EU banking supervision: What to expect in 2018 | White & Case LLP International Law Firm, Global Law Practice
EU banking supervision: What to expect in 2018

EU banking supervision: What to expect in 2018

2018 will be a year of change, challenges and opportunities for banks and financial services providers.


The UK's impending exit from the EU may well result in another adjustment of the MiFID package. The calls for MiFID III are already getting louder


European financial regulation will take a big leap forward in 2018. The implementation of MiFID II and PSD II will change the legal framework for investment services and electronic payments. Further big revisions to EU banking legislation will drive the European regulatory architecture. Digitalization will become more and more influential and will lead to substantial changes both in the infrastructure of banks and the competitive environment. Investors in banks will closely monitor the outcome of another iteration of the EU-wide stress test for banks conducted by the European Banking Authority. Also political events, from the Italian parliamentary elections to the Brexit negotiations, will impact the regulatory agenda.



After years of negotiation, preparation and delay, the European Markets in Financial Instruments Directive (MiFID II) and its accompanying Regulation (MiFIR) came into force on January 3, 2018. The MiFID II/ MiFIR package essentially aims to enhance investor protection and to increase transparency and integrity in securities trading.

The most important changes introduced under MiFID II/MiFIR include reform of trading platforms, the extension of pre- and post-trade transparency obligations, the expansion of reporting duties, a revised regime of conduct of business rules for the provision of investment services and the harmonization of the third-country rules.

Although the major implementation steps have been taken in time by most investment firms, the complete rollout of the new rules is still challenging and will keep many banks busy throughout the year. This includes further employee training and dealing with the many questions that have emerged so far in day-to-day operations.

For example, MiFIR requires EU investment firms to identify their clients that are legal persons with Legal Entity Identifiers (LEIs) for the purpose of MiFID II reporting. On December 20, 2017, the European Securities and Markets Authority (ESMA) responded to concerns that investment firms were struggling to meet the deadline because of the LEI process by allowing them to continue offering services to customers without an LEI for an interim period and on the condition that before providing such services, the investment firm obtains the necessary documentation from this client to apply for a LEI code on its behalf. Systemic internalizers, defined as firms that match customers' orders internally rather than showing them to the market, must comply with the MiFID II transparency regime only beginning September 1, 2018.

It will also be interesting to see whether the impending exit by the UK, Europe's largest financial center, from the EU will result in another adjustment of the MiFID II package. The calls for MiFID III are already getting louder.


Jan 3, 2018

The date when MiFID II and MiFIR came into force



For payment service providers, the implementation of the Second Payment Services Directive (PSD II) will be at the top of the agenda in 2018. The new rules, for the most part applicable since January 13, 2018, are intended to make electronic payments easier, less expensive and safer for customers.

With the introduction of payment initiation services and account information services that force banks to allow third-party service providers access to their customers' accounts, PSD II is a game changer for the industry. Banks will lose their monopoly on the access to bank account customer data and, as a result, entirely new services and business models are evolving.

For banks, the implementation of PSD II also means they must establish the interface for data access by the external service providers. However, by putting technology at the heart of their business, banks will be well positioned to embrace the opportunities resulting from the new rules.

PSD II is accompanied by several delegated acts, technical standards and guidelines. At the end of 2017, the EU Commission adopted the regulatory technical standards (RTS), further specifying the requirements for strong customer authentication (SCA) as the basis for accessing one's payment account, respectively for making payments online, and the specific requirements for common and secure standards of communication between banks and new payment providers. As the new rules on account access will only be fully applicable 18 months after the date of entry into force of the RTS, there is still some time to make the necessary technical and operational adjustments.

The early months of 2018 will also be a busy period for existing payment institutions that are already licensed in accordance with national laws and that are implementing the Payment Services Directive I (PSD I). To maintain their license, they need to notify the competent supervisory authorities and submit additional information.


