European Parliament Votes to Adopt the Securitisation and CRR Amendment Regulations

October 26, 2017


On 26 October 2017, the European Parliament voted in plenary session to adopt the EU regulation intended to lay down common rules on securitisation and to create a European framework for “simple, transparent and standardised” (“STS”) securitisation (the “Securitisation Regulation”).[1] The European Parliament also voted to adopt the EU regulation amending the Capital Requirements Regulation[2] (the “CRR”) (the “CRR Amendment Regulation”)[3] (together, the “Regulations”).

The adopted texts are substantially the same as the draft texts published in June 2017, upon which we commented in our Clients and Friends memorandum dated 27 June 2017.[4]

Legislative Background

It is now over two years since the European Commission originally published its proposals for the two Regulations in September 2015. The Council of the European Union, which comprises representatives of the Member States, adopted its agreed position on amendments to the Commission’s proposals in December 2015.

After lengthy deliberations throughout 2016, the European Parliament proposed significant amendments to the Commission’s proposals, especially to the Securitisation Regulation. There was widespread concern in the European securitisation market about the likely effects of many of Parliament’s proposed amendments.

However, following a series of meetings between representatives of Parliament, the Council and the Commission, in a procedure known as trilogue, a common position was agreed in June 2017, in which many of the Parliament’s more controversial amendments were withdrawn. Compromise texts of the draft Regulations were published soon afterwards. These texts consisted of the Commission’s proposals, together with the amendments agreed by Parliament and Council. Whilst there are still concerns about aspects of the Regulations, the compromise texts were generally viewed as being more supportive of the European securitisation market, than Parliament’s original position.

The Regulations then went through a “Jurist-Linguist” process in which the texts were revised again. Most of the changes to the Regulations resulting from this process are designed to improve the wording of the legislation and to tidy up the texts for grammar, clarity, terminological consistency and references to other EU legislation. The changes were not intended to change the substance of the compromises agreed (although substantive changes were made to the criteria for credit-granting provisions – please see below). Following this process, the European Parliament published revised versions of the Regulations on 19 October 2017[5] in readiness for the final vote in its plenary session on 26 October 2017.

In this memorandum, we have summarised the key provisions and commented further on the obligations that will arise under the Securitisation Regulation. In addition, we have noted some of the points in the June 2017 compromise texts that have caused concern in the industry and the developments since June in that regard.

When will the Regulations Apply and when will the Full Details of the Regime be Known?

Once formally adopted by the Parliament and Council, the Regulations will be published in the Official Journal of the European Union and will enter into force 20 days later. This is likely to be in early 2018. The Regulations will be direct law applicable across the EU (without the need for national laws to implement, unlike EU Directives) and will apply from 1 January 2019.

The Securitisation Regulation will apply to securitisations, the securities of which are issued (or where no securities are issued, the securitisation positions of which are created) on or after the application date of 1 January 2019. The new regime will therefore apply to re-financings and additional note issuances on or after 1 January 2019. Securitisations which have closed prior to 1 January 2019 will not be subject to the Securitisation Regulation unless new securities are issued (or new securitisation positions are created) on or after 1 January 2019. However, pre-1 January 2019 securitisations in respect of which there is a refinancing or an additional note issuance on or after 1 January 2019 will become subject to the new regime upon such refinancing or additional note issuance.

Detailed rules in respect of certain aspects of the Securitisation Regulation are to be contained in Regulatory Technical Standards (“RTS”), together with formal Guidelines. The RTS and Guidelines will be drafted by the specified European Supervisory Authorities[6]: in certain cases, the European Securities and Markets Authority (“ESMA”); and in other cases, the European Banking Authority (“EBA”).[7] The RTS will then need to be adopted by the Commission by way of delegated acts.

The RTS may be published before 1 January 2019, but there is no guarantee that they will apply from that date – there may be uncertainty and complexity in the interim period until they finally become applicable, which could be later in 2019.

The Securitisation Regulation

Risk Retention

Minimum Risk Retention Levels

The current minimum risk retention level of 5% for each mode of risk retention has been maintained in the Securitisation Regulation[8], notwithstanding previous proposals in Parliament to increase this level for some methods of risk retention.

