Search for Q&As

Enquirers can use various factors to search for a Q&A:

  • These include searching by the Q&A ID; legal reference, date submitted, technical standard / guideline, or by keyword if known.
  • Searches can be extended to more than one legal act, topic, technical standard or guidelines by making multiple selections (i.e. pressing 'Ctrl' on your keyboard, and selecting the relevant ones from the drop-down lists by left mouse-click).

Disclaimer:

Q&As refer to the provisions in force on the day of their publication. The EBA does not systematically review published Q&As following the amendment of legislative acts. Users of the Q&A tool should therefore check the date of publication of the Q&A and whether the provisions referred to in the answer remain the same.

Please note that the Q&As related to the supervisory benchmarking exercises have been moved to the dedicated handbook page. You can submit Q&As on this topic here.

Final Q&As Q&As under review Rejected Q&As Archived Q&As All Q&As

List of Q&A's

LCR treatment of a committed facility provided to multiple borrowers

What is the LCR treatment of a committed credit facility provided to multiple borrowers where:each individual borrower might draw the full (undrawn) amount of the committed credit facility;all borrowers belong to the same overarching group which, from group perspective, would qualify as a non-financial corporate; whileone or more of the individual borrowers might qualify as a financial customer under Article 411(1) CRR on a stand-alone basis.

  • Legal act: Regulation (EU) No 575/2013 (CRR)
  • COM Delegated or Implementing Acts/RTS/ITS/GLs: Delegated Regulation (EU) 2015/61 - DR with regard to liquidity coverage requirement
  • ID: 2024_7055
  • Topic: Liquidity risk
  • Date of submission:
  • Published as Rejected Q&A: 31/07/2024

Internal hedges in the market risk thresholds computation

Should internal hedges be included in calculation of the size of institution's on- and off-balance-sheet business that is subject to market risk?

  • Legal act: Regulation (EU) No 575/2013 (CRR)
  • COM Delegated or Implementing Acts/RTS/ITS/GLs: Not applicable
  • ID: 2024_7146
  • Topic: Market risk
  • Date of submission:
  • Published as Rejected Q&A: 31/07/2024

Application of large exposure rules towards companies designated as financial holding companies

Should exposures of a financial holding company (Company A) to a company that is not an institution or a financial institution and is not covered by prudential consolidation ("Company B") be included in the statement of large exposures on a prudential consolidated basis at the level of Company A, taking into account Company A is not an institution within the meaning of Art. 4, Para. 3 of Regulation 575/2013?

  • Legal act: Regulation (EU) No 575/2013 (CRR)
  • COM Delegated or Implementing Acts/RTS/ITS/GLs: Not applicable
  • ID: 2024_7144
  • Topic: Large exposures
  • Date of submission:
  • Published as Rejected Q&A: 31/07/2024

Retained collateralized issuances

Should assets used as collateral for retained issuances be treated as encumbered assets?

  • Legal act: Regulation (EU) No 575/2013 (CRR)
  • COM Delegated or Implementing Acts/RTS/ITS/GLs: Not applicable
  • ID: 2024_7140
  • Topic: Liquidity risk
  • Date of submission:
  • Published as Rejected Q&A: 31/07/2024

Definition of "Communication Standards" under Article 30.3

a) Is ISO 20022 considered the communication standard referenced in Article 30(3) of the Regulatory Technical Standards (RTS), Commission Delegated Regulation (EU) 2018/389? b) How should NCAs ensure that ASPSPs comply with these standards, in accordance with Article 30.6 of the RTS?

  • Legal act: Directive 2015/2366/EU (PSD2)
  • COM Delegated or Implementing Acts/RTS/ITS/GLs: Regulation (EU) 2018/389 - RTS on strong customer authentication and secure communication
  • ID: 2024_7118
  • Topic: Other topics
  • Date of submission:
  • Published as Rejected Q&A: 30/07/2024

Clarification needed in dedicated Interfaces supervision

We seek clarification and insights into how competent authorities shall fulfill their responsibilities in line with Recital 23 and Article 32.2 of the Commission Delegated Regulation (EU) 2018/389, specifically regarding the supervision of payment initiation service's dedicated interfaces to ensure effective oversight and monitoring.

