EBA´s New Role in Anti-money Laundering and Countering the Financing of Terrorism

At the turn of the year, there have been some new developments in anti-money laundering (AML) law at both German and EU level. Part 1 of our series dealt with the changes at German law resulting from the implementation of the Fifth EU Anti-Money Laundering Directive. Part 2 sheds some light on the European Banking Authority’s (EBA) new leading role in anti-money laundering and countering the financing of terrorism (CFT).

What is changing in the approach to AML/CFT?

In 2019, the EU legislator gave EBA a legal mandate to preventing the use of the financial system for the purposes of money laundering and terrorist financing and to leading, coordinating and monitoring the AML/CFT efforts of all EU financial service providers and competent authorities. The law implementing EBA´s new powers came into effect on 1 January 2020.

However, assigning EBA a leading role in AML/CFT will not change the EU´s general approach to AML/CFT, which remains based on a minimum harmonisation directive and an associated strong focus on national law and direct supervision of financial institutions by national competent authorities. This reduces the influence and the degree of convergence and consistency EBA´s work can achieve from the outset.

To the extent legally possible, EBA will use its new role to

  • lead the establishment of AML/CTF policy and support its effective implementation by competent authorities and financial institutions;
  • coordinate AML/CFT measures by fostering effective cooperation and information exchange between all relevant authorities;
  • monitor the implementation of EU AML/CFT standards to identify vulnerabilities in competent authorities´ approaches to AML/CFT supervision and to mitigate them before money laundering and financing of terrorism risks materialise.

How will EBA lead on AML/CFT?

To fulfill its new leading role, EBA will focus on two key point: developing an EU-wide AML/CFT policy and ensuring a consistent supervision by national competent authorities. EBA intends to develop such EU-wide AML/CFT policy through standards, guidelines or opinions where this is provided for in EU law as well as on its own initiative where it identifies, for example, gaps in competent authorities´ supervision. In 2020, EBA will be setting clear expectations on the components of an effective risk-based approach with targeted revisions to the core AML/CFT guidelines: the Risk Factors Guidelines and the Risk-Based Supervision Guidelines.

EBA intends to foster a consistent supervision by national competent authorities by assisting them through training, bilateral support and detailed bilateral feedback on their approach to the AML/CFT supervision of banks.

What will EBA do to coordinate?

To coordinate the European work against money laundering and terrorism financing, EBA will focus to coordinate national competent authorities´ AML/CFT supervision by fostering effective cooperation and information exchange. To achieve its goal, the EBA will set up a permanent internal AML/CFT standing committee (AMLSC). The AMLSC will bring together, inter alia, representatives of all AML/CFT competent authorities from Member States, along with representatives from ESMA and EIOPA, the Commission and the European Central Bank. Its main task will be to provide subject matter expertise. It will also serve as a forum to facilitate information exchange and ensure effective coordination and cooperation to achieve consistent outcomes in the EU’s work against money laundering and terrorism financing. The AMLSC has met for the first time in February 2020.

In addition to the AMLSC, EBA will create a new AML/CFT database. This database will not only contain information on AML/CFT weaknesses in individual financial institutions and measures taken by competent authorities to correct those shortcomings, but EBA will use it to meet wider AML/CFT information and data need to supports its objectives on AML/CFT work. EBA will draft two regulatory technical standards  that will specify the core information that competent authorities must submit to the date base and how EBA will analyse the obtained information and make it available to competent authorities.

What will EBA do to monitor?

One main tool for EBA to monitor the implementation of EU AML/CFT standards will be using information from the new database and to ask national competent authorities to take action if EBA has the indication that a financial institution´s approach to AML/CFT materially breaches EU law. EBA envisages to use this new tool proactively to ensure that AML/CFT risks are addressed by competent authorities and financial institutions in a timely and effective manner. This approach aims to rectify shortcomings at the level of financial institutions; they do not, however, serve to establish whether or not a competent authority may be in breach of Union law.

The difference EBA´s new role will make

As the national implementation of the Fifth European AML Directive and the EBA´s new leading role show, effective AML/CFT measures remain in the focus of the EU legislator, not least due to political developments (terrorist attacks in France, “Panama Papers” etc.). Market participants should prepare themselves for stricter audits by their competent national authorities on AML/CFT compliance. For example, the German Federal Financial Supervisory Authority (Bundesanstalt für Finanzdienstleistungsaufsicht – BaFin) has announced AML/CFT as one of its focuses of its supervisory practice for 2020. By assigning a leadership role to EBA, European efforts to prevent money laundering will in future be better coordinated, bundled and consistently implemented throughout the European financial market and therefore, hopefully, be more effective. However, we need to keep in mind that BaFin and subsequently also EBA are only part of the European and national AML regime. In Germany, for example, the FIU has a leading role in AML activities. An overview of the authorities involved can be found here.

Brexit Update: What Happened So Far

The last year of the old decade brought so many twists and turns on the subject of Brexit that one could easily lose track. Hence, our first blogpost of the new decade will shed some light on the current Brexit situation and the next steps currently planned by British and European politicians. As always, we will focus in particular on the effects on the financial market.

Current Situation: What Will Happen Now?