The start of 2018 will be a busy period for existing payment institutions: They need to notify supervisory authorities and submit additional information to maintain their license


Reform of the EU banking sector: CRR II, BRRD II and EU implementation of TLAC

In the wake of the financial crisis, the EU pursued an ambitious reform of the rules governing the supervision of banks to enhance financial stability and to restore market confidence. The new rules adopted in this context are essentially reflected in the new requirements resulting from the Capital Requirements Directive IV and Capital Requirements Regulation (CRD IV/CRR) reform package, such as capital adequacy requirements and liquidity requirements for banks, and the bank resolution framework applying to all European banks—namely the Bank Recovery and Resolution Directive (BRRD) and the Single Resolution Mechanism (SRM).

In November 2016, the EU Commission presented proposals aimed at completing the transposition of the remaining open parts of Basel III into EU law and to make certain adjustments to the existing CRD IV/CRR and the bank resolution framework.

Some of the new rules were adopted in 2017 and introduced at the beginning of 2018. Other important parts of the reform package will come into force at the start of next year. Work will therefore continue throughout 2018, and it will be interesting to see what the specific outcome will be for the different topics.

Insolvency Hierarchy Directive

The Insolvency Hierarchy Directive came into force on December 28, 2017. The aim of this directive is to achieve EU-wide harmonization of the ranking of unsecured debt instruments in the insolvency hierarchy to meet (i) Total Loss Absorbing Capacity (TLAC) requirements for subordinated instruments and (ii) the potential discretionary request by EU resolution authorities to meet minimum for own funds and eligible liabilities (MREL), also with subordinated instruments.

By the end of last year, a number of Member States had already amended or been in the process of amending the insolvency ranking of unsecured senior debt under their national insolvency law to facilitate their credit institutions and investment firms to comply with the subordination requirement as provided in CRR and BRRD. However, the national rules adopted so far diverge significantly. All Member States are now required to implement the laws, regulations and administrative provisions necessary to comply with the Insolvency Hierarchy Directive by December 29, 2018.

Dec 29, 2018

Deadline for complying with the Insolvency Hierarchy Directive



Tri-party negotiations with the European Parliament and the Council regarding the amendments of CRD IV/ CRR will continue in 2018, including the introduction of a binding minimum quota of 3 percent for the Leverage Ratio and a Net Stable Funding Ratio. Among others, the amendments further introduce a new standard procedure for counterparty risks, regulation on market price risks within the so-called Fundamental Review of the Trading Book and additional requirements for the determination of TLAC. Compared with the Basel III accord, greater significance is attached to the issue of proportionality in an attempt to reduce the burden on smaller institutions. These measures provide crucial progress in terms of more standardized disclosure and reporting regulations.

Currently, financial holding companies are subject to supervision on a consolidated basis only if they are parent companies of CRR institutions. The proposal of the EU Commission broadens the scope of supervision to licensing requirements and direct supervision. (Mixed) financial holding companies are aimed to be directly responsible for the regulatory compliance at the group level. First and foremost, the license requirements are discussed controversially in the European Council. At the end of September 2017, a working document was published, rejecting a general license requirement for mixed financial holding companies. As per the same document, direct responsibility for the compliance of requirements at the group level should only be provided when the holding company is in a position to exercise significant influence over group decisions.

The introduction of CRR II and CRD V is not anticipated prior to 2019. A full implementation of the measures is expected to persist well into 2020.


The entry into force of the new international Financial Reporting Standards (IFRS 9) on January 1, 2018 and their effects on financial regulatory provisions is one of the reasons why selected parts of the new rules of CRR II, (i.e., transitional rules mitigating the impact of IFRS 9 on banks' capital requirements), were fast-tracked to the start of this year. IFRS 9 may lead to a sudden significant increase in expected credit loss provisions and consequently to a sudden decrease in institutions' Common Equity Tier 1 capital.

