The Banking Regulation Review: European Union


This chapter provides an introduction to the most important EU legislation affecting the regulation of banks. It also analyses developments that have led to the concentration of certain regulatory powers in a series of EU supervisory authorities.

i Financial crises

The development of EU banking legislation since 2011 took place against the background of the global financial crisis of 2007–2009 and the subsequent eurozone crisis, which highlighted concerns about the prudential position of eurozone banks and related threats to financial stability in the eurozone and beyond.

The legislative response to the eurozone crisis can be characterised as consisting of two different approaches. First, an urgent and necessary fire-fighting operation was carried out to shore up embattled eurozone economies and banks. Second, a more fundamental restructuring of the foundations of financial supervision as a whole was considered necessary to prevent a recurrence of the crisis, with more European integration in many areas being seen as the long-term solution to problems arising from European monetary union. This second, more fundamental development is another step towards the fulfilment of the ever-closer union envisaged by EU Member States in the preamble to the Treaty on the Functioning of the European Union.

In Section IX, we have summarised the developments in relation to the second of these approaches, in particular the implementation of a Single Supervisory Mechanism (SSM) for banking institutions in the eurozone, and common bank recovery and resolution arrangements.

It is important to note that much of the EU legislative activity in the area of banking regulation historically took the form of directives, which do not normally have legal effect in EU Member States until implemented by provisions of national laws. In the past 10 years, however, there has been a marked change of approach. Following changes to the European supervisory architecture and the commitment of the European Commission (the Commission) to introduce an EU-wide single rule book for financial services (both discussed in this chapter), the introduction of new EU rules relevant to banks is increasingly taking the form of EU regulations that apply directly in all Member States.

ii Brexit

It would be remiss to introduce this chapter without mention of the UK's departure from the EU on 31 January 2020. Since then, the UK has not participated in the EU's decision-making processes or been represented in the EU institutions, agencies or other bodies. The post-Brexit transition period (the Transition Period), during which the UK remained (broadly speaking) subject to EU law, ended on 31 December 2020.

The Trade Cooperation Agreement (TCA), which establishes the economic relationship between the UK and the EU beyond the Transition Period, was agreed on 24 December 2020. The TCA was incorporated into UK law on 30 December 20212 and has applied provisionally as a matter of EU law since the end of the Transition Period.3

The TCA contains only certain limited provisions relating to financial services (concerning, for instance, basic rights to commercial establishment and cross-border contracting). The TCA contains no regulatory equivalence regime and explicitly excludes financial services from the most-favoured nation clause with respect to any future trade deals with third countries. The UK and the EU have agreed a memorandum of understanding (MOU) on financial regulatory cooperation. However, at the time of writing, the MOU has not been published. The MOU will establish the Joint UK–EU Financial Regulatory Forum, which will facilitate dialogue on financial services issues. It is unlikely that either side will recognise the other's regulatory frameworks as wholly equivalent.

While the detailed effects of Brexit are addressed more fully in the United Kingdom chapter of this book, the particular impact of Brexit on EU regulatory law must be noted. Without the UK – a historically influential voice in the financial services arena – sitting at the table, the course of EU banking regulation may flow in a different direction.

iii Covid-19

The ongoing coronavirus pandemic has created significant immediate challenges for the banking sector across the EU. The European Central Bank (ECB), the European Banking Authority (EBA) and relevant national regulators in Member States have been forced to coordinate efforts to alleviate the short-term operational burden caused by the pandemic for banks and have introduced a series of supervisory measures and proposals. By way of example:

  1. in the early days of the pandemic, the ECB announced a number of crisis measures, including allowing banks to operate temporarily below the level of capital ordinarily required;
  2. the EBA postponed its 2020 EU-wide stress test exercise to 2021 to allow banks to prioritise operational continuity;
  3. throughout 2020, the ECB issued a number of recommendations that banks refrain from or limit the payment of dividends; and
  4. the ECB has consistently updated its policy on the supervision of banks by national authorities; for example, by recognising the need for a pragmatic approach to supervisory review and evaluation process assessments.

These measures demonstrate the flexible approach to the pandemic adopted by EU regulators. Unfortunately, at the time of writing, the pandemic still presents significant problems worldwide. The long-term effects of the covid-19 crisis on the EU banking sector cannot yet be quantified and will not be fully understood for some time.

European regulatory and supervisory framework

i Key EU institutions

The Commission represents the interests of the EU as a whole and has the sole authority to propose new EU legislation. The Council of the European Union (the Council) represents the interests of the individual Member States, while the European Parliament (the Parliament) represents the interests of EU citizens and is directly elected by them.

ii Legislative procedure

The Commission, after consultation with interested stakeholders, will put forward a legislative proposal for joint adoption by the Council and the Parliament, which then usually goes through the ordinary legislative procedure (previously known as the co-decision procedure). In addition to its role in adopting legislation proposed by the Commission, the Parliament has limited power to request that the Commission submit appropriate proposals on matters in respect of which it considers an EU legislative measure would be appropriate.

iii Lamfalussy approach to adoption of European financial services legislation

The 'Lamfalussy approach' is a four-tiered procedure adopted by the EU for the development and application of financial services legislation that involves the following:

  1. framework legislation is proposed and adopted under the ordinary legislative procedure as a legislative act. Individual articles in that legislation specify where power is delegated to the Commission to adopt Level 2 measures (Level 1);
  2. implementing measures drafted and adopted by the Commission, following advice from the specialist committees (Level 2);
  3. consultation and guidance by the European supervisory authorities (ESAs) (Level 3); and
  4. supervision and enforcement, principally by the regulators in each Member State (Level 4).

iv Reform of the EU supervisory framework

Following recommendations contained in the 2009 de Larosière Report,4 the Commission established a new European Systemic Risk Board (ESRB) to be responsible for macroprudential oversight and a European System of Financial Supervision (ESFS) to replace the then-existing 'Level 3 Committees' (the Committee of European Banking Supervisors (CEBS), the Committee of European Insurance and Occupational Pensions Supervisors (CEIOPS) and the Committee of European Securities Regulators (CESR)), which only enjoyed limited advisory responsibilities. This new supervisory framework, now well established, comprises three pan-European ESAs: the EBA, the European Insurance and Occupational Pensions Authority (EIOPA) and the European Securities and Markets Authority (ESMA).

The ESAs were established to oversee the European financial system at a microprudential level and to achieve convergence between Member States on technical rules and coordination between national supervisors. The operations of the ESAs were subject to public consultation by the Commission in spring 2017 with a view to clarifying their role and to building a clearer overview of areas where their effectiveness and efficiency might be strengthened and improved. This resulted in the Commission publishing legislative proposals for reforming the ESAs. A final legislative reform package, as adopted by the Parliament and the Council, was published in the Official Journal on 27 December 2019 and entered into force on 30 December 2019. These supervisory structures, and the recent reforms, are discussed further in Section XXI.

The Commission has committed itself to replacing separately implemented rules within Member States with a single set of harmonised prudential rules within the European Union, termed the 'single rule book'. The ESAs advance this project by developing draft technical standards, which are adopted by the Commission as EU law, and by issuing guidance and recommendations with which national supervisors and firms must make every effort to comply. In addition, the Commission's legislative proposals are increasingly taking the form of directly applicable EU regulations, or otherwise employ the 'maximum harmonisation' principle. This principle requires that national legislative implementation should not exceed the terms of the original EU legislation, and therefore prohibits the gold-plating of EU legislation by individual Member States. The Commission's intention is that national discretion should be reduced, and that Member States should be permitted to apply stricter requirements to banks only where these are justified by national circumstances, financial stability or a bank's specific risk profile.

The following is a brief description of some of the most important EU legislation affecting the regulation of banks, and several recent legislative initiatives that will affect banking activities in the European Union.

The Capital Requirements Directive


Between 2006 and 1 January 2014, the principal EU legislation regarding the prudential regulation of banks was the Capital Requirements Directive package (CRD I), supplemented and amended by additional directives known as CRD II and CRD III.

However, changes to this regime were required as part of the Basel III international programme, which was a central element of the Basel Committee's attempt to address the shortcomings of the pre-crisis regulatory framework. As a result, a new package of EU legislation, in the form of the CRD IV Directive5 and the Capital Requirements Regulation (CRR)6 (together, CRD IV), replaced CRD I and consolidated the changes resulting from CRD II and CRD III. CRD IV (as amended by the Risk Reduction Measures reform package outlined below) forms the basis of the EU capital requirements regime.

CRD IV sets out prudential rules for banks on a solo and on a consolidated basis, including solo and consolidated capital and liquidity requirements. Consolidated supervision is, broadly, carried out in respect of groups or subgroups headed by parent undertakings incorporated in the European Economic Area (EEA).7 In addition, banks are required to include participations8 within the scope of consolidated supervision.

Importantly, CRD IV also enshrines passport rights for credit institutions, including banks, which broadly allow a bank authorised in one Member State of the EEA to provide a range of services for which it is so authorised in other Member States, or to establish a branch in other Member States to provide such services, without having to obtain additional authorisation from the regulators in those Member States. The most important features of CRD IV are summarised below.

The Basel III-related reforms included the introduction of:

  1. new liquidity standards (a 30-day liquidity coverage ratio to promote short-term resilience to the risk that liquidity will cease to be available to a bank, and a net stable funding ratio to promote resilience to liquidity risks over longer periods), and a set of common monitoring metrics and application standards;
  2. measures to strengthen capital through the redefinition of capital into Common Equity Tier 1, Additional Tier 1 and Tier 2 (eliminating distinctions between different types of Tier 2 capital and abolishing Innovative Tier 1 capital and Tier 3 capital completely). The minimum ratios for Common Equity Tier 1 and total Tier 1 capital are set at 4.5 per cent and 6 per cent, respectively (although the minimum capital ratio, ignoring capital buffers, remains at 8 per cent);
  3. new capital conservation and countercyclical capital buffers, which apply on top of the increased capital ratios and are intended to address the procyclicality inherent in risk-based capital standards. The capital conservation buffer is set at 2.5 per cent of risk-weighted assets and must consist of common equity, with the bank's ability to make distributions limited if its capital ratio falls into the buffer. The countercyclical capital buffer is intended to supplement the capital conservation buffer, and is set by national regulators and used as a tool to require banks to build up capital during periods of credit growth. This buffer also comprises common equity;
  4. a leverage ratio acting as a cap on the ratio of banks' Tier 1 capital to total non-weighted assets and off-balance sheet exposures, intended to form a backstop to risk-based capital measures; and
  5. new rules on counterparty credit risk (increasing requirements in respect of exposures arising from derivatives, repurchase transactions (repos) and securities financing activities).