  • Legal act: Directive 2015/2366/EU (PSD2)
  • COM Delegated or Implementing Acts/RTS/ITS/GLs: Regulation (EU) 2018/389 - RTS on strong customer authentication and secure communication
  • ID: 2024_7093
  • Topic: Other topics
  • Date of submission:
  • Published as Rejected Q&A: 30/07/2024

Third party access to account attributes

In Norway there is a widely used scheme by which payees send out invoices containing structured payment information which is being used by the payee to match incoming payments with invoices. The information is in the form of a number defined by the payee. The number consists of up to 25 digits, including a control digit. The information flows all the way through the payment chain and back to the payee. The credit account number must be set up with attributes associated with it, according to scheme rules, which are defined jointly by the banks. The payee has to enter into an agreement with its bank in order to make use of the scheme. There is a nationwide registry covering all banks, containing information about agreements, accounts and attributes associated with each account. The banks have direct access to the registry. As and when the PSU (Payment Service User) keys in the invoice information, the bank checks in real time that what is being keyed in is correct according to information held in the registry. There is check that indeed the credit account is set up for the scheme. A control digit is checked, increasing the likelihood of a correct number being entered. If no number is keyed in, the PSU is told so, if the account is such that a number is required. While keypunching, the PSU is being informed there and then if the information is wrong such that the PSU may correct it. The bank will not accept the payment order unless it is pre-verified to pass the controls. Not so for TPPs (Third Party Provider). They are not granted access to the registry. The TPP does not know if the payment order will pass the controls. Not until payment initiation there is a check. This check is being performed by the bank, not by the third party. The TPP receives information from the bank about the outcome of the check. TPPs must revert back to the PSU and / or the payee, or the banks, and try to resolve any issues. There are costs associated with follow up and correction. PSD2 Article 66 number 4 letter (c) obliges ASPSPs to treat payment orders transmitted through the services of a payment initiation service provider without any discrimination other than for objective reasons, in particular in terms of timing, priority or charges vis-à-vis payment orders transmitted directly by the payer. Not having access to the registry puts the TPPs at a disadvantage, with a bearing on timing, as payments may be delayed and may become overdue. The banks' own payment services have direct access to the key payment information held in the registry, whereas third party payment services do not. The FSA of Norway seeks advice on whether this constitutes a discrimination according to PSD2 Article 66. Not having access to the registry puts the TPPs at a disadvantage. It leads to extra work for TPPs and others involved in the payment. Additional costs are being incurred. The FSA of Norway seeks advice on whether not giving TPPs access to the registry creates obstacles for TPPs as per Commission delegated regulation (EU) 2018/389 Article 32 number 3. Lastly, the FSA of Norway seeks advice on whether there are other relevant provisions in the regulation, and whether the principle of "level playing field" may apply in this case.

  • Legal act: Directive 2015/2366/EU (PSD2)
  • COM Delegated or Implementing Acts/RTS/ITS/GLs: Regulation (EU) 2018/389 - RTS on strong customer authentication and secure communication
  • ID: 2024_7003
  • Topic: Strong customer authentication and common and secure communication (incl. access)
  • Date of submission:
  • Published as Rejected Q&A: 30/07/2024

Direct and indirect applicability of DORA

Should a credit bureau apply DORA directly, similar to any other financial entity, as an Account Information Service Provider or AISP, or should the CRA apply DORA indirectly, as an ICT third-party provider?

  • Legal act: Directive 2022/2556/EU (DORA)
  • COM Delegated or Implementing Acts/RTS/ITS/GLs: Not applicable
  • ID: 2024_6998
  • Topic: Other DORA topics
  • Date of submission:
  • Published as Rejected Q&A: 19/07/2024

Services of credit bureaus under DORA

Do the services offered by credit bureaus fall within the definition of 'ICT services' as outlined in Article 3(21) of DORA? If so, can credit bureaus be considered as providers of ICT services under Article 3(19) of DORA?

  • Legal act: Directive 2022/2556/EU (DORA)
  • COM Delegated or Implementing Acts/RTS/ITS/GLs: Not applicable
  • ID: 2024_6996
  • Topic: Other DORA topics
  • Date of submission:
  • Published as Rejected Q&A: 19/07/2024

Definition of ICT services

Does the licensing of software by a third party to a financial entity for use on the financial entity's own premises meet the definition of "ICT services"

  • Legal act: Directive 2022/2556/EU (DORA)
  • COM Delegated or Implementing Acts/RTS/ITS/GLs: Not applicable
  • ID: 2024_7046
  • Topic: Other DORA topics
  • Date of submission:
  • Published as Rejected Q&A: 19/07/2024

Services of credit registers under DORA

Should public Credit Registers be regarded as providers of ICT services under Article 3(19) of DORA?