Since the British Parliament approved Johnson´s Brexit deal in December 2019, the UK will leave on 31 January 2020. An 11-month transition phase will then come into force: the UK will remain in the EU single market and the customs union until the end of 2020. During this period everything will remain mostly the same for the time being.

During the transition period, the EU and the UK will have to reorganise their relations with each other, with future economic relations as well as security and defence cooperation being key issues. First of all, a comprehensive Free Trade Agreement is to be concluded, which can above all prevent customs duties at the borders. But other economic areas, such as the financial market in particular, must also be regulated, either as part of the Free Trade Agreement (which would be unusual from a legal perspective) or through a separate agreement.

11 months are a short time and one may have doubts as to whether this time will be sufficient. The European Commission is already considering equivalence assessments for the financial market. However, there will be not ONE equivalent decision (see here) for an earlier analysis of the equivalence principle of the EU). There are currently around 40 equivalence areas which need to be assessed in each case. Most equivalence decisions provide for prudential benefits, some provide for burden reduction and some can lead to market access. There will also have to be close cooperation between the UK and EU financial supervisory authorities. During the assessment process the EU will look at UK legislation and supervision and will take a risk-based approach – as for all other third countries. This means that the higher the possible impact on the EU market, the more granular will the assessment be conducted. In case the UK will stick with the current EU regulation, this will be an easier task. But as soon as the UK will break new ground to make the UK financial market more attractive the impact on the equivalent status will need to be considered.

It can be assumed that the German Federal Financial Supervisory Authority (Bundesanstalt für Finanzdiensteistungsaufsicht – BaFin) and the other European financial supervisory authorities will monitor the negotiations regarding a financial market agreement very closely during the transition phase and will adapt and communicate their intentions for action accordingly.

To Be Continued

Although a hard Brexit has been avoided, there will still be uncertainties about future relations between the EU and the UK. Financial market participants should follow the negotiations between the EU and the UK closely and not rely on the fact that a financial market agreement can be concluded successfully in the short transition period.

ESMA updated AIFMD and UCITS Q&As

On June 4, 2019 ESMA published updates questions and answers on the application of the AIFM Directive (available here) and the UCITs Directive (available here). ESMA’s intention of publishing und regularly updating the Q&A documents ensures common supervisory approaches and practices in relation to both the AIFM Directive and the UCITS Directive and their implementing measures.

The latest update refers to the depositories and the possibilities to delegate the safekeeping of assets of the funds. ESMA clarifies that supporting tasks that are linked to depositary tasks such as administrative or technical functions performed as part of the depositary tasks could be entrusted to third parties where all of the following conditions are met:

  1. the execution of the tasks does not involve any discretionary judgement or interpretation by the third party in relation to the depositary functions;
  2. the execution of the tasks does not require specific expertise in regard to the depositary function; and
  3. the tasks are standardised and pre-defined.

Where depositaries entrust tasks to third parties and give them the ability to transfer assets belonging to AIFs or UCITS without requiring the intervention of the depositary, these arrangements are subject to the delegation requirements, in Germany subject to Para. 36 KAGB.

Another question relates to the supervision of branches of depositories. The AIFM Directive, the UCITS Directive, the CRD and the MiFID II do not grant any passporting rights for depositary activities in relation to safekeeping assets for AIFs or UCITS. Branches of depositories located in the home Member State of the AIF or UCITS that is not the home Member State of the depositary’s head office may also be subject to local authorisation in order to perform depositaries activities in relation to AIFs or UCITS. In this case, the competent authority for supervising the activities in relation to AIFs or UCITS is the one located in the Member State of the depository’s branch.

The guidance provided by ESMA in the Q&A documents for AIFs and UCITS regarding the depository function do not contain any surprising elements but further strengthen the harmonized interpretation and application of the AIFM and UCITS Directives in Europe.

Benchmarks Regulation: Updated ESMA Q&A bring more clarity about input data used for regulated-data benchmarks

To provide benchmarks, administrators rely on input data from contributors. If the contributors are regulated, the benchmarks created with their data qualify as regulated-data benchmarks. The updated Question and Answers (Q&A) of January 30, 2019 from the European Securities and Markets authority (ESMA) provide, inter alia, answers to three questions regarding input data used for regulated-data benchmarks which have been raised frequently in the market (Q&A available here). This blogpost will present these questions as well as ESMA´s answers. Beforehand, it gives a short overview of the Benchmarks Regulation´s regulatory background and explains what input data means.

Regulatory background of the Benchmarks Regulation

Regulation (EU) 2016/1011 concerning indices used as a reference value or as a measure of the performance of an investment fund for financial instruments and financial contracts (Benchmarks Regulation – BMR) sets out the regulatory requirements for administrators, contributors and users of an index as a reference value for a financial product with respect to both the production and use of the indices and the data transmitted in relation thereto. It is the EU’s response to the manipulation of LIBOR and EURIBOR. The BMR aims to ensure that indices produced in the EU and used as a reference value cannot be subject to such manipulation again. In previous blogposts on the BMR, we have already dealt with the requirements for contingency plans and non-significant benchmarks (ESMA publishes Final Report on Guidelines on non-significant benchmarks- Part 1 and Part 2.)

