Content Options

Content Options

View Options

Status: Please note you should read all Brexit changes to the FCA Handbook and BTS alongside the main FCA transitional directions. Where these directions apply the 'standstill', firms have the choice between complying with the pre-IP completion day rules, or the post-IP completion day rules. To see a full list of Handbook modules affected, please see Annex B to the main FCA transitional directions.

Preamble

THE EUROPEAN COMMISSION,

Having regard to the Treaty on the Functioning of the European Union,

Having regard to Regulation (EU) 2017/2402 of the European Parliament and of the Council of 12 December 2017 laying down a general framework for securitisation and creating a specific framework for simple, transparent and standardised securitisation, and amending Directives 2009/65/EC, 2009/138/EC and 2011/61/EU and Regulations (EC) No 1060/2009 and (EU) No 648/2012, and in particular point (a) of Article 10(7) and points (b), (c) and (d) of Article 17(2) thereof,

Whereas:

  1. (1)

    The entities referred to in Article 17(1) of Regulation (EU) 2017/2402 should be able to fulfil their respective responsibilities, mandates and obligations. The information provided to those entities by securitisation repositories should therefore be of high quality and should lend itself to an aggregation and comparison across different securitisation repositories in a timely, comprehensive and structured manner. Securitisation repositories should therefore assess whether that information is complete and consistent before making it available to those entities and should provide those entities with an end-of-day report and overall data completeness score.

  2. (2)

    The procedures to verify whether the information reported to securitisation repositories by originators, sponsors or SSPEs is complete and consistent should take into account the variety of securitisation types, features and practices. It is therefore appropriate to provide for verification procedures that include the comparison of the information reported with respect to similar securitisations, such as securitisations sharing the same or related originator, underlying exposure type, structural feature or geography.

  3. (3)

    To ensure the quality of the information reported, verification procedures should also apply to the completeness and consistency of the documentation supporting that information. Given, however, the relative difficulty in verifying completeness and consistency of that documentation, securitisation repositories should request reporting entities to confirm in writing that the underlying securitisation documentation made available by them is complete and consistent. Material updates to documentation already reported should be considered a new securitisation document requiring a written confirmation request.

  4. (4)

    To enable the entities referred to in Article 17(1) of Regulation (EU) 2017/2402 to fulfil their respective responsibilities, mandates and obligations, the details of securitisations to which those entities must have direct and immediate access should be comparable across securitisation repositories in a harmonised and consistent manner. Those details should therefore be provided in Extensible Markup Language (XML) format because that format is widely used in the financial industry.

  5. (5)

    Confidentiality of any type of data exchanged between securitisation repositories and the entities referred to in Article 17(1) of Regulation (EU) 2017/2402 should be ensured. Such exchanges should therefore be carried out through a secure machine-to-machine connection by using data encryption protocols. To ensure minimum common standards, an SSH File Transfer Protocol should be used.

  6. (6)

    Data concerning the latest securitisation underlying exposures, investor reports, inside information and significant event information, as well as indicators of the quality and timeliness of those data, are essential for ongoing monitoring of securitisation investment positions and potential investments, as well as financial stability and systemic risk. The entities referred to in Article 17(1) of Regulation (EU) 2017/2402 should therefore have access to those data on an ad hoc or predefined periodic basis proportionate to their needs for receiving it.

  7. (7)

    Securitisations are complex and heterogeneous and the users accessing information from securitisation repositories are diverse. It is therefore essential that the direct and immediate access to specific datasets and information is facilitated. That access should include access in a machine-readable format where the information relates to data and to all current and historical information on a securitisation stored within a repository. For that purpose, a framework should be created for ad hoc requests that can be combined to obtain specific information. The deadlines by which securitisation repositories should provide data to the entities referred to in Article 17(1) of Regulation (EU) 2017/2402 should be harmonised to facilitate efficient data processing by those entities and securitisation repositories. At the same time, it should be ensured that data are obtained within deadlines that enable the effective fulfilment of the requesting entities’ responsibilities.

