Having regard to the Treaty on the Functioning of the European Union,

Having regard to Regulation (EU) 2017/2402 of the European Parliament and of the Council of 12 December 2017 laying down a general framework for securitisation and creating a specific framework for simple, transparent and standardised securitisation, and amending Directives 2009/65/EC, 2009/138/EC and 2011/61/EU and Regulations (EC) No 1060/2009 and (EU) No 648/2012, and in particular Article 28(4) thereof,


  1. (1)

    The information to be provided by a third party seeking authorisation to assess the compliance of securitisations with the STS criteria provided for in Articles 19 to 22 or Articles 23 to 26 of Regulation (EU) 2017/2402 should enable a competent authority to evaluate whether and to what extent the applicant meets the conditions of Article 28(1) of the Regulation (EU) 2017/2402.

  2. (2)

    An authorised third party will be able to provide STS assessment services across the Union. The application for authorisation should therefore comprehensively identify that third party, any group to which it belongs as well as the scope of its activities. With regard to the STS assessment services to be provided, the application should include the envisaged scope of the services to be provided as well as their geographical scope.

  3. (3)

    To facilitate the effective use of a competent authority's authorisation resources, each application for authorisation should include a table clearly identifying each submitted document and its relevance to the conditions that must be met for authorisation to the granted.

  4. (4)

    To enable the competent authority to assess whether the fees charged by the third party are non-discriminatory and are sufficient and appropriate to cover the costs for the provision of the STS assessment services, as required by Article 28(1)(a) of Regulation (EU) 2017/2402, the third party should provide comprehensive information on pricing policies, pricing criteria, fee structures and fee schedules.

  5. (5)

    To enable the competent authority to assess whether the third party is able to ensure the integrity and independence of the STS assessment process, that third party should provide information on the structure of those internal controls. Furthermore, to enable the competent authority to assess whether the quality of the operational safeguards over the STS assessment process is sufficiently high to ensure that its results cannot be unduly influenced, and to assess whether the members of the management body comply with the requirements laid down in Article 28(1)(d) of Regulation (EU) 2017/2402, the third party should provide comprehensive information on the composition of the management body and on the qualifications and repute of each of its members.

  6. (6)

    The concentration of a third party's revenue is a determinative factor in the assessment of its independence and integrity. Revenue concentration may not only come from a single undertaking but can also arise via revenue streams earned from a group of economically connected undertakings. In that context, a group of economically connected undertakings should be understood as a group of related entities as referred to in paragraph 9(b) of International Accounting Standard 24 ("related party disclosures") in the Annex to Commission Regulation (EC) No 1126/2008, where the terms "entity" and "reporting entity" should be construed as referring to "undertaking" for the purposes of this Regulation.

  7. (7)

    Securitisation instruments are complex, evolving products that require specialised knowledge. To enable the competent authority to assess whether the third party has sufficient operational safeguards and internal processes to assess STS compliance, the third party should provide information on its procedures relating to the required qualification of its staff. The third party should also demonstrate that its STS assessment methodology is sensitive to the type of securitisation and that specifies separate procedures and safeguards for ABCP transactions/programmes and non-ABCP securitisations.

  8. (8)

    The use of outsourcing arrangements and a reliance on the use of external experts can raise concerns about the robustness of the operational safeguards and internal processes. The application should therefore contain specific information about the nature and scope of any such outsourcing arrangements or use of external experts as well as the third party's governance over those arrangements.

  9. (9)

    This Regulation is based on the draft regulatory technical standards submitted by the European Securities and Markets Authority (ESMA) to the Commission.

  10. (10)

    ESMA has conducted open public consultations on the draft regulatory technical standards on which this Regulation is based, analysed the potential related costs and benefits and requested the opinion of the Securities and Markets Stakeholder Group established by Article 37 of Regulation (EU) No 1095/2010 of the European Parliament and of the Council,