Foreword by the Chairperson


Dear readers,

2021 marked our 10-year anniversary and we celebrated this special and momentous milestone by reflecting on all the key milestones of the past decade, the progress achieved so far as well as by setting the tone for the challenges that lie in front of us.

Timely and effective responses to the different crises hitting our economies and societies. We were established in 2011 in response to the great financial crisis of 2007-2009 that had brought the global economy and investors to its knees and affected the levels of trust that citizens had in the system and its institutions. Since then, a number of shocks, of different origin and nature, have hit our economies and societies. I am thinking of the sovereign debt crisis of 2009-2011, the Brexit crisis starting in 2016 after the UK voted to leave the European Union, the Covid-19 health crisis that broke out in early 2020 and whose threat has not fully receded, and the Russian-Ukrainian crisis that is still unfolding as we write. Despite the best forecasts and analyses, crises are inevitable and many of them quite unpredictable. What is sure is that the EBA has contributed to the policy response to each of these crises and emergencies with extensive regulatory reforms, increased transparency, enhanced cooperation, always serving the needs of the economy and its citizens.

Stronger and more proportionate rules. Since 2011, we have developed a harmonised and consistent set of rules on prudential and resolution aspects with more than 230 technical standards, which helped establish a level playing field for financial institutions across the EU. We provided additional guidance with more than 120 Guidelines and answers to over 2000 Q&As on its supervisory implementation. One of the key principles governing our regulatory effort is proportionality, to ensure that rules are not “one size fits all” but that every single measure in the EU’s Rulebook is fit for purpose, effective, proportionate, operational, and as simple as possible. We will further embed proportionality in the revised regulatory frameworks to ensure rules are more accessible and digestible to less complex and less risky banks, to reduce unnecessary regulatory burden and compliance costs, and to make effective use of scarce supervisory resources.

Preserving a global level playing field and avoiding regulatory fragmentation with the Basel III framework. The EBA played an important role in the finalisation of the internationally agreed Basel III framework: another important milestone in the post financial crisis regulatory reforms. Basel III indeed creates a clear and solid regulatory framework, allowing common rules to be applied by all the banks around the world, and ensuring global level-playing field. Its full and compliant implementation is the final piece of this important structural reform, which has clear macro-economic benefits, and will restore trust.

Enhanced transparency to ensure better monitoring of risk build-up and increased market discipline. The EBA has from its inception taken a leading role in promoting and enhancing transparency, which is key to achieving market discipline and ultimately financial stability. Through the stress test exercises performed on a biannual basis and the transparency exercises conducted every year, we have been able to provide reliable and comparable information, thus enhancing the credibility and use of the outcome of these exercises. In addition, our regular releases of bank data and information are valued as essential to improve market transparency. We continue working on our data strategy to become a data hub, with the aim of gathering and processing prudential data from institutions and to allow internal and external stakeholders, including competent authorities and EU legislators, and the public at large, to access more timely and comprehensive evidence-based analyses and information.

Timely response to the Covid-19 health crisis. I think that the pandemic reminded us of the importance of a high-quality regulatory framework for a robust EU banking sector and that the bulk of the measures implemented post the great financial crisis, of which Basel III is the most visible, have proven useful in getting us through this crisis. This time, banks were even part of the solution to this major health crisis by supporting the economy. We, as EBA, played an important role in strengthening banks’ lending capacity by balancing operational and supervisory relief measures, developing new guidelines on the application of moratoria, adjusting the regulatory framework, as well as monitoring banks’ key metrics so as to provide transparency on their balance sheets.

Closely monitoring the new challenge emanating from the war in Ukraine. Unfortunately, the future poses us additional challenges. The Covid 19 pandemic effects have been overshadowed by the geopolitical developments emanating from the Russian invasion of Ukraine. The current high level of uncertainty and the potentially large impact on the wider EU and global economy are a key concern. We are closely monitoring and assessing the direct implications, the impact of sanctions for all actors involved, including financial inclusion of refugees, increase in cyber risks or in financial crime and the longer-term impact on supply chains in the global economy. As we write, based on our initial assessment, the first-round risks to the EU banking system are expected to be manageable, and do not seem to pose a fundamental threat to financial stability but we still need to remain vigilant and we will make every effort to assess, monitor and adjust as the situation evolves.

Digital finance is increasingly on our radar. Digital finance is another important challenge and priority for the EBA going forward. Our work in this area has particularly focused on consumers as end-users of technology. In that respect, we have made great progress in removing obstacles to the application of innovative technologies in the banking and payments sectors, namely by working to achieve technological neutrality in our regulatory and supervisory approaches. Going forward, the EBA, together with the other European Supervisory Authorities, will have an enhanced role in the digital finance area. At the beginning of this year, we jointly responded to a Commission’s call for advice on digital finance and related issues and provided a series of recommendations covering cross-sectoral and sector-specific market developments in this area, and highlighted the risks and opportunities posed by digitalisation in finance.

Another important priority is to properly integrate ESG into regulation. Climate change and its implications are another important global challenge for the banking sector and another key priority for the EBA. There is a growing consensus among policymakers and supervisors that climate change poses real financial risks. We are working on many fronts to integrate ESG considerations into regulation. These include enhancing disclosure, advancing the risk management standards for banks, updating core elements of the prudential framework as well as stress testing methodologies. On the latter, we are currently defining our strategy on climate risk stress test in line with the European Commission’s renewed strategy on sustainable finance, which will require the EBA to initiate and coordinate regular climate risk stress tests, including a system-wide exercise in cooperation with the other European Supervisory Authorities.

Global challenges require enhanced cooperation with all our stakeholders. In conclusion, I would like to underscore that all the challenges and priorities that I mentioned throughout my remarks have a global dimension and are pretty much interconnected. Let’s just think of how the COVID-19 pandemic has accelerated the digital transformation of almost all industries. As a result, the need for accessible and affordable digital financial products is even more apparent in the pursuit of a global economic recovery and growth. If I turn to sustainability considerations, it is clear that the COVID-19 crisis has highlighted the interconnected and interdependent nature of the world’s social and economic systems. The ongoing Ukrainian war is also prompting investor rethink of environmental, social and governance considerations. This interconnectedness calls for enhanced cooperation and synergies not just at EU level but globally. And on this final note, I would like to thank all our Board Members, the EBA staff, the EU institutions, and all our stakeholders for the great cooperation and collaboration throughout these years. I am looking forward to enhanced cooperation to address our future challenges together.

Interview with the Executive Director

Can you tell us about 2021, which marked the EBA’s 10th anniversary but was also another challenging year with COVID-19 still affecting our daily lives? And what were your priorities when adjusting the EBA’s organisation?

Indeed 2021 has been a very important and challenging year for the EBA and a year of significant organisational changes. It marked our ten years as an organisation and we took the time to celebrate and reflect, despite the challenging working conditions due to the pandemic. In particular, we have invited a number of inspiring speakers throughout the year, and we organised a large conference which gathered more than 1000 participants to take a step back, look at the previous decade and the amazing achievements of the EBA with its stakeholders, but also prepare for the new challenges.

While COVID-19 continued to be a challenge for our societies as for our own organisation, it also offered a real opportunity to explore new ways of working. Our teams have continued to demonstrate their full commitment and their flexibility. We have made our best efforts to provide all necessary material and psychological support. We have also continued recruiting new talents and onboarded an important number of new staff members who have very easily adjusted to their new roles. Our key takeaway is that combining presence in the office and telework also brings a lot of benefits, both to an organisation and to its staff, professionally and personally. We will be building on this to implement the new hybrid working model European institutions and agencies are now moving into.

Now looking at our evolving multi-year priorities and mandates, it was also clear that our working model needed to be adjusted. In January, we started by strengthening the Legal and Compliance function to be better equipped to deal with complex ethics and data protection issues. In March, we introduced a new role of team leaders, to better respond and deal with key projects or processes which cut across the organisation. We could thus empower about 25 senior staff members. As the role is temporary, this will allow the organisation to stay agile and keep bringing new opportunities to our staff.


Then, in June, we implemented a broader reorganisation of our teams. The goal was threefold: to increase focus in key areas, foster internal synergies, and create new opportunities for staff. In particular, we created a stronger Economic and Risk Analysis Department, with a new Unit dedicated to ESG risks, and a new Department focusing on the entire data value chain, from their definition to their acquisition, management, and dissemination. Finally, we created fully-fledged units focusing on Digital Finance and on AML-CFT.

Last but not least, we keep rolling out new technology to best support our teams and perform our work more efficiently. We are now largely using a collaboration platform which brings together a number of tools we need for our day-to-day work. We will also be implementing an e-recruitment tool and use electronic workflows in the area of finance and human resources. All in all, our objective is to mobilise all possible tools and arrangements to support the work of our teams and ensure we keep delivering high quality contributions in a rapidly evolving environment.

Sustainability has become a pressing issue for all organisations. How have you been addressing this issue at the EBA?

Sustainability is indeed front and centre for our economies and societies. The EBA, as part of its regulatory, convergence, and risk work, and as an organisation has a role to play, and also a responsibility.

ESG is a horizontal multi-year priority for the EBA. We work to incorporate the EU sustainability agenda into the regulatory and supervisory framework for EU banks and other financial institutions within our remit. In this context, collecting the evidence, closing the data gaps, especially thanks to more harmonised and more relevant disclosure of ESG factors is critical to allow policymakers and all stakeholders to take the right decisions, and organise an orderly transition. We are also working on reflecting these factors better in banks’ risk management standards, and on what could be a prudential treatment.

As an organisation, we also fully recognised our long-term responsibility for making a positive contribution to sustainable development through our activities. In 2021, we reached key milestones in our journey to implement an Environmental Management System (EMAS), which we expect to conclude in 2022. We take a systematic approach to our environmental footprint, focusing on four key areas: (i) missions, to minimise the impact on greenhouse gas emissions; (ii) energy, by building a strong relation with the landlord to improve our energy consumption performance; (iii) waste, by improving our segregation and recycling habits; and (iv) procurement, by maximising the use of electronic solutions and green public procurement.

Gender equality has been one of your key priorities since you took up this post as EBA Executive Director. What are the steps you have taken to make the EBA more gender balanced?

Public sector organisations should reflect the societies they are embedded in. They should thus ensure that nobody is or feels discriminated because of gender or because of any other reason. And by the way, there is also abundant empirical evidence that gender equality is a key driver for better policy and economic outcomes.

At the EBA we pay the highest attention to giving men and women equal chances. It is our responsibly to create an environment conducive to the development and promotion of all staff, preventing any kind of bias and discrimination. Since the last quarter of 2020, we have been systematically reviewing gender equality. We focus on three key pillars: i) promoting gender equality when recruiting; ii) embedding gender balance in the day-to-day work; iii) fostering staff awareness about gender balance issues.

To give a few examples: our vacancy notices now explicitly mention our gender equality objective and refer to its flexible working arrangements, which we keep enriching; we appoint balanced selection panels; when recruiting if the pools of candidates is not balanced vacancies may be prolonged or reopened; we check carefully gender balance when promoting staff. We also reach out to other organisations and inspiring leaders in this area, to learn from their experience.

All this has allowed us to consolidate some of our strengths, in particular our good overall balance at staff level, but also to significantly improve gender balance at managerial level, especially at Director level where two of the three new directors recruited in 2021 were females.

Gender equality is also an area in which we are doing interesting policy work, mainly assessing diversity and inclusion at banks and other financial entities. For instance, we issued Guidelines on internal governance highlighting the importance of diversity in the composition and selection of banks’ Board Members. We also publish industry benchmarking reports, including on gender pay gaps.

List of figures

Figure 1: Overview of main outputs delivered against the EBA work programme for 2021
Figure 2: Basel III monitoring exercise – total minimum capital requirement impact by risk category (December 2020 reference date)
Figure 3: The process behind the EU-wide stress test
Figure 4: Looking at the EU banking sector, which other sources of risks or vulnerabilities are likely to increase further in the next 6 to 12 months?
Figure 5: Integrated reporting system overview
Figure 6: EUCLID in numbers
Figure 7: Number of reporting modules collected via EUCLID (reference date September 2021)
Figure 8: EUCLID process explained
Figure 9: ESG disclosure in the EU
Figure 10: Share of fraudulent transactions (in terms of the volume of total transactions) when payments are executed domestically, inside and outside the EEA
Figure 11: Share of fraudulent transactions (in terms of the volume and value of total transactions) for remote card payments reported by issuers and acquirers, with and without SCA
Figure 12: Share of fraudulent e-commerce card-based payments (in terms of the value of total transactions) reported by issuers and acquirers
Figure 13: Main drivers of operational risk as seen by banks
Figure 14: Indicative overview of digital platform clusters and enablers
Figure 15: Continued monitoring of RegTech development
Figure 16: Steps of the stress testing cycles conducted by the DGS
Figure 17: Decision tree for selecting actively monitored AML/CFT colleges
Figure 18: Main content of EBA report on ESG risk management and supervision
Figure 19: EMAS team pyramid
Figure 20: BSG outputs in 2021
Figure 21: EU Supervisory Digital Finance Academy - a forward-looking approach to digital finance


ACPRAutorité de Contrôle Prudentiel et de RésolutionFSBFinancial Stability Board
AIartificial intelligenceGARgreen asset ratio
AISPaccount information service provider GDPgross domestic product
AMLanti-money launderingGHGgreenhouse gas
AMLAAML/CFT authorityHDPhigh-default portfolio
AT1Additional Tier 1ICTinformation and communication technology
BCBSBasel Committee on Banking SupervisionIFDInvestment Firms Directive
BRRDBank Recovery and Resolution DirectiveIFRInvestment Firms Regulation
BSRbalance sheet reviewIMMVinitial margin model validation
BTARbook taxonomy alignment ratioIOSCOInternational Organization of Securities Commissions
BUbanking unionIPUintermediate parent undertaking
CAcompetent authorityIRBinternal ratings-based
CDCPcentral data collection pointIRRBBinterest rate risk in the banking book
CfAcall for adviceITSimplementing technical standards
CFTcombating the financing of terrorismJTDjump-to-default
CMDIcrisis management and deposit insuranceLCRliquidity coverage ratio
CMUcapital markets unionLDPlow-default portfolio
COPACConduct, Payment and ConsumerLEILegal Entity Identifier
CoRcost of riskLIBORLondon Interbank Offered Rate
CRDCapital Requirements DirectiveMCDMortgage Credit Directive
CREcommercial real estateMiCAmarkets in crypto-assets
CRRCapital Requirements RegulationMiFIDMarket in Financial Instruments Directive
CSRBBcredit spread risk in the banking bookMLmoney laundering
CSRDCorporate Sustainability Reporting DirectiveMRELminimum requirement for own funds and eligible liabilities
CTPPcritical ICT third-party providersMVPminimum viable product
CTRConsumer Trends ReportNCAnational competent authority
DGSdeposit guarantee schemesNGFSNetwork for Greening the Financial System
DGSDDeposit Guarantee Schemes DirectiveNISNetwork and Information Systems
DNSHdo no significant harmNPEnon-performing exposure
DORADigital Operational Resilience ActNPLnon-performing loan
DPIAdata protection impact assessmentOTCover-the-counter
DPMdata point modelPGSpublic guaranteed schemes
DRRdigital regulatory reportingRAresolution authority
EBAEuropean Banking AuthorityRAQrisk assessment questionnaire
ECEuropean CommissionRARrisk assessment report
ECAIexternal credit assessment institutionRCAPRegulatory Consistency Assessment Programme
ECBEuropean Central BankRRAOresidual risk add-on
ECLexpected credit lossRREresidential real estate
ECSPREuropean Crowdfunding Service Providers RegulationRTSregulatory technical standards
EDPSEuropean Data Protection SupervisorRWAsrisk-weighted assets
EEAEuropean Economic AreaRDBrisk dashboard
EFIFEuropean Forum for Innovation FacilitatorsSCAstrong customer authentication
EFRAGEuropean Financial Reporting Advisory GroupSFDRSustainable Finance Disclosure Regulation
EIOPAEuropean Insurance and Occupational Pensions AuthoritySGVSub-group Vulnerabilities
EMAEuropean Medicines AgencySMEssmall and medium-sized enterprises
EMASEco-Management and Audit SchemeSNRASupranational Risk Assessment
EMIREuropean Markets Infrastructure RegulationSREPsupervisory review and evaluation process
EONIAEuro Overnight Index AverageSTSsimple, transparent and standardised
EREPEuropean Resolution Examination ProgrammeSVBsupervisory benchmarking
ERMenterprise risk managementTCBthird-country branch
ESAsEuropean Supervisory AuthoritiesTCGthird-country group
ESAPEU Single Access PointTCFDTask Force on Climate-Related Financial Disclosures
ESEPEuropean Supervisory Examination ProgrammeTFterrorist financing
ESGenvironmental, social and governanceTFCRTask Force on Climate-related Financial Risks
ESMAEuropean Securities and Markets AuthorityTLACtotal loss absorbency requirement
ESRBEuropean Systemic Risk BoardTLTROtargeted long-term refinancing operation
ETLextraction, transformation, and loadingTRIMtargeted review of internal models
EUEuropean UnionUCITSUndertakings for Collective Investment in Transferable Securities
EUCLIDEuropean Centralised Infrastructure for Supervisory DataVaRvalue-at-risk
EuReCaEuropean reporting system for material CFT/AML weaknesses

Key publications by activity

RTS on own funds and eligible liabilities
Report on the monitoring of CET1 instruments issued by EU institutions
Report on the monitoring of Additional Tier 1 instruments of EU institutions
Liquidity risk and interest rate risk in the banking book
Consultation paper on amended ITS on currencies with constraints on the availability of liquid assets
Report on monitoring of the LCR implementation in the EU
Report on the possible impact of the NSFR on the functioning of the precious metals’ markets
Accounting and audit
RTS on methods of prudential consolidation under Article 18 of CRR
Large exposures
Guidelines on conditions for the application of the alternative treatment of institutions’ exposures related to tri-party repurchase agreements
Consultation paper on draft guidelines on large exposures breaches and time and measures to return to compliance
RTS on the determination of indirect exposures to underlying clients of derivative and credit derivative contracts
Consultation paper on draft RTS on criteria for the identification of shadow banking entities
Guidelines on large exposures breaches and time and measures to return to compliance
Credit risk
List of public sector entities
List of regional governments and local authorities
Report on the implementation of selected COVID-19 policies
Joint consultation paper on the revised draft ITS on credit assessments by ECAIs under CRR Article 136
Report results from the 2020 credit risk benchmarking report
Consultation paper on draft RTS concerning the assessment of appropriateness of risk weights and minimum LGD values
Report on external credit ratings reliance
Amendment ITS ECAIs mapping Solvency II
Amendment ITS ECAIs mapping CRR art 136
Consultation paper on RTS amending RTS on credit risk adjustments
Revised Decision on the use of unsolicited credit assessments
RTS on the assessment of appropriateness of risk weights and minimum LGD values
Market risk
Consultation paper on draft RTS on residual risk add-on
Consultation paper on draft RTS on gross JTD amounts
Report results from the 2020 market risk benchmarking report
Joint ESAs Q&As on exchange of collateral
Consultation paper on draft RTS on advanced economies for equity risk
Guidelines on criteria for the use of data inputs in the risk-measurement model
RTS on gross jump-to-default amounts
RTS on residual risk add-on
Operation risk and investment firms
Consultation paper on draft RTS on colleges of investment firms
Consultation paper on draft RTS and ITS on information exchange for investment firms
EBA and ESMA’s list of additional instruments and funds under IFR
Consultation paper on draft RTS on the reclassification of investment firms as credit institutions
ITS on supervisory disclosure for competent authorities of investment firms
Opinion on appropriate supervisory and enforcement practices for the process of authorising investment firms as credit institutions
RTS on disclosure of investment policy by investment firms
Supervisory review
Consultation paper on draft ITS on the format, structure, contents list and annual publication date of the supervisory information to be disclosed by competent authorities under Article 57(4) of IFD
Report on convergence of supervisory practices in 2020
Consultation paper on revised draft guidelines on common procedures and methodologies for SREP and supervisory stress testing for credit institutions
EBA Report on the supervisory independence of competent authorities
Consultation paper on draft guidelines on common procedure and methodologies for SREP for investment firms
Consultation paper on draft RTS on Pillar 2 add-ons for investment firms
RTS on colleges of supervisors for investment firm groups
RTS and ITS on information exchange between the competent authorities of home and host Member States
2022 European Supervisory Examination Programme
EBA report on the supervisory independence of competent authorities
Internal governance and remuneration
RTS on pay out in instruments for variable remuneration under the Investment Firms Directive (IFD)
RTS on the criteria to identify material risk takers under the Investment Firms Directive (IFD)
Revised Joint EBA and ESMA guidelines on the assessment of suitability of the members of the management board and key function holders
Revised guidelines on internal governance under CRDV
Revised guidelines on remuneration policies under CRDV
Guidelines on internal governance under IFD
Guidelines on remuneration policies under IFD
High Earners Report – data as of end 2019
Recovery and resolution
Consultation paper on draft guidelines on resolvability
Consultation paper on draft revised guidelines on recovery plans indicators
Report on the application of early intervention measures in the EU
Response to the Call for Advice regarding funding in resolution and insolvency as part of the review of the crisis management and deposit insurance framework
ITS amending the ITS on resolution planning reporting
Resolution Colleges Annual Report 2020
Guidelines on recovery plan indicators
Quantitative MREL report
2022 European Resolution Examination Programme
Joint ITS under the Financial Conglomerates Directive (FICOD) on reporting templates for intra-group transactions (IGT) and risk concentration (RC)
ITS on reporting and disclosures for investment firms
Updated list of validation rules (reporting framework 3.1)
Discussion paper on integrated reporting
Consultation paper on draft ITS on supervisory reporting regarding ALMM
Study of the cost of compliance with supervisory reporting requirement
Consultation paper on the ITS on Supervisory Reporting regarding COREP, AE and G-SIIs
ITS on supervisory reporting amendments with regard to COREP, asset encumbrance, ALMM and G-SIIs
Feasibility study on integrated reporting
Opinion on the disclosure requirement on environmentally sustainable activities in accordance with Article 8 of the Taxonomy Regulation
Consultation paper on draft ITS on Pillar 3 disclosures on ESG risks
Joint consultation paper on taxonomy-related sustainability disclosures
Consultation paper and final draft RTS on disclosure of investment policy by investment firms
Consultation paper on draft ITS on Pillar 3 disclosures regarding exposures to IRRBB
ITS on disclosure of information on exposures to interest rate risk on positions not held in the trading book
ITS on disclosure of indicators of global systemic importance by G-SIIs
RTS on disclosure of investment policy by investment firms
Loans management and valuation
ITS on disclosure of indicators of global systemic importance by G-SIIs
Discussion paper on the review of the NPL transaction data templates
Market access, authorisation and equivalence
Report on the treatment of incoming third country branches under the national law of Member States
Report on the peer review of Joint ESAs Guidelines on the prudential assessment of the acquisition of qualifying holdings
Consultation paper and guidelines on the monitoring of the threshold for establishing an intermediate EU parent undertaking
Guidelines on a common assessment methodology for granting authorisation as a credit institution
Banking markets, securitisation, covered bonds and sustainable finance
ESAs’ RTS on the content, methodologies and presentation of disclosures under SFDR
Joint supervisory statement on the application of the SFDR
Joint Committee Q&As relating to the Securitisation Regulation (EU) 2017/2402
ESAs’ opinion to the European Commission on the jurisdictional scope of application of the Securitisation Regulation
ESAs’ report on the implementation and functioning of the Securitisation Regulation
Report on ESG risks management and supervision
Report on the monitoring of Additional Tier 1 instruments of EU institutions
Consultation paper on draft RTS specifying the requirements for originators, sponsors, original lenders and servicers relating to risk retention
Guidelines on the monitoring of the threshold and other procedural aspects on the establishment of intermediate EU parent undertakings
Statement in the context of COP26
Consultation paper on draft RTS on initial margin model validation (IMMV) under EMIR
Innovation and FinTech
Analysis of RegTech in the EU financial sector
Report on the use of digital platforms
Consumer and depositor protection
Joint report following consultation on draft regulatory technical standards to amend the PRIIPs KID
Consumer trends report 2020/2021
Consultation paper on draft revising guidelines on DGS stress tests
Joint Committee report on the application of guidelines on complaints-handling
Consultation paper on draft guidelines on the delineation and reporting of AFM of DGS
Report on the mystery shopping activities of National Competent Authorities
Consultation paper on draft RTS on individual portfolio management of loans offered by crowdfunding service providers
Report on the application of the guidelines on POG arrangements
Methodological guide to mystery shopping
Revised Guidelines on DGS stress tests
ESAs call for evidence on the European Commission mandate regarding the PRIIPs Regulation
Opinion on the treatment of client funds under DGSD
RTS on individual portfolio management of loans offered by crowdfunding service providers
Guidelines on the delineation and reporting of available financial means of Deposit Guarantee Schemes
Payment services
Opinion on supervisory actions for removal of obstacles to account access under PSD2
Revised guidelines on major incident reporting under PSD2
Report on the data provided by payment service providers on their readiness to apply strong customer authentication
Consultation paper on draft guidelines on the limited network exclusion under PSD2
Sixth set of issues raised by EBA working group on APIs
Seventh set of issues raised by EBA working group on APIs
Consultation paper on amending RTS on SCA and CSC under PSD2
Anti-money laundering and combating the financing of terrorism
Revised guidelines on money laundering and terrorist financing risk factors
Opinion on the risks of money laundering and terrorist financing affecting the European Union’s financial sector
Consultation paper and revised guidelines on risk-based AML/CFT supervision
Consultation paper anddraft RTS AML/CFT central database
Consultation paper and guidelines on AML-CFT cooperation
Consultation paper on draft guidelines on the role, tasks and responsibilities AML/CFT compliance officers
Consultation paper on the use of remote customer onboarding solutions
Risk analysis
Asset encumbrance report 2020
JC autumn risk report
Thematic note on differences in provisioning practice in the United States and the European Union
Revised methodological guide on risk Indicators
Joint Public Statement on forthcoming cessation of all LIBOR settings
JC autumn 2021 report on risks and vulnerabilities
Updated list of indicators for risk assessment and risk analysis tools
Report on Funding Plans
Stress testing
Publication of the 2021 EU-wide stress test
EU-wide pilot exercise on climate risk
Data analysis and infrastructure
Risk Dashboard Q3 2020
Risk Dashboard Q4 2020
Risk Dashboard Q1 2021
Risk Dashboard Q2 2021
Updated list of Other Systemically Important Institutions (O-SIIs)
Aggregated DGS data 2015-2020
2020 G-SII data disclosure - summary and charts
Thematic note on benchmark rate transition risks
Statistical tools
2021 EU-wide transparency exercise
Economic analysis and impact assessment
Risk Dashboard Q3 2020
Risk Dashboard Q4 2020
Risk Dashboard Q1 2021
Risk Dashboard Q2 2021
Updated list of Other Systemically Important Institutions (O-SIIs)
Aggregated DGS data 2015-2020
2020 G-SII data disclosure - summary and charts
Thematic note on benchmark rate transition risks
Activity 30: Policy coordination and communication
ESAs’ Board of Appeal decision on Scope Ratings v ESMA
ESAs’ Board of Appeal decision on Howerton v EBA
ESAs’ Board of Appeal decision on A v ESMA
ESAs’ Board of Appeal decision on City Insurance v EIOPA
Joint ESAs Annual Report
Annual Report
Opinion on the European Parliament 2019 discharge report
Work programme 2022

Figure 1: Overview of main outputs delivered against the EBA work programme for 2021


Supporting the deployment of the risk reduction package and the implementation of effective resolution tools


Improving and updating guidance for the supervisory review and evaluation process of credit institutions and enhancing the cooperation with anti-money laundering (AML) authorities

In line with its roadmap for the risk reduction measures package, the EBA updated the SREP guidelines for credit institutions in 2021 to reflect regulatory and supervisory developments since the guidelines were first revised in 2017. This second review aligned the SREP guidelines with the requirements laid down in the revised Capital Requirements Directive and Regulation (CRD V and CRR II), as well as with other EBA guidelines and technical standards. The update also reflects observations from the ongoing monitoring and assessment of the convergence of supervisory practices. The changes do not significantly alter the overall structure of the SREP framework but provide additional guidance to strengthen a common set of rules that are fit for purpose for the day-to-day work of supervisors.

In refining the SREP guidelines, the EBA has taken into consideration aspects that include the following.

  • Proportionality: The revised framework updates the categorisation criteria, taking account of both the size and risk profile of institutions. The minimum engagement model has been reviewed and amended on this basis.
  • Anti-money laundering/countering the financing of terrorism (AML/CFT): The revised framework proposes an integrated approach to factor money laundering/terrorist financing (ML/TF) risks from a prudential perspective into the relevant SREP areas and to foster cooperation between AML/CFT and prudential authorities.
  • Risk of excessive leverage: This regulatory change helps competent authorities (CAs) to assess the risk of excessive leverage and provides guidance on determining the level and composition of additional own funds requirements.
  • Determination of Pillar 2 requirements (P2R): The revised SREP guidelines clarify how the quantity and composition of P2R should be determined and further emphasise the institution-specific nature of such requirements.
  • Communication of additional own funds requirements: The revised SREP guidelines enhance the supervisory dialogue by clarifying the minimum scope of information and justification of the results of the SREP to be provided to institutions.
  • Methodology for setting Pillar 2 guidance (P2G): The revised SREP guidelines clarify the setting of the P2G, encompassing both the use of supervisory stress test results and possible adjustments.
  • Sustainable finance: The EBA decided to implement a progressive approach, starting with the inclusion of environmental, social and governance (ESG) risk in the supervisory business model analysis.

Additional areas under review include (i) the assessment of governance and institution-wide controls and (ii) the assessment of risks (credit risk, operational risk, market risk, interest rate risk in the banking book (IRRBB) and credit spread risk in the banking book (CSRBB), as well as liquidity and funding risks).

The EBA also started developing guidance for the assessment of investment firms under the Investment Firms Directive (IFD). This included:

  • SREP guidelines (to be developed jointly with the European Securities and Markets Authority, ESMA) for the assessment of investment firms based on the mandate included in Article 45(2) IFD (the tentative timeline for publication is July 2022);
  • regulatory technical standards (RTS) on how to measure the risks and elements of risk in determining additional own funds requirements for investment firms based on the mandate included in Article 40(6) IFD (to be published in June 2022).

The draft joint SREP guidelines set out the process and criteria for assessing the main SREP elements such as:

  • business model;
  • governance arrangements and firm-wide controls;
  • risks to capital and capital adequacy;
  • liquidity risk and liquidity adequacy.

As part of this assessment, the EBA introduced a scoring system making it easier to compare firms. In addition, the proposed joint guidelines provide clarifications on how to monitor key indicators, apply SREP in a cross-border context and use supervisory measures.

While the proposed structure of SREP and the scoring system are similar to those used for credit institutions, the methodology provided is proportionate to the nature, size and activities of investment firms and takes into account the specific sources of risks to which they are exposed.

For determining additional own funds requirements for risks not covered or not sufficiently covered by Pillar 1 requirements, the joint SREP guidelines refer to the draft RTS on the additional own funds requirements.


According to its founding regulation, the EBA must contribute to fostering supervisory convergence across the EU and play an active role in building a common supervisory culture and ensuring the consistent application of the Single Rulebook.

To pursue this mandate in the context of the SREP, the EBA identifies key topics each year for particular supervisory attention. It then follows up on their implementation. The 2021 convergence plan identified four key topics, which also served as the basis for assessing the degree of convergence in supervisory practices:

  1. asset quality and credit risk management;
  2. information and communication technology (ICT) and security risk, operational resilience;
  3. profitability and business model;
  4. capital and liability management.