  8. (8)

    The entities referred to in Article 17(1) of Regulation (EU) 2017/2402 rely on the data maintained by securitisation repositories, including for comparing current securitisations with past securitisations. Therefore, it is appropriate to specify that repositories should maintain records of a securitisation for 10 years following the termination of the securitisation, pursuant to Article 10(2) of Regulation (EU) 2017/2402 and Article 80(3) of Regulation (EU) No 648/2012 of the European Parliament and of the Council.

  9. (9)

    The provisions in this Regulation are closely linked, since they deal with standards and procedures relating to the collection and processing of information held by securitisations repositories and access to that information. It is therefore appropriate to include those provisions in a single Regulation.

  10. (10)

    This Regulation is based on the draft regulatory technical standards submitted to the Commission by the European Securities and Markets Authority (ESMA).

  11. (11)

    ESMA has conducted an open public consultation on the draft regulatory technical standards on which this Regulation is based, analysed the potential related costs and benefits and requested the opinion of the Securities and Markets Stakeholder Group established in accordance with Article 37 of Regulation (EU) No 1095/2010 of the European Parliament and of the Council,

HAS ADOPTED THIS REGULATION:

Article -1 Interpretation

Where a term used in this Regulation is defined in Regulation (EU) 2017/2402 of the European Parliament and of the Council of 12 December 2017 laying down a general framework for securitisation and creating a specific framework for simple, transparent and standardised securitisation, and amending Directives 2009/65/EC, 2009/138/EC and 2011/61/EU and Regulations (EC) No 1060/2009 and (EU) No 648/2012, that definition shall apply for the purposes of this Regulation unless the contrary intention appears.

Article 1 Definitions

For the purposes of this Regulation, the following definitions shall apply:

  1. (a)

    "reporting entity" means the entity designated in accordance with Article 7(2) of Regulation (EU) 2017/2402;

  2. (b)

    "data cut-off date" means the reference date of the information reported in accordance with Commission Delegated Regulation (EU) 2020/1224.

Article 2 End-of-day report

  1. (1)

    Securitisation repositories shall produce, on a daily basis, a single aggregate end-of-day report for all securitisations reported to them, excluding any reported securitisation that has been rejected in accordance with Article 4(6). That report shall be based on the most recent reported information, shall exclude any reported securitisation that has been rejected in accordance with Article 4(6) and shall include at least the following information:

    1. (a)

      the unique identifier assigned in accordance with Article XI of Delegated Regulation (EU) 2020/1224;

    2. (b)

      the ISIN codes of the tranches, bonds or subordinated loans of the securitisation, where available;

    3. (c)

      the sum of current principal balances of all tranches, bonds or subordinated loans of the securitisation, in GBP, using the exchange rates published on the website of the Bank of England for the previous working day;

    4. (d)

      the securitisation name;

    5. (e)

      whether the securitisation is an ABCP or non-ABCP securitisation;

    6. (f)

      whether the securitisation structure type is type "M" for a Master Trust as reported in field SESS9 of Annex XIV to Delegated Regulation (EU) 2020/1224 or type "S" for all other securitisations;

    7. (g)

      whether the securitisation risk transfer method is "T" for a true sale as reported in field IVSS11 of Annex XII to Delegated Regulation (EU) 2020/1224 or "S" for a synthetic securitisation as reported in field SESV11 of Annex XIV to that Regulation, or "ABCP" for ABCP securitisations;

    8. (h)

      the name and legal entity identifiers ("LEI") of the originator, sponsor and SSPE;

    9. (i)

      the most recent interest payment date in ISO 8601 date format;

    10. (j)

      the timestamp, in ISO 8601 date and time (UCT) format, to the nearest second, of the most recent data submission received by the securitisation repository, or, where there are multiple data submissions referenced against the same data cut-off date, the timestamps, in ISO 8601 date and time (UCT) format, of the earliest and most recent data submissions having the same data cut-off date;

    11. (k)

      the data cut-off date, in ISO 8601 date format, of the most recent data submission received by the securitisation repository;

    12. (l)

      the number of data submissions received by the securitisation repository that are referenced against the same data cut-off date set out in point (k);

    13. (m)

      the data completeness score referred to in Article 3 of the most recent data submission received by the securitisation repository;

    14. (n)

      for non-ABCP securitisations, the country of establishment of the originator or original lender;

    15. (o)

      for ABCP securitisations, the country of establishment of the sponsor;

    16. (p)

      the country where the majority of the underlying exposures is located, in terms of underlying exposure current principal balance;

    17. (q)

      the most prevalent type of the underlying exposures in the securitisation, in terms of current principal balance.

