With just over three months to go before the Securitisation Regulation (the "Regulation") takes effect, in the below briefing we consider the actions which will need to be taken by UCITS management companies, AIFMs, internally managed UCITS and internally managed AIF funds ("Man Co") in respect of exposure generated to securitisations issued on or after 1 January next.
Identified as one of the cornerstones of the Capital Markets Union, the reform of the European securitisation market aims to boost lending to European businesses and households as well as broadening investment opportunities for investors. The Regulation introduces a harmonised securitisation framework for all securitisations, replacing the existing piecemeal framework where rules governing securitisation are set down in various sectoral pieces of legislation. Under the Regulation, all institutional investors will be subject to the same securitisation rules, creating a "level playing field in the internal market for all institutional investors".
It also creates a regulatory framework for simple, transparent and standardised securitisations (STS securitisations) in order to encourage originators and sponsors to establish more transparent and less risky securitisation structures. Under this regime, regulatory capital requirements for EU institutions' exposure to STS securitisations will generally be more favourable than those for exposure to non-STS securitisations. In order to be classified as an STS securitisation, certain specific rules set down in the Regulation relating to simplicity, transparency and standardisation must be complied with. In the context of Brexit, it is worth highlighting that any securitisation which involves a non-EU originator, sponsor or SSPE cannot qualify as an STS securitisation, nor does the Regulation establish an equivalence regime for third countries.
The Regulation is intended to capture any transaction or scheme whereby the credit risk associated with an exposure or pool of exposures is tranched.
New regulatory framework for Man Co gaining exposure to securitisations
As readers will be aware, AIFMs which gain exposure to securitisations on behalf of AIF under management are already required to comply with certain securitisation rules relating to risk retention and due diligence. Although the AIFMD Directive did amend the UCITS Directive to grant the European Commission the power to adopt delegated acts to impose certain securitisation rules relating to investment in securitisations on UCITS management companies, no such delegated acts were in fact ever implemented. This resulted in a situation whereby EU AIFMs were required to comply with certain requirements with respect to investment in securitisation whereas UCITS management companies were not. This has now been addressed under the Regulation as both UCITS management companies and EU AIFM are subject to the obligations imposed on institutional investors under the Regulation.
It is worth noting that the definition of "AIFM" in the Regulation does not specifically limit the scope of the Regulation to EU AIFMs only as it cross-refers to the definition of "AIFM" in AIFMD which references any legal person whose regular business is managing one or more AIFs. This raises a question as to whether non-EU AIFMs who manage and/or markets AIF in the EU could fall within the scope of the Regulation. No guidance has been issued on this point to date however we will update you if and when the position becomes clearer.
In the absence of any further clarity on the point, the definition of "AIFM" in the Regulation will also bring registered AIFM within the scope of the Regulation. Unlike the securitisation regime under AIFMD, the Regulation imposes a different set of due diligence requirements on the Man Co depending on whether the securitisation involved is an ABCP securitisation, being an asset backed commercial paper with an original maturity of one year or less. By way of example only, a Man Co is required to conduct a different type of risk assessment on ABCP securitisations prior to acquisition, conduct different stress testing on ABCP securitisations, and is required to ensure that it receives investor reports more frequently.
Furthermore, the specific rules to be complied with in order to be designated as an STS securitisation will vary depending on whether the securitisation is an ABCP securitisation or a longer-term securitisation.
The Regulation imposes six obligations on Man Co, each of which is considered below. These obligations will need to be complied with regardless of whether the relevant Man Co gains exposure to EU or non-EU securitisations. Unless it is the case that ESMA confirms that non-EU securitising entities with an EU investor base are in fact subject to the transparency obligations set down in Article 7 of the Regulation, it is likely to be easier for a Man Co to obtain the information it requires in order to meet these due diligence requirements in the case of EU securitisations than non-EU securitisations by virtue of the direct obligations clearly imposed on EU securitising entities under the Regulation to make such information available to investors.
(i) Conduct due diligence on the credit-granting process of the originator or original lender
Before a Man Co acquires a securitisation on behalf of a fund under management, it must carry out due diligence on the credit-granting processes of the originator or original lender. However, marking a departure from the rules under AIFMD, no such obligation arises where the relevant entity is an EU regulated bank or investment firm.
Where the relevant originator or original lender is an EU corporate entity, the Man Co must verify that the credit-granting procedures of the originator or original lender meet specific criteria set down in the Regulation. In the case of non-EU originators or original lenders, the Man Co must be satisfied that the credit-granting process of that entity involves a "thorough assessment of the obligor's creditworthiness".
