CAPITAL MARKETS ACTION PLAN

The Eurogroup's capital markets action plan is due to be formally presented on 11 March 2024. Exact details are awaited regarding what suggestions it will make to the European Commission on addressing impediments to the development of the EU securitisation market in the EU by way of measures relating to prudential treatment of securitisation for banks and insurance companies; reporting and due diligence requirements etc.

PLANNED ESMA CONSULTATIONS

Outstanding ESMA consultation papers provisionally signposted for Q1 2024 include consultations on guidelines on the due diligence requirements under the EU Securitisation Regulation; MiCA guidelines and technical standards; RTS on position management controls and ITS 4 on position reporting as part of the MiFID review; RTS under the EU Green Bond Regulation; and guidelines on internal controls for ESMA supervised entities (credit rating agencies, trade repositories, data reporting service providers, securitisation repositories and benchmark administrators).

AML: AMLA

Following joint EU Council / European Parliament public hearings on 30 January 2024 and a vote on 22 February 2024, Frankfurt will host the new central EU AML/CFT supervisor (AMLA). This follows the successful conclusion in January 2024 of trilogues on the remaining two elements of the new AML/CFT package (the 'single rulebook' regulation, and the directive) (the AMLA Regulation had already been provisionally agreed in trilogue in December 2023, pending the vote on AMLA's location).

The European Parliament plenary vote to endorse both regulations, and the directive, is provisionally scheduled for 22 April 2024. Endorsement by the EU Council should follow relatively quickly after that, meaning that the AML package should be published in the Official Journal around June 2024. AMLA is expected to begin operations in mid-2025. The 'single rulebook' AML Regulation is expected to apply from mid-2027. The related AML Directive will apply from the same date (save for limited provisions which will apply slightly earlier in mid-2026).

For more information, read our insights here:

January 2024 update here

December 2023 update here

AML - EURECA

Commission Delegated Regulation (EU) 2024/595 comes into force on 7 March 2024.

The EBA is required to collect information from competent authorities relating to weaknesses identified during ongoing supervision and authorisation procedures in the processes and procedures, governance arrangements, fitness and propriety, acquisition of qualifying holdings, business models and activities of financial sector operators in relation to AML / CFT as well as measures taken by competent authorities across a variety of EU legislative frameworks.

The Delegated Regulation relates to the establishment of an AML / CFT central database (EuReCa) which will contain information on material weaknesses in individual financial sector operators that make them vulnerable to money laundering or terrorist financing. Competent authorities have to report material weaknesses that they have identified, as well as the measures they have taken to address those material weaknesses. The Delegated Regulation specifies when weaknesses are material, sets out what information competent authorities have to report and how they have to report it, sets out how the EBA will analyse this information and make it available to competent authorities, and sets out the rules that will apply to ensure confidentiality and the protection of personal data contained in the database.

BANKING PACKAGE: EBA ROADMAP

The EBA published its Roadmap on the Banking Package in December 2023, setting out the approximately 140 mandates that the EBA will have as part of the implementation of the final Basel III reforms across the EU (CRR 3 and CRD 6, which have been provisionally politically agreed).

In conjunction with the publication of the Roadmap, the EBA launched consultations on some of its mandates, with March 2024 closing dates:

BANKS: CRYPTO-ASSET EXPOSURES

The Basel Committee on Banking Supervision's consultation on targeted amendments to its standard on the prudential treatment of banks' crypto-asset exposures closes for responses on 28 March 2024.

The proposed amendments would expand the criteria on the composition of the reserve assets that back stablecoins, covering issues such as the credit quality, maturity and liquidity of the reserve assets. The requirements determine whether the stablecoins to which banks' may be exposed will be eligible for inclusion in the Group 1b category of cryptoassets, and thus benefit from a preferential regulatory treatment. Banks would also be required to perform due diligence to ensure that they have an adequate understanding of the stabilisation mechanisms of stablecoins to which they are exposed and how effective they are. As part of this due diligence, banks would be required to conduct statistical or other tests demonstrating that the stablecoin maintains a stable relationship in comparison to the reference asset.

BANKS: DATA COLLECTION FOR 2025 BENCHMARKING EXERCISE

The EBA's consultation on changes to the implementing regulation on the benchmarking of credit risk, market risk and IFRS9 models for the 2025 benchmarking exercise closes on 27 March 2024. According to the EBA, the key proposed change relates to market risk benchmarking: new templates and new instructions will be introduced for the collection of the internal model approach risk measures under the FRTB. Minor changes only are proposed in respect of credit risk benchmarking, aimed at clarifying the mandatory nature (if applicable) of reporting the probability of default and the loss given default risk parameters concerning the margin of conservatism, regulatory add-on, and downturn component.

BANKS: IRBBB

The Basel Committee on Banking Supervision's consultation on the recalibration of shocks for interest rate risk in the banking book (IRRBB) closes for responses on 28 March 2024. The adjustments proposed by the BCBS are in line with its commitment to periodically update the calibration of the interest rate shock factors used in its 2016 standard. In its related press release, the BCBS confirmed that the consultation is separate to its ongoing analysis of interest rate risk following the March 2023 banking turmoil.

BENCHMARKS REGULATION

Following the publication of the draft report of the European Parliament's rapporteur on the European Commission's proposal to amend the EU Benchmarks Regulation, a vote in the Parliament's ECON Committee on its negotiating position is provisionally scheduled for 4 March 2024.

The European Commission's proposal involves limiting registration and authorisation requirements, and most of the Regulation's substantive requirements, to critical benchmarks, significant benchmarks, EU climate transition benchmarks, EU Paris-aligned benchmarks and certain commodity benchmarks.

While the EU Council confirmed its negotiating mandate on 20 December 2023, even if the ECON vote takes place on 4 March 2024 as planned, time is running out for trilogue negotiations to start and complete before the European elections this summer, so this proposal may still be in trilogues later this year.

EUROPEAN SINGLE ACCESS POINT (ESAP)

The European Supervisory Authorities' Consultation Paper on the draft ITS on the tasks of the collection bodies and the functionalities of the ESAP closes on 8 March 2024.

The ESAP framework will involve a two -step reporting system. First, reporting entities will submit information to a collection body. Second, the collection bodies will submit that information to ESAP. Collection bodies will be EU or national bodies/authorities who are designated for that purpose in the directives and regulations that are within ESAP's scope (for instance, the Central Bank of Ireland). The consultation sought feedback on the tasks of collection bodies (e.g. automated validations to be performed on the information submitted by entities; the characteristics of qualified electronic seal (QES) (collection bodies may require a QES from those submitting information to ensure its authenticity and integrity); the time limits for providing the information to ESAP; and the indicative list of formats that are acceptable as data extractable and as machine readable). The ESAs also looked for feedback on ESAP's functionality (e.g. the LEI to be used to identify the entities that submit the information or to which the information relates; the classification of the types of information; the categories for the size of the entities; and the characterisation of industry sectors to classify the information contained in ESAP and allow users to search for it).

For more information on the ESAP, read our insights here: ESAP Regulation published in Official Journal; timing confirmed and ESAP: Platform for public information on companies and financial products to go live in 2027.

INSURANCE

Prolongation of US equivalence

The European Commission's consultation (Third-country insurers - prolongation of US provisional equivalence decision (Solvency II)) on a draft delegated decision on the renewal of its determination that the solvency regime in force in the US applicable to undertakings with their head office in the US is provisionally equivalent to that laid down in Title I, Chapter VI of the Solvency II Directive closes on 5 March 2024.

Provisional equivalence was already granted from 1 January 2016 to 1 January 2026, and can be renewed for a further 10 years if certain criteria are met. The Commission plans to adopt the Delegated Decision in Q1 2024 and extend US equivalence for a further 10 years.

SME access to cyber-insurance

EIOPA's survey on access to cyber insurance by SMEs closes on 20 March 2024. EIOPA is looking for more insight into the challenges SMEs face in protecting themselves from cyber risks and to evaluate the level of access to cyber insurance. The survey involves gathering information on the size and type of business of the surveyed enterprises, the level of cyber risk awareness vis-à-vis their business, the availability, affordability, and understanding of cyber insurance products. It also seeks information on SMEs' experience and perceptions of cyber insurance.

Value-for-money benchmarks

EIOPA's public consultation on its proposed methodology for setting value-for-money benchmarks for unit-linked and hybrid insurance products closes on 15 March 2024. This consultation is not related to the benchmarks proposed by the European Commission under its Retail Investment Strategy. Instead, it forms part of the toolkit that EIOPA began developing in 2020 to equip supervisors with additional risk-based tools and enhance their ability to identify products in their markets that may not deliver fair value for money.

MARKETS IN CRYPTO-ASSETS REGULATION (MICA)

The EBA's consultation paper on draft RTS specifying the requirements for policies and procedures on conflicts of interest for issuers of asset-referenced tokens (ARTs) under MiCA closes on 7 March 2024.