Measures in CRD IV not flowing directly from Basel III included:

  1. strengthened corporate governance arrangements and processes, including risk-management arrangements;
  2. strengthened sanctioning powers where banks breach CRD IV requirements, including the establishment of minimum administrative sanctions to be applied by national regulators;
  3. limited measures to reduce banks' reliance on external credit ratings, including requirements for banks to develop internal models to assess risk in portfolios and counterparty exposure;
  4. a bonus cap: the variable remuneration of certain individuals at banks is limited to 100 per cent of their fixed remuneration. This can be increased, subject to shareholder approval under certain circumstances, to 200 per cent of their fixed remuneration. This cap applies broadly to categories of staff such as senior management, material risk-takers, staff engaged in control functions, and employees receiving total remuneration that takes them into the same remuneration bracket as senior management and material risk-takers, whose professional activities have a material impact on a bank's risk profile; and
  5. further developments to the requirements in CRD III on remuneration to require the disclosure of the number of individuals within a bank receiving total remuneration of €1 million or more in each financial year (broken down into pay bands of €500,000).

CRD IV was intended to be a key instrument through which the Commission advanced the development of a single rule book for financial services. The CRR is, by its nature, a maximum harmonisation measure that includes the majority of CRD IV's prudential requirements. As an EU regulation, the CRR is directly applicable in all Member States, and divergences between national rules are thereby minimised. On the other hand, provisions addressing, for example, the authorisation of credit institutions, cross-border passporting and the mechanics of prudential supervision (i.e., areas where there is more room for Member State discretion as well as a need to be more responsive to differences in national law) are contained in the CRD IV Directive. As an EU directive, Member States have had some discretion as to how they choose to transpose the CRD IV Directive into their national laws. An important illustration of this is that, while Member States have not generally been able to impose minimum capital requirements in excess of the CRD IV levels (these are provided for in the CRR), Member States do have a degree of flexibility in relation to the calibration of capital buffers (which are addressed in the CRD IV Directive).

Full implementation of the CRD IV capital and liquidity requirements was mandated by 1 January 2019 (although national regulators retain limited discretion to use transitional provisions in relation to certain deductions from own funds until 2024). CRD IV is accompanied by a number of regulatory and implementing technical standards.

ii CRD V

Building on CRD IV, and taking further steps towards completion of the banking union (see Section IX), the CRR II9 and the CRD V Directive10 (together, CRD V) were introduced to make significant amendments to the CRR and the CRD IV Directive, respectively. CRD V was initially proposed as part of the Risk Reduction Measures package published by the Commission on 23 November 2016, which also included amendments to the Single Resolution Mechanism Regulation (the SRM Regulation) and the Bank Recovery and Resolution Directive (BRRD) (see Sections IX and X). Through these legislative proposals, the Commission's stated aim was to tackle the remaining weaknesses within the financial system and implement some outstanding provisions essential to ensuring resilience, as recently finalised by global standard setters (i.e., the Basel Committee on Banking Supervision (BCBS) and the Financial Stability Board (FSB)).11

To this end, CRD V includes wide-ranging regulatory reforms that take account of international standards set by the BCBS and FSB, while providing for what the Commission terms European specificities. Measures in the reform package that take account of international standards include:

  1. a 3 per cent binding leverage ratio for all firms within the scope of CRD IV to prevent institutions from taking on excessive leverage; for example, to compensate for low profitability;
  2. a binding net stable funding ratio, which will require credit institutions and systemic investment firms to finance their long-term activities (assets and off-balance sheet items) with stable sources of funding (liabilities) to address excessive reliance on short-term wholesale funding and to reduce long-term funding risk;
  3. a requirement, known as total loss absorbing capacity (TLAC), for global systemically important institutions to hold minimum levels of capital and other instruments that bear losses in resolution. TLAC will be integrated into the existing minimum requirement for own funds and eligible liabilities (MREL) system; and
  4. various measures relating to, broadly, market risk, counterparty credit risk, equity investments in funds and large exposures.

Operating in parallel, a keynote of the EU-specific side of the package is increased proportionality, as a simplified approach for smaller and less-complex institutions is introduced in respect of some of the current disclosure, reporting and complex rule book-related requirements. The other significant EU-specific change, which sparked considerable controversy, concerns the requirement for certain non-EU banks headquartered in third countries to set up an intermediate holding company for their EU subsidiaries.

The Risk Reduction Measures package (including CRD V) entered into force on 27 June 2019. The majority of the provisions in CRR II will apply from 28 June 2021. EU Member States were required to adopt and publish the measures necessary to comply with the CRD V Directive by 28 December 2020, and to apply those measures from 29 December 2020, subject to specified exceptions. The EBA has started work on certain technical standards associated with CRD V. However, the timing for the submission of these standards has been delayed (in most cases, to 2021) as a consequence of covid-19.

The Payment Services Directive

The Payment Services Directive (PSD)12 is intended to harmonise conduct of business rules for all providers of electronic payment services across the EU, and to create a tiered prudential authorisation regime for non-bank payment service providers, known as payment institutions. It affects banks, building societies, e-money issuers, money remitters, non-bank credit card issuers, non-bank merchant acquirers and their customers. The PSD focuses on electronic means of payment, including direct debits, debit cards, credit cards, standing orders, mobile or fixed phone payments and payments from other digital devices, as well as money remittance services. It does not apply to physical cash-only transactions or paper cheque-based payments.

The PSD was formally adopted on 13 November 2007. Member States were required to transpose the PSD into their national laws by 1 November 2009.

Thereafter, on 24 July 2013, the Commission adopted a legislative package seeking to amend the EU payments framework. The package proposed a revised and recast Payment Services Directive (PSD2)13 and a Multilateral Interchange Fees Regulation (the MIF Regulation).14

PSD2 was formally adopted on 25 November 2015 and had an implementation deadline of 13 January 2018. It updated the existing framework for the regulation of the provision of payment services in the EU and introduced enhanced transparency and security requirements.

In addition, PSD2 increased the geographical scope of the PSD, applying transparency and information requirements to payment transactions in all currencies and to payment transactions where only one payment service provider (PSP) is located in the EU. It also brought certain PSPs (such as those providing payment initiation services and account information services) within the scope of PSD2, and limited the exemptions that were available under the PSD. Throughout 2017, the EBA published technical standards and guidelines to accompany PSD, most of which now apply (including the delayed regulatory technical standards relating to strong customer authentication).

The MIF Regulation was formally adopted on 29 April 2015 and became fully effective on 9 June 2016. The Regulation imposes caps on interchange fees of 0.2 per cent and 0.3 per cent of transaction value for consumer debit card and credit card transactions, respectively. These caps came into effect on 9 December 2015, although until 9 December 2020, Member States were permitted to apply the cap of 0.2 per cent in respect of domestic debit card transactions to the annual weighted average transaction value of all such transactions within the relevant card scheme. Now that this period has expired, the cap must be set by reference to transaction value. The Regulation also requires the organisational separation of payment schemes and transaction processing infrastructure, and prohibits territorial restrictions in licensing agreements or payment scheme rules.

In March 2020, the Commission published a study it had commissioned on the application of the MIF Regulation. The study found that the main objectives of the MIF Regulation had been achieved, including a material decrease in interchange fees for consumer cards, and that increased cross-border acquiring services and card transactions had led to a higher degree of market integration.

In June 2020, building on the March study, the Commission published a report on the application of the MIF Regulation on interchange fees for card-based payment transactions, recognising that covid-19 has accelerated consumer and merchant trends away from cash and towards contactless and electronic payments. The report again concluded that the main objectives of the Regulation have been achieved and was not accompanied by a legislative proposal.

In December 2020, a public hearing took place with the aim of contributing to the Commission's ongoing reflection process on the impact of the MIF Regulation and how it can continue to serve European consumers and merchants.

On 17 July 2020, the Commission adopted a legislative proposal for a new regulation on cross-border payments in the Union. The purpose of the proposed regulation is to codify the existing regulation on cross-border payments,15 which has been amended many times and contains provisions on (among other things) currency conversion charges and charges for cross-border payments. The Commission originally expected the new regulation to enter into force on or around 20 April 2021; however, as at the time of writing, the legislative procedure had not yet been completed.

On 25 January 2021, the ECB published an opinion on the new proposed regulation. The ECB opines on one of the provisions that aims to supplement the transparency and information requirements in the PSD in relation to currency conversion services. The ECB recommends that the reference to ECB euro foreign exchange reference rates in the provision is revised and replaced by an appropriate reference to a foreign exchange benchmark rate that falls within the Benchmarks Regulation.

The Acquisitions Directive

The Acquisitions Directive16 was formally adopted on 5 September 2007. It was intended to harmonise the criteria that regulators apply in deciding whether to approve changes of control of financial institutions (specifically credit institutions, investment firms, insurers and reinsurers) and to harmonise some important aspects of the process by which they do so. Member States were required to implement the Acquisitions Directive into national law by 21 March 2009.

The Acquisitions Directive was a maximum harmonisation directive in the sense that it prohibited Member States from imposing requirements for the notification to, and approval by, regulators of direct or indirect acquisitions of voting rights or share capital that are more stringent than those set out in the directive. The definition of control (at or above which the person holding control requires regulatory approval) was set at 10 per cent of share capital or voting rights, which followed previously existing EU directives. The Acquisitions Directive also introduced a concept of aggregation of multiple parties' interests for the purpose of determining whether control has been or would be attained where those parties are acting in concert.

Following a consultation, the Commission published a report in 2013, concluding that, overall, the regime created by the Acquisitions Directive was working satisfactorily. The Commission did, however, ask the ESAs to clarify new Level 3 guidance on the Directive in relation to a number of issues, including the definition of 'acting in concert'. These guidelines were published by the ESAs on 20 December 2016, and applied from 1 October 2017.

The Acquisitions Directive was repealed and replaced (in part) by the following sectoral directives: the Markets in Financial Instruments Directive II (MiFID II);17 the Solvency II Directive;18 and the CRD IV Directive (each as amended).19 The most important aspect of the Acquisitions Directive regime, namely the qualifying holdings regime, is therefore now contained in these sectoral directives. Broadly, the qualifying holdings regime imposes notification requirements on:

  1. regulated firms within the scope of the sectoral directives;
  2. persons that have acquired, or are contemplating acquiring, certain levels of qualifying holdings in such regulated firms; and
  3. persons that are contemplating disposing of their qualifying holdings in such regulated firms (either entirely or so that their holdings fall below certain thresholds).

The sectoral directives also require firms applying for regulatory authorisation to disclose qualifying holdings as part of the authorisation process. The qualifying holding regime contained in the sectoral directives remains a maximum harmonisation regime: Member States are prohibited from imposing notification requirements that are more stringent than those set out in the sectoral directives.

The Financial Groups Directive

There is a separate EU regime for the consolidated supervision of mixed activity financial groups (financial conglomerates) established by the Financial Groups Directive20 (FGD), which Members States were obliged to transfer into domestic law by 11 August 2004.

Financial conglomerates, within the meaning of the FGD, are groups that carry on financial services activities as a substantial portion of their business, and that have significant interests in each of the banking or investment services, and insurance sectors.