Finalizing Basel III

On December 7, 2017, the Basel Committee's oversight body, the Group of Central Bank Governors and Heads of Supervision, endorsed the outstanding Basel III post-crisis regulatory reforms including:

  • A revised standardized approach for credit risk, which will improve the robustness and risk sensitivity of the existing approach
  • Revisions to the internal ratings-based approach for credit risk, where the use of the most advanced internally modeled approaches for low-default portfolios will be limited
  • Revisions to the credit valuation adjustment (CVA) framework, including the removal of the internally modeled approach and the introduction of a revised standardized approach
  • A revised standardized approach for operational risk, which will replace the existing standardized approaches and the advanced measurement approaches
  • Revisions to the measurement of the leverage ratio and a leverage ratio buffer for global systemically important banks (G-SIBs), which will take the form of a Tier 1 capital buffer set at 50 percent of a G-SIB's risk-weighted capital buffer
  • An aggregate output floor, which will ensure that banks' risk-weighted assets (RWAs) generated by internal models are no lower than 72.5 per - cent of RWAs as calculated by the Basel III framework's standardized approaches. Banks will also be required to disclose their RWAs based on these standardized approaches

The reforms, which seek to restore credibility in the calculation of RWAs and improve comparability of banks’ capital ratios, will be implemented on January 1, 2022. The output floor will be phased in from January 1, 2022 starting at 50 percent, until January 1, 2027 when it will reach 72.5 percent. In addition, at national discretion, supervisors may cap the increase in a bank’s total RWAs resulting from the application of the output floor during its phase-in period. The transitional cap on the increase in RWAs will be set at 25 percent of a bank’s RWAs before the application of the floor. Put differently, if the supervisor uses this discretion, the bank’s RWAs will effectively be capped at 1.25 times the internally calculated RWAs during that time. The cap would apply for the duration of the phase-in period of the output floor (i.e., the cap would be removed on January 1, 2027). Work to transpose the new Basel agreements into EU law has just begun.



By January 1, 2027, banks' risk-weighted assets (RWAs) must reach an output floor of 72.5%


Non-Performing Loans (NPL)

In October 2017, the European Central Bank (ECB) launched a public consultation on a draft addendum to the ECB guidance on non-performing loans that ended on December 8, 2017. The addendum will reinforce and supplement the guidance by specifying quantitative supervisory expectations concerning the minimum levels of prudential provisions expected for non-performing exposures. The new prudential provisioning expectations were originally supposed to apply to all exposures that are newly classified as non-performing in line with the EBA definition as of January 1, 2018.

The addendum is controversial because the measures are intended to ensure compliance by banks with criteria that have not yet been harmonized by the EU legislator. The ECB believes that the proposals can be rewritten so that it is clear that they fall within the scope of the Pillar 2 powers, which allow supervisors to set rules on a case-by-case basis. The ECB hopes to finalize the addendum by the end of the first quarter of 2018 and is currently coordinating its amended draft with the EU Commission.

The EU Commission has also started a targeted consultation to gather stakeholders' views on the possible introduction of statutory prudential backstops against insufficient loan loss coverage for new loans that turn non-performing, as well as on the potential functioning, scope, design and calibration of such prudential backstops.

The possible introduction of statutory prudential backstops is part of a comprehensive package of measures to address NPLs as announced in its communication on completing the Banking Union and shall be adopted by the spring of 2018. While the ECB guidance will set supervisory expectation and will be non-binding, the EU Commission wants its plans to be adopted as a legal requirement for EU institutions.


A long-term EDIS roadmap with specific risk reduction targets may be agreed on by the summer of 2018


European Deposit Insurance Scheme (EDIS)

The proposed European Deposit Insurance Scheme (EDIS), which has been under discussion since 2015, is part of a broader package of measures to deepen economic and monetary union, and marks the final step in bringing full Banking union. Originally, the EU Commission wanted to introduce a fully integrated EU deposit insurance scheme in three steps by 2024, but EDIS was met with scepticism and resistance by the industry and certain Member State governments, especially Germany.

