Search for Q&As

Enquirers can use various factors to search for a Q&A:

  • These include searching by the Q&A ID; legal reference, date submitted, technical standard / guideline, or by keyword if known.
  • Searches can be extended to more than one legal act, topic, technical standard or guidelines by making multiple selections (i.e. pressing 'Ctrl' on your keyboard, and selecting the relevant ones from the drop-down lists by left mouse-click).

Disclaimer:

Q&As refer to the provisions in force on the day of their publication. The EBA does not systematically review published Q&As following the amendment of legislative acts. Users of the Q&A tool should therefore check the date of publication of the Q&A and whether the provisions referred to in the answer remain the same.

Please note that the Q&As related to the supervisory benchmarking exercises have been moved to the dedicated handbook page. You can submit Q&As on this topic here.

Final Q&As Q&As under review Rejected Q&As Archived Q&As All Q&As

List of Q&A's

Issuers of EMTs and scope of application AML requirements

To what extent should electronic money institutions (EMIs) that issue e-money tokens (EMTs) under MiCAR comply with the obligations in relation to anti-money laundering and terrorist financing under Directive 2015/849/EU (as amended, AMLD5)? More specifically, should holders of EMTs be considered as clients of the EMI within the meaning of AMLD5, so that the relevant KYC requirements apply on an ongoing basis in respect of holders of EMTs (not only at the time of issuing but also following trading on the secondary market)?

  • Legal act: Regulation (EU) No 2023/1114 (MiCAR)
  • COM Delegated or Implementing Acts/RTS/ITS/GLs: Not applicable
  • ID: 2024_7078
  • Topic: Other MiCAR topics
  • Date of submission:

Treatment of two-leg derivatives with respect to rate type and currency

What is the expected representation for two-legs derivatives in the templates "BREAKDOWN OF SENSITIVITY ESTIMATES (J 02.00, J 03.00 and J 04.00)" and REPRICING CASH FLOWS (J 05.00, J 06.00 and J 07.00)?

  • Legal act: Regulation (EU) No 575/2013 (CRR)
  • COM Delegated or Implementing Acts/RTS/ITS/GLs: Regulation (EU) 2021/451 – ITS on supervisory reporting of institutions
  • ID: 2024_7073
  • Topic: Interest Rate Risk for Banking Book (IRRBB)
  • Date of submission:

Scope of application of recital 54 of MICAR

Question 1: Recital 54 MiCAR seems to presume that the same ART may be issued by EU and third country entity, when speaking of "Issuers of asset-referenced tokens that are marketed both in the Union and in third countries". Does recital 54 mean a technically same fungible token not (externally) attributable to a particular issuer or does this only mean that the token has the same rights attached and is marketed under the same name but is not technically identical and should be attributable to one issuer (in Union or in third countries)? Question 2: Does Recital 54 MiCAR, while referring to ART issuers and their reserve of assets requirements, also apply to EMT issuers (including cases where no reserve requirements under MiCAR apply) and should it be used to interpret prudential requirements for EMT issuers (including Article 54 MiCAR and EMD)? Question 3: if ever recital 54 was to be extended to all EMT issuers, how would this recital have to be interpreted in relation with article 54, which foresees that EMT issuers should safeguard funds received by issuers of e-money tokens in exchange for e-money tokens in accordance with Article 7(1) of Directive 2009/110/EC? 

  • Legal act: Regulation (EU) No 2023/1114 (MiCAR)
  • COM Delegated or Implementing Acts/RTS/ITS/GLs: Not applicable
  • ID: 2024_7069
  • Topic: Other MiCAR topics
  • Date of submission:

One leg out Multi EMT issuance – legal possibility and related issues

Question 1: Can a technically identical and fully fungible EMT based on a non EU currency be issued by, on one hand, a EU-based entity licensed as an electronic money institution or credit institution (therefore complying with MICAR) and, on the other hand, by an entity based in another non EU jurisdiction and non regulated under EU law?  Question 2: If ever the preceding arrangement was possible under MICAR, then would it be compliant with Article 48(1) MiCAR in case a person on the EU territory was to offer or seek admission to trading on EU markets for tokens issued by the entity not authorised as an electronic money institution or credit institution?  Question 3: [This question is to be read in light of associated QA on scope of recital 54] If ever the preceding arrangement was possible under MICAR, given that this technically identical and fully fungible EMT would freely circulate on the secondary market and would actually be marketed both in the EU and in non EU jurisdictions, should competent authorities apply to this arrangement provisions set by recital 54?  Question 4: [This question is to be read in light of associated QA on scope of recital 54] If ever the preceding arrangement was possible under MICAR and recital 54 could be applied, then would competent authorities have to apply safeguarding requirements for the EU licensed entity based on the volume of tokens this entity issued (as per MICAR article 54) or on the “issuers’ liability towards Union holders”, based on “the share of […] tokens that is expected to be marketed in the Union” (as per MICAR recital 54)? Question 5: In order to mitigate potential regulatory arbitrage and capital flight in the context of a one leg out multi EMT issuance, would it be compliant with MICAR to allow only EU-based residents to present redemption requests to the EU-based entity