The FGD requires that a bank, investment firm or insurer that is authorised by an EEA regulator and that is a member (or parent) of a financial conglomerate group should be subject to supplementary supervision on a group-wide basis in addition to relevant sectoral (i.e., insurance or banking) consolidated supervision. The rules on how this supervision is effected may differ from those that apply to banking-only groups. The criteria for determining whether a group is a financial conglomerate for the purposes of the FGD depend on whether it is headed by a regulated entity. If a group is headed by a regulated entity, this entity must be the parent undertaking of, hold a participation in or be linked by a relationship based on unified management with, an entity in the banking, investment or insurance sector. Where the entity at the head of the group is not regulated, the gross assets attributable to all the financial business activities of the group (that is, all its banking or investment services, and insurance businesses) must account for at least 40 per cent of the group's total gross assets worldwide.

In both cases, groups must also meet the following criteria: at least one member of the group carries on business in each of the insurance sector and either the banking or investment services sector; and the group's business activities in each of these sectors are significant.

Significance is measured by reference to the average of two tests: a balance sheet ratio test and a solvency requirements ratio test comparing the significance of each sector with the combined position of all financial sector entities in the group. The average ratio for each of the insurance businesses and banking or investment firms and of the group must exceed 10 per cent for the group to be treated as a financial conglomerate. At the initiative of the lead European regulator (to be identified or agreed among the national regulators that supervise members of the group in the EEA), national regulators that supervise members of the group in Member States may agree to substitute or supplement the significance test, or to exclude certain group members from its calculation, if they consider it appropriate to do so.

The significance test can also be satisfied if the gross assets of the smaller of the group's financial sector businesses (banking or investment services as against insurance) exceed €6 billion. If, however, the 10 per cent average ratio test is not satisfied, the relevant national regulators can agree that the group should not be regarded as a financial conglomerate.

Upon becoming a financial conglomerate, the relevant ratios are lowered for three years from that date unless the relevant national regulators agree otherwise. This minimises scenarios in which a group moves in and out of the FGD regime. The FGD also permits relevant regulators to treat a conglomerate as such for three years from the date on which it last satisfied the conglomerate test.21

The FGD was amended in December 2011 to address certain deficiencies in the way the FGD interacts with CRD IV and equivalent sectoral rules for insurers that mean supplementary supervision cannot currently be carried out for certain groups on a fully group-wide basis because of their legal structure. The amendments also introduced, inter alia, more discretion for supervisors in applying the significance test and in deciding whether to identify small groups (those with under €6 billion in total assets) as financial conglomerates.

On 18 January 2021, the ESAs published final draft implementing technical standards on harmonised templates for reporting of intra-group transactions and risk concentration of financial conglomerates subject to supplementary supervision under the FGD. Assuming these standards are not rejected by the Parliament or the Council, they will enter into force on 1 January 2022.

The Markets in Financial Instruments Directive

The Markets in Financial Instruments Directive (MiFID)22 replaced the Investment Services Directive (ISD),23 which had constituted one of the foundations upon which the single European market in financial services was developed in the 1990s. The ISD introduced a system of passports under which an investment firm authorised as such in one Member State could carry out certain regulated activities for which it was so authorised in other Member States, or establish a branch in other Member States, without having to obtain additional authorisation from the regulators in those other Member States. MiFID retained and expanded this passporting framework.

MiFID is very important to the large number of EU banks that provide investment services as well as carrying on deposit-taking and lending activities.

Although the effect in each Member State has varied, MiFID had some key consequences for the investment services market in the EEA as a whole:

  1. the scope of regulation of the investment services sector required by EU law was expanded, with the addition of important new regulated investment services and products;
  2. as a result, the investment services passport enabled firms to provide a wider range of investment services on a cross-border basis, or from branches within the EEA;
  3. national-level barriers to investment services within the EU single market were reduced;
  4. important core business standards for investment services were prescribed in detail at the EU level; and
  5. the rules applying to different securities trading venues were harmonised to a significant degree, resulting in a wider range of regulated trading venues, such as multilateral trading facilities (MTFs).

The deadline for the implementation of MiFID into the national law of each Member State was 1 November 2007.

A legislative package amending MiFID (MiFID II) came into force on 2 July 2014. MiFID II comprises the MiFID II Directive24 and the Markets in Financial Instruments Regulation (MiFIR)25 (the latter also amended the European Market Infrastructure Regulation (EMIR), which is discussed in Section VIII). Member States had until 3 July 2017 to transpose the majority of measures contained in the MiFID II Directive into their national laws, and have had to apply those provisions, and MiFIR, since 3 January 2018.

MiFID II covers a range of issues, some of which are self-evidently matters of regulatory policy playing catch-up with market developments, for example in relation to new trading methods such as high-frequency and algorithmic trading strategies. Other measures, however, demonstrate a prescriptive and rigid response to perceived or suspected potential for investor detriment. In some cases, indeed, the measures seem to cross the line between the regulation of firms' conduct and the imposition of specific conduct requirements, even to the extent of banning certain products or activities. Key elements of MiFID II include the following:

  1. a new type of trading venue, the organised trading facility (OTF), was brought within the scope of MiFID II. OTFs are subject to the same core requirements for a trading venue's operation as existing platforms, and are defined broadly to capture all forms of organised trading not matching existing categories;
  2. all trading of derivatives that are eligible for clearing and are sufficiently liquid, was moved to regulated markets, MTFs or the new OTFs;
  3. improved transparency of trading activities in equity markets, including dark pools, and a new trade transparency regime for non-equity markets;
  4. new safeguards for algorithmic and high-frequency trading activities;
  5. in coordination with ESMA or the EBA and under defined circumstances, supervisors were given the ability to ban specific products, services or practices in the case of threats to investor protection, financial stability or the orderly functioning of markets;
  6. new powers for regulators to monitor and intervene in commodity derivatives trading, including the imposition of position limits;
  7. stricter requirements for portfolio management, investment advice and the offer of complex financial products, such as structured deposits; and
  8. a ban (subject to exceptions) on third-party inducements in the case of portfolio management and for firms providing independent advice.

MiFID II is accompanied by a number of delegated and implementing acts, which supplement the framework legislation, as well as technical standards, which generally elaborate on its technical aspects. On 17 February 2020, the Commission began consulting on reviewing the regulatory framework established by MiFID II. The review prioritises four main areas: the establishment of an EU consolidated tape; investor protection; research unbundling rules (and small and medium-sized enterprise research coverage); and commodity derivatives markets. Although the consultation period ended in May 2020, no outcomes had been published at the time of writing.

The European Market Infrastructure Regulation

At the September 2009 summit in Pittsburgh, G20 leaders agreed that all standardised over-the-counter (OTC) derivative contracts should be cleared through central counterparties (CCPs) by the end of 2012 at the latest, and that OTC derivative contracts should be reported to trade repositories. The EU's response to this commitment was the Regulation on OTC derivatives, central counterparties and trade repositories (commonly referred to as EMIR). EMIR entered into force on 16 August 2012, apart from certain requirements that needed to be specified further in Level 2 measures. In particular, the first clearing obligations came into effect on 21 June 2016 in respect of certain interest rate derivatives.

The requirements of EMIR, which extend to all derivative contracts and not just to standardised OTC derivative contracts, include:

  1. a reporting obligation in respect of derivatives entered into by EU financial and non-financial counterparties, requiring detailed information to be reported to trade repositories and made accessible to supervisory authorities (this obligation came into force on 12 February 2014);
  2. a clearing obligation for derivatives that meet certain eligibility criteria set by ESMA;
  3. measures to reduce counterparty credit risk and operational risk for uncleared OTC derivatives, including risk mitigation standards (such as exchanges of collateral);
  4. prudential requirements for CCPs and trade repositories, including requirements for authorisation, capital, the provision of margin, the establishment of a default fund, organisational rules and conduct of business standards. These include an obligation on trade repositories to publish aggregate positions by classes of derivatives accessible to all market participants; and
  5. rules on the interoperability of CCPs.

In November 2016, the Commission published a report under Article 85(1) of EMIR to review EMIR. The report concluded that no fundamental change should be made to the nature of the core requirements of EMIR but that they could be adjusted in a number of areas.

As a consequence, the EMIR Refit Regulation26 (EMIR Refit), which contained amendments to EMIR, was adopted on 14 May 2019 and, subject to certain exceptions, entered into force on 17 June 2019. Among other things, EMIR Refit;

  1. permits the Commission to suspend the clearing obligation;
  2. streamlines requirements for small financial counterparties and non-financial counterparties;
  3. delays the application of the clearing obligation to certain transactions; and
  4. provides that Member States' national insolvency laws shall not prevent a CCP from acting in accordance with certain of its EMIR obligations.

EMIR Refit is distinct from the regulation to amend EMIR with respect to the authorisation of CCPs and recognition of third-country CCPs (EMIR 2.2),27 which was adopted on 15 October 2019 and came into force on 1 January 2020. EMIR 2.2, among other things, takes into particular account the effects of Brexit on the European financial system, and establishes a CCP Supervisory Committee within ESMA mandated to handle tasks related to CCPs, as well as supervising EU and third-country CCPs.

EMIR is supported by a Q&A document published by ESMA, which addresses questions posed by the general public, market participants and national regulators in relation to the implementation and practical application of EMIR. The document aims to promote common supervisory approaches and practices in the application of EMIR. It is frequently updated to take account of regulatory developments, and was, at the time of writing, last updated on 28 January 2021.

As a consequence of the heavy reliance of the EU financial system on clearing services provided by UK-based CCPs, there were fears in the run up to the end of Transition Period about the financial stability of the EU. To address this problem, in September 2020, ESMA announced that the three CCPs established in the United Kingdom – ICE Clear Europe Limited, LCH Limited and LME Clear Limited – would be recognised as third-country CCPs eligible to continue providing their services in the EU after the end of the Transition Period. This equivalence decision is, at the time of writing, scheduled to expire on 30 June 2022, providing ESMA the opportunity to conduct a comprehensive review of the long-term systemic importance of UK CCPs to the Union.

The Banking Union, SSM and Single Resolution Mechanism

Herman van Rompuy, former President of the European Council, published a report on 26 June 2012 entitled 'Towards a Genuine Economic and Monetary Union', in which he set out his vision for the future of EU economic and monetary union. This was based on four elements: an integrated financial framework; an integrated budgetary framework; an integrated economic policy framework; and democratic legitimacy and accountability.

The proposals for an integrated financial framework (otherwise known as a banking union) comprised:

  1. a new role for the ECB, giving it responsibility for the prudential regulation of all credit institutions (meaning all banks, mutuals and other deposit-taking entities) established in the eurozone, resulting in an SSM for banking supervision;
  2. a single prudential rule book applicable across the European Union, the core elements of which are already contained in CRD IV (as amended);
  3. a harmonised recovery and resolution framework for credit institutions and other systemic firms in the eurozone on the basis of the Commission's current proposals in this area; and
  4. a common deposit guarantee scheme (DGS) for the European Union.

i The SSM

The legislation establishing the SSM includes two regulations: one conferring supervisory tasks on the ECB (the SSM Regulation) and the other modifying the regulation establishing the EBA (the EBA Amending Regulation). These are supplemented by the SSM Framework Regulation, which sets out detailed procedures for the SSM. The SSM Regulation entered into force on 3 November 2013 and the EBA Amending Regulation entered into force on 30 October 2013. In accordance with the SSM Regulation, the ECB assumed its supervisory role on 4 November 2014.

