Search for Q&As

Enquirers can use various factors to search for a Q&A:

  • These include searching by the Q&A ID; legal reference, date submitted, technical standard / guideline, or by keyword if known.
  • Searches can be extended to more than one legal act, topic, technical standard or guidelines by making multiple selections (i.e. pressing 'Ctrl' on your keyboard, and selecting the relevant ones from the drop-down lists by left mouse-click).

Disclaimer:

Q&As refer to the provisions in force on the day of their publication. The EBA does not systematically review published Q&As following the amendment of legislative acts. Users of the Q&A tool should therefore check the date of publication of the Q&A and whether the provisions referred to in the answer remain the same.

Please note that the Q&As related to the supervisory benchmarking exercises have been moved to the dedicated handbook page. You can submit Q&As on this topic here.

Final Q&As Q&As under review Rejected Q&As Archived Q&As All Q&As

List of Q&A's

DPM 4.0 - Correctness of identical cells for C 08.01.c

For DPM 4.0 the cells {C_08.01.c, r0070, c0130, s*} and {C_08.01.c, r0180, c0130, s*} are identified as identical and have the same VariableID. Considering the instructions for reporting the data in rows 0070 and 0180 different values are expected.

  • Legal act: Regulation (EU) No 575/2013 (CRR)
  • COM Delegated or Implementing Acts/RTS/ITS/GLs: Regulation (EU) 2024/3117 - ITS on supervisory reporting of institutions
  • ID: 2025_7435
  • Topic: Supervisory reporting - COREP (incl. IP Losses)
  • Date of submission:
  • Published as final Q&A: 13/06/2025

Can a receivable be identified as IPRE if a mortgage exists, but the securing property is not recognised as collateral?

Art. 124 para. 1 stipulates that banks receive a risk weight of 150% for IPRE receivables that do not fulfil all the conditions set out in para. 3. The question is what constellation of conditions must be met for this case to realistically materialise. An institution should normally be able to fulfil subsections a to d in para. 3. Paragraph 3 contains a reference to Article 208 and paragraph 1 of Article 229 in sub-item e. Article 229 paragraph 1 describes the property valuation and will not generally present institutions with insurmountable problems either. Article 208 begins with the statement that a property is only recognised as collateral if the following paragraphs 2 to 5 are fulfilled. One hurdle could possibly be the monitoring of the property value in accordance with paragraph 3. However, it is also conceivable that an institution will generally refrain from recognising real estate collateral due to an insignificant share in the portfolio. Can a receivable that is effectively secured by a mortgage be identified as an IRPE risk position without recognised real estate collateral, resulting in an RW of 150% under Art. 124 para. 1? Or does non-recognition also mean that the exposure is not to be regarded as collateralised (by a property) for the calculation of own funds and consequently receives the risk weight of an unsecured exposure?

  • Legal act: Regulation (EU) No 575/2013 (CRR)
  • COM Delegated or Implementing Acts/RTS/ITS/GLs: Not applicable
  • ID: 2025_7434
  • Topic: Credit risk
  • Date of submission:
  • Published as Rejected Q&A: 31/07/2025

Taxonomy 4.0: The validation rules v7538_m and v7546_m perform consistent cross-checks?

In terms of Implementing Technical Standards (ITS), when checking the rules of the COREP_OF module for Tables C_08.01.a, C_08.02, C_09.02 have been detected inconsistencies in the validation rules under template C09.02 cross check part. It’s possible to verify this?

  • Legal act: Regulation (EU) No 575/2013 (CRR)
  • COM Delegated or Implementing Acts/RTS/ITS/GLs: Regulation (EU) 2024/3117 - ITS on supervisory reporting of institutions
  • ID: 2025_7432
  • Topic: Supervisory reporting - COREP (incl. IP Losses)
  • Date of submission:
  • Published as Rejected Q&A: 23/05/2025