    18. (r)

      For the purposes of point (n), where the securitisation underlying exposures are a combination of exposures from multiple originators or original lenders, the country of establishment of the originator or original lender shall be the country of the originator or original lender that has the largest amount of exposures in terms of current principal balance in the securitisation.

  2. (2)

    Securitisation repositories shall make the end-of-day report available in XML format.

  3. (3)

    Timestamps referred to in this Article shall not diverge by more than one second from the UTC issued and maintained by one of the timing centres listed in the latest Bureau International des Poids et Mesures (BIPM) Annual Report on Time Activities.

Article 3 Scoring of completeness of data

  1. (4)

    Securitisation repositories shall calculate a data completeness score for each data submission by using the scoring matrix set out in Table 1 of the Annex and the following inputs:

    reg_del_2020_1229_oj_DOC_3
    reg_del_2020_1229_oj_DOC_4

    Where:

    reg_del_2020_1229_oj_DOC_5
    denotes the total number of fields in a data submission containing the respective "No Data Option" values that are reported in accordance with Article 9(3) of Delegated Regulation (EU) 2020/1224.

    N denotes the total number of fields in the data submission where any "No Data Option" values (ND1 to ND4) are permitted to be reported in accordance with Article 9(3) of Delegated Regulation (EU) 2020/1224.

    For the purposes of calculating the data completeness score, fields completed using the format of "ND4-YYYY-MM-DD" shall be understood as "ND4".

Article 4 Verification of completeness and consistency of information

  1. (1)

    Securitisation repositories shall verify the completeness and consistency of information reported to them by verifying the following:

    1. (a)

      the name of the reporting entity, as reported in field IVSS4 of Annex XII or in field IVAS3 of Annex XIII to Delegated Regulation (EU) 2020/1224;

    2. (b)

      whether the submission item code as reported in Table 3 of Annex I to Delegated Regulation (EU) 2020/1224 is correct.

  2. (2)

    With regard to the information referred to in points (a), (e), (f) and (g) of Article 7(1) of Regulation (EU) 2017/2402, Securitisation repositories shall also verify the completeness and consistency of information by:

    1. (a)

      verifying whether the information reported complies with the structure and format of the templates set out in Annex II to XV of Commission Implementing Regulation (EU) 2020/1225;

    2. (b)

      comparing the information reported:

      1. (i)

        across different fields for the same data cut-off date and the same underlying exposure, investor report, inside information or significant event information item;

      2. (ii)

        across different underlying exposures, investor report, inside information or significant event information items for the same field and the same data cut-off date;

      3. (iii)

        across the same underlying exposure, investor report, inside information or significant event information items for the same field and different data cut-off dates;

      4. (iv)

        across similar securitisations;

    3. (c)

      verifying whether the data cut-off date of the information reported and the timestamp of the submission comply with Article 10 of Delegated Regulation (EU) 2020/1224;

    4. (d)

      verifying that the "No Data Options" set out in Article 9(3) of Delegated Regulation (EU) 2020/1224, are only used where permitted and do not prevent the data submission from being sufficiently representative of the underlying exposures in the securitisation.

    For ABCP securitisations, references in this paragraph to underlying exposures shall be construed as references to underlying exposure types.

  3. (3)

    Securitisation repositories shall verify the completeness and consistency of the documentation made available to them under point (b) of Article 7(1) of Regulation (EU) 2017/2402 by requesting from reporting entities a written confirmation of the following:

    1. (a)

      that all items referred to in Table 3 of Annex I to Delegated Regulation (EU) 2020/1224 and required to be made available pursuant to point (b) of Article 7(1) of Regulation (EU) 2017/2402 have been provided to the securitisation repository;

    2. (b)

      that the documentation is consistent with the actual arrangements and features of the securitisation.