The SSM Regulation is the key piece of legislation establishing the SSM elements of the banking union. The key elements of the SSM Regulation include:

  1. direct supervisory responsibility for the ECB over significant credit institutions (generally, those with assets of more than €30 billion, representing more than one-fifth of a Member State's national output (where those total assets exceed €5 billion), or with a ratio of cross-border assets or liabilities to total assets or liabilities (respectively) that exceeds 20 per cent). Other banks largely remain under the supervision of national regulators in the participating Member States. However, the ECB does have the supervisory role for licensing and authorising credit institutions, and for assessing the qualifying holdings for all credit institutions;
  2. the ECB should issue regulations, guidelines or general instructions to national supervisors for the performance of their supervisory responsibilities; and
  3. investigatory and enforcement powers for the ECB. It may impose fines of up to twice the amount of the profits gained or losses avoided as a result of a breach (where these can be determined), or up to 10 per cent of the total annual turnover of a legal person in the preceding business year. It does not, however, have the power to impose sanctions on individuals.

The EBA Amending Regulation revised the EBA Regulation in relation to voting procedures in respect of the EBA. It includes revised decision-making arrangements in respect of the EBA, which require a majority of non-SSM countries to approve EBA decisions (to prevent the EBA from being dominated by the ECB, which represents the SSM Member States).

On 11 October 2017, as required by the SSM Regulation, the Commission published a report that provides an assessment of the setting up and functioning of the SSM, to determine its effectiveness as the first pillar of the banking union. The report covered five themes:

  1. the governance of the SSM;
  2. supervisory tools developed by the ECB;
  3. the performance of supervisory tasks by the ECB;
  4. the interaction with relevant EU and international bodies; and
  5. the cost-effectiveness of the SSM.

In its report, the Commission came to an overall positive assessment of the SSM and the first two years of the ECB acting in its supervisory capacity. While stating that there is scope for further improvement, the Commission did not consider it necessary to propose any amendments to the SSM Regulation.

Although non-eurozone Member States do not participate in the SSM, the SSM Regulation allows those countries to enter into close supervisory cooperation with the ECB. Bulgaria and Croatia initiated requests for close cooperation in July 2018 and May 2019, respectively. As a result, after establishing such close cooperation, the ECB announced in September 2020 that it would start directly supervising five banks in Bulgaria and eight banks in Croatia from 1 October 2020.

On 28 January 2021, the ECB published the outcomes of its 2020 Supervisory Review and Evaluation Process and its supervisory priorities for the SSM that reflect those outcomes. It found that euro area banks started 2020 with significantly higher capital levels and with a greater resilience to economic deterioration than before the 2008 crisis. The ECB has identified the following priorities for 2021:

  1. credit risk management: supervisors are to focus on the adequacy of banks' credit risk management, aiming to foster timely identification, efficient monitoring and mitigation of procyclicality;
  2. capital strength: the EBA's EU-wide stress test will be an important element in gauging banks' capital resilience;
  3. business model sustainability: banks' strategic plans and the underlying measures they take to overcome structural deficiencies will remain an area of focus; and
  4. internal governance: there will be continued supervision of the adequacy of banks' crisis management frameworks, risk data aggregation, IT, cyber and anti-money laundering risks.

ii The Single Resolution Mechanism

The SRM Regulation, certain provisions of which have applied since August 2014 and which has been fully effective since 1 January 2016, established the SRM. Its key elements include:

  1. the establishment of a single resolution board (SRB). The SRB's main role is to assess whether an individual bank needs to be placed under resolution, and to determine the application of the resolution tools and use of the Single Bank Resolution Fund (SBRF);
  2. the establishment of the SBRF, which is funded through contributions made by all banks established in participating Member States. The level of contributions payable by banks reflects their respective size and business model; and
  3. the establishment of a resolution mechanism that is intended to reflect the mechanism used by national authorities under the BRRD, discussed below. The framework includes preparatory and preventive measures, early intervention measures and resolution tools, including bail-in.

The SRB signed a memorandum of understanding with the Commission on 1 August 2019, which sets out working methods between the SRB and the Commission in line with the legal framework established by the SRM Regulation. This includes cooperation on resolution, regulatory and communication matters.

The SRM has recently been amended by the SRM II Regulation as part of the Risk Reduction Measures legislative package (see Section III). The amendments are intended to mirror those made under BRRD II (see Section X) and relate to the implementation of the TLAC requirements and revisions to MREL. The SRM II Regulation entered into force on 27 June 2019 and has applied since 28 December 2020.

Recovery and resolution plans

Since the financial crisis of 2007 to 2009, both the G20 and the FSB have advocated for the development of recovery and resolution plans – living wills – for financial institutions. The numerous high-profile banking failures in the EU during the crisis (including, for example, Fortis and Anglo Irish Bank) revealed shortcomings in the existing arrangements for organising an orderly wind-down of ailing banks and financial institutions, which left Member States with no choice but to bail out their banking sectors.

In response to this and to minimise the costs for taxpayers of resolving future crises, the Commission proposed an EU framework for crisis management in the financial sector with common and effective tools and powers to deal with failing banks at an early stage. The overriding objective of the proposal was to ensure that failing banks could be resolved in ways that minimise the risks of contagion and ensure continuity of essential financial services, including continuous access to deposits for insured depositors.

The BRRD is the framework legislation passed as a result of the Commission's proposal to deal with future bank failures. It came into force on 2 July 2014 and establishes new tools and powers for national regulators to deal with crises, including (1) rules requiring banks to prepare recovery plans and requiring resolution authorities to prepare resolution plans based on consultations with the institution concerned, (2) new powers of facilitating supervisory intervention at an early stage of, and during, a crisis (such as the power to require a bank to implement its recovery plan), and (3) new tools to deal with the failure of a firm, including through sale-of-business bridge institution, asset-separation and bail-in mechanisms.

The BRRD also established new procedures of cross-border cooperation in resolving banking crises, including a much greater role for the EBA.

The deadline by which Member States had to transpose the BRRD into national law was 31 December 2014, and all the provisions of the BRRD (except for the bail-in tool for use by national regulators) came into force by 1 January 2015. The provisions relating to the use of the bail-in tool came into force on 1 January 2016, but some Member States chose to bring these provisions into force sooner.

As discussed in Section III, the Commission adopted a broad reform package in November 2016 that contained reforms to the BRRD (BRRD II). The purpose of these reforms, which form part of the Commission's efforts to implement the TLAC Standard, was primarily to amend existing MREL provisions to align them with the TLAC Standard. The reforms included:

  1. targeted amendments to the insolvency ranking of holders of debt instruments issued by EU banks for the purposes of BRRD and TLAC requirements concerning loss absorption and recapitalisation capacity of banks;
  2. a requirement for contractual recognition of (1) the fact that a relevant liability may be subject to write-down and conversion powers and (2) resolution stay powers in the BRRD; and
  3. a moratorium power on banks' payment or delivery obligations.

As with the broader legislative package, BRRD II entered into force on 27 June 2019, and Member States were expected to publish and adopt compliance measures by 28 December 2020. In addition, the BRRD Insolvency Hierarchy Directive entered into force on 28 December 2017, and Member States were required to transpose it into their national laws by 29 December 2018.

On 30 April 2019, the Commission published a technical evaluation report that reviewed the application of the BRRD and the SRM Regulation, which concluded that more time was needed to fully assess the implications of the legislation, and did not propose any amendments to the BRRD as the legislation had only been applied in a very limited number of cases at the time.

In addition, on 10 November 2020, the Commission published a roadmap and an inception impact assessment as part of an initiative to review the bank crisis management and deposit insurance framework, including the BRRD, the SRM Regulation and the Deposit Guarantee Schemes Directive (DGSD). This has been followed by a public consultation, which launched on 26 January 2021, and focuses on: (1) assessing how the current crisis management and depositor insurance framework works; (2) finding ways to make the framework more proportionate, efficient and consistent in handling the resolution or liquidation of any bank in the EU, including by securing appropriate funding within and outside the banking union; and (3) improving the synergies between the crisis management and depositor protection, including taking steps to complete the banking union. The results of the consultation will contribute to the Commission's work to make the framework, which sets out the rules for handling bank failures while protecting depositors, more coherent and robust. The Commission plans to adopt legislative proposals for a regulation and a directive in the third quarter of 2021.

The Short Selling Regulation

In distressed markets, short selling can amplify price falls and may lead to disorderly markets giving rise to systemic risk. In 2008, fears of such risks led to various Member States suspending short selling, although there was no coordinated approach across the EU. To address the perceived risks in a coordinated manner, a regulation on short selling and certain aspects of credit default swaps (the Short Selling Regulation (SSR)) was agreed upon and came into force on 1 November 2012. It includes provisions that:

  1. increase transparency on short positions in certain situations relating to EU shares and EU sovereign debt, and to persons with significant credit default swap positions relating to EU sovereign debt issuers;
  2. require that those who enter into short sales of European sovereign debt instruments or shares admitted to trading on an EU-regulated market, or an MTF, must have borrowed, entered into an agreement to borrow or made other arrangements that ensure that the relevant instruments are available for borrowing. This effectively bans naked short selling;
  3. oblige disclosure of a short position in shares of an EU company to the relevant regulator once the short position reaches 0.2 per cent, and to the market once it reaches 0.5 per cent (and each 0.1 per cent above this), of the target's share capital. Only significant short positions in credit default swaps or EU sovereign bonds will need to be disclosed to the regulator (and not the market);
  4. require trading venues to ensure that there are default arrangements and penalties in place if a short settlement fails;
  5. require that all short orders should be flagged as such;
  6. empower national regulators to impose restrictions on short selling and related derivative transactions for up to three months where there is a serious threat to financial stability or market confidence in a Member State or the European Union more generally, and very short-term restrictions where there is a significant fall in the price of a financial instrument; and
  7. provide that ESMA will coordinate cross-border measures and intervene in situations where national authorities have not taken sufficient action to address a threat.

The SSR is supplemented by three delegated regulations and an implementing regulation, which lay down regulatory technical standards on notification and disclosure requirements,28 establish implementing technical standards on the means of disclosure and the types of agreements that can ensure the settlement of shares and sovereign debt,29 establish definitions and calculation methods (among others),30 and lay down regulatory technical standards on the calculation of the fall in value of financial instruments.31

Following an earlier consultation, on 21 December 2017 ESMA published technical advice to the Commission in respect of three aspects of the SSR: the scope and functioning of the exemption for market making activities; the procedure for imposing a short-term ban on short selling in the event of a significant fall in price of a financial instrument; and the transparency of net short positions, and the related reporting and disclosure requirements.

ESMA's proposals included transforming the current bans on short selling into a ban on entering into or increasing net short positions as well as building a centralised notification and publication system across the EU for transparency purposes.

Despite stating in its 2019 annual work programme32 that it was considering revisions to its technical advice, ESMA has not made these revisions to date and its 2020 annual work programme merely states that ESMA will continue to focus on Q&As, advice and supervisory briefings on the SSR.