These topics were also aligned with and driven by the implementation of the forward-looking Union Strategic Supervisory Priorities (USSPs) set by the EBA.

The EBA observed that these topics were well embedded in competent authorities’ supervisory priorities and, overall, well implemented in their supervisory practices. Nevertheless, some points would have benefited from further supervisory attention. This information will feed into the 2022 convergence cycle and inform the selection of the key topics for 2023.

Monitoring the implementation of global standards (Basel III)

The implementation of global standards in the European Union is key to the development of the Single Rulebook. The EBA regularly monitors and assesses the potential impact on the EU banking sector of implementing international banking regulation and/or best practices, such as the proposals of the Basel Committee on Banking Supervision (BCBS). This allows the EBA to submit its proposals to the European Commission on items of EU regulation that address the specificities of the EU banking system and ensure its safe and smooth functioning.

The EBA conducts a regular Basel III monitoring exercise analysing (i) the impact of the final Basel III rules on European credit institutions’ capital and leverage ratios and (ii) the associated shortfalls that would result from a lack of convergence with the fully implemented Basel III framework. In September 2021, the EBA published a report on monitoring the impact of implementing the final Basel III regulatory framework in the European Union using data as of December 2020. The report contains a breakdown of the impact on the total minimum required capital arising from credit risk, operational risk, leverage ratio reforms and the output floor. In December 2021, the EBA published a report on liquidity measures using data as of December 2020. The report monitors and evaluates the liquidity coverage requirements currently in place in the EU. It presents a thorough analysis of the liquidity coverage ratio (LCR) levels and their composition by country and business model, as well as giving a more in-depth analysis of potential currency mismatches in LCRs.

The main factors driving the impact of Basel III framework are the implementation of the output floor and the credit risk reform, with 7.1% and 5.1% respectively. The new leverage ratio is partially counterbalancing the impact of the Basel III risk-based reforms by 4.3%.

The EBA has also been active in providing the BCBS with input before the development of supervisory standards by conducting new data collection activities that allow the proposed policies to be better assessed. In addition, the EBA collaborates closely with the BCBS to develop methodologies that more accurately evaluate the impact of the proposed BCBS supervisory standards.

To enhance the representativeness of the sample and its consistency over time, the EBA made it mandatory (in EBA/DC/2021/373 as amended by EBA/DC/426) to submit core data for the Basel III monitoring exercise for a sample of banks (Consolidated sample of banks for the mandatory Basel III monitoring exercise) starting from the December 2021 reference date.


Figure 2: Basel III monitoring exercise – total minimum capital requirement impact by risk category (December 2020 reference date)

Source: snapshot of an EBA visualisation tool based on data published in September 2021

How the mandatory exercise works as of December 2021

In March 2021, the EBA published a decision to change the Basel III monitoring exercise from voluntary to mandatory with effect from December 2021. This change arises from the need to ensure representation from all EU/EEA jurisdictions and to expand the sample of the participating credit institutions to make it more representative and stable.

The EBA’s decision on the mandatory Basel III exercise will help the EBA to represent effectively the interests of EU institutions in the BCBS and to provide informed opinions and technical advice to the European Commission, the European Parliament and the Council regarding the implementation of the BCBS standards into the Union law.

The decision applies clear selection criteria for defining the country samples. Specifically, each Member State should apply the following criteria sequentially:

  • all global and other systemically important institutions (G-SIIs and O-SIIs) are included in the country sample at the highest level of EU consolidation, irrespective of their size;
  • if 80% risk-weighted assets (RWA) coverage is not exceeded and the jurisdiction’s sample size is smaller than 30 banks, additional large banks (Tier 1 capital > EUR 3 billion or total assets > EUR 30 million) that are not O-SIIs are included until 80% RWA coverage is exceeded;
  • if 80% RWA coverage is not exceeded, additional medium-sized and small banks that are not O-SIIs are selected from the eligible population of three different broad business models according to predefined percentages per business model.

To address the principle of proportionality at jurisdictional level, the decision limits the participation of small Member States (RWA < 0.5% of the total EU RWA) to O-SIIs only, irrespective of whether the 80% RWA coverage is exceeded or not.

To address the principle of proportionality at bank level, the eligible population of credit institutions per business model excludes those with RWA < 0.1% of the Member State’s total RWA.

To address the principle of proportionality at data submission level, the EBA limits the mandatory fields to those considered necessary for the overall assessment of the Basel III impact and to those that appear to have the highest impact in previous (voluntary) submissions.

Contributing to the high-quality and consistent application of the IFRS 9 standard and expected credit loss frameworks

The EBA continues to work on assessing and monitoring the implementation of IFRS 9 and its interaction with prudential requirements. In November 2021, the EBA published a report summarising the findings from the monitoring activities conducted since the publication of its last report in December 2018. The report included findings from the EBA IFRS 9 benchmarking exercise as well as observations from the qualitative assessment aimed at monitoring EU institutions’ practices. The assessment also covered a period following the COVID-19 pandemic outbreak. The report aimed to assist supervisors in evaluating the quality and adequacy of IFRS 9 expected credit loss (ECL) models, so as to contribute to the high-quality and consistent application of the IFRS 9 standard in the EU. In addition, the report included the conclusions of the investigations around the classification and measurement of financial instruments, which served as a sound basis for reacting to the first phase of the post-implementation review of IFRS 9 carried out by the IASB.

In line with the staggered approach presented in the IFRS 9 roadmap, the EBA will continue to work on the integration of the high-default portfolios (HDPs)* in the IFRS 9 templates of the ITS on supervisory benchmarking and their extension to institutions by applying the standardised approach for credit risk; further consideration would be needed in this regard, given the more limited modelling experience.

* High Default Portfolios are considered to be exposures to Residential Mortgages, SMEs, Corporates (other than Large Corporates) and SME retail.

FindingS of the IFRS 9 assessment

The EBA noted that while EU institutions have made significant efforts to implement and adapt their systems to IFRS 9 since its first application date, the level of judgement embedded in the standard means that a wide variety of practices may be applied. While no single practice has turned out to be a strong driver of the ultimate levels of provisioning, some practices observed would benefit from further scrutiny from supervisors. In addition, the COVID-19 pandemic resulted in extraordinary circumstances that pushed IFRS 9 models outside their ordinary working hypothesis, thereby increasing the use of overlays at the level of IFRS 9 risk parameters or directly at the level of the final ECL amount. Therefore, going forward, the use of overlays across EU institutions should be subject to continued monitoring to understand whether (and to what extent) institutions will adjust their ECL models to incorporate the effects currently captured via overlays/manual adjustments and/or whether part of the overlays considered will be maintained and for how long.

Enhancing the governance and remuneration framework

Updating the internal governance framework

In line with the revised CRD V and publication of the EBA’s 10-point action plan on dividend arbitrage trading schemes, in July 2021 the EBA and ESMA published updated joint guidelines on the assessment of the suitability of members of the management body and key function holders (guidelines on fitness and propriety) and guidelines on internal governance. Both guidelines entered into force at the end of 2021. In accordance with the changes introduced by CRD V, the EBA guidelines on sound remuneration were also updated. The updates also consider further changes to the CRD that are included in the IFD. These guidelines have been applicable since 31 December 2021.

Establishing revised fitness and propriety guidelines

Credit institutions and investment firms are subject to the joint EBA-ESMA guidelines on fitness and propriety. While the previous guidelines largely harmonised the assessment criteria and processes, further revisions were necessary to accommodate regulatory changes. The main revisions concern (i) the scope of application, (ii) the explicit inclusion of money laundering or terrorist financing and (iii) the increased risk of money laundering or terrorist financing in connection with the institution or investment firm linked to the assessment of the suitability of the members of the management body (Article 91 CRD).

Where competent authorities have reasonable grounds to suspect that money laundering or terrorist financing is being or has been committed or attempted, or if there is increased risk thereof in connection with an institution or investment firm, the CRD requires the suitability assessments to take account of those facts. In such situations, the management body must have a particularly high level of competence and relevant experience in this area to ensure that there are strong controls to guarantee compliance with the requirements under the Anti Money Laundering Directive based on the institution’s additional exposure. However, in all institutions, the management body has overall responsibility for ensuring that the institution complies with such requirements. As a consequence, the AML aspect is relevant for the suitability assessment of all members of the management body in all institutions and investment firms.

The other changes of the guidelines relate to the requirements on the composition of the management body, the criteria for assessing the independence of mind of members of the management body and the suitability assessment in the context of early intervention.

It is also further specified that a gender-balanced composition of the management body is of particular importance. Institutions should respect the principle of equal opportunities for any gender and take measures to create a more gender-balanced pool of candidates for management positions over time.

Updating the guidelines on internal governance

Credit institutions are subject to the EBA guidelines on internal governance. The update also considers further changes to Directive 2013/36/EU that are included in Directive 2019/2034/EU (the IFD). The guidelines aim to ensure sound governance arrangements.

The main revisions of the guidelines, following the amendments introduced by the CRD V, concern (i) requirements that foster diversity and ensure equal opportunities for both genders, (ii) specific expectations regarding loans to and other transactions with members of the management body and their related parties, and (iii) provisions to tackle risks in the context of money laundering and terrorist financing.

Loans to and transactions with members of the management body and their related parties are a specific source of conflict of interest. To ensure proper internal controls on such loans and to enable CAs to review the compliance of institutions, additional documentation requirements have been included in the guidelines. Decision-making on loans or transactions should be objective and not influenced by conflicts of interest. The arm’s length principle safeguards independent and objective decision-making and ensures appropriate conditions for such loans or transactions.

Combating money laundering and terrorist financing is crucial for maintaining stability and integrity in the financial system. Therefore, uncovering any involvement of credit institutions and investment firms in money laundering and terrorist financing can have a detrimental impact on the institution’s viability and on the trust in the financial system. In this context, the guidelines clarify that identifying, managing, and mitigating money laundering and terrorist financing risk is part of sound internal governance arrangements and an institution’s risk management framework.

In line with the requirement for a gender-neutral remuneration policy as part of the overall governance arrangements, the revisions provide new guidance on the code of conduct to ensure that credit institutions take all necessary measures to guarantee equal opportunities to staff of all genders and to avoid any form of discrimination. Further specific actions have been provided in specific guidelines on remuneration policies.

Updated guidelines on sound remuneration policies

All institutions are required to apply sound and gender-neutral remuneration policies for all staff and specific requirements on the variable remuneration of staff whose professional activities have a material impact on an institution’s risk profile (identified staff).

Institutions are subject to these updated guidelines. The updates specifically take into account the requirement for remuneration policies to be gender-neutral. In this context, institutions should monitor the unadjusted gender pay gap.

Additional guidance is provided on the application of the derogations based on an institution’s total balance sheet and for staff with low variable remuneration that were introduced with CRD V on the requirements to defer and pay out in instruments a part of the variable remuneration of identified staff.

The guidelines also clarify how the remuneration framework applies on a consolidated basis to financial institutions that are subject to a specific remuneration framework (for example, firms subject to the IFD, the Undertakings for Collective Investment in Transferable Securities Directive (UCITS), or the Alternative Investment Fund Managers Directive (AIFMD)).

Finally, the sections on severance payments and retention bonuses have been revised based on supervisory experience for cases where such elements have been used by institutions to circumvent requirements on the link to performance or the maximum ratio between variable and fixed remuneration.

Establishing guidelines for investment firms on internal governance and remuneration policies

Directive 2019/2034/EU introduced a specific prudential framework for investment firms with specific governance and remuneration requirements. Many investment firms have already been subject to similar requirements under the CRD. These specific provisions apply to investment firms, unless they are small and non-interconnected (class 2 investment firms).

On 22 November 2021, the EBA in cooperation with ESMA published guidelines on internal governance and sound remuneration policies in accordance with the mandates set out under the IFD. Those guidelines apply from 30 April 2022.

The EBA guidelines on internal governance provide further details on how the IFD governance provisions should be applied by class 2 investment firms, specifying the tasks, responsibilities and organisation of the management body and investment firms, including the need to create transparent structures that allow for supervision of all their activities. The guidelines also specify requirements for ensuring the sound management of risks across all three lines of defence and, in particular, set out detailed conditions on the second line of defence (the compliance function and the independent risk management), where applicable, and the third line of defence (the internal audit function), also where applicable.

Setting out guidelines on sound remuneration policies for investment firms

The guidelines provide further details on how the provisions under IFD on remuneration policies and variable remuneration of identified staff should be applied by class 2 investment firms. The guidelines are as far as possible consistent with the existing guidelines under the CRD. Relevant differences between the IFD and the CRD (e.g. the absence of a bonus cap and differences in instruments and the length of deferral periods) have been taken into account.

All aspects of the remuneration policy must be gender-neutral in accordance with IFD remuneration requirements. Institutions should, therefore, comply with the principle of equal pay for equal work or equal value of work and monitor the gender pay gap. The provisions on anti-discrimination and equal opportunities mirror the framework under the CRD, as the underlying principles in the Directive on equal opportunities and the European Charter on fundamental rights apply in the same way to investment firms as to institutions. The guidelines aim to foster diversity and reduce the gender pay gap over time.

Contributing to the European Commission’s Capital Markets Recovery Package and the targeted amendments to the securitisation framework

The Capital Markets Recovery Package amended the Securitisation Regulation in several aspects, including creating a specific framework for simple, transparent and standardised (STS) on-balance-sheet securitisation to ensure that the Union securitisation framework provides for an additional tool to foster economic recovery in the aftermath of the COVID-19 crisis. It also amended the framework to cater for the specificities of the non-performing exposure (NPE) securitisations to enable the use of securitisation of NPE exposures while maintaining high prudential standards.

RTS specifying the requirements for originators, sponsors, original lenders and servicers related to risk retention in securitisations

In June 2021, the EBA launched a public consultation on draft RTS specifying the requirements for originators, sponsors, original lenders and servicers related to risk retention, in line with the Securitisation Regulation. The RTS aim to clarify requirements relating to risk retention, thus reducing the risk of moral hazard and aligning interests. The RTS also provide clarity on new topics, including risk retention in traditional securitisation of NPE. By providing additional clarity on risk retention in case of portfolios of NPE, these draft RTS are also part of the EBA’s comprehensive work on supporting the functioning of the secondary markets for NPE.

RTS on triggers for switching the amortisation system in STS synthetic securitisation

In December 2021, the EBA launched a public consultation on its draft RTS specifying and, where relevant, calibrating the minimum performance-related triggers for STS on-balance-sheet securitisations that feature non-sequential amortisation. These draft technical standards aim to provide technical clarification on these triggers.


Continuing the regulatory developments

Making progress in the development of the new prudential framework for investment firms

There are around 2,500 investment firms and 400 investment firm groups domiciled in the Union. Investment firms are authorised in accordance with the national transposition of the Market in Financial Instruments Directive (MiFID). However, MiFID does not cover the prudential requirements. Until 2020, the prudential requirements for investment firms used to be addressed under separate legislation, in that certain investment firms were subject to the same prudential requirements as credit institutions and others had specific treatment or were even wholly exempt. With the Basel III finalisation, it became increasingly evident that the credit institutions’ framework of the CRR was not appropriate for most investment firms. Accordingly, the European Commission proposed a new prudential regime more tailored to size and activities performed by investment firms. The new prudential framework, based on the Investment Firms Directive (IFD) and the Investment Firms Regulation (IFR), entered into force in December 2019 and has been applicable since June 2021.

Under the new framework, investment firms will be subject to risk-sensitive and proportionate prudential requirements based on their size and range of performed activities or financial services provided. Therefore, the principle of proportionality was a main driver of the policy choices taken during the development of the technical standards and guidelines. Most of the regulatory products have been developed in collaboration with ESMA and the prudential supervisors of the investment firms.

In order to facilitate the preparation of market participants and the transition to the new prudential framework, the EBA provided an overview of the expected timeline, process and deliverables related to IFD and IFR in the EBA investment firms roadmap. The roadmap envisages four phases, with 21 technical standards and six guidelines to be finalised by the end of 2022.

Ten technical standards were adopted and published in the official journal in 2021. They cover the areas essential for the implementation of the IFD and IFR, including, among others, further specifications of capital requirement methodologies, standards on reporting and disclosure requirements, reporting templates for investment firms and investment firm groups, standards for the identification of risk takers and of instruments for variable remuneration.

On top of the nine technical standards submitted to the EU Commission in 2020, the EBA developed nine technical standards and guidelines relating to the IFD and IFR in 2021. These cover several additional areas on the supervision of investment firms, such as the reclassification of certain investment firms as credit institutions, the functioning of colleges, the exchange of information among investment firms’ competent authorities, supervisory disclosure and investment policy disclosure.

Finalising the EBA’s roadmap on investment firms by 2022

The EBA also started the public consultation process on the remaining technical standards and guidelines, aiming to submit all of them to the Commission in 2022. At this juncture, the regulatory products for which the public consultation is in progress or recently closed are the guidelines on the SREP for investment firms, the technical standards on the capital add-ons, the guidelines on liquidity exemption, and the technical standards on specific liquidity measures. With this year’s scheduled finalisation of the technical standards on prudential consolidation of investment firm groups, the package would be complete, apart from the mandates relating to ESG risks.

In accordance with the EBA’s general policy on the European Centralised Infrastructure for Supervisory Data (EUCLID) platform and the EBA as a single data hub, presented in Section 3.2, the EBA also started collecting an EU-wide set of data under the IFR reporting requirements. The upgrade of the EUCLID infrastructure to include investment firms’ own funds reporting will be completed in 2022. This will allow the EBA to have a detailed and comprehensive overview over all MiFID investment firms’ prudential requirements in the Union by early 2023. Among others benefits, this data will be representative for the IFD and IFR reviews envisaged for 2024.


Supplementing the regulatory framework in the area of market risk and markets infrastructure

Addressing market risk

In 2021, the EBA continued to deliver technical standards in the area of market risk in accordance with its roadmap for the new market and counterparty credit risk approaches published in June 2019. In March and April 2021, the EBA issued for public consultation three draft RTS of phase 3 of its roadmap: (i) draft RTS on gross jump-to-default (JTD) amounts, (ii) draft RTS on residual risk add-on (RRAO) and (iii) draft RTS on advanced economies. These RTS complete the specifications needed for calculating capital requirements under the alternative standardised approach for market risk in the CRR.

After taking into account the feedback from the public consultation, the EBA finalised, published, and submitted to the European Commission for adoption the draft RTS on gross JTD amounts and the draft RTS on RRAO in October 2021. The draft RTS on advanced economies were likewise published and submitted to the Commission shortly after in February 2022.

In addition, in July 2021 the EBA published its final guidelines clarifying the requirements for the data inputs used to compute the expected shortfall risk measure under the alternative Internal Model Approach. In particular, these requirements aim to ensure that data inputs are calibrated to historical data reflective of prices observed or quoted in the market. Those regulatory deliverables contribute to ensuring the smooth introduction in the European Union of the revised framework to calculate capital requirements for market risk.

Market infrastructures

In November 2021, the EBA published a consultation paper on draft RTS on initial margin model validation (IMMV) under Article 11(15)(aa) of the European Markets Infrastructure Regulation (EMIR). The consultation paper sets out the supervisory procedures for initial and ongoing validation of initial margin models to be used for determining the level of margin requirements for uncleared over-the-counter (OTC) derivatives.

The consultation paper proposes the application of supervisory procedures proportionate to the size of the counterparty. This entails: (i) a standard supervisory procedure to ensure an in-depth validation of the largest banking counterparties and (ii) a more pragmatic and simplified approach for smaller counterparties. In addition, the proposal foresees a phased-in implementation of the supervisory requirements to ensure a smooth model validation process, providing more time for smaller counterparties to comply with the new requirements. Finally, to minimise disruption, the validation of models already in place before the date of application of the new rules may be conducted via a non-objection procedure for a two-year transitional period from the application of those rules.

Continuing the development of an all-inclusive large exposures regime in the European Union

With the Regulatory Consistency Assessment Programme (RCAP) of the Basel Committee that assessed the large exposures framework in the European Union as compliant/largely compliant with the Basel standard on large exposures, institutions in the European Union can benefit from further clarity on the regulatory framework while at the same time aligning their operational procedures to standards adopted in other markets outside the European Union.

In 2021, the EBA directed part of its efforts towards enhancing the large exposures framework. Under a host of new mandates in the risk reduction measures package adopted by European legislators in 2019, the EBA developed guidelines to harmonise the way in which competent authorities assess and manage breaches of the large exposures limits by institutions. It also developed RTS to set out criteria for the identification of shadow banking entities for the purposes of reporting large exposures.

If, in an exceptional case, an institution breaches the large exposures limits, the value of the exposure must be reported immediately to the competent authority, which may allow the institution a limited period in which to restore compliance with the limit. The EBA published guidelines providing guidance to competent authorities to decide when it may allow an institution a limited period of time on to comply again with the limit , as well as criteria to determine the appropriate time for returning to compliance. Based on current practices by competent authorities, the approach in these guidelines is kept simple, ensuring a prudent and harmonised application and a level playing field among institutions in the Union.

Meanwhile, the EBA developed technical standards to specify the criteria for identifying shadow banking entities as entities performing banking services and activities but are not regulated and not supervised under any of the acts set forth in the technical standards forming the regulated framework. These technical standards take into account international developments and internationally agreed standards on shadow banking entities. When identifying shadow banking entities, any transaction with such entity is subject to the limits set out in the EBA guidelines on limits on exposures to shadow banking entities.

In 2022, the EBA will publish technical standards clarifying the circumstances under which institutions should form groups of connected clients. It will also start preparatory work on the amendments of the existing EBA guidelines on connected clients to ensure consistency with these technical standards. Finally, it will update the existing EBA guidelines on limits on exposures to shadow banking entities to ensure consistency with the final RTS on criteria for the identification of shadow banking entities.

The EBA will also finalise the mandates under the large exposures framework in 2022.


Continuing the monitoring of external credit assessment institutions’ mappings

In 2021, the European Banking Authority continued closely monitoring credit assessments issued by external credit assessment institutions (ECAIs), which serve to assess credit quality for determining capital requirements under certain provisions of the CRR. This is based on the correspondence (‘mapping’) of credit assessments with a prudential scale of credit quality steps, which is set out through implementing technical standards (ITS).

Regarding the Standardised Approach of Credit Risk, the Commission endorsed in November 2021 an amending Implementing Regulation, which reflected the registration in the EU of two additional ECAIs, therefore contributing to enhancing market competition. Further, existing mappings were subject to a monitoring exercise based on qualitative and quantitative criteria to assess if the performance of ratings continued to align with the prudential considerations underlying the allocated credit quality steps, therefore ensuring the robustness of the framework. Finally, in June 2021 a revised EBA Decision on the quality of unsolicited credit assessments was published, enabling unsolicited credit assessments issued by certain ECAIs to be used for the purposes of capital requirements determination.

In December 2021, the EBA published a consultation paper on an amendment to the mapping of ECAIs for securitisation positions; this reflected the enhanced risk sensitivity of the new credit quality step scheme brought by the CRR amendments, in turn triggered by the new Securitisation Regulation, therefore ensuring consistency across regulations. Further, the proposed amendments reflect the developments in the ECAI population registered since the original draft ITS was produced, hence allowing new market participants to become operational for capital determination purposes and fostering provision of credit assessment for securitisation instruments.

Using prudential consolidation to address shadow banking

In April 2021, the EBA published the final draft RTS specifying the conditions according to which consolidation should be carried out under Article 18 of the CRR. In developing these RTS, the EBA has taken into consideration the different initiatives undertaken at the international level to strengthen the oversight and regulation of the shadow banking system. Particular consideration has been given to the guidelines on the identification and management of step-in risk issued by the BCBS, with the aim of mitigating a potential spillover from the shadow banking system to banks. Building on these guidelines, the EBA has developed a list of indicators to guide the competent authority in identifying those undertakings that should be fully or proportionately consolidated for prudential purposes, taking into account the step-in risk that this would entail for the banking group.

As part of the amendments proposed by the European Commission to the CRR, a specific mandate has been included for the EBA to report on the completeness and appropriateness of the new set of definitions and provisions related to prudential consolidation. This would allow the EBA to further investigate whether the empowerments of the supervisors and their ability to adapt their supervisory approach to new sources of risks might be unintentionally constrained by any discrepancies or loopholes in the new regulatory provisions or in their interaction with the applicable accounting framework.

Promoting sounder market access rules, including for third-country groups

The EBA has carried out several regulatory and monitoring activities focusing on robust criteria and assessment methodology for sound access to the EU market, including from third countries.

Particular attention has been devoted to the authorisation of credit institutions, with the finalisation of the guidelines concentrating on a common assessment methodology for granting authorisation. These guidelines complete the RTS and ITS on information to be submitted with the application for authorisation as a credit institution and further the harmonisation of licensing practices across the EU. The guidelines are technology-neutral and apply to both traditional and innovative business models or delivery mechanisms. They embed AML/CFT assessment requirements and are in line with the CRD V requirement of stringent assessment of risk management processes and arrangement. Furthermore, they lay down a comprehensive business plan analysis for supporting the assessment of other areas of the application, such as the adequacy of internal governance arrangements and of capital.

In 2021, the EBA also took the lead in drafting a report on the withdrawal of authorisation for serious breaches of AML/CFT rules, in pursuance of a mandate set out in the Council Action Plan on AML of 2018. The report sets out the four action points of Objective 5 of the Action Plan and focuses on (i) the assessment of the degree of discretion and the legal grounds available under national or EU law to prudential supervisors to withdraw the authorisation for serious breaches of AML/CFT rules, (ii) the uniform interpretation of serious breaches of AML/CFT rules, (iii) the impact of the withdrawal of authorisation on critical functions and the involvement of resolution authorities and (iv) the supervisory tools and sanction measures available to supervisors to tackle ML/TF risk. The report, drafted in cooperation with European Securities and Markets Authority (ESMA) and European Insurance and Occupational Pensions Authority (EIOPA), deals with various regulatory, supervisory and crisis-related aspects and will be finalised in 2022.


Linked to market access are acquisitions or increases of qualifying holdings that need to undergo preliminary assessment in accordance with the criteria laid down in Article 23(1), letters (a) to (e) CRD, as further specified in the European Supervisory Authorities’ (ESAs’) joint guidelines on the prudential assessment of acquisition or increase in qualifying holdings. Such assessment must be undertaken according to the same criteria for acquisitions both in going concerns and at authorisation, as it represents a critical safekeeping function in respect of market access. In 2021, the EBA undertook a peer review of the application of these guidelines by the competent authorities under its remit, i.e. those designated under the CRD. In the light of its exclusive competence for the assessment of acquisitions or increases of qualifying holdings, the analysis of the practices followed by the European Central Bank (ECB) deserved special attention. The Peer Review Committee concluded that the guidelines are in general applied by the competent authorities, and it identified areas for improvement, particularly in relation to the first assessment criterion relating to the risk of ML/TF of the proposed acquirer, where more in-depth analysis and guidance may be needed. The case of complex transactions that may involve the assessment of several direct and indirect acquirers is also prone to divergent practices and requires clarification and simplification of the applicable requirements, particularly in relation to the proportionality principle.

In respect of access to the EU market from third countries, the EBA has focused the attention on two separate but related areas. The first relates to the determination of the EUR 40 billion threshold triggering the establishment of the intermediate parent undertaking (IPU); the second relates to the stock-take of national legislative requirements and supervisory practices applicable to EU branches of third-country credit institutions (third-country branches, or TCBs).

In respect of the first aspect, Article 21b CRD requires the establishment of an IPU in the form of a credit institution or (mixed) financial holding company for institutions where the total value of assets held by the EU entities belonging to the third-country groups (TCGs) is equal to or greater than EUR 40 billion. To achieve a common understanding of the calculation and monitoring practices of such threshold which is functional to the decision requesting the establishment of the IPU, the EBA published its final guidelines on the monitoring of the threshold and other procedural aspects on the establishment of IPUs as laid down in Article 21b of the CRD.

In respect of the second aspect, based on the mandate set out in Article 21b of the CRD, the EBA has developed and completed a report on the treatment of incoming TCBs. The report contains a mapping of TCBs currently established in the EU and illustrates the diversified national legislation and practices across the Union. Based on that analysis, the report lays down high-level recommendations for additional minimum harmonisation to address such regulatory differences and related potential arbitrage opportunities. The report emphasises the need for a uniform and centralised third-country equivalence assessment at EU level to avoid different national treatments of third-country credit institutions across the EU. With regard to prudential requirements, it recommends the introduction of capital endowment, such as a fixed amount to be harmonised across the EU or a percentage of the average liabilities, and as to liquidity, it takes a more prudent approach by suggesting the application of LCR requirements to be appropriately calibrated. Other recommendations focus on monitoring TCB operations and point towards transparency of booking arrangements – which are key for an adequate understanding of the risks associated with TCBs – and harmonisation of minimum core reporting requirements. As a last resort measure for ensuring prudential soundness and safety, the report envisages the introduction of a subsidiarisation mechanism to apply only in respect of those TCBs reaching a certain size and/or other quantitative and qualitative risk indicators, and of TCBs carrying out deposit-taking activities of covered deposits.

Implementing effective recovery and resolution plans and increasing institutions’ preparedness to crisis situations

Within the scope of its work on the convergence of supervisory practices, the EBA observed that overall, all competent authorities focused on the review and challenge of institutions’ recovery plans in line with the EBA statement on additional supervisory measures in the COVID-19 pandemic on institutions’ recovery plans.

Additionally, substantial work has also been conducted in supervisory colleges to assess the Group Recovery Plans (GRPs) and reach a joint decision in a timely manner, according to Articles 8 and 6 of the Bank Recovery and Resolution Directive (BRRD).

Overall, no material deficiencies have been identified in the GRPs and the interactions within the colleges closely monitored by the EBA in this regard proved to be fruitful. Notwithstanding the above, the EBA expects the quality of the recovery indicator framework to improve in next year’s assessment thanks to the new EBA guidelines on recovery plan indicators. This single set of guidelines provides institutions and CAs with the essential elements to be followed when developing the recovery plan indicator framework, especially regarding the treatment of recovery plan indicators in a crisis (e.g. application of supervisory relief measures).

The guidelines state that in a systemic crisis, there should no automatic recalibration of recovery plan indicators due to supervisory relief measures, apart from duly justified cases agreed with the CA; they also provide a common EU approach for the recovery plan indicators to ensure that they can promptly signal a stressed situation and enable the institution to consider timely and effective recovery actions.

In 2021, the EBA finalised its resolvability guidelines which represent a significant step in complementing the EU legal framework in the field of resolution based on international standards and leveraging on EU best practices.

Taking stock of the best practices developed so far by EU resolution authorities on resolvability topics, the guidelines set out requirements to improve resolvability in the areas of operational continuity in resolution, access to financial market infrastructure, funding and liquidity in resolution, bail-in execution, business reorganisation and communication. They implement the corresponding Financial Stability Board (FSB) standards at EU27 level.

They play a key role in the EU overall resolution policy framework in that they provide: (i) a harmonised enforceable basis for EU banks to progress on resolvability (banking union (BU) institutions – including both significant institutions (SIs) and less significant institutions (LSIs) – and non-BU institutions); (ii) a harmonised basis for policy discussions at the EBA table on the topic; and (iii) a harmonised basis for authorities to exchange and monitor progress on resolvability, particularly in colleges.

These guidelines are addressed primarily to institutions and provide key standards that institutions should adhere to for increasing their resolvability.

Institutions and authorities should comply with these guidelines in full by 1 January 2024. Compliance will not necessarily equate to being resolvable, as this remains for the relevant resolution authority or authorities to determine. Rather, they should be seen as the minimum steps that institutions should take towards resolvability.