  4. (4)

    The written confirmation referred to in paragraph 3 shall be requested within the following timeframes:

    1. (a)

      within five working days of the first issuance of securities under the securitisation or, for ABCP securitisations, within five working days of the first issuance of securities under the ABCP programme;

    2. (b)

      every 12 months from the dates of the requests referred to in point (a);

    3. (c)

      within five working days of a new document being made available pursuant to point (b) of Article 7(1) of Regulation (EU) 2017/2402.

    A securitisation repository that has not received a written confirmation within 14 days of the date of any request referred to in the first subparagraph shall request the reporting entity to provide it with the written confirmation within 14 days.

  5. (5)

    Securitisation repositories shall verify whether the STS notification referred to in point (d) of Article 7(1) of Regulation (EU) 2017/2402, which has been made available to that securitisation repository complies with the structure and format of the templates set out in the Annexes to Commission Implementing Regulation (EU) 2020/1227.

  6. (6)

    A securitisation repository shall reject a submission of information that is incomplete or inconsistent pursuant to paragraphs 1, 2, and 5, except for sub-points (iii) and (iv) of point (b) of paragraph 2. The securitisation repository shall assign submissions rejected pursuant to this paragraph to one of the rejection categories set out in Table 2 of the Annex.

  7. (7)

    The securitisation repository shall notify the entities referred to in Article 17(1) of Regulation (EU) 2017/2402 without undue delay of the following:

    1. (a)

      that the submitted information is incomplete or inconsistent pursuant to sub-points (iii) and (iv) of point (b) of paragraph 2;

    2. (b)

      that the securitisation repository has not received the written confirmation referred to in paragraph 3.

  8. (8)

    Within one hour of the receipt of the information referred to in Article 7 of Regulation (EU) 2017/2402, securitisation repositories shall provide reporting entities with detailed feedback on the results of the verifications performed under paragraphs 1, 2, 3 and 5, including any rejection category assigned pursuant to paragraph 6. That feedback shall also include at least the following::

    1. (a)

      the unique identifier of the securitisation assigned in accordance with Article 11 of Delegated Regulation (EU) 2020/1224;

    2. (b)

      the item code(s) referred to in Table 3 of Annex I to Delegated Regulation (EU) 2020/1224;

    3. (c)

      the submission timestamp, in ISO 8601 date and time (UCT) format, to the nearest second, of the information reported.

  9. (9)

    By 19.00.00 UTC each Monday, securitisation repositories shall produce a report on all information rejected by it since 19.00.00 UTC on the previous Monday. That report shall include at least the following items:

    1. (a)

      the unique identifier of the securitisation assigned in accordance with Article 11 Delegated Regulation (EU) 2020/1224;

    2. (b)

      the securitisation name;

    3. (c)

      the ISIN codes of the tranches or bonds or subordinated loans of the securitisation, where available;

    4. (d)

      the name and LEI of the originator, sponsor and SSPE;

    5. (e)

      the timestamp, in ISO 8601 date and time (UCT) format, to the nearest second, of the submitted information;

    6. (f)

      the submission item code referred to in Table 3 of Annex I to Delegated Regulation (EU) 2020/1224;

    7. (g)

      the rejection category referred to in Table 2 of the Annex to this Regulation and the specific circumstances for assigning that rejection category;

    8. (h)

      any explanation(s) provided by the reporting entity before 17.00.00 UTC on the Monday of the report publication date as to why the reported information is incomplete or inconsistent, or as to why the written confirmation referred to in paragraph 3 has not been provided.

