At the end of each month, the SAFE Regulatory Radar highlights a selection of important news and developments on financial regulation at the national and EU level.
Securitization Regulation: more clarity when switching to sequential amortization
On 19 September 2022, the European Banking Authority (EBA) published its final draft regulatory technical standards (RTS) that specify and, where relevant, calibrate the performance-related triggers pursuant to the Securitisation Regulation as amended by Regulation (EU) 2021/557 (SECR). According to SECR, on-balance-sheet securitizations featuring non-sequential priority of payments must include triggers related to the performance of the underlying exposures to be labelled as simple, transparent, and standardized (STS). Based on these performance-related triggers, the non-sequential amortization is reverted to sequential payments in order of seniority to guarantee that tranches providing credit protection have not already been amortized when significant losses occur at the end of a transaction. The RTS now being released elaborate on the characteristics of these backward-looking and forward-looking triggers.
The SECR requires the implementation of two backward-looking triggers. The first backward-looking trigger must either refer to the increase in the cumulative amount of defaulted exposures or the increase in the cumulative losses greater than a given percentage of the outstanding amount of the underlying portfolio at the closing date of the transaction. The second backward-looking trigger relates to the detachment point of the most senior protected tranche, namely the least subordinated tranche in terms of distribution of losses that benefits from eligible credit protection. It is activated if the most senior protected tranche decreases below a certain percentage of that detachment point determined at the closing date of the transaction. The critical thresholds for both triggers depend on assessments made by the parties to the securitization at inception, whose effectiveness must be tested in a back-loaded loss distribution scenario taking the losses expected over the entire maturity of the transaction into account.
The SECR also requires the consideration of one forward-looking trigger, which depends on the level of granularity of the pool of effective underlying exposures. In case of non-granular pools, the trigger refers to concentration risk and is activated if the outstanding amount of several of the largest securitized exposures towards individual obligators exceeds the sum of the outstanding amounts of the most senior protected tranche and of the tranches subordinated to that tranche by a given number. In case of granular pools, the trigger refers to credit risk and is activated if the ratio between the outstanding amount of underlying exposures assigned to a higher credit risk bucket, and the outstanding amount of the underlying portfolio exceeds the corresponding proportion at the closing date of the transactions by a given percentage. The critical thresholds for both triggers thus refer to the starting point of the risk distribution at inception.
These backwards- and forward-looking triggers were submitted to the European Commission and are subject to scrutiny by the European Parliament and the Council before being published in the Official Journal. Previously, RTS on the risk retention requirements for securitizations and on the content and format of STS securitization notification for on-balance sheet securitizations have been published as being reported in the SAFE Regulatory Radar editions in April 2022 and October 2021.
Financial Markets: new suitability requirements for investment firms
On 23 September 2022, the European Securities and Markets Authority (ESMA) published its guidelines on certain aspects of the MiFID II suitability requirements for investment firms – two months after the European Insurance and Occupational Pensions Authority (EIOPA) provided guidance on the same matter for insurance manufacturers, undertakings, and intermediaries. Last month, the SAFE Regulatory Radar covered that entities being subject to the Markets in Financial Instruments Directive (MiFID II) must now integrate the individual sustainability preferences of potential clients when identifying conflicts of interest and assessing the suitability of an investment. To ensure the common, uniform, and consistent application of the suitability requirements and the client’s ability to understand the risks and nature of the financial instruments to be recommended, ESMA's guidelines support firms on how to
- collect only necessary information about the client’s knowledge, experience, investment objectives, and financial situation, including its current income, assets, and commitments, dependent on the type of financial instrument, the needs and circumstances of the client, the type of the client and the nature and extent of the portfolio management service;
- ensure reliable, accurate, and consistent client information by revealing the client’s financial knowledge, degree of self-overestimation, risk tolerance, and risk perception as far as objectively possible;
- assess whether the client prefers considering environmental, social or governance sustainability factors (or a combination of them) as well as principal adverse impact indicators; and
- establish, implement, and maintain adequate procedures to understand the essential facts and characteristics of their clients, such as clear and comprehensible questionnaires, inter alia.
Investment firms – in contrast to national competent authorities – are neither required to report nor to explain whether they comply with these guidelines or not.
Financial services: exemptions from applying strong customer authentication
On 16 August 2022, the European Commission published a Delegated Regulation that amends the regulatory technical standards supplementing the Revised Payment Services Directive (PSD2). The new act results from the legal requirement to regularly update the RTS based on a recommendation by the EBA and aims at avoiding undesirable frictions in the customer journey through introducing exceptions from the application of strong customer authentication (SCA). The updated RTS foresee that multi-factor online authentication must not be applied if customers use an account information service provider to access their payment account information, namely the balance and recent transactions, and the account service payment providers apply SCA for the first access, in case of indicators for unauthorized or fraudulent access and periodically. If customers access the account information directly, SCA may be applied. In both cases, SCA must now be renewed every 180 days instead of every 90 days. The regulation shall enter into force 20 days after its publication in the Official Journal.
Current public consultations:
Carl-Georg Luft is Research Assistant at the SAFE Policy Center.