Their main concern is that banks will be held liable if peers in other EU Member States get into financial distress. The high levels of non-performing loans in countries such as Greece and Italy are one of the arguments that have been put forward. In October 2017, the European Commission presented a new proposal for a compromise to introduce EDIS in two phases. In the first, EDIS will only be used to ensure the liquidity of national guarantee schemes in emergencies and funds will have to be repaid. After the number of non-performing loans in Europe's bank balance sheets has been further reduced, the second phase will be launched in which EDIS will be used to cover bank losses at the national level. The Commission has urged the Member States to reach an agreement on EDIS this year.

In January 2018, the German Government signaled its willingness to compromise and disclosed specific preconditions for the implementation of EDIS: The volume of non-performing loans must be further reduced; insolvency regimes must be harmonized; bail-in buffers must be achieved; and banks must solve the sovereign bonds problem. The Euro-group hopes to agree on a long-term roadmap with specific risk reduction targets by the summer of 2018.


Benchmarks Regulation

In response to various benchmark manipulation scandals in recent years, the EU's Benchmarks Regulation came into force on January 1, 2018. The Benchmarks Regulation introduces a code of conduct for contributors of input data requiring the use of robust methodologies and sufficient and reliable data.

The Benchmarks Regulation distinguishes between critical, significant and non-significant benchmarks depending on their importance to the stability of financial markets. Administrators (i.e., providers) of benchmarks must apply for authorization or registration and will be subject to supervision by the competent authority of the country in which they are located.

In particular, the Benchmarks Regulation calls for the use of actual transaction input data where possible. But other data may be used if the transaction data is insufficient. The scope of the Benchmarks Regulation is broad. Also, benchmarks deemed to be critical will be subject to stricter rules, including the power for the relevant competent authority to mandate contributions of input data. If an administrator does not comply with the provisions of the Benchmarks Regulation, the competent authority may withdraw or suspend its authorization or registration. Administrators will be required to have in place appropriate governance arrangements and controls to avoid conflicts of interest.


Anti-money laundering and countering terrorist financing

The prevention of the use of the financial system for money laundering or terrorist financing will be a top priority for 2018. On the EU level, as part of the European Commission's Action Plan for strengthening the fight against terrorist financing of February 2016, the Anti-Money Laundering Directive (AML) will see another revision, only months after the most recent changes had to be transposed into national laws by July 2017.

This fifth revision of the current directive was proposed on July 5, 2016 and is likely to be adopted this year. The revised directive has five priorities: (i) ensuring a high level of safeguards for financial flows from high-risk third countries; (ii) enhancing the powers of EU Financial Intelligence Units and facilitating their cooperation; (iii) ensuring centralized national bank and payment account registers or central data retrieval systems in all Member States; (iv) tackling terrorist financing risks linked to virtual currencies; and (v) tackling risks linked to anonymous pre-paid instruments (e.g., pre-paid cards). The proposal also responds to the Panama Papers revelations of April 2016.


The results of the EBA stress test—announced in early November—will be eagerly awaited by the market, and unfortunate surprises cannot be ruled out


EBA stress test 2018

An EU-wide stress test of the banking sector by the EBA is also on the agenda for this year. While the procedure will kick off imminently, results will not be published until the beginning of November. The EBA has extended the timeline for the stress test to take into account the implementation of IFRS 9 and the associated challenges regarding the availability of data. The stress test, covering 70 percent of the EU banking sector, will evaluate the ability of banks in the EU to meet relevant supervisory capital ratios during an adverse economic shock. It will be conducted at the highest level of consolidation on a sample of 29 EU banks, which fall under the jurisdiction of the Single Supervisory Mechanism (SSM).

In recent years, banks have made impressive progress towards achieving higher capital ratios so that it can realistically be hoped that the stress test will not reveal any major distortions. It is also noteworthy that many of the most vulnerable-looking EU banks will not be included in the stress test. Even so, in light of the implementation of IFRS 9, the results of the EBA stress test will be eagerly awaited by market participants—and unfortunate surprises cannot be ruled out.


