Search for Q&As

Enquirers can use various factors to search for a Q&A:

  • These include searching by the Q&A ID; legal reference, date submitted, technical standard / guideline, or by keyword if known.
  • Searches can be extended to more than one legal act, topic, technical standard or guidelines by making multiple selections (i.e. pressing 'Ctrl' on your keyboard, and selecting the relevant ones from the drop-down lists by left mouse-click).

Disclaimer:

Q&As refer to the provisions in force on the day of their publication. The EBA does not systematically review published Q&As following the amendment of legislative acts. Users of the Q&A tool should therefore check the date of publication of the Q&A and whether the provisions referred to in the answer remain the same.

Please note that the Q&As related to the supervisory benchmarking exercises have been moved to the dedicated handbook page. You can submit Q&As on this topic here.

List of Q&A's

Contactless payments at point of sale - Applications of the conditions

With respect to Article 11 Paragraph b) of the RTS can we setup control for either 150 € or 5 transactions?

  • Legal act: Directive 2015/2366/EU (PSD2)
  • COM Delegated or Implementing Acts/RTS/ITS/GLs: Regulation (EU) 2018/389 - RTS on strong customer authentication and secure communication

Calculation of institution-specific countercyclical capital buffer rates

Should the calculation of the institutions-specific countercyclical buffer rate include capital requirements arising from measures taken in accordance with Article 458 in Regulation (EU) No 575/2013 (CRR)?

  • Legal act: Directive 2013/36/EU (CRD)
  • COM Delegated or Implementing Acts/RTS/ITS/GLs: Not applicable

Difference in reporting requirements for C71 as per the EBA Annotated Reports and ITS Monitoring Metrics

There is some confusion in relation to two documents provided by the EBA on the ITS Supervisory Reporting website. In regards to the C 71.00 report, on the Annoted Report (see screenshot attached) it is shown clearly that the counterparty should not include "Central Banks" - but tat the same time in the ITS document also provided by the EBA (unable to attach more than one attachment for reference) for C 7.001, they mention clearly that "Central Banks" should be included in the Issuer/Counterparty Sector.

  • Legal act: Regulation (EU) No 575/2013 (CRR)
  • COM Delegated or Implementing Acts/RTS/ITS/GLs: Regulation (EU) No 680/2014 - ITS on supervisory reporting of institutions (repealed)

Clarification of Z02.00, row 0200 (DGS liabilities)

What is expected to be reported in Z 02.00, row 0200 (DGS liabilities) as the instructions only refer to Article 44 (2) point g (iv) of Directive 2014/59/EU and liabilities to deposit guarantee schemes arising from contributions due in accordance with Directive 2014/49/EU?

  • Legal act: Directive 2014/59/EU (BRRD)
  • COM Delegated or Implementing Acts/RTS/ITS/GLs: Draft ITS on the provision of information for the purpose of resolution plans

Access by AISPs when customer not present up to 4 times in a 24 hour period

Is the intention that the '4 times in 24 hour period' is implemented based on 4 sessions for access for account information per consented customer account, or 4 Application Programming Interface (API) calls (where APIs are used for the decicated interface) for account information, or another basis?

  • Legal act: Directive 2015/2366/EU (PSD2)
  • COM Delegated or Implementing Acts/RTS/ITS/GLs: Regulation (EU) 2018/389 - RTS on strong customer authentication and secure communication

Calculating the threshold of 1% of total liabilities in significative currencies.

Should the institution report the section 2 of C 67.00 the total liabilities considering the complete scope of currencies in the bank or should be restricted to the total of the relevant significative currency. Moreover, this would have impact in the 1% threshold calculation.

  • Legal act: Regulation (EU) No 575/2013 (CRR)
  • COM Delegated or Implementing Acts/RTS/ITS/GLs: Regulation (EU) No 680/2014 - ITS on supervisory reporting of institutions (repealed)

C 17 template

Is it possible to include the positive impacts of operational risk errors in template C 17.00?

  • Legal act: Regulation (EU) No 575/2013 (CRR)
  • COM Delegated or Implementing Acts/RTS/ITS/GLs: Regulation (EU) No 680/2014 - ITS on supervisory reporting of institutions (repealed)

Treatment of failed SRT under Traditional Securitisation

In case the significant credit risk cannot be considered to have been transferred according to 244 of Regulation (EU) No 575/2013 as amended by Regulation (EU) 2017/2401, but the exposures had been already derecognised from the bank's balance sheet, shall the bank continue to calculate the RWA for the securitised exposures as if they were never securitised? Does it mean that no RWA will be calculated for the securitisation position?  Additionally, if the exposures have been securitised against cash, and the cash invested in new loan, would RWA be calculated for these new loans

  • Legal act: Regulation (EU) No 575/2013 (CRR)
  • COM Delegated or Implementing Acts/RTS/ITS/GLs: Not applicable

C 66.00, validation rule v5903_s

In an environment of negative (money market indexing) interest rates this rule may not be applicable.

