication and common and secure communication (incl. access)| Date of submission: 28/06/2018

IFRS 9 Transitional Arrangements - Business Combination

There is a business combination between banks which decided to apply the static and dynamic phase in the arrangements envisaged by Article 473a CRR. 1) How should the static phase-in arrangements envisaged by Article 473a CRR apply on the consolidated basis? 2) How should the dynamic phase-in arrangements envisaged by Article 473a CRR apply on the consolidated basis?

Legal act: Regulation (EU) No 575/2013 (CRR) as amended

COM Delegated or Implementing Acts/RTS/ITS/GLs: Not applicable

ID: 2018_4391| Topic: Accounting and auditing| Date of submission: 25/11/2018

What is considered as a dedicated interface

Payment Service Users (PSUs) communicate with an account servicing payment service provider (ASPSP) via Web using HTTP while mobile PSUs and Third Party Providers (TPPs) via REST Application Programming Interfaces (APIs) but in all cases the processing is done by the same back-end server using the same credentials, authorisations and business logic. In the case of mobile and TPP channels, the APIs are similar and are exposed from the same ASPSP’s gateway. Any issue in the back-end server will result in downtime for all channels. Clarification is required whether this solution is considered as a dedicated interface or not.

Legal act: Directive 2015/2366/EU (PSD2)

COM Delegated or Implementing Acts/RTS/ITS/GLs: Regulation (EU) 2018/389 - RTS on strong customer authentication and secure communication

ID: 2019_4681| Topic: Strong customer authentication and common and secure communication (incl. access)| Date of submission: 25/04/2019

Inclusion of time taken for SCA in the performance KPI

Does the Key Performance Indicator (KPI) for the performance of the dedicated interface include the time taken for conducting Strong Customer Authentication (SCA)? 

Legal act: Directive 2015/2366/EU (PSD2)

COM Delegated or Implementing Acts/RTS/ITS/GLs: Regulation (EU) 2018/389 - RTS on strong customer authentication and secure communication

ID: 2019_4661| Topic: Strong customer authentication and common and secure communication (incl. access)| Date of submission: 08/04/2019

Contactless transactions - SCA

Does the cumulative count / authorised sum amount apply to any contactless authorisation request, regardless if the request was approved or not?

Legal act: Directive 2015/2366/EU (PSD2)

COM Delegated or Implementing Acts/RTS/ITS/GLs: Regulation (EU) 2018/389 - RTS on strong customer authentication and secure communication

ID: 2018_4230| Topic: Strong customer authentication and common and secure communication (incl. access)| Date of submission: 05/09/2018

SCA at vending machines without PIN pad

Do transactions at vending machines without PIN pad require Strong Customer Authentication (SCA)?

Legal act: Directive 2015/2366/EU (PSD2)

COM Delegated or Implementing Acts/RTS/ITS/GLs: Regulation (EU) 2018/389 - RTS on strong customer authentication and secure communication

ID: 2018_4057| Topic: Strong customer authentication and common and secure communication (incl. access)| Date of submission: 28/06/2018

Review of security measures

When an issuer delegates strong customer authentication (SCA) to a third-party (e.g. a smartphone manufacturer), what are the requirements for such delegation? Should the issuer conduct an evaluation of the technical features and security of third-party’s devices and solutions?

Legal act: Directive 2015/2366/EU (PSD2)

COM Delegated or Implementing Acts/RTS/ITS/GLs: Regulation (EU) 2018/389 - RTS on strong customer authentication and secure communication

ID: 2018_4047| Topic: Strong customer authentication and common and secure communication (incl. access)| Date of submission: 28/06/2018