Risk Retention: Role of the ESRB and the Potential for a Revision of Minimum Risk Retention Levels

The Securitisation Regulation contains provisions empowering the European Systemic Risk Board, where material financial stability risks are observed, to provide warnings and, where appropriate, issue recommendations for remedial action, including on the appropriateness of modifying the risk-retention levels. It is therefore possible that the minimum risk retention levels could increase in the future, but this appears unlikely.

Risk Retention: “Originator” Definition

The CRR definition of originator has been narrowed in the context of risk retention. An entity shall not, for the purposes of the article on risk retention, be considered to be an originator where it has been established or operates for the “sole” purpose of securitising exposures. This is to avoid the possibility of an “originator” being created for risk retention purposes that met the legal definition, but was not an entity of real substance. The meaning of “sole” purpose may be clarified in risk retention RTS.

Risk Retention: Selection of Assets

The Securitisation Regulation provides that originators will not be permitted to select assets to be securitised with the aim of rendering losses on such assets measured over the life of the transaction (or a maximum of 4 years where the life of the transaction is longer than 4 years), higher than the losses over the same period on comparable assets held on the balance sheet of the originator. This is intended to prevent originators from taking advantage of the fact that they could hold more information than investors on the assets. The Recitals to the Securitisation Regulation note that this is intended to catch an intentional (rather than a negligent) transfer of assets with a higher credit risk profile. This may however create difficulties for originators who do not have assets on their balance sheets to compare against those assets which they securitise.

However, the Recitals also provide another important clarification in that the assets being securitised can have a higher than average credit risk profile compared to the average credit risk profile of comparable assets that remain on the balance sheet of the originator, as long as the higher credit risk profile of the assets is “clearly communicated” to the investors or potential investors. These points may be further clarified in risk retention RTS.

Risk Retention: Direct and Indirect Approaches and Jurisdictional Scope

The CRR currently places the onus on the EU investing institution to ensure that the risk retention obligations have been met. This is referred to as the “indirect” approach, which is also contained in the due diligence requirements in the Securitisation Regulation (please see below). However, this approach is supplemented by a “direct” obligation on one of the originator, sponsor or original lender to comply with the risk retention requirements.

The provisions of the Securitisation Regulation do not explicitly set out the jurisdictional scope of the direct approach, but it appears from a comment in the Explanatory Memorandum to the original Commission proposal that the intention is that where none of the originator, sponsor or original lender is “established in the EU”, the direct approach will not apply.

The scope of the application of the direct risk retention obligation is likely to have practical implications for EU banks operating in non-EU countries, and could affect whether they operate through branches or subsidiaries. Since the country in which a legal entity is “established” normally refers to that in which the legal entity is incorporated or has its registered office, there could be a difference in the application of the direct retention obligation according to whether an EU bank operates in a non-EU country through a subsidiary (which is a separate legal entity) or through a branch (which is not).

Nevertheless, this direct obligation may apply on a consolidated basis to non-EU subsidiaries of EU regulated institutions as a result of the consolidation provisions in the CRR (please see below).

Definition of Sponsor

The definition of “sponsor” has been widened from that in the CRR to include “credit institutions” (i.e., banks), whether or not located in the EU, and “investment firms” as defined in MiFID II.[9] The reference to the MiFID II definition of investment firm is welcome, since it will allow a wider category of entities to act as sponsor retention holder.[10] The MIFID II definition of investment firm is not limited by jurisdiction and so, it appears that non-EU asset managers can also act as sponsors, although it is not clear that this was the legislators’ intention.

To be eligible as a sponsor the credit institution or investment firm must “establish and manage” a securitisation and purchase exposures from third parties, as is currently the case under the CRR, or it must “establish” a securitisation that purchases exposures from third parties and delegate the “day-to-day active portfolio management” involved in that securitisation to an entity authorised to perform such activity in accordance with MIFID II, the UCITS Directive[11] or the AIFMD.[12] So the sponsor will be allowed to delegate day-to-day portfolio management to an EU regulated entity authorised to perform such an activity.