Consumer protection directives relevant to the banking sector

A number of other EU directives of importance to banks have been enacted, broadly with the aim of achieving harmonised consumer protection measures in the areas to which they relate. They include those summarised below.

i Deposit Guarantee Schemes Directive

This Directive33 establishes minimum levels of protection that Member States are required to provide to depositors of banks that their national regulators supervise. In February 2009, the Council adopted an amending Directive34 that raised the minimum deposit coverage level to €50,000 as from 30 June 2009 (from €20,000); set the coverage level at €100,000 as from 31 December 2010; and reduced the maximum payout delay to 25 working days (a period of five working days to establish that a credit institution has failed to repay deposits that are due and payable, followed by a period of 20 working days), subject to extension by 10 working days.

On 2 July 2014, a recast version of the DGSD came into force. The overwhelming majority of its provisions had to be implemented by 3 July 2015. Its key provisions include:

  1. reducing the time permitted for payout to seven working days by 2024, requiring managers of schemes to inform authorities of likely bank failures (to facilitate payouts on the shorter timeline), and requiring banks to be able to provide a breakdown of the aggregated deposits of a depositor at any time;
  2. requiring the provision of standard information to depositors about the scheme that applies to them;
  3. requiring funds of schemes to reach 0.8 per cent of covered deposits within 10 years of the Directive coming into force. The Commission may permit a Member State to set a lower level (although not less than 0.5 per cent) where that Member State has a concentrated banking sector; and
  4. introducing a principle of risk-based contributions, whereby riskier banks are required to make greater contributions to the relevant DGS.

The DGSD requires the Commission to submit two reports:

  1. one setting out how DGSs operating in the EU may cooperate through a European scheme to manage risks inherent in cross-border activities and protect deposits from such risks (and, if appropriate, to submit a legislative proposal); and
  2. one, with the support of the EBA, on the progress towards the implementation of the DGSD, having regard to a number of topics, such as the adequacy of the current coverage level for depositors and the impact on the diversity of banking models.

The EBA published three opinions in connection with the second report. The first opinion on the eligibility of deposits, coverage level and cooperation between DGSs was published in August 2019. The EBA published its second opinion on strengthening depositor protection in the EU in October 2019. In February 2020, the EBA published its third and final opinion, which concerned sources of funds for DGSs and how DGS funds should be used. The EBA invited the Commission to consider the amendments proposed in the opinions when preparing its final report to the Parliament and the Council.

As stated above, an inception impact assessment concerning the Commission's review of the BRRD, the SRM Regulation and the DGSD was published in November 2020. This has been followed by a public consultation, which launched in January 2021. The Commission intends to perform a targeted evaluation of the BRRD, SRM Regulation and the DGSD, assessing, among other things, the level of depositor protection. The Commission expects relevant legislative proposals to be adopted in the third quarter of 2021.

ii Unfair Terms in Consumer Contracts Directive and Consumer Rights Directive

The Unfair Terms in Consumer Contracts Directive (the Unfair Terms Directive)35 adopted in 1993 is the original EU legislation governing terms of contracts with consumers. It requires Member States, among other things, to enact provisions in their national laws that would render certain unfair terms in consumer contracts unenforceable. Consumer contracts are defined as contracts between a seller or supplier (meaning any natural or legal person who, in contracts covered by the Directive, is 'acting for purposes relating to his trade, business or profession') and a consumer (meaning any natural person who, in contracts covered by the Directive, is 'acting for purposes which are outside his trade, business or profession'). In particular, a term of such a contract that has not been individually negotiated is unfair (and therefore unenforceable) if, 'contrary to the requirement of good faith', it causes a 'significant imbalance in the parties' rights and obligations arising under the contract, to the detriment of the consumer'. An annex to the Directive contains an indicative and non-exhaustive list of terms that may be regarded as unfair.

The Directive also introduced a requirement that Member States implement measures ensuring that contracts to which the Directive relates be drafted in plain, intelligible language. On 22 July 2019, the Commission issued guidance on interpretation of the Unfair Terms Directive in light of subsequent case law and legislative developments.

In October 2008, the Commission published a communication that proposed the repeal and replacement of the Unfair Terms Directive with a single EU directive on consumer rights that would also repeal and replace certain other consumer protection directives. However, the Consumer Rights Directive,36 which came into force on 12 December 2011, only made minor amendments to the Unfair Terms Directive, and did not repeal it. Among its key provisions were an extension of consumer withdrawal rights on distance purchases to 14 days across the EU; a cap on fees for use of means of payment equal to the cost borne by the trader for the use of such means; and the provision of mandatory information by the trader to the consumer on distance and off-premises contracts. Member States were required to implement the measures contained in the Consumer Rights Directive by 13 December 2013, and to apply those measures from 13 June 2014.

On 12 May 2016, the Commission launched a consultation as part of its fitness check of EU consumer and marketing law, which included an evaluation of the Unfair Terms Directive and the Consumer Rights Directive. The Commission found that overall, the EU consumer law acquis at the time was still fit for purpose, and was not in need of a major overhaul. Nevertheless, the Commission launched a public consultation to seek stakeholder views on some possible targeted legislative changes, which closed on 8 October 2017.

As a result of this consultation, on 11 April 2018 the Commission proposed a package of legislative changes (referred to as the New Deal for Consumers), including the amendment of the Unfair Terms Directive and the Consumer Rights Directive to modernise and ensure better enforcement of EU consumer protection rules, in particular in light of increasing digitalisation. The legislative changes were adopted in the Enforcement and Modernisation Directive37 (otherwise known as the Omnibus Directive), which entered into force on 7 January 2020. The Omnibus Directive extends consumers' rights, traders' disclosure obligations and enforcement powers of national authorities. It provides, among other things, that:

  1. national authorities have the power to impose effective and proportionate penalties in a coordinated matter when they jointly investigate major cross-border infringements across a number of EU Member States. National authorities can impose fines of up to 4 per cent of a trader's annual turnover for breaches of EU consumer law in the Member State or States where the breach occurred, or €2 million in cases where information on turnover is unavailable, with individual Member States able to introduce even higher fees;
  2. EU consumers have a direct right to remedies for unfair compensation practices, including rights of termination and financial compensation;
  3. national authorities have stronger powers to stop the misleading marketing of dual-quality goods;
  4. traders must inform consumers of whether an item is bought from a private individual or a trader; if the seller is a private individual, consumers must be warned that EU consumer protection rules will not apply to the transaction;
  5. consumers must be informed each time a price is presented to them based on a personalised pricing algorithm to ensure that consumers know that the asking price may have increased specifically for them;
  6. the definition of payment is extended to include payment with personal data to cover 'free digital services'. Hence, providers of these free services will now have to provide information about the main characteristics of the service, the contract duration and the termination conditions; consumers will also have a 14-day cancellation right in these circumstances; and
  7. submitting, or commissioning someone to submit, a fake review or endorsement is prohibited, and traders are required to justify the reasonable and proportionate steps they have taken to ensure that the reviews on their site are genuine.

Member States have two years to transpose the new rules into national law with a deadline of 28 November 2021. The new rules are to apply from 28 May 2022.

iii Anti-money laundering legislation

There are also extensive provisions of EU law setting out anti-money laundering requirements, but these are beyond the scope of this chapter.

The Securities Financing Transaction Regulation

In its September 2013 Communication on shadow banking, the Commission identified increasing the transparency of securities financing transactions (SFTs) as a priority area. This prompted it to publish a proposal for a regulation on the reporting and transparency of SFTs in January 2014 (the SFT Regulation). The final text of the SFT Regulation38 was formally adopted on 25 November 2015 and came into force on 12 January 2016. The Commission adopted related regulatory and implementing technical standards on 13 December 2018, which entered into force on 11 April 2019.

The SFT Regulation covers repos, securities and commodities lending and borrowing transactions, buy-sell back and sell-buy back transactions and margin lending transactions and applies to all counterparties in SFT transactions that are domiciled in the EU or acting through an EU branch, certain fund managers and counterparties engaging in rehypothecation. It imposes the following requirements:

  1. counterparties must report details of SFTs to a registered or recognised trade repository no later than the working day following the conclusion of the transaction;
  2. fund managers must provide detailed information on any recourse they have to SFTs and other financing structures in pre-contractual documents and at regular reporting intervals; this measure is aimed at enabling investors to become aware of the risks associated with the use of SFTs and other financing structures; and
  3. a counterparty that wishes to rehypothecate clients' financial instruments that it holds as collateral can do so only after receiving the express consent of the providing counterparty, disclosing the potential risks and having the financial instruments transferred to its own account.

The reporting obligation has been in effect:

  1. since 11 April 2020 for banks and investment firms;
  2. since 11 July 2020 for CCPs and central securities depositories;
  3. since 11 October 2020 for most of the buy-side, including investment funds, pension funds and insurance and reinsurance undertakings; and
  4. since 11 January 2021 for non-financial counterparties.

ESMA published guidelines on reporting under the SFT Regulation on 6 January 2020, which were subsequently updated on 21 December 2020. The guidelines clarify a number of SFT Regulation provisions and provide practical guidance on their implementation.

The Commission was also due to submit reports in 2020 on:

  1. the effectiveness, efficiency and proportionality of the obligations in the SFT Regulation. This report should include an overview of similar obligations in third countries, focusing on (1) the reporting of relevant transactions not included in the scope of the SFT Regulation, taking into account any significant developments in market practice, as well as (2) the possible impact on the level of transparency of securities financing operations; and
  2. the application of supervisory fees to cover any necessary expenditure by ESMA relating to the registration, recognition and supervision of trade repositories as well as the reimbursement of any costs that national regulators may incur in carrying out work pursuant to the SFT Regulation.

Both reports are yet to be published. ESMA is also due to submit reports on (1) the efficiency of the reporting requirements, taking into account the appropriateness of single-sided reporting (in particular, in terms of reporting coverage and quality as well as reduction of reports to trade repositories) and (2) significant developments in market practices, focusing on transactions having an equivalent objective or effect to an SFT.

The Market Abuse Regulation

In October 2011, the Commission published legislative proposals for a regulation and directive to replace the Market Abuse Directive (MAD)39 and to strengthen and update the existing EU market abuse regime. Following consideration by the Council and the Parliament, the final texts of the Market Abuse Regulation (MAR)40 and the Directive on Criminal Sanctions for Market Abuse (CSMAD)41 (referred to collectively as MAD II) were published on 12 June 2014 and came into force on 2 July 2014.

The MAR was intended to expand and develop the market abuse regime under the MAD by establishing a common regulatory framework on market abuse and to complement the MiFID II legislative package. The two regimes were updated together to ensure that they are coherent and support each other's objectives and principles.

The framework established by the MAR prohibits insider dealing, unlawful disclosure of inside information and market manipulation. Key changes made under the MAR to the existing EU market abuse regime include:

  1. an expansion of scope to cover market abuse relating to financial instruments traded on an OTF or MTF, certain OTC activities and, in some cases, spot commodity contracts;
  2. extraterritorial reach, covering behaviour both within and, where such behaviour relates to instruments traded on an EU trading venue, outside the EU;
  3. the prohibition of attempted market manipulation;
  4. the extension of the market manipulation prohibition under the MAD to cover the manipulation of benchmarks; and
  5. a new market soundings safe harbour to the offence of unlawfully disclosing inside information.