Input data

For a benchmark to be created, the administrator, i.e. the person/entity who has control over the provision of the reference value, relies on data he receives from contributors. These data used by an administrator to determine a benchmark in relation to the value of one ore more underlying asset or prices qualify as input data under the BMR.

With this in mind, what are the market-relevant questions regarding input data that are answered in the updated Q&A by ESMA? 

  • Can a benchmark qualify as a regulated-data benchmark if a third party is involved in the process of obtaining the data?

Under the rules of the BMR, a benchmark only qualifies as a regulated-data benchmark if the input data is entirely and directly submitted by contributors who are themselves regulated (e.g. trading venues). Since the input data come exclusively from entities that are themselves subject to regulation, the BMR sets fewer requirements for the provision of benchmarks from regulated data than for other benchmarks. This precludes, in principle, the involvement of any third party in the data collection process. The data should be sourced entirely and directly from regulated entities without the involvement of third parties, even if these third parties function as a pass-through and do not modify the raw data.

However, if an administrator obtains regulated data through a third party service provider (such as data vendor) and has in place arrangements with such service provider that meet the outsourcing requirements of the BMR, the administrator´s benchmark still qualifies as regulated-data benchmark. The third party being subject to the BMR´s outsourcing requirements ensures a quality of the input data contributed by this third party comparable to the quality of the input data contributed by a regulated entity.

  • Can NAV of investment funds qualify as benchmark?

The net asset value (NAV) of an investment fund is its value per share or unit on a given date or a given time. It is calculated by subtracting the fund´s liabilities from its assets, the result of which is divided by the number of units to arrive at the per share value. It is most widely used determinant of the fund´s market value and very often it is published on any trading day.

But, according to the BMR stipulations, the NAVs of investment funds are data that, if used solely or in conjunction with regulated data as a basis to calculate a benchmark, qualify the resulting benchmark as a regulated-data benchmark. The BMR therefore treats NAVs as a form of input data that is regulated and, consequently, should not be qualified as indices.

  • Can the methodology of a benchmark include factors that are not input data?

The methodology of a benchmark can include factors that are not input data. These factors should not measure the underlying market or economic reality that the benchmark intends to measure, but should instead be elements that improve the reliability and representativeness of the benchmark. This should be, according to ESMA, considered as the essential distinction between the factors embedded in the methodology and input data.

For instance, the methodology of an equity benchmark may include, together with the values of the underlying shares, a number of other elements, such as the free-float quotas, dividends, volatility of the underlying shares etc. These factors are included in the methodology to adjust the formula in order to get a more precise quantification of the equity market that the benchmark intends to measure, but they do net represent the price of the shares part of the equity benchmark.


The updated ESMA Q&A provide more clarity for market participants on the understanding of input data and its use for regulated-data benchmarks. ESMA´s input will facilitate dealing with the regulatory requirements of the BMR, at least with regard to input data.

ESAs publish joint report on regulatory sandboxes and innovation hubs – Part 2

On January 7th 2019 the European Supervisory Authorities (ESAs) (consisting of ESMA, EBA and EIOPA) published as part of the European Commission’s FinTech Action Plan a joint report on innovation facilitators (i.e. regulatory sandboxes and innovation hubs). The report sets out a comparative analysis of the innovation facilitators established to date within the EU including the presentation of best practices for the design and operation of innovation facilitators.

We take the report as an occasion to present both innovation hubs and regulatory sandboxes in a two-part article. After we highlighted innovation hubs in Part 1, Part 2 will shed some light on regulatory sandboxes.

Regulatory sandboxes – What they are and what their goals are

The EU Commission´s FinTech Action plan provides for regulatory sandboxes to create an environment in which supervision is specifically tailored to innovative firms or services. ESMA’s joint report follows on from the FinTech Action plan and investigates the previous equipment and experience with regulatory sandboxes.

In detail, a regulatory sandbox provides a scheme to enable regulated and unregulated entities to test, pursuant to a specific testing plan agreed and monitored by the competent authority, innovative financial products, financial services or business models under real regulatory conditions before they bring the products to market.

The aim of a regulatory sandbox is to provide a monitored space in which competent authorities and firms can better understand the opportunities and risks presented by innovations and their regulatory treatment through a testing phase. Also, firms can assess the viability of innovative positions, in particular in terms of their application of and their compliance with regulatory and supervisory requirements. However, regulatory sandboxes do not entail the disapplication of regulatory requirements that must be applied as a result of EU law. On the contrary, the baseline assumption for regulatory sandboxes is that firms are required to comply with all relevant regulatory requirements applicable on the activity they are undertaking. The main goal of the regulatory sandboxes, as with the innovation hubs, is therefore to enhance the firms’ understanding of the relevant regulatory issues and, on the other hand, to enhance the competent authorities’ understanding of innovative financial products.

Where they exist and who can participate

At the date of the ESA report, five competent authorities reported operational regulatory sandboxes: Denmark, Lithuania, Netherlands, Poland and UK. The sandboxes are open to incumbent institutions, new entrants and other firms. Moreover, the sandboxes are not limited to a certain part of the financial sector, rather they are cross-sectored (e.g. banking, investment services, payment services and insurances).

How does a regulatory sandbox work exactly?

Typically, regulatory sandboxes involve several phases which can be described as (i) an application phase, (ii) a preparation phase, (iii) a testing phase and (iv) an exit or evaluation phase.