Due Diligence Requirements for Institutional Investors

Before investing in a securitisation position, an institutional investor (i.e. a specified type of EU regulated entity) must carry out due diligence[13] to: (i) ensure compliance with the risk retention requirements;[14] (ii) ensure, where the originator or original lender is not an EU established credit institution or CRR investment firm, that it “grants all the credits giving rise to the underlying exposures on the basis of sound and well-defined criteria”; and (iii) assess the risks involved in the securitisation, including: (a) risks of the securitisation position and the underlying exposures; (b) structural features, such as “priorities of payment and priority of payment-related triggers, credit enhancements, liquidity enhancements, market value triggers, and transaction-specific definitions of default”; and (c) in respect of STS securitisations, whether the securitisation meets the STS requirements.

In addition, institutional investors who hold a securitisation position must establish appropriate written procedures to monitor, on an ongoing basis, compliance with the due diligence requirements, and the performance of the securitisation and the underlying exposures.[15] These provisions also include stress testing and internal reporting obligations.[16]

Transparency Obligations

Transparency Obligations – Securitisation Repositories

Securitisation repositories are to be established to which prescribed information relating to the securitisation is to be provided by the originator, sponsor and Securitisation Special Purpose Entity (“SSPE”) of a securitisation (these entities will designate one of them to fulfil these reporting requirements). The repositories, which are to be registered with ESMA, will collect details of the securitisation and will provide direct and immediate access free of charge to the EU supervisory authorities, to investors and to potential investors.

ESMA will develop draft RTS specifying the details of the securitisation that one of the originator, sponsor or SSPE will provide, and the standardised templates by which they will provide the information. Where no securitisation repository is registered, the reporting entity shall make the information available by means of a website (that meets prescribed conditions).

There is an exemption from reporting to the repository (but not from the rest of the reporting requirements) for private transactions (i.e., those where a Prospectus Directive compliant prospectus has not been drawn up). The prescribed information still needs to be made available to holders of a securitisation position, to the national regulators and, upon request, to potential investors (please see below).

Transparency Obligations – Information to be Provided

The information to be made available to investors, potential investors and national regulators relating to the securitisation[17] includes: (i) asset level disclosure (i.e. information on the underlying exposures) on a quarterly basis;[18] (ii) documentation disclosure (i.e. prescribed transaction documentation); (iii) a transaction summary where a Prospectus Directive compliant prospectus has not been drawn up (i.e. for private transactions); and (iv) in the case of STS securitisations, the STS notification.

The transaction documentation (together with the transaction summary and the STS notification, each where applicable) shall be made available before pricing. The timing of this transaction documentation disclosure obligation will potentially be problematic given that documents are typically still in draft form, and often incomplete, at the time of pricing.

The ongoing reporting obligations include: (i) quarterly investor reports[19] containing prescribed information such as data on the credit quality and performance of underlying exposures;[20] (ii) any inside information relating to the securitisation that the originator, sponsor or SSPE is obliged to make public; and (iii) even where it is not inside information, any material breach of the obligations laid down in the documents and any material change in the securitisation, or material amendment to transaction documents.

Transparency Obligations and Jurisdiction

The transparency obligations are not stated to be restricted to EU-established originators, sponsors and SSPEs – and so appear to have a potential extra-territorial effect (in that they could apply to non-EU established originators, sponsors and SSPEs). Furthermore, these obligations may apply on a consolidated basis to non-EU subsidiaries as a result of the consolidation provisions in the CRR (please see below).

Sale of Securitisations to Retail Investors

The Securitisation Regulation permits the sale of securitisation positions to certain types of sophisticated retail investor[21]. The seller must first perform a suitability test on the “retail client” in accordance with MiFID II. Where the suitability test has been satisfied and where the retail client’s investment portfolio does not exceed €500,000, the retail client will be able to invest up to 10% of that portfolio in securitisation positions (the initial minimum amount invested in securitisation positions will need to be at least €10,000).

Ban on Re-securitisation

The Securitisation Regulation includes a ban on re-securitisation[22] (i.e. the underlying exposures used in a securitisation will not be able to include securitisations), subject to exceptions for: (a) any securitisation the securities of which were issued before the date of application of the Securitisation Regulation; (b) any securitisation to be used for specified “legitimate purposes” (such as winding-up scenarios) subject to approval by the relevant national regulator; and (c) fully supported ABCP programmes.

