Search for Q&As

Enquirers can use various factors to search for a Q&A:

  • These include searching by the Q&A ID; legal reference, date submitted, technical standard / guideline, or by keyword if known.
  • Searches can be extended to more than one legal act, topic, technical standard or guidelines by making multiple selections (i.e. pressing 'Ctrl' on your keyboard, and selecting the relevant ones from the drop-down lists by left mouse-click).

Disclaimer:

Q&As refer to the provisions in force on the day of their publication. The EBA does not systematically review published Q&As following the amendment of legislative acts. Users of the Q&A tool should therefore check the date of publication of the Q&A and whether the provisions referred to in the answer remain the same.

Please note that the Q&As related to the supervisory benchmarking exercises have been moved to the dedicated handbook page. You can submit Q&As on this topic here.

List of Q&A's

Permission to reduce AT1, Tier 2 or eligible liabilities instruments and deduction rules in the context of a liability management exercise without replacement.

When should deductions from own funds and eligible liabilities be applied in the context of a liability management exercise without replacement (i.e. a tender offer)? When can the unredeemed part of own funds or eligible liabilities be included in own funds or eligible liabilities again?

  • Legal act: Regulation (EU) No 575/2013 (CRR)
  • COM Delegated or Implementing Acts/RTS/ITS/GLs: Regulation (EU) No 241/2014 - RTS for Own Funds requirements for institutions

Criteria for selecting the operations to be included in the calculation of fraud rates for the transaction risk analysis (TRA) exemption

Which of the following would be the correct temporal criterion for selecting the unauthorized transactions to be included in the numerator of the fraud rates calculated for the transactions risk analysis (TRA) exemption? a) the transaction date, i.e., the date on which the transaction was executed regardless of the date on which it is classified as unauthorized or fraudulent b) the registration date, i.e., the date on which the transaction is registered as unauthorized or fraudulent regardless of the date on which it was carried out 

  • Legal act: Directive 2015/2366/EU (PSD2)
  • COM Delegated or Implementing Acts/RTS/ITS/GLs: Regulation (EU) 2018/389 - RTS on strong customer authentication and secure communication

Qualification of a branch as originator, designation of Competent Authority and compliance with STS requirements

May a branch of a credit institution be considered as an entity within the meaning of Article 2.3 of the Regulation (EU) 2017/2402 and hence as originator under Article 29(5) thereto?  Should the answer to the above question be affirmative, which Competent Authority (home or host) should be responsible to supervise the STS requirements set out in Articles 18 to 27 of the Regulation (EU) 2017/2402?

  • Legal act: Regulation (EU) No 2017/2402 (SecReg)
  • COM Delegated or Implementing Acts/RTS/ITS/GLs: Not applicable

Template 2 - EBA val rules and Column 0160 Of which level of energy efficiency EP score in kWh_m of collateral estimate

Question 1: Are the validation rules v16092_m; v16090_m; v16088_m; v16086_m; v16084_m;v16082_m; v16080_m; v16078_m; v16049_m correctly defined?    Question 2:  How to deal with exposure for which and EPC is available, but the Level of energy efficiency (EP score in kWh/m² of collateral) is absent from the EPC?

  • Legal act: Regulation (EU) No 575/2013 (CRR)
  • COM Delegated or Implementing Acts/RTS/ITS/GLs: Regulation (EU) 2022/2453 - ITS on ESG disclosures

Template 3: Banking book - Indicators of potential climate change transition risk: Alignment metrics

In relation to the minimum ‘list of NACE sectors to be considered’ in template 3, when detailed assumptions/ specific scenarios are not available on the IEA website for one of the NACE codes included in the “the minimum ‘list of NACE sectors to be considered’” (e.g. 29.32 Manufacture of other parts and accessories for motor vehicles), should it be left blank in the template?

  • Legal act: Regulation (EU) No 575/2013 (CRR)
  • COM Delegated or Implementing Acts/RTS/ITS/GLs: Regulation (EU) 2022/2453 - ITS on ESG disclosures

Card data (PAN) to be returned in AISP calls

Does the ASPSP have to return the card number (PAN) attached to a fetched payment account in case the user can access this data during a standard session with its ASPSP in the direct internet banking interface? In case of "YES", does the TPP that is fetching this data have to be PCI DSS certified, since this data has to be encrypted based on the PCI DSS requirements? Moreover, could be the "card number (PAN)" considered sensible, since it could be potentially used for fraud?

  • Legal act: Directive 2015/2366/EU (PSD2)
  • COM Delegated or Implementing Acts/RTS/ITS/GLs: Regulation (EU) 2018/389 - RTS on strong customer authentication and secure communication

Template 1 - exposures towards companies excluded from EU Paris-aligned Benchmarks

Should the EU Paris-aligned Benchmarks exclusion criteria be applied at consolidated group level and to that end, exclude the total gross carrying amount of the exposure towards the consolidated group level?

  • Legal act: Regulation (EU) No 575/2013 (CRR)
  • COM Delegated or Implementing Acts/RTS/ITS/GLs: Regulation (EU) 2022/2453 - ITS on ESG disclosures

Validation rules v11886_m and v11887_m

v11886_m states that with regard to C 08.03 {c0050, s0001} = emptyv11887_m states that with regard to C 08.03 {c0070, s0001} = emptyIs it correct that the validation rules v11886_m and v11887_m are only applicable for s0001 (AIRB) at total level and that there are no such validation rules for s0002 (FIRB) at total level?When the validation rules v11886_m and v11887_m are only applicable for s0001 (AIRB), why is this validation rule not applicable to C34.07 as well as there the same information is requested? In other words, are the validation rules with regard to the exposure weighted average PD %) and exposure weighted average LGD (%) consistently applied throughout the DPM?

  • Legal act: Regulation (EU) No 575/2013 (CRR)
  • COM Delegated or Implementing Acts/RTS/ITS/GLs: Regulation (EU) 2021/451 – ITS on supervisory reporting of institutions

Secure corporate payment processes and protocols and inactivity time period

May the period time of inactivity required by the (EU) 2018/389 - RTS on strong customer authentication and secure communication (hereinafter: RTS on SCA & CSC) Article 4 (3) (d) be changed from 5 minutes to 20 minutes if the exemption based on Article 17 of RTS on SCA & CSC has been granted by the competent authority to the Payment service provider?

  • Legal act: Directive 2015/2366/EU (PSD2)
  • COM Delegated or Implementing Acts/RTS/ITS/GLs: Regulation (EU) 2018/389 - RTS on strong customer authentication and secure communication

Categorisation of indirect exposures to collateral issuers

The guidance for c120 to c170 states "The institution shall report the original amount of the indirect exposures in the column that corresponds to the type of direct exposure guaranteed or secured by collateral such as, when the direct exposure guaranteed is a debt instrument, the amount of ‘Indirect exposure’ assigned to the guarantor shall be reported under the column ‘Debt instruments’" This example makes intuitive sense for guarantees as the nature of the indirect exposure is based upon the form of the exposure which has been guaranteed and through substitution effect transferred to the guarantor. However should the same logic also apply to exposures secured by collateral where the indirect exposure is based upon a reduction in exposure of the collateral received rather than through a substitution effect to the original type of exposure? For example, if i have a derivative exposure for which i have reduced the original exposure to the client through receipt of a debt instrument as collateral should the indirect exposure arising to the issuer of the collateral be reported in c120 for debt instrument or c140 for derivative?

  • Legal act: Regulation (EU) No 575/2013 (CRR)
  • COM Delegated or Implementing Acts/RTS/ITS/GLs: Regulation (EU) 2021/451 – ITS on supervisory reporting of institutions

Definition of default for open-end investment funds

Should an open-end investment fund be considered an obligor under Art. 178 (1) CRR, irrespective of whether it has legal personality under a Member States’ regulations on investment funds?

  • Legal act: Regulation (EU) No 575/2013 (CRR)
  • COM Delegated or Implementing Acts/RTS/ITS/GLs: Not applicable

Reference of the cells and reports layouts to use for the public disclosures (NOT the XBRL reporting)

Question 1: What are the cells references that must be publicly disclosed into annual and semiannual public disclosures: the reference of the cells from the ITS or the references of the cells from the XBRL? Question 2: What are the reports layouts that must be publicly disclosed into annual and semiannual public disclosures: the layout from the ITS or the layout from the XBRL?

  • Legal act: Regulation (EU) No 575/2013 (CRR)
  • COM Delegated or Implementing Acts/RTS/ITS/GLs: Regulation (EU) 2022/2453 - ITS on ESG disclosures

Risk retention

In a situation where an entity: is not considering being itself at any time the legal owner of the securitised receivables, but has made its own decision to invest in the receivables by procuring the purchase thereof by an SSPE directly from the seller, based on its own audit of the portfolio, and has negotiated the terms and conditions of the sale and purchase independently and directly with the seller, is contractually and economically irrevocably committed to: procure the purchase of these receivables by an SSPE directly from the seller, not later than an agreed closing date, under a sale and purchase agreement entered into between such entity and the seller, failing which it would be liable for contractual damages to the seller, in an amount significant enough to evidence that it is in its economic interest to avoid such liability by performing its obligation, arrange and appoint any service providers, for the purposes of the structuring and syndication of a financing of the purchase price in the form of a securitisation of these receivables not later than the closing date, where: it would have a right of active control over the servicing, either by itself or by an appointed third-party servicer, of the securitised assets, that would be determinant for the performance of the portfolio, it would bear at least the first loss risk of the securitised portfolio, in an amount that exceeds the expected loss of the portfolio, by subscribing the first losses tranche, it would expect to receive a remuneration that would be directly dependent on the performance of the portfolio, it would be committed to fund 100% of defaulting or ineligible receivables, can this entity be considered as limb(b) originator under Regulation (EU) No 2017/2402 and as such, act as risk retention holder under Article 6(3)(d)? Would the same analysis apply with respect to future receivables that the same entity would contractually irrevocably commit, pursuant to the same sale and purchase agreement, to purchase after the closing date under the same terms and conditions, during a certain period of time, provided that they comply with the same eligibility criteria (both individually and on an aggregate basis) and up to an agreed aggregate amount, by having them assigned by the seller to the same SSPE?

  • Legal act: Regulation (EU) No 2017/2402 (SecReg)
  • COM Delegated or Implementing Acts/RTS/ITS/GLs: Not applicable

Interpretation of payment instrument

What devices or procedures can be considered as payment instrument as per Art. 4(14) of PSD2?

  • Legal act: Directive 2015/2366/EU (PSD2)
  • COM Delegated or Implementing Acts/RTS/ITS/GLs: Not applicable

