Search for Q&As

Enquirers can use various factors to search for a Q&A:

These include searching by the Q&A ID; legal reference, date submitted, technical standard / guideline, or by keyword if known.
Searches can be extended to more than one legal act, topic, technical standard or guidelines by making multiple selections (i.e. pressing 'Ctrl' on your keyboard, and selecting the relevant ones from the drop-down lists by left mouse-click).

Disclaimer:

Q&As refer to the provisions in force on the day of their publication. The EBA does not systematically review published Q&As following the amendment of legislative acts. Users of the Q&A tool should therefore check the date of publication of the Q&A and whether the provisions referred to in the answer remain the same.

Please note that the Q&As related to the supervisory benchmarking exercises have been moved to the dedicated handbook page. You can submit Q&As on this topic here.

Legal act

Topic

Article

COM Delegated or Implementing Acts/RTS/ITS/GLs/Recommendations

Answer prepared by

Period posted start

Period posted end

Publication start

Publication end

Keywords

Question ID

Final Q&As Q&As under review Rejected Q&As Archived Q&As All Q&As

Export options

Select / deselect all results on this page

List of Q&A's

Absolute materiality threshold for Retail based on the new RTS

How to apply Article 123(c) CRR to set the absolute component of the materiality threshold in the case of transition of exposures to or from Retail.

Legal act: Regulation (EU) No 575/2013 (CRR)
COM Delegated or Implementing Acts/RTS/ITS/GLs: EBA/GL/2016/07 - Guidelines on the application of the definition of default under Article 178 CRR

Applicability of SCA to electronically processed SEPA Direct Debits / Interpretation of EBA Q&A 2018_4359

Are mandates for direct debits which are set up without direct involvement of the payer’s PSP subject to SCA requirements?

Legal act: Directive 2015/2366/EU (PSD2)
COM Delegated or Implementing Acts/RTS/ITS/GLs: Regulation (EU) 2018/389 - RTS on strong customer authentication and secure communication

Define what is “given period of time”

What constitutes a “given period of time” as expressed in Article 4.3 (b) of the RTS on strong customer authentication and secure communication?

Legal act: Directive 2015/2366/EU (PSD2)
COM Delegated or Implementing Acts/RTS/ITS/GLs: Regulation (EU) 2018/389 - RTS on strong customer authentication and secure communication

Inclusion of time taken for SCA in the performance KPI

Does the Key Performance Indicator (KPI) for the performance of the dedicated interface include the time taken for conducting Strong Customer Authentication (SCA)?

Legal act: Directive 2015/2366/EU (PSD2)
COM Delegated or Implementing Acts/RTS/ITS/GLs: Regulation (EU) 2018/389 - RTS on strong customer authentication and secure communication

Relying on vendor mechanisms processing the biometric data for strong customer authentication; Multiple fingerprint samples stored on a mobile device and used for purpose of user authentication.

Are the obligations of a payment service provider (PSP) laid down in the Article 8 of RTS on strong customer authentication and secure communication fulfilled in case the biometric credentials of customer are stored at the device level and the strong customer authentication itself is processed by the mobile device? In this context, are the obligations of the PSP laid down in Article 8 and 24 of RTS on Strong Customer Authentication fulfilled in case the mobile device stores multiple fingerprint samples for user authentication?

Legal act: Directive 2015/2366/EU (PSD2)
COM Delegated or Implementing Acts/RTS/ITS/GLs: Regulation (EU) 2018/389 - RTS on strong customer authentication and secure communication

EBA register providing a list of third party providers (TPPs)

1° Does the EBA register under PSD2 provide a list of third party providers (TPPs)?2° If yes :2.1 Could you provide a procedure to get a TPP list?2.2 Should we filter on services 5 (Payment Initiation Service Provider (PISP) / Card Based Payment Instrument Issuer (CBPII) use case), 7 Account Information Service Provider (AISP) and 8 Payment Initiation Service Provider (PISP) to get the complete list of TPP?2.3 Agents can also provide services 5a, 7 and 8: In the downloadable JSON file, it is possible to find agents who are mandated by PSPs; however, the services offered by these agents are not indicated. Are the agents mandated by a PSP providing services 5A, 7 and 8 to be included in the TPP list?2.4 is the registry downloadable automatically? If yes, how?

Legal act: Directive 2015/2366/EU (PSD2)
COM Delegated or Implementing Acts/RTS/ITS/GLs: Regulation (EU) 2019/411 - RTS on EBA register under PSD2

Resolution plans for subsidiaries where no resolution college has been established yet

Is the national resolution authority empowered to draft an individual resolution plan, referred to in Article 10 BRRD, for an institution which is part of a (third country) group subject to consolidated supervision, where the European group-level resolution authority (GLRA) has not established the European resolution college?

Legal act: Directive 2014/59/EU (BRRD)
COM Delegated or Implementing Acts/RTS/ITS/GLs: Not applicable

EBA_v6217-6222 and EBA_v6224-622; EBA_v6230 validation rules (warnings) implementation

Does EBA_v6217-6222 and EBA_v6224-622; EBA_v6230 validation rules (warnings) are correctly implemented and should be applicable for all institutions?

Legal act: Regulation (EU) No 575/2013 (CRR)
COM Delegated or Implementing Acts/RTS/ITS/GLs: Regulation (EU) No 680/2014 - ITS on supervisory reporting of institutions (repealed)

Wide usage portability between Member States

Could three months’ data, showing wide usage of the dedicated interface, produced in one Member State by a regulated entity (ASPSP) belonging to an ASPSP Group, be used as evidence to support the ‘widely used’ condition in a further Member State for a separate regulated entity (ASPSP) belonging to the same ASPSP Group, on the condition that both entities employ the same dedicated interface?