Alongside the guidelines, a consultation was launched on a new set of guidelines on transferability. These guidelines aim to increase the feasibility and credibility of transfer strategies, encompassing requirements relating to the implementation of transfer tools when considered as the preferred or alternative strategies for institutions.

Transferability is defined as the elements of resolvability that will facilitate the transfer of an entity, a business line or portfolio of assets, rights and/or liabilities to an acquirer (‘transfer perimeter’), a bridge institution, or an asset management company. The guidelines deal with the transfer perimeter definition, separability (i.e. how to facilitate separation of an entity or a business from the rest of the group in resolution) and how to operationalise the transfer of this perimeter.

In 2021, the EBA launched the European Resolution Examination Programme (EREP). This first iteration introduced key topics for resolution authorities’ attention across the European Union for 2022. In line with its mission, the EBA proactively drives convergence in resolution practices through the selection of topics deserving European traction. The EREP topics are identified based on the EBA’s expertise in EU-wide policy development, its role in colleges and the practical experience of resolution authorities. The programme mirrors the European Supervisory Examination Programme (ESEP) that has applied to prudential supervision in recent years. The implementation of the key priorities will be monitored and captured in a report in 2023.

Contributing to the ongoing review of the crisis management and deposit insurance framework

In 2021, the EBA advised the EU Commission on funding in resolution and insolvency as part of the review of the crisis management and deposit insurance (CMDI) framework. The EBA response provided a quantitative analysis on banks’ capacity to access available sources of funding under the current framework and under various creditor hierarchies, and with regard to the minimum requirement for own funds and eligible liabilities (MREL).

The descriptive analysis showed the change to banks’ internal loss-absorption capacity under four scenarios of depositors’ preferences compared to the current creditor hierarchy applicable in each Member State. The analysis, whose findings were presented under several different capital depletion scenarios, drew two main conclusions: i) preferring deposits to other ordinary unsecured claims increases the number of banks that are able to meet the requirements to access resolution financing arrangements without the bail-in of any type of depositors; and ii) a single-tier depositor preference (i.e. all types of depositors rank pari passu) allows the highest contributions from deposit guarantee schemes (DGS) compared to the other policy options and the current situation. The modelling approach, which simulated an economic scenario similar to the global financial crisis, confirmed the findings.

In a third part, the report also investigated the issue of market access for MREL instruments for small and medium-sized banks. A limited number of these institutions had not yet issued senior MREL eligible instrument or AT1/T2 instruments as of end 2019. However, banks which are currently earmarked for liquidation are not considered in the analysis, so caution is needed in the interpretation of these results.

While it did not provide policy advice, the response provided a strong quantitative basis and evidence to inform the Commission’s work.

Identifying, assessing and monitoring risks in the EU banking sector


Improving the EU-wide stress testing framework

In line with the feedback received on the discussion paper on the future changes to the EU-wide stress testing framework, the EBA Board of Supervisors supported the exploration and implementation of a hybrid approach. While the status quo remains an option in the short term, the hybrid approach will mean that some selected elements will follow a centralised approach while the rest of the methodology will remain inherently bottom-up.

Investigating the role of top-down elements in the EU-wide stress test

The EBA Board of Supervisors has identified net interest income and net fee and commission income as suitable candidates for centralisation, potentially for the 2023 EU-wide stress test exercise. Due to the strict timelines for the finalisation of the methodology for the 2023 EU-wide stress test, the EBA Board of Supervisors decided to continue working in parallel on the bottom-up methodology considering the lessons learned in the 2021 EU-wide stress test exercise. A final decision on the implementation of some top-down elements in the 2023 EU-wide stress test is expected in the second quarter of 2022.

Figure 3: The process behind the EU-wide stress test

The 2021 EU-wide stress test: assessing banks’ capacity to withstand further shocks

In July 2021, the EBA published the results of the 2021 EU-wide stress test, which involved 50 banks covering broadly 70% of total EU banking sector assets. The 2021 EU-wide stress test exercise was initially planned for 2020 but postponed to allow banks to prioritise operational continuity while the COVID-19 pandemic was unfolding. The stress test helped supervisors assess banks’ capacity to withstand further shocks. Given the unprecedented macroeconomic shock due to the pandemic in 2020, the baseline scenario provided a useful yardstick for assessing and comparing the situation of EU banks, assuming an orderly exit from the pandemic. Hence, the stress test also helped provide a perspective on how the banking system could develop after the pandemic.

During 2020, EU banks continued to build up their capital base, with a CET1 ratio at the beginning of the exercise (i.e. at the end of 2020) of 15%, the highest since the EBA has been performing stress tests, despite the unprecedented decline in gross domestic product (GDP) and the initial effects of the COVID-19 pandemic in that year.

Under the adverse scenario, the average impact on the EU banking system was equal to a 485 bp decline in the CET1 fully loaded ratio for banks. In the baseline scenario, banks’ CET1 fully loaded ratio increased by 78 bps, bringing the sector’s average CET1 fully loaded ratio to 15.8% at the end of 2023. It is encouraging to see that overall, EU banks in aggregate remained above the 10% mark and hence would be able to continue lending despite a very severe adverse scenario.

In line with previous exercises, the EBA published granular stress test data at a bank-by-bank level, which is a must for fostering market discipline at times of increased uncertainty in the markets, while the results of the exercise represent a key input to the supervisory review and evaluation process (SREP).

The EBA is responsible for initiating and coordinating the EU-wide stress test, supplying the methodology, working with the ESRB and the ECB to provide a common scenario and publishing the results, including a report and granular bank-by-bank data together with analytical interactive tools. During the exercise, the EBA, together with the supervisory authorities, closely manage the data extraction, transformation, and loading (ETL) process to ensure a high level of data quality. More than 850,000 data points are processed and around 2,500 validation rules ensure that this is carried out properly. While the supervisory authorities take responsibility for ensuring the quality of the submissions received from banks with the results, the EBA facilitates the process by providing descriptive statistics and managing the process of clarifying methodological questions from banks through a centralised FAQ process.

Analysing risks and assessing idiosyncratic vulnerabilities

One of the EBA’s mandates is to help guarantee the stability, integrity, transparency and orderly functioning of the EU banking sector. To attain this, the EBA closely monitors market developments in order to assess potential risks and vulnerabilities in the European banking sector. This risk assessment feeds into the EBA’s policy decisions.

The risk assessment report (RAR), which is published annually, is one of the main tools utilised to provide external stakeholders with the EBA’s viewpoint on main microprudential risks and vulnerabilities in the EU banking sector. The report leverages on both quantitative information received through the supervisory data submitted to the EBA, as well as qualitative sources of information collected through surveys and microprudential qualitative information.

The 2021 RAR found that banks had strengthened their capitalisation and liquidity positions. They were helped by the robust economic recovery and the progress achieved in tackling the COVID-19 pandemic. In this environment, banks markedly increased lending to small and medium-sized enterprises and for residential real estate. Although asset quality improved overall, there are still concerns about loans to sectors mostly affected by the pandemic, such as the hospitality industry, or some exposures that benefited from COVID-19 support measures. As a result of these trends, the non-performing loan (NPL) ratio for total loans further decreased this year, but the NPL ratios of the exposures to the sectors most affected by the pandemic reported a substantial increase.

The risk assessment also notes that operational risk losses increased during the pandemic, as the growing usage of and reliance on technology were accompanied by an increase in and the impact of information and communication technologies and security-related incidents. This did not directly affect banks’ profitability, which was boosted by lower impairment costs, yet the assessment is that the banking sector is still faced with structural profitability challenges. For example, banks’ net operating income has not recovered to pre-pandemic levels, and the low or negative interest rate environment is still weighing on lending margins. This is added to competition pressures not only among banks, but also with FinTech and BigTech companies. The assessment also acknowledges that banks have made some progress on ESG risk considerations. The share of ESG bonds of total bank issuances has increased in recent years, reaching around 20% of banks’ total placements this year. Banks have started integrating ESG risk considerations into their risk management. However, the EBA cautions that more progress needs to be made, including in areas such as data, business strategies, governance arrangements, risk assessments and monitoring.

In 2021, the quarterly EBA risk dashboard (RDB) remained a leading element contributing to the regular risk assessment and in parallel fulfilling the EBA’s role of disseminating data to stakeholders. The EBA Risk Dashboard has become a reference point for granular EU aggregate and country-by-country supervisory data. It provides comprehensive, easy-to-use fundamental risk indicators for assessing the well-being of the EU banking sector, as well as comprehensive statistical tables for analysing trends and running peer analysis. For these reasons, the RDB has become a reference point of transparency for market participants with up-to-date relevant supervisory data. During 2021, the EBA continued to provide country-by-country data on volumes and asset quality-related indicators for those exposures that benefited from support programs. In addition, as a response to the rising uncertainty caused by the war in Ukraine, the EBA published new statistical tables in the fourth quarter of 2021 on asset (on and off-balance sheet) and liability exposures towards Ukrainian, Belarusian and Russian counterparties.

The risk assessment questionnaire (RAQ) is published twice per year, along with first-quarter and third-quarter RDBs, forming another essential monitoring and assessment tool used by the EBA to identify the main risks and vulnerabilities in the EU banking sector. The surveys consider banks’ and market analysts’ views on topics including profitability, asset development and quality, funding and operational risks, as well as FinTech, sustainable finance and AML-related questions. The answers received provide a reflection of the respondents’ views on the current and forthcoming developments in the EU banking sector, and they provide valuable qualitative input in the analysis of microprudential risks. The number of banks providing their views through the EBA’s RAQ was 59, covering in total 24 countries, while the number of analysts has ranged from 10 to 15.

Figure 4: Looking at the EU banking sector, which other sources of risks or vulnerabilities are likely to increase further in the next 6 to 12 months?

Source: open question to banks in the autumn 2021 RAQ

The EBA also publishes two reports annually that monitor EU banks’ funding plans and asset encumbrance. These contribute to the ongoing monitoring of the composition of funding sources across the EU.

The results of the funding plan assessment show the impact of the pandemic on EU banks’ funding composition. In 2020, client deposits surged and by the end of the year represented 73% of banks’ total funding sources. Banks’ reliance on public sector sources of funding (such as the ECB’s targeted longer-term refinancing operations (TLTRO) programme) increased significantly, and as of December 2020 contributed almost 7% to banks’ total funding. While deposits will continue to be the main source of funding, banks plan to focus on issuing more debt instruments (mostly unsecured instruments) in the coming years to make up for an expected decline in central bank funding but equally to comply with MREL requirements. The plans point to a gradual ‘normalisation’ of banks’ sources of funding over the next three years. This implies in particular a partial replacement of central bank funding with market-based funding.

The asset encumbrance report noted that as COVID-19 spread across Europe, banks made extensive use of central bank facilities to strengthen their liquidity buffers and maintain the flow of credit to the real economy. This resulted in the largest yearly rise in the asset encumbrance ratio since data records began, standing at 27.8% in the fourth quarter of 2020. Central bank funding has become the main source of asset encumbrance. The extensive use of central bank liquidity facilities has driven up the share of central bank funding over total sources of encumbrance. As a result, more than half of central bank eligible assets are already encumbered. In contrast, banks have reduced their reliance on covered bonds given the favourable conditions of central bank facilities, an increasing deposit base, and banks’ focus on the issuance of MREL eligible instruments.

Besides such regular assessments, the EBA dedicated additional resources to assessing thematic risk reviews, usually leveraging on the relevant work and contribution of the competent authorities through the Sub-group Vulnerabilities (SGV). In this regard, the EBA published two thematic notes in 2021.

In May 2021, the first thematic note analysed provisioning policies in US and EU banks at the outset of the pandemic. The thematic note points to divergences in the cost of risk (CoR) reported by banks, not only within the European area, but also across countries and regions. In particular, when compared with other jurisdictions, it found that there is a material difference between the reported CoR of EU and US banks. The note identifies that several factors could explain these differences. First, despite the global character of the pandemic, its impact was not uniform across regions, countries or economic sectors. For example, the increase in US unemployment was bigger than in the EU, while the economic recovery was expected to be faster in the former. Similarly, on the fiscal and monetary front, governments and central banks have adopted unprecedented support measures, the magnitude of which varies substantially across regions. Different loan portfolio compositions might also play an important role. Banks more exposed to economic sectors highly affected by the pandemic and lockdown measures such as hospitality, the arts or entertainment or those whose loan portfolios are more concentrated in riskier segments such as consumer lending or commercial real estate (CRE) might also present a higher CoR.

The EBA also published a thematic note assessing the transition risks relating to interbank offered rates such as the London Interbank Offered Rate (LIBOR) and the Euro Overnight Index Average (EONIA). Benchmark rates play a major role in banks’ daily business, including in valuation and risk management. Transitioning away from benchmark rates to new risk-free rates poses a potential key risk for financial markets in general and banks in particular. The thematic note mentions that EU banks have more than EUR 1 trillion of exposures linked to LIBOR and EUR 0.2 trillion to EONIA, while there are residual exposures linked to national benchmark rates. The exposures linked to LIBOR are a particular focal point, as their transition risk might be higher than for other exposures. Challenges for the banks may include legal issues as well as changes in bank-internal operations and systems.

To fulfil its mandate of monitoring risks and vulnerabilities, the EBA also relies on market data, market intelligence and supervisory reports to support the decisions taken by the Board of Supervisors and provide information to other public authorities. As part of its regular activities, the EBA produces a weekly overview of liquidity and funding. This report focuses on the market developments and analysts’ views and is used to closely and frequently monitor developments in the EU banking sector. This is distributed among CAs, RAs and other EU institutions.

Increasing transparency in the EU banking sector

The 2021 EU-wide transparency exercise

The EBA conducted the annual EU-wide transparency exercise in the second part of the year, disclosing detailed bank-by-bank data for 120 banks across 25 countries of the European Union (EU) and the European Economic Area (EEA), covering quarterly data from September 2020 to June 2021.

The disclosure templates were broadly aligned with previous EBA transparency exercises, covering areas such as capital, leverage ratio, risk exposure amounts, profit and loss, financial assets, market risk, securitisation, credit risk, sovereign exposures, and non-performing and forborne exposures. Furthermore, information was added on the exposures under EBA-compliant moratoria and public guarantee schemes to allow market participants to have a more complete assessment of the impact of the COVID-19 crisis on the banking sector. As usual, to minimise the burden on participating banks, the exercise was exclusively based on supervisory reporting that did not require any ad hoc data submissions. The transparency sample was aligned as much as possible with the one used for the EBA RAR to be published in conjunction with the data disclosure, providing the public with granular data behind the analysis.

The exercise is a well-established and consolidated data dissemination, which has provided the public with an invaluable source of bank-by-bank data, allowing the EBA to take a leading role in promoting transparency in the EU banking sector in a constant effort to enhance and enrich public data disclosure. Through the transparency exercise, in fact, the EBA has released over the years more than one million data points, enabling historical data series covering the main banking indicators to be built.

The EU-wide transparency exercise over the years: the evolution of a well established data collection

Call for advice on benchmarking national loan enforcement frameworks

The development of EU benchmarks for bank loan recovery across EU Member States continued during 2021 after the response to a call for advice from the European Commission in November 2020. For the first time, the EBA and the NCAs collected loan-by-loan data on loans under insolvency proceedings from more than 160 banks located in 27 Member States and continued to study the possibility of increasing the efficiency of possible future data collections to update the first-ever set of current EU benchmarks. The first study included a sample of loans under enforcement comprising more than 1.2 million loans, divided into the following asset classes: corporates; SMEs; CRE; residential real estate (RRE); retail – credit cards; and retail – other consumer loans. The identification of areas where the divergence in the EU national insolvency regimes is particularly wide, and the characteristics of insolvency regimes that help explain the differences across the European Union are areas where ongoing work will be necessary to tackle NPLs in Europe. This is in the wider context of the communication on completing the banking union, and of the longstanding and ongoing work towards delivering the capital markets union (CMU).

Call for advice on EU dependency on non-EU banks and on funding in foreign currencies of European banks

In 2021, the EU Commission mandated the EBA to conduct a study on the dependence of the EU economy on non-EU banks and on the reliance of EU banks on funding in foreign currencies. The objective of this call for advice is to identify the importance of non-EU operators and their services for EU businesses and financial stability. The study should also identify the extent and relevant sources of funding in foreign currencies, and the business purposes that such funding intends to pursue.

During the second quarter of 2021, the EBA finalised the preparatory work, analysing which data were available in-house and taking all necessary steps to gather any additional information. In particular, the EBA began to gather data on banks that operate and provide services in Europe but are not located in Europe or are owned by non-EU entities. Additionally, EU banks were asked to answer some additional qualitative questions on the topic.

The data collection was successfully completed in the first quarter of 2022 and the EBA response to this call-for advice is expected to be finalised by the summer of 2022. The analysis is relatively challenging, not only because of the high relevance of the topic but also because – and unlike in other EBA reports -- the sample covers non-EU entities whose data has not previously been extensively analysed.


Monitoring the modelling practices in credit risk, market risk and IFRS9 with the benchmarking exercise

In 2021, the EBA conducted its annual supervisory benchmarking (SVB) exercises for credit and market risk. These exercises are mandated in Article 78 of the CRD, which sets out requirements for institutions, CAs and the EBA on the establishment of a regular SVB process to assess the internal models used to compute own funds requirements (with the exception of operational risk). The objective of these exercises is to monitor the variability of the risk-weighted exposure amounts for institutions applying the internal ratings-based (IRB) approaches in EU Member States and to distinguish as far as possible the influence of risk-based drivers from practice-based drivers in the observed variability.

With respect to credit risk, one focus of the 2021 exercise and analysis was set on the assessment of the impact of (a) the COVID-19 pandemic and (b) the implementation of the IRB roadmap. For these reasons, the development of average RWAs, default probabilities (PDs) and default rates (DRs) between 31 December 2019 and 31 December 2020 for the different benchmarking portfolios was assessed.

From this analysis, the following main conclusions were drawn and put forward in the 2021 report on the Credit Risk Benchmarking Exercise:

  • The variability of RWA among IRB institutions has remained largely unchanged despite the COVID-19 pandemic and the model changes that institutions implemented to comply with the IRB roadmap.
  • The varying impact of the COVID-19 pandemic on the average PDs as of 31 December 2020 was expected. This is because, on the one hand the underlying loans (obligors) were differently affected by the pandemic, and on the other, institutions’ processes for assigning and reviewing IRB ratings for high-default portfolios (HDPs) are different from those for low-default portfolios (LDPs).
  • The observed decrease of average RW and PDs for HDP portfolios is probably due to (a) re-estimation of PDs conducted in 2020 due to targeted review of internal models (TRIM) and IRB roadmap compliance and (b) migrations of retail obligors/exposures towards better rating grades.
  • For retail small and medium-sized enterprise (SME) portfolios, the observed decrease of average DRs and the observed decrease in average PDs may indicate potential overcompensation of the expected impact of the economic crisis by public measures and moratoria.

With respect to market risk, the 2021 exercise looked at the same instruments as in 2020. The instruments are mostly plain vanilla. This stability made it easier to understand the benchmarking portfolio and contributed to an observed reduction in overall dispersion in the booking phase. However, value-at-risk (VaR) variability increased significantly with respect to 2020 observations. In addition, this variability increases with the risk metric’s complexity as well as stressed value at risk, incremental risk charge and all price risk show higher levels of dispersion. The 2021 market report provides enhanced analysis by means of a breakdown across a number of dimensions such as bank size, business model and stress period. The 2021 report also presents statistics on portfolios’ present values which were subsequently applied to explain the effect on increased market volatility (likely due to the COVID-19 outbreak) and its effect on VaR dispersion.

The details of the annual benchmarking exercises are included in the ITS that specify the benchmarking portfolios and reporting instructions to be applied. In June 2021, the EBA published its annual update to these ITS, defining the benchmarking portfolios for the 2022 benchmarking exercise.

On the credit risk side, the main new feature of the draft ITS is the collection of data on the level of conservatism that is included in an institution’s risk parameter estimation and RWA reporting. The objective of the new metrics is to disentangle variability due to different levels of conservatism.

On the market risk side, further clarifications were provided in the ITS to enhance the benchmarking instruments’ understanding and limit variability stemming from data quality issues. Overall, the composition of the portfolio has not been changed with respect to the 2020 exercise.

The overall results of the benchmarking review on RWAs form a key input for the work on the variability of own funds requirements stemming from internal model approaches.

The data process behind the benchmarking exercise

The aim of the exercise is to increase the consistency of the RWAs and rebuild confidence in the internal models. To achieve this, the EBA collects the outcome of the internal models of the EU’s banks, computing statistical EU benchmarks and analysis that can be used by the competent authorities as part of their assessment and review of the models. The EBA’s statisticians ensure the quality of the data submitted by the banks, provide feedback, ask for resubmissions, and support the EBA’s experts, national competent authority and bank experts, providing them with analysis, visualisation tools, interactive reports, tables with benchmarks and statistics (with different level of aggregation depending on the final user). Furthermore, the statistical unit designs and implements algorithms for the automatic selection of the banks’ outliers that are then assessed and discussed by the model’s experts from different countries to understand if the deviations are justified. To better understand the banks’ deviations, banks are interviewed to explore their peculiarities and understand whether there are limitations on their models or whether there are areas in the regulations that are not clear and need to be improved. The interviews are also a good opportunity to harmonise the supervisory practices in the model supervision field across jurisdictions, giving the competent authorities the option of attending the interviews with banks of different countries to improve their skills, the procedures and analysis.

Monitoring the build-up of MREL resources against end-state requirements

In 2021, the EBA published its second quantitative report on minimum requirements for own funds and eligible liabilities (MREL) under the new methodology. The report showed that as of December 2019, the largest institutions had made good progress in reducing MREL shortfalls and that smaller institutions tend to lag behind.

This report reflected existing MREL policies applicable as at December 2019 and estimated the impact of the BRRD II only for global systemically important institutions (G-SIIs) and top-tier banks via the subordination levels.

An estimated 80% of the EU’s domestic assets were covered by a strategy other than liquidation – stable compared to 80% the previous year on a comparable basis. The number of MREL decisions increased, thus reflecting the continued progress by resolution authorities in agreeing on resolution strategies and setting MREL, but also highlighting the fact that more than six years after the adoption of the BRRD, authorities were still in the process of rolling out resolution strategies and MREL requirements.

As of December 2019, out of the 238 resolution groups captured in this report, 111 EU resolution groups showed an estimated MREL shortfall of EUR 102 billion, down from EUR 172 billion as of December 2018. In terms of total assets, institutions with a shortfall represented about 28% of EU total domestic assets.

Becoming an integrated EU data hub and leveraging technology to perform comprehensive analyses


Making the reporting process more efficient


Reporting Specialist




What are the main conclusions and views presented by the EBA in the final feasibility study report?

Diana: After more than two years of analysis and discussions with various stakeholders, in December 2021 the EBA published the final feasibility study on the integrated reporting system. The final report provides an overview of what an integrated reporting system could look like and a long-term vision for increasing efficiency and cutting reporting costs. It also assesses the core areas of the system: a common data dictionary, a central data collection point (CDCP) and strong governance arrangements with a Joint Reporting Committee of EBA, ECB, SRB and responsible national authorities.

In addition, the report identifies the immediate next steps in moving towards integration and those areas that require further investigation. In the near future, an informal joint reporting committee will be set up in order to continue discussions within the authorities involved which will play a key role in defining a roadmap towards integration now that the feasibility study has been completed. 

The EBA is committed to cooperating with the relevant authorities as part of a common vision of an integrated system for prudential, resolution and statistical reporting in cooperation with the relevant stakeholders, as well as to leveraging the work already done and the lessons learned from the various European and national initiatives.  

How is the EBA feasibility study contributing to the EU supervisory data strategy?

Diana: The feasibility study is part of the EBA’s contribution to the EU supervisory data strategy, which aims to improve the efficiency of reporting across financial sectors. Based on the recommendations and conclusions of the feasibility study, the EBA will support the Commission in implementing the building blocks of its strategy to build a modern, effective and efficient EU supervisory reporting system: data standardisation, data sharing and re-use, better reporting requirements and appropriate governance.


Policy Expert on Reporting

Why is it important to discuss granularity of reporting in the context of integrated reporting?

Anca: Granularity is an important topic in the light of integrated reporting because current reporting requirements have been defined at different levels of granularity, reflecting the underlying regulatory purpose and responding to different policy needs across statistical, prudential and resolution areas. The granularity of data requirements is not in itself an impediment to building an integrated system, as a common data dictionary and a CDCP could accommodate different granularities. Instead, greater granularity could potentially reduce future data requests and increase data usage, as well as ensure data lineage and the transparency of the aggregation process.

Should we aim for more granularity in reporting requirements?

Anca: Preliminary evidence shows that, due to various constraints, it may not be cost-effective or feasible in many cases to report with a level of granularity that ensures data are reported at a single (the highest) granularity level. More aggregated views could be used, especially in the area of prudential and resolution reporting. Granularity is a complex topic to analyse, and the desirability of more granular reporting requirements depends on various criteria.

In statistical reporting, the integrated reporting framework project already envisages a higher degree of granularity for integrating the reporting frameworks that fall under its scope. It may be worth considering the potential to further increase the granularity of data requirements, taking account of resolution and prudential purposes and further integration with statistical requirements. Looking ahead, the feasibility study therefore proposes a more thorough investigation of the topic, identifying a need for concrete proposals on considerations such as the possible design, legal aspects, proportionality and data governance, before drawing conclusions on the feasibility and desirability of more granular reporting requirements.


Data Modeller

What would be the role of a common regulatory data dictionary for integrated reporting?

Maria: The data dictionary would represent common vehicle for understanding the data requested by different regulators and reporting frameworks. Using a unique, single data dictionary would enable the comparison and analysis of data from different origins, the identification of similarities or overlaps, avoiding redundant data dictionaries and the costs of unnecessary mapping work.

The data dictionary includes a common “language” (a set of data concepts commonly defined) supported by a common model with a metadata approach. The common model is key for the full digitalisation of the data life cycle, and to cope with the fast-evolving nature of regulatory requirements, reducing costs for all stakeholders (regulators, competent authorities/central banks and institutions).

What would be the components of a data dictionary for integrated reporting?

Maria: For integrated reporting purposes, the components of the data dictionary would address the differing needs of processes from data collection, validation and storage through to data transformation, analysis and dissemination. The data dictionary’s components would include the glossary, with the elements to be used in defining concepts; the templates for rendering the data concepts; when relevant and the definition of the various concepts, identifying their unique categorisation and validation criteria as well as the metadata for transformation of the data received, for instance to calculate aggregates from more granular data.

How can a common data dictionary model support semantic integration and infrastructure efficiency?

Maria: A common data dictionary model can support different semantic data dictionaries and provide the platform to encompass the gradual work towards the full semantic integration of two or more different data universes. Using the same data dictionary model enables a possible common solution and infrastructure, including standard mechanisms for shared exchange, common data collection platforms and a shared data storage point alongside shared validation and transformation engines.



How have you taken the current reporting landscape into account in your analysis?

Valentina: Having a good overview of the current reporting landscape in the EU is paramount to understanding the extent to which an integrated reporting framework could benefit both competent authorities and reporting institutions. This is why we have cooperated extensively with competent authorities to collect as much information as possible on the current frameworks, including the reporting systems and data requests in the prudential, resolution and statistical areas.

The data we have collected shows considerable variability across frameworks and jurisdictions. While harmonised reporting is in place for European prudential and statistical data, additional requests and national extensions abound, with considerable variations from country to country. The situation is similar when it comes to resolution data, which responds to a minimum harmonisation principle. As a result, there is discretion at the national level and we can see differences in reporting across jurisdictions.

We therefore believe there is ample room to integrate national and ad hoc data requests with regular requests. Working towards an integrated reporting system could improve the reporting process and increase its efficiency, as well as creating new synergies for all the actors involved.


Figure 5: Integrated reporting system overview

Article 430c CRR II mandated the EBA to investigate the feasibility of developing a consistent and integrated system for collecting statistical, resolution and prudential data.

The EBA completed its final report on the feasibility study on integrated reporting in 2021. The report puts forward a long-term vision for what an integrated reporting system could look like, how reporting processes could be streamlined and improved for both institutions and competent authorities, and how cooperation among authorities could be enhanced in the areas of prudential, resolution and statistical reporting.

In the near future an informal Joint Reporting Committee will define a roadmap to implement the building blocks, actions and recommendations that the feasibility study identifies, taking into account the immediate next steps proposed with a view to moving towards integration and addressing the areas that require further investigation. Developing a common data dictionary including further analysis and assessment of the level of data granularity, drawing up best practices for data integration, putting in place joint governance arrangements to improve coordination and cooperation between different authorities, and providing an estimate of the resources needed to achieve the integration objectives are some of the short-term action points proposed. In the longer term, the study recommends further analysis and assessment of the level of a potential desirable scenario for a CDCP.

The feasibility study underlines the importance of developing a common vision of an integrated system for prudential, resolution and statistical reporting that builds on and leverages the work already carried out and the lessons learned from the various European and national initiatives. This vision follows a step-by-step approach, is proportionate and ensures a progressive transition to the integrated system. The feasibility study is part of the EBA’s contribution to the EU supervisory data strategy, which aims to improve the efficiency of reporting across all financial sectors by continuing to build on data standardisation and data sharing, as well as improving the design of reporting requirements

Developing a proportionate reporting framework

The proportionality and relevance of supervisory requirements are absolutely central to the EBA’s approach to developing its regulatory products. Proportionality considerations aim to strike a balance between cutting reporting costs (implementation and ongoing costs) for institutions and the quality and effectiveness of supervision.

As part of the ongoing work on proportionality in the supervisory framework and supervisory reporting requirements, in 2021 the EBA published its comprehensive study on the cost of compliance with supervisory reporting requirements for EEA banks. This analysis followed the legislative mandate in Article 430(8) of the CRR and focused on (1) understanding the reporting costs incurred by EEA banks, (2) assessing the effectiveness of reducing some specific reporting requirements in cutting reporting costs while maintaining supervisory effectiveness, and (3) assessing whether the reporting costs were proportionate with regard to the benefits delivered. In the report, the EBA also identified 25 recommendations –addressed to the EBA, competent authorities, the European Commission or institutions – with the aim of reducing reporting and associated costs primarily for small and non-complex institutions, as well as making the overall supervisory reporting framework more efficient for all stakeholders.

The recommendations cover four broad areas, including improvements to the development process of the EBA reporting framework, changes to the design of the supervisory reporting requirements and improvements to the coordination and integration of data requests and reporting requirements, as well as improvements to the reporting process and wider use of technology. They are expected to deliver costs savings of up to 15-24%, which will take two to five years to realise.

Since the report’s publication, the EBA has focused on implementing the short-term recommendations addressed to the authority and has successfully delivered them. In particular, the latest reporting framework 3.2 has introduced the necessary amendments that will exempt small and non-complex institutions (SNCIs) from certain reporting requirements relating to large exposures, leverage ratios, the net stable funding ratio, additional liquidity monitoring metrics and asset encumbrance. A core plus supplement approach will be applied where possible, or these requirements will be simplified for SNCIs.

Improving the DPM data dictionary

The EBA and EIOPA have been collaborating on the DPM Refit project since 2020 to achieve a common model for their data dictionaries, using the same consistent and standardised method to define and integrate all the different regulatory data frameworks of both regulators. The new data dictionary model uses the DPM methodology and includes a common approach to implementing the glossary, the definition of data concepts, the rendering of data in templates and the same metadata formats for data validation and data calculation. Based on the success of their previous experience, both authorities worked together with a view to overcoming the future challenges of their respective data strategies.

The objectives of this collaborative effort included enabling a higher level and wider scope of data integration, a desire for all stakeholders to benefit from the data standardisation and innovation work, and to take advantage of new technologies en route towards a fully digital regulatory data chain. This project therefore constitutes an important step towards integration in line with the recommendations included in the EBA feasibility study on an integrated reporting system and the Commission Supervisory Data Strategy.