Analytical credit datasets – or AnaCredit

Commencing September 30, 2018, credit institutions are obliged to report comprehensive information on their borrowers and their respective default probability to the competent national central bank on the basis of (ECB) Analytical Credit Dataset Regulation, AnaCredit. The regulations provide for the establishment of a central European credit register, aiming to increase cross-border harmonization of the reporting system.

AnaCredit provides for a revised approach of data collection at the individual loan level (loan-by-loan). A timely, flexible and needs-based evaluation of gathered data is implemented at various aggregation levels. For loan amounts to legal persons exceeding €25,000, institutions shall report comprehensive information on the borrowers' existing risks and granted securities. The reporting obligation extends to all credit types except derivatives. To ensure a uniform and effective application of the AnaCredit reporting system within the EU, the ECB has published the AnaCredit-Manual.

National central banks are expected to transmit data sets six months prior to the first ECB reporting. Deutsche Bundesbank stipulated that, on a national level, credit institutions subject to German reporting obligations must make a first transmission of master data of contracting parties for the reporting period ending January 31, 2018. Initial credit master data and dynamic credit data transmission to the ECB is required for the reporting period ending March 31, 2018.


Reorganization of the supervisory architecture

In September 2017, the EU Commission recommended measures for the redistribution of responsibilities between the three European Supervisory Authorities (ESAs)—the European Securities and Markets Authority (ESMA), the EBA and the European Insurance and Occupational Pensions Authority (EIOPA). The aim of the proposal is to improve the mandates, governance and funding of the three ESAs as well as the functioning of the European Systemic Risk Board. This shall ensure stronger and more integrated financial supervision across the EU. The implementation of the proposal requires amendments to a series of directives and regulations, including MiFID II/MiFIR and the benchmark regulation. As the legislative procedure on the reform of the European system of financial supervisors is expected to be completed by 2019, this year will be a decisive one for the European Parliament and the Council to discuss and agree on the proposals.


Brexit has the potential to trigger significant market distortions in the financial services sector, especially as the prospect of a hard Brexit is becoming ever more likely


Political developments

Major political events will likely influence developments in financial regulation this year. With Germany close to forming a coalition government. Italian parliamentary elections will take center stage, while the ongoing Brexit negotiations could have a huge impact on banks and financial service providers and on the entire eurozone.

The elections in Italy, the third - largest economy in continental Europe, will take place in the spring of 2018. With the parliamentary elections approaching, the situation could become more tense for banks, investors and creditors. In addition to slow economic growth and weak labor market figures, the country is burdened by high debts—a fertile ground for populist and anti-European parties.

It is, however, the ongoing Brexit negotiations that will shape financial markets in 2018. Brexit has the potential to trigger significant market distortions, especially in the financial sector—as the prospect of a hard Brexit without transitional measures ensuring mutual market access is becoming ever more likely.

During the course of this past year, several banks have announced that they will be strengthening their presence in the Eurozone—partially at the expense of London—and have already taken the first steps to move staff to the eurozone. If no significant progress in the negotiations between the UK and the EU is made, many financial institutions will be forced to fall back on their emergency plans for a hard Brexit. Many banks will then have to apply for a European banking license. ECB expects banks to submit license applications by the end of the second quarter of 2018. ECB has repeatedly emphasized that central functions, such as risk management and internal auditing, must actually be located within the EU. Empty shells will not be accepted by the supervisory authorities.

All of this will play out in the run-up to European elections, which will take place in the first half of 2019. The time window for political decisions on the EU level is therefore rather narrow and will close again at the end of the year.


Click here to download PDF of this article.


Financial Regulatory Observer


This publication is provided for your convenience and does not constitute legal advice. This publication is protected by copyright.
© 2018 White & Case LLP