Search for Q&As

Enquirers can use various factors to search for a Q&A:

  • These include searching by the Q&A ID; legal reference, date submitted, technical standard / guideline, or by keyword if known.
  • Searches can be extended to more than one legal act, topic, technical standard or guidelines by making multiple selections (i.e. pressing 'Ctrl' on your keyboard, and selecting the relevant ones from the drop-down lists by left mouse-click).

Disclaimer:

Q&As refer to the provisions in force on the day of their publication. The EBA does not systematically review published Q&As following the amendment of legislative acts. Users of the Q&A tool should therefore check the date of publication of the Q&A and whether the provisions referred to in the answer remain the same.

Please note that the Q&As related to the supervisory benchmarking exercises have been moved to the dedicated handbook page. You can submit Q&As on this topic here.

Final Q&As Q&As under review Rejected Q&As Archived Q&As All Q&As

List of Q&A's

Direct and indirect applicability of DORA

Should a credit bureau apply DORA directly, similar to any other financial entity, as an Account Information Service Provider or AISP, or should the CRA apply DORA indirectly, as an ICT third-party provider?

  • Legal act: Directive 2022/2556/EU (DORA)
  • COM Delegated or Implementing Acts/RTS/ITS/GLs: Not applicable
  • ID: 2024_6998
  • Topic: Other DORA topics
  • Date of submission:
  • Published as Rejected Q&A: 19/07/2024

Services of credit bureaus under DORA

Do the services offered by credit bureaus fall within the definition of 'ICT services' as outlined in Article 3(21) of DORA? If so, can credit bureaus be considered as providers of ICT services under Article 3(19) of DORA?

  • Legal act: Directive 2022/2556/EU (DORA)
  • COM Delegated or Implementing Acts/RTS/ITS/GLs: Not applicable
  • ID: 2024_6996
  • Topic: Other DORA topics
  • Date of submission:
  • Published as Rejected Q&A: 19/07/2024

Definition of ICT services

Does the licensing of software by a third party to a financial entity for use on the financial entity's own premises meet the definition of "ICT services"

  • Legal act: Directive 2022/2556/EU (DORA)
  • COM Delegated or Implementing Acts/RTS/ITS/GLs: Not applicable
  • ID: 2024_7046
  • Topic: Other DORA topics
  • Date of submission:
  • Published as Rejected Q&A: 19/07/2024

Services of credit registers under DORA

Should public Credit Registers be regarded as providers of ICT services under Article 3(19) of DORA?

  • Legal act: Regulation (EU) No 2022/2554 (DORA)
  • COM Delegated or Implementing Acts/RTS/ITS/GLs: Not applicable
  • ID: 2024_6997
  • Topic: Other DORA topics
  • Date of submission:
  • Published as Rejected Q&A: 19/07/2024

Request for Clarification on Article 28(3) of Regulation (EU) 2022/2554

I am reaching out for clarification regarding a specific provision in the Digital Operational Resilience Act (DORA) – particularly the third paragraph of Article 28. The provision in question stipulates: "As part of their ICT risk management framework, financial entities shall maintain, and keep updated at entity level as well as at sub-consolidated and consolidated levels, a register of information related to all contractual arrangements on the use of ICT services provided by third-party ICT service providers." Similarly, DORA provides in its article 28(2): "The strategy on ICT third-party risk shall include a policy on the use of ICT services supporting critical or important functions provided by ICT third-party service providers and shall apply on an individual basis and, where relevant, on a sub-consolidated and consolidated basis". Overall, how should we understand the phrases “where relevant” and “where applicable” in DORA and its policy products when addressing different levels of entities? we seek your confirmation on whether our client is really obligated to maintain both for its specific entity and at the group level:  The register of information related to all contractual arrangements on the use of ICT services provided by third-party ICT service providers. The strategy on ICT third-party risk and (or?) the policy on the use of ICT services supporting critical or important functions.  Could you also confirm that whenever the phrases "where relevant" and "where applicable" appear in the presence of corporate group, the latter must each time implement the requirement at the level of the entity, at the sub-consolidated level and at the consolidated level? 