Regulatory Sandbox

In the following, we briefly describe the steps taken in each phases either by the firm or by the competent authority.

Application phase

Firms interested in participating on a regulatory sandbox must submit an application by the competent authority. The applications received are judged by the competent authority against set, transparent, publicly available criteria. These criteria are, e.g. (i) the scope of the propositions, i.e. does the firm’s business model to be tested in the regulatory sandbox involve regulated financial services, (ii) the innovativeness of the firm’s proposition and (iii) the readiness of the firm to test its proposition. Whether the company is ready for a regulatory test phase in the sandbox is judged on the basis whether or not the firm has, e.g., developed a business plan or has obtained the appropriate software license.

Preparation phase

During the preparation phase, the competent authorities work with the firms deemed to be eligible to participate in the regulatory sandboxes to determine:

  • whether or not the proposition to be tested involves a regulated activity. If this is the case and the firm does not already hold the appropriate license, the firm will be required to seek the appropriate license in order to progress to the testing phase,
  • if any operational requirements need to be put in place to support the test (e.g. systems and controls, reporting),
  • the parameters for the test (such as number of clients, restrictions on serving specific clients, restrictions on disclosure),
  • the plan for the engagement between the firm and the competent authority during the testing phase.

Testing phase

The testing phase allows sufficient opportunity for the proposition to be fully tested and for the opportunities and risks to be explored. Throughout the testing phase, the firm is expected to communicate with the competent authority through a direct on-site presence, meetings, regulator calls or pre-agreed written reports. According the ESAs report, the supervision during the testing phase in a regulatory sandbox is experienced as a more intense supervision by the competent authority than the usual supervisory engagement outside the sandbox.

From the perspective of the competent authority, the value of the testing phase in the regulatory sandbox can be found in the opportunity to understand the application of the regulatory framework with regard to the innovative proposition and in the opportunity to built in appropriate safeguards for innovative propositions, for example with regard to consumer protection considerations. On the other hand, the value for the firms can be found in gaining better appreciation of the application of the regulatory scheme and supervisory expectations regarding the innovative propositions.

Evaluation phase

In the evaluation phase, the firm either submits to the authority a final report so that an assessment of the test can be carried out, or the competent authority will evaluate the success of the test by drawing on input provided by the firm. It should be noted that the test can be considered a success in many ways. Thus, not only the result that the product can be successfully established on the market under the tested regulatory conditions can be regarded as a success, but also the recognition that it is not possible for a proposition to be viably applied at the markets in the light of the existing regulatory and supervisory obligations.

Why is there no regulatory sandbox in Germany?

Unlike in Denmark, Lithuania, the Netherlands, Poland and the UK, the German Federal Financial Supervisory Authority (Bundesanstalt für FinanzdienstleistungsaufsichtBaFin) has not set up a regulatory sandbox in Germany. In the past, BaFin promoted the view that each market participant needs to observe all regulatory requirements. One of the reasons behind that was and is the customer protection and equal treatment of companies. BaFin cites the fact that the sandbox model promotes conflicts of interest as the main reason for this:[1] after all, how would a supervisor behave if a FinTech, which BaFin had previously taken care of in its sandbox, did not treat his customers the way it should?[2]


Regulatory sandboxes offer interested companies a good opportunity to test the products they develop under real regulatory conditions and in a supervisory environment specially tailored to innovative companies and therefore to better understand all (regulatory) possibilities and risks on the innovative product. It should be emphasized though that regulatory sandboxes do not apply a supervision light; rather all regulatory requirements must be fulfilled, especially with regard to a required authorisation. However, precise testing under real regulatory conditions and close monitoring by the supervisory authority can provide companies with important insights into their innovative products.

[1] New Year’s press reception of BaFin 2016, Speech by Felix Hufeld, President of BaFin, in Frankfurt am Main on 12 January 2016, available at https://www.bafin.de/SharedDocs/Veroeffentlichungen/DE/Reden/re_160112_neujahrspresseempfang_p.html (accessed on 22 January 2019).

[2] New Year’s press reception of BaFin 2016, Speech by Felix Hufeld, President of BaFin, in Frankfurt am Main on 12 January 2016, available at https://www.bafin.de/SharedDocs/Veroeffentlichungen/DE/Reden/re_160112_neujahrspresseempfang_p.html (accessed on 22 January 2019).

ESAs publish joint report on regulatory sandboxes and innovation hubs – Part 1: Innovation hubs available for enquiries

On January 7th 2019, the European Supervisory Authorities (ESAs) (consisting of the European Securities and Markets Authority, the European Banking Authority and the European Insurance and Occupational Pension Authority) published as part of the European´s Commission FinTech Action Plan e a joint report on innovation facilitators (i.e. regulatory sandboxes and innovation hubs) available here . The report sets out a comparative analysis of the innovation facilitators established to date within the EU including the presentation of best practices for the design and operation of innovation facilitators.

We take the report as an occasion to present both innovation hubs and regulatory sandboxes in a two-part article. In Part 1 we will discuss what exactly innovation hubs are, what goals they pursue and how they are structured in Germany. Part 2 will then deal with the regulatory sandboxes.