Legal act: Directive 2015/2366/EU (PSD2)
COM Delegated or Implementing Acts/RTS/ITS/GLs: EBA/GL/2018/07 - Guidelines on the exemption from the contingency mechanism under Regulation (EU) 2018/389

Separation of factors for strong customer authentication

If a mobile phone has two different e-banking apps on it, one for the banking agendas (a banking app where payments are initiated by entering password, possibly in combination with OTPs) and one for receiving the SMS OTPs (authorization app),would this scenario fulfill the PSD2 requirements of sufficient separation of both factors (since both factors reside on the same smartphone, but in different apps)?

Legal act: Directive 2015/2366/EU (PSD2)
COM Delegated or Implementing Acts/RTS/ITS/GLs: Regulation (EU) 2018/389 - RTS on strong customer authentication and secure communication

TPP access only with PSU involvement

Can a Payment Service User (PSU) allow a Third party provider (TPP) the access to his account only if he is involved?

Legal act: Directive 2015/2366/EU (PSD2)
COM Delegated or Implementing Acts/RTS/ITS/GLs: Regulation (EU) 2018/389 - RTS on strong customer authentication and secure communication

Applicability of Article 34 (eIDAS certificates) prior to application date of Regulation (EU) 2018/389

Is the use of eIDAS certificates mandatory for accessing payment accounts via dedicated interfaces (APIs) already prior to the application date of the Commission Delegated Regulation (EU) 2018/389, i.e. 14 September 2019?

Legal act: Directive 2015/2366/EU (PSD2)
COM Delegated or Implementing Acts/RTS/ITS/GLs: Regulation (EU) 2018/389 - RTS on strong customer authentication and secure communication

Upside uncertainty and OPR AVA

How shall OPR AVA be treated in relation to Upside uncertainty?

Legal act: Regulation (EU) No 575/2013 (CRR)
COM Delegated or Implementing Acts/RTS/ITS/GLs: Regulation (EU) No 680/2014 - ITS on supervisory reporting of institutions (repealed)

Diversification benefits of upside uncertainty in column 0120 C 32.02

Where should diversification benefits of the upside uncertainty shall be included?

Legal act: Regulation (EU) No 575/2013 (CRR)
COM Delegated or Implementing Acts/RTS/ITS/GLs: Regulation (EU) No 680/2014 - ITS on supervisory reporting of institutions (repealed)

Reporting of gains/losses other than dividends for investments in subsidiaries, associates and joint ventures (F 02.00).

Could you please provide further instructions about the reporting of gains/losses other than dividends for investments in unconsolidated (with respect to the regulatory scope of consolidation) subsidiaries, associates and joint ventures in the statement of profit or loss (F 02.00)?

Legal act: Regulation (EU) No 575/2013 (CRR)
COM Delegated or Implementing Acts/RTS/ITS/GLs: Regulation (EU) No 680/2014 - ITS on supervisory reporting of institutions (repealed)

Benchmark Rates of other currencies than EUR, USD, GBP

Can you kindly confirm: - Currencies other than the three currencies mentioned in Point 3(b) namely EUR, USD and GBP must be compared to the benchmark in the same currency - For currencies that are not captured by LIBOR (e.g. CAD, RON), we should apply the benchmark rates set by the respective organisation (e.g. Romania Three Month Interbank Rate for RON).

Legal act: Regulation (EU) No 575/2013 (CRR)
COM Delegated or Implementing Acts/RTS/ITS/GLs: Regulation (EU) No 680/2014 - ITS on supervisory reporting of institutions (repealed)

Definition of "external customers" mentioned in iii) of b) of Paragraph 1 of Article 96

Could it be possible to give a definition of "external customers" mentioned in iii) of b) of Paragraph 1 of Article 96? Would an entity from the same banking group (in the case of an investment firm belonging to a banking group) be considered as an external customer?

Legal act: Directive 2014/59/EU (BRRD)
COM Delegated or Implementing Acts/RTS/ITS/GLs: Delegated Regulation (EU) 2015/63 - DR on ex ante contributions to resolution financing arrangements

FINREP F01.03, F02 and F46 checks (V1226_m and V0786_m)

The non-xbrl check V1226_m is in contradiction with v0786_m

Legal act: Regulation (EU) No 575/2013 (CRR)
COM Delegated or Implementing Acts/RTS/ITS/GLs: Regulation (EU) No 680/2014 - ITS on supervisory reporting of institutions (repealed)

FINREP Validation rule v2822_m

V2822_m: sum({F 32.01, r110, (c010, c060)}) = sum({F 05.01, r090, (c020-060)}) - Economic agents inconsistency : F 32.01, r110, (c010, c060) = non-financial corporation and households; F 05.01, r090, (c020-060) = all agents

Legal act: Regulation (EU) No 575/2013 (CRR)
COM Delegated or Implementing Acts/RTS/ITS/GLs: Regulation (EU) No 680/2014 - ITS on supervisory reporting of institutions (repealed)

Identification and access for testing purposes of entities that are not authorised third party providers (TPPs)

How would account servicing payment service providers (ASPSPs) identify entities that have applied for authorisation as a TPP?Should ASPSPs offer access to their testing facility to entities that are not (i) authorised payment service providers or (ii) entities that have applied for authorisation as a TPP (e.g. technical service providers)? If the answer is ‘yes’, should ASPSPs offer the same level of service to the referred entities?

Legal act: Directive 2015/2366/EU (PSD2)
COM Delegated or Implementing Acts/RTS/ITS/GLs: Regulation (EU) 2018/389 - RTS on strong customer authentication and secure communication

Organisation and governance

Legal and policy framework

Careers

Supervisory convergence

Direct supervision and oversight

Information for consumers

Ad hoc activities

Risk analysis

Reporting frameworks

Data

Publications

Media centre