ART issuers must implement and maintain effective policies and procedures to identify, prevent, manage and disclose conflicts of interest. Those policies and procedures should ensure that ART issuers consider all circumstances which could (or could be perceived to) influence or affect their ability or the ability of their connected parties to make impartial and objective decisions.

The EBA's draft RTS are particularly focused on conflicts of interest that could arise in relation to the reserve of assets, personal transactions, and the issuer's remuneration procedures, policies and arrangements. The draft RTS also set out the content of the disclosure which ART issuers should make available to the public in the relevant languages on their websites.

MIFID II: COSTS AND CHARGES

In its December 2023 Dear CEO Letter on ESMA's Common Supervisory Action on MiFID II Costs and Charges, the Central Bank asked all Irish-authorised MiFID investment firms and credit institutions providing MiFID II services to:

  • Review their costs and charges practices against the ESMA public statement and the findings, expectations and good practices set out in Schedule 1 of the Dear CEO letter.
  • Document the above review, which must include details of actions taken to address the findings in the ESMA public statement and this letter.
  • Complete the review and discuss and approve an action plan at board level by 31 March 2024, with the minutes of the relevant board meeting to reflect the discussions and approval of the Board.

MIFID II: INVESTOR PROTECTION

ESMA's discussion paper on investor protection topics linked to digitalisation under the MiFID II Directive closes for comments on 14 March 2024 (and responses received will help ESMA decide whether a regulatory response is needed).

The paper focuses on the retail investments landscape, in particular the recent increase in the adoption of digital tools and social media by firms and retail investors. It also explores how technology impacts retail investor behaviour and decision-making, and the opportunities and the potential risks linked to digitalisation.

Draft recommendations made by ESMA in the paper cover matters such as layering and accessibility of information, digital marketing communications and practices, gamification, and digital engagement practices (such as dark patterns).

MIFID II/MIFIR: AMENDMENTS

The politically agreed texts of the changes to MiFID II and MiFIR are likely to be published in the Official Journal in March 2024 (the texts are here (directive) and here (regulation)). Notable aspects of the changes are the establishment of EU-level consolidated tapes, a general ban on payments for order flow, and new rules on commodity derivatives. The regulation will apply immediately, whereas EU Member States will have 18 months to transpose the directive.

OPERATIONAL RESILIENCE: SECOND BATCH OF DORA POLICY MANDATES

The consultation period for the second batch of policy mandates under the Digital Operational Resilience Act (DORA) closes on 4 March 2024. That batch of policy mandates included consultations on the following:

  • Draft RTS and draft ITS on content, timelines and templates for ICT-related incident reporting. The draft RTS cover the content of major incident reports for major ICT-related incidents; the time-limits for the submission of an initial notification, intermediate and final reports for each major incident; and the content of the notification for significant cyber-threats. The draft ITS contain a single template covering the initial notification, intermediate and final reports.
  • Draft RTS on the harmonisation of conditions enabling the conduct of oversight activities. DORA (at Article 41(1)) requires that the EBA draft RTS specifying (a) the information to be provided by an ICT third–party service provider in the application for a voluntary request to be designated as critical; (b) the information to be submitted by the ICT third–party service providers that is necessary for the lead overseer to carry out its duties; (c) the criteria for determining the composition of the joint examination team, their designation, tasks, and working arrangements; and (d) the details of the competent authorities' assessment of the measures taken by ICT third-party service providers designated as critical (CTPPs), based on the recommendations of the lead overseer. These draft RTS deal with (a), (b) and (d). Item (c) regarding the joint examination team will be the subject of a separate, later consultation.
  • Draft RTS specifying elements related to threat-led penetration tests. DORA requires the ESAs to develop draft RTS in accordance with the TIBER-EU framework to specify further the criteria used for identifying financial entities required to perform threat-led penetration testing, the requirements and standards governing the use of internal testers, the requirements in relation to scope, testing methodology and approach for each phase of the testing, results, closure and remediation stages and the type of supervisory and other relevant cooperation needed for the implementation of threat-led penetration tests and for the facilitation of mutual recognition.
  • Draft RTS specifying the elements which a financial entity needs to determine and assess when subcontracting ICT services supporting critical or important functions. DORA requires financial entities to include, in contractual arrangements on the use of ICT services, a clear and complete description of all functions and ICT services to be provided by the ICT third-party service provider, indicating whether subcontracting of an ICT service supporting critical or important functions, or material parts thereof, is permitted and, when that is the case, the conditions applying to such subcontracting. The ESAs are required to develop draft RTS to further specify the elements which a financial entity needs to determine and assess when subcontracting ICT services supporting critical or important functions. These draft RTS set out requirements on when the use of subcontracted ICT services supporting critical or important functions or material parts thereof by ICT third-party service providers is permitted by financial entities and set out the conditions applying to such subcontracting. The draft RTS require financial entities to assess the risks associated with subcontracting during the precontractual phase; this includes the due diligence process. They also set out requirements regarding the implementation, monitoring and management of contractual arrangements regarding the subcontracting conditions for the use of ICT services supporting critical or important functions or material parts thereof ensuring that financial entities are able to monitor the entire ICT subcontracting chain.
  • Draft Guidelines on aggregated costs and losses from major ICT-related incidents. The draft guidelines aim to harmonise the estimation by financial entities of their aggregated annual costs and losses caused by major ICT-related incidents, which are then to be reported by financial entities (other than microenterprises) to their competent authority on request.
  • Draft Guidelines on the oversight cooperation and information exchange between the ESAs and the competent authorities under DORA. As part of DORA, the ESAs and competent authorities have received new roles and responsibilities. The relevant ESA (as lead overseer) will be responsible for oversight activities in respect of the CTPPs, and issue recommendations and follow up with the CTPPs on these recommendations. Competent authorities will participate in the lead overseer's oversight of the CTPP as part of the joint examination team and follow up with financial entities concerning the risks identified in the recommendations.