DPM 3.5 - Diversity Benchmarking - v22547_a & v22587_m

One of our client is having some trouble reporting the diversity benchmarking for two reasons : a_ Validation v22547_a  The validation v22547 only allows the value (ZZ:x784) Yes & (ZZ:x785) No to be entered on the row r0020 of report R1900 where the annotated templates allows additionaly the value Not applicable. Our client thinks it's incorrect as the value Not applicable should be possible. "We can see that the cells provide a dropdown menu with 3 options, and it is specified that we have [The regions where the institution or investment firm is active (subsidiary/branch/cross-border basis with material business activities) should be selected (Yes/No). For the categories of executive or non-executive directors it should be indicated (yes/no/non-applicable) if at least one director has one of their geographical provenances, that spans at least a period of three years, from the corresponding region. Non applicable should only be selected, where there are no non-executive directors in the case of investment firms or employee representatives. Where the actual location a member gained geographical provenance is in more than one of the specified regions, the member should be allocated to the most relevant regions on a best effort basis (e.g. a Member that lived in Istanbul may select Europe, Asia or both regions) ] Can you help us answering the client on the fact that the value "Not applicable" should or not be used on the row 0020.   b_ Validation v22587_m On report R22.02 our client has only define a target for Non executive director, so it as has filled : Report R2202 the following way :     Executive directors Non-executive directors     0010 0020 Target  % set in percentage (two digits e.g. 33.33%) in the diversity policy, including in cases where this is applicable under national law  0010   40,0000 Target expressed as minimum headcount in the diversity policy (number of members) 0020     Compliance with internal policy: Has the target been met at the reference date? 0030   Yes And as set in the report R2201 that the "Targets set only for the management body in the supervisory function (non-executive directors)" SCOPE: For which scope of members of the management body are gender diversity targets set? (please select from drop down menu) 0130 Targets set only for the management body in the supervisory function (non-executive directors) By filling the report like this it triggers the validation V22587 indeed this validation will always be trigered where Report R2201 and R2202 are filled and when value in R0022.020 in R0010 C0010 is different that R0022.020 in R0010 C0020 and when the value in R2201 R0130 <> Different targets set for the management and supervisory function of the management body As in our case the target has only be set for the Non exucitive director we think it 's correct to use the value "Targets set only for the management body in the supervisory function (non-executive directors)" in report R2201, and to fill only the column 0020 in report R2202 but by doing that we will have a different value between R0022.020 in R0010 C0010 is different that R0022.020 in R0010 C0020 causing an unexpected anomaly. Can you please investigate if the the control is correct?      

  • Legal act: Directive 2013/36/EU (CRD)
  • COM Delegated or Implementing Acts/RTS/ITS/GLs: EBA/GL/2023/08 - Guidelines on the benchmarking of diversity practices, including diversity policies and gender pay gap
  • ID: 2025_7430
  • Topic: Remuneration
  • Date of submission:
  • Published as Rejected Q&A: 04/09/2025

Calculation of the standardised total risk exposure amount or S-TREA under Article 92(25)

Does the calculation of standardised total risk exposure amount, or S-TREA, require Firms to recalculate RWAs for standardised approaches where modelled inputs have been used? Specifically, do CVA RWAs calculated using IMM modelled EADs need to be re-calculated using EADs that have not been derived using a modelled approach?

  • Legal act: Regulation (EU) No 575/2013 (CRR)
  • COM Delegated or Implementing Acts/RTS/ITS/GLs: Not applicable
  • ID: 2025_7429
  • Topic: Own funds
  • Date of submission:

Appropriate CR SA sub-exposure class categorisation (line items reported within C02.00, C07.00 and C09.01, where applicable) of the portion of an exposure “secured by mortgages on immovable property” which is also secured by cash or subject to other form of credit protection such as eligible guarantees.

Some of the exposures “secured by mortgages on immovable property” existing on an institution’s loan book are also secured by other forms of credit protection, such as cash or eligible guarantees. For such exposures, it is not clear as to which sub-exposure class such portion of the exposure (e.g. the cash-secured portion) shall be attributed.   For example, assume that an institution has a non-IPRE exposure (loan to natural person) secured by residential immovable property, which is also partially secured by cash. To which of the following sub-exposure classes will the portion of the exposure that is secured by cash collateral be classified?  (i)    Secured by mortgages on residential immovable property - non-IPRE (secured) - C09.01, r0091; C02.00, r0151(ii)   Secured by mortgages on residential immovable property - non-IPRE (unsecured) - C09.01, r0092; C02.00, r0152(iii)  Secured by mortgages on residential immovable property - Other - non-IPRE - C09.01, r0093; C02.00, r0153  NB: Please also affirm that in the referenced example (i.e. retail counterparty), the Original exposure pre-conversion factors related to such cash-secured portion shall be equivalent to a risk weight of 75% in line with Art 124(1)(a), which is subsequently reduced to 0% through the reporting of CRM techniques with substitution effect via the “Other Items” exposure class (under the financial collateral simple method), in line with the principle applied in EBA Q&A 2016_2693.   In the quoted example, we understand that such portion shall be reported as “Secured by mortgages on residential immovable property - Other - non-IPRE”.

