Skip Ribbon Commands
Skip to main content
Sign In

EBA consultation: Resolution plans and reporting

EBA consultation: Resolution plans and reporting

​​

​​​>> See the .pdf version




ESBG response to the EBA consultation 

on the provision of information for the purpose of resolution plans 

under Article 11(3) of Directive 2014/59/EU

​ESBG (European Savings and Retail Banking Group)

Rue Marie-Thérèse, 11 - B-1000 Brussels

ESBG Transparency Register ID: 8765978796-80

 

​December 2017



Dear Sir/Madam,

Thank you for the opportunity to comment on the EBA consultation on the provision of information for the purpose of resolution plans under Article 11(3) of Directive 2014/59/EU. We would like to share with you the following reflections that we hope will be taken into account by the EBA.

General comments

The volume and frequency of data requests by the regulatory and resolution authorities has generally increased strongly over the last few years. Against this background, ESBG welcomes the EBA's contribution to standardise the existing inquiry standards/templates as well as the effort to streamline the process and to establish the minimum set of reporting obligations as well as to specify procedural and technical reporting requirements. This applies particularly to the templates under discussion here, the content of which has changed considerably in each of the last two data requests by the Single Resolution Board (SRB). The overriding principle should, furthermore, be to ensure that data for the EBA is not duplicated and/or collected from the institutions with other breakdowns and/or on other reporting/reference dates. With regard to portfolio data in particular, information is requested from the resolution and regulatory authorities multiple times per year and with different templates, which means considerable effort for the institutions each time.

ESBG would, furthermore, like to see that at the end of the consultation process the templates will have reached a degree of finalisation, such as requires no permanent amendments/adjustments, as this calls for considerable additional effort by the institutions (programming, plausibility checks, manual amendments/adjustments, etc). It would also be desirable that the national competent and resolution authorities go along with the content of the templates and do not demand even more additional information. This would help to ensure a level-playing-field/fair competitive environment too.

Moreover, we appreciate the EBA's revision and consolidation of the resolution plan reporting process, in particular with regards to the deletion of templates where information is available through supervisory reporting, i.e. current template IV – Critical counterparties (sections 1, 2 and 3), templates on material hedges and pledged collateral. Furthermore, the introduction of the new template R 06.00 on deposit insurance is also well received as it provides for an overview of different deposit protection systems within a banking group.

In any case, in our opinion, these comprehensive reporting forms are, on grounds of proportionality, not very appropriate nor reasonable for institutions for which the resolution authorities themselves come to the conclusion that they will not be resolved.

Hence, we would like to emphasise the legal context in which the templates should be seen: in marginal number 2, the EBA rightly states, that Article 11 BRRD empowers resolution authorities to require institutions to cooperate as much as necessary to draw up resolution plans. For this purpose, the BRRD mentions a minimum list of information items the authorities may request and mandates the EBA to develop an implementing technical standard. Consequently, institutions are only bound to report via EBA templates if the resolution authority has demanded cooperation (i.e. reporting) according to Article 11 BRRD. To put it another way, the decision whether an institution has to use the EBA templates or not rests on the respective resolution authority exclusively.

Specific comments

 

Definition of minimum requirements for reporting

We welcome the setting of uniform standards for the reporting of resolution planning. We should also bear in mind that the technical implementation of regulatory reporting requirements triggers complex project activity and needs adequate lead time. For the institutions it is, therefore, of great importance to get planning security regarding the requirements and concrete reporting templates.

In the current draft ITS, the individual resolution authorities are granted a high degree of freedom in establishing their own reporting structures. Hence it cannot be excluded that, based on the minimum standards, each authority will carry out an additional interpretation of its own. In the past, this could already be seen in the individual templates developed by the SRB for Liability Structures, Critical Functions and FMI. These continue to deviate considerably from the standards currently defined by the EBA.

ESBG likewise advocates the planned approach to the further development of the reporting infrastructure in an .xbrl reporting system. For this, however, agreement should initially be reached with the SRB, which is also aiming at the introduction of its own reporting structures in .xbrl. This parallel approach leads to an avoidable establishment of double structures both for the banks and the regulator.

We would therefore like to propose that the initiatives of the EBA, the national resolution authorities and the SRB be pooled for those institutions under the direct responsibility of the SRB and transferred to a standardised binding European reporting system for resolution planning. With regard to the scope/size of reports to be periodically submitted by institutions directly covered by the SRB, this should be geared to the maximum of the necessary requirements. The Liability Structures, for example, should technically and technical-content-wise be geared 1:1 to the SRB's reporting templates/correspond with them. The principle of proportionality can also be adhered to in the definition of a maximum scope of regular reporting requirements for institutions falling within the direct competence of the SRB by giving the national authorities decision-making leeway to individually reduce the size of the forms to be submitted by the institutions. For example, as part of the presentation of its MREL approach for 2016, the SRB already announced in mid-February 2017 that a bail-in would not constitute the preferred resolution instrument for development banks. In addition, as part of its consultation paper on simplified obligations for recovery and resolution planning introduced at the beginning May 2017, the EBA stated that any failure of institutions for which regular insolvency proceedings are initiated and of development banks would have no significant negative effects on the financial markets or other institutions.