OPERATIONAL RESILIENCE: MARKET OUTAGES

IOSCO's consultation on market outages closes for feedback on 1 March 2024. IOSCO launched the consultation to identify lessons from market outages that took place in recent years, and to examine how to develop good practices for trading venues to improve market-wide resilience in the event of an outage. IOSCO has proposed five good practices for trading venues to consider improving market-wide resilience during an outage, which cover outage plans; communication plans; communicating timely information on reopening of trading; ensuring that processes and procedures for operating closing auctions or establishing alternative closing prices are set out in the outage plan; and carrying out 'lessons-learnt' exercises.

IOSCO had previously looked at issues concerning market outages, and recommended mitigating actions, in July 2022 (operational resilience of trading venues and market intermediaries during the COVID-19 pandemic & lessons for future disruptions).

SANCTIONS / RESTRICTIVE MEASURES: PSPS AND CASPS

The EBA's public consultation on two sets of guidelines on internal policies, procedures and controls to ensure the implementation of EU and national restrictive measures, including targeted financial sanctions and sectoral measures closes on 25 March 2024. This public consultation was particularly targeted geared at creating a common understanding among payment service providers (PSPs), crypto-asset service providers (CASPs) and their supervisors, of the steps they need to take to be able to comply with restrictive measures.

SECURITISATION – DISCLOSURE TEMPLATES

ESMA's December 2023 consultation on possible changes to its disclosure templates closes on 15 March 2024. The existing Level 2 measures potentially impacted by the consultation are Commission Delegated Regulation (EU) 2020/1224 (RTS specifying the information and the details of a securitisation to be made available by the originator, sponsor and SSPE) and Commission Implementing Regulation (EU) 2020/1225 (ITS on the format and standardised templates for making available the information and details of a securitisation by the originator, sponsor and SSPE).

ESMA is looking for feedback on four proposed options for the revision of the securitisation disclosure framework:

  • Option A proposes to put on hold the review of the templates until further changes to the Level 1 text.
  • Option B suggests maintaining the current framework with the introduction of few amendments.
  • Option C focuses on a targeted review aimed at streamlining the disclosure templates and developing a dedicated template for private securitisation. This option is the most likely to be supported by industry stakeholders (in particular given the length of time that it could take to implement Option D, and as streamlining is seen as crucially important).
  • Option D proposes a thorough review of the disclosure templates, aiming at a fundamental simplification of the framework.

SECURITISATION – STS SECURITISATIONS

Commission Delegated Regulation (EU) 2024/584 applies from 6 March 2024. It amends the existing regulatory standards on the homogeneity of the underlying exposures in simple, transparent and standardised (STS) securitisations by amending the list of homogeneity factors related to the type of obligors for auto loans and leases, and credit card receivables granted to enterprises. This is to take account of the fact that originators or original lenders might assess the credit risk on those exposures in a manner more aligned with exposures to individuals rather than to corporates.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.