  • Legal act: Regulation (EU) No 575/2013 (CRR)
  • COM Delegated or Implementing Acts/RTS/ITS/GLs: Regulation (EU) 2024/3117 - ITS on supervisory reporting of institutions
  • ID: 2025_7428
  • Topic: Supervisory reporting - COREP (incl. IP Losses)
  • Date of submission:
  • Published as Rejected Q&A: 31/07/2025

Setting limit (daily and/or per transaction) for the execution of payment transaction by PSP

Is PSP allowed, according to the Article 68(1) of PSD2, to set a general limit (daily and/or per transaction) for the execution of payment transaction to the payee with the PSP in another EU Member state, under the certain payment initiation channel (for example mobile banking), in order to mitigate the risk of fraud (to prevent fraud)? Is PSP allowed to set different general limits for national payments and for payments to PSPs in another EU Member state (due to various fraud risk associated to these transactions)? Is PSP obliged to change a limit above the limit that the PSP set - on PSU's request for regular credit transfer?

  • Legal act: Directive 2015/2366/EU (PSD2)
  • COM Delegated or Implementing Acts/RTS/ITS/GLs: Not applicable
  • ID: 2025_7425
  • Topic: Other topics
  • Date of submission:

BTAR voluntary disclose and DPM templates

Regarding the generation of DPM templates containing ESG pillar 3 disclosure, included in reporting framework 3.3 for the ad-hoc collection, according to Commission Implementing Regulation (EU) 2022/2453, template 9 – Mitigating actions: BTAR- was required for December 24 submission only on a voluntary basis.  In case a bank has decided not to publish BTAR template in the Pillar 3 disclosure for December 2024, our understanding is that there is no obligation to deliver, for December 2024, these templates (D 09.01, D 09.02.a, D 09.02.b, D 09.02.c, D 09.02.d, D 09.03.a, D 09.03.b) included in reporting framework 3.3 to keep both reports aligned (Pillar 3 disclosure, made public in February 2025, and the reporting framework 3.3 templates). Please confirm that our view on this subject is correct.

  • Legal act: Regulation (EU) No 575/2013 (CRR)
  • COM Delegated or Implementing Acts/RTS/ITS/GLs: Draft ITS on Supervisory Reporting of Institutions
  • ID: 2025_7424
  • Topic: Transparency and Pillar 3
  • Date of submission:
  • Published as Rejected Q&A: 11/07/2025

Risk weighting attributed to gold in the form of a commodity

Is the definition of 'gold bullion', as recently amended by Regulation (EU) 2024/1623, consistent with the previous definition of 'gold' under Regulation (EU) No 575/2013 (CRR), as clarified by EBA Q&A 2016_3011, in the sense that it includes all forms of gold commodities (such as bars, ingots, jewels, manufactured products, and coins) whose value is determined exclusively by gold content—defined by purity and mass—regardless of their form, provided that no numismatic, artistic, branding, or other extrinsic value is attributed?

  • Legal act: Regulation (EU) No 575/2013 (CRR)
  • COM Delegated or Implementing Acts/RTS/ITS/GLs: Not applicable
  • ID: 2025_7423
  • Topic: Credit risk
  • Date of submission:
  • Published as Rejected Q&A: 01/05/2025