Innovation hubs – What they are and what their goals are

It is often difficult for companies to obtain binding statements on regulatory requirements when a business model is still developing. Innovation hubs create a formal framework that considerably simplifies the exchange between innovators and supervisors, thereby promoting market access.

Innovation hubs provide a dedicated point of contact for firms to raise enquiries with competent authorities on Fin Tech-related issues to seek non-binding guidance on the conformity of innovative financial products, financial services, business models or delivery mechanisms with licensing or registration requirements and regulatory and supervisory expectations. In general, the innovation hubs are available to companies as a user interface at the relevant national authority. In Germany, the innovation hub is located at the Federal Financial Supervisory Authority (Bundesanstalt für FinanzdienstleistungsaufsichtBaFin) and is available here. A total of twenty-one EU Member States have established innovation hubs.[1]

Innovation hubs have been set up to enhance firms´ understanding of the regulatory and supervisory expectations regarding innovative business models, products and services. To achieve this goal, firms are provided with a contact point for asking questions of, and initiate dialogue with, competent authorities regarding the application of regulatory and supervisory requirements to innovative business models, financial products, services and delivery mechanisms. For example, the innovation hubs provide firms with non-binding guidance on the conformity of their proposed business model with regulatory requirements; specifically, whether or not the proposition would include regulated activities for which authorisation is required.

Who can participate and how does an innovation hub work exactly?

In the following, we explain which companies can participate in the innovation hubs and describe how exactly the communication between the companies and the innovation hub takes place.


The innovation hubs are open to all firms, whether incumbents or new entrants, regulated or unregulated which adopt or consider to adopt innovative products, services, business models or delivery mechanisms.

Communication process between firms and competent authorities

The following ESA graph illustrates the communication process between the firms and the competent authority using the innovation hub. The individual phases of the communication process are explained below. [2]

Submission of enquiries via interface

In order to submit enquiries, all innovation hubs set up in the EU Member States offer interested companies user interfaces through which contact can be established with the respective supervisory authority. This can be done e.g. by telephone or electronically, but also via online meetings or websites. Some innovation hubs also offer the possibility of organising physical meetings. In Germany, BaFin provides an electronic contact form in which both the company data and the planned business model can be presented and transmitted to BaFin. The contact form is available here.

Assigning the request to the relevant point of contact within the competent authority

As soon as the contact has been established and the request has been submitted, typically the authority conducts a screening process to determine how best to deal with the queries raised. In this process, the authority considers factors such as the nature of the query, its urgency and its complexity, including the need to refer the query to other authorities, such as data protection authorities.

Providing responses to the firms

Depending on the nature of the enquiries raised, several information exchanges between the firm and the competent authority may take place. Responses to firms may be routed to different channels such as meetings, telephone calls or email. Typically, the responses provided via the innovation hub are to be understood as preliminary guidance based solely on the facts established in the course of the communications between the firms and the competent authority. The companies can use the information gained to better understand the regulatory requirements for their planned business model and develop it further on this basis.

Follow-up actions

Some authorities offer follow-up actions within their innovation hubs. Especially if the communication process between the company and the authority shows that the business model of the company includes a regulated activity. In this case, some competent authorities may provide support within the authorisation process (e.g. dedicated point of contact, guidance on the completion of the application form).

Previous experiences on the use of innovation hubs

Although innovation hubs are available to all market participants, according to the ESA report, three categories of companies in particular use the innovation hubs: (i) start-ups, (ii) regulated entities that are already supervised by competent authorities and are considering innovation products or services and (iii) technology providers offering technical solutions to institutions active in the financial markets.

Typically, the firms use the innovation hub to seek information about the following: (i) whether or not a certain activity needs authorisation and, if so, information about the licensing process and the regulatory and supervisory obligations, (ii) whether or not anti-money laundering issues arise, and (iii) the applicability of consumer protection regulation and (iv) the application of regulatory and supervisory requirements (e.g. systems and controls).


Innovation hubs provide companies with a good opportunity to interact with regulators via a user-friendly platform. They can therefore clarify the regulatory requirements for the products they plan to develop at an early stage and incorporate them into their business planning. By setting up innovation hubs, especially for young and dynamic (FinTech-) start-ups, the inhibition threshold to contact the supervisory authority is significantly lowered, especially because predefined user interfaces can be used.

[1] Austria, Belgium, Bulgaria, Cyprus, Germany, Denmark, Estonia, Spain, Finland, France, Hungary, Ireland, Iceland, Italy, Liechtenstein, Lithuania, Luxembourg, Latvia, Netherlands, Norway, Poland, Portugal, Romania, Sweden, UK.

[2] Source: ESA Report FinTech: Regulatory sandboxes and innovation hubs.

ESMA Supervisory briefing on the supervision of non-EU branches of EU firms providing investment services and activities

With Brexit coming up, many companies, especially those in the financial sector, have taken precautions and relocated their EU head offices to one of the 27 remaining EU member state to ensure that, whatever the outcome of the Brexit negotiations, they will have access to the European single market.  Offices in the UK, which will qualify as a third country after Brexit, will often be operated as branches.

On February 6, 2019, ESMA published its MIFID II Supervisory briefing on the supervision of non-EU branches of EU firms providing investment services and activities. Through its new Supervisory briefing, ESMA aims to ensure effective oversight of the non-EU branches by the competent authority of the firm´s home member state.