  • Legal act: Regulation (EU) No 2022/2554 (DORA)
  • COM Delegated or Implementing Acts/RTS/ITS/GLs: Not applicable
  • ID: 2024_6997
  • Topic: Other DORA topics
  • Date of submission:
  • Published as Rejected Q&A: 19/07/2024

Request for Clarification on Article 28(3) of Regulation (EU) 2022/2554

I am reaching out for clarification regarding a specific provision in the Digital Operational Resilience Act (DORA) – particularly the third paragraph of Article 28. The provision in question stipulates: "As part of their ICT risk management framework, financial entities shall maintain, and keep updated at entity level as well as at sub-consolidated and consolidated levels, a register of information related to all contractual arrangements on the use of ICT services provided by third-party ICT service providers." Similarly, DORA provides in its article 28(2): "The strategy on ICT third-party risk shall include a policy on the use of ICT services supporting critical or important functions provided by ICT third-party service providers and shall apply on an individual basis and, where relevant, on a sub-consolidated and consolidated basis". Overall, how should we understand the phrases “where relevant” and “where applicable” in DORA and its policy products when addressing different levels of entities? we seek your confirmation on whether our client is really obligated to maintain both for its specific entity and at the group level:  The register of information related to all contractual arrangements on the use of ICT services provided by third-party ICT service providers. The strategy on ICT third-party risk and (or?) the policy on the use of ICT services supporting critical or important functions.  Could you also confirm that whenever the phrases "where relevant" and "where applicable" appear in the presence of corporate group, the latter must each time implement the requirement at the level of the entity, at the sub-consolidated level and at the consolidated level? 

  • Legal act: Regulation (EU) No 2022/2554 (DORA)
  • COM Delegated or Implementing Acts/RTS/ITS/GLs: Not applicable
  • ID: 2023_6950
  • Topic: ICT risk management
  • Date of submission:
  • Published as Rejected Q&A: 19/07/2024

Sign Convention and aggregated rows in Template 2 of the ITS on IRRBB

Could the EBA please clarify the expected sign convention for columns 0040 to 0090 and 0110 to 0120, and the aggregation logic for rows 0540 to 0560 in template J 02.00?

  • Legal act: Regulation (EU) No 575/2013 (CRR)
  • COM Delegated or Implementing Acts/RTS/ITS/GLs: Regulation (EU) 2021/451 – ITS on supervisory reporting of institutions
  • ID: 2024_7121
  • Topic: Interest Rate Risk for Banking Book (IRRBB)
  • Date of submission:
  • Published as Rejected Q&A: 11/07/2024

Unrated short term claim/exposure

As per CRR Article 120(para 3, subpara c), it states: "If there is a short-term assessment and such an assessment determines a less favourable risk weight than the use of the general preferential treatment for short-term exposures, as specified in paragraph 2, then the general preferential treatment for short-term exposures shall not be used and all unrated short-term claims shall be assigned the same risk weight as that applied by the specific short-term assessment." Question: What is meant by unrated short-term claims as per this paragraph? If there is a general issuer rating available, will the exposures with residual maturity of less than 3 months be classed as Unrated and not eligible for preferential risk weight treatment as per CRR Article 120 (2)?

  • Legal act: Regulation (EU) No 575/2013 (CRR)
  • COM Delegated or Implementing Acts/RTS/ITS/GLs: Draft ITS on Supervisory Reporting of Institutions
  • ID: 2024_7111
  • Topic: Credit risk
  • Date of submission:
  • Published as Rejected Q&A: 11/07/2024

Risk weight for Exposures in default

What risk weight should be applied to in default exposures, under the standardised approach for credit risk? 

  • Legal act: Regulation (EU) No 575/2013 (CRR)
  • COM Delegated or Implementing Acts/RTS/ITS/GLs: Not applicable
  • ID: 2024_7110
  • Topic: Credit risk
  • Date of submission:
  • Published as Rejected Q&A: 11/07/2024

Risk retention

  Where an SSPE that directly purchases securitised exposures from the seller is fully consolidated for accounting purposes by an entity, with a view to exposing such entity to (i) the risks (first loss in an amount at least equal to the expected loss) and (ii) the benefit of the excess spread deriving from such exposures, based on the performance of the portfolio which depends on the management of the assets by such entity, can such entity be considered as the limb(b) originator and as such, be eligible to hold the risk retention piece under Article 6(3)(b) of Regulation (EU) No 2017/2402, even though such entity is not directly a party to the purchase arrangement?

  • Legal act: Regulation (EU) No 2017/2402 (SecReg)
  • COM Delegated or Implementing Acts/RTS/ITS/GLs: Not applicable
  • ID: 2023_6912
  • Topic: Provisions applicable to all securitisations
  • Date of submission:
  • Published as Rejected Q&A: 11/07/2024

validation rules v16059_s and v16069_s for Template 3 are not aligned with above referenced article / paragraph in the ITS

We believe the validation rules are incorrect as they prescribe that the value should always be equal to or larger than zero, which is not always the case when applying the fixed formula for calculating the distance from the IEA Net Zero benchmark.

  • Legal act: Regulation (EU) No 575/2013 (CRR)
  • COM Delegated or Implementing Acts/RTS/ITS/GLs: Regulation (EU) 2022/2453 - ITS on ESG disclosures
  • ID: 2024_7100
  • Topic: Transparency and Pillar 3
  • Date of submission:
  • Published as Rejected Q&A: 05/07/2024

Fair-valued assets and liabilities excluded because of partial impact on CET1 – Prudential Filters

Template C32.01 Prudent valuation. Fair-Valued assets and liabilities requires the Prudential filters Fair-valued assets and liabilities excluded because of partial impact on CET1 (col 0050) to be reported in accordance with Article 4(2) of Delegated Regulation (EU) 2016/101 due to the transitional application of the prudential filters referred to in Articles 467 and 468 of Regulation (EU) No 575/2013. Since Articles 467 and 468 of Regulation (EU) No 575/2013 are related to COVID transitional fix items, should the institution report 0 in this column until the guidance is updated?   Additionally, validation v6566 related to this template, states that values reported for Fair-valued assets and liabilities excluded because of partial impact on CET1 – Prudential Filters (c0050) have to be equal to or higher than 0. Could you please confirm if this validation is applicable in all the contra liability balances?

  • Legal act: Regulation (EU) No 575/2013 (CRR)
  • COM Delegated or Implementing Acts/RTS/ITS/GLs: Not applicable
  • ID: 2024_7059
  • Topic: Credit risk
  • Date of submission:
  • Published as Rejected Q&A: 04/07/2024

Reconciliation between Additional Liquidity? monitoring tools (ALMM) and FINREP

We have two questions pertaining to cross reporting controls.Pursuant to regulation re (UE) 2022/1994, C67 template (total of section 1 and section 2) shall be equal to the total of financial liabilities declared in FINREP.However, both reportings must be produced at different deadlines:- C67, as a monthly reporting, shall be submitted at the 15th calendar day after the reporting reference date- FINREP, as a quarterly report, shall be submitted 12 May, 11 August, 11 November, and 11 FebruaryThe mismatch between these two dates makes it impossible in practice to comply with the new requirement and align the C67 with the FINREP on the same reference date. It also creates an unduly excessive administrative burden to systematically resubmit the C67 each quarter once the FINREP has been completed.Therefore, we would like to confirm with the EBA that the requirement means that institutions may use the figures of the FINREP of the previous quarter when performing the quarterly production of the ALMM (example: use of the Q3 FINREP data to report the Q4 ALMM)Does C68 statement also need to be reconciled with the FINREP? If yes, with which quarter end should be used as a reference, and which line should be used?

  • Legal act: Regulation (EU) No 575/2013 (CRR)
  • COM Delegated or Implementing Acts/RTS/ITS/GLs: Regulation (EU) 2021/451 – ITS on supervisory reporting of institutions
  • ID: 2023_6948
  • Topic: Supervisory reporting - Liquidity (LCR, NSFR, AMM)
  • Date of submission:
  • Published as Rejected Q&A: 04/07/2024