Article 5 Details of information to which access is to be granted

The details of information referred to in point (c) of Article 17(2) of Regulation (EU) 2017/2402 are the following:

  1. (a)

    all information received by the securitisation repository from reporting entities in accordance with Regulation (EU) 2017/2402;

  2. (b)

    the end-of-day report referred to in Article 2, the data completeness score referred to in Article 3 and any information resulting from the verifications carried out pursuant to Article 4 of this Regulation;

  3. (c)

    all formulae and calculation and aggregation methods used to produce the information referred to in points (a) and (b).

Article 6 Terms and conditions for access to details of information

  1. (1)

    Access to the information referred to in Article 5 shall be granted upon request. The request for access shall include the following information:

    1. (a)

      the name of the requesting entity;

    2. (b)

      the contact person at the requesting entity;

    3. (c)

      the type of requesting entity as referred to in Article 17(1) of Regulation (EU) 2017/2402 that requests access;

    4. (d)

      the names of the persons at the requesting entity who will have access to the requested information;

    5. (e)

      credentials for secure SSH File Transfer Protocol connection as required by Article 7(2);

    6. (f)

      whether the request is an ad hoc or predefined periodic request;

    7. (g)

      the identification of the information requested based on any combination of the criteria in paragraph 4;

    8. (h)

      any other technical information relevant to the requesting entity’s access.

  2. (2)

    For the purposes of paragraph 1, securitisation repositories shall:

    1. (a)

      designate a person or persons responsible for liaising with the entities referred to in Article 17(1) of Regulation (EU) 2017/2402;

    2. (b)

      publish on their website the terms and conditions for accessing the information and the instructions for submitting a request for accessing that information;

    3. (c)

      provide access only to the information specified in the request for access;

    4. (d)

      as soon as possible but no later than 30 days following a request to set up access to that information, establish the technical arrangements necessary to enable the entities referred to in Article 17(1) of Regulation (EU) 2017/2402 to submit requests to access that information.

  3. (3)

    Access to the information referred to in Article 5 shall be granted within the following timeframes:

    1. (a)

      no later than 19.00.00 UTC of the day to which the report relates for an ad hoc or predefined periodic request for an end-of-day report as referred to in Article 2;

    2. (b)

      no later than 12.00.00 UTC on the first day following the day of receipt of the request for access where the information concerns a securitisation that has either not yet been priced or has not yet matured or has matured less than one year before the date on which the request was submitted;

    3. (c)

      no later than three working days following the day of receipt of the request for access where the information concerns a securitisation that has matured more than one year before the date on which the request was submitted;

    4. (d)

      no later than three working days following the day of receipt of the request for access where the information concerns several securitisations falling under both points (b) and (c).

  4. (4)

    Securitisation repositories shall grant the entities referred to in Article 17(1) of Regulation (EU) 2017/2402 access to the information referred to in Article 5, based on any combination of the following criteria:

    1. (a)

      securitisation type: non-ABCP or ABCP;

    2. (b)

      securitisation structure type: either "M" for Master Trust as reported in field SESS9 of Annex XIV to Delegated Regulation (EU) 2020/1224 or "S" for all other securitisations;

    3. (c)

      securitisation risk transfer method: either type "Y" for true sale as reported in field IVSS11 in Annex XII to Delegated Regulation (EU) 2020/1224, "Y" for synthetic as reported in field SESV11 in Annex XIV to that Regulation, or "ABCP" for ABCP securitisations;

    4. (d)

      securitisation item code;

    5. (e)

      securitisation underlying exposure type;

    6. (f)

      securitisation underlying exposure section;

    7. (g)

      securitisation investor report template section;

    8. (h)

      securitisation inside information or significant event information template section;

    9. (i)

      identifier:

      1. (i)

        unique identifier;

      2. (ii)

        transaction identifier;

      3. (iii)

        International Securities Identification Number;

      4. (iv)

        new or original tranche/bond identifier;

      5. (v)

        new or original underlying exposure identifier;

      6. (vi)

        new or original obligor identifier;

      7. (vii)

        originator legal entity identifier;

      8. (viii)

        sponsor legal entity identifier;

      9. (ix)

        SSPE legal entity identifier;

      10. (x)

        original lender legal entity identifier;

      11. (xi)

        CLO manager legal entity identifier;

    10. (j)

      geography:

      1. (i)

        geographic region;

      2. (ii)

        governing law;

    11. (k)

      date and time:

      1. (i)

        submission timestamp;

      2. (ii)

        data cut-off date;

      3. (iii)

        tranche/bond issue date;

      4. (iv)

        tranche/bond legal maturity;

      5. (v)

        underlying exposure origination date;

      6. (vi)

        underlying exposure maturity date;

    12. (l)

      currency:

      1. (i)

        tranche/bond currency;

      2. (ii)

        underlying exposure currency denomination.