  • Legal act: Regulation (EU) No 2022/2554 (DORA)
  • COM Delegated or Implementing Acts/RTS/ITS/GLs: Not applicable
  • ID: 2023_6950
  • Topic: ICT risk management
  • Date of submission:
  • Published as Rejected Q&A: 19/07/2024

Sign Convention and aggregated rows in Template 2 of the ITS on IRRBB

Could the EBA please clarify the expected sign convention for columns 0040 to 0090 and 0110 to 0120, and the aggregation logic for rows 0540 to 0560 in template J 02.00?

  • Legal act: Regulation (EU) No 575/2013 (CRR)
  • COM Delegated or Implementing Acts/RTS/ITS/GLs: Regulation (EU) 2021/451 – ITS on supervisory reporting of institutions
  • ID: 2024_7121
  • Topic: Interest Rate Risk for Banking Book (IRRBB)
  • Date of submission:
  • Published as Rejected Q&A: 11/07/2024

Unrated short term claim/exposure

As per CRR Article 120(para 3, subpara c), it states: "If there is a short-term assessment and such an assessment determines a less favourable risk weight than the use of the general preferential treatment for short-term exposures, as specified in paragraph 2, then the general preferential treatment for short-term exposures shall not be used and all unrated short-term claims shall be assigned the same risk weight as that applied by the specific short-term assessment." Question: What is meant by unrated short-term claims as per this paragraph? If there is a general issuer rating available, will the exposures with residual maturity of less than 3 months be classed as Unrated and not eligible for preferential risk weight treatment as per CRR Article 120 (2)?

  • Legal act: Regulation (EU) No 575/2013 (CRR)
  • COM Delegated or Implementing Acts/RTS/ITS/GLs: Draft ITS on Supervisory Reporting of Institutions
  • ID: 2024_7111
  • Topic: Credit risk
  • Date of submission:
  • Published as Rejected Q&A: 11/07/2024

Risk weight for Exposures in default

What risk weight should be applied to in default exposures, under the standardised approach for credit risk? 

  • Legal act: Regulation (EU) No 575/2013 (CRR)
  • COM Delegated or Implementing Acts/RTS/ITS/GLs: Not applicable
  • ID: 2024_7110
  • Topic: Credit risk
  • Date of submission:
  • Published as Rejected Q&A: 11/07/2024

Risk retention

  Where an SSPE that directly purchases securitised exposures from the seller is fully consolidated for accounting purposes by an entity, with a view to exposing such entity to (i) the risks (first loss in an amount at least equal to the expected loss) and (ii) the benefit of the excess spread deriving from such exposures, based on the performance of the portfolio which depends on the management of the assets by such entity, can such entity be considered as the limb(b) originator and as such, be eligible to hold the risk retention piece under Article 6(3)(b) of Regulation (EU) No 2017/2402, even though such entity is not directly a party to the purchase arrangement?

  • Legal act: Regulation (EU) No 2017/2402 (SecReg)
  • COM Delegated or Implementing Acts/RTS/ITS/GLs: Not applicable
  • ID: 2023_6912
  • Topic: Provisions applicable to all securitisations
  • Date of submission:
  • Published as Rejected Q&A: 11/07/2024

validation rules v16059_s and v16069_s for Template 3 are not aligned with above referenced article / paragraph in the ITS

We believe the validation rules are incorrect as they prescribe that the value should always be equal to or larger than zero, which is not always the case when applying the fixed formula for calculating the distance from the IEA Net Zero benchmark.

  • Legal act: Regulation (EU) No 575/2013 (CRR)
  • COM Delegated or Implementing Acts/RTS/ITS/GLs: Regulation (EU) 2022/2453 - ITS on ESG disclosures
  • ID: 2024_7100
  • Topic: Transparency and Pillar 3
  • Date of submission:
  • Published as Rejected Q&A: 05/07/2024

Fair-valued assets and liabilities excluded because of partial impact on CET1 – Prudential Filters

Template C32.01 Prudent valuation. Fair-Valued assets and liabilities requires the Prudential filters Fair-valued assets and liabilities excluded because of partial impact on CET1 (col 0050) to be reported in accordance with Article 4(2) of Delegated Regulation (EU) 2016/101 due to the transitional application of the prudential filters referred to in Articles 467 and 468 of Regulation (EU) No 575/2013. Since Articles 467 and 468 of Regulation (EU) No 575/2013 are related to COVID transitional fix items, should the institution report 0 in this column until the guidance is updated?   Additionally, validation v6566 related to this template, states that values reported for Fair-valued assets and liabilities excluded because of partial impact on CET1 – Prudential Filters (c0050) have to be equal to or higher than 0. Could you please confirm if this validation is applicable in all the contra liability balances?