Definition and Scope of DORA

Does the definition of 3.19 include all service providers - no matter the relevance of their service for the digital resilience of the financial service e.g. providers of an employee survey tool or a recruitment tool, where the absence of their services would no have no impact on the resilience security of network and information systems supporting the business processes of financial entities. If in the affirmative, does this mean that any ICT third-party service provider falls within the scope of DORA ( see Article 2.1(u). As a consequence a service a digital employee exercise app provider will fall within the scope of DORA if they sell their services to a financial service provider? If in the affirmative, is this proportionate with regard to the impact that this has on ICT third-party service providers whose services have no impact on the security of network and information systems supporting the business processes of financial entities. If in the affirmative, do the financial authorities now have competence over all ICT third-party service providers, regardless of what kind of services they provide as long as they are providing services to a financial entity? * financial entity = or any other entity besides an ICT service provider

  • Legal act: Regulation (EU) No 2022/2554 (DORA Reg)
  • COM Delegated or Implementing Acts/RTS/ITS/GLs: Not applicable
  • ID: 2025_7421
  • Topic: ICT third-party risk management
  • Date of submission:
  • Published as Rejected Q&A: 04/09/2025

Clarification on Risk Weight Assignment for ADC Exposures in Default

Could you please clarify what risk weight should be applied to ADC exposures that are in default?

  • Legal act: Regulation (EU) No 575/2013 (CRR)
  • COM Delegated or Implementing Acts/RTS/ITS/GLs: Draft ITS on Supervisory Reporting of Institutions
  • ID: 2025_7419
  • Topic: Credit risk
  • Date of submission:
  • Published as Rejected Q&A: 21/05/2025

Reporting framework 4.0 Validation rules

Could you please confirm whether validation rule v23722_m is incorrect and should be amended, as it only counts time buckets greater than 7 years, which appears inconsistent with the ITS requirements?

  • Legal act: Regulation (EU) No 575/2013 (CRR)
  • COM Delegated or Implementing Acts/RTS/ITS/GLs: Draft ITS on Supervisory Reporting of Institutions
  • ID: 2025_7418
  • Topic: Supervisory reporting - COREP (incl. IP Losses)
  • Date of submission:
  • Published as Rejected Q&A: 23/05/2025

Reporting framework 4.0 Validation rules release (new format) (Uploaded on 19/12/2024)

Could you please confirm whether validation rule e4900_n is incorrect and should be amended by removing r0190 from the rule and validation rule v0313_m is incorrect and should be amended by adding r0210 to the rule?

  • Legal act: Regulation (EU) No 575/2013 (CRR)
  • COM Delegated or Implementing Acts/RTS/ITS/GLs: Draft ITS on Supervisory Reporting of Institutions
  • ID: 2025_7417
  • Topic: Supervisory reporting - COREP (incl. IP Losses)
  • Date of submission:
  • Published as Rejected Q&A: 23/05/2025

Definition of ICT service

If a supplier must provide an ICT Service to fall under DORA, how should we determine what qualifies? Should we rely on the DORA regulation’s definition of an ICT Service, or should we use the Annex 3 list (S01-S19) from the ITS Register of Information?

  • Legal act: Regulation (EU) No 2022/2554 (DORA Reg)
  • COM Delegated or Implementing Acts/RTS/ITS/GLs: Regulation (EU) 2024/2956 - ITS on the register of information
  • ID: 2025_7415
  • Topic: ICT-related incidents (management / classification / reporting)
  • Date of submission:
  • Published as Rejected Q&A: 09/07/2025

Dora agreements - ICT service supports a CIF

When an ICT Service supports a Critical and Important Function (CIF) within a financial entity, providers must sign DORA agreements with their suppliers if the supplier: a)     Provides an ICT Service (as per the DORA definition). b)     Critically underpins the ICT Service, meaning its disruption could affect security or continuity (based on ITS on Register of Information, Article 3(2)(b)). Is this interpretation correct? Or must DORA agreements be signed with all critical suppliers, even those that do not provide ICT Services?

  • Legal act: Regulation (EU) No 2022/2554 (DORA Reg)
  • COM Delegated or Implementing Acts/RTS/ITS/GLs: Regulation (EU) 2024/2956 - ITS on the register of information
  • ID: 2025_7414
  • Topic: ICT-related incidents (management / classification / reporting)
  • Date of submission:
  • Published as Rejected Q&A: 09/07/2025

Register of ICT Services

Are these listed listed types of ICT-services (e.g., S07, S11, S12) covered under DORA’s definition of ICT Services? If not, can, e.g., facilities or infrastructure that do not include data or digital elements be excluded from this definition?

