Search for Q&As

Enquirers can use various factors to search for a Q&A:

  • These include searching by the Q&A ID; legal reference, date submitted, technical standard / guideline, or by keyword if known.
  • Searches can be extended to more than one legal act, topic, technical standard or guidelines by making multiple selections (i.e. pressing 'Ctrl' on your keyboard, and selecting the relevant ones from the drop-down lists by left mouse-click).

Disclaimer:

Q&As refer to the provisions in force on the day of their publication. The EBA does not systematically review published Q&As following the amendment of legislative acts. Users of the Q&A tool should therefore check the date of publication of the Q&A and whether the provisions referred to in the answer remain the same.

Please note that the Q&As related to the supervisory benchmarking exercises have been moved to the dedicated handbook page. You can submit Q&As on this topic here.

List of Q&A's

Exempting foreign currency - denominated required minimum reserves according to Article 493(7) CRR

How is the level of exposures to central bank, in the form of Euro-denominated required minimum reserves in non-Euro Member States, determined for the purposes of Article 493(7) of Regulation (EU) No 575/2013 (CRR)?

  • Legal act: Regulation (EU) No 575/2013 (CRR)
  • COM Delegated or Implementing Acts/RTS/ITS/GLs: Not applicable

Need of prior permission to include minority interest arising from Common Equity Tier 1 instruments issued by subsidiaries located in EU member state and third countries in consolidated CET1 capital of parent institutions established in the EU.

According to Article 26(3) CRR, as amended by Regulation (EU) 2019/876 (CRR2), is a prior permission by the competent authority required in order for a parent institution located in the EU to include in consolidated CET1 capital minority interests, arising from CET1 instruments, issued by subsidiaries located (a) in an EU Member State, or (b) in a third country? The answer should also clarify whether before granting a permission pursuant to Article 26(3) CRR (if such permission is required), the competent authority is required to consult the EBA (as per the third subparagraph of Article 26(3) CRR), as the instruments issued by the subsidiaries in third countries would not be included in the EBA CET1 instruments list.

  • Legal act: Regulation (EU) No 575/2013 (CRR)
  • COM Delegated or Implementing Acts/RTS/ITS/GLs: Not applicable

Treatment of CIUs in the standardised approach – Derivatives on CIUs

Title IV Chapter 2 Section 6 and Article 364 (2) b CRR refers to positions in CIUs in general. How shall own funds requirements be calculated for derivative positions with CIUs as underlyings under the standardised approach?

  • Legal act: Regulation (EU) No 575/2013 (CRR)
  • COM Delegated or Implementing Acts/RTS/ITS/GLs: Not applicable

Treatment of CIUs in internal model for market risk – possible restrictions

Is the use of internal models to compute own funds requirement for market risk of positions in CIUs restricted to either of the conditions referred to in paragraphs (1) and (2) of Article 350?  

  • Legal act: Regulation (EU) No 575/2013 (CRR)
  • COM Delegated or Implementing Acts/RTS/ITS/GLs: Not applicable

Weighted average of the CCF

Internal authorized EAD models may calculate the EAD by means of several parameters, since the exposure behavior could be explained by different factors. Considering that this type of EAD internal model does not estimate a unique CCF, but rather several factors that are applied to different exposure components, the consequent approach implemented to report the CCF in Template C.101 ,C102 and C.103 has been the following: include in the field as per C.100 in Annex IV the parameter that, in the internal EAD formula, is applied to the undrawn amount, in line with the weights that shall be used to compute the average of the CCF at counterparty/portfolio level, according to the provision reported in Annex IV which make reference to art. 166, par 8 of CRR. Please confirm that this approach is in line with the provision set in ITS as for Annex IV C.100.

  • Legal act: Directive 2013/36/EU (CRD)
  • COM Delegated or Implementing Acts/RTS/ITS/GLs: Draft ITS on Supervisory Reporting of Institutions (for benchmarking the internal approaches)

PD-/PD+ for RWA-/RWA+

Are PD-/PD+ calculated separately for each of the (sub)portfolios listed in Annex 4, or are the PD-/PD+ values obtained for a client/exposure to be used consistently and unchanged for all (sub)portfolios?