The majority of the MAR's provisions applied from 3 July 2016. Under Article 38 of the MAR, the Commission was required to submit a report to the Parliament on the application of the MAR by 3 July 2019, together with a legislative proposal to amend it if appropriate. This report was to assess, among other things, whether the definition of inside information is sufficient to cover all information relevant for the national authorities to effectively combat market abuse, the appropriateness of the trading prohibition for persons discharging managerial responsibilities, and the possibility of establishing an EU framework for cross-market order book surveillance in relation to market abuse. In March 2019, the Commission published a letter sent to ESMA requesting formal technical advice on the report to be submitted by the Commission under Article 38, covering the elements mandated by Article 38 together with certain other matters, including whether spot FX contracts should be covered by MAR and the usefulness of insider lists. ESMA published the report in September 2020, concluding that the MAR has worked well in practice and is fit for purpose and setting out a proposal for targeted amendments to the MAR. The proposals included setting out ways to improve buy-back programmes and simplification of the market sounding procedures and requirements.

The CSMAD was intended to complement the MAR by requiring Member States to implement minimum rules for criminal sanctions in the most serious instances of market abuse. Under the CSMAD, serious instances of market abuse are broadly those that cause a great impact on the integrity of the market, or under which the profit gained or loss avoided, the level of damage caused to the market or the overall value of the financial instruments concerned is high.

Member States were required to transpose CSMAD provisions into domestic law by 3 July 2016 but, as the CSMAD is a minimum harmonisation directive, Member States are free to impose more stringent requirements. Two Member States, Denmark and the UK, opted out of the CSMAD. However, the UK is no longer a Member State.

The Mortgage Credit Directive

In March 2011, the Commission published a proposal for a directive on credit agreements relating to residential immovable property for consumers. The Mortgage Credit Directive (MCD) was published in the Official Journal on 28 February 2014 and had to be transposed and implemented by Member States by 21 March 2016.

The MCD introduced requirements in the EU for residential mortgage lending, and placed obligations on credit intermediaries and creditors. The MCD imposes requirements in relation to, inter alia, advertising and marketing, standard pre-contractual information, calculation of the annual percentage rate of charge, creditworthiness and suitability assessments and advice, and introduced a right of the borrower to make early repayment. The Commission was required to carry out a review of the implementation of the MCD by 21 March 2019, which was to consider the effectiveness and appropriateness of the MCD provisions. However, in May 2020, the Commission postponed the review because of the late transposition of the MCD by several Members States. At the time of writing, it remains unpublished.

Benchmarks Regulation

Following global investigations into the conduct of a number of banks in relation to their attempts to manipulate two key financial market benchmarks – the London interbank offered rate (LIBOR) and the Euro interbank offered rate (EURIBOR) – the Commission consulted on and proposed a regulation on indices used as benchmarks in financial instruments and financial contracts (Benchmarks Regulation). Adopted by the Parliament in April 2016, the majority of the provisions of the Benchmarks Regulation applied from 1 January 2018.

The key elements of the Regulation are as follows:

  1. the activity of the provision of benchmarks is subject to prior authorisation and continuing supervision at national and EU level. Different governance and control requirements apply to administrators depending on whether they administer critical, significant or non-significant benchmarks. For critical benchmarks (a class that includes LIBOR, Euro overnight index average (EONIA), Stockholm interbank offered rate (STIBOR) and EURIBOR), colleges of supervisors should be formed to enhance the exchange of information and ensure uniform authorisation and supervision;
  2. provisions to improve the quality of input data. Input data used to produce a benchmark should be sufficient and accurate to reflect actual market or economic reality, the data should be obtained from a reliable and representative panel of submitting institutions, and the benchmark administrator should use robust and reliable methodology for determining the benchmark;
  3. the benchmark administrator is required to draw up a code of conduct for contributors that clearly specifies their obligations and responsibilities when they provide input data for the determination of the benchmark;
  4. annexes to the Benchmarks Regulation contain further rules for commodity benchmarks and interest rate benchmarks to take account of the risks and specificities of these benchmarks in a proportionate manner. Additional requirements are imposed on critical benchmarks, including the power for the relevant national regulator to mandate submission data from contributors and mandate administration; and
  5. transparency provisions require administrators to provide a statement setting out the relevant benchmark measures and its vulnerabilities, to allow users to choose the most appropriate and suitable benchmark.

On 11 October 2019, the Commission published a consultation on a review of the Benchmarks Regulation. The aim of this consultation was to gather feedback on the functioning of the EU benchmarks regime, two years after its entry into application. In February 2020, ESMA published its response to this consultation, providing its own views on a range of key issues, including:

  1. enhancing the EU's critical benchmarks framework;
  2. ensuring a level playing field between EU and third-country benchmarks; and
  3. increasing transparency to the benefit of benchmark users.

Following this consultation, in March 2020 the Commission published an impact inception assessment relating to its review of the Benchmarks Regulation. The Commission found that it was necessary to amend the Benchmarks Regulation because it currently does not address the possibility of the cessation of a critical benchmark (for example, LIBOR, which is expected to be phased out by the end of 2021). On 24 July 2020, the Commission adopted a legislative proposal to amend the Benchmarks Regulation with regard to the exemption of certain third-country foreign exchange benchmarks, and the designation of replacement benchmarks for certain benchmarks following their cessation. The aim of the proposed amendment is to ensure that the phasing out of key benchmarks does not cause major disruptions to the economy or harm the EU's financial stability.

The Commission consulted on the proposed amendment regulation between 11 August and 6 October 2020, and stated that the aim of the amendments is to create a framework that would allow a statutory replacement rate to be in place by the time a systemically important benchmark such as LIBOR is no longer in use. The new rules would:

  1. give the Commission the power to designate a statutory replacement rate to take the place of all references to a benchmark whose cessation would significantly disrupt the EU financial market; and
  2. ensure that EU benchmark users can, for the time being, continue to rely on third-country spot exchange rates to hedge exchange rate risks.

On 25 January 2021, the Council published the proposed regulation amending the Benchmarks Regulation in relation to the exemption of certain third-country foreign exchange benchmarks and the designation of replacements for certain benchmarks in cessation. The proposed regulation also delays the application of the rules on third-country benchmarks until 31 December 2023, with the possibility of an extension by the Commission afterwards. The proposed regulation is, at the time of writing, expected to be adopted by the Council and subsequently enter into force in its current form.

On 10 December 2019, the Low Carbon Benchmark Regulation42 entered into force. Most of the proposals under the Regulation have applied since 20 April 2020; however, certain additional obligations will only apply from 31 December 2022. The Low Carbon Benchmark Regulation forms part of the EU's action plan on sustainable finance. In light of the increasing number of investors pursuing low-carbon investment strategies and using low-carbon benchmarks to measure the performance of investment portfolios, the Low Carbon Benchmark Regulation aims to increase transparency and help prevent 'greenwashing' by introducing minimum standards for two new categories of green benchmarks:

  1. an EU climate transition benchmark, which is a benchmark where the underlying assets are selected, weighted or excluded in a way that the resulting benchmark portfolio is on a decarbonisation trajectory, and is constructed in accordance with the minimum standards laid down in secondary legislation; and
  2. an EU 'Paris-aligned' benchmark, which is a benchmark where the underlying assets are selected, weighted or excluded in a way that the resulting benchmark portfolio's carbon emissions are aligned with the objectives of the Paris Agreement on climate change signed in 2016, is constructed in accordance with the minimum standards laid down in secondary legislation, and the activities relating to its underlying assets do not significantly harm other environmental, social and governance objectives.

The Securitisation Regulation

In September 2015, the Commission published a legislative proposal for a regulation establishing a European framework for simple, transparent and standardised (STS) securitisations (the Securitisation Regulation), one of the building blocks of the Capital Markets Union action plan adopted by the Commission. In parallel, it published a proposal for a regulation amending the CRR on prudential requirements for credit institutions and investment firms (the CRR Amendment Regulation). Political agreement between the Parliament and the Council on these two regulations was achieved in May 2017.

The Securitisation Regulation introduces certain requirements in relation to securitisations, requiring defined institutional investors to conduct due diligence before investing in securitisation instruments and imposing risk retention, reporting and transparency requirements on originators, sponsors and original lenders. The Securitisation Regulation also sets out what constitutes an STS securitisation, and establishes a more risk-sensitive prudential framework in respect of such securitisations. The CRR Amendment Regulation amends the CRR to give STS securitisations more favourable capital treatment.

Adopted towards the end of 2017, both regulations are now in force and have applied since 1 January 2019.

CCP resolution framework

On 28 November 2016, the Commission published a legislative proposal for a regulation establishing a CCP recovery and resolution framework. The proposed rules aim to ensure that the critical functions of CCPs are preserved, while maintaining financial stability and helping to avoid the costs associated with the restructuring and resolution of failing CCPs falling on taxpayers. Setting out provisions comparable to those in the BRRD (see Section X), while using CCP-specific tools, key elements of the proposed rules are as follows:

  1. requirement for CCPs to draw up recovery plans, which would include measures to overcome any form of financial distress that would exceed their default management resources and other requirements under the EMIR;
  2. a requirement for resolution authorities to prepare resolution plans for how CCPs would be restructured, and their critical functions maintained, in the event of their failure;
  3. specific powers that are to be granted to CCP supervisors to intervene in the operations of CCPs where their viability is at risk, but before they reach the point of failure or where their actions may be detrimental to overall financial stability;
  4. a requirement to place a CCP in resolution when it is failing or likely to fail and no private sector alternative can avert failure, if its failure would jeopardise the public interest; and
  5. the establishment of resolution colleges for each CCP containing all the relevant authorities, including ESMA and the EBA.

The Regulation was published in the Official Journal of the EU on 22 January 2021 and entered into force on 11 February 2021. Its provisions will apply from 12 August 2022 to ensure that CCPs have adequate time to establish implementing measures and take all necessary steps for compliance purposes, with certain limited exceptions:

  1. certain provisions regarding recovery plans, including the obligation to submit a recovery plan, will apply from 12 February 2022 (as all CCPs are already required to have recovery plans); and
  2. the requirement to use dedicated own resources in recovery and the provisions to recompense clearing members for variation margin gains haircutting in recovery will apply from 12 February 2023 (because the appropriate technical regulatory standards must be published first).