Criteria for Credit-Granting

Criteria for Credit-Granting - Self Certified mortgages

One point in the June 2017 compromise text that has caused considerable debate is the Article in the Securitisation Regulation on the criteria for credit-granting. An issue that caused significant controversy was the scope of the proposed ban on the inclusion of self-certified mortgages in a securitisation[23].

Following intensive lobbying, this wording was changed in the Jurist-Linguist process so that the ban now applies in respect of loans made from 20 March 2014, the date of entry into force of the Mortgage Credit Directive (which effectively prohibited self-certified residential mortgages). The provision now states that where the underlying exposures of securitisations are residential loans made after 20 March 2014, the pool of those loans shall not include any loan that is marketed and underwritten on the premise that the borrower was made aware that the information it provided might not be verified by the lender.

This new wording is an improvement on the previous version, but still contains a number of problems, not least that, although the Mortgage Credit Directive entered into force on 20 March 2014, its provisions did not have to be transposed into national law, and so did not apply, until 21 March 2016. This would have been a more sensible date to use.

Criteria for Credit-Granting – Acquired Portfolios

Another problematic provision has related to the circumstances in which an originator purchases a third party’s exposures for its own account and then securitises them, and how that originator is to verify that the entity which was involved in the original agreement that created the obligations to be securitised, fulfilled the credit granting requirements. This has particular implications for purchasers who wish to securitise acquired portfolios containing non-performing loans, where there would be significant difficulties in verifying that the credit granting criteria had been satisfied.

Again, during the Jurist-Linguist process, changes were made to the scope of this requirement. A new paragraph was added[24] stating that this verification obligation does not apply if: (a) the original agreement, which created the obligations, was entered into before 20 March 2014 (the date of entry into force of the Mortgage Credit Directive); and (b) the originator that purchases a third party’s exposures for its own account and then securitises them meets the obligations that originator institutions are required to meet under the relevant provisions of the current CRR risk retention RTS[25] before 1 January 2019. These current CRR risk retention RTS provide that where sponsor and originator institutions have not been engaged in the original credit-granting of exposures to be securitised, they “shall obtain all the necessary information to assess whether the criteria applied in the credit-granting for those exposures are as sound and well-defined as the criteria applied to non-securitised exposures”. There are a number of issues arising from these provisions, given that loan assets typically require a purchaser to perform its own credit analysis. It is also unclear why the date of entry into force of the Mortgage Credit Directive is relevant to the position as regards non-mortgage loans in acquired portfolios.

STS Securitisations

The CRR Amendment Regulation includes amendments to the CRR designed to result in the regulatory capital requirements for institutions’ exposures to STS securitisations generally being more favourable than those for exposures to non-STS securitisations. The Securitisation Regulation sets out the criteria for “simplicity”, “transparency” and “standardisation” that must be fulfilled in order to satisfy the “STS” classification[26]. There are two types of STS requirements depending on whether or not the securitisation is an ABCP securitisation.[27]

We have not detailed in this memorandum the requirements needed to satisfy each of the “simplicity”, “transparency” and “standardisation” criteria. However, we would note some of the general restrictions on the scope of STS securitisations. To qualify for the STS designation, the underlying exposures that are securitised must meet eligibility criteria which do not allow for active portfolio management of those exposures on a discretionary basis. This exclusion of active portfolio management prevents managed CLOs from being STS securitisations. Synthetic securitisations are also not eligible to be STS, although the Securitisation Regulation provides that the EBA will publish a report on the feasibility of a specific framework for STS synthetic securitisation (but limited to balance-sheet synthetic securitisation).

Sanctions – Negligence or Intentional Infringement

The articles permitting Member States to impose sanctions for specified breaches of the Securitisation Regulation are limited to cases of “negligence or intentional infringement”, in order to avoid punishing non-negligent inadvertent breaches[28].

Consolidated Application of the CRR and Jurisdictional Consequences

One issue that has caused concern is the jurisdiction of the risk retention, due diligence, transparency and “criteria for credit-granting” obligations under the Securitisation Regulation as a result of changes to the CRR. Article 1(11) of the CRR Amendment Regulation has the effect that Article 14 of the CRR applies the risk retention, due diligence, transparency and “criteria for credit-granting” obligations under the Securitisation Regulation to EU institutions subject to the CRR, on a consolidated basis.