  • Legal act: Regulation (EU) No 2023/1114 (MiCAR)
  • COM Delegated or Implementing Acts/RTS/ITS/GLs: Not applicable
  • ID: 2024_7068
  • Topic: Other MiCAR topics
  • Date of submission:

Powers of MiCAR authority to obtain the information needed to assess recovery and redemption plans and possible mechanism for exchange of information with the prudential authority

In cases where the MiCAR authority differs from the prudential authority under CRD, respectively the competent authority for recovery plans under BRRD, does the Regulation ensure that the MiCAR authority is provided with the powers to gather from the supervised entities (in the course of the ongoing supervision) all information that is necessary in order to duly assess the recovery and redemption plans of banks and investment firms? If there is a risk of insufficiency of information at the disposal of the MiCAR authority, what will be the mechanisms ensuring proper access of information by the MiCAR authority to the information available within the prudential authority on the financial indicators and other key metrics for the purposes of assessment of the recovery and redemption plans, as well as whether Member States are expected to implement special measures to ensure the protection of sensitive information? How the flow of information towards the CRD competent authority from the MICAR supervisors should be assured in order for CRD authority to be able to perform on their tasks? 

  • Legal act: Regulation (EU) No 2023/1114 (MiCAR)
  • COM Delegated or Implementing Acts/RTS/ITS/GLs: Not applicable
  • ID: 2024_7067
  • Topic: Recovery plans (MiCAR)
  • Date of submission:

Liabilities related to the reserve of assets managed by issuers of asset-referenced tokens in case of resolution of the issuer

Please clarify whether liabilities related to the reserve of assets under Article 36 (2) MiCAR have to be treated as secured liabilities and therefore cannot be subject to write-down and conversion or bail-in in case of resolution in the meaning of the BRRD.

  • Legal act: Regulation (EU) No 2023/1114 (MiCAR)
  • COM Delegated or Implementing Acts/RTS/ITS/GLs: Not applicable
  • ID: 2024_7066
  • Topic: Other MiCAR topics
  • Date of submission:

Provision of external payroll accounting services to an employer

Does the activity of external payroll processing for an employer constitute a payment service under PSD2, if it consists of receiving funds for wages and related deductions (taxes, health and social insurance) in the payroll processor’s payment account from the employer, and transferring these to employees, tax authorities, insurance companies etc.? Would the answer change depending on whether the payroll processor  maintains an account separately for each employer?   

  • Legal act: Directive 2015/2366/EU (PSD2)
  • COM Delegated or Implementing Acts/RTS/ITS/GLs: Not applicable
  • ID: 2024_7065
  • Topic: Authorisation and registration
  • Date of submission:

Credit

Does this credit qualify as consumer credit, exclusively available to individual consumers? Or can it also be extended to legal entities?

  • Legal act: Directive 2015/2366/EU (PSD2)
  • COM Delegated or Implementing Acts/RTS/ITS/GLs: Not applicable
  • ID: 2024_7056
  • Topic: Other topics
  • Date of submission:

Capital requirements and Investment policy - Articles 47 and 46 of CSDR

Taking into account the applicable legal provisions of Article 46(4) and 47(1) of CSDR and RTS (EU) 2017/390 and the need to ensure a reasonable level playing field between banking and non-banking CSDs, how should the provision of the RTS on Prudential Requirements for CSDs (RTS (EU) 2017/390) apply to the treatment of investments in tangible assets for non-banking CSDs that are not considered eligible to cover a CSD's capital requirements, and are therefore filtered out?