The EBA will start the implementation of the DPM Refit implemented in 2022. During the transition period the EBA will produce the data dictionary contents in both the old DPM data dictionary and the new DPM Refit model to ensure a smooth transition and reduce the impact on all stakeholders using DPM in their systems.

In 2022, implementation of the new DPM Refit model will be accompanied by an overall quality review of the contents, which run to more than 100 000 data definitions.


Developing tools and solutions for data standardisation and data sharing platforms

Following their collaboration in developing the DPM (data point model) Refit, the EBA and EIOPA launched another joint project to develop digital regulatory reporting (DRR) solutions. DPM Refit is an integrated, shared platform for interdependent collaboration on data point modelling, validation and calculation rules management, as well as taxonomy generation for new regulatory requirements. The DRR solutions will leverage the new DPM Refit as a common platform for understanding regulatory requirements across all phases of the regulatory data life cycle – from collection and validation (i.e. the EUCLID platform) to exploration and disclosure portals.

The DRR solutions will comprise a set of tools available for two different objectives – one supporting the process of internal and external collaboration to create and manage formal and consistent data dictionary contents, and the other supporting data exploration and data disclosure, enabling the use of common agreed definitions and more efficient processes for sharing and analysis.

Due to the scale of the project the EBA will take a gradual approach to developing a minimum viable product (MVP) in 2022. It will cover only the most essential requirements to ensure the continuity of the EBA’s regulatory data definition work. Further releases will develop a more comprehensive set of functionalities.


Finalising the EUCLID project

Following the path to establish a banking and financial data framework, the EBA finalised in 2021 its implementation of EUCLID. With this step, the EBA was able to integrate most of its historical data and to start collecting information on the entire EU banking sector, from December 2020 reference date onwards. Prior to EUCLID, EBA collected regulatory data mostly for a sample of large institutions, accounting for more than 80% of the EU banking sector in terms of total assets.

Figure 6: EUCLID in numbers

  How many Data from Reporting areas (up to EBA DPM v3.1)

All EU/EEA credit institutions


Q4 2020

COREP (solvency, large exposures, liquidity, leverage ratio, fundamental review of the trading book, supervisory benchmarking of internal models, asset encumbrance), FINREP (IFRS9, national GAAP, Covid-19), funding plans, resolution (planning, MREL Decisions, MREL/TLAC), global ssystemically important institutions, remunerations (high-earners, benchmarking)

All EU/EEA banking groups


Q4 2020

Largest credit institutions or banking groups


Q1 2014*

All EU/EEA investment firms


Q3 2021**

Investment Firms (CLASS2, CLASS3, GroupTest), COREP (solvency, large exposures, liquidity, leverage ratio, fundamental review of the trading book, supervisory benchmarking of internal models, asset encumbrance), FINREP (IFRS9, national GAAP, Covid-19), Resolution*** (Planning, MREL Decisions, MREL/TLAC)

All EU/EEA Investment firms’ groups


H2 2021**

All EU/EEA payment institutions


H1 2019

Payments, Resolution*** (Planning, MREL Decisions, MREL/TLAC)

All EU/EEA e-money institutions


H1 2019


*Data for ~50 Key Risk Indicators from Q4 2008 onwards is available at EBA for ~50 institutions from 20 EU countries, covering at least 50% of the total assets of each national banking sector. Numbers are based on non-harmonised prudential and financial reporting standards applicable in the EU before 2014. From Q1 2014 onwards, the data available at EBA for the sample of largest credit institutions and banking groups accounted for more than 80% of EU banking sector total assets.

**To become available in EUCLID in 2022.

***Expected in EUCLID end-2022.

The reporting channel was completed and the EBA started onboarding CAs in EUCLID for the submission of supervisory master and regulatory reporting data for the smallest institutions. As well as collecting resolution and supervisory data from all EEA banks, work is in progress with the aim of expanding EUCLID further and facilitating the collection of master and reporting data for investment firms.

In 2021 alone, the EBA used EUCLID to onboard over 4 000 credit institutions and banking groups, as well as various national and EU-level authorities for resolution and investment firms. This extended network of authorities and regular contacts ensured that the EBA collected appropriate entity-level details. Building on this preparatory work, the EBA thus expanded its analytical capacity relating to the EU financial sector.

Thanks to EUCLID, the various authorities liaising with the EBA gained additional freedom and flexibility to manage data transmissions to the EBA. Master data flows steadily to the EBA, resulting in seamlessly refreshed reporting obligations being prepared overnight. The EBA can thus address reporting issues more quickly via EUCLID’s automatic feedback on data transmissions. In addition, automatic channels connected to authorities’ systems ensure minimal manual input, resulting in close-to-full alignment between the EBA and its stakeholders’ databases and systems. 2021 saw the milestone being reached of delivering a streamlined and automatic system consolidating all the structured data collections under a single umbrella ecosystem. In the near term, EUCLID will increasingly encompass unstructured data collections within the same ecosystem.

The EBA will increase the number of data requests it answers, along with the number of published dashboards. In addition, it will gradually increase the depth of data-driven insights used for impact assessments and supervisory tasks, as well as monitoring risks, vulnerabilities and proportionality assessments across the regulatory landscape.

EUCLID will be the backbone of the EBA’s multi-year data strategy, which was finalised in 2021.By providing richer and wider insights, the EBA will expand its impact on evidence-based discussions serving EU policy and legislative work. On the road to creating a Pillar 3 data hub in the EU, from 2022 the EBA will publish a higher number of datasets for market participants, academia and citizens at large to explore and benefit from.


As an example, Figure 7 shows the number of files received by the EBA for the reference date of September 2021 per reporting module of the EBA reporting framework (one file per institution or group per reporting module). In total, over 36 000 files were successfully received and processed by the EBA for September 2021 alone, which compared with fewer than 3 000 files collected in September 2020. In achieving this improvement, the EBA benefited from good and close cooperation with national and EU-level authorities.

Figure 7: Number of reporting modules collected via EUCLID (reference date September 2021)

In 2022, EUCLID will continue to expand in terms of its functionality and scope while remaining agile and flexible enough to onboard additional structured and unstructured data collections. For instance, an enhanced engine for quality assurance and better support to authorities will be developed for investment firms. Additionally, a user access interface and navigation areas devoted to authorities will also be deployed. Finally, an upgrade to accommodate the DPM Refit is planned.

Figure 8: EUCLID process explained



Senior IT Information Manager




What would you highlight about EUCLID from a technical perspective?

EUCLID is a digital product comprised of individual applications that work in concert to support an increasing number of EBA business services, such as different types of data collection and entity registers. The product’s design has focused on flexibility and ease of maintenance as two main qualities, so that it can adapt quickly to continuously changing needs. To that end, we invested in developing a highly configurable, metadata-driven, rules-based solution for managing master data, and kept the DPM data dictionary at the heart of the new regulatory reporting platform, whose operation is fully DPM-oriented and automatically adapts to all new DPM releases.

What is the role of XBRL in EUCLID?

XBRL plays an important role in the regulatory reporting system, providing an international standard for the data exchange format. The EUCLID system has been using the XBRL-XML standard as the main reporting format but can alternatively use the Excel format when justified. In the meantime, a new XBRL-CSV format has been developed to solve the problems of inefficiency and complexity of the previous standard. The EBA has already published it in the latest version of the reporting framework as an alternative format, which is expected to completely replace the old format after a transition period, and EUCLID has been extended to integrate reports in the new XBRL-CSV format.

The EUCLID system is to a large extent agnostic to the reporting format as it does not include any specific XBRL technology for data integration, relying only on the data definition provided by DPM and on the mapping to a particular reporting format (XBRL or other). This architecture allows the system to be extended to new formats very quickly and with limited development effort.

What was the EUCLID development approach?

After considering and evaluating the possible alternatives, EBA decided on in-house development, in which the conception and design and development of the product, as well as project management, are led by the EBA staff, assisted by external teams.

The development lifecycle followed an agile methodology, and the product has been incrementally deployed through many cycles of iterative development.

Given the strategic role of EUCLID, it is very important to ensure that technical know-how is retained internally in the product team, in order to avoid quality decay with time and successive maintenance.

What is the EUCLID roadmap?

EUCLID is expected to continue to grow vertically, expanding the scope of functionality, and horizontally, expanding support for new business services. Some of these initiatives are ongoing, such as adding a new component for data transformation (calculation and validation engine) or adding support for investment firm reports, and others will follow, such as the development of a user interface for manual input of data, support event-based notifications or collect data directly from institutions.

EUCLID is a main pillar of the EBA’s data strategy and has so far been primarily concerned with the early stages of the data lifecycle. Implementing the EBA data strategy now requires that the focus shift from data collection to data analysis and dissemination, which should unlock the value of EBA data, making it available in the right format to the right internal or external consumers who should have access to it.




Senior Statistician




How would you describe 2021 considering the milestones achieved by EUCLID?

I think 2021 was a historic year for the EBA. In a year that marked the EBA’s 10-year anniversary, in my view EUCLID going live was one of the most important milestones since I joined the Authority. EUCLID will shape the EBA’s activity and impact the regulatory framework and EU society for decades to come. The maxim ‘knowledge is power’ remains as true as ever in the 21st century, except that now it’s all about large datasets, artificial intelligence (AI) and machine learning models and much faster computational capacity. EUCLID will empower the EBA to be better equipped for the uncharted territory that lies ahead.

Thanks to EUCLID, in 2021 the EBA was able to collect data covering the EU banking sector in its entirety for the first time and in a structured manner. In achieving this milestone, the EBA benefited from very close and fruitful cooperation with national and other EU authorities. While this process was not without challenges, I would underline the EBA’s appreciation for the efforts and commitment of national experts who contributed to the successful deployment of EUCLID. We are now embarking on an ongoing journey that will promote an increasingly integrated data reporting chain, providing faster data-driven findings based on high-quality regulatory data. I am proud to lead many of the efforts that are helping to ensure the EBA is ready to make this exciting EUCLID-enabled future a reality.

Are there any challenges still to be addressed by EUCLID?

EUCLID will keep on evolving and onboarding new or redefined data collections. One avenue that we will be exploring aims to streamline existing data workflows, where needed. A good example of where this effort will be required is for resolution and reporting on the minimum requirement for own funds and eligible liabilities (MREL) and the total loss absorbency requirement (TLAC) to the EBA. Similarly, with a view to easing the burden on its stakeholders, the EBA will give high priority to the design and deployment of an EBA dissemination portal within EUCLID’s ecosystem. In turn, this portal will pave the way for the EBA Pillar 3 data hub, while facilitating additional data sharing by the EBA, either via additional memoranda of understanding with national and other EU-level authorities or by directly pursuing EBA tasks. Two important upgrades to EUCLID in the coming months will see the deployment of a validation and calculation engine, and the transition to DPM Refit as the linchpin for the EBA’s reporting framework.

What other reporting fields or sectors will EUCLID cover?

In 2022, EUCLID will comprise entity-level details on investment firms and investment firms’ groups, supported by a new Investment Firms Register. In turn, this information will be the basis for the reporting by investment firms that the EBA expects to receive. EUCLID will also cover additional data collections such as for diversity benchmarking purposes and fraud payments. Beyond 2022, EUCLID will likely play a role in supporting AML data collections and information handling in the context of markets in crypto-assets (MiCA) and the Digital Operational Resilience Act (DORA).

How will EUCLID fit in with future options for an integrated reporting framework in the EU?

The EBA’s recent feasibility study on an integrated reporting framework is separate from EUCLID and its enhancements. Nevertheless, EUCLID’s flexibility and agile ecosystem will be available to the EBA and its stakeholders to further support and adapt to any of the options explored in the study if, for example, an EU-level decision in favour of a CDCP emerges. In the same spirit, EUCLID will fully accommodate an approach under which the ‘define data once and report once’ principle is put at the core of the EU reporting system.


Continuing the development of a comprehensive and enhanced disclosure framework

Over the course of 2021, the EBA continued to make progress in implementing its roadmap and strategy on Pillar 3 disclosures and extended the scope of its comprehensive ITS on institutions’ Pillar 3 disclosures by publishing:

  1. the amending final draft ITS on disclosing indicators of global systemic importance by G-SIIs, with the aim of identifying which banks are G-SIIs and specifying the formats and instructions for G-SII disclosure;
  2. the amending final draft ITS on disclosing exposure to interest rate risk on positions not held in the trading book (IRRBB), which put forward comparable disclosures that help institutions comply with the requirements laid down in the CRR and enable stakeholders to understand institutions’ overall IRRBB objectives and management and their exposures to any interest rate shocks; and
  3. the amending final draft ITS on Pillar 3 disclosures on ESG risks.

In addition, the EBA finalised the Pillar 3 technical standards on investment firms by developing the ITS on disclosure of investment funds by investment firms and the RTS on disclosure of invest¬ment policy, defining uniform disclosure formats and associated instructions for the information required in Articles 49 and 51 of the IFR.

The EBA is taking a step-by-step approach to developing the ITS on Pillar 3 disclosures regarding ESG risks so that it can adjust or expand the ITS based on the progress of other ESG-related initiatives in the EU, notably the Taxonomy Regulation and the Non-Financial Reporting Directive.

The first ITS were finalised during 2021. The standards provide a framework for ESG disclosures to ensure that stakeholders have access to relevant information on the extent to which institutions’ investments and exposures can be negatively impacted by ESG-related risks, and also their ESG-related strategies and sustainability performance. Stakeholders should therefore be able to make informed decisions and exercise market discipline. Specifically, the standards propose comparable disclosures on qualitative information regarding how institutions are embedding ESG-related aspects into their business model and strategy, governance and risk management framework. They also set out quantitative information on climate change-related transition and physical risks, as well as on a green asset ratio (GAR) and banking book taxonomy alignment ratio (BTAR) as key performance indicators (KPIs) that show how institutions are financing sustainable activities, mitigating climate-related risks and meeting the Paris Agreement goals. Proportionality measures have been integrated to facilitate institutions’ disclosures, including transitional periods in which disclosures in the form of estimates and proxies are allowed.

The EBA developed these ITS in parallel and consistently with its advice to the Commission on sustainability disclosures under Article 8 of the Taxonomy Regulation. This includes the definition of the GAR, the KPIs to be disclosed under the Pillar 3 ITS and other KPIs that show the level of alignment of institutions’ activities with the EU taxonomy, alongside the extent to which they are environmentally sustainable pursuant to the EU Taxonomy Regulation. The EBA also provided some policy recommendations and proportionality measures to facilitate disclosures by institutions and the possible expansion of the KPIs.

Lastly, the EBA finalised the Pillar 3 technical standards for investment firms by developing the ITS on disclosures of investment funds by investment firms and the RTS on the disclosure of investment policy, defining uniform disclosure formats and associated instructions for the information required in Articles 49 and 51 of the IFR.

Figure 9: ESG disclosure in the EU

Enhancing the functioning of the secondary market in NPLs via data standardisation

In 2021 the EBA was involved in implementing the tasks and mandates included in the European Commission’s action plan of December 2020 to tackle NPLs in the aftermath of the COVID-19 pandemic. The EBA’s work focused on supporting the Commission in further developing secondary markets for distressed assets, which allow banks to move NPLs off their balance sheets while ensuring enhanced protection for debtors. Indeed, secondary market transactions are one of the tools available to banks to manage and reduce the level of NPLs on their balance sheets.

The focus of the EBA’s work in 2021 was twofold:

  1. Further enhancing and improving the EBA NPL data templates (first issued in 2017), which play a central role in data standardisation during NPL transactions with a view to building an effective secondary market for NPLs. In particular, working together with the industry to make the NPL templates more streamlined and user-friendly based on experience of NPL sales from both the sell-side and buy-side perspective, the EBA issued a revised version of the templates. The streamlined and more user-friendly templates were presented in a discussion paper that the EBA published in May 2021. The discussion paper and the feedback subsequently received from the industry constitute a first step in turning the templates into technical standards, as provided for by the Directive on credit servicers and purchasers (EU) 2021/2167.
  2. Addressing prudential impediments to institutions purchasing defaulted assets. The EBA introduced a revised prudential treatment of purchased NPLs under the standardised approach (Article 127 of the CRR) to ensure that the prudential framework does not create disincentives to the sale of non-performing assets by banks. The amendment to the existing RTS on credit risk adjustments introduced a change to the recognition of total credit risk adjustments. This was to ensure that the risk weight remains the same and the price discount stemming from the sale is recognised as a credit risk adjustment for the purposes of determining the risk weight. The revised RTS were published in December 2021

Building on the discussion paper published in 2021, in 2022 the EBA will develop draft ITS to specify the templates to be used by credit institutions for the provision of information to credit purchasers when selling or transferring non-performing loans. The aim is to enable prospective buyers to conduct the analysis, financial due diligence and valuation of the credit exposures in the context of NPL transactions, as per the mandate under the Directive on credit servicers and purchasers. This work will introduce further data standardisation into the secondary markets in NPLs and therefore reduce the asymmetry of information for the buyers and sellers of NPLs.



Assessing payments data

Assessing fraud levels in retail payments

To assess the extent to which the payment security requirements that the EBA developed in previous years (in particular strong customer authentication, SCA) were effective, the EBA carried out an analysis of the payment fraud data reported by the industry in accordance with Payment Services Directive 2 (PSD2) and the EBA guidelines on fraud reporting. The EBA published the results of its analysis in the form of a Discussion Paper, in which it sets out its preliminary observations on the fraud data It had received for 2019 and 2020.

The paper focuses on the fraud trends observed for the subset of payment instruments encompassing credit transfers, card payments and cash withdrawals. One of the key observations, highlighted in the figure below, is that fraud is substantially higher in cross-border transactions with counterparts located outside the EEA (where no SCA requirements apply) than in those conducted inside the EEA (where SCA does apply).

Figure 10: Share of fraudulent transactions (in terms of the volume of total transactions) when payments are executed domestically, inside and outside the EEA

Source: Discussion paper on the EBA’s preliminary observations on payment fraud data under PSD2, as reported by the payment service providers of the countries considered

Other observations, too, suggest that overall the regulatory requirements developed in relation to payment security are having the desired effect. For example, the share of fraudulent payments in the total payment volume and value is significantly lower for transactions that are authenticated with SCA than those that are not (the particular case of card payments is highlighted in the figure 11).

Figure 11: Share of fraudulent transactions (in terms of the volume and value of total transactions) for remote card payments reported by issuers and acquirers, with and without SCA

Source: Discussion paper on the EBA’s preliminary observations on payment fraud data under PSD2, as reported by the payment service providers of the countries considered

Figure 12: Share of fraudulent e-commerce card-based payments (in terms of the value of total transactions) reported by issuers and acquirers

Source: Report on the data provided by payment services providers on their readiness to apply strong customer authentication for e-commerce card-based payment transactions

However, other patterns identified in the discussion paper appear to be inconclusive and would particularly benefit from comments from market stakeholders, which is why the discussion paper asks specific questions on these observations. For instance, the EBA is seeking potential explanations of why in some jurisdictions payment service users bear most of the losses due to fraud for credit transfers and cash withdrawals, even though PSD2 stipulates that these losses should primarily be borne by payment services providers. The responses to the questions raised in the paper were received by 19 April 2022. This feedback will support the EBA, ECB and national authorities in interpreting the fraud data to be reported in future years.

In a separate analysis, the EBA also obtained insights into the level of fraud in the specific case of e-commerce card-based payment transactions. These insights were based on the Authority’s monitoring of the migration to SCA compliance under the opinion on the respective deadline for the SCA migration. The data reported showed a significant reduction – of between 40 and 50% – in the volume and value of fraudulent e-commerce card-based payment transactions between September 2020 and April 2021, which coincided with the gradual increase in the application of SCA. This pattern is highlighted in the figure 12.

In 2022, the EBA, in close cooperation with the ECB, will continue to collect and assess payment fraud data, also leveraging the feedback received from external stakeholders on the discussion paper on fraud reporting. The EBA aims to use this data as a tool for monitoring the extent to which the security requirements developed by the EBA achieve the desired PSD2 objective of reducing payment fraud.

The EBA will also continue to explore potential synergies in the reporting of payment fraud data under PSD2 and the revised ECB Regulation on payment statistics with a view to improving data quality and completeness.



Policy Expert on Depositor Protection




I joined the EBA’s Conduct, Payment and Consumer (COPAC) unit at the end of 2019 as a seconded national expert on depositor insurance. During my 18 months working at the EBA, I have had the opportunity to deal with various aspects of EU consumer protection. First, I have been entrusted with developing new guidelines on the stress tests conducted by the deposit guarantee schemes (DGS), while I also contribute to designing many of the EBA’s DGS-related products. I have gone about tackling these new challenges by leveraging my original expertise. I also volunteered to move into different policy areas and was in charge of the end-to-end development of a discussion paper on payment services fraud. This experience was highly beneficial since I had to look into an additional regulatory framework (i.e. PSD2) and mobilise more quantitative skills to analyse a wide set of fraud data and identify statistical patterns. In 2022, I will keep on diversifying my expertise by managing a new project, this time relating to consumer protection. I will establish a preliminary methodology and a set of retail risk indicators to assess the extent and/or likelihood of a detrimental impact on EU consumers stemming from the retail conduct of financial institutions.

Based on these varied and instructive experiences, I am very grateful that the EBA is successful in assigning its staff horizontally across the organisation and pooling human resources. We have opportunities to foster our adaptability and cover a large portfolio of topics. Also, and in spite of the current remote working environment, this allows me to be involved in several expert teams and take part in the discussions held in different standing committees with the national authorities. This type of cross-unit approach therefore offers an ideal way to accumulate expertise, work with colleagues who I would not otherwise have met and interact with a large cross-section of the EBA’s external counterparts.


Assessing data on incidents relating to the provision of payment services

In June 2021, the EBA published its revised guidelines on major incident reporting under PSD2. The revised guidelines have optimised and simplified the reporting process and reporting templates with a view to making it easier for payment service providers (PSPs) to report major incidents and reducing the overall reporting burden for them. To this end, the EBA removed unnecessary steps from the reporting process, provided additional time for the submission of the final report and removed fields from the reporting template that were deemed not to be as informative as the EBA had initially envisaged. The EBA also clarified various aspects of the guidelines and introduced further granularity on the root causes of the incidents with the aim of making the incident reports received more useful.

The revised guidelines have been in force since 1 January 2022 and help the EBA to monitor and assess the information collected from the major incident reports regarding the provision of payment services.

In 2022, the EBA will embark on a comprehensive assessment of the incident reports received from PSPs via their respective national competent authorities (NCAs) under the revised guidelines. The aim is to understand the way in which security and operational risks are currently materialising across the EU and whether the applicable legal framework under PSD2 and the related EBA instruments is sufficient to address them.

Collecting data on large exposures

The EBA is mandated by Article 507(1) of Regulation (EU) 2019/876 (CRR II) to monitor the use of some exemptions from the large exposures regime. In 2022 the EBA is going to publish a detailed report assessing, for each of the monitored exemptions, the number of large exposures exempted and the number of institutions that make use of the exemption in each Member State. The report will leverage an ad hoc data collection that involved nearly 200 EU institutions.

Recommendations of the Advisory Committee on Proportionality

The Advisory Committee on Proportionality provided in 2021 a set of recommendations on the EBA Work Programme for 2022, putting forward advice on how to further enhance proportionality in the EBA’s activities.

Its advice focused on the EBA work on operational risk and investment firms, the Supervisory Review and Evaluation Process (SREP), reporting and transparency, and environmental, social and corporate governance.

The EBA took the recommendations into account in the preparation of these activities, recognising the value of enhancing proportionality where possible. Its regulatory work on investment firms and the SREP guidelines published in early 2022 showcases these efforts. Regarding reporting and transparency, the EBA’s cost of compliance study highlights the important work carried out to ensure proportionality in this area, in particular for the small and non-complex institutions.

Focus on ESG

In line with the recommendations of the Advisory Committee on Proportionality, the EBA has been actively promoting the creation of an EU central database which would also include ESG data. Indeed, the Committee underlined that such database would ensure a level-playing field among financial institutions in terms of access to data. As such, in its advice on Article 8 of the Regulation on the EU taxonomy for environmentally sustainable activities, the EBA recommended that the European Commission continues to take actions to create an enabling disclosure and data framework. It reiterated its support for the implementation of a central data point where ESG-related information would be stored, and be machine-readable.

Moreover, the EBA laid down the foundation on the incorporation of the Advisory Committee on Proportionality’s recommendation regarding ESG risk management, which urged the EBA to develop risk-based and proportionate approaches, considering specificities of small non-complex institutions. In its June 2021 report on ESG risks management and supervision, the EBA outlined its approach on how ESG risks should be proportionately integrated into the risk management frameworks of institutions and the supervisory processes. Amongst other things, the report underlines the importance of conducting materiality assessments of ESG risks and considering proportionality in the development of methodological approaches for assessing and evaluating ESG risks.

Contributing to the sound development of financial innovation and operational resilience in the financial sector


Contributing to the European Commission’s digital finance package and monitoring innovations

In 2021 the EBA continued to monitor how financial innovations emerge and evolve in the financial market and, as discussed in detail below, contributed to a wide range of topics under the European Commission’s digital finance strategy and beyond, including legislative proposals for the Regulation on Markets in Crypto-assets (MiCA), the Digital Operational Resilience Act (DORA), the use of digital platforms in the EU’s banking and payments sector and requirements for crowdfunding service providers. In addition, the EBA drew up proposals for non-bank lending.

Crypto-assets, decentralised finance and the application of AI, as well as digital platforms and solutions to facilitate AML/CFT compliance, are just a few examples of innovations that are currently on the EBA’s innovation monitoring radar. By keeping a close eye on recent developments via targeted industry and competent authorities’ surveys, information exchanged by national innovation facilitators and market participants at the European Forum for Innovation Facilitators (EFIF), engagement with industry at the EBA’s FinTech Knowledge Hub and close collaboration with other EU and international organisations the EBA can obtain a comprehensive overview of the main innovation trends across the EU. This helps to identify emerging risks and provide guidance on areas where further work by the EBA may be needed.

In 2022, the EBA will continue to monitor financial innovation and identify areas where further regulatory or supervisory response may be needed.


Monitoring and assessing the impact of the digital finance legislation

The EBA is closely following the progress of the Commission’s proposals for a Regulation on Markets in Crypto-Assets (MiCA) and the Digital Operational Resilience Act (DORA) through the co-legislative phase. It is also evaluating, on a regular basis, the potential impact of these initiatives and providing technical advice to the Commission where necessary.

Through its project team on operational preparedness for tasks under DORA and MiCA, the EBA has already started preparatory work to ensure it stands ready to carry out the oversight, supervision and policy tasks that may ultimately be conferred on the EBA.

As regards DORA, the EBA’s staff have been working closely with ESMA and EIOPA staff as well as competent authorities to analyse the proposed provisions and constructively assess their implementation and impact. It is worth recalling that DORA aims to establish a comprehensive framework on digital operational resilience for EU financial entities by streamlining and strengthening the existing patchwork of relevant provisions across EU financial services legislation. DORA envisages enhanced collaboration and cooperation among authorities within the EU and internationally. DORA also envisages the establishment of an oversight framework, the first concrete initiative to address the complex issue of the dependencies on critical ICT third-party providers (CTPPs) in the financial sector, including monitoring third-party concentration risks.

The ESAs will be assigned this oversight role, which will be limited to the ICT risks that CTPPs may pose to financial entities and will not amount to full supervision of CTPPs across the full range of their activities. The proposed ESA-led oversight model for CTPPs may raise coordination and consistency challenges, and in light of this the ESAs’ chairs issued a joint letter to the co-legislators on 9 February 2021 to express views on a number of aspects (namely the oversight framework, resources and proportionality) and propose modifications with a view to improving the current legislative proposal and achieving its objectives in an effective manner.

In addition, the EBA has been assessing the potential impact of DORA on existing sectoral guidance in an effort to better understand how this can be leveraged for the upcoming DORA policy mandates and to identify any gaps that might need to be addressed.

Under the Commission’s legislative proposal for MiCA, there are proposals to establish an EU-level supervisory framework for issuers of significant asset-referenced and e-money tokens and for those issuers who choose to voluntarily submit to EU-level supervision. As proposed by the Commission, the EBA would be the EU-level supervisor. The ultimate attribution of supervisory powers will be determined in the context of the co-legislative process.

In the meantime, the EBA has commenced its assessment of the preparatory steps that will need to be taken in order to prepare for supervision, including human resource and IT needs.

The EBA is also continuing its analysis of the coherence of the MiCA regime in the context of existing sectoral measures in the banking and payments sector and preparing technical observations for the Commission as appropriate.

Identifying ICT risks, monitoring underlying internal governance arrangements and reviewing ICT supervisory practices ahead of the upcoming DORA

Not only are ICT risks becoming more complex, ICT and security-related incidents (including cyber incidents) are also becoming more frequent. In addition, their potential adverse impact on financial institutions’ operational functioning is increasingly significant. The EBA has continued to monitor the ICT risk landscape and to foster a common supervisory culture and consistent supervisory practices, as well as ensuring uniform procedures and consistent approaches in the area of ICT. As identified in the EBA’s RAR for 2021, ICT risk (including cyber risk and data security) is currently the most prominent driver of increased operational risks. In addition, COVID-19 has increased the focus on ICT risks given the additional shift to digital channels and ICT usage.

Figure 13: Main drivers of operational risk as seen by banks

Source: Figure 97 from the EBA RAR 2021.

Monitoring internal governance arrangements for ICT risks

Considerable supervisory work has already been conducted on ICT risk over the past two years. In particular, supervisors reviewed credit institutions’ practices for the identification, monitoring, assessment and mitigation of ICT risks, and ensured that most of them had an ICT strategy in place. In the EBA 2021 Convergence Plan, the EBA highlighted the need for further supervisory focus on adequate ICT risk governance.

Overall, according to the EBA`s follow-up to the 2021 Convergence Plan, approximately three-quarters of CAs have reviewed the institutions’ internal governance on ICT and security risk management frameworks, as well as their ICT requirements for third-party providers and exit strategies. A high number of CAs confirmed that adequate internal governance in respect of ICT & security risk management and effective information security measures were an integral part of their on-site IT inspections, while a large proportion of CAs continued to rely on dedicated ICT self-assessment questionnaires.

In 2021 CAs were also expected to verify whether cybersecurity was part of financial institutions’ overall information security risk management, and whether they established effective information security measures to ensure appropriate preparedness for cybersecurity. The outcome is detailed in the 2021 Convergence Report.

The EBA stresses that there is a need to further strengthen CAs’ preparedness to supervise cyber risk and scrutinise institutions’ actions to ensure an appropriate level of cybersecurity. Cyber risk, including in the context of outsourced services, remains an area for supervisory attention in 2022.

Reviewing the ICT supervisory practices ahead of the upcoming DORA

In 2021, the EBA also performed an internal exercise to assess ICT supervisory practices and identify any potential gaps and challenges in the light of DORA. While a notable improvement has been observed in ICT supervisory practices since 2014, a sharper focus is required to support ICT supervision from a capacity and expertise perspective. Moreover, comprehensive rules are needed at the EU level given the cross-border nature of ICT risks. The ongoing EBA policy work in the area of ICT has established a good basis for a harmonised approach to and regulatory framework in ICT supervision across the EU.

In terms of ICT risk management, financial institutions are expected to intensify their efforts to better manage and address their ICT risks. Broad support has been noted for more cooperation at the EU level, along with heightened information-sharing in the areas that closely coincide with parts of the upcoming DORA (e.g. incident reporting, cyber intelligence and ICT third-party dependencies).