  • Legal act: Regulation (EU) No 575/2013 (CRR)
  • COM Delegated or Implementing Acts/RTS/ITS/GLs: Not applicable
  • ID: 2024_7059
  • Topic: Credit risk
  • Date of submission:
  • Published as Rejected Q&A: 04/07/2024

Reconciliation between Additional Liquidity? monitoring tools (ALMM) and FINREP

We have two questions pertaining to cross reporting controls.Pursuant to regulation re (UE) 2022/1994, C67 template (total of section 1 and section 2) shall be equal to the total of financial liabilities declared in FINREP.However, both reportings must be produced at different deadlines:- C67, as a monthly reporting, shall be submitted at the 15th calendar day after the reporting reference date- FINREP, as a quarterly report, shall be submitted 12 May, 11 August, 11 November, and 11 FebruaryThe mismatch between these two dates makes it impossible in practice to comply with the new requirement and align the C67 with the FINREP on the same reference date. It also creates an unduly excessive administrative burden to systematically resubmit the C67 each quarter once the FINREP has been completed.Therefore, we would like to confirm with the EBA that the requirement means that institutions may use the figures of the FINREP of the previous quarter when performing the quarterly production of the ALMM (example: use of the Q3 FINREP data to report the Q4 ALMM)Does C68 statement also need to be reconciled with the FINREP? If yes, with which quarter end should be used as a reference, and which line should be used?

  • Legal act: Regulation (EU) No 575/2013 (CRR)
  • COM Delegated or Implementing Acts/RTS/ITS/GLs: Regulation (EU) 2021/451 – ITS on supervisory reporting of institutions
  • ID: 2023_6948
  • Topic: Supervisory reporting - Liquidity (LCR, NSFR, AMM)
  • Date of submission:
  • Published as Rejected Q&A: 04/07/2024

Validation rules v11886_m and v11887_m

v11886_m states that with regard to C 08.03 {c0050, s0001} = emptyv11887_m states that with regard to C 08.03 {c0070, s0001} = emptyIs it correct that the validation rules v11886_m and v11887_m are only applicable for s0001 (AIRB) at total level and that there are no such validation rules for s0002 (FIRB) at total level?When the validation rules v11886_m and v11887_m are only applicable for s0001 (AIRB), why is this validation rule not applicable to C34.07 as well as there the same information is requested? In other words, are the validation rules with regard to the exposure weighted average PD %) and exposure weighted average LGD (%) consistently applied throughout the DPM?

  • Legal act: Regulation (EU) No 575/2013 (CRR)
  • COM Delegated or Implementing Acts/RTS/ITS/GLs: Regulation (EU) 2021/451 – ITS on supervisory reporting of institutions
  • ID: 2023_6933
  • Topic: Supervisory reporting - COREP (incl. IP Losses)
  • Date of submission:
  • Published as Rejected Q&A: 04/07/2024

Categorisation of indirect exposures to collateral issuers

The guidance for c120 to c170 states "The institution shall report the original amount of the indirect exposures in the column that corresponds to the type of direct exposure guaranteed or secured by collateral such as, when the direct exposure guaranteed is a debt instrument, the amount of ‘Indirect exposure’ assigned to the guarantor shall be reported under the column ‘Debt instruments’" This example makes intuitive sense for guarantees as the nature of the indirect exposure is based upon the form of the exposure which has been guaranteed and through substitution effect transferred to the guarantor. However should the same logic also apply to exposures secured by collateral where the indirect exposure is based upon a reduction in exposure of the collateral received rather than through a substitution effect to the original type of exposure? For example, if i have a derivative exposure for which i have reduced the original exposure to the client through receipt of a debt instrument as collateral should the indirect exposure arising to the issuer of the collateral be reported in c120 for debt instrument or c140 for derivative?