Non-performing loans

Following the establishment of the Council's action plan to reduce stocks of non-performing loans (NPLs) in July 2017, thereby making progress on completing the banking union by accelerating risk reduction in the EU banking sector, in March 2018 the Commission proposed a package of actions to address the high stock of NPLs and prevent their possible future accumulation. These actions target four key areas:

  1. ensuring that banks set aside funds to cover the risks associated with loans issued in the future that may become non-performing. This is to be achieved via a proposal for a regulation amending the CRR that introduces common minimum coverage levels for newly originated loans that become non-performing. If a bank does not meet the applicable minimum, deductions from banks' capital would apply;
  2. encouraging the development of secondary markets where banks can sell their NPLs to credit servicers and investors by harmonising requirements and creating a single market for credit servicing and the transfer of bank loans to third parties across the EU;
  3. facilitating debt recovery, where banks and borrowers can agree in advance on an accelerated mechanism to recover the value from loans guaranteed with collateral (subject to specified safeguards); and
  4. assisting Member States that so wish in the restructuring of banks, by providing non-binding guidance – a blueprint – for establishing asset management companies or other measures dealing with NPLs.

In addition to this package, the Commission presented a proposal in November 2016 for a directive on restructuring, second chance and efficiency of insolvency. The directive43 entered into force on 16 July 2019 and must be implemented by Member States by 17 July 2021, subject to a one-year extension. The key features of this directive – in particular the availability of restructuring procedures enabling viable companies in financial difficulties to avoid insolvency, and measures to enhance the effectiveness of restructuring and insolvency proceedings – are intended to contribute to reducing NPLs and preventing their accumulation in the future.

On 16 November 2020, the Commission announced new initiatives to address the consequences of covid-19 in respect of NPLs and to prevent a build-up of NPLs on banks' balance sheets, including:

  1. mandating the EBA to review its NPL data templates based on a consultation with market participants, both on the buyer and seller side, in 2021;
  2. establishing a central data hub at the EU level, which will act as a data repository underpinning the NPL market;
  3. consulting, in the first half of 2021, on the potential review of Pillar 3 disclosure requirements under the CRR;
  4. by the third quarter of 2021, developing guidance for the sellers of NPLs, which would include recommendations on what constitutes a 'best execution' sales process for transactions on the secondary markets; and
  5. by early 2021, developing a suitable approach to reduce the risk weight on purchased defaulted assets to an appropriate level.

Further, on 26 November 2020, the BCBS published a technical amendment setting out prudent and risk-sensitive capital requirements for NPL securitisations. The amendment clarifies the definition of NPL securitisations and introduces certain rules in relation to risk-weighting of related exposures. It should be implemented no later than 1 January 2023.

Future legislative developments

A number of measures of importance to banking activities have recently been proposed by the Commission, including those briefly summarised below.

i The European deposit insurance scheme

In November 2015, the Commission adopted a legislative proposal for a regulation establishing a European deposit insurance scheme (EDIS). The proposal reflects the Commission's concern that national DGSs established under the amended DGSD44 (see Section XII) may be vulnerable to large local events, and forms one of the key components of the proposals for a European banking union. The Commission's proposals would only apply in Member States that are participants in the SSM.

Under the legislative proposals, the EDIS would provide insurance to participating DGSs from 2024, funding a participating DGS where it is required to contribute to a resolution or make a payout under the DGSD. This would be funded by risk-based contributions paid by banks to a deposit insurance fund, which the Commission envisages would be equivalent to 0.8 per cent of the covered deposits of all banks within the banking union by 2024.

On 11 October 2017, the Commission – noting that it had been two years since the presentation of the EDIS proposal, which remains on the table unchanged – proposed revisions to the operation of the EDIS regulation, with a view to ensuring agreement by the end of 2018. These revisions included introducing the EDIS in a more gradual manner, starting with a more limited reinsurance phase and moving gradually to co-insurance. Progress has since stalled and the Commission has not yet published a revised version of text of the EDIS regulation to reflect these changes.

ii Markets in crypto-assets

On 24 September 2020, the Commission adopted a legislative proposal for a regulation on markets in crypto-assets (the Crypto-assets Regulation) as part of its Digital Finance Strategy (DFS). The DFS is a package of measures designed to support digital finance and promote innovation and competition, while mitigating against the risks that may arise from it.

The proposed Crypto-assets Regulation aims to: create legal certainty by defining the regulatory treatment of crypto-assets not currently covered by existing financial services legislation; support innovation and promote the development of crypto-assets; ensure consumer and investor protection and promote market integrity; and ensure financial stability.

The proposed regulation will be considered by the Council and the Parliament, and if adopted, most of its provisions would apply in EU Member States 18 months after it has entered into force.

iii The Digital Operational Resilience Act

On 24 September 2020, as part of the DFS, the Commission also adopted a legislative proposal for a regulation on digital operational resilience (the Digital Operational Resilience Act (DORA)). DORA would cover a broad range of financial entities, including crypto-asset service providers and issuers, CCPs, trade repositories, credit rating agencies and insurance and reinsurance undertakings. The proposal will be considered by the Parliament and the Council. Most of DORA's provisions would apply directly in EU Member States after 12 months, and the rest after 36 months, of it coming into force.

EU regulatory bodies

In response to the de Larosière Report, the Commission announced a new financial services supervisory framework for the EU in May 2009. In November 2010, the Council and the Parliament adopted legislation creating, from 1 January 2011, two structures around which new European financial supervisory arrangements were established: the ESRB, which is concerned with macroprudential supervision, and the ESFS, which is focused on microprudential supervision.

This change in European regulatory architecture was made because of widespread dissatisfaction among politicians and regulators with the way the previous EU regulatory system, with its network of national regulators and the division of responsibilities for cross-border institutions between home and host authorities, failed to cope during the financial crisis of 2007 to 2009.

Targeted powers, including powers to overrule national regulators and, in limited cases, to intervene directly in the supervision of individual firms, were allocated to the new EU authorities.

In the case of macroprudential supervision, the changes primarily addressed the significant gap in those arrangements that arose from the fact that systemic supervision at an EU level was not within the remit of national regulators.

i The ESFS

Three ESAs were established, which are independent EU bodies with full legal personality: the EBA, ESMA and the EIOPA. The former committees (CEBS, CESR and CEIOPS) were replaced, and effectively merged into the ESAs. The ESA of most importance to the banking sector is the EBA.

The regulations that created the ESAs (the ESA Regulations)45 are supported by the Omnibus I Directive,46 which amended financial services legislation (other than Solvency II).47 Together, these pieces of legislation give the ESAs significant powers, including the power to make decisions that bind national regulators and, in certain circumstances (particularly in an emergency), even circumvent national regulators in the supervision of significant financial institutions. ESMA also has direct responsibility for the regulation of credit rating agencies.

The powers of the ESAs may be summarised as follows:

  1. to develop binding technical standards in connection with specific areas of existing directives;
  2. to ensure the consistent application of EU rules by national regulators, including requesting the Commission to make decisions binding on national regulators;
  3. in cases designated by the Council as emergency situations, to make decisions that bind national regulators, or to intervene directly in the supervision of financial institutions in limited cases. In these circumstances, the ESAs also have the power to require national regulators to take necessary action in accordance with EU law where developments threaten the orderly functioning and integrity of financial markets or the stability of the whole, or part, of the financial system of the EU;
  4. to arbitrate disagreements between national regulators, including making decisions that bind regulators to end disagreements, and to address decisions to financial institutions if a national regulator does not comply with a decision made by ESMA in respect of requirements directly applicable to the institutions (i.e., under EU regulations); and
  5. the EBA may temporarily prohibit or restrict certain financial activities that threaten the orderly functioning and integrity of financial markets or the stability of the whole, or part, of the financial system in cases specified, and under the conditions laid down, in EU legislation or, if so required, in emergency situations as provided for in the regulations.

The last two powers are subject to the important proviso that no decision adopted in their exercise should 'impinge in any way on the fiscal responsibilities of Member States'.

Technical standards

The ESAs' powers to set technical standards are intentionally limited. Only those issues identified in the relevant EU legislation may be subject to technical standards. Selection of the issues to which technical standards may relate is based on the following high-level principles:

  1. the issues must be genuinely technical, where the development of standards is best left to supervisory experts. They are not areas that involve strategic or policy decisions, although distinguishing between technical and policy matters may be difficult;
  2. issues where a common approach or predictability would be of benefit to all concerned are candidates for technical standards; and
  3. the areas selected should be ones where detailed technical rules promote financial stability, consumer protection, and market efficiency and integrity.

The ESAs do not themselves have the power to set binding technical standards; the Commission must enact the standards, usually in the form of a decision or a directly applicable EU regulation, for them to be binding. The Commission can refuse to endorse technical standards submitted by an ESA, or to endorse them only in part. In addition, both the Council and the Parliament have the right to object to technical standards, in which case those standards will not enter into force or will only enter into force with amendments.

Before proposing technical standards to the Commission, the EBA is generally required to hold a public consultation and to obtain the opinion of the Banking Stakeholder Group. This is a group of 30 members, representing credit and investment institutions operating in the EU, their employees' representatives, as well as consumers, users of banking services, top-ranking academics and representatives of small and medium-sized enterprises.

Consistent application of rules

This power enables an ESA to investigate breaches or non-application of EU law and, in certain limited circumstances, to direct decisions to financial institutions. Use of this power, and in particular the ability to make binding decisions, is triggered if:

[A] competent authority has not applied the [provisions of the relevant EU legislation], or has applied them in a way which appears to be a breach of Union law, including the regulatory technical standards and implementing technical standards . . ., in particular by failing to ensure that a [financial institution or financial market participant] satisfies the requirements laid down in those acts.48

This is clearly aimed at a national regulator's failures in the prudential supervision of a financial institution.

The power would be exercised as follows:

  1. an ESA may investigate the alleged incorrect application of EU law. This investigation may be undertaken at the ESA's own initiative or at the request of the Commission, the Council, the relevant stakeholder group (which in the case of the EBA is the Banking Stakeholder Group), or one or more national regulators;
  2. within two months of commencing an investigation, the ESA may give the national regulator a formal recommendation as to how it should comply with EU law. The national regulator then has only 10 working days to respond with assurances as to the steps that it has taken or intends to take;
  3. if the national regulator has not complied with EU law within one month of the recommendation, the ESA will inform the Commission of this fact. The Commission may then issue a formal opinion, requiring it to take the necessary action to comply with EU law; and
  4. the national regulator then has 10 working days to inform the Commission and the relevant ESA of the steps it has taken or intends to take to comply with that opinion.

As is the case with the development of new technical standards, the Commission has the final say. The Commission must issue its opinion no later than three months after the adoption of an ESA's recommendation, with an option for the Commission to extend this period by one month. The Commission's power to issue an opinion may be exercised on its own initiative or at the request of an ESA.

There are circumstances in which an ESA may take its own action without the involvement of the Commission. If the relevant requirement of EU legislation that is the subject of a Commission formal opinion is directly applicable to financial institutions (i.e., it is contained in an EU regulation), then the ESA may adopt an individual decision addressed to a particular financial institution requiring it to take the necessary action to comply with EU law, but only where the national regulator has not complied with the formal opinion within the time specified. This power is exercisable where, in the ESA's opinion, it is necessary to remedy non-compliance in a timely manner to maintain or restore neutral conditions of competition in the market or to ensure the orderly functioning and integrity of the financial system.