The laying down of the maximum extent of possible reporting requirements for institutions falling within the direct responsibility of the SRB is also necessary to enable banks to continue using standard reporting software. A reporting volume defined in an ITS can be implemented as part of a standard software package. In the case of highly divergent requirements (depending on the competent resolution authority, the size of the institution or other particularities), software providers will no longer implement them; the institutions will consequently be obliged to implement their own solutions in full or in part for reports deviating from the scope of the ITS. This would lead to increased implementation and maintenance expense.

On the whole, in the case of a divergent approach for institutions falling within the direct competence of the SRB, we see the risk of a permanently fragmented reporting environment within the EU. Such a development is at odds with the clearly articulated objective of creating uniform and comparable European requirements, in ESBG's opinion.

​For institutions for which the resolution authorities themselves come to the conclusion that they will not be resolved, regulatory data for analysis that the resolution authorities can also retrieve directly from the competent authorities should suffice. In this way, proportionality aspects – to which, as we know, the EBA draft attaches great importance ‑ are to be exploited as far as possible. In any case, these comprehensive reporting forms are on grounds of proportionality not very appropriate, nor reasonable for these institutions, according to our impression.  Accordingly, the decision whether an institution has to provide additional information remains with the resolution authority only.

Timing

According to the Consultation Paper, “it is envisaged that the new framework could be operational in 2019 when resolution authorities collect information as of 31 December 2018". Given the tight deadline to properly implement this new regular reporting framework and considering the overwhelming costs and administrative burdens the banking industry has to face in order to implement already existing reporting requirements that will come into effect at roughly the same time as this framework (e.g. AnaCredit, SHS-G, etc.), we suggest postponing the first reference date to 31 December 2019. Furthermore, we would welcome it if the completion of the templates due in 2019 (e.g., “VI Pledged Collateral", “XI Authorities", “XII Legal impacts of resolution") were to be dropped in 2018.

Scope

​Generally, ESBG understands the need of the regulator to set different levels of application for each template due to the variety of functions the information collected is meant to be used for. Nonetheless, we would ask the EBA to take into account the difficulties of implementing this new framework on different application levels which would also lead to increased resourcing efforts for the whole banking industry. Therefore, we would suggest setting a single (harmonised) level of application for all templates or, at least, a single level of application for each of the three blocks of templates.

ESBG would like to emphasise that institutions are only bound to report via EBA templates if the resolution authority is demanding cooperation (i.e. reporting) according to Article 11 BRRD.  Therefore, the decision whether an institution has to provide additional information remains with the resolution authority only.

Format condition

​In paragraph 16 of chapter 3.2.1 (Request for information) as well as in Article 8(3) of the Draft ITS, it is mentioned that where the information is not already available to the Competent Authority (CA) or where the format in which the information is provided by the CA is not satisfactory to the Resolution Authority (RA), the RA will directly request the institution to provide the information. This implies that a simple unsatisfactory format of information provided by the CA would authorise the RA to directly request the institution to provide the information in a satisfactory format.

In ESBG's view, Article 8(3) of the Draft ITS is not in line with Article 11(2) BRRD that regulates that “where such information is available, competent authorities shall provide that information to the resolution authorities", without any condition regarding a satisfactory format. Also Article 90(1) BRRD does not mention any satisfactory format condition, mentioning only “Subject to Article 84, resolution authorities and competent authorities shall provide one another on request with all the information relevant for the exercise of the other authorities' tasks under this Directive". We therefore regard Article 8(3) of the Draft ITS as well as the current Commission Implementing Regulation (EU) 2016/1066 with reference to Article 2(3) and (5) as not being compliant with the BRRD.

​Thus, in order to comply with the above mentioned provisions of the BRRD and to avoid any unnecessary duplication of reports, Article 8(3) of the Draft ITS should be amended as follows, in ESBG's opinion:

 “3. Where additional information is considered to be necessary pursuant to Article 7 and the information necessary to draw up and implement resolution plans is not already available to the competent authority, the resolution authority shall directly request the institution or Union parent undertaking to provide the information."

​Time to handle XBRL

In paragraph 28 of chapter 3.2.3 (Reporting format and data point model), it is mentioned that the EBA will develop XBRL taxonomies based on the DPM database, which will not only be available for facilitating exchange between authorities and the EBA but also for use by banks. We therefore assume that the use of the XBRL taxonomies is optional for banks. However, for practical reasons banks might opt to use those taxonomies at a very early stage. We, therefore, appreciate the availability of detailed XBRL specifications at least 12 months before the regulation enters into force in order to provide banks time for technical preparation to submit the requested data according to XBRL taxonomies. In case the use of XBRL taxonomies shall become obligatory it should be recognized that in some Member States the XBRL taxonomies are not used for reporting obligations by banks at all so far, which implies an extraordinary effort and reasonable timeline for necessary implementations.