  • Legal act: Regulation (EU) No 2022/2554 (DORA Reg)
  • COM Delegated or Implementing Acts/RTS/ITS/GLs: Regulation (EU) 2024/2956 - ITS on the register of information
  • ID: 2025_7412
  • Topic: Register of information (DORA)
  • Date of submission:
  • Published as Rejected Q&A: 09/07/2025

Risk Weights for International Organisations under the Standardised Approach

Is it permissible that exposures to NATO Communication and Information Agency are assigned a 0 % risk weight under Article 118(f) CRR?

  • Legal act: Regulation (EU) No 575/2013 (CRR)
  • COM Delegated or Implementing Acts/RTS/ITS/GLs: Not applicable
  • ID: 2025_7411
  • Topic: Credit risk
  • Date of submission:
  • Published as Rejected Q&A: 18/07/2025

Definition of landline services

What are landline services in this context? Could it include fiber optics (e.g., black fiber)?

  • Legal act: Regulation (EU) No 2022/2554 (DORA Reg)
  • COM Delegated or Implementing Acts/RTS/ITS/GLs: Not applicable
  • ID: 2025_7410
  • Topic: ICT-related incidents (management / classification / reporting)
  • Date of submission:
  • Published as Rejected Q&A: 09/07/2025

Validation rules taxonomy V4.0 C_08.01.a,C_09.02 - v1672_m

The validation rule formula v1672_m specifies that the Risk Weighted Assets (RWA) after supporting factor in column 0125 reported under form 09.02 for IRB exposure class corporates – purchased receivables of all country should be equal to RWA reported under form C_08.01.a, column 0260 where Sheet is in qAE:qx2075 (Corporates - Purchased receivables with own estimates of LGD or conversion factors). The Sheet qAE:qx2076 (Corporates - Purchased receivables without own estimates of LGD or conversion factors) should also be considered in the formula for comparison of exposure to corporates – purchased receivables (with and with-out own estimates of LGD or conversion factors). This Sheet qAE:qx2076 is also a part of validation rules v0435_m, v0436_m and v0438_m where a similar comparison is made for original exposure, Exposure at Default (EAD) and RWA pre supporting factor. The control seems incoherent. Can you please confirm the sheets which need to be included for comparison of corporates – purchased receivables between forms C_08.01.a and C_09.02?

  • Legal act: Regulation (EU) No 575/2013 (CRR)
  • COM Delegated or Implementing Acts/RTS/ITS/GLs: Regulation (EU) 2024/3117 - ITS on supervisory reporting of institutions
  • ID: 2025_7409
  • Topic: Supervisory reporting - COREP (incl. IP Losses)
  • Date of submission:
  • Published as Rejected Q&A: 23/05/2025

Validation rules taxonomy V4.0 C_08.01.a,C_09.02 - v0418_m

The validation rule formula v0418_m specifies that the Risk Weighted Assets (RWA) reported under form 09.02 for IRB exposure class central governments and central banks of all country should be less than or equal to RWA reported under form C_08.01.a, column 0255 where Sheets are in qAE:qx2021 (Central governments and central banks with own estimates of LGD and/or conversion factors), qAE:qx2020 (Central governments and central banks without own estimates of LGD or conversion factors), qAE:qx2014 (Corporates - Specialised Lending without own estimates of LGD or conversion factors), qAE:qx2055 (Retail exposures - Purchased receivables - with own estimates of LGD or conversion factors). The Sheet qAE:qx2014 and qAE:qx2055 should not be considered in the formula for comparison of exposure to central government and central bank. These two sheet’s codes are also not part of validation rule v0415_m and v0416_m where the similar comparison is made for original exposure and Exposure at Default (EAD). The control seems incoherent.

  • Legal act: Regulation (EU) No 575/2013 (CRR)
  • COM Delegated or Implementing Acts/RTS/ITS/GLs: Regulation (EU) 2024/3117 - ITS on supervisory reporting of institutions
  • ID: 2025_7408
  • Topic: Supervisory reporting - COREP (incl. IP Losses)
  • Date of submission:
  • Published as Rejected Q&A: 23/05/2025