This article provides an overview of the measures proposed by ESMA to national regulatory authorities, divided into three areas: (i) ESMA´s supervisory expectations in relation to the authorisation of investment firms; (ii) the supervision of ongoing activities of non-EU branches by the competent authority; and (iii) ESMA´s proposed supervisory activity of the competent authority.

Supervisory expectations in relation to the authorisation of investment firms

The relocation of a company to the EU means that an authorisation covering the respective business model must be applied for in the respective EU member state. The authorisation procedure must, inter alia, include a description of the company’s organisational structure, including its non-EU branches. The competent authority should be satisfied that the use of the non-EU branch is based on objective reasons linked to the services provided in the non-EU jurisdiction and does not result in situations where such non-EU branches perform material functions or provide services back into the EU, while the office relocated to the EU is only used as a letter box entity. To this end, the competent authority should make its judgement on the substance of the business activity, the organisation, the governance and the risk management arrangements of the applicant in relation to the establishment and the use of branches in non-EU jurisdictions. Therefore, the firm´s program of operations should explain how the relocated EU head office will be able to monitor and manage any non-EU branch, clarify the role of the non-EU branch and provide detailed information, such as:

  • an overview of how the non-EU branch will contribute to the investment firm´s strategy;
  • the activities and functions that will be performed by the non-EU branch;
  • a description of how the firm will ensure that any local requirements in the non-EU jurisdiction do not interfere with the compliance by the EU firm with legal requirements applicable to it in accordance with EU law.

Supervision of ongoing activities of non-EU branches

In order to allow the competent authority to appropriately monitor firms providing investment services or activities on an ongoing basis, firms should provide the competent authority of its home member state with relevant information on any new non-EU branch that they plan to establish or on any material change in the activities of non-EU branches already established. Therefore, the competent authority should, taking into account the importance of non-EU branches for the relevant firm, request on an ad hoc or a periodic basis, information on, inter alia:

  • the number and the geographical distribution of clients served by the non-EU branches;
  • the activities and the functions provided by the non-EU branch to the EU head office.

Supervisory activity of the competent authority

The competent authority should put in place internal criteria and arrangements to supervise comprehensively and in sufficient depth the activities that branches of EU firms under their supervision perform outside of the EU. For that purpose, the competent authority should prepare plans for the supervision of non-EU branches of EU firms and identify resources dedicated to this activity. These resources should be capable of performing a critical screening of the firms under their supervision that have established non-EU branches, including, information received or requested in relation to these branches.


As the Supervisory briefing shows, EU supervisors are urged by ESMA to ensure that companies relocating to the EU as a result of Brexit are not just used as mere letter box entities to gain access to the European single market and the actual investment services are provided via the non-EU branch. Therefore, the competent authorities should take a closer look at the firm´s non-EU branches, to ensure that the branch has the function of a branch not only on paper but also in practice. Investment firms should be prepared for this supervisory practice.

ESMA publishes Final Report on Guidelines on non-significant benchmarks – Part 2

On December 20, 2018 ESMA published its Final Report on the Guidelines on non-significant benchmarks. These represent ESMA´s administrative practice and fill the broad regulations of the Benchmark Regulation (BMR) with more details, which makes their implementation considerably easier for the obligated parties. The guidelines have no direct effect in the EU member states but are generally to be adopted one-by-one by the national supervisory authorities, so that they will be applied as the administrative practice of the respective national authority.

In Part 1 we looked at the definition of a non-significant benchmark (NSB) and the Guidelines on the oversight function and on input data. Part 2 will highlight the new requirements on the transparency of methodology and governance set out in the Guidelines.

Guidelines on transparency of methodology (Article 13 BMR)

Article 13 BMR states transparency requirements regarding the development, use and management of the benchmark by the administrator. To this end, Article 13 sets out standards with regard to the methodology for determining the benchmark. The Guidelines contain three sections: (i) on the key elements of the methodology; (ii) the elements of the internal review of the methodology; and (iii) on the information to be provided in case of a proposed material change to an administrator´s methodology.

The key elements of the methodology used to determine the benchmark should include, inter alia, a definition and description of the NSB and the market it is intended to measure, the types of input data used to determine the NSB, minimum requirements of the quality of the input data, the compositions of any panel of contributors and the criteria to determine eligibility for panel membership.

The information to be provided by an administrator of a NSB in compliance with the requirements regarding the internal review of the methodology should include at least a description of the policies and procedures relating to the internal review and approval of the methodology. In case of material changes of the methodology the information to be provided by an administrator should include at least the disclosure of the key elements of the methodology that would, in its view, be affected by the proposed material change.

Guidelines on governance and control requirements for supervised contributors (Article 16 BMR)

Article 16 BMR provides requirements for the governance and control of a supervised contributor. To this end, Article 16 sets out specific but broad requirements for the management of a contributor’s company and its systems, which serve to preserve the integrity and reliability of its input data. In addition, the Guidelines set out, inter alia, provisions on the control framework, control of submitters, the management of conflicts of interest and record-keeping requirements. All these elements are mentioned in Art. 16 BMR to ensure proper governance and control by the contributor but outlined in more detail in the Guidelines.

According to the Guidelines, the contributor´s control framework for example should include at least an effective oversight mechanism for overseeing the process for contributing input data, a policy on whistle-blowing and a procedure for detecting breaches of BMR. The measures for the management of conflicts of interest should include, inter alia, a register of material conflicts of interests. Additionally, the records to be kept with regard to the provision of input data should include, e.g., the names of the submitters.

Applicability of the Guidelines

As already mentioned in Part 1, NSB have less impact on markets than critical or significant benchmarks. Therefore, the BMR provides options for administrators of non-significant benchmarks not to apply some BMR provisions (Article 4 to 7, 11 and 13 to 15 BMR). However, an incentive to apply the provisions nonetheless may exist, for instance, the administrator does not have to maintain different internal structures and processes for its benchmarks if he administers mainly significant benchmarks.

Since some of the Guidelines concern regulations whose applicability the administrator can exclude, the Guidelines do not apply if the administrator has decided in a permissible manner not to apply the corresponding regulations. However, if the Guidelines concern regulations from which the administrator may not deviate or if he has decided not to make use of the simplifications, the Guidelines shall apply.

ESMA publishes Final Report on Guidelines on non-significant benchmarks – Part 1

What does the European Securities and Markets Authority (ESMA) regulate in the newest Guidelines on benchmarks? When is a benchmark not significant? The following article will answer these questions and more.

The regulation of benchmarks

Since January 2018, the administration, provision and use of benchmarks has been regulated by the Regulation (EU) 2016/1011 on indices used as benchmark in financial instruments and financial contracts or to measure the performance of investment funds (BMR). The BMR introduces a regime for benchmark administrators, contributors and users that ensures the accuracy and integrity of benchmarks so that they are robust, reliable, representative and suitable for the intended use by establishing rules for administrators, contributors and users of critical, significant and non-significant benchmarks. We already shared this blog post on November 22, 2018 on emergency plans, which are also part of the BMR´s regulatory regime.

ESMA Guidelines on non-significant benchmarks

On December 20, 2018, ESMA published its Final Report on the Guidelines for non-significant benchmarks (NSB) (available here), which refers to the provisions in Article 5, 11, 13 and 16 BMR. This was preceded by the consultation of the Guidelines in September 2017. The Guidelines serve to concretise the provisions of Article 5, 11, 13 and 16 BMR and provide more detailed input on how the BMR’s provisions are to be implemented, thus ultimately present ESMA’s supervisory practice.

Non-significant benchmarks

NSB are benchmarks that are neither critical nor significant. A benchmark is considered critical if it serves as a reference basis for financial instruments or contracts with a total value of at least €500 billion. A benchmark is also critical if its sudden disappearance could have considerable negative effects on the stability of the markets. Significant benchmarks are those that are used as a reference basis for financial instruments or contracts with a total value of at least €50 billion. For critical and significant benchmarks, ESMA published Draft technical standards (RTS) under the Benchmark Regulation on March 30, 2017. They were published in the Official Journal of the European Union on November 5, 2018 . Since the RTS are issued as a regulation, they apply directly in the EU member states. However, for non-significant benchmarks, ESMA is mandated to prepare Guidelines which are not directly binding in the EU member states, but are generally adopted one-to-one by the respective national supervisory authority, thus they become part of its administrative practice. If the guidelines were not to be adopted, the national supervisory authorities must announce this publicly.

The Guidelines on non-significant benchmarks set out details for four areas of the BMR: the oversight function (article 5 BMR); input data (Article 11 BMR); the transparency of methodology (Article 13 BMR); and the requirements for the governance of supervised contributors (Article 16 BMR). As a result, the broad rules of the BMR are filled in with more details that make their implementation considerably easier for the obligated parties.

In Part 1, we will look at the Guidelines on the oversight function and on input data. Part 2 will highlight the Guidelines on the transparency of methodology and the governance requirements.

Guidelines on procedures and characteristics of the oversight function (Article 5 BMR)

Article 5 BMR sets out the oversight requirements that each administrator must maintain to ensure that all aspects of the provision of its benchmarks are monitored. The Guidelines on Article 5 BMR contain different sections on the composition of the oversight function, on its internal positioning and on procedures that should govern the oversight function, as well as a non-exhaustive list of governance arrangements.

For example, the Guidelines require that the oversight function should be composed of one or more members who together have the skills and expertise appropriate to the oversight of the provision of a particular benchmark and to the responsibilities the oversight function is required to fulfill. Administrators should also consider including, as members of the oversight function, representatives from trading venues. To ensure that no conflicts of interests intervene, persons directly involved in the provision of the NSB that may be members of the oversight function should have no voting-rights. Representatives of the management body should not be members or observers of the oversight function but may be invited to attend meetings by the oversight function in a non-voting capacity.

The oversight function should constitute a part of the organisational structure of the administrator, but needs to be established separately from the management body and other governance functions. Additionally, the oversight function should have its own procedures, for example, in relation to the criteria for member selection, the election, nomination and replacement of its members and access to the documentation necessary to carry out its duties.

Guidelines on input data (Article 11 BMR)

Article 11 BMR regulates the requirements for input data provided for the determination of the benchmark. Input data is the data used to determine the benchmark and relates to the value of an underlying asset. This may include, for example, real time transaction data of the respective underlying asset.