  • Legal act: Regulation (EU) No 575/2013 (CRR)
  • COM Delegated or Implementing Acts/RTS/ITS/GLs: Regulation (EU) No 680/2014 - ITS on supervisory reporting of institutions (repealed)

Template C32.01. Guidance required for which row to submit commodity assets and liabilities on template C32.01,

When following guidance found in AnnexII (page 185-190) there is no guidance as to where to include Commodity Assets (or liabilities) that are not derivatives (even though they are in scope for PVA threshold assessment). These are not Financial Assets or Liabilities even if fair valued and as such do not fit in any of the rows on the template. The equivalent row for assets in Finrep template 01.01 is row 360 'Other assets' but this has no equivalent in template C32.01.

  • Legal act: Regulation (EU) No 575/2013 (CRR)
  • COM Delegated or Implementing Acts/RTS/ITS/GLs: Regulation (EU) No 680/2014 - ITS on supervisory reporting of institutions (repealed)

Adjustments due to IFRS 9 transitional arrangements included in RWAs and interaction with validation rule v3689_s in template C5.01.

In template C5.01 validation rule v3689_s states that R010 C040 cannot be negative, should R010 C040 be excluded from this validation rule?

  • Legal act: Regulation (EU) No 575/2013 (CRR)
  • COM Delegated or Implementing Acts/RTS/ITS/GLs: Regulation (EU) No 680/2014 - ITS on supervisory reporting of institutions (repealed)

Information to be provided / made available by ASPSP to payment initiation service provider (PISP)

In the context of PIS:(a) shall the ASPSP, upon initiation of the payment session, provide or make available to the PISP the IBANs/account numbers for all payment accounts from which the user can transfer funds, and the associated currencies; and(b) shall the ASPSP, in each communication session, provide or make available to the PISP/AISP the name of the payment service user that is accessing the accounts.

  • Legal act: Directive 2015/2366/EU (PSD2)
  • COM Delegated or Implementing Acts/RTS/ITS/GLs: Regulation (EU) 2018/389 - RTS on strong customer authentication and secure communication

Aggregated first loss under credit insurance

Is the requirement in Article 213(1)(b) CRR met in case of a credit insurance whose contractual terms provide that the institution shall bear a first loss, which is calculated at aggregate level with regard to several different exposures?

  • Legal act: Regulation (EU) No 575/2013 (CRR)
  • COM Delegated or Implementing Acts/RTS/ITS/GLs: Not applicable

Application of limits for Strong customer authentication (SCA) exemption

How should payment service providers (PSPs) apply the cumulative limits set in Articles 11 and 16 of the RTS on strong customer authentication and secure communication?

  • Legal act: Directive 2015/2366/EU (PSD2)
  • COM Delegated or Implementing Acts/RTS/ITS/GLs: Regulation (EU) 2018/389 - RTS on strong customer authentication and secure communication

The Implementation of the electronic communications exclusion in the voiced-based premium rate services market

Considering the organisation of the voiced-based premium rate services market, and considering the interpretations proposed for the electronic communications exclusion (ECE) in the different countries, as far as a payment transaction complies with the conditions imposed by the ECE, does the ECE apply to the whole value chain, and therefore, all the providers of electronic communications networks or services involved in payment transactions covered by the ECE should not have to register as payment institutions or agents for these operations?

  • Legal act: Directive 2015/2366/EU (PSD2)
  • COM Delegated or Implementing Acts/RTS/ITS/GLs: Not applicable

Application of SCA when a PSU accesses payment transactions data older than on the last 90 days, without having access to sensitive payment data and for a period of 90 days after the last access using SCA

Could Payment Service Providers (PSPs) be allowed to choose between applying SCA(Strong Customer Authentication) or not when a PSU (Payment Service User) accesses payment transactions data older than on the last 90 days without having access to sensitive payment data and for a period of 90 days after its last access using SCA?

  • Legal act: Directive 2015/2366/EU (PSD2)
  • COM Delegated or Implementing Acts/RTS/ITS/GLs: Regulation (EU) 2018/389 - RTS on strong customer authentication and secure communication

Operation and security risk assessment of a branch of a credit institution

Does a branch of an EU credit institution operating in another Member State have to prepare separate assessment for its payment related activity and if yes which competent authority shall be responsible for receiving the assessment - is it the competent authority of the host or the home Member State?

  • Legal act: Directive 2015/2366/EU (PSD2)
  • COM Delegated or Implementing Acts/RTS/ITS/GLs: EBA/GL/2019/04 – Guidelines on ICT and security risk management - repealing EBA/GL/2017/17

Interpretation of 'Active request for account information'

How should 'active request for account information' by a Payment Service User (PSU) be interpreted the wording of article 36(5)(a)(b) of the RTS SCA?

  • Legal act: Directive 2015/2366/EU (PSD2)
  • COM Delegated or Implementing Acts/RTS/ITS/GLs: Regulation (EU) 2018/389 - RTS on strong customer authentication and secure communication

Home / host cooperation

Should banks notify only National Competent Authorities (NCAs) of the home Member State when they use Strong customer authentication (SCA) exemptions on Secure corporate payment processes and protocols  (Article 17 of Regulation (EU) 2018/389 – RTS on strong customer authentication and secure communication) and Transaction risk analysis (Article 18 of the Delegated Regulation)?

  • Legal act: Directive 2015/2366/EU (PSD2)
  • COM Delegated or Implementing Acts/RTS/ITS/GLs: Regulation (EU) 2018/389 - RTS on strong customer authentication and secure communication