Where the Man Co intends to gain exposure to a "fully supported" ABCP transaction", it will not need to carry out due diligence of the relevant credit-granting processes of the relevant originator or original lender as this obligation rests with the sponsor of the ABCP programme.
(ii) Conduct due diligence on risk retention on the part of the securitising entity
Similar to the regime currently applicable to EU AIFM, the Man Co must satisfy itself, both prior to acquisition and on an ongoing basis during the life of the transaction, that one of the securitizing entities retains a material net economic interest of not less than 5% which, regardless of the location of the securitizing entity, must be determined in accordance with Article 6 of the Regulation. While there are certain exemptions afforded to organisations which unconditionally guarantee the relevant securitized exposure, including central governments or central banks, the risk retention rules will apply to all private sector securitisations.
(iii) Confirm that the securitising entity has complied with its disclosure obligations
Where applicable, the Man Co must also verify that the originator, sponsor or SSPE comply with their obligations to make certain information on the securitization available under Article 7 of the Regulation. This includes inter alia, an obligation to make available:
(i) information on the underlying exposures on a monthly or quarterly basis depending on the type of securitisation involved;
(ii) all underlying documentation "that is essential for the understanding of the transaction"
(iii) monthly or quarterly investor reports, depending on the type of securitisation involved.
In the case of EU public securitisations, EU securitising entities are required under Article 7(2) of the Regulation to make such information available via a securitisation repository. In the case of EU private securitisations, the Man Co should seek to ensure that the securitization documentation confirms that such information will be provided to investors.
As noted above, it is not clear from the Regulation whether the obligation to make such information available under Article 7 applies to non-EU securitising entities with an EU investor base. If ESMA deems such entities to be outside of the scope of Article 7, the Man Co will not need to comply with this verification obligation. However, in practice Man Co are likely to look for this level of information from non-EU securitising entities to allow them to conduct the necessary risk assessment required under Article 5(3) of the Regulation and the ongoing due diligence required under Article 5(4) of the Regulation.
(iv) Assess the risks associated with the relevant securitisation
The Man Co must use the information it obtains from the securitizing entity directly or via the securitization repository to conduct an analysis of the risks involved with the relevant position before it gains exposure to that securitization.
This assessment must consider risk characteristics of the individual securitisation position and of underlying exposures and the structural features of the securitisation which could materially impact the performance of the securitisation position. Where the relevant securitisation is designated as an STS transaction, the Man Co must satisfy itself that the securitisation meets the requirements imposed on STS under the Regulation. In this regard, the Regulation provides that the Man Co may rely "to an appropriate extent" on the fact that the STS has been notified to ESMA and the information disclosed as part of such notification procedures to satisfy itself that the securitisation does meet the "STS" requirements. However it cannot "solely or mechanistically relying on that notification or information", suggesting that some independent due diligence should be conducted by the Man Co.
Where the Man Co intends to gain exposure to a "fully supported ABCP programme", instead of being obliged to carry out due diligence on the individual securitisation's underlying exposure and structural features of the relevant securitisation, the Man Co must analyse the features of the ABCP programme and the full liquidity support, thus focusing on the financial strength of the support provider rather than considering the credit strength of the underlying exposures.
(v) Implement written policies and procedures, reporting regimes and record-keeping
(a) Monitoring performance of securitisation position/underlying exposures
Under the Regulation, the Man Co must put in place appropriate and proportionate written procedures which enable it to monitor the performance of the securitisation position1 and the underlying exposures and to monitor compliance of the securitisation with the requirements outlined above on an ongoing basis.
Stress tests must also be carried out by the Man Co. The types of stress tests which must be carried out will vary depending on whether the securitisation is a fully supported ABCP transaction or not. In non-ABCP transactions, the stress testing must assess cash flows and collateral value supporting the underlying exposure while in the case of ABCP transactions, the stress testing must be conducted on the solvency and liquidity of the sponsor. It is worth noting that while the obligation to conduct stress testing was imposed under AIFMD, such stress testing was only required where the AIFM assumed exposure "to a material value" of the credit risk to the relevant securitization whereas under the Regulation, the stress tests must be carried out regardless of the materiality of the credit risk to the relevant securitization, albeit in a manner appropriate to the nature, scale and complexity of the risk of the securitization position.
(c) Reporting structure
The reporting structure within the Man Co must be such that (i) senior management are aware of the material risks associated with securitisation and (ii) such risks are adequately managed. Again this marks a departure from the current AIFMD regime under which reporting to senior management is only required where there is a "material assumption of exposure to securitisations".