The direct risk retention obligation discussed above could apply on a consolidated basis to a non-EU subsidiary. Such a subsidiary would have to comply both with the EU risk retention rules and any locally applicable rules. It does not appear that this was the intention of the legislators. Similar issues arise as regards applying the transparency requirements on a consolidated basis to non-EU subsidiaries. These issues could have significant implications for EU banks operating in third countries through subsidiaries.

The CRR Amendment Regulation

CRR Amendment Regulation: the Hierarchy of Approaches

The CRR Amendment Regulation sets out a hierarchy of approaches for calculating regulatory capital to be held with respect to securitisation exposures in the banking book. In common with the Basel framework, the CRR Amendment Regulation puts the Securitisation Internal Ratings-Based Approach at the top of the hierarchy. However, where this approach may not be used, and subject to specified exceptions[29], the CRR Amendment Regulation requires the Securitisation Standardised Approach to be used before the Securitisation External Ratings-Based Approach. This reverses the order in relation to these two approaches from that in the Basel framework. In the trilogue negotiations, Germany and the UK did not want to deviate from Basel, but eventually agreed to this inversion.

CRR Amendment Regulation: Capital Treatment for STS Securitisations

The CRR Amendment Regulation also provides that positions in an STS securitisation that meet prescribed conditions will benefit from more favourable regulatory capital treatment.

CRR Amendment Regulation: Application and Transitionals

The CRR Amendment Regulation will apply from 1 January 2019. However, in respect of securitisations the securities of which are issued before 1 January 2019, institutions shall continue to apply the current CRR rules until 31 December 2019.[30]

The way forward

Next Steps in the Legislative Process

The Regulations will enter into force 20 days after being published in the Official Journal of the European Union, which is likely to be in early 2018, and will apply from 1 January 2019. Being EU regulations, they will be directly applicable law across the EU, and will not need transposition into national law by EU Member States. However, the full details of the new regime will only be known once the various RTS have been finalised.


The passage of the Regulations, in particular the Securitisation Regulation, through the EU legislative procedures has been lengthy and controversial. Some of the amendments proposed earlier in the process could have had a major adverse impact on the European securitisation market, which was contrary to the stated aim of the proposals. The final form of the Securitisation Regulation is by no means ideal, and will result in increased compliance costs for market participants, but it is to be hoped that the industry will be able to live with the new regime. Whether the Regulations achieve their original objective of encouraging the revival of the EU securitisation market is another matter.

Cadwalader has raised many of the issues discussed in this memorandum with the Commission and the relevant European regulators, often through its work with industry groups such as the Loan Market Association. Cadwalader attorneys will continue to engage with the relevant bodies as regards the interpretation of the Regulations and in relation to the contents of the accompanying RTS. We would encourage anyone interested in commenting to make their views known to the various industry bodies. Alternatively, if you have any questions, please feel free to contact any of the Cadwalader attorneys below.



[1]     Proposal for a Regulation of the European Parliament and of the Council laying down common rules on securitisation and creating a European framework for simple, transparent and standardised securitisation and amending Directives 2009/65/EC, 2009/138/EC, 2011/61/EU and Regulations (EC) No 1060/2009 and (EU) No 648/2012.

[2]     Regulation (EU) No 575/2013 of the European Parliament and of the Council of 26 June 2013 on prudential requirements for credit institutions and investment firms and amending Regulation (EU) No 648/2012.

[3]     Proposal for a regulation of the European Parliament and of the Council amending Regulation (EU) No 575/2013 on prudential requirements for credit institutions and investment firms.


[5]     This memorandum is based on these 19 October 2017 texts.

[6]     The Regulations require the relevant European Supervisory Authority (“ESA”) to submit the draft RTS to the Commission within a fixed period from the date of entry into force of the Regulation – which is either six or twelve months, depending on the RTS.

[7]     Some RTS are specified to be developed by the specified ESA in close cooperation with other ESAs. For example, under Article 6 of the Securitisation Regulation, the EBA, in close cooperation with the ESMA and the European Insurance and Occupational Pensions Authority (“EIOPA”) shall develop draft RTS to specify in greater detail the risk retention requirement. Some RTS to be developed under legislation amended by the Securitisation Regulation will be developed by EIOPA.

[8]     Article 6 of the Securitisation Regulation.