Assessing crypto market developments

The EBA monitors crypto-asset developments and takes measures to facilitate knowledge-sharing between competent authorities with the objective of promoting consistency in regulatory and supervisory approaches to, and the understanding of, crypto-assets.

In this context, to further strengthen its monitoring and assessment capacity in view of the broadening and deepening of markets in crypto-assets, in mid-2021 the EBA established a Network on Crypto-assets comprising representatives from the NCAs represented on the EBA’s Board of Supervisors and observers from the Commission, ECB, EIOPA and ESMA. The Network enables a structured exchange of views on market developments, supervisory experiences and regulatory perimeter issues, including taking into account emerging activities such as crypto lending and staking, and new business models, notably decentralised finance. It also supports the aggregation of the results of monitoring activities at the EU level.

In addition, the EBA, together with EIOPA and ESMA, reminded consumers of the risks relating to crypto-assets in March 2021 in view of market volatility.

The EBA will continue its crypto-asset monitoring work in 2022 within the scope of the Network on Crypto-assets. It will also continue to contribute to EU and international policy initiatives, including the BCBS work on a framework for the prudential treatment of crypto-assets.

Responding to the rapid rise of digital platforms

In 2021 the EBA completed its assessment of the use of digital platforms in the EU’s banking and payments sector, which also makes an important contribution to the joint ESAs’ work in response to the Commission’s call for advice on digital finance of February 2021.

The EBA has defined a ‘digital platform’ as a technical infrastructure that enables at least one financial institution directly (or indirectly using a regulated or unregulated intermediary) to market to customers – and/or conclude with customers – contracts for financial products and services.

The EBA has observed a wide variety of digital platforms operating in the EU. For example, the EBA has observed single-product aggregators (e.g. platforms operated by mortgage credit intermediaries), multiple-product, multi-brand/single-brand aggregators, user-matching platforms such as invoice trading platforms, trade finance platforms and general e-commerce platforms/marketplaces. Some are subscription-based, pay as you use/transaction-fee based or no-fee, etc. depending on the business model, functionalities and ecosystem of product providers and customers using the platform.

In view of this diversity, to assist competent authorities in understanding prevalent business models, the EBA developed an indicative taxonomy of the four main clusters of digital platforms, plus ‘enablers’ (typically the ‘pay’ platforms offered by BigTech companies), as explained in Figure 14.

For further information, see Chapter 3 of the EBA’s report.

The EBA found that the use of digital platforms presents a range of potential opportunities for both EU customers and financial institutions and offers significant transformative potential. However, new forms of financial, operational and reputational interdependencies are emerging over which supervisors have limited visibility.

Figure 14: Indicative overview of digital platform clusters and enablers



Senior Bank Expert




Crowdfunding for business has become established as one of the relevant financial innovations of the past few years and has changed the way some firms can finance their projects. Through crowdfunding, a service provider operates a digital platform to match or facilitate matching between prospective investors and lenders with owners of projects that need financing. In providing a wider set of project owners – in particular SMEs – with better access to finance, crowdfunding can contribute to the completion of the CMU.

To this extent, one of the main obstacles that had prevented the full development of an efficient EU-wide crowdfunding market was the existence of a fragmented regulatory framework across Member States. In order to promote uniform conditions across the European Union and the proper functioning of the Internal Market, a new regulation on crowdfunding service providers was issued in November 2020, making it easier for crowdfunding service providers to offer their services across the EU.

The European Crowdfunding Service Providers Regulation (ECSPR) recognises that, unlike in banking intermediation, the crowdfunding service provider does not take any credit risk of its own; rather, the risk remains entirely with investors. The ECSPR therefore includes provisions to ensure that investors are adequately informed about their investment and the relative risks, and that crowdfunding operators undertake an appropriate assessment of the risks connected to the projects offered on their platforms for financing.

During 2021, I led the EBA’s work on the mandates that we have been assigned under the new Regulation to develop two draft regulatory technical standards (RTS) covering a wide range of requirements for crowdfunding platforms:

  • providing adequate information to investors about the risks connected with the loan or the portfolio of loans, and about any contingency fund that may be set up;
  • undertaking an appropriate credit risk assessment of the crowdfunding project or project owner, based on reliable information;
  • establishing sound risk management practices for credit risk assessments and loan valuations.

The work on crowdfunding, which was carried out with the support of experts in our competent authorities, was particularly challenging as we had to find the right equilibrium to ensure that investors are adequately protected – both through adequate information and a solid risk assessment of the projects they are investing in – without this hindering the pace of innovation on the market. It ultimately proved to be a finely balanced exercise, but I trust the work done by the EBA will help to enhance transparency, giving investors the appropriate tools to take well-informed decisions. In turn, this will contribute towards a better functioning market across the EU.


Identifying risks and setting out proposals for non-bank lending

As part of the broader call for advice on digital finance, the EBA was asked to carry out an analysis of the non-bank lending sector, i.e. lending provided by financial intermediaries outside the EU financial services regulatory perimeter, with the aim of identifying the relevant risks and the extent to which these activities are not covered by EU legislation. In particular, the EBA was asked to advise on the potential need to adjust the EU regulatory perimeter, developing and proposing appropriate policy options.

The analysis of the regulatory regimes currently in place shows that non-bank lending remains largely un-harmonised across the EU. The report also identifies some specific risks in the areas of prudential supervision and scope, consumer protection and conduct of business and AML/CFT, as well as in the macroprudential framework, identifying some proposals to address them. For further information, please see the EBA’s report on non-bank lending.

Analysing the RegTech market in the EU

The EBA has conducted an in-depth assessment of the RegTech market and in June 2021 published a report that assessed the benefits, challenges and risks of RegTech use in the EU.

Based on thorough research and inputs gathered from CAs, financial institutions and RegTech providers, the RegTech report featured a deep-dive analysis into the application of technology to facilitate compliance with regulatory requirements and make certain financial institutions’ processes more effective and efficient. The top five segments identified in which RegTech is used most widely are AML/CFT, fraud prevention, prudential reporting, ICT security and creditworthiness assessments.

Looking at the benefits that RegTech solutions offer, financial institutions emphasise enhanced risk management, better monitoring and sampling capabilities, and reduced human errors. RegTech providers flag up the ability to increase efficiency, manage the impact of ongoing regulatory change and boost effectiveness.

Both financial institutions and RegTech providers face certain challenges. It is essential that they maintain their efforts to overcome these issues if they are to benefit from technological innovation. The RegTech report suggested that the majority of challenges to the development of the RegTech market were internal factors within financial institutions and RegTech providers. Factors that were seen to be hindering the adoption of RegTech across the EU included the following: data quality, security and privacy, interoperability and the integration of new solutions with the existing legacy systems, a lack of application programming interface (API) capabilities at some financial institutions, costly and often lengthy and complex due diligence processes, and limited awareness of RegTech solutions.

Innovations must go hand in hand with carefully identifying, assessing and managing any associated risks on the part of both institutions that adopt RegTech and supervisors who supervise institutions’ use of RegTech solutions. In this regard, the RegTech report has provided an overview of some potential risks that may emerge for financial institutions, including compliance, concentration, business continuity, specific technology-related risks, personal data protection and operational risks. From the competent authorities’ perspective, the main risks that may stem from the supervision of institutions’ use of RegTech solutions relate to potential difficulties in the assessment of the effectiveness and reliability of the technological solutions used and the potential lack of the skillset and toolset needed to supervise the use of technology-enabled RegTech solutions.

Building on the existing initiatives undertaken by the EBA, ESAs and CAs, the EBA proposed the direction of travel for steps to support the sound adoption and scale-up of RegTech solutions. The aims would be to deepen knowledge about technological developments, address any existing skills gaps among regulators and supervisors and to support the convergence of supervisory practices across the EU in the treatment of RegTech. Leveraging the role and expertise of the EFIF and the national regulatory sandboxes and innovation hubs as a safe testing environment for RegTech solutions, the launch of the flagship EU Supervisory Digital Finance training Academy and the EU Digital Finance Platform will help these goals to be achieved.

Figure 15: Continued monitoring of RegTech development

Identifying the benefits and challenges of machine learning models used in the context of IRB models for credit risk

More than 15 years after the introduction of credit risk models to the regulatory framework, the availability of data and the capacity of computer power have skyrocketed. In this context, new algorithms have been developed which allow for both the use of new data (‘unstructured data’) and the better use of existing data. As such, these state-of-the art modelling techniques represent a new opportunity to enhance credit risk management practices, and have already been used successfully by institutions in other business areas such as fraud detection and AML.

However, this innovation also entails certain costs. As a matter of fact, the extra complexity of machine learning models brings with it additional challenges in terms of development (such as the risk of overfitting additional ‘hyperparameters’) and of application and maintenance (e.g. the interpretability of the results).

The EBA has therefore engaged with the industry via a discussion paper published on 11 November 2021 to identify how new, sophisticated machine learning models can coexist with and adhere to the regulatory requirements when used in the context of IRB models. The discussion paper seeks feedback on how these models are used in practical terms by the industry, how the new challenges are being dealt with, as well as on the potential interaction with recent new initiatives (General Data Protection Regulation and Artificial Intelligence Act). The discussion paper therefore investigates a set of principles-based recommendations that would ensure the prudent use of machine learning models in the context of the IRB framework.

Strengthening depositor protection

Enhancing the resilience of the national deposit guarantee schemes

The EBA revised the existing guidelines on the stress tests conducted by the national DGS. These revisions were based on the areas for improvement that had been identified by the first EBA peer review of DGS resilience, published in June 2020.

The revised framework extends the scope of the DGS stress tests by requiring more tests compared to the original guidelines. Deposit insurers now have to test their ability to perform all the interventions included in their legal mandate, such as compensating customers and restoring banks’ solvency, as well as their ability to access all of their ex ante and ex post funding sources. The DGS should also assess their ability to cooperate with their counterparts in other Member States and other public authorities.

The revised guidelines provide comparability of the results by establishing a set of mandatory indicators and a harmonised template. The DGS are asked to transparently report possible weaknesses and elaborate on the lessons learned from their tests and real-life cases. Deposit guarantee schemes’ internal systems over time can also be enhanced by encouraging DGS to stress test scenarios with additional business continuity challenges such as pandemics or IT failures.

Thanks to these revised guidelines, depositors can have greater confidence in the ability of their national DGS to promptly repay their funds in the event of a bank failing.

In 2022, the EBA plans to hold a workshop with practitioners to discuss the implementation of the new requirements on DGS stress testing set by the revised EBA guidelines.


Figure 16: Steps of the stress testing cycles conducted by the DGS

Strengthening the protection of client funds by deposit insurers

The EBA published an opinion on the treatment of client funds under the Deposit Guarantee Schemes Directive (DGSD). This document assessed the current approaches to the protection of funds deposited with credit institutions on behalf of clients by entities that are themselves excluded from DGS protection, such as payment institutions, e-money institutions, investment firms, other banks and other types of financial companies. Based on the EBA’s assessment, the opinion articulated a number of specific recommendations addressed to the EU Commission with the aim of informing its ongoing review of the DGSD.

For example, the EBA observed that there are discrepancies relating to the protection of client funds by DGS across the EU, and also within Member States, depending on what sort of entity deposits them on behalf of its clients. Thus, the opinion recommends clarifying the DGSD to ensure that funds deposited on behalf of clients are uniformly protected across the EU. This would provide clarity, the harmonised treatment of client funds and, in instances where they are not covered, enhanced consumer protection. The opinion also makes recommendations on how to prevent risk spreading from a failed bank to entities which placed client funds with that bank, and on how to ensure that credit institutions contribute to the DGS funds based on the amount of protected client funds they hold.

Contributing to the harmonised and transparent funding of deposit insurers

The EBA published guidelines on the delineation and reporting of available financial means (AFMs) of deposit guarantee schemes. The aim of the guidelines is to improve confidence in financial stability across the EU by establishing a more harmonised application of the DGSD with regard to reaching the target level in the and by enhancing transparency and the comparability of DGS’ financial positions.

In accordance with the Deposit Guarantee Schemes Directive, DGS are required to build up ex ante funds amounting to 0.8% of covered deposits by 3 July 2024. The guidelines stipulate that only funds that were originally contributed by credit institutions will count towards the target level of said funds. This means that borrowed funds cannot count towards the target level. However, this does not prevent DGS from also using borrowed resources, where necessary, for example to reimburse depositors. The guidelines also expand the current reporting requirements by DGS to the EBA to enable the EBA to publish more extensive information on DGS funding going forward.


Monitoring the application of the EU regulatory framework for retail payments (PSD2) and strengthening its supervision

In 2021, the EBA contributed to the PSD2 objectives of facilitating innovation, enhancing competition in the EU single market and protecting consumers by boosting supervisory convergence, progressing its work on the removal of obstacles to the provision of third-party providers’ services and providing clarity on the application of the limited network exclusion under PSD2.

Enhancing supervisory convergence to ensure compliance and foster a level playing field on the market

In February 2021 the EBA published an opinion on the supervisory actions NCAs should take for the timely removal of any remaining obstacles by account servicing payment service providers (ASPSPs). The opinion aims to contribute to a level playing field across the EU and the consistent application and supervision of relevant requirements under PSD2 and the regulatory technical standards (RTS) on strong customer authentication and secure open standards of communication (SCA and CSC).

Furthermore, in the second half of 2021 the EBA published two sets of clarifications in response to the outstanding issues that had been raised by the EBA industry working group on application programming interfaces (APIs) under PSD2.

In the second half of 2021, the EBA launched the process for amending the RTS on SCA and CSC with regard to the 90-day exemption from SCA for account access. In October, the EBA published a consultation paper with its proposals. The proposed amendment to the RTS aims to address a number of issues that the EBA has identified in the application of this exemption by some ASPSPs across the EU and which have resulted in a negative impact on the services offered by account information service providers (AISPs). To mitigate these issues, in the consultation paper the EBA proposes introducing a new mandatory exemption from SCA for the specific use case when access is obtained through an AISP, provided that certain conditions are met.

The consultation ran until 25 November 2021 and attracted a very high number of 1 250 responses, which provided the EBA with a good overview of the various types of stakeholders involved. The EBA continued this work in 2022 and published its final report on the amendment of the RTS in April 2022.

The EBA also closely monitored the process of finalising the migration to SCA for e-commerce card-based payment transactions to ensure a level playing field and prevent regulatory arbitrage. As a result, in June 2021 the EBA published a report providing insights based on industry data into the migration status of EU merchants, SCA-enabled payment cards and payment service users, compliant transactions and fraud levels.

Enhancing convergence in the assessment of exclusions from PSD2

In July 2021, the EBA published a consultation paper on own-initiative guidelines pertaining to the application of the limited network exclusion under PSD2. The exclusion covers services based on specific payment instruments that can be used only in a limited way, such as store cards, fuel cards, public transport cards and meal vouchers. The aim of the draft guidelines was to address significant inconsistencies in how this exclusion had been applied across the EU in the past with a view to contributing to the Single Market for payment services in the EU and enhancing transparency for supervisors and customers. The proposed guidelines provided clarity on specific aspects of the exclusion’s application, such as how a network of service providers or a range of goods and services should be assessed in order to qualify as ‘limited’, the use of payment instruments within limited networks, the provision of excluded services by regulated financial institutions and the submission of notifications to NCAs.

Building the infrastructure in the EU to lead, coordinate and monitor AML/CFT supervision


In 2021, the EBA continued to lead, coordinate and monitor the EU financial sector’s efforts in the field of AML/CFT, based on its revised mandate from 2020. The main areas of focus remained AML/CFT-related policy development, fostering cooperation across Member States’ competent authorities in the fight against money laundering and terrorist financing and supporting the effective implementation of the overall EU AML/CFT framework through training and capacity-building.

Completing the EU’s regulatory AML/CFT framework

The EBA worked to put in place a holistic approach to tackling ML/TF risk across all areas of supervision and all stages of an institution’s life cycle. This included, among other deliverables, work to ensure that prudential supervisors are aware of – and have the necessary tools to tackle – ML/TF risk at authorisation and during the SREP, and that they cooperate with AML/CFT supervisors as part of these processes.

The EBA further consolidated and strengthened the EU’s AML/CFT regulatory framework through updates to its core AML/CFT guidelines as well as the risk-based AML/CFT supervision and ML/TF risk factor guidelines. These revisions take into account changes to the EU AML/CFT legal framework and address new ML/TF risks, including those identified by the EBA’s implementation reviews. In addition to strengthening financial institutions’ risk-based approaches to AML/CFT, the revision supports the development of more effective and consistent supervisory approaches where evidence suggested that divergent approaches continue to exist. The EBA also issued draft regulatory technical standards (RTS) on EuReCA, a new, central, AML/CFT database, its third opinion on ML/TF risk in the EU’s financial sector, as well as draft guidelines on remote customer onboarding and the role and responsibilities of AML/CFT compliance officers. A project to assess the scale and impact of de-risking in the EU culminated in the publication of an opinion and report in January 2022.

Putting in place a data-driven approach to monitoring ML/TF risks

EBA opinion on ML/TF risks

In March 2021, the EBA issued its third opinion on the risks of ML and TF affecting the EU’s financial sector, one of the EBA’s flagship publications on financial crime, which is issued every two years based on the EBA’s mandate. This opinion informs the European Commission’s Supranational Risk Assessment (SNRA) as well as the national risk assessments of EU Member States. In 2021, the most significant risks related to virtual currencies and innovative financial services, which affected the entire financial system. Although these risks had already been identified in the previous two opinions on ML/TF risks, information provided by NCAs suggested that they were more relevant than ever. Other risks included de-risking, tax-related risks (including the difference in supervisory approaches to handling tax-related crimes) and risks associated with the COVID-19 pandemic. The opinion also covered risks that are specific to particular sectors such as ML/TF risks associated with crowdfunding platforms. The opinion included targeted recommendations to competent authorities to close the gaps identified.

Identifying new ML/TF risks

In addition to the opinion on ML/TF risks, the EBA monitored the emergence of new risks throughout 2021 and alerted competent authorities and the public at large where necessary. Risks associated with the COVID-19 pandemic, which may affect financial institutions’ ability to ensure adequate AML/CFT compliance, and competent authorities’ ability to ensure the ongoing supervision of financial institutions in the context of restrictions on movement, were underlined further in the EBA annual risk assessment report (RAR) on the European banking system. In 2021, we also carried out our first inquiry under Article 9a(5) of the EBA Regulation, which empowers the EBA to perform risk assessments of competent authorities’ strategies, capacities and resources to address the most important emerging risks relating to ML/TF at the EU level. This inquiry covered the competent authorities’ responses to the risks identified as part of the information contained in the ‘Luanda Leaks’, as released in January 2020. The findings of this inquiry will be made public in 2022.

Developing EuReCA – the European AML/CFT central database

2021 marked a milestone in establishing the EBA’s central AML/CFT database named EuReCA, which stands for European reporting system for material CFT/AML weaknesses. EuReCA is based on the EBA’s revised AML/CFT mandate in Article 9a of the EBA Founding Regulation, which was entrusted to it in 2020. The EBA aims to use EuReCA to gather, structure and share information on financial institutions’ AML/CFT material weaknesses, as identified by competent authorities, and the measures that such authorities have taken to rectify these material weaknesses.

EuReCA was launched on 31 January 2022. The EBA has since then provided dedicated training to supervisors, followed by regular weekly meetings with users submitting directly to the platform. We have also provided users with a series of supporting materials such as FAQs and user guides.

Throughout 2022, EBA will continue to support EuReCA’s users in meeting their reporting obligations via FAQs and more in-depth training. The joint controllership arrangements for personal data are also set to be finalised and signed in 2022. As the information reported to EuReCA is expected to grow as time goes on, more time will have to be dedicated to analysing and sharing the information.







AML Policy Expert


AML Data Specialist


AML Data Specialist

How did the work on EuReCA progress during 2021?

The work initially involved drawing up two draft regulatory technical standards (RTS), constituting the basis of EuReCA, and then building EuReCA itself. The final draft RTS, which benefited from extensive support from the Board of Supervisors, were published on the EBA’s website in December 2021. The draft RTS emerged from intense discussions throughout the year on key notions such as what constitutes a material weakness, which is the trigger for reporting to EuReCA. There was a lot of deliberation regarding the specifications of the information to be reported, ensuring in particular that the information obtained can allow a comprehensive assessment of the weakness and its impact or potential impact, as well as the factors leading up to it. The draft RTS were accompanied by technical specifications comprising the detailed data points as well as the type of authorities reporting directly and indirectly to EuReCA.

You said EuReCA is the result of a collaborative effort – who was involved in the project?

Indeed, this project has required collaboration with numerous actors, both internally at the EBA –with the involvement of experts from various teams (policy experts, AML/CFT data specialists, legal and data protection experts, IT specialists including business analysts, IT architects and security specialists) – and across the EU, spanning competent authorities from all financial services sectors as well as ESMA and EIOPA. This was important to ensure buy-in, a consistent approach, and a result that makes sense for those who will use EuReCA.

What about the data protection aspects of EuReCA?

One important step also entailed drawing up, together with data protection experts and for the first time at the EBA, a draft data protection impact assessment (DPIA) that first identified and evaluated the risks of processing personal data and then established the necessary controls to mitigate these risks. This also required informal consultation with the European Data Protection Supervisor (EDPS) on both the draft RTS and the draft DPIA, as well as on drafting a memorandum of understanding on joint controllership of personal data by both the EBA and the various relevant authorities concerned.

How did you find the process of building EuReCA?

We worked very closely with the EBA’s IT unit from the very beginning. The formal IT work started in early 2021 with an analysis of the requirements specified in the draft RTS and the technical specifications mentioned above. The initial work consisted of an exhaustive analysis with business analysts and legal experts of the different business requirements and brainstorming how to transform them into IT specifications. This was crucial in identifying the most suitable delivery strategy based on the nature of the data and experience of similar systems. The project has matured since then, passing through different stages in its evolution from the design of the platform to that of its architecture and subsequently on to its final delivery. The work also resulted in a set of user flows and screen mock-ups. Due to the complexity of the data collected by this platform, we requested competent authorities’ first-hand insights on the usability and user-friendliness aspects of the platform design before launching it. This feedback was obtained via user research workshops that took place in September 2021. In addition, during this journey the project team kept in close contact with security experts. Once the requirements were finalised, the IT architects got involved to start building the platform. From then on until the platform’s delivery, the IT, legal and business teams worked together closely to create and test the EuReCA platform.

What difference will EuReCA make to the fight against money laundering/terrorist financing in the EU?

EuReCA is a unique information source on AML/CFT weaknesses, and the first time in the European context that we collect such information centrally. The EBA envisages using information from EuReCA to inform its wider work on ML/TF risks affecting the EU financial sector and its policy work. EuReCA is also expected to promote the EBA’s coordination efforts by enabling the EBA to share information from EuReCA with competent authorities on a confidential and need-to-know basis. Information from EuReCA can therefore support authorities at all stages of the supervisory process and, in particular, where specific ML/TF risks or trends emerge. In this regard, EuReCA is expected to act as an early warning tool that will enable competent authorities to act before ML/TF risks crystallise.


Enhancing the convergence of AML/CFT supervisory practices across the EU

Functioning of AML/CFT colleges

In 2021, the EBA continued to foster cooperation and the exchange of information between competent authorities, including by establishing and monitoring AML/CFT colleges. The AML/CFT colleges are permanent structures that bring together different supervisory authorities responsible for the supervision of the same financial institution if it operates in at least three Member States and outside the EU.

Throughout 2021, the EBA contributed, through technical advice, to setting up 120 new AML/CFT colleges of financial institutions and Member States. EBA staff attended 37 colleges and provided hands-on bilateral feedback, as required, as well as facilitating the negotiation of framework terms of participation for AML/CFT college observers and third-country authorities.

In December 2021 the EBA put in place a strategy for its AML/CFT colleges’ monitoring activities. This strategy will come into effect in 2022. Accordingly, between 2022 and 2024 the EBA will actively monitor 15 AML/CFT colleges and select 10 other AML/CFT colleges annually for thematic monitoring. The outcomes from this monitoring will be published in an annual report and will also inform the EBA’s other work.

Figure 17: Decision tree for selecting actively monitored AML/CFT colleges

Reviewing NCAs’ approaches to AML/CFT supervision and providing targeted, bilateral recommendations for improvement

Throughout 2021, the EBA continued its programme of in-depth staff-led reviews of competent authorities’ approaches to the AML/CFT supervision of banks. During this round of reviews, EBA staff, with the support of a small network of AML/CFT experts, assessed seven competent authorities, out of which six reviews were carried out concurrently with the Council of Europe. An eighth review was planned but rescheduled to 2022 at the request of the Member State.

Every review lasted several months and included a comprehensive desk-based review of each competent authority’s policies and procedures, a one-week virtual on-site review during which teams interviewed key members of staff and external stakeholders, and a detailed feedback letter. This letter set out the review team’s findings as well as the actions EBA staff recommended that NCAs take to strengthen their approach to AML/CFT supervision and tackle ML/TF risk from a prudential perspective going forward.

Overall, EBA staff found that most of the competent authorities in this year’s sample were committed to strengthening their approach to AML/CFT supervision and that the changes introduced after the recent transposition of relevant EU legislation, such as greater enforcement powers, had started to make a difference. In spite of this, challenges relating to the identification of ML/TF risks in the banking sector, the adoption of meaningful risk-based supervisory strategies and ensuring an appropriate balance between intrusive on-site and off-site supervision remained a challenge for most. The EBA also found that cooperation with financial intelligence units was not always systematic and was often ineffective. These challenges have hampered the implementation of an effective risk-based approach to AML/CFT supervision.

Sharing expertise and building capacity through AML/CFT training

EBA staff provided expert input and technical expertise on AML/CFT issues to the European Commission, the BCBS’s AML Expert Group and the Financial Action Task Force and remained involved, as an observer, in the Europol Financial Intelligence Public-Private Partnership, which brings together law enforcement agencies, financial intelligence units and financial institutions. The EBA also organised four AML/CFT training events that were attended by more than 1 500 AML/CFT and prudential supervisors as well as financial intelligence units from all EU/EEA Member States. In addition, the EBA hosted four AML/CFT expert round table discussions with up to 90 participants from national competent authorities. A quarterly AML/CFT newsletter, which the EBA launched last year, now has close to 2 000 subscribers.

Providing the policies to factor in and manage ESG risks


Climate change, environmental degradation and other sustainability (or ESG) factors are expected to pose considerable challenges for the global as well as EU economy, driving key risks for the banking sector. Supporting the transition to a more resilient and sustainable European banking sector is a key objective for the EBA. To that end, the Authority has been highly active in outlining how ESG factors should be considered by institutions and competent authorities.

Setting out proposals on the management and supervision of ESG risks

EBA report on the management and supervision of ESG risks

There is a broad acknowledgement that ESG factors may translate into financial risks and that the financial sector should play a key role both in terms of managing risks and facilitating the transition towards a more sustainable economy. Clear definitions and effective risk assessment methodologies are necessary to achieve progress in this regard.

Against this background, on the basis of its CRD and IFD mandates the EBA published its report on the management and supervision of ESG risks for credit institutions and investment firms in June 2021. This report harmonises definitions and describes available methodologies, as well as set out the EBA’s proposals and recommendations on how institutions should address ESG risks and how supervisors should assess institutions’ ESG risk management practices.

The report points out the need for institutions to incorporate ESG risk considerations across their processes and operations. A comprehensive, strategic and forward-looking approach must be taken given the characteristics of these risks. While institutions should remain responsible for setting their strategies, they should identify and manage ESG risks to ensure the resilience of their business models, not only in the short term but also in the medium and long term.

The report clarified how the EBA expects banks to manage ESG risks as drivers of financial risks and to implement enhanced business planning, governance and risk management frameworks. Efforts to develop internal risk management tools and practices, including the use of scenario analysis, should be accelerated. Moreover, business planning should, at least on a qualitative basis, consider an extended time horizon of 10 years as a minimum.

Several recommendations included in the report have been followed up in the Commission’s legislative proposal on the revised banking package (CRR III/CRD VI), which should contribute to a more systematic incorporation of these risks by the banking sector going forward. At the EBA level, the report will be the basis for developing new and updating existing guidelines. Updated guidance on internal governance and remuneration has already been provided. Further guidance on ESG risk management and supervision will follow.

Figure 18: Main content of EBA report on ESG risk management and supervision

Defining disclosure standards on sustainability

The EBA contributed towards defining sustainability disclosure standards, as mandated by the CRR via the final technical standards for Pillar 3 disclosures of ESG risks. Further explanations of these standards are provided in other sections of this report.

In addition, the EBA contributed to the Joint Committee’s work on defining ESG-related disclosures of financial products and financial market participants’ entity-level disclosure of the principal adverse sustainability impacts.

In the case of the banking sector, these disclosures will apply to credit institutions with portfolio management activities.






Head of the Reporting and Transparency Unit


Senior Policy Expert


Policy Expert

Why did the EBA develop Pillar 3 disclosure standards on ESG risks?

Enhanced disclosure can help to promote market discipline in the financial sector. Reducing information asymmetry regarding banks’ risk profiles allows stakeholders to make informed decisions. With the implementation of the Pillar 3 framework on ESG risks following the mandate included in the CRR, the EBA aims to support institutions in their disclosure obligations, facilitating stakeholders’ access to comparable information on lending and investment activities that are subject to ESG-related risks, while enabling them to compare institutions’ sustainability performance. In addition, the Pillar 3 framework should promote institutions’ transparency on how they are mitigating these risks and how they are supporting their counterparties in the climate change adaptation process, as well as the transition towards a more sustainable economy.

What do Pillar 3 standards on ESG risks entail?

In developing the Pillar 3 framework, the EBA is following a sequential approach. At the moment its focus is on climate change-related risks. This priority reflects the urgency of the matter and is in line with current developments in Europe and internationally. In this phase, banks are required to disclose both quantitative and qualitative information on climate change-related risks. Meanwhile for other environmental objectives and social and governance aspects, banks are required to disclose qualitative information on their own governance arrangements, business model and strategy, as well as risk management. The EBA is closely monitoring policy developments in the EU and internationally and will eventually extend the disclosure standards to cover quantitative information on the broader scope of ESG risks.

In terms of quantitative information, the standards aim to capture key activities on banking books relating to ESG risks. This includes information on (i) banks’ exposures – loans, for example – to fund non-financial corporations operating in key sectors that contribute significantly to climate change such as fossil fuels, together with the greenhouse gas (GHG) emissions financed via those loans; (ii) banks’ exposures to financing economic activities in geographical areas that may be affected by climate change, such as areas prone to flooding; (iii) the energy efficiency of the immovable properties that banks accept as collateral when they finance RRE for households and CRE for businesses; (iv) information on exposures to carbon-intensive, highly polluting corporates; and (v) forward-looking information on banks’ alignment with net-zero GHG metrics and their targets.

In addition, banks are required to disclose information on actions mitigating climate risks by supporting non-financial corporations and other counterparties in the transition to a carbon-neutral economy and adapting to climate change. For example, the disclosures would show banks’ lending to non-financial corporates that are contributing to these climate change transition and adaptation objectives. One example would be a technology company that borrows funds to improve the energy efficiency of its manufacturing site. Another would be a car manufacturer that produces electric vehicles. This information is captured in two KPIs: the GAR, which focuses on exposures to large corporates and households, and the BTAR, which incorporates relevant information on SMEs.

The disclosure templates also ask banks to explain their activities and plans for tackling and mitigating ESG risks.

How did the EBA develop these standards?

When developing the standards, we understood the need for coordination at the EU and international levels to avoid regulatory fragmentation, and we cooperated closely with various public stakeholders and private market participants. The standards are built on other relevant initiatives such as the recommendations of the Financial Stability Board’s Task Force on Climate-Related Financial Disclosures (TCFD) and the classifications provided by the EU Taxonomy Regulation. However, we have gone one step further by setting mandatory and consistent disclosure requirements – including granular templates, tables and associated instructions – to improve the consistency and comparability of disclosures.