  • Legal act: Regulation (EU) No 909/2014 (CSDR) - only RTS 2017/390
  • COM Delegated or Implementing Acts/RTS/ITS/GLs: Regulation (EU) 2017/390 - RTS on prudential requirements of CSDs (CSDR-related)
  • ID: 2024_7054
  • Topic: Market infrastructures
  • Date of submission:

Interest flows

Interest flows for retail on sight accounts (without contractual maturity)

  • Legal act: Regulation (EU) No 575/2013 (CRR)
  • COM Delegated or Implementing Acts/RTS/ITS/GLs: Not applicable
  • ID: 2024_7052
  • Topic: Liquidity risk
  • Date of submission:

Net position risk - K-NPR

We understand that rTM measures are for firms that deal on their own account. The relevant K-Factor for position risk, K-NPR falls under rTM, therefore the assumption would be that K-NPR refers only to firms dealing on their own account. However, Article 21(4) sets out that for purpose of calculating the rTM K-factor requirement, firms should also include positions other than trading book positions where it gives rise to foreign exchange or commodity risk.  Does then Article 21(4)  bring firms that do not deal on their own account into the scope of K-NPR or is it an additional requirement only for firms that deal on their own account?

  • Legal act: Regulation (EU) No 2019/2033 (IFR)
  • COM Delegated or Implementing Acts/RTS/ITS/GLs: Not applicable
  • ID: 2024_7043
  • Topic: K-factor requirements
  • Date of submission:

Can a CASP receive / transmit / execute orders for non-EUR denominated EMTs, whose issuers are not authorised as a credit institution or as an electronic money institution?

Article 48 of MiCA states that: “A person shall not make an offer to the public or seek the admission to trading of an e-money token, within the Union, unless that person is the issuer of such e-money token and: (a) is authorised as a credit institution or as an electronic money institution...”.  The cited part of first paragraph of Art 48 of MiCA allows an interpretation in accordance with which a MiCA registered CASP can still either receive and transmit (to a non EU entity) or execute an order (on a non EU trading platform) to buy or sell a non-EUR denominated EMT whose issuer is not MiCA compliant. Namely, it seems that the provision of either of the two mentioned crypto asset services does not fall either under offer to the public nor under admission to trading.  It is quite clear that the provision of the two described crypto asset services does not fall under “seek the admission to trading.”  Nevertheless, an argument can be made that the provision of the two described crypto asset services  does not fall under “offer to public” as well. Namely, MiCA defines offer to the public “a communication (...) in any form presenting (...) sufficient information on the terms of the offer. When a CASP receives and transmits an order or when a CASP executes it, a CASP usually only receives order instructions and does not provide any information on the asset that will be bought. Consequently, it can be argued, that when acting as described, a CASP does not offer an EMT to public. This interpretation is further supported by the Recital 28. This one states that “The mere admission to trading or the publication of bid and offer prices should not, in and of itself, be regarded as an offer to the public of crypto-assets.”. Therefore, one could argue that a CASP can execute orders for non-EUR denominated EMTs, whose issuers are not authorised as a credit institution or as an electronic money institution.

  • Legal act: Regulation (EU) No 2023/1114 (MiCAR)
  • COM Delegated or Implementing Acts/RTS/ITS/GLs: Not applicable
  • ID: 2024_7027
  • Topic: Scope and definitions (MiCAR)
  • Date of submission:

Legal requirement for ASPSPs to provide for cancellation of future dated pay-ments through its dedicated payment initiation services interface

Is there a legal requirement for ASPSPs to allow its PSU to cancel/revoke future dated payments via a payment initiation service provider, using the ASPSPs dedicated payment initiation services interface?

  • Legal act: Directive 2015/2366/EU (PSD2)
  • COM Delegated or Implementing Acts/RTS/ITS/GLs: Regulation (EU) 2018/389 - RTS on strong customer authentication and secure communication
  • ID: 2024_7017
  • Topic: Strong customer authentication and common and secure communication (incl. access)
  • Date of submission:

Template C90 at consolidated level

Should the threshold template for market risk at the consolidated level, C90, be filled out netting intra-group positions even if one does not have the permission required by Article 325b? Or should it be compiled as the sum of the individual templates in this case?

  • Legal act: Regulation (EU) No 575/2013 (CRR)
  • COM Delegated or Implementing Acts/RTS/ITS/GLs: Regulation (EU) 2021/451 – ITS on supervisory reporting of institutions
  • ID: 2024_7008
  • Topic: Market risk
  • Date of submission:

Eligibility of funded credit protection received from third parties

Can cash collateral received from third parties via funded credit protection arrangements (i.e. funded guarantees or credit derivatives) qualify as collateral for the purposes of K-TCD and K-CON? 