Safeguarding with a credit institition in a third country

PSD2 article 10(1)(a) require of Payment Institutions (PIs) that "[funds to be safeguarded] shall be deposited in a separate account in a credit institution". Our question is whether an PI authorised and operating in an EU Member State may use a credit institution based in a third country (e.g. UK)? In researching this question, we have looked at the definition of "credit institution" to see whether this contains any relevantt restrictions, but we cannot find any. We first looked at PSD2, but the text does not explicitly define "credit institution". However, PSD2 article 112(2) amends the definition of "credit institution" in Regulation (EU) No 1093/2010 to be "credit institutions as defined in point (1) of Article 4(1) of Regulation (EU) No 575/2013". Regulation (EU) No 575/2013, Article (4)(1)(1) states: "(1) ‘credit institution’ means an undertaking the business of which consists of any of the following: (a) to take deposits or other repayable funds from the public and to grant credits for its own account; (b) to carry out any of the activities referred to in points (3) and (6) of Section A of Annex I to Directive 2014/65/EU of the European Parliament and of the Council ( 6 ), where one of the following applies, but the undertaking is not a commodity and emission allowance dealer, a collective investment undertaking or an insurance undertaking: (i) the total value of the consolidated assets of the undertaking is equal to or exceeds EUR 30 billion; (ii) the total value of the assets of the undertaking is less than EUR 30 billion, and the undertaking is part of a group in which the total value of the consolidated assets of all undertakings in that group that individually have total assets of less than EUR 30 billion and that carry out any of the activities referred to in points (3) and (6) of Section A of Annex I to Directive 2014/65/EU is equal to or exceeds EUR 30 billion; or (iii) the total value of the assets of the undertaking is less than EUR 30 billion, and the undertaking is part of a group in which the total value of the consolidated assets of all undertakings in the group that carry out any of the activities referred to in points (3) and (6) of Section A of Annex I to Directive 2014/65/EU is equal to or exceeds EUR 30 billion, where the consolidating supervisor, in consultation with the supervisory college, so decides in order to address potential risks of circumvention and potential risks for the financial stability of the Union; for the purposes of points (b)(ii) and (b)(iii), where the undertaking is part of a third‐country group, the total assets of each branch of the third‐country group authorised in the Union shall be included in the combined total value of the assets of all undertakings in the group;" Furthermore, the UK Electronic Money Regulations (2017) have been amended to explicitly allow UK EMIs to safeguard funds with third country credit institutions - c.f.  https://www.legislation.gov.uk/uksi/2018/1201/schedule/2/paragraph/7/made  "Regulation 21, paragraph 8: "“approved foreign credit institution” means— ... (b)a credit institution that is supervised by the central bank or other banking regulator of an OECD state" ==> In conclusion, our research leads us to believe that it is permissible for an EU PI to safeguard funds in a third country credit institution.

  • Legal act: Directive 2015/2366/EU (PSD2)
  • COM Delegated or Implementing Acts/RTS/ITS/GLs: Not applicable

Reporting of liquid assets associated with the issuance of covered bonds

Should the liquid assets, up to net outflows, held as part of the liquidity buffer in the cover portfolio associated with the issuance of covered bonds, be reported as unencumbered?

  • Legal act: Regulation (EU) No 575/2013 (CRR)
  • COM Delegated or Implementing Acts/RTS/ITS/GLs: Regulation (EU) 2021/451 – ITS on supervisory reporting of institutions

DORA Regulation & Applicability to Third-Country Branches

Is Regulation (EU) 2022/2554 (DORA) applicable to third-country branches that are licensed in our country (EU country) as Credit Institutions?

  • Legal act: Regulation (EU) No 2022/2554 (DORA)
  • COM Delegated or Implementing Acts/RTS/ITS/GLs: Not applicable

Definition of financial institution and mixed activity insurance holding company

Can a mixed-activity insurance holding company (MAIHC) that has at least one subsidiary credit institution pursuant to Article 4(1)(1) CRR qualify as a financial institution pursuant to Article 4(1)(26) CRR?

  • Legal act: Regulation (EU) No 575/2013 (CRR)
  • COM Delegated or Implementing Acts/RTS/ITS/GLs: Not applicable

PISP payment order cancellation due to fraud prevention reasons

Due to fraud prevention reasons, could an ASPSP block a payment order initiated through a PISP despite having informed the PISP immediately upon authentication, that the payment was going to be executed (i.e., after having provided the PISP with the code ACSC under the Berlin Group Standard)? In that scenario who should bear the liability if the payment is not executed but, nonetheless, the payee delivered the good or service promptly after being informed by the PISP of the successful initiation of the payment?  Would the answer be different if the ASPSP had simply confirmed the sufficiency of funds as stated in the EBA Opinion on the implementation of the RTS on SCA and CSC (EBA-Op-2018-04)   

  • Legal act: Directive 2015/2366/EU (PSD2)
  • COM Delegated or Implementing Acts/RTS/ITS/GLs: Regulation (EU) 2018/389 - RTS on strong customer authentication and secure communication