  • Legal act: Regulation (EU) No 575/2013 (CRR)
  • COM Delegated or Implementing Acts/RTS/ITS/GLs: Regulation (EU) 2021/451 – ITS on supervisory reporting of institutions
  • ID: 2023_6927
  • Topic: Supervisory reporting - Large Exposures
  • Date of submission:
  • Published as Rejected Q&A: 04/07/2024

Template 3: Banking book - Indicators of potential climate change transition risk: Alignment metrics

Is it allowed to use another scenario than those prescribed by the IEA, as long as it is compatible with 1.5C trajectory and clearly documented in the narratives?

  • Legal act: Regulation (EU) No 575/2013 (CRR)
  • COM Delegated or Implementing Acts/RTS/ITS/GLs: Regulation (EU) 2022/2453 - ITS on ESG disclosures
  • ID: 2024_7102
  • Topic: Transparency and Pillar 3
  • Date of submission:
  • Published as Rejected Q&A: 28/06/2024

Misalignment between scope of reportable exposures against public authorities in template 7 ( CRR) and template 1 ( EU Taxonomy - acc to 2021/2178)

Should rows 280, 290 and 300 from Template 7 under ESG Disclosure only be limited to "Loans and advances" or should the scope of the rows be extended by including also debt security exposures (or other categories of exposures) in order to align with  Annex V from European Commission published on 27.6.2023 , updating Section 1.2.1.4 from 2021/2178 ?

  • Legal act: Regulation (EU) No 575/2013 (CRR)
  • COM Delegated or Implementing Acts/RTS/ITS/GLs: Regulation (EU) 2022/2453 - ITS on ESG disclosures
  • ID: 2024_7097
  • Topic: Transparency and Pillar 3
  • Date of submission:
  • Published as Rejected Q&A: 28/06/2024

Template 2 – Total gross carrying amount reported in column A

Should column a be equal to sum (columns b to g + o)*(1- column p) as per XBRL validation rule?

  • Legal act: Regulation (EU) No 575/2013 (CRR)
  • COM Delegated or Implementing Acts/RTS/ITS/GLs: Regulation (EU) 2022/2453 - ITS on ESG disclosures
  • ID: 2024_7063
  • Topic: Transparency and Pillar 3
  • Date of submission:
  • Published as Rejected Q&A: 28/06/2024

Template 5 – Total gross carrying amount reported in column B

Which gross carrying amount should be reported in column b? Should it be the total of the exposures by sector as reported in Template 1 or should it be the total of columns c to f?

  • Legal act: Regulation (EU) No 575/2013 (CRR)
  • COM Delegated or Implementing Acts/RTS/ITS/GLs: Regulation (EU) 2022/2453 - ITS on ESG disclosures
  • ID: 2024_7062
  • Topic: Transparency and Pillar 3
  • Date of submission:
  • Published as Rejected Q&A: 28/06/2024

Alignment of the GAR Templates 7 and 8 with the templates used by the European Commission

According to the European Commission, in the COMMISSION DELEGATED REGULATION (EU) 2023/2486 of 27 June 2023, information on the six objectives must be reported. In addition, there are differences between the EC and Pillar 3 GAR templates, such as the absence of rows for financial corporations not subject to NFRD in Pillar 3, the presence of an "Of which adaptation" in column J, which is redundant as the objective in Pillar 3 is adaptation to climate change, and the presence of columns for the use of proceeds in the EC template, whereas the columns in Pillar 3 are for specialised lending. When will the Pillar 3 ESG reporting templates (6, 7, 8 and 9) be updated in line with those of the EC?

  • Legal act: Regulation (EU) No 575/2013 (CRR)
  • COM Delegated or Implementing Acts/RTS/ITS/GLs: Regulation (EU) 2022/2453 - ITS on ESG disclosures
  • ID: 2024_7049
  • Topic: Transparency and Pillar 3
  • Date of submission:
  • Published as Rejected Q&A: 28/06/2024