The Man Co must be in a position to demonstrate to its competent authority that it has implemented appropriate written policies and procedures for the risk management of the securitization and for recording all due diligence and verifications carried out on 1 securitisations. It must also be in a position to demonstrate to its competent authority that it fully understands the securitisation position and its underlying exposures.2
(vi) Take corrective action where a securitisation does not comply with the Regulation
Under the revisions made to the AIFMD and the UCITS directive by the Regulation, the Man Co must, "in the best interests of the investors of the relevant fund, act and take corrective action if appropriate" where the securitization no longer complies with the Regulation. It is worth noting that while any such corrective action may involve disposing of the position, the wording is such that the Man Co may be in a position to retain the holding if it can be satisfied that the securitizing entity is in a position to correct the relevant breach immediately.
Review of investment universe
In the first instance, each Man Co will need to review the investment universe of funds under management to determine whether any such funds gain exposure to positions which constitute a "securitisation" within the meaning of the Regulation.
Revision of investment processes
If a Man Co determines that certain funds may gain exposure to securitisations, it will then need to revise its investment process to ensure that the relevant due diligence checks and risk assessment have been completed prior to gaining exposure to a securitisation.
Revision of existing policies and procedures
The Man Co should also review and make any necessary amendments to its risk management policies and procedures to ensure that they are sufficiently robust to properly assess, monitor and manage the risks associated with securitisations and will stand up to the scrutiny of the relevant competent authority if necessary. This will include putting in place appropriate stress-testing arrangements. The specific form of such policies and procedures will vary depending on whether the Man Co itself is making investment decisions relating to securitisations or whether this function has been delegated to a delegate investment manager. Where the Man Co delegates such investment decisions to a third party and will therefore be relying on the policies and procedures of its delegate to satisfy its own regulatory obligations under the Regulation, it will need to be mindful of the delegation requirements set down Part IV of the Central Bank's Fund Management Companies-Guidance.
The record retention policy of the Man Co should also be updated to address how verification and due diligence records relating to the securitisations will be maintained.
Revision of contractual arrangements with delegate investment managers
The Regulation specifically addresses the delegation of investment management decisions to a third party. It provides that where an institutional investor (such as a Man Co) has given another "institutional investor" the authority to make investment management decisions that might result in an exposure to a securitisation, the Man Co may instruct any such delegate to fulfil its due diligence obligations arising under the Regulation. It goes on to provide that where the relevant delegate constitutes an "institutional investor" as defined in the Regulation (which includes EU investment firms), competent authorities may impose sanctions on the delegate for failing to comply with the obligations under the Regulation rather than on the Man Co itself. In the case of non-EU delegates, any sanctions or remedial measures for failure to comply with the Regulation will be imposed on the Man Co itself.
Man Co should therefore revisit contractual arrangements with their delegate investment manager(s) so as to contractually agree that the delegate will fulfill the obligations of the Man Co under the Regulation.
Review of prospectus disclosures
Finally, where relevant, the Man Co may wish to consider revising the prospectus of the relevant fund to include risk warnings relating to the impact that the Regulation might have on that fund. This might include by way of example only, highlighting that the investment universe may be restricted as a result of the obligations imposed on the Man Co under the Regulation or highlighting that additional costs may be borne by the relevant fund as a result of the Man Co's due diligence obligations under the Regulation.
The new rules outlined above will apply to Man Co in respect of any securitisation, the securities of which are issued on or after 1 January 2019.However, the Regulation itself provides that AIFM will be required to continue to comply with the risk retention rules and due diligence requirements imposed under the AIFMD framework in respect of any securitisation whose securities were issued before 1 January 2019.
Given the scope of obligations imposed on Man Co under the Regulation, clients are advised to take appropriate steps to ensure that they are in a position to comply the Regulation from 1 January onwards.
1. Article 5(4) of the Regulation sets down a list of matters should be monitored by the relevant institutional investor on an ongoing basis, including (i)exposure type, (ii) percentage of loans more than 30, 60 and 90 days past due, (iii) default rates, (iv) prepayment rates, (v) loans in foreclosures, (vi) recovery rates, (vii) repurchases, (viii) loan modifications, (ix) payment holidays, (x) collateral type and occupancy and (xi) frequency distribution of credit scores or other measures of credit worthiness.
2. In the case of exposures to a fully supported ABCP programme, the Man Co must be able to demonstrate to the Central Bank that it has a "comprehensive and thorough understanding of the credit quality of the sponsor and of the terms of the liquidity facility provided".
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.