  • Legal act: Regulation (EU) No 2019/2033 (IFR)
  • COM Delegated or Implementing Acts/RTS/ITS/GLs: Not applicable
  • ID: 2024_6994
  • Topic: K-factor requirements
  • Date of submission:

Criteria for selecting the operations to be included in the calculation of fraud rates for the transaction risk analysis (TRA) exemption

Which of the following would be the correct temporal criterion for selecting the unauthorized transactions to be included in the numerator of the fraud rates calculated for the transactions risk analysis (TRA) exemption? a) the transaction date, i.e., the date on which the transaction was executed regardless of the date on which it is classified as unauthorized or fraudulent b) the registration date, i.e., the date on which the transaction is registered as unauthorized or fraudulent regardless of the date on which it was carried out 

  • Legal act: Directive 2015/2366/EU (PSD2)
  • COM Delegated or Implementing Acts/RTS/ITS/GLs: Regulation (EU) 2018/389 - RTS on strong customer authentication and secure communication
  • ID: 2024_6989
  • Topic: Strong customer authentication and common and secure communication (incl. access)
  • Date of submission:

Qualification of a branch as originator, designation of Competent Authority and compliance with STS requirements

May a branch of a credit institution be considered as an entity within the meaning of Article 2.3 of the Regulation (EU) 2017/2402 and hence as originator under Article 29(5) thereto?  Should the answer to the above question be affirmative, which Competent Authority (home or host) should be responsible to supervise the STS requirements set out in Articles 18 to 27 of the Regulation (EU) 2017/2402?

  • Legal act: Regulation (EU) No 2017/2402 (SecReg)
  • COM Delegated or Implementing Acts/RTS/ITS/GLs: Not applicable
  • ID: 2024_6984
  • Topic: Other topics
  • Date of submission:

Optionality of certain payer information required to accompany transfers of funds

Is Article 4(1)(c) of Regulation (EU) 2015/847 of the European Parliament and of the Council of 20 May 2015 on information accompanying transfers of funds and repealing Regulation (EC) No 1781/2006 (‘TFR’) (and the successor provisions found in Articles 4(1)(c) and 14(1)(d) of Regulation (EU) 2023/1113 of the European Parliament and of the Council of 31 May 2023 on information accompanying transfers of funds and certain crypto-assets and amending Directive (EU) 2015/849 (‘TFCR’) to be read such that the payer’s (as well as, from 30 December 2024, the originator’s) date and place of birth constitute an alternative data point to:                               all preceding data points listed in Article 4(1)(c) of TFR (Articles 4(1)(c) and 14(1)(d) of TFCR as from 30 December 2024), such that transfers may, along with the information required under the other points of Article 4(1) of TFR (Articles 4(1) and 14(1) of TFCR), be accompanied by the payer’s or originator’s date and place of birth alone; or, exclusively, the data point referenced immediately prior in Article 4(1)(c) of TFR (Articles 4(1)(c) and 14(1)(d) of TFCR as from 30 December 2024), i.e., the customer identification number, such that transfers must, along with the information required under the other points of Article 4(1) of TFR (Articles 4(1) and 14(1) of TFCR), always be accompanied by the payer’s or originator’s address and official personal document number, as well as either their customer identification number or their date and place of birth? 

  • Legal act: Regulation (EU) 2015/847 (WTR) (recast)
  • COM Delegated or Implementing Acts/RTS/ITS/GLs: Not applicable
  • ID: 2024_6969
  • Topic: Electronic fund transfers
  • Date of submission:

Card data (PAN) to be returned in AISP calls

Does the ASPSP have to return the card number (PAN) attached to a fetched payment account in case the user can access this data during a standard session with its ASPSP in the direct internet banking interface? In case of "YES", does the TPP that is fetching this data have to be PCI DSS certified, since this data has to be encrypted based on the PCI DSS requirements? Moreover, could be the "card number (PAN)" considered sensible, since it could be potentially used for fraud?

  • Legal act: Directive 2015/2366/EU (PSD2)
  • COM Delegated or Implementing Acts/RTS/ITS/GLs: Regulation (EU) 2018/389 - RTS on strong customer authentication and secure communication
  • ID: 2023_6946
  • Topic: Other topics
  • Date of submission:

Simple Transparent and Standardised securitisation

How does the value-weighted average referred in Article 243.2.b)i) of CRR should be calculated?Should we:Option A: calculate first a “Loan to Value” average and then map it to the applicable value-weighted average according to CRR or;Option B: calculate a risk weighted average calculated from each exposure multiplied by its corresponding risk weight divided by the sum of the total exposure value?

  • Legal act: Regulation (EU) No 575/2013 (CRR)
  • COM Delegated or Implementing Acts/RTS/ITS/GLs: Not applicable
  • ID: 2023_6957
  • Topic: Securitisation and Covered Bonds
  • Date of submission: