German Banking Industry Committee

According to the regulation (EU) 2015/534 of the European Central Bank dated 17 March 2015 on reporting of supervisory financial information (ECB/2015/13), the national competent authorities (NCAs) are, for significant supervised entities that are part of a significant supervised group, obliged to report final FINREP data by the close of business of the 55th day after the reporting/refence date. For this, the NCAs set the date as of which the supervised entities have to report the supervisory financial information so that the NCAs can meet these deadlines. This generally means that a first report by an institution of its preceding year’s figures is made by mid-February and the final report accordingly subsequent to, if need be after, a concluding discussion with the regulator. In addition, reporting dates for annual financial statements must be observed (as a rule March/April).

A final/definitive data base for the completion of the templates is thus not available until late. Further analyses must be conducted on this data base, which is extended in part by quantitative and qualitative information, as the required data cannot be derived entirely from the data in the annual financial statements. For this purpose, a separate data system must be set up in parts. Between the individual templates there are interdependencies that must be observed when filling them in. In our view, a concurrent overall report of all templates would make sense. The reporting/refence date should therefore not be brought forward.

As reporting/refence dates, furthermore, those from the FinRep and CoRep returns should be used a basis. Here, the reporting dates should at all events be subordinated to those in the FinRep and CoRep returns.
The details of a Waiver (Art. 7 CRR) in column 070 should, in our opinion, mean that in the event of a confirmation of the Waiver also columns 080 – 130 do not have to be completed by these institutions.
Basically, the same applies here too: there must be sufficient time to derive the data (see also our answers to question no. 5). In addition, it should be ensured in particular that the “parent waiver” from the COREP return is valid for the MREL report too. From a superordinate perspective, we can say that a number of components of the second block (particularly the template “Liability Structure”) as part of the annual Liability Data Template (LDT) are to a greater extent concretised by the Single Resolution Board (SRB). Accordingly, here, particular attention should be paid so that this does not result in duplicative reporting and/or returns with differing content (e.g., as a result of other cluster formations etc...) for the institutions (concrete example: the accounting standard used a s basis for MREL data at single-institution level should be identical with that of the report to the SRB).

With regard to the new template for deposit insurance, the name of the institutional protection scheme has to be given in reporting field 050. According to the explanations for this reporting field, this involves institutional protection schemes pursuant to Art. 113 (7) CRR. Refence to deposit protection, however, is made only via institutional protection schemes pursuant to Art. 1 (2) c) Directive 2014/49/EU (DGS Directive). Presumably this therefore means such institutional protection schemes. Institutional protection schemes recognised pursuant to Art. 113 (7) CRR can exist on a voluntary basis too and detached from the obligations of the DGS Directive.
I. Critical functions and core business lines

Generally, the term “critical function” in resolution planning should not differ from the terminology in recovery planning. This should be in the interests of the authorities involved too. However, on the basis of the data requested in the template for “critical function”, this is unfortunately not the case.

1. Critically assessment of economic functions
The proposed level of analysis alongside legal entities and across geographic areas (countries?) seems not to be practicable and reasonable. The criticality assessments should be performed for material legal entities and mapped solely to their key regional market.

According to the consultation draft, a critical function per country must be entered in the section “Criticality assessment of economic functions”. This does not include any details according to which criteria the geographic distribution is to be represented. A more detailed geographic distribution means considerably more effort for the institutions. From a FINREP perspective, a breakdown only according to domicile of the counterparty would be feasible. This should be stated clearly in the ITS.

For the assessment on “critical function” in relation to market shares in individual countries requested in the template there is often no solid numerical data, but only an internal expert’s estimate. Because of this, the assessment of the “critical function” for the template will at times become very subjective. The relevant market size for the calculation of market share should therefore be fixed centrally. As a matter of proportionality, the scope of the template should be limited to member states in which banks do a minimum volume of business. Where it is obvious that the banks’ business volume (or any other criteria) in a member state is so negligible that the bank does not perform a critical function, the bank should not be obliged to fill in the template. Such a data request would pose a disproportionate administrative burden to banks while at the same time the resolution authorities would not gain any relevant insight from such an exercise. In our view, a country breakdown would therefore make sense only if the market share exceeded a threshold that constituted a materiality threshold for that market (suggestion: >20% of a country’s market share).

Besides, there might be difficulties to allocate cross-border activities to certain member states, e.g. if domestic clients are doing business abroad in other European member states. Furthermore, booking locations might be in other member states than where the actual business is done.

Ultimately, the template can be filled in only on the basis of the filed FINREP counterparties. In this connection, a number questions already arise for us on the completion instructions for section Economic functions. We ask that the following issues be clarified/concretised in the final ITS:

(1) Deposits: “It does not include borrowing from other financial intermediaries, which is dealt with separately in ‘wholesale funding’.”
“Other financial intermediaries” is translated as “übriger Finanzmittler”. So far as “Other financial intermediaries” is a sub-group of “Other financial corporations”, then there this no such distinction in FINREP. Conversely, the remaining part of “Other financial corporations” would have to be shown under Deposits under “Other sectors / counterparties”

(2) “Lending for house purchase” (FINREP-Table F 05.00) and the details such as SME/Non-SME (FINREP-Tables F 20.04) refer to various FINREP tables. How should this be dealt with?

(3) Capital Markets: All derivatives (i.e. also derivatives in relating to the fair value option) are shown here. Capital markets is not clearly defined; clarification wold be desirable.

2. Mapping of critical functions to legal entities
Column 010: Mapping critical functions to single countries (= single country breakdown) does not seem to be either practicable or reasonable. The legal entities should be mapped solely to their key regional market (e.g. Germany). For details please refer to point 7.1. above.

3. Mapping of core business lines to legal entities
Column 020: “Business Line IDs” not available. Banks are free to define their core business lines according to their specific business model and business divisions and their contribution to group performance.

It is unclear what a possible business line ID is used for and why it is necessary. Such ID would not add any additional value either to resolution planning or resolution itself.

4. Mapping of critical functions to core business lines
It is unclear why this mapping is necessary at all. The other EBA templates focus mainly on critical functions, while core business lines are more or less neglected. (e.g. templates on critical services, FMI, information systems).

Furthermore, the identification of critical functions and core business lines is based on diverging concepts. (critical functions: Predefined by SRB independent from institution-specific business divisions / core business lines: Defined institution-specific according to the business model). In some cases, therefore, a mapping of critical functions to core business lines is not possible.

(1) “Payments services to non-MFIs” may be a critical function in a certain legal entity but may at the same time be an operational business service for two or more core business lines.

(2) “Lending to non-financial corporations – SMEs” as a critical function may be performed by more than one core business line, because the institution-specific customer segmentation does not correspond to the SME definition of SRB for critical functions.

II. Critical services
It should be noted that item 110 makes detailed reference to what the legal assessment should actually take into account, including whether the relevant contract can “implicitly” be terminated or altered as a result of a resolution measure. We would not think that an analysis regarding such “implicit” rights is necessary or proportionate. In this context, we refer to Article 44 (2) (g) (ii) BRRD which excludes provisions of goods and services that are critical to the daily functioning of the operations of an institution from the application of a bail-in. Accordingly, such creditors will have no incentive at all to exercise such “implicit” rights.
Because of the complexity of the necessary data collection and the general regular systems adjustments, it is in our view necessary to allow for a transition phase of at least 3, ideally 5 years.

The data for FMIs and Information Systems are not readily available, but must be collected in an extensive manual process covering multiple divisions within banks. A transition period of 3 years would certainly be helpful for banks to set up processes and methods to ease the collection of the relevant data. But a transition period can make sense only if definitions and requirements of the EBA and resolution authorities are transparent and understandable. If definitions (e.g. for “Information Systems”; see question 7) are not understandable, a transition period is pointless. The definitions and requirements should, moreover, not be constantly adjusted, but should be fixed for the duration of the transition period. So far, the definitions and requirements have been “moving targets”.

Even more importantly, transition periods can make sense only if applied by the resolution authorities too. The FMI-Report of the SRB for 2017 considerably exceeded the EBA minimum requirements defined in the consultation, especially due to the extensive “Key metrics” section included. Especially the “Key metrics” section pose huge challenges for the banks, and the instructions were poor. If the resolution authorities considerably exceed the minimum requirements of the EBA and do not grant transition periods, a possible transition period provided for by the EBA is pointless.
Such a list would in our opinion have to be drawn up by the competent authorities on the basis of their collective experiences/empirical values. In our view, there should be no reports from the institutions.

With the current layout and the given instructions, the templates cannot be properly filled in. The intention of the templates is not clear. The EBA must provide a list of typical services they expect. Ideally, the EBA should provide examples of what kind of services/ relationships they want to see here.
In the original ITS on information for resolution plans from 2014-2015, the EBA introduced Annex IX called “Information Systems”. The instructions for template IX made reference to the Section B of the Annex to Directive 2014/59/EU and requested “[…] a detailed inventory and description of the key management information systems, including those for risk management, accounting and financial reporting […].”

Presumably, the templates R 10.01/ R 10.02 now called “Critical Information Systems” of the current consultation process represent an update of the former Annex IX. We would like to understand whether “Critical Information Systems” are synonymous with “Key Management Information Systems” and whether the reference to Section B of the Annex to Directive 2014/59/EU is still valid? Does the focus of the templates still lie on risk management, accounting and financial reporting? The resolution authorities have to understand that “Critical Information Systems”, “Key Management Information Systems” and solely “Information Systems” are not terms that are commonly used in bank practice. There is neither an industry-wide standard nor a commonly accepted definition so far. The definition of “Critical Information System” in the Instructions is far too vague. In addition, it is completely unclear what the core intention of the EBA behind the two templates is. The lack of a clear-cut definition and a lacking industry standard will inevitably lead to a very heterogeneous provision of data across European banks. This cannot be in the interests of resolution authorities. The IT infrastructure of large banks consists of thousands of IT products and IT systems. These IT products often come in IT supply chains. While information for resolution purposes might be centralized in data warehouses, this information is supplied to the data warehouses by a multitude of other IT products. Without these data supplies the data warehouse would be useless or only an empty shell. Do “Critical Information Systems” only include the data warehouse or the whole IT supply chain? Furthermore, there are IT products that cannot be mapped to specific critical functions but are indispensable for bank operations and the IT infrastructure of the bank as a whole. How should these IT products be dealt with? If these IT products were to be included in the templates, the list would be quite long.

Considering current market trends (e.g. Big data, in-memory technologies), the demarcations between “Management information systems” and IT products supporting operational business become even more blurred. Thus, a differentiation in this way does not appear sustainable to us.

As the term “Information Systems” is not used in bank practice, these systems are not readily available. Rather, the identification of these systems is a manual task for thousands of IT products. The resolution authorities need to understand that this is a huge challenge for banks that will need considerable resources. Therefore, banks need concrete assistance in the following points: first, in order to perform a mapping of information systems to critical functions, the critical functions need to be stable (= no moving target). Second, banks need to better understand what the basic intention of the resolution authorities behind the templates is. What does the resolution authority want to know, what is the focus? Third, there must be a clear-cut definition and industry-wide standard for the term “Information Systems” which has to be laid down by the EBA and resolution authorities. Fourth, the EBA must clearly define the scope of “Information Systems” with regard to IT supply chains and IT products that support the IT infrastructure and bank operations as a whole and cannot be separately linked to single critical functions.

It is highly recommended that the exercise of identifying parts of the IT products and systems for resolution purposes is harmonized with similar tasks which are frequently conducted. To name just two examples, the institutions business continuity management as well as the information security management contain well-known and standard-based procedures to identify the crown jewels of the IT landscape.
German Banking Industry Committee