Laying the foundations for embedding climate risk into the stress testing framework

Given the unprecedented challenges posed by climate-related risks, the EBA has put these at the top of its agenda. Means of addressing these relatively new risks include climate stress testing and scenario analysis. In 2021, the EBA published the results of the EU-wide pilot exercise on climate risk, which was launched in 2020 as part of the EBA action plan on sustainable finance. The EBA pilot exercise was the first EU-wide initiative on climate risk and was run with 29 volunteer banks from 10 EU countries representing around 50% of the banking sector assets in the EU (47% of its risk-weighted assets).

Since frameworks for stress testing climate risk are still developing, the pilot was designed as a learning exercise for both the EBA and participating banks. It focused on transition risk, and its main objective was to explore data and methodological challenges in order to categorise exposures that could potentially be vulnerable to climate risks and to assess banks’ readiness to apply the EU green taxonomy. A scenario analysis, which was run using the scenarios developed by the Network for Greening the Financial System (NGFS), was also performed using a top-down model.

The exercise focused on non-SME corporate exposures, as banks face challenges in retrieving climate-related information for SMEs’ exposures and retail mortgages at this stage.

The experience gained by both the EBA and participating banks was positive. It helped give an understanding of where banks stand in terms of data capabilities to assess climate risk. Banks are making significant efforts to expand their data and modelling infrastructures, but a substantial amount of work still remains to be done, especially concerning client-specific information at the activity level and incorporating forward-looking components (such as transition strategies) into climate risk assessment tools.

The results indicated that 58% of the total non-SME corporate exposures of participating banks are to sectors vulnerable to transition risk, with a high concentration in certain sectors. Furthermore, 35% of the total non-SME corporate exposures are to EU obligors with GHG emissions above the median of the distribution, while high- and low-carbon obligors each make up roughly 22% of banks’ corporate non-SME holdings in the analysis.

As far as green classification is concerned, the participating banks were in different development phases in terms of assessing the greenness of their exposures. The exercise involved estimations using two techniques, and the report shows the differences in outcomes. Subject to the constraints outlined, a first gauge of the GAR is provided, showing an aggregate EU GAR of 7.9%.

Finally, the scenario analysis shows that there is a large dispersion across banks in terms of the impact on expected credit risk losses due to adverse climate risk scenarios. Tools for scenario analysis are developing quickly, and further progress is likely to be made on modelling the transmission channels of climate risk shocks to banks’ balance sheets and on developing more granular climate risk scenarios.

After the publication of the results, the EBA followed up bilaterally with participating banks to discuss individual banks’ performance in the exercise and obtain general feedback on climate risk assessments from the industry.

The pilot exercise has been a catalyst for the transition process that banks have started towards incorporating climate-related factors into their internal risk assessment tools. Most banks have gained momentum on tackling climate risk, but they are still at an early stage and a lot of work remains to be done.

Starting from the experience gained and the results of the exercise, in the coming years the priority will be to build the fundamentals for a robust climate risk stress test framework in line with the new mandates awarded by the European Commission. This will also require the involvement of the EBA’s stakeholders, cooperation with other EU authorities and close interaction with the industry.

Providing guidance on own funds and eligible liabilities that include ESG features

In light of the recent market trend of issuing own funds or eligible liabilities instruments with ESG features linked to ESG labels, the EBA included a dedicated guidance in the Additional Tier 1 (AT1) report published in June 2021. The purpose of this guidance is to (i) provide an overview of the risks identified, (ii) comment on the differences identified in clauses and (iii) provide policy observations and guidance on how the clauses used for ESG issuance and the eligibility criteria for own funds and eligible liabilities instruments interact. The ultimate aim is to indicate best practices or practices/clauses that should be avoided from an own funds and eligible liabilities perspective. To investigate compliance with the guidance, the EBA assessed some prospectuses and terms and conditions relating to new issues of ESG own funds, paying particular attention to the following aspects:


  1. no segregation of assets and liabilities (i.e. a need for fungibility of use and management of the proceeds);
  2. a clear description of the status of notes (i.e. hierarchy, subordinated nature, no impediment to resolution, etc.);
  3. no link between the performance or use of assets and notes (i.e. no acceleration, no event of default, lack of assets not being an incentive to redemption, no performance fees or ESG targets linked to the premiums).

Based on the EBA’s initial assessment, it appears that the recommendations on ESG capital instruments have been integrated into the documentation for recent issues, with varying degrees of completeness depending on the individual issuers.

In terms of the next steps, the EBA will continue to look at the ESG features (including ESG targets and KPIs) of some new own funds and eligible liability issues.

Developing a framework for sustainable securitisation

The EBA published a report on sustainable securitisation in which it examined how sustainability could be introduced into the securitisation space to foster transparency and credibility in the EU sustainable securitisation market and to support its sound development. The analysis showed that it would be premature to establish a dedicated framework for green securitisation. Instead, the EBA advised the European Commission that the upcoming EU Green Bond Standard regulation should also apply to securitisation, provided that some adjustments are made to the standard. These adjustments would allow the EU sustainable securitisation market to develop and to play a role in financing the transition towards a greener EU economy.

The EBA also recommended that the Securitisation Regulation be amended to extend voluntary ESG disclosures to non-STS securitisations. It also called for further EBA work on green synthetic securitisation and social securitisation.

Contributing to EU and international initiatives

The EBA’s work on ESG risks and sustainable finance is closely intertwined with ongoing developments at the EU and international level, to which the EBA also directly contributes. At the EU level, the EBA has provided input to inform the development of the European Commission’s renewed sustainable finance strategy, published in July 2021, and its legislative proposal on CRR III/CRD VI, which contains several ESG-related provisions. In addition, the EBA is a member of the Platform on Sustainable Finance, advising the Commission on matters including the EU taxonomy’s usability and how it could be used for transition purposes.

The EBA is also involved in international forums. This includes the work conducted by the NGFS, for instance to assess potential risk differentials between green and non-green assets, with a report due in 2022. Within the BCBS high-level Task Force on Climate-related Financial Risks (TFCR), the EBA contributes to assessing whether climate-related risks are sufficiently captured by the current framework or need to be better addressed across the regulatory, supervisory and disclosure dimensions. In particular, the BCBS plans to publish principles for the effective management and supervision of climate-related financial risks in 2022, supporting the development of a coordinated approach to climate risks internationally.

Making progress towards obtaining Eco-Management and Audit Scheme (EMAS) registration

In 2021, the EBA successfully completed all the preparatory phases to be EMAS verified and was expecting to be certified in the first quarter of 2022.

The Environmental Policy was updated. These are the overall intentions and direction of an organisation relating to its environmental performance as formally expressed by top management including compliance with all applicable legal requirements relating to the environment and also a commitment to the continuous improvement of environmental performance. It provides a framework for action and for the setting of environmental objectives and targets.

The roles and responsibilities within the Environmental Management System were established (see graph below), and Katerina Karypidou, Head of Unit Corporate Support, was appointed as the Environmental Coordinator and top management representative.

The first internal audits were hosted, with auditors underlining that “environmental matters and concerns are part of the EBA’s premises management, activities and missions; the European Banking Authority complies with most of the essential requirements for validation pursuant to EMAS Regulation 2017/1505; and that the environmental management system seems to be well embedded within top management and implemented in a target-oriented manner”.

The first management review was performed, with the Executive Director concluding that the Environmental Management System at the EBA was suitable, adequate and effective.

The inaugural environmental statement was finalised and was subject to the first external verification and validation in the first quarter of 2022.

The EMAS communication strategy was adopted and communicated internally throughout the year under the theme ‘Sustainability and beyond’ and tagline ‘Together we can make a difference’.

Externally, an EBA statement was issued in the context of COP26. It highlighted the EBA’s efforts to update and enhance the entire supervisory and prudential regulatory framework in the ESG domain.

Objective for 2022: to be EMAS-registered.

Figure 19: EMAS team pyramid

The ESAs’ cross-sectoral work under the Joint Committee


In 2021, the Joint Committee, under the chairmanship of ESMA, continued to have a central role for the coordination and exchange of information between the ESAs, the European Commission and the European Systemic Risk Board (ESRB). The main areas of cross-sectoral focus continued to be joint risk assessment, enhancement of consumer protection, development of the regulatory and supervisory frameworks for sustainable finance and securitisation, as well as monitoring and contributing to the development in digital finance, supporting scale-up of FinTech through innovation hubs and sandboxes and cybersecurity.

Joint risk assessments: understanding the impact of COVID-19 and financial sector vulnerabilities

The Joint Committee issued two joint risk assessment reports on risks and vulnerabilities in the EU financial system. The 2021 Spring Joint Risk Report highlighted how the COVID-19 pandemic continued to weigh heavily on short-term recovery prospects, focused on a number of vulnerabilities in the financial markets and warned of possible further market corrections. The ESAs also warned of a possible deterioration in asset quality and recommended policy actions for supervisors and regulated institutions, including for banks to ensure sound lending practices and appropriate pricing of risks, and to adjust provisioning models to adequately address the impact of the economic shock of the pandemic. The ESAs also called on competent authorities, financial institutions and market participants to continue to develop further actions to accommodate a ‘low-for-long’ interest rate environment and its risks.

The 2021 Autumn Joint Risk Report highlighted increasing vulnerabilities in the financial sector, not least because of side effects of the COVID-19 crisis measures, such as increasing debt levels and upward pressure on asset prices. The report noted that expectations of inflation and yield growth, as well as increased investor risk-taking, might put additional pressure on the financial system. In such a context, the ESAs warned of the continued risk of possible asset quality deterioration, potential disorderly increases in yields and sudden risk premium reversals. In addition to these economic vulnerabilities, the Joint Risk Report highlighted the increased exposure of the financial sector to cyber risk and ICT-related vulnerabilities. The ESAs highlighted the need for appropriate technologies and suitable control frameworks to be in place to address threats to information security and business continuity in the financial sector.

Consumer protection: spotlight on financial education

In 2021, consumer protection continued to be a key element in the work of the Joint Committee.

Following the submission of the draft RTS with the proposed amendments to the packaged retail and insurance-based investment products (PRIIPs) Delegated Regulation to the European Commission in January 2021 and as part of a wider initiative of the European Commission to develop a new retail investment strategy for the EU, in July 2021, the Joint Committee received from the Commission a call for advice on the review of the PRIIPs Regulation. The scope of the mandate from the European Commission follows the areas referred to in Article 33 of the PRIIPs Regulation and includes issues related to the use of digital media. In order to gather evidence, the Joint Committee published a call for evidence for a public consultation until 16 December 2021 and delivered its joint advice at the end of April 2022.

During 2021, in total 11 administrative sanctions or measures under the PRIIPs Regulation were reported to the ESAs by the competent authorities in three Member states (Croatia, Czech Republic and Hungary). These measures were administrative fines and orders to the PRIIPs manufacturer to remedy specified breaches of the PRIIPs Regulation and the PRIIPs Delegated Regulation. The Czech National Bank and the Central Bank of Hungary reported administrative fines totalling CZK 1 000 000 (approximately EUR 40 225), and HUF 3 000 000 (approximately EUR 8 118), respectively.

Furthermore, the Joint Committee finalised its review of the application of the joint ESAs’ guidelines on complaints-handling that the three ESAs had issued in 2014. The review concluded that the joint guidelines have contributed to a consistent approach to complaints-handling across the banking, insurance and securities sectors and have resulted in better outcomes for consumers. This review examined how the ESAs guidelines on complaints-handling have been applied since they came into force. In particular, the final report of the review describes the extent to which the objectives of the guidelines have been achieved, the supervisory actions that the NCAs have undertaken as a result of their national implementation, including the steps taken to identify good/poor practices by firms, as well as the remaining challenges faced.

Finally, the Joint Committee started a new work stream on financial education to fulfil the ESAs’ mandate to review and coordinate national financial education initiatives. The main focus of the Joint Committee’s work in this area in 2021 was the preparation of a joint high-level conference on financial education and the development of a joint ESAs repository of national education initiatives focused on fraud, scams and cybersecurity, both of which took place in February 2022.

New disclosure rules on sustainability in response to demand for sustainable products

A very significant part of the work of the Joint Committee in 2021 focused on the development of the regulatory and supervisory framework for sustainability-related disclosures.

The SFDR, which was amended by Article 25 of the Taxonomy Regulation, mandated the ESAs to develop a number of RTS through the Joint Committee. In 2021, the Joint Committee developed two sets of draft RTS, containing a total of 13 individual RTS.

First, on 4 February 2021, the ESAs published draft RTS on the content, methodologies and presentation of disclosures under the SFDR that aim to strengthen protection for end-investors by providing sustainability disclosures on the principal adverse impacts of investment decisions and on the sustainability features of a wide range of financial products. This will help to respond to investor demands for sustainable products and reduce the risk of greenwashing. In addition, the draft RTS contain proposals under the Taxonomy Regulation on the ‘do no significant harm’ (DNSH) principle.

Second, on 22 October 2021 the ESAs published draft RTS on disclosures under the SFDR that relate to financial products investing in economic activities that contribute to environmental objectives. The draft RTS provide disclosures to end-investors on the investments of financial products in environmentally sustainable activities, providing them with comparable information to make informed investment choices and enable a single rulebook for sustainability disclosures under the SFDR and the Taxonomy Regulation. The draft RTS include pre-contractual and periodic disclosures for products referred to in Articles 5 and 6 of the Taxonomy Regulation that identify the environmental objectives to which the product contributes and show how and to what extent the product’s investments are aligned with the EU Taxonomy.

The ESAs also addressed emerging implementation and supervisory issues. In a letter to the European Commission on 7 January 2021, the ESAs highlighted the priority issues on the draft RTS under the SFDR. The European Commission responded in July 2021 and provided interpretative guidance on a number of the questions highlighted in the ESA letter.

In addition, on 25 February 2021, the Joint Committee published a Joint ESA Supervisory Statement to mitigate the risk of divergent application of the SFDR from 10 March 2021 (SFDR application date) to the application date of the SFDR RTS. The overall objective of the joint supervisory statement is to achieve an effective and consistent application and national supervision of the SFDR, promoting a level playing field and the protection of investors.

The Commission informed the European Parliament and Council in November 2021 that due to the technical complexity of the RTS and the timing of the submission, the bundled February and October RTS would become applicable by 1 January 2023.

Apart from the SFDR-related work, through the Joint Committee, the ESAs coordinated their approach with regard to the membership and governance of the new Sustainability Reporting Pillar of European Financial Reporting Advisory Group (EFRAG). In the letter in July 2021, the ESAs reiterated their strong commitment to contributing to the development of high-quality sustainability reporting standards. They also expressed their preference to remain active observers in the EFRAG governance framework. The ESAs considered that such an observer status is in line with the proposal for a Corporate Sustainability Reporting Directive (CSRD) to require ESMA, and invite the other ESAs, to provide an opinion on the EFRAG draft sustainability reporting standards.

Next steps on the implementation of the Securitisation Framework

With a view to supporting the development of the EU securitisation market, the Joint Committee continued its work to address obstacles in the implementation of the Securitisation Framework and to suggest improvements in the regulatory and supervisory regime to the NCAs and the European Commission.

In particular, the Joint Committee considered the difficulties in ascertaining the jurisdictional scope of application of certain provisions in the Securitisation Regulation if one or more of the securitisation parties are located in a third country. In the joint opinion issued in March 2021, the ESAs examined the EU securitisation requirements which may be applicable to third-country parties, as well as related compliance aspects of a transaction under the Securitisation Regulation. The ESAs also set out their common view on the practical difficulties faced by market participants and recommended that these difficulties should be addressed through interpretative guidance from the European Commission.

In addition, in the report prepared according to Article 44 of the Securitisation Regulation, the ESAs assessed the implementation and the functioning of the Securitisation Regulation. They also provided recommendations on how to address initial inconsistencies and challenges which may affect the overall efficiency of the current securitisation regime. In particular, the report highlighted specific issues related to transparency and due diligence requirements, criteria for STS securitisation and requirements related to supervision of securitisation. The report was meant to provide guidance to the European Commission in the context of its review of the functioning of the Securitisation Regulation. It also includes an analysis of the efficiency of the STS securitisation framework, considering in particular the role that securitisation could play in the economic recovery in the post-COVID-19 period.

In addition, the Joint Committee provided further guidance on the application of the Securitisation Regulation through Q&As. These Q&As clarify in particular: (i) the content and the format of the information of a securitisation transaction that should be disclosed by the originator, sponsor and securitisation special-purpose entity (SSPE); (ii) the transaction documentation of a STS securitisation that should be made publicly available to facilitate investors’ compliance with its due diligence requirements; and (iii) the type of STS certification services that can be provided by third-party verifiers to the securitisation parties. These Q&As were subsequently updated to clarify whether a ‘vendor-financing’ structure can be considered a synthetic securitisation.

Finally, the Joint Committee has initiated work to address the call for advice from the European Commission in October 2021. This call for advice seeks the Joint Committee’s assistance to assess the recent performance of the rules on capital requirements (for banks, and insurance and reinsurance undertakings) and liquidity requirements (for banks) relative to the framework’s original objective of contributing to the sound revival of the EU securitisation market on a prudent basis. The Joint Committee report is scheduled for submission to the European Commission by 1 September 2022.

Contributing to the ESAs’ response to the European Commission’s call for advice on Digital Finance

In 2021 the Joint Committee stepped up its digital-finance-related work, including in the context of the European Commission’s Digital Finance Strategy, with extensive technical discussions on topics such as crypto-assets and digital operational resilience. In addition, the ESAs prepared a comprehensive response to the European Commission’s February 2021 call for advice on digital finance regarding value chains, platformisation and new mixed activity groups. Most notably, the report envisaged possible ways to foster the regulation and supervision of mixed activity groups, among others by enhancing cooperation between financial and other relevant authorities, and potentially by expanding and strengthening the perimeter of consolidation.

The ESAs have been actively involved in the discussions on the legislative proposals for a regulation on markets in crypto-assets (MiCA) and the regulation on digital operational resilience for the financial sector (DORA). In particular, apart from considering technical and resource elements on operational preparations for the proposed supervision and oversight tasks, the chairpersons of the ESAs sent a letter to co-legislators, where the ESAs set out their views on how to most efficiently take forward important aspects of the governance and operational processes of the oversight framework for critical third-party service providers and the application of the proportionality principle in the proposed DORA. Among other things, the ESAs stated that the proposal raised challenges on the practical functioning of the oversight framework, especially the complexity of the governance and decision-making process between the Joint Committee of the ESAs, the Boards of Supervisors of the ESAs and the Oversight Forum.

Adoption of the new list of financial conglomerates

The EFIF continued to bring value in bridging national innovation facilitators (regulatory sandboxes and innovation hubs) on innovation-related issues. EIOPA handed its chairpersonship of this forum over to ESMA in September 2021 and the first ESMA-chaired meeting took place in October 2021.

Under EIOPA’s chairmanship, the EFIF finalised the procedural framework to facilitate cross-border testing in accordance with the mandate set out in the Digital Finance Strategy.

The EFIF members continued to exchange views on the design and development of already established and new innovation facilitators, innovation trends in the financial sector, including the issues of multi-purpose digital platforms facilitating the provision of financial services, RegTech, AI, big data and machine learning; to promote greater coordination and cooperation between innovation facilitators and thus support the scaling up of FinTech across the single market.

Other relevant cross-sectoral Joint Committee work

The Joint Committee finalised the joint final report on the third amendment to the draft ITS on the allocation of credit assessments of ECAIs to an objective scale of credit quality steps in accordance with CRR and Solvency II. This amendment addressed (i) the registration of two new credit rating agencies (CRAs), (ii) the outcome of a monitoring exercise on the adequacy of existing mappings and (iii) the deregistration of a number of CRAs.

The ESAs developed joint Q&A on the Commission Delegated Regulation on bilateral margin requirements under EMIR clarifying different aspects of the bilateral margin regime. The Q&A clarify in particular (i) the relief covered by a partial intragroup exemption from bilateral margin requirements, (ii) the procedure to grant intragroup exemptions from bilateral margin requirements between a financial counterparty and a non-financial counterparty that are based in different Member States and (iii) the exemption regime from bilateral margin requirements for derivatives entered into in relation to covered bonds.

Finally, the Joint Committee discussed the mandate in Article 31a of the ESA Regulations to set up a cross-sectoral system for the exchange of information on the fit and proper assessments. The work continued on the draft guidelines for the exchange of information and on an IT solution consisting of a cross-sectoral CA contact list and a searchable shared database of holders of qualifying holdings, directors and key function holders assessed for fitness and propriety.

The renewal of the Board of Appeal

The Board of Appeal is a joint independent body of the ESAs introduced to effectively protect the rights of parties affected by decisions adopted by the authorities. The ESAs provide administrative support to the Board of Appeal and serves as its Secretariat. As of 1 December 2021, the ESAs renewed 10 members and alternates of the ESAs Board of Appeal. Following the renewal, Mr Michele Siri was elected the new President and Mr Christos Gortsos the new Vice-President of the ESAs’ Board of Appeal.

In 2021, three appeal cases were finalised, one brought against each of the ESAs:

In its decision ‘A’ against ESMA, the Board of Appeal unanimously decided to dismiss the appeal brought by an institution that wishes to stay anonymous as inadmissible. The appeal was in relation to the launch of an investigation into an alleged breach of EU law by an NCA.

In its decision in Howerton against the EBA, the Board of Appeal unanimously decided to dismiss the appeal brought by Mr Howerton against the EBA in relation to an alleged non-application of Union law by eight NCAs as manifestly inadmissible, as the facts described do not seem to involve a subject matter within the remit of the EBA nor of the Board of Appeal.

Finally, the Board of Appeal decided in its decision Societatea de Asigurare-Reasigurare City Insurance SA (City Insurance) against EIOPA that the appeal was inadmissible. The appeal was in relation to a balance sheet review (BSR) exercise of the Romanian insurance sector that is carried out by the Autoritatea de Supraveghere Financiară (ASF) with the support of EIOPA.

Establishing sound and effective governance and good conduct in financial institutions


Fostering supervisory convergence on the remuneration of sales staff

In December 2021 the EBA published a report on the application of its guidelines on the remuneration of sales staff, which has been in force since 2016. The guidelines aim to provide a framework for financial institutions to implement remuneration policies and practices that will improve links between incentives and the fair treatment of consumers. Consumer detriment can happen for example, where sales staff receive a remuneration linked to one or several specific banking products offered or provided to consumers and as a result, they offer or provide those products irrespective of the consumers’ rights and interests. The report assessed how financial institutions apply the guidelines and adapt their remuneration policies and practices to better serve customers.

The EBA’s assessment revealed that financial institutions focus more on prudential requirements and commercial interests than on meeting the interests of consumers. However, the EBA also identified 17 good practices that financial institutions are advised to follow if they want to be certain that they are compliant with the guidelines. For example, it is good practice to apply a ‘gatekeeper provision’, i.e. reduce or forfeit the variable remuneration of sales staff when they acted in a way that was detrimental to the consumer. Another example of a good practice is not to consider sales performance as a determining criterion for the promotion of staff.

Enhancing competent authorities’ understanding of mystery shopping

The EBA also published a report on the mystery shopping activities of NCAs. It collated mystery shopping activities by NCAs to share experiences, learn valuable lessons and identify good practices for the benefit of the EBA and NCAs that use or intend to use mystery shopping in the future.

In 2022, the EBA intends to further to progress with the fulfilment of its mystery shopping mandate. To that effect, early in the year, it will publish a call for tenders to select a company to provide mystery shopping in a number of EU Member States.


The report covers mystery shopping initiatives of NCAs in respect of retail banking products within the scope of action of the EBA’s consumer protection mandate, which are consumer credit, mortgage credit, deposits, payment services, electronic money and payment accounts. It summarises the most common approaches used by NCAs, based on information covering the period from 2015 to 2020. It does so by reviewing three key characteristics of mystery shopping activities: their objective, subject matter and product scope; the methodologies used by NCAs; and the follow-up actions after the mystery shopping was concluded. The report also identifies some lessons learned and sets out good practices, for example common procedural aspects such as organising training for NCAs’ inspection and supervisory staff, identifying target customer profiles and defining agreed ‘rules’ of customers’ behaviour.

Based on this report, in 2021, the EBA also published a methodological guide to mystery shopping addressed to the NCAs. This guide sets out how mystery shopping activities can be carried out in real life and how they can be voluntarily used as a complement to other existing supervisory tools.

Collecting and publishing consumer trends data

In March, the EBA published its biennial Consumer Trends Report (CTR) covering the years of 2020/2021. In line with the previous edition, the CTR describes the trends that the EBA observed for retail banking products and services within its regulatory remit. It also outlines the topical issues that the EBA identified as being relevant to consumers across these products and services and which should therefore be included in the EBA’s consumer protection work in the subsequent years. The issues included irresponsible lending, creditworthiness assessments, digitalisation of services, selling practices and access to bank accounts. In addition, the report covers measures the EBA has taken to mitigate the impact of the COVID-19 pandemic on consumers, as well as actions the EBA has taken to address the topical issues identified in the CTR 2018/2019.

One of the topical issues repeatedly identified in successive CTRs has been the transparency and the level of fees and charges for retail banking products. This will therefore be a key priority for the EBA in 2022.


Executing the EBA action plan on dividend arbitrage trading schemes (‘cum-ex’)

In May 2020, the EBA published a 10-point action plan to enhance the prudential and AML framework applicable to dividend arbitrage trading schemes (‘cum-ex/cum-cum’). The EBA completed the actions set out in the plan with a deadline of the end of 2021. More specifically, the EBA completed the following.

  • Action (i), by publishing in 2 July 2021 revised EBA guidelines on internal governance under the CRD and separately under the IFD, which now take into account the amendments introduced by Directive 2019/878/EU (CRD V) and Directive 2019/2034/EU (IFD) to Directive 2013/36/EU and their effect on institutions’ governance arrangements. In particular, the link between money laundering and terrorism financing risks and prudential risks has been clarified, and a reference to dividend arbitrage schemes has also been included.
  • Action (ii), by publishing on 2 July 2021 revised Joint EBA and ESMA guidelines on the assessment of the suitability of members of the management body and key function holders, which now take into account the amendments introduced by CRD V and the IFD to Directive 2013/36/EU and their effect on the assessment of the suitability of members of the management body. In addition, tax offences, whether committed directly or indirectly, including through unlawful or banned dividend arbitrage schemes, should be considered for the assessment of the reputation, honesty and integrity of the management body’s members.
  • Action (iii), by publishing on 28 June 2021 a Consultation paper on draft revised EBA SREP guidelines, which include the requirement for prudential supervisors to assess in the SREP whether institutions, as part of their code of conduct, have set out principles on, and provided examples of, acceptable and unacceptable behaviours linked to financial misreporting and misconduct, economic and financial crime, whether committed directly or indirectly, including through dividend arbitrage schemes (see Title 5 and paragraph 104(j) of the SREP guidelines for details).
  • Action (iv), by including in the 2020 report on convergence in supervisory practices the topic for supervisory colleges’ attention in 2020 and still engaging with colleges in 2021 to ensure that the topic is explored during supervisory college meetings, as part of their SREP assessment of the internal governance framework (see the section on ‘topical tasks’ requiring the attention of supervisory colleges in 2021 and page 81 of the report).
  • Action (v), by publishing, on 1 March 2021 the revised Final EBA guidelines on AML/CFT risk factors, in which we stress the need for supervisory authorities and financial institutions to enhance their understanding of tax crimes (see guidelines 2.14 and 2.15 for more details).
  • Action (vi), by publishing on 17 March 2021 a consultation paper on draft EBA guidelines on risk-based AML/CFT supervision, which also emphasises the importance for supervisors to develop a good understanding of ML/TF risks associated with tax crimes, which may involve cooperation with tax authorities in their Member State (see guidelines 4.1.4, 4.2.1, 4.2.2 and 4.2.3 for details).
  • Action (vii), by publishing on 3 March 2021 a revised EBA opinion on the ML/TF risks affecting the EU financial system, which, inter alia, identifies, as one of the risks, the differences in the treatment by competent authorities of financial institutions’ involvement in facilitating or handling tax-related crimes (see paragraphs 39-44 of the opinion and paragraphs 32-50 in the associated report).
  • Action (viii), by allocating a specific amount of time to ML/TF risks associated with tax crimes in its staff-led AML/CFT implementation reviews of competent authorities, where this ML/TF risk has been assessed to be significant.
  • Action (ix), by monitoring and intervening in discussions in a sample of the 300+ AML/CFT colleges that competent authorities created in compliance with the 2019 EBA guidelines on Cooperation and Information Exchange.

Following the amendment of the regulatory and supervisory framework as per the above, the EBA will execute action (x) of the plan, which is for the EBA to assess compliance with the amended requirements. In order to give time to financial institutions to make the system and process changes required to comply with the revised framework, several of the aforementioned legal instruments have applications dates will enter into force in 2022. As a result, this final action is likely to commence towards the end of the year.

Addressing the aftermath of COVID-19


Addressing credit risk stemming from the COVID-19 pandemic

In 2020 the EBA focused on mitigating the short-term effects of the pandemic, in order to maintain banks’ ability to provide lending and address short-term liquidity shortages faced by many businesses. The use of the flexibility embedded in the prudential framework was maintained during the subsequent resurgence of the pandemic in 2021, via the reactivation of the guidelines on legislative and non-legislative moratoria. However, after more than a year of crisis conditions, the focus was shifted to managing the transition to its full extent in order to ensure a smooth return to normality. As such, the EBA introduced two additional safeguards when reactivating the guidelines and confirmed their phasing-out at the end of March.

In addition to this management of the immediate consequences of the pandemic, the EBA started its reflections on how to ensure proper recognition of the consequences of the pandemic on banks’ lending books, in particular in the context of credit risk internal models (the internal ratings-based approach). In fact, institutions now have at their disposal some observed risk metrics during the pandemic (i.e. the year 2020 and the entire year of 2021), which should be cautiously analysed in terms of representativeness in order to avoid distorting the risk picture in the medium to long term. The discussions on this matter are still ongoing and will feed into the reflections at an international level in the BCBS forum.

Enhancing depositor protection during the pandemic

In April 2021, the EBA followed up on a survey it had conducted in April 2020 on the potential impact of the pandemic on depositor protection provided by national deposit guarantee schemes (DGSs). The updated survey confirmed that the pandemic itself did not have any adverse effects on depositor protection and confirmed the continued resilience of DGSs.

More specifically, the survey revealed that the pandemic did not significantly increase the workload of the deposit insurers. Most of the competent authorities did not report a higher number of phone calls received by the DGSs from the public, higher supervision of credit institutions or operational challenges stemming from the rise in covered deposits over this period. Most DGSs did not need to take specific measures or refine their compensation method. Some of the DGSs even took into account the pandemic when stress testing their respective capability to repay depositors in due time. Half of the respondents also specified that the administrative burden on credit institutions was relieved in order to let them focus on clients’ queries.

Monitoring and assessing the evolution of exposures under support measures

The pandemic caused a series of challenges to the banking industry. Some of these included operational hurdles and increased demand for liquidity. They were added to the increased uncertainty due to blurred macroeconomic projections. As a result, banks needed to take on decisions, like their customers’ viability, with very limited visibility on macroeconomic expectations.

While fiscal and monetary support measures were vital in absorbing the bulk of the macroeconomic shock, supervisory and regulatory flexibility helped banks to have the necessary time and space to address the challenges with which they were faced and maintain lending flow to the real economy.

Authorities put forward two major support programmes to support businesses and households struggling with low liquidity due to the pandemic. Moratoria on loan repayments and public guaranteed schemes (PGS) were mainly used by SMEs and residential mortgage borrowers. The total volume of loans that benefited from some sort of EBA-eligible moratoria on loan repayment reached nearly EUR 900 bn, while at the same time, banks reported more than EUR 370 bn of loans backed by PGS.