  5. (5)

    Securitisation repositories shall make the following information available using XML format:

    1. (a)

      the information referred to in point (a) and points (d) to (g) of Article 7(1) of Regulation (EU) 2017/2402;

    2. (b)

      the information produced by securitisation repositories in accordance with Articles 2 and 4 of this Regulation, with the exception of written confirmations received under Article 4(3).

Article 7 Standards for data collection and access

  1. (1)

    Securitisation repositories shall use electronic signature and data encryption protocols to receive data from reporting entities or other securitisation repositories, and to transfer data to the entities referred to in Article 17(1) of Regulation (EU) 2017/2402.

  2. (2)

    For the purposes of paragraph 1, securitisation repositories shall establish and maintain a secure machine-to-machine interface and make that interface available to the reporting entities and the entities referred to in Article 17(1) of Regulation (EU) 2017/2402. That interface shall make use of the SSH File Transfer Protocol.

  3. (3)

    Securitisation repositories shall use standardised XML messages to communicate through the interface referred to in paragraph 2 and make the information set out in Article 6(5) of this Regulation available to the entities referred to in Article 17(1) of Regulation (EU) 2017/2402.

Article 8 Recordkeeping

  1. (1)

    Securitisation repositories shall record the following:

    1. (a)

      verifications pursuant to this Regulation, and any other validation carried out by the securitisation repository;

    2. (b)

      the written confirmations received by the securitisation repository referred to in Article 4(3);

    3. (c)

      the results provided by the securitisation repository to the reporting entity pursuant to Article 4(6);

    4. (d)

      any explanation provided by the reporting entity as to why the submitted information is incomplete or inconsistent, or as to why there is no written confirmation as referred to in Article 4(7);

    5. (e)

      in a reporting log, the details of any corrections or cancellations submitted by the reporting entity;

    6. (f)

      any other information produced or submitted pursuant to this Regulation.

  2. (2)

    Each record shall be retained for 10 years following the termination of the securitisation to which that record relates.

  3. (3)

    The reporting log referred to point (d) of paragraph 1 shall include the unique identifier of the securitisation, the item code, the timestamp of the affected submission, the timestamp of the changes and a clear description of the changes to the submitted information, including the previous and new contents of that information.

ANNEX Table 1 Data completeness scoring matrix Table 2 Rejection categories

Table 1 Data completeness scoring matrix

Input 1: Percentage of fields entered as "ND1"

Input 1 = 0 %

0 % < Input 1 ≤ 10 %

10 % < Input 1 ≤ 30 %

Input 1 > 30 %

Input 2: Percentage of fields entered as "ND2", "ND3", or "ND4-YYYY-MM-DD"

Input 2 = 0 %

A1

B1

C1

D1

0 % < Input 2 ≤ 20 %

A2

B2

C2

D2

20 % < Input 2 ≤ 40 %

A3

B3

C3

D3

Input 2 > 40 %

A4

B4

C4

D4

Table 2 Rejection categories

Rejection categories

Reason

Schema

The submission of information has been rejected because of a non-compliant schema.

Permission

The submission of information has been rejected because the reporting entity has not been granted permission to report on behalf of the originator, sponsor or SSPE.

Logical

The submission of information has been rejected because the item code does not match the available values in Table 3 of Annex 1 of Delegated Regulation (EU) 2020/1224.

Business

The submission of information has been rejected because the data submission does not comply with one or more content validations.

Representativeness

The submission of information has been rejected pursuant to Article 4(6).