[9]     Article 4(1) of Directive 2014/65/EU of the European Parliament and of the Council of 15 May 2014 on markets in financial instruments and amending Directive 2002/92/EC and Directive 2011/61/EU under which “investment firm” means “any legal person whose regular occupation or business is the provision of one or more investment services to third parties and/or the performance of one or more investment activities on a professional basis.”

[10]   The current definition of sponsor in the CRR allows only investment firms within the scope of the CRR to act as sponsors (which is a narrower category than all MiFID II investment firms).

[11]   Directive 2009/65/EC of the European Parliament and of the Council of 13 July 2009 on the coordination of laws, regulations and administrative provisions relating to undertakings for collective investment in transferable securities (UCITS).

[12]   Directive 2011/61/EU of the European Parliament and of the Council of 8 June 2011 on Alternative Investment Fund Managers and amending Directives 2003/41/EC and 2009/65/EC and Regulations (EC) No 1060/2009 and (EU) No 1095/2010.

[13]   Article 5 of the Securitisation Regulation.

[14]   The institutional investor must verify that: (a) if established in the EU, the originator, sponsor or original lender retains a material net economic interest in accordance with the risk retention requirements set out in the Securitisation Regulation and that the risk retention is disclosed to the institutional investor; and (b) if established in a non-EU country, the originator, sponsor or original lender retains a material net economic interest of not less than 5% determined in line with the risk retention methodology in the Securitisation Regulation and discloses the risk retention to institutional investors.

[15]   Where relevant with respect to the securitisation and the underlying exposures, those written procedures shall include monitoring of the exposure type, the percentage of loans more than 30, 60 and 90 days past due, default rates, prepayment rates, loans in foreclosure, recovery rates, repurchases, loan modifications, payment holidays, collateral type etc.

[16]   Institutional investors must: (i) regularly perform stress tests on the cash flows and collateral values supporting the underlying exposures (or, in the absence of sufficient data, stress tests on loss assumptions) (ii) ensure internal reporting to their management body so that it is aware of the material risks arising from the securitisation position and that those risks are adequately managed. Stress testing may be difficult, in practice, for smaller investors to undertake.

[17]   Article 7 of the Securitisation Regulation.

[18]     In the case of Asset Backed Commercial Paper (“ABCP”), the information is on the underlying receivables or credit claims on a monthly basis. ESMA will draft RTS to specify the information to be provided.

[19]     In the case of ABCP, monthly investor reports

[20]     ESMA will draft RTS to specify the information to be provided.

[21]   Article 3 of the Securitisation Regulation.

[22]   Article 8 of the Securitisation Regulation.

[23]   Article 9(2) of the Securitisation Regulation

[24]   Article 9(4) of the Securitisation Regulation

[25]   Article 21(2) of Commission Delegated Regulation (EU) No 625/2014 of 13 March 2014 supplementing Regulation (EU) No 575/2013 of the European Parliament and of the Council by way of regulatory technical standards specifying the requirements for investor, sponsor, original lenders and originator institutions relating to exposures to transferred credit risk.

[26]   Articles 18 to 28 of the Securitisation Regulation.

[27]   An ‘ABCP programme’ is defined as a programme of securitisations the securities issued by which predominantly take the form of asset-backed commercial paper with an original maturity of one year or less and an 'ABCP transaction’ as a securitisation within an ABCP programme.

[28]   Article 32 of the Securitisation Regulation.

[29]   For rated positions or positions in respect of which an inferred rating may be used, an institution shall use the Securitisation External Ratings-Based Approach (the “SEC-ERBA”) instead of the Securitisation Standardised Approach (“SEC-SA”) in each of the following cases: (a) where the application of the SEC-SA would result in a risk weight higher than 25 % for positions qualifying as positions in an STS securitisation; (b) where the application of the SEC-SA would result in a risk weight higher than 25 % or the application of the SEC-ERBA would result in a risk weight higher than 75 % for positions not qualifying as positions in an STS securitisation; and (c) for securitisation transactions backed by pools of auto loans, auto leases and equipment leases.

[30]   In the case of securitisations which do not involve the issuance of securities, the reference to “securitisations the securities of which were issued” is deemed to mean “securitisations the initial securitisation positions of which were created”