The EBA has been monitoring the evolution and assessing the asset quality of these loans on a regular basis. In addition, in order to keep market participants informed, as of the third quarter of 2020 the EBA introduced regular reporting of these metrics through its quarterly Risk Dashboard. This complemented the published list of PGS and moratoria.

The volume of loans with active EBA-eligible moratoria was residual at the end of 2021, (around EUR 10 bn), while banks still report around EUR 700 bn of loans with expired EBA-eligible moratoria. The asset quality of these is markedly lower compared to total loans. For example, around 25% of these loans are classified as stage 2 loans and more than 5% as NPLs.

A similar deteriorated asset quality is observed in the loans backed by PGS. EU banks reported EUR 373bn loans subject to PGS at the end of 2021. As of the end of the year, around 20% of them were classified as Stage 2, and their NPL ratio, was above total average (3.1%), with an increasing trend.

Although a lower asset quality is expected to some extent, as these support measures were used by borrowers affected the most by the pandemic, the vulnerabilities in these portfolios remain a concern.



Chair of the EBA’s Banking Stakeholders Group




The Banking Stakeholder Group (BSG) plays a key role in facilitating consultation with our stakeholders in all the areas relevant to the tasks of the EBA. As Chair of the BSG, can you please talk us through how the BSG contributes to the EBA’s work?

The BSG is officially designated as the EBA’s advisory group in Article 37 and Recital 48 of the Authority’s Founding Regulation. Its role is to help facilitate consultation with stakeholders in areas relevant to the EBA tasks, according to the Rules of Procedure of the BSG.

It is composed of thirty members from six constituencies: credit institutions, consumers, academics, users of banking services, employees of credit institutions, and small and medium-sized enterprises. The diversity of the group’s composition is a key asset to achieve multidisciplinary and rich outputs from different perspectives. Such diversity provides a unique and balanced perspective, to ensure regulation is adapted to the needs of all stakeholders involved, in order to achieve financial stability, consumer protection and to respond to emerging matters that could impact the EU financial system.

The BSG has been very proactive in providing strategic and technical advice to support the EBA in achieving its mission and goal. From the beginning of 2020 till April 2022, eight technical working groups (TWGs) have been active in producing 32 opinion papers and responding to consultations. I would also like to mention the exceptional work stream imposed by the COVID-19 crisis and currently by the war in Ukraine. The BSG has also been active in organising three workshops: one on financial inclusion and two on Basel 3 implementation.

Which are the key areas or topics that you focused on in 2021? Looking forward, which are the priority topics that rank high in your agenda?

In 2021, the BSG aligned its work plan to the following six EBA strategic priorities:

Risk reduction package and effective resolution tools

EU-wide EBA stress testing framework

Integrated EU data hub for performing flexible and comprehensive analysis

Financial innovation and operational resilience

AML/CFT infrastructure

Policies for factoring and managing ESG risks

It also worked on the following two horizontal priorities:

  • A culture of sound and effective governance and good conduct in financial institutions
  • The aftermath of COVID-19.

And on the emerging challenge: the war in Ukraine.

The BSG work plan is summarized in this table

Working Groups Mission
Monitoring and – when decided – drafting a BSG response on all consultations or discussion papers launched by the EBA related to capital, liquidity, other types of risk management in banks and topics related to the BRRD (Bank Recovery and Resolution Directive) as well as associated systemic issues.
2- SUPERVISION, GOVERNANCE, ACCOUNTING, REPORTING AND DISCLOSURE To review the EBA consultation papers regarding banking supervision (Supervisory Examination Programs - SEP -, colleges of supervisors, inspections, authorisations, sanctions, Options and Discretions, transparency, etc.), internal governance of banks and disclosure requirements.
3- CONSUMER PROTECTION Advising EBA on the preparation,implementation and enforcement of legislation or policy initiatives affecting the users of financial services and to proactively identify key issues affecting users of financial services,within the remit of the EBA.
4- PAYMENTS, DIGITAL, FINTECH AND REGTECH Analysing andreviewing the EBA consultation papers dealing with financial technology and innovations,especialy in the payments area, and drafting responses and/or opinions. The WG may also elaborate own initiative position notes on related topics, subject to the approval of the BSG.
5- SUSTAINABLE FINANCE Advice the EBA in planned and potential new activities.
6- AML/CFT Advice the EBA in planned and potential new activities according to new mandate.
7- POST COVID-19 RECOVERY Advice EBA in activities related to COVID-19 recovery.
8- BBM/PoP Assist EBA’s Advisory Committee on PoP.


In 2021, we provided advice and opinions on sustainable finance, covid 19 recovery, resolution and recovery, AML-CFT, de-risking, consumer protection, non-bank lending, digitalisation, SREP. All BSG publications are available on the EBA website.

The priorities for 2022 remain the same. I would like to emphasise the emerging risks such as cyber security, geopolitical and the transition risks brought about by the geopolitical uncertainties, war and conflicts and the energy crisis. These risks must be carefully monitored, and appropriate responses will have to be provided in due time. Also due to these unprecedented challenges, the frequency of the BSG responses and opinions is expected to increase because of the ongoing geopolitical challenges.

In your capacity as Chair of the BSG, and considering the different composition of the Group, how do you make sure that your advice and opinions reflect the many voices and stances within the BSG?

I would like to recall the Amended art. 37 EBA Regulation:

“The Banking Stakeholder Group shall be composed of 30 members, 13 members representing in balanced proportions credit and investment institutions operating in the Union, three of whom shall represent cooperative and savings banks, 13 members representing their employees’ representatives, consumers, users of banking services and representatives of SMEs and four of its members shall be independent top-ranking academics.”

The BSG is diverse with a relatively balanced composition between the different constituencies as stipulated by the amended EBA Regulation. However, the number of academics has been reduced to four, compared to the previous BSG composition, which operated with nine academics. Despite this weakness, which we flagged in a BSG letter published in 2020, we tried to structure the eight balanced TWGs with leadership from 2 members of different constituencies to ensure all positions are reflected and the composition of the TWGs includes members from different groups. In addition, there is a consultation process with all members of the BSG to allow each and every member to reflect his/her position.

On the organisation of the BSG work, in 2021 we had nine online meetings with the coordinators of the TWG and nine online meetings with the EBA coordinating team. The aim of these meetings was to assess the progress of the TWG, agree on the key topics for the 2021 BSG and joint BSG-BoS meetings, to inform about the key updates, and to better target and align the BSG advice and opinion to the work plan of the EBA.

Figure 20: BSG outputs in 2021


Enhancing the efficiency and effectiveness of the EBA


Communicating and promoting the EBA’s work

In 2021, the EBA continued to carry out communication activities aimed at informing different categories of stakeholders about its work on key topics such as sustainable finance and ESG risks, digital finance, integrated reporting, financial education and consumer protection. The EBA also continued to monitor the application of the relief measures related to the COVID-19 pandemic.

Throughout the year, the EBA published 207 press releases and news items, promoted the EBA’s work in the press and media, conducted 93 interviews and briefings with the press and responded to 856 queries via email.

The team also coordinated and supported the production of high-level publications, including the 2020 Annual Report, the study of the cost of compliance with supervisory reporting requirements, the report on the use of digital platforms, the Basel III monitoring report, the IFRS 9 monitoring report, the RAR and the report on integrated reporting.

To reach a wider public, the EBA produced fact sheets and infographics on ESG disclosures, ESG risk management and supervision, integrated reporting, RegTech, digital platforms and EUCLID.

Other important activities in 2021 were the EU-wide transparency exercise and the EU-wide stress test. The latter, which was launched in January and its results disclosed in July, was actively promoted with many print and broadcast EU media outlets, and with an interview given by the EBA Chairperson to Bloomberg and Bloomberg TV. The results of the transparency exercise were published in December and also received considerable press coverage.

Since remote working continued to be the norm for most of 2021, the Communication Team carried out internal communication campaigns and activities to keep the staff informed on the developments of the COVID-19-related measures by the French Government as well as at EU level.


In 2021, the EBA celebrated its 10th anniversary, and the Communication Team organised several initiatives to commemorate this important milestone.

To comply with the legal obligation and the EBA Management Board decision to translate all final guidelines into all EU official languages, 15 sets of guidelines were translated. In addition, 111 final EBA publications were proofread or edited.

The EBA’s social media strategy has led to increased visibility, with the accounts reaching and surpassing 15 600 followers on Twitter and 81 000 on LinkedIn. The Communication Team adopted a more interactive approach, exploiting all the available tools that could help elevate the day-to-day content, by making it more engaging and eye-catching for the audience. Informative videos, scrolling infographics and factsheets were among the key materials used to promote EBA events and publications. This approach was successful with the engagement levels rising remarkably and reaching some of the highest numbers recorded in the EBA social media history. The best performing tweet in 2021 on the results of the EU-wide stress test had more than 55 000 impressions and 750 interactions.

Implementing the EBA collaboration platform

The EBA Collaboration Platform Program, launched back in 2020, reached its final implementation phase, and is intended to be completed in early 2022. The objective of the program is to enable the EBA to operate and collaborate internally and with external stakeholders through digital solutions that are future-proofed, secure, easy to use, highly efficient and effective.

The solution facilitates internal and external cooperation and collaboration and enables secure and quick information exchanges. It provides voice, video, chat and conferencing, and enables joint collaboration on documents, document co-drafting and co-authoring, secure content sharing/search and collaborative workspaces. The EBA users can work seamlessly within the EBA office and outside of it, enabled by devices, tools and services, to communicate, share and collaborate with colleagues and counterparts.

During 2021, key features were released, such as Exchange hybrid (preparing the path to Exchange Online), the M365 Apps for Enterprise and OneDrive, in line with security and data protection requirements. Internal workflows were delivered along with feasibility studies to enable the convergence of EBA legacy applications (Colleges and the EBA extranet) to a unified platform that will allow secure internal and external collaboration.

The EBA on the journey to the cloud

In 2021, the EBA reached some significant milestones in the roadmap to a secure and cost-efficient IT cloud infrastructure. The journey started with the EBA IT strategy, which established a clear direction towards the cloud. This was followed by the EBA cloud risk assessment, which presented a list of key risks and summarised the recommendations and high-level mitigation strategies that should be used to address these risks. The strategy of the journey to the cloud was further elaborated in the EBA cloud strategy, adopted also in 2021. The cloud strategy provided the implementation roadmap and a technically informed framework for cloud adoption, risk management, operations and governance.

In parallel, the EBA implemented a cloud-based unified identity solution currently in use for all EBA platform-related systems and EBA external applications. The authentication mechanism was upgraded from the previous hard token to a new soft token solution and all users were migrated as of November 2021. The EBA will continue its journey in 2022, with the cloudification programme, aiming to transition from the current CANCOM community cloud provider to CLOUD II public cloud. The programme, along with EUCLID, is a key investment for 2022.

Strengthening ethics and compliance within the EBA

The Risk and Compliance team established in January 2021 within the Legal and Compliance Unit brought together the functions of ethics, data protection, risk management and anti-fraud, and access to documents. This has sharpened the focus on these crucial topics and significantly increased the level of staff dedicated to these topics, with further support from external resources.

In 2021, in addition to managing day-to-day tasks, reviews and enhancements to the ethics, data protection and risk management frameworks were prioritised. Key achievements in 2021 include:

  1. a significant increase in communications and awareness-raising activities to improve the EBA-wide understanding of ethics and data protection requirements in particular;
  2. review and development of an ethics training programme, with first ‘live’ courses taking place presently, and online courses in development for roll-out by mid-2022;
  3. launch of first EBA-wide ethics survey to gauge the views of EBA staff on all ethics-related activities with a view to identifying opportunities for improvement;
  4. completion of the first stage in digitising the conflict of assessment process pending an IT project which should be completed in the second quarter of 2022, which will fully digitise ethics processes;
  5. award of a framework contract for external data protection advice which should enable a step change in the data protection work to be carried out from 2022 onwards, by making additional resources available to both the Risk and Compliance team and to data controllers across business areas;
  6. a data protection risk assessment to ensure EBA-wide understanding of data protection risks and inform priority areas for data protection work;
  7. development of the EBA’s first three data protection impact assessments;
  8. initial steps in developing and implementing an enterprise risk management (ERM) framework to establish a more mature risk management function in 2022.

Disseminating research with a dedicated workshop, staff papers and seminars

In the context of its research activities, the EBA organised events, seminars and workshops and published staff papers throughout the year. The EBA Policy Research Workshop is an annual event bringing together economists and researchers from supervisory authorities and central banks, as well as leading academics, to discuss developments in the banking sector to identify future challenges for banks and their regulators. In 2021, the key topic of the discussion was the future of the banking sector in the “new normal” that is emerging from the COVID-19 pandemic, with more than 350 registered participants attending the virtual event.

The Staff Paper Series (SPS) provides a platform for EBA staff to disseminate research and thematic analyses to the wider public. In 2021, four papers were published on a wide variety of topics: The application of the IRB supervisory formulas; Window dressing in the G-SIB framework with evidences from EU banks; Testing the capacity of the EU banking sector to finance the transition to a sustainable economy; Stress scenarios for capitalising non-modellable risk factors under the FRTB. Finally, regular internal seminars featuring external speakers are organised on a monthly basis for EBA staff. The aim is to promote discussion on regulatory and supervisory topics, to enhance the EBA staff knowledge and skills and to contribute to improving the process or regulatory policymaking.

Monitoring and fostering supervisory independence

Since January 2020 the EBA is obliged to foster and monitor supervisory independence.

Independence is key to ensuring that fair, effective and transparent decisions are taken by appropriately resourced competent authorities.

In 2021 the EBA carried out work to determine how, and the extent to which, key aspects of supervisory independence have been incorporated into the governance and activities of CAs within the EBA’s scope of action.

In October 2021, the EBA published the sectoral report on supervisory independence, taking into account 82 submissions from CAs on the basis of a survey closely aligned with a similar questionnaire from the International Organization of Securities Commissions (IOSCO). The EBA survey also included specific resolution and deposit guarantee scheme issues. Taking into account existing requirements in Union sectoral legislation and international standards on supervisory independence, the EBA report was organised around four principles of supervisory independence:

  1. operational independence;
  2. financial independence;
  3. personal independence and accountability;
  4. transparency.

The report found that competent authorities consider themselves:

  1. independent authorities;
  2. operating independently on a day-to-day basis;
  3. with sufficient financial and personal independence;
  4. a suitable framework for ensuring accountability and transparency.

However, the precise approach and framework reported by competent authorities varied, for example in relation to the links to ministries, ability to hire necessary staff, funding models, management of conflicts of interest and cooling-off periods.

The report provides the EBA with valuable information which it will consider in future work in this field and was submitted to the Commission as the EBA’s contribution to the Commission’s own report on supervisory convergence that it is preparing as part of the current ESAs Review.


Celebrating 10 years of EBA achievements


The year 2021 marked an important milestone for the EBA, which celebrated its 10 years of activity. For this special anniversary, the EBA organised several internal and external initiatives.

To kick-off the celebrations, the EBA produced a short video that condensed in three minutes its main achievements over the past decade. []

Throughout the year, the press office organised 15 interviews in 13 EU countries: Belgium, Cyprus, the Czech Republic, Denmark, France, Finland, Germany, Greece, Italy, the Netherlands, Portugal, Slovenia, Spain and. Reaching out locally helped to build synergies with domestic media, which in turn lead to increased visibility of the EBA and its work.

In early 2021, the EBA also organized its high-level conference EBA@10, which took place in a hybrid format on 26 October. The event brought together stakeholders from all over the European Union and beyond to reflect together on the progress made over the last 10 years on EU banking and financial integration, as well as to look at the EBA challenges and opportunities that lie ahead. The event took place at Les Jardins de Saint-Dominique in Paris as well as remotely and via live streaming. The hybrid mode enabled the participation of more than 100 people physically, more than 600 connected via conference call and over 1 200 watched the live-streamed event. The event was also widely promoted on social media and the best performing tweet reached more than 28 000 impressions and 550 engagements. Recordings of the conference are available on the EBA website.



The EBA’s 10th anniversary was also celebrated internally through a series of testimonials from colleagues who joined the EBA when the Authority was established, or during the first years of its existence. It was a nice way to connect with the staff and to share memories of the early stages of the Authority.

In addition, the EBA also organised a series of inspirational talks with prominent European and international speakers, including:

Jaime Caruana, who served as the General Manager of the Bank for International Settlements and as Governor of the Bank of Spain, spoke about ‘a long term perspective on banking supervision’;

Elizabeth McCaul, currently a member of the Supervisory Board of the European Central Bank, who previously served as Superintendent of Banks for the State of New York, the head of the New York State Banking Department, and who held several senior executive positions at Promontory Financial Group, an IBM company, who talked about the current challenges in banking supervision and her experience as a senior executive in the private and public sector on both sides of the Atlantic;

Emer Cooke, Executive Director of the European Medicines Agency, who discussed the impact of Brexit on the EU Agencies – particularly on the European Medicines Agency (EMA) and the EBA – and the role of the EMA in the COVID-19 pandemic.





Monitoring and updating the prudential framework for supervision and resolution

Preparing the implementation of CRD VI – CRR III

On 27 October 2021, the European Commission adopted the review of the EU banking package, which incorporates the final provision of the Basel III agreement in the EU regulation. The review builds on the EBA call for advice published on 5 August 2019. As such, it tackles a number of areas of the framework, including credit, market and operational risk in addition to other elements, such as a general promotion of the ESG disclosure framework. It is therefore a key milestone in strengthening the banking sector’s resilience to economic shocks.

The review of the banking package will be substantiated by a number of binding technical standards and guidelines, which will have to be developed in a short period of time following final adoption. In this context, the EBA stands ready to support the upcoming political negotiations by providing targeted technical advice. It will evaluate the proposal items on which the technical reflections can begin, to build a road map for the timely adoption of the technical standards.

Finalising the framework for the interest rate risk in the banking book

Following the public consultation period ending on 4 April 2022, the EBA intends to publish the guidelines on IRRBB and CSRBB, the draft RTS on the IRRBB standardised approach and the draft RTS on IRRBB supervisory outlier tests in 2022. These draft RTS and guidelines are being developed based on Articles 84(5), 84(6) and 98(5a) of the CRD.

The guidelines on IRRBB and CSRBB will replace the current guidelines on technical aspects of the management of interest rate risk arising from non-trading activities under the supervisory review process published in 2018. The updated guidelines provide continuity to the current ones and include new aspects of the mandate. In particular, they specify the criteria to identify non-satisfactory internal models for IRRBB management and identify specific criteria to assess and monitor CSRBB.

The RTS on the IRRBB standardised approach specify the methodology for the evaluation of IRRBB from the perspective of the economic value of equity and the net interest income if a competent authority decides to apply it in view of a non-satisfactory IRRBB internal system. They will also provide a simplified approach for smaller and non-complex institutions.

The RTS on IRRBB supervisory outlier tests specify the supervisory shock scenarios as well as the criteria to evaluate if there is a large decline in the net interest income or in the economic value of equity that could trigger supervisory measures.

Providing transparency on the implementation of the EBA opinion on legacy instruments

In 2020 the EBA issued an opinion to clarify the prudential treatment of these ‘legacy instruments’ after the ending of the CRR grandfathering rules in December 2021. In this opinion, the EBA explained the ‘infection risk’ stemming from these instruments and further envisaged two main options: (i) to call, redeem, repurchase or buy back the relevant instrument; (ii) to amend the terms and conditions. Under strict conditions and to a limited extant, the EBA also considered a third, ‘last resort’ option. In the course of 2021, to ensure consistent implementation, the competent authorities, in close cooperation with the EBA, worked with the institutions under their direct supervisory remit to identify the possible infection risk and discussed the way forward based on the EBA opinion. The implementation was finalised in the vast majority of the EU jurisdictions and a significant number of instruments were resolved in 2021 through either option (i) or (ii). In a few cases the last resort option was implemented or the infection risk was addressed through the transposition of Article 48(7) of the BRRD. Finally, for a limited number of instruments, actions are still under consideration.

The monitoring exercise of the legacy instruments will be finalised in course of 2022 and the main observations will be conveyed in the second half of this year. Going forward the EBA expects that institutions and competent authorities would consistently apply the guidance and principles of the EBA’s opinion for identifying potential issues and develop the appropriate actions for addressing risks stemming from a new generation of legacy instruments with reference to the grandfathering introduced with the CRR II.

Providing input to the Commission’s call for advice on the review of the macroprudential framework

The European Commission has launched a review of the macroprudential framework, which is defined in the CRR and the CRD. The Commission intends to gather views on the functioning of the current framework via a public consultation and specifically addressed the EBA to provide its views and to propose any changes that are deemed required.

The COVID-19 pandemic presented the first use case of the macroprudential framework. However, it did not result in a comprehensive test of the framework, due to significant public support measures, which allowed banks to continue their lending function and to further strengthen their capital positions during the crisis period. Despite that, some evidence could be gathered, and some lessons have been learned since the inception of the macroprudential framework that can inform targeted changes to the framework. The aim of these targeted changes is to simplify the procedures around some of the existing macroprudential tools and to increase harmonisation for others, which should lead to a better functioning of the Single Market.

The EBA’s assessment and proposals focus on four aspects of the macroprudential framework:

  • the overall design and use of the buffer framework and its ability to prevent and mitigate financial stability risks and to reduce the pro-cyclicality of the financial system;
  • the toolset in the current macroprudential framework and an assessment on whether or not there are any tools that are missing or that have or may soon become obsolete;
  • the trade-off between national decision-making (the macroprudential framework relies on national authorities to make use of macroprudential tools) and a well-functioning internal market; and
  • the suitability of macroprudential tools to prevent and mitigate financial stability risks arising from new global risks, such as those associated with climate change, new global providers of financial services, cybersecurity and crypto-assets.

Assessing the current legal framework for payment services and electronic money

In October 2021, the EU Commission sent a request to the EBA to collect evidence on the application and impact of PSD2, including evidence on benefits and challenges that have arisen for the different stakeholders, and for the EBA to identify areas where amendments to the PSD2 are needed. The scope of the request to the EBA is very comprehensive and covers 28 questions spread across 9 different sections. These cover, inter alia, topics related to the following:

  • the potential need for amendment of the prudential requirements under PSD2;
  • whether there is a need for merging PSD2 and the Electronic Money Directive;
  • whether there is merit in introducing consolidated group supervision under PSD2;
  • potential shortcomings the EBA may have identified in the enforcement of PSD2; and
  • whether introducing a sanction regime for PSPs will contribute to the better application of the Directive.

The EBA is aiming to publish a response within the set deadline of 30 June 2022.

Strengthening the framework for raising contributions to deposit guarantee schemes

The EBA is conducting the second review of the guidelines on methods for calculating contributions to Deposit Guarantee Schemes. The EBA published the guidelines in 2015 and conducted the first review in 2017. The Deposit Guarantee Scheme Directive requires a review of the guidelines every five years. The aim of the review is to assess whether the risk-based method outlined in the guidelines provides adequate risk-differentiation between institutions. Furthermore, it aims to assess the balance between consistent application of the guidelines across the Member States and flexibility to cater to national specificities. It also aims to identify practical issues or obstacles in the application of the current framework. The EBA envisages issuing a consultation paper with proposed amendments in the second quarter of 2022.

Monitoring MREL build-up and enhancing convergence in recovery and resolution planning practices

The build-up of the MREL and TLAC by institutions was also an area that CAs worked on in 2021 and engaged with resolution authorities (RAs) to understand whether all resolution entities of G-SIIs were compliant with the intermediary target of TLAC and have plans in place to meet end-state MREL/TLAC requirements. While more CAs reported that they either do not have resolution entities of G-SIIs in their jurisdiction, or that the resolution strategy of local SNCIs was liquidation, the CAs for which the item was relevant have dealt with it mostly on a risk-based approach and liaised with their respective RA counterparts as well as with the institution. The capacity of banks with an MREL deficit to meet the intermediary targets was evaluated in cooperation with the RA. Overall, MREL plans were considered to be realistic.

In addition, the new EBA guidelines on recovery plan indicators will include requirements for additional indicator types such as MREL and liquidity position, along with more detailed guidance on the calibration of regulatory capital and liquidity indicators.

Finalising the SREP for investment firms

In November 2021 the EBA and ESMA launched a public consultation on their draft Joint guidelines on common procedures and methodologies for the supervisory review and evaluation process (SREP). The public consultation ended on 18 February 2022. The EBA and ESMA are now in the process of reviewing the responses received by the industry and expect to publish the final joint guidelines by July 2022.

The development of a specific framework for the SREP of the investment firms follows the introduction of a more tailored prudential regime defined in Regulation (EU) 2019/2033 (IFR) and Directive 2019/2034 (IFD).

Monitoring remuneration and diversity while enhancing data gathering

To improve the monitoring of market developments in the area of governance and remuneration, and following the amendments to the remuneration framework by CRD V and the IFD, the EBA will issue updated guidelines on the benchmarking of remuneration practices that will include additional data collection to benchmark the gender pay gap and application of the newly provided derogations on the requirements to pay out a part of the variable remuneration in instruments and under deferral arrangements. The EBA will conduct two separate benchmarking exercises, one for investment firms and one for institutions. The latter will include the monitoring of institutions’ practices on approving higher ratios between the variable and fixed remuneration of up to 200%. Moreover, the EBA will collect data on staff members that receive remuneration of EUR 1 million or above – high earners – separately for institutions and investment firms.

In this context, the EBA updated the guidelines to provide more clarity on the data to be reported and to ensure the high quality of data, which is critical for the validity of the derived benchmarks.

In 2022 a new diversity benchmarking exercise will be conducted that will include the benchmarking of the unadjusted gender pay between the different genders in the management body. The diverse composition of the management body will be analysed with regard to their gender, age, geographical provenance and educational and professional background. The EBA will again look at the implementation of diversity policies and the supervisory actions taken to ensure that all institutions adopt the required policies. The last report found that in 2018, over 40% of institutions had not adopted the required policies. The EBA aims to issue guidelines on a regular diversity data-benchmarking exercise in 2023.


Consolidating the intermediate parent undertaking framework

In order to implement the reporting requirement from competent authorities to the EBA set out in Article 21b(6) CRD, and to operationalise the methodology laid down in the EBA guidelines on the threshold monitoring for the establishment of the IPU, the EBA developed ad hoc templates in 2021. Based on such templates, in 2022, the EBA will collect from competent authorities the total value of assets of TCGs operating in the EU. According to Article 21b(6) and 47(2) CRD, EU entities of TCGs have to monitor such values against the EUR 40 bn threshold that, if exceeded, determines the establishment of an IPU. The total asset amount of the EU entities of the TCG also have to be reported annually to the EBA along with information on the establishment and the activities authorised to be carried out in the TCB of third-country credit institutions and investment firms. The EBA is required to publish a list of all TCGs operating in the EU, the IPU (where established) and the TCBs. This will enhance the supervision and transparency on TCGs operating in the EU.

As part of the focus on TCGs, the EBA will undertake a comprehensive analysis of the regulatory and supervisory approaches laid down in various parts of the EU legal framework, e.g. CRD, MiFID, IFR and IFD, to assess its overall comprehensiveness, internal consistency and adequacy to respond to balancing openness of the EU financial market with prudential concerns.

Contributing to the development of the securitisation framework

Delivering mandates of the capital markets recovery package and contributing to the European Commission’s review of the securitisation framework

The EBA will deliver the final drafts of the technical standards that were under consultation in the second half of 2021 to the European Commission in the first half of 2022. Namely, the RTS on risk retention, the ITS on the mapping of ECAIs credit assessment for securitisation positions, and the RTS on triggers for switching the amortisation system in STS synthetic securitisation (see Section 1.5).

In accordance with Article 31 of the Securitisation Regulation, the ESRB in collaboration with the EBA will publish a report on the financial stability implications of securitisation markets in the first part of 2022. The report will be produced in view of the ESRB’s responsibility for macroprudential oversight of the EU securitisation market, and it will be the ESRB’s first report of this kind.

In addition, the EBA has been mandated to develop a number of other technical standards and guidelines under the capital markets recovery package.

The EBA will continue working on the development of a consultation paper on a draft RTS to specify how an originator in a synthetic securitisation shall determine the exposure value of synthetic excess spread. The EBA aims to carry out a public consultation before the summer of 2022 and expects to submit the RTS to the European Commission in the third quarter of 2022.

The EBA will work on the development of technical standards on the homogeneity of the assets in on-balance-sheet synthetic securitisation as mandated by the Capital Markets Recovery Package. The RTS will specify which underlying exposures are deemed to be homogeneous as per the simplicity requirements for STS on-balance-sheet securitisations. It aims to carry out a public consultation throughout 2022 and expects to submit the RTS to the European Commission by March 2023.

In parallel, the EBA plans to develop guidelines and recommendations on the harmonised interpretation and application of the STS requirements for on-balance-sheet securitisations. The main objective of the guidelines is to ensure a common understanding and consistent application of the STS criteria for on-balance-sheet securitisations. Following a public consultation at the end of 2022, these guidelines are expected to be finalised and published by mid-2023.

Developing the Joint Committee’s response to the European Commission’s call for advice on the review of the securitisation prudential framework

In October 2021, the Joint Committee of the ESAs received a call for advice (CfA) from the European Commission about the review of the securitisation prudential framework. This advice is crucial in the context of the Commission CMU action plan, where a proportionate and risk-sensitive prudential framework is a central component to allow securitisation to revive in a prudent manner.

This CfA has two main parts. The first part, which is addressed to the EBA, tackles the capital requirements for securitisations and the treatment of securitisation in the liquidity framework by banks. The second part, which is addressed to EIOPA, focuses on the capital treatment of securitisation in Solvency II for insurance.

The EBA is therefore currently assessing how the securitisation capital framework and the liquidity legislative framework have performed in the past years relatively to their stated prudential purpose, and how they have managed to revive the securitisation market on a prudent basis.

Taking into account findings from the EU securitisation market assessment, the EBA will advise the Commission on the appropriateness of the securitisation capital framework, focusing on the provisions setting the key parameters for the risk-weighted exposures calculation for positions in securitisation and, in particular, those that have been introduced to address the shortcomings of Basel II.


Revisiting and strengthening the EU-wide stress testing framework

Preparing for the 2023 EBA EU-wide stress test

Following last year’s exercise, the next EU-wide stress test in 2023 is already casting its shadows ahead. As in previous cycles, the EBA launched a process to collect lessons learned from the supervisory community shortly after the conclusion of the 2021 exercise and also held a workshop with participating banks to gather feedback from the industry. The feedback received helps to continuously improve the EU-wide stress test from cycle to cycle.

A similar process is envisaged following the consultation of the draft 2023 EU-wide stress test methodology and templates, at the beginning of summer 2022. The aim is to finalise the methodology in the fourth quarter of 2022. As in previous years, the templates would be tested with banks participating in the exercise before the launch of the exercise.

Revision of the EBA EU-wide stress test methodology

As part of this regular review, areas for simplifying the methodology and streamlining of the templates have been identified, and will be addressed going forward. This also includes the incorporation of relevant FAQs from the 2021 exercise, the adaptation of the framework for regulatory changes, such as the phasing-out of COVID-19 support measures, as well as the targeted review of methodological constraints. Overall, this process aims to improve the relevance and increase the efficiency of the EU-wide stress test, while keeping the methodology as stable as possible.

For the 2023 exercise the EBA is considering introducing some targeted changes to the stress testing approach. First, the EBA is considering the enlargement of the sample to include a broader risk coverage at the EU level and a wider geographical representation. Second, the EBA is investigating the gradual introduction of a hybrid framework in which top-down and bottom-up methods applied to different risk areas would coexist. Such a framework would still rely on banks’ projections, but it would increase efficiency for both banks and supervisors by lowering the reporting burden and reducing quality assurance, as fewer projections by banks would be needed.