The Guidelines contain two sections on ensuring appropriate and verifiable input data and the internal oversight and verifications procedures of a contributor to a NSB.

In order to ensure that the input data used for a benchmark is appropriate and verifiable, the administrator should have available all information necessary to check whether the submitter is authorised to contribute the input data on behalf of the contributor in accordance with Article 25 of BMR, whether the input data is provided by the contributor within the time-period prescribed by the administrator and whether the input data meets the requirements set out in the methodology of the benchmark.

The internal oversight and verification procedures of a contributor that the administrator of a NSB ensures should include procedures governing, inter alia, requested communication of information to the administrator and three levels of control functions. The first level of control should be responsible for, inter alia, the effective checking of input data prior to its contribution and the submitter´s authorisations to submit input data on behalf of the contributor. The second level of control should be responsible for establishing and maintaining whistle-blowing procedures and internal reporting of any attempt or actual manipulation of input data. The third level of control should be responsible for performing checks on the controls exercised by the other two control functions. Therefore it must be independent from the first and second control level.

Applicability of the Guidelines

As NSB have less impact on markets than critical or significant benchmarks, Article 26 BMR provides for numerous simplifications for administrators with regard to NSB. Administrators may decide not to apply some of the provisions of Article 4 to 7, 11, and 13 to 15 BMR. However, an incentive to apply the regulations may be, for example, that the administrator does not have to maintain different internal structures and processes for its benchmarks. It is not necessary to constantly check whether the NSB exceeds the threshold that makes it a significant benchmark if the requirements of a significant benchmark are consistently met.

Since some of the Guidelines concern regulations whose applicability the administrator can exclude according to Article 26 BMR, the Guidelines do not apply if the administrator has decided in a permissible manner not to apply the corresponding regulations. However, if the Guidelines concern regulations from which the administrator may not deviate or if he has decided not to make use of the simplifications in Article 26 BMR, the Guidelines shall apply.


The BREXIT Agreement – what it means for enforcing judgments across the European Union

The client alert is available for download here.

The UK, as an EU Member State, currently benefits from the mutual recognition and enforcement mechanisms that operate across all 28 EU member states under the so- called “Recast Brussels Regulation”.

The Recast Brussels Regulation provides a simplified EU-wide mechanism for the mutual recognition and enforcement of court judgments in EU Member States. A judgment creditor simply has to provide the competent enforcement authority in another Member State (for example, where the judgment debtor has assets) with a copy of the judgment and a standard-form certificate and it can then begin the enforcement process. No other procedure is required to enforce its judgment, and there is no review of the merits.

There is a very high bar for refusal of recognition and enforcement under the Recast Brussels Regulation. This means that, in general, a party armed with an English judgment has a speedy process to enforce that judgment in any other EU member state such as Germany, Italy, Spain, or France without recourse to local law. Similarly a judgment from any other Member State is currently easily enforced in the UK.

The Draft Agreement on the withdrawal of the United Kingdom from the European Union (the “Draft Withdrawal Agreement”) was published on 14 November 2018, and has been approved by the other Member States. While its future is far from certain, and it is not impossible that there will be revisions to a number of its clauses including the proposed length of the “Transition Period”, it is very likely that some form of disengagement with the Recast Brussels Regulation will accompany the UK’s departure from the EU.

Nonetheless, under Article 67 of the Draft Withdrawal Agreement, the current regime for mutual recognition of judgments will soon no longer apply in the U.K. The Recast Brussels Regulation will cease to apply to proceedings commenced after the end of the Transition Period – currently due to end in December 2020. If there is a “no deal” Brexit, it would cease to apply to any proceedings commenced after 29 March 2019.

Unless there is a further agreement to govern mutual recognition of judgments agreed before that date the UK courts will revert to the application of common law rules of recognition and enforcement, where the grounds for refusing to recognise a foreign judgment include matters such as whether the other party participated in the foreign proceedings, and whether (on an English law analysis) the foreign court had jurisdiction over the defendant at the time the foreign proceedings were commenced.

It is almost inevitable that the recognition process here of judgments from EU Member States will lengthen, become more costly, and see a significant increase in the successful resistance of enforcement. It should be born in mind, however, that the position will be the same as currently applies to judgments from the United States.

Enforcement of English judgments across the European Union will, in turn, become subject to the widely-varying national laws of each EU Member State. The process of enforcing an English judgment in a Member State is likely to prove more costly and onerous (with a lower rate of success) than the current streamlined procedure.

As a result of the Draft Withdrawal Agreement clients and friends completing jurisdiction and dispute resolution clauses in contracts involving parties from EU Member States would be advised to consider their options carefully, including the option of arbitration, in light of the future disapplication of the Brussels regime.

On the same timetable as the disapplication of the Recast Brussels Regulation, the Draft Withdrawal Agreement will also disapply two other European instruments which currently set the rules on deciding which law applies in both contractual and non- contractual disputes where there is no written agreement specifying the governing law. These are the so-called Rome I (choice of law in contractual disputes) and Rome II (choice of law in non-contractual disputes) conventions. At the same time as parties pay closer attention to their choice of jurisdiction for their disputes, parties should also pay closer attention to specifying their governing law.