Action in emergency situations

The ESAs' powers here are triggered by the Council adopting a decision determining the existence of an emergency situation. The Council is required to consult the Commission and the ESRB and, where appropriate, the ESAs. An emergency situation is defined as one where there are 'adverse developments which may seriously jeopardise the orderly functioning and integrity of financial markets or the stability of the whole or part of the financial system in the Union'.

Where the Council has adopted such a decision, the ESA may, where coordinated action is necessary, adopt individual decisions requiring national regulators to take action in accordance with EU law that are needed to address adverse developments in the markets or the stability of the wider financial system by ensuring that financial institutions and national regulators satisfy the requirements laid down in that legislation. The ESA can enforce a decision if the national regulator does not comply where urgent action is required.

In these circumstances, an ESA may temporarily prohibit or restrict certain financial activities if those financial activities threaten the orderly functioning and integrity of financial markets, or the financial stability of the whole or part of the financial system in the EU. An ESA must review these decisions at least every three months, and the decision automatically expires after three months if it is not renewed. The ESA must also reconsider its decision if requested to do so by a Member State. Where the ESA considers that a permanent restriction or prohibition on a particular financial activity is required, it can inform the Commission, which will consider facilitating the action. An ESA is not permitted to take such actions where it would impinge in any way on the fiscal responsibilities of Member States (e.g., by requiring the financial rescue of an institution).

In light of the coronavirus pandemic, the ESAs published their first joint risk assessment report of the financial sector on 22 September 2020. The report highlights the economic and market uncertainty caused by the pandemic and the need to implement policy actions, which include:

  1. monitoring risks and performing stress testing as the pandemic has led to increased risks to valuation, liquidity, credit and solvency across the financial sector;
  2. encouraging banks to make use of the flexibility in the existing regulatory framework, including the use of capital and liquidity buffers, to absorb losses when and where needed;
  3. using capital relief to support continued lending in the real economy; and
  4. supervising digital transformation to mitigate against security risks, including when outsourcing digital activities.

Settlement of disagreements

These powers arise where a national regulator is in disagreement with another national regulator concerning the application of EU legislation. Following a request by one or more of the national regulators concerned, an ESA may attempt to assist the national regulators to reach an agreement. In addition, where disagreement between the national regulators can be determined on the basis of objective criteria the ESA may, on its own initiative, assist national regulators to reach agreement.

In that case:

  1. where, despite such assistance, no agreement is reached, the ESA may make a binding decision requiring one or more of the national regulators to take action to comply with EU law; and
  2. where a national regulator fails to comply with an ESA's decision and thereby fails to ensure that a financial institution complies with directly applicable requirements of EU law, the ESA may make a further decision addressed to the relevant financial institution requiring it to take any necessary action to comply.

These powers are also subject to the safeguard that no decision may impinge on the fiscal responsibilities of any Member State.

ii The ESRB

The establishment of the ESRB addressed a structural flaw exposed by the financial crisis of 2007 to 2009, namely that, at an EU level, responsibility for macroprudential analysis was fragmented between various authorities. As a result, the decision-making was conducted at different levels with no mechanism to ensure that macroprudential risks were adequately identified, and warnings and recommendations issued clearly, followed up and translated into action.

Unlike the ESAs, the ESRB is a pan-sectoral body, which covers the banking, investment services and insurance sectors.

The responsibility of the ESRB is to provide macroprudential oversight of the financial system within the EU to prevent or mitigate systemic risks within the financial system. The ESRB's main functions are the collection and exchange of information, the identification and prioritisation of systemic risks, and the issuance of warnings and recommendations.


The information function is directed primarily at the provision by the ESRB of information on systemic risks to the relevant ESAs. In return, the ESAs, with national central banks and Member States themselves, are required to cooperate with the ESRB and provide it with information necessary for the fulfilment of its systemic monitoring objective.

Where deemed systemically relevant, the ESRB may address a reasoned request to an ESA to provide data about particular institutions.

Warnings and recommendations

If the ESRB identifies significant systemic risks, it must issue a warning and, if appropriate, recommendations. Warnings or recommendations may be either general or specific, and may be addressed to the Union as a whole, one or more Member States, one or more of the ESAs, one or more national regulators, or (in respect of relevant EU legislation) the Commission. Levels of risk are differentiated by a colour-coded system to enable correct prioritisation. A Member State, an ESA or a national regulator in receipt of a recommendation from the ESRB must respond by setting out either the actions undertaken to implement the recommendation or the reasons for not following the recommendation.

The only tool available to the ESRB to deal with a refusal by the recipient of a recommendation to act on it is to inform the Council or, where relevant, the ESA or ESAs concerned. Those bodies may then take action. It will be at the discretion of the ESRB whether to make a warning or recommendation public. If it decides to do so, it must inform the Council and the addressee in advance.

iii Reform

On 20 September 2017, the Commission published a communication and adopted a package of measures to strengthen the European system of financial supervision, comprising the ESRB and the ESAs. These proposals followed a consultation on the future of the ESAs inaugurated in March 2017, as well as reflecting the Commission's August 2014 review of the ESFS, and comprise an Omnibus Regulation and an Omnibus Directive, which make amendments to various other regulations and directives (including the ESA Regulations). The Commission proposed:

  1. stronger coordination of supervision across the EU, whereby the ESAs are to set EU-wide supervisory priorities. They will also monitor authorities' practices in allowing banks, fund managers and investment firms to delegate and outsource business functions to non-EU countries. The measures confer a stronger role on the EIOPA in promoting convergence in the validation of the internal models that some large insurance companies use to calculate solvency capital requirements. They also ensure that the functioning of the ESRB is made more efficient;
  2. the extension of direct supervision by ESMA to selected capital market sectors. The Commission proposed that ESMA would have direct supervisory powers over critical benchmarks and data reporting services, and a greater coordinating role over market abuse regulation. It would also supervise certain prospectuses and be responsible for direct supervision of European venture capital funds, European social entrepreneurship funds and European long-term investment funds. The measures also extend its product intervention powers to fund managers. The Commission did not propose to change the responsibilities of national authorities to supervise other areas, such as central depositories, money market funds, trading venues, undertakings for collective investment in transferable securities and alternative investment funds;
  3. improved governance and funding of the ESAs. New executive boards will prepare the ESAs' work programmes and have decision-making powers. There will also be a new funding system to ensure that the resources of the ESAs are commensurate with their tasks, with a greater contribution by industry and market participants; and
  4. the promotion of sustainable finance and fintech by ESAs.

On 12 September 2018, the Commission published a revised proposal containing additional measures seeking to concentrate anti-money laundering powers in relation to the financial sector within the EBA, and to strengthen its mandate to ensure that risks of money laundering are effectively and consistently supervised by all relevant authorities, and that the relevant authorities cooperate and share information. Among other changes, it proposed that the EBA should be able to request national anti-money laundering supervisors to investigate potential material breaches, and to request them to consider targeted actions such as sanctions.

The revised Omnibus Regulation49 and Omnibus Directive50 were adopted on 18 December 2019 and came into force on 30 December 2019. The amendments took effect on 1 January 2020. The Omnibus Regulation extended the EBA's powers in respect of money laundering as described above, while the Omnibus Directive amended the fourth Money Laundering Directive, Solvency II and MiFID II to grant new powers to the EIOPA, the EBA and ESMA. Member States have until 30 June 2021 to transpose and implement these new provisions. ESMA's new direct powers in relation to critical benchmarks and data provision services will take effect from 1 January 2022.


1 Jan Putnis is a partner, and Ben Goldstein and David Kasal are associates, at Slaughter and May.

2 The European Union (Future Relationship) Act 2020.

3 The Council Decision (EU) 2020/2252 of 29 December 2020 applies the TCA provisionally in the EU pending formal ratification, which requires the consent of the European Parliament.

4 Report following the High Level Group on Financial Supervision in the EU, chaired by Jacques de Larosière, Brussels, 25 February 2009.

5 Directive 2013/36/EU, amending Directive 2002/87/EC and repealing Directives 2006/48/EC and 2006/49/EC.

6 Regulation (EU) No. 575/2013, amending Regulation (EU) No. 648/2012.

7 The legislation provides that a lead regulator, agreed or determined from among the national regulators of members of the group in the EEA, carries out certain coordinating activities. In addition, the scope of consolidated supervision may, in principle, extend worldwide in certain circumstances, but in practice it is usually confined to an EEA-incorporated parent undertaking and its subsidiary undertakings and participations.

8 A participation includes, broadly, a direct or indirect holding of 20 per cent or more of the voting rights or share capital in another undertaking. Participations are consolidated on a proportionate basis.

9 Regulation (EU) No. 2019/876, amending Regulation (EU) No 575/2013, and Regulation (EU) No. 648/2012.

10 Directive (EU) 2019/878, amending Directive 2013/36/EU.

11 COM(2016) 850.

12 Directive 2007/64/EC.

13 Directive (EU) 2015/2366.

14 Regulation (EU) No. 2015/751.

15 Regulation (EC) No. 924/2009.

16 Directive 2007/44/EC.

17 Directive 2014/65/EU; see Section VII.

18 Directive 2009/138/EC.

19 See Section III.

20 Directive 2002/87/EC (as amended).

21 Not all national regulators have exercised this discretion.

22 Directive 2004/39/EC (as amended). This Directive was supplemented by implementing measures in the form of an EU regulation (Commission Regulation (EC) No. 1287/2006/EC) and a further directive (Commission Directive 2006/73/EC).

23 Council Directive 93/22/EEC.

24 Directive 2014/65/EU.

25 Regulation (EU) No. 600/2014.

26 Regulation (EU) 2019/834, amending Regulation (EU) No. 648/2012.

27 Regulation (EU) 2019/2099, amending Regulation (EU) No. 648/2012.

28 Commission Delegated Regulation (EU) No. 826/2012.

29 Commission Implementing Regulation (EU) No. 827/2012.

30 Commission Delegated Regulation (EU) No. 918/2012.

31 Commission Delegated Regulation (EU) No. 919/2012.

32 ESMA20-95-933 dated 26 September 2018.

33 Directive 94/19/EC.

34 Directive 2009/14/EC.

35 Directive 93/13/EEC.

36 Directive 2011/83/EEC.

37 Directive (EU) 2019/2161.

38 Regulation (EU) 2015/2365.

39 Directive 2003/6/EC.

40 Regulation (EU) No. 596/2014.

41 Directive 2014/57/EU.

42 Regulation (EU) 2019/2089.

43 Directive (EU) 2019/1023.

44 Directive 2014/49/EU.

45 The EBA was created by Regulation (EU) No. 1093/2010, ESMA by Regulation (EU) No. 1095/2010 and the EIOPA by Regulation (EU) No. 1094/2010. Together these are referred to as the ESA Regulations.

46 Directive 2010/78/EU.

47 Solvency II has been amended by the Omnibus II Directive 2014/51/EU, which came into force on 23 May 2014. The Solvency II regime came into force on 1 January 2016.

48 EU Regulations Nos. 1093/2010, 1094/2010 and 1095/2010.

49 Regulation (EU) 2019/2175.

50 Directive (EU) 2019/2177.

Get unlimited access to all The Law Reviews content