Exploring how to embed climate risk into the stress test framework

In the last couple of years, the European Commission has been amending banking regulation to guarantee a smooth transition towards a low-carbon economy through a more sustainable banking sector (see Sections 6 and 17 of this report). Supervisory stress testing, which is a key tool to assess banks’ vulnerabilities, must also be adapted accordingly.

As a first step, in 2020, the EBA launched an EU-wide pilot exercise on climate risk (refer to this section for more information), representing the first EU-wide assessment on climate-related risks. Considering that tools and data for climate risk assessment were at the early stage, the pilot exercise represented a great step forward towards the design of a fully-fledged climate risk stress test. Other initiatives on climate risk stress tests, run by supervisors and central banks as learning exercises, have also been finalised, while some are ongoing.

One of the priorities for the EBA in 2022 will be to discuss how to best include climate risk in a stress test framework in light of the proposed mandates outlined by the European Commission in its renewed strategy on sustainable finance published in 2021 and then translated into the draft CRD VI text.

One of the proposed mandates refers to the EBA’s role to perform a regular climate risk stress test. In addition, a coordinated exercise together with EIOPA, ESMA and the ECB should be carried out to assess the resilience of the financial sector in line with the ‘Fit for 55’ package. Finally, the strategy includes mandates for the EBA to issue guidelines for banks and supervisors on ESG stress testing.

Going forward, the results of the EBA pilot exercise and the outcome of other initiatives run by other supervisors will further inform this process and will help to calibrate the level of ambition of an EBA climate risk stress test in the future.


Banking and financial data: leveraging EUCLID

Enhancing the EBA’s analytical capacities

Continuing the journey towards a data-driven organisation

Data plays a key role in the EBA’s activities, which include producing an evidence-based rulebook, performing impact assessments and risk analyses and developing a harmonised and proportionate supervisory reporting system for banks and other financial entities, among others. Consequently, as a data-based and insight-driven institution, the EBA has incorporated data and analytics as a key element in its 2021 strategic areas, strengthening EBA’s goal to become an integrated European data hub, leveraging the enhanced technical capability for performing flexible and comprehensive analyses.

Over the past 10 years, the EBA has been using and receiving a wealth of data. Namely, with the completion of EUCLID in early 2021, it now gathers the full spectrum of the EBA’s defined regulatory reporting covering all financial entities. EUCLID collects periodic data for:

  • supervisory and resolution reporting from 5 000 banks;
  • prudential reporting from 2 800 investment firms (go-live in 2022); and
  • payment data from 2 700 payment institutions.

The EBA is also closely involved in several EU-wide initiatives to further improve the quality and availability of financial reporting and data (the EU’s supervisory data strategy, integrated reporting, cost of reporting, use of Legal Entity Identifier (LEI), European Single Access Point, etc.).

For efficiency across the organisation while focusing on data, the EBA needs to step up its role as a data-driven agency. Its ambition is to become a data hub providing data and analytics services to internal and external stakeholders. With these objectives in mind, at the end of 2021, the EBA started to implement a comprehensive data strategy that is supported by its large ecosystem of external stakeholders and is fully aligned with its mandates and strategic objectives (see the EBA 2021 Annual Work Programme). This is a multi-year project that is to be delivered in five years (3+2) after which it will be reassessed, reviewed and improved.

Several benefits to the EBA are expected: it will allow the EBA to achieve its mandated objectives effectively and to enhance its capability to monitor the status of the financial system; furthermore, defining a data strategy will help the EBA to communicate its activities more clearly to external stakeholders.

Exploring new data collection

The purpose of supervisory disclosure is to enable a meaningful comparison of the approaches adopted by the competent authorities and the Member States. The EBA intends to enhance transparency of the prudential requirements for investment firms across all Member States. In June 2021, the EBA published the final draft ITS on supervisory information to be disclosed by competent authorities for investment firms in accordance with Article 57(4) of Directive (EU) 2019/2034 (IFD). These final draft ITS cover different areas, including templates for competent authorities to disclose texts of laws, regulations, administrative rules, information on exercise of the options and discretions, general criteria and methodologies used for the SREP and aggregate statistical data on key aspects of the implementation of the prudential framework in Member States.

In 2022, the EBA will disclose these templates on its website for the first time.

In addition, the EBA will keep disclosing all the information published by the EU competent authorities to provide an overview of the implementation and transposition of CRD IV and the CRR across the EU. Through this disclosure, the EBA remains committed to providing meaningful comparisons across the EU and to promoting convergence.

EBA will continue to update and revise its supervisory reporting framework in 2022 and will prepare and finalise the reporting framework 3.3. These requirements will integrate monitoring of the threshold and other procedural aspects on the establishment of the Intermediate Parent Undertaking (IPU) and in addition, will include the regular update to the benchmarking ITS and a comprehensive review of the resolution planning ITS. The EBA will also start its work on the new IRRBB reporting framework building on the new policy package that is being developed and Pillar 3 disclosures on IRRBB.

Enhancing market discipline through a Pillar III data hub and integration with the EU Single Access Point (ESAP)

The EBA is looking to further enhance market discipline and promote the use of Pillar 3 information facilitating centralised access by becoming a hub of Pillar 3 disclosures for EEA credit institutions. The Pillar 3 data hub aims to offer easy access to Pillar 3 information for all EEA institutions, facilitating cross-sector comparability of information and digitally user-friendly visualisation tools. Furthermore, beyond the EBA Pillar 3 hub, Pillar 3 information and all public information from EU companies and EU investment products will be accessible in an ESAP following the package on the CMU published by the Commission in November 2021. The EBA will be the collection body bridging data between the Pillar 3 hub and the ESAP.

According to the CRR III proposal, the EBA is mandated to receive and centralise institutions’ prudential disclosures and make them available through a single electronic access point (its website) effectively playing the role of a Pillar 3 data hub.

The CRR III mandates are proposing a differential approach for SNCIs and for other institutions. While the main objective of this proposal is to promote market discipline and facilitate stakeholders’ access to Pillar 3 information, this project should also ease compliance with prudential disclosure requirements by SNCIs. Instead, the EBA will derive Pillar 3 data for SNCIs’ data from the supervisory reporting data it already receives and make it available on its website. Institutions other than large ones and SNCIs shall instead submit to the EBA the disclosures that they are already producing for publication by the EBA on its website without any delay. The Pillar 3 data hub will not bring any new data requirements for institutions which will continue to be responsible for their own data.

The EBA will build on the policy work already done in the area of disclosures, such as the comprehensive technical standards in place that specify uniform disclosure formats and associated instructions, and on the EUCLID platform. In addition, the EBA shall enhance, maintain, and publish a mapping tool of the data points in the disclosure templates with those in supervisory reporting.

The Pillar 3 data hub is intended to become operational by the fourth quarter of 2024, with institutions starting to report the data in January 2025. The Pillar 3 data hub is part of the wider EU initiative seeking to establish an ESAP for public, financial, and sustainability-related information about EU companies and EU investment products by 2024.

Digital resilience, fintech and innovation: deepening analysis and information-sharing

Preparing for the regulatory and oversight mandates under DORA

As the legislative procedure on DORA is ongoing, the EBA, in close coordination with the other ESAs, is preparing for the implementation of the new legislation. The ESAs are expected to jointly develop a significant number of policy mandates to further specify the technical implementing details of the legal requirements. To this end, preparations are being made to organise and deliver this work under the Joint Committee of the ESAs.

In addition, the EBA is preparing for its role as Lead Overseer for CTPPs while noting that this will neither imply direct supervision of CTPPs in providing those services to financial entities nor oversight across their full range of activities. The scope of the oversight will be limited to the ICT services the CTPPs provide to financial entities. The oversight responsibilities will be shared across the ESAs, with one of them acting as the lead overseer for each CTPP. Thus, the EBA is already working towards this for enhanced coordination with existing counterparts (ESMA, EIOPA, ECB, ESRB, ENISA and supervisory authorities of financial entities) and upcoming interaction with new counterparts (such as the Network and Information Systems (NIS) Cooperation Group and national NIS authorities).

Preparing for the regulatory and potential supervisory mandates under MiCA

In a similar way as with DORA, the EBA will, in 2022, continue to prepare for potential supervision and policy tasks under MiCA and will continue to provide technical inputs to the EC where appropriate. In particular, the EBA is monitoring the evolution of Titles III and IV of MiCA (asset-referenced and e-money tokens) and identifying necessary steps (e.g. regarding IT and staffing needs) in order to prepare for potential supervision functions of issuers of tokens that are ‘significant’ or of those who voluntarily submit to EU-level supervision.


Supporting the establishment of the EU Supervisory Digital Finance Academy

In 2022, the EBA together with ESMA and EIOPA will be partnering with the European Commission to establish the flagship EU Supervisory Digital Finance Academy. Over the course of next the years the Academy will help supervisors across the EU to obtain knowledge on innovative applications of technology to financial services and activities. It will also facilitate the sharing of practical experience.

The Academy will aim to strengthen supervisory capacity in the area of innovative digital finance, thus supporting the objectives of the EU Digital Finance Strategy. The Academy will feature a comprehensive training curriculum on digital finance, including seminars, lessons and self-guided study initiatives, and a series of workshops on practical issues stemming from the regulation and supervision of innovations used by financial entities and related service providers.

The EU Supervisory Digital Finance Academy should:

  • enhance the capacity of supervisors to understand the functioning of advanced technologies used in financial activities and services and help to properly assess associated risks and take actions to mitigate them;
  • facilitate an understanding of how advanced technologies are deployed within supervisory activities and processes;
  • develop and foster synergies by collecting and spreading best practices from authorities with more advanced levels of expertise, thus enabling peer learning.

Based on supervisors’ practical experience and expertise exchanged, the Academy may help to identify potential improvements in the regulatory framework for digital finance.

The EBA, together with ESMA and EIOPA, will guide and steer development of the Academy’s training curriculum to ensure it is tailored to the competent authorities’ needs.

Figure 21: EU Supervisory Digital Finance Academy - a forward-looking approach to digital finance

Assessing the current legal framework for the digitalisation of payment services and electronic money

The European Commission’s call for technical advice on the review of the PDS2 as received by the EBA on 20 October 2021 (see also Section X) requested the EBA to provide, inter alia, analyses of the impact of the continued digitalisation of payment services. The various sections included in this call for advice include topics related to:

  • potential adjustment of the scope and definitions of the Directive in light of developments in the payments market;
  • the impact and potential need for clarification of the security requirements in PSD2, namely Strong Customer Authentication;
  • whether new security risks should be addressed with additional requirements;
  • whether there are impediments and technical barriers to the access to payment accounts and whether further standardisation is needed on that matter;
  • the opportunities and challenges for the potential expansion from access to payment account data towards access to other types of financial data, i.e. the move to open finance.

Providing advice to the European Commission on the EU framework for mortgage credit

In December 2021, the European Commission sent the EBA a call for technical advice on the review of the Mortgage Credit Directive (MCD). This call for advice covers a very wide range of topics related to the MCD, including:

  • areas specifically excluded from the scope of this Directive, identifying any potential unjustified gaps in the protection of consumers due to the existing exceptions / regulatory options under the MCD;
  • risks arising from crowdfunding / peer-to-peer platforms and providing mortgage credit, information disclosure rules (at pre-contractual and advertising stages), creditworthiness assessment, use of robo-advisers for granting of mortgage credit and cross-border provision of mortgages;
  • ways to contribute to financial stability and lessons learned from COVID-19; and
  • possible ways to encourage the uptake of green mortgages in the EU and risks related to climate change.

The EBA aims to deliver its response to the European Commission by 30 June 2022.

Enhancing convergence of supervisory actions to remove obstacles to competition in the payments market

In 2022, the EBA will continue its supervisory convergence work under the PSD2. It will monitor the removal of obstacles to providing account information services and payment initiation services offered by third-party providers to support the PSD2 objectives of facilitating innovation and enhancing competition in the EU single market.

In 2022, the EBA also continued its work on amending the RTS on SCA and CSC, with regard to the 90-day exemption from SCA for account access and published the final report in April 2022. The proposed amendment to the RTS aims to address a number of issues that the EBA has identified in the application of this exemption by some ASPSPs across the EU Member States and which has resulted in a negative impact on the services offered by AISPs under the PSD2. To mitigate these issues, in the fourth quarter of 2021, the EBA held public consultations on its proposal to amend the RTS in order to introduce a new mandatory exemption from SCA for the specific use case when access is done through an AISP, provided that certain conditions are met.

Developing retail risk indicators to measure the likelihood and probability of consumer harm

The amended EBA Regulation on European Supervisory Authorities as of January 2020 requires the EBA to develop retail risk indicators for the timely identification of potential causes of consumer harm. In 2022, the EBA will identify the different types of harm to which consumers may be exposed when buying retail banking products and services. The EBA will then aim to identify indicators that will measure the likelihood and/or severity of these types of harm from materialising and which can be published on a regular basis. From a supervisory perspective, the indicators designed by the EBA could be used for risk-monitoring purposes and enable the EBA and competent authorities to take early steps to mitigate, and possibly prevent, consumer harm.

Carrying out a thematic review into the level and transparency of fees and charges for retail banking products

Among the issues identified in the Consumer Trends Report 2021, the EBA will focus in 2021/2022 on the transparency and the level of the fees and charges imposed by financial institutions for providing retail banking products and services within the EBA’s remit (mortgage credit agreements, consumer credit agreements, deposits, payment accounts, payment services and electronic money services).

To address this issue, the EBA approached in 2021 national authorities, consumer associations and financial institutions to gather their views and experiences in relation to any detrimental impact on consumers arising from the lack of transparency and the level of fees and charges. This input will constitute key components of a thematic report that the EBA is aiming to publish in the third or fourth quarter of 2022. The report will allow the EBA to partially fulfil its statutory mandate to undertake thematic reviews of market conduct and take a leading role in promoting transparency, simplicity and fairness in the retail banking products and services market across the EU.

Fighting money laundering and terrorism financing and contributing to a new EU infrastructure

From developing policy to supporting effective implementation of AML/CFT measures

The EBA will continue to lead, coordinate and monitor the fight against financial crime in the EU’s financial sector. It will support the implementation of robust approaches to AML/CFT supervision across the EU; contribute to the implementation of a holistic approach to tackling ML/TF by embedding AML/CFT across all areas of the EBA’s work; and provide sound, technical advice where necessary to promote the effective design and implementation of the EU’s new institutional AML/CFT framework. Accordingly, the EBA’s AML/CFT-related priorities for 2022 are:

  1. to complete the AML/CFT policy framework with guidance on topical issues including on the role of AML/CFT compliance officers, the use of remote customer onboarding solutions, de-risking and financial inclusion;
  2. to build capacity of EU competent authorities through training, bilateral feedback and advice; and
  3. to identify, assess and disseminate information about ML/TF risks based on, inter alia, information from the EBA’s new, central, AML/CFT database, its colleges monitoring activity and its assessments of national authorities approaches to AML/CFT supervision.

Contributing to shaping the future EU AML/CFT landscape

The EBA will launch the EU’s first, central AML/CFT database, EuReCA, in January 2022 (please see Chapter 5 of this report). Through EuReCA, the EBA is collecting, structuring, analysing and sharing information from national authorities on AML/CFT weaknesses they have identified in the processes and procedures, governance arrangements, fitness and propriety, business models and activities of individual financial institutions under their supervision. The EBA will use that information proactively to ensure that ML/TF risks are addressed by competent authorities and financial institutions in a timely and effective manner.

In addition, the EBA will continue to provide technical input to inform the EU’s future legal and institutional AML/CFT framework to help ensure that it meets the European Commission’s objectives. There will be a particular focus on cooperation because ML/TF cannot be fought effectively in isolation. Consequently, the EBA will follow issues on the forthcoming establishment of the EU’s new AML/CFT authority (‘AMLA’) as well as AMLA’s consistent insertion into the existing institutional landscape of EU institutions – including its future cooperation with the EBA as well as with national prudential and AML/CFT supervisors of the financial and non-financial sectors. Last but not least, the EBA stands ready to contribute to any technical discussions on the package and provide its expert views, as needed.

Providing tools to measure and manage ESG risks

Monitoring ESG risks and sustainable finance

The EBA has received mandates in the area of monitoring ESG-related risks, most recently through the European Commission’s renewed sustainable finance strategy. Jointly with the Commission, the ESRB, other ESAs, the ECB and the NCAs, the EBA will systematically monitor climate-related financial stability risks. Further, the EBA shall put in place a monitoring framework to assess material ESG-related risks, as per the EBA founding regulation. In 2022 the EBA intends to start building an ESG risk monitoring framework. A first integration of ESG-related aspects into the EBA’s existing risk-monitoring framework has been initiated through the RAQ. The EBA will further explore integration and new assessment tools throughout 2022.

Consulting on the role of environmental risks in the Pillar 1 framework

The EBA is mandated to assess whether a dedicated prudential treatment of exposures associated substantially with environmental objectives, or subject to environmental impacts, would be justified. To address these mandates, covering both the framework for credit institutions and for investment firms, the EBA will be following a two-step approach. In 2022 the EBA published a discussion paper, in which the analysis will be initiated and on which stakeholders will be invited to provide their feedback. The feedback received on this discussion paper, together with available data and insights gained from the EU and international initiatives, will inform the final report and related EBA policy recommendations, which should be finalised in 2023.

Advising on a framework for green retail loans

The EBA expects to receive a specific request from the European Commission to explore the extent to which the EU Taxonomy could be applied to identify green retail products and to advise on potential adjustments or alternative approaches to the EU Taxonomy regulation, if deemed appropriate. As part of this work, the EBA will assess current market practices and will identify potential impediments to the scaling up of green lending to retail customers in the EU. It will also investigate how to ensure appropriate monitoring of the use of proceeds of green loans and avoid the risk of ‘greenwashing’.

Ensuring robust and sensible transparency ESG rules

In 2022, the ESAs will continue to work on SFDR-related topics and mandates. To answer to questions received from stakeholders since the publication of both sets of RTS in 2021, the ESAs are planning to issue a guidance document and address Q&As in 2022. Furthermore, the ESAs are mandated to review the RTS under the SFDR, to clarify indicators for both climate and environment-related principal adverse impacts and principal adverse impacts in the field of social and employee matters, respect for human rights, anti-corruption and anti-bribery matters. Finally, the RTS will be updated in relation to the information that should be disclosed about the exposure of financial products to investments in fossil gas and nuclear energy activities.

In addition, the Joint Committee of the ESAs will finalise the draft RTS that will standardise the content, methodology and presentation of information an originator of an STS securitisation may choose to disclose about the negative impacts of the securitised assets on ESG factors. Disclosures based on these RTS will therefore assist investors in measuring and comparing the potential negative consequences of certain securitisation products.

Developing further guidelines on ESG risk assessment

In 2022, the EBA will undertake preparatory work to provide further guidance to institutions on the assessment and management of ESG risks. The EBA is expected to receive a new mandate to issue guidelines on this as per the Commission’s proposal on CRD VI. Building on the EBA report on the management and supervision of ESG risks, the EBA will explore how to best ensure robust and harmonised practices for the assessment and management of ESG risks, including by considering potential requirements for institutions’ internal scenario analyses and transition plans.


Monitoring and mitigating the impact of COVID-19

Monitoring the evolution of asset quality and assessing the regulatory COVID-19-related support programmes

The asset quality of loans that benefited from support measures has been constantly deteriorating since their introduction. The EBA has remained vigilant and warned on several occasions of the need to swiftly and effectively address those pockets of risks identified in these portfolios. Although support programmes are gradually being phased out, European banks continue to report a substantial volume of loans that have benefited from support measures. The EBA will continue monitoring the evolution and asset quality of these loans.

Maintaining COVID-19 reporting and disclosures requirements

The EBA took decisive action in response to the COVID-19 pandemic in 2020. This included the publication of guidelines on legislative and non-legislative moratoria on loan repayments setting out supervisory approaches to the treatment of such moratoria, as well as guidelines on reporting and disclosure of exposures subject to measures applied in response to the COVID-19 crisis. The latter set out framework for the regular reporting allowing supervisors to monitor the impacts of moratoria and other public support measures on the credit quality of the affected exposures.

Over the course of 2021, despite the noticeable reduction in the number of loans under various forms of payment moratoria and other public support measures, uncertainty on the evolution of the COVID-19 pandemic and its implications on the quality of banks’ lending remained. It was therefore necessary to continue monitoring the implementation of measures introduced in response to the COVID-19 crisis, potential increases in NPEs and overall impacts on the credit quality of banks’ assets, especially in the Member States, where such public support measures are still relevant. To this end, in its public statement on 17 January 2022, the EBA confirmed the continued application of COVID-19-related reporting and disclosure requirements until further notice. The EBA also noted that competent authorities may exercise the flexibility provided in the guidelines to reduce or stop some specific reporting and disclosure requirements, in order to consider the different needs across jurisdictions. The EBA will continue to monitor developments and will consider repealing the guidelines in the future when the COVID-19 situation permits, and the credit outlook of the affected loans improves.


EBA organisational structure

Composition as of 31 December 2021


Board of Supervisors composition at the end of 2021


Austria Österreichische Finanzmarktaufsicht Head Helmut Ettl
    Alternate Michael Hysek
Belgium Nationale Bank van België/Banque Nationale de Belgique Head Jo Swyngedouw
    Alternate Jurgen Janssens
Bulgaria Bulgarian National Bank Head Radoslav Milenkov
    Alternate Stoyan Manolov
Croatia Hrvatska Narodna Banka Head  
    Alternate Sanja Petrinić Turković
Cyprus Central Bank of Cyprus Head Constantinos Trikoupis
    Alternate Kleanthis loannides
Czech Republic Česká Národní Banka Head Zuzana Silberová
    Alternate Marcela Gronychová
Denmark Finanstilsynet Head Jesper Berg
    Alternate Thomas Worm Andersen
Estonia Finantsinspektsioon Head Andres Kurgpõld
    Alternate Kilvar Kessler
Finland Finanssivalvonta Head Jyri Helenius
    Alternate Marko Myller
France Autorité de Contrôle Prudentiel et de Résolution Head Dominique Laboureix
    Alternate Emmanuelle Assouan
Germany Bundesanstalt für Finanzdienstleistungsaufsicht Head Raimund Röseler
    Alternate Peter Lutz
Greece Bank of Greece Head Heather Gibson
    Alternate Kyriaki Flesiopoulou
Hungary Magyar Nemzeti Bank Head Csaba Kandrács
    Alternate Gergely Gabler
Ireland Central Bank of Ireland Head Gerry Cross
    Alternate Mary-Elizabeth McMunn
Italy Banca d’Italia Head Andrea Pilati
    Alternate Bruna Szego
Latvia Finanšu un Kapitāla Tirgus Komisija Head Santa Purgaile
    Alternate Ludmila Vojevoda
Lithuania Lietuvos Bankas Head Simonas Krėpšta
    Alternate Renata Bagdonienė
Luxembourg Commission de Surveillance du Secteur Financier Head Claude Wampach
    Alternate Nele Mayer
Malta Malta Financial Services Authority Head Joseph Gavin
    Alternate Pierre Paul Gauci
Netherlands De Nederlandsche Bank Head Maarten Gelderman
    Alternate Sandra Wesseling
Poland Komisja Nadzoru Finansowego Head Kamil Liberadzki
    Alternate Artur Ratasiewicz
Portugal Banco de Portugal Head Ana Paula Serra
    Alternate Luís Costa Ferreira
Romania Banca Naţională a României Head Adrian Cosmescu
    Alternate Cătălin Davidescu
Slovakia Národná Banka Slovenska Head Tatiana Dubinová
    Alternate Linda Šimkovičová
Slovenia Banka Slovenije Head Primož Dolenc
    Alternate Damjana Iglič
Spain Banco de España Head Ángel Estrada
    Alternate Alberto Ríos Blanco
Sweden Finansinspektionen Head Karin Lundberg
    Alternate Magnus Eriksson



Iceland Fjármálaeftirlitið Member Unnur Gunnarsdóttir
    Alternate Elmar Ásbjörnsson
Liechtenstein Finanzmarktaufsicht Liechtenstein (FMA) Member Markus Meier
    Alternate Elena Seiser
Norway Finanstilsynet Member Morten Baltzersen
    Alternate Ann Viljugrein
EFTA Surveillance Authority Member Frank Büchel
    Alternate Jonina Sigrun Larusdottir



SRB Sebastiano Laviola



ESMA Natasha Cazenave
EIOPA Fausto Parente
ECB Fátima Pires, Carmelo Salleo
ECB Supervisory Board Stefan Walter, Sofia Toscano Rico
European Commission Martin Merlin, Dominique Thienpont
ESRB Francesco Mazzaferro


Management board

In accordance with the EBA Founding Regulation, the Management Board ensures that the EBA carries out its mission and performs the tasks assigned to it. It is composed of the EBA Chairperson and six other members of the Board of Supervisors elected by and from its voting members. The Executive Director, the EBA Vice-Chairperson and a representative of the Commission also participate in its meetings.

Four new members joined the Management Board in 2021. At the end of December 2021, the Management Board was composed of four members from participating SSM Member States (Austria, France, Germany, and the Netherlands) and two members from non-participating SSM Member States (Poland and Sweden).

The Management Board met five times in 2021 and given the COVID-19 pandemic and implemented measures, all meetings were held as teleconferences. To guarantee the transparency of its decision-making, minutes of Management Board’s meetings are published on the EBA website.

Management Board composition as of 31 December 2021

Austria Finanzmarktaufsicht Helmut Ettl
France Autorité de Contrôle Prudentiel et de Résolution Dominique Laboureix
Germany Bundesanstalt für Finanzdienstleistungsaufsich Raimund Röseler
Netherlands De Nederlandsche Bank Maarten Gelderman
Poland Komisja Nadzoru Finansowego Kamil Liberadzki
Sweden Finansinspektionen Karin Lundberg
European Commission Dominique Thienpont
  European Banking Authority Jo Swyngedouw (Vice-Chair)


Some BSG members attending the EBA’s 10th anniversary event in Paris, 26 October 2021.

Banking Stakeholders Group composition as of 31 December 2021

Alin Eugen Iacob Users of Banking Services Association of Romanian Financial Services Users RO
Andrea Sità Employees' representatives of FI UILCA Italian Labor Union - credit and insurance sector IT
Christian König Financial institutions Association of private Bausparkassen DE
Christian Stiefmueller Consumers Finance Watch AISBL AT
Concetta Brescia Morra Top-ranking academics University Roma Tre IT
Constantinos Avgoustou SMEs Founder and Non-Executive Director of several enterprises CY
Edgar Löw Top-ranking academics Frankfurt School of Finance & Management DE
Eduardo Avila Zaragoza Financial institutions BBVA Group ES
Elie Beyrouthy Financial institutions European Payment Institutions Federation BE
Erik De Gunst Financial institutions ABN AMRO Bank NL
Jennifer Long Consumers International Monetary Fund IE
Johanna Lybeck Lilja Financial institutions Nordea Bank SE
Johanna Orth Financial institutions Swedbank SE
Julia Strau Financial institutions Raiffeisen bank International AG AT
Leonhard Regneri Employees' representatives of FI Input Consulting gGmbh DE
María Ruiz de Velasco Camiño Financial institutions SIBS ES
Martin Schmalzried Consumers Confederation of Family Organisations in the EU CZ
Monica Calu Consumers Asociatia Consumers United/Consumatorii Uniti RO
Monika Marcinkowska Top-ranking academics University of Lodz PL
Patricia Suárez Ramírez Consumers ASUFIN ES
Poul Kjær Users of Banking Services Copenhagen Business School DK
Rens Van Tilburg Users of Banking Services Sustainable Finance Lab NL
Rym Ayadi Top-ranking academics City University of London, Business School and CEPS TN
Sebastian Stodulka Financial institutions European Savings and Retail Banking Group (ESBG) & World Savings and Retail Banking Institute (WSBI) BE
Sėbastien De Brouwer Financial institutions European Banking Federation
Søren Holm Financial institutions Nykredit Realkredit DK
Tomas Kybartas Consumers The Alliance of Lithuanian consumer organisations LT
Vėronique Ormezzano Financial institutions BNP Paribas FR
Vinay Pranjivan Consumers Associação Portuguesa para a Defesa do Consumidor PT


Budget summaries

The amended budget for 2021 is published in the Official Journal of the European Union (available at

EBA establishment plan 2021

Category and grade Establishment plan in EU budget 2021 Filled as of 31/12/2021
Officials TA Officials TA
AD 16   1   0
AD 15   1   1
AD 14   6   3
AD 13   2   0
AD 12   8   7
AD 11   12   5
AD 10   12   17
AD 9   22   22
AD 8   26   25
AD 7   21   29
AD 6   20   24
AD 5   20   9
Total AD   151   142 (*)
AST 11   0   0
AST 10   0   0
AST 9   0   0
AST 8   0   0
AST 7   0   0
AST 6   3   1
AST 5   4   2
AST 4   2   2
AST 3   1   3
AST 2   1   3
AST 1   0   0
Total AST   11   11
AST/SC 6   0   0
AST/SC5   0   0
AST/SC4   0   0
AST/SC3   0   0
AST/SC2   0   0
AST/SC1   0   0
Total AST/SC   0   0
TOTAL   162   153 (**)

(*) Nine AD positions have not been offered by 31 December 2021.

(**) The filled posts include four temporary agent offers that was made by 31 December 2021.


Statistics on disclosure

The Legal Unit is the central point for dealing with requests relating to transparency and public access to documents. In 2021, within the remit of Regulation (EC) No 1049/2001, the Legal Unit provided its advice on 13 formal requests for access to information.

Facts and figures


The European Commission is not liable for any consequence stemming from the reuse of this publication.

Luxembourg: Publications Office of the European Union, 2022

© European Union, 2022

The reuse policy of European Commission documents is implemented by Commission Decision 2011/833/EU of 12 December 2011 on the reuse of Commission documents (OJ L 330, 14.12.2011, p. 39).
Unless otherwise noted, the reuse of this document is authorised under a Creative Commons Attribution 4.0 International (CC-BY 4.0) licence ( This means that reuse is allowed provided appropriate credit is given and any changes are indicated.
For any use or reproduction of elements that are not owned by the European Union, permission may need to be sought directly from the respective rightholders.


Print ISBN 978-92-9245-765-5 ISSN 1977-9038 doi:10.2853/509107 DZ-AB-22-001-EN-C
PDF ISBN 978-92-9245-764-8 ISSN 1977-9046 doi:10.2853/23117 DZ-AB-22-001-EN-N
HTML ISBN 978-92-9245-763-1 ISSN 1977-9046 doi:10.2853/783260 DZ-AB-223-001-EN-Q



In person

All over the European Union there are hundreds of Europe Direct information centres. You can find the address of the centre nearest you at:

On the phone or by email

Europe Direct is a service that answers your questions about the European Union. You can contact this service:



Information about the European Union in all the official languages of the EU is available on the Europa website at:

EU publications

You can download or order free and priced EU publications at: Multiple copies of free publications may be obtained by contacting Europe Direct or your local information centre (see

EU law and related documents

For access to legal information from the EU, including all EU law since 1952 in all the official language versions, go to EUR-Lex at:

Open data from the EU

The EU Open Data Portal ( provides access to datasets from the EU. Data can be downloaded and reused for free, for both commercial and non-commercial purposes.

Publication document thumbnail


This publication is available in the following formats HTML PDF ANNUAL REPORT 2021 - EUROPEAN BANKING AUTHORITY Paper ANNUAL REPORT 2021 - EUROPEAN BANKING AUTHORITY