  • Legal act: Directive 2013/36/EU (CRD)
  • COM Delegated or Implementing Acts/RTS/ITS/GLs: Regulation (EU) 2016/2070 - ITS on Supervisory Reporting (for benchmarking the internal approaches) (as amended)

Treatment of securitisation Class A notes guaranteed by a Member State

Pursuant to specific national decree, an originator of NPLs under a securitisation transaction complying with certain requirements may request the government to guarantee the payments of interest and principal on the senior tranche of asset-backed securities. Where senior noteholders of a securitisation benefit from this unconditional, irrevocable and first-demand guarantee from a Member State, what is the expected treatment in the LCR for securitisation notes with respect to Articles 10 and 13? Do we have to consider that article 13 prevails to any other article when qualifying the eligibility for a securitisation?

  • Legal act: Regulation (EU) No 575/2013 (CRR)
  • COM Delegated or Implementing Acts/RTS/ITS/GLs: Delegated Regulation (EU) 2015/61 - DR with regard to liquidity coverage requirement

Termination rights – Distinguishing between Guidelines which are directed towards ‘all outsourcing arrangements’ from those that are directed towards ‘outsourcing arrangements for critical and important functions’

Are paragraphs 98 and 99 (section 13.4) of EBA/GL/2019/02 - Guidelines on outsourcing arrangements directed towards ‘outsourcing arrangements for critical and important functions’ only or ‘all outsourcing arrangements’?

  • Legal act: Regulation (EU) No 575/2013 (CRR)
  • COM Delegated or Implementing Acts/RTS/ITS/GLs: Not applicable

Meaning of "the last three twelve-monthly observations" in Articles 315(1) and 317(4) CRR regarding the calculation of operational risk requirements

What is the correct application of the words “the last three”, which can be found in the wording “the last three twelve-monthly observations at the end of the financial year” in Article 315(1) CRR on BIA and in Article 317(4) CRR on STA? In particular, does “the last three” include the current year X when calculating the own funds requirements with reference date 31 December X?

  • Legal act: Regulation (EU) No 575/2013 (CRR)
  • COM Delegated or Implementing Acts/RTS/ITS/GLs: Not applicable

Recognition for large exposure purposes of a guarantee granted by the central government on an equity exposure

Can an equity exposure guaranteed by a central government be exempted from the large exposure framework or can only debt instruments be exempted? In particular, would such guarantees be compliant with the eligibility requirement set in Article 213(1)(b) CRR?

  • Legal act: Regulation (EU) No 575/2013 (CRR)
  • COM Delegated or Implementing Acts/RTS/ITS/GLs: Not applicable

Eligibility of mortgage mandates under Belgian law

Are mortgage mandates under Belgian law eligible as immovable property collateral? Is there a difference between the SA and IRB approach?

  • Legal act: Regulation (EU) No 575/2013 (CRR)
  • COM Delegated or Implementing Acts/RTS/ITS/GLs: Not applicable

Customer data transfer to Member States for the purpose of supervision

Does the phrase “data related to their customers” under Article 6 of the Delegated Regulation refer to personal customer data (as defined by EU Regulation 2016/679) or general data for management purposes (e.g. descriptive statistics on the number of customers, customer risk distribution, etc.)?

  • Legal act: Directive (EU) 2015/849 (AMLD)
  • COM Delegated or Implementing Acts/RTS/ITS/GLs: Regulation (EU) 2019/758 – RTS on implementation of group wide AML/CFT policies in third countries

Disclosure of information within the group related to suspicious activity reports (SARs) to the competent authorities

Does the requirment under Article 5 of the Delegated Regulation refer to the sharing of information on the underlying data of the Suspicious Activity report (SAR) (e.g. transactions, customer data) without disclosing whether the SAR was filed and sent to the local authorities of the third country?

  • Legal act: Directive (EU) 2015/849 (AMLD)
  • COM Delegated or Implementing Acts/RTS/ITS/GLs: Regulation (EU) 2019/758 – RTS on implementation of group wide AML/CFT policies in third countries

Retroactivity concerning customer consent for data sharing and processing

Is there the expectation that such consent clauses, under Article 4 of the Delegated Regulation, be incorporated into contracts on a go-forward basis from the date the Regulation entered into force (i.e. with new customers and existing customer contract renewals) or is there the expectation that all existing customer contracts will be remediated to meet this requirement? What approach should be used with former customers?

  • Legal act: Directive (EU) 2015/849 (AMLD)
  • COM Delegated or Implementing Acts/RTS/ITS/GLs: Regulation (EU) 2019/758 – RTS on implementation of group wide AML/CFT policies in third countries

Absolute materiality threshold for Retail based on the new RTS

How to apply Article 123(c) CRR to set the absolute component of the materiality threshold in the case of transition of exposures to or from Retail.

  • Legal act: Regulation (EU) No 575/2013 (CRR)
  • COM Delegated or Implementing Acts/RTS/ITS/GLs: EBA/GL/2016/07 - Guidelines on the application of the definition of default under Article 178 CRR

Retail Classification

Retail classification if an obligor has exposure under both the STA and IRB approach. This question is relevant for banks that are partially using the SA and partially using the IRB approach and where the use of the different methods is on the basis of the product type i.e. mortgages are under IRB, other Retail loans under SA. Article 123 allows for the exclusion of exposures fully and completely secured on residential property that have been assigned to the exposure class laid down in point (i) of Article 112 (exposures secured by mortgages on immovable property) when calculating the total amount owed the institution.

  • Legal act: Regulation (EU) No 575/2013 (CRR)
  • COM Delegated or Implementing Acts/RTS/ITS/GLs: Not applicable

Authorisation for the provision of PIS and AIS on behalf of other legal entities belonging to the same corporate group / Autorizzazione ad offrire servizi di PIS e AIS per conto di altre Legal Entity appartenenti allo stesso Gruppo societario

In a corporate group which is not listed in the register of banking groups and in which there is both an electronic money institution and a credit institution, can the electronic money institution offer payment initiation services (PIS) and account information services (AIS), including on behalf of the group’s credit institution that also provides the same service? Must the electronic money institution as a service provider offering PIS and AIS to clients of the group’s credit institution provide its own certificate, the group certificate, or the credit institution’s certificate to the other account servicing payment service providers (ASPSPs)? Or, as it is merely a service provider, is it the credit institution’s certificate that should be displayed? Can a corporate group request a group certificate to provide to the other ASPSPs and/or third party providers (TPPs)? *** IT:  In un Gruppo societario, che non è iscritto al registro dei Gruppi Bancari e al cui interno sono presenti sia un Istituto di moneta elettronica che un Ente creditizio, l’Istituto di moneta elettronica può offrire i servizi di PIS e AIS, anche per conto dell’Ente creditizio del Gruppo in qualità di fornitore del servizio stesso? L’Istituto di moneta elettronica che offre i servizi di PIS e AIS ai clienti dell’Ente creditizio di Gruppo, in qualità di fornitore del servizio, si deve presentare verso gli altri ASPSP con il proprio certificato, con il certificato di Gruppo oppure con il certificato dell’Ente creditizio? O in quanto mero fornitore del servizio, il certificato da esporre è quello dell’Ente creditizio? Un Gruppo societario può richiedere un certificato di Gruppo per presentarsi alle altre ASPSP e/o TPP?

  • Legal act: Directive 2015/2366/EU (PSD2)
  • COM Delegated or Implementing Acts/RTS/ITS/GLs: Regulation (EU) 2018/389 - RTS on strong customer authentication and secure communication

Losses due to fraud per liability bearer / Perdite dovute a frode per portatore di responsabilità

Please clarify the requirement in guideline 1.6 (b) of the EBA Guidelines on fraud reporting under PSD2 with regard to recognising losses due to fraud per liability bearer. *** IT: Si chiede cortesemente di chiarire il requisito espresso all'interno dell'orientamento 1.6(b) in materie di obblighi di segnalazione delle perdite dovute a frode per portatore di responsabilità

  • Legal act: Directive 2015/2366/EU (PSD2)
  • COM Delegated or Implementing Acts/RTS/ITS/GLs: EBA/GL/2018/05 - Guidelines on fraud reporting under PSD2 (amended by EBA/GL/2020/01)

SCA profiles and multiple-use of devices

Can multiple users use the same device (i.e. smartphone) and have different strong customer authentication (SCA) profiles on the same device?

  • Legal act: Directive 2015/2366/EU (PSD2)
  • COM Delegated or Implementing Acts/RTS/ITS/GLs: Regulation (EU) 2018/389 - RTS on strong customer authentication and secure communication

Relying on vendor mechanisms processing the biometric data for strong customer authentication; Multiple fingerprint samples stored on a mobile device and used for purpose of user authentication.

Are the obligations of a payment service provider (PSP) laid down in the Article 8 of RTS on strong customer authentication and secure communication fulfilled in case the biometric credentials of customer are stored at the device level and the strong customer authentication itself is processed by the mobile device? In this context, are the obligations of the PSP laid down in Article 8 and 24 of RTS on Strong Customer Authentication fulfilled in case the mobile device stores multiple fingerprint samples for user authentication?

  • Legal act: Directive 2015/2366/EU (PSD2)
  • COM Delegated or Implementing Acts/RTS/ITS/GLs: Regulation (EU) 2018/389 - RTS on strong customer authentication and secure communication