Comparability

In chapter 5.1.C.2.1 (Reporting format), under Option 2.1.1 it is mentioned that “…all the data to be collected would be comparable and the level of harmonisation across the EU countries is expected to increase". In our view, comparability of all the data collected is for many reasons difficult to achieve. Firstly, given the wide variety of national accounting standards within the EU, the cross-country comparison of any financial data on an individual basis at the level of institutions is not meaningful. And secondly, even on a consolidated IFRS basis at group level data are not comparable without analysing the specific accounting and measurement methods applied. ESBG therefore recommends limiting the comparability requirement to non-financial data.

Missing data

​In Article 4(2)(b)(i) the correct wording should be “at the level of the Union parent undertaking or, if different, at the level of the resolution entity, on an individual basis;".

In Article 4(2)(e) the referring template code is missing. It should be template R 06.00.

According to Article 9(1) (Transitional period), the remittance date shall be 30 May 2019 at the latest. We assume that the regulator means 31 May 2019 which is a Friday.

According to Article 9(2) (Transitional period), the remittance date shall be 31 April 2019 at the latest. We assume that the regulator means 30 April 2020 which is a Thursday.


Question 1: Would the envisaged remittance date (31 May to be progressively advanced to 31 March) be appropriate for all templates? If not, please justify your answer and indicate, template by template, the alternative remittance date you would suggest.

According to Regulation (EU) 2015/534 of the European Central Bank dated 17 March 2015 on reporting of supervisory financial information (ECB/2015/13), the national competent authorities (NCAs) are, for significant supervised entities that are part of a significant supervised group, obliged to report final FINREP data by the close of business of the 55th day after the reporting/reference date. For this, the NCAs set the date as of which the supervised entities have to report the supervisory financial information so that the NCAs can meet these deadlines. This generally means that a first report by an institution of its preceding year's figures is made by mid-February and the final report accordingly subsequent to, if needs be, after a concluding discussion with the regulator. In addition, reporting dates for annual financial statements must be observed (as a rule March/April).

A final/definitive database for the completion of the templates is thus not available until late. Further analyses must be conducted on this database, which is extended in part by quantitative and qualitative information, as the required data cannot be derived entirely from the data in the annual financial statements. For this purpose, a separate data system must be set up in parts. Between the individual templates there are interdependencies that must be observed when filling them in. In ESBG's view, a concurrent overall report of all templates would make sense. The reporting/reference date should therefore not be brought forward.

​Some concrete suggestions:

Since the audited group results are annually published at the end of March, we suggest changing the remittance date for template R 01.00to 30 April, which would be, practically, much more appropriate.

Regarding the templates in the block on information on on- and off-balance sheet items (R 02.00, R 03.00, R 04.00, R 05.01, R 05.02 and R 06.00), we suggest changing the remittance date to 30 April, since this date corresponds with the already tight remittance date set by the SRB for templates R 02.00, R 03.00 and R 04.00 of this Draft ITS. Furthermore, the remittance date of 30 April would also reflect the fact that information necessary for templates R 05.01, R 05.02 and R 06.00 are usually contained in audited group results that are annually published and available as of the end of March.

​For all templates relating to the block as regards “Critical functions and core business lines", we prefer 31 May as a proper remittance date. This is due to fact that, for instance, the criticality assessment is based on company data as of 31 December and market share data which is simply not available before April for many markets and economic functions. In particular, with regard to developing banking markets in CEE, market shares can change significantly year-by-year with a direct impact on the criticality assessment. Without the availability of the most accurate market data as of 31 December, the criticality assessment would lose accuracy and quality. Therefore, and in order to simplify this regular reporting requirement for the banking sector, ESBG suggests harmonising the remittance dates for all the templates R 07.01 to R 10.02 by changing the proposed remittance date to 31 May.

 

Template codeName of the template /group of templatesSuggested remittance dateJustification
 Entity information, group structure, contacts and dependencies  
R 01.00Information about the entity30 AprilAudited group results published end of March
R 01.00Organisational structure30 AprilAudited group results published end of March
 Information on on- and off-balance sheet items  
R 02.00Liability Structure30 AprilDeadline given by SRB for the SRB LDTs
R 03.00Own funds requirements30 AprilDeadline given by SRB for the SRB LDTs
R 04.00Intragroup financial connectedness30 AprilDeadline given by SRB for the SRB LDTs
R 05.01Major counterparties (Liabilities)30 AprilAudited Group results published end of March
R 05.02Major counterparties (off-balance sheet)30 AprilAudited Group results published end of March
R 06.00Deposit insurance30 AprilAudited Group results published end of March
 Critical functions and core business lines  
R 07.01Criticality assessment of economic functions31 MayMarket share data not available before April
R 07.02Mapping of critical functions to legal entities31 MayMarket share data not available before April
R 07.03Mapping of core business lines to legal entities31 MayTo simplify regular reporting requirement
R 07.04Mapping of critical functions to core business lines31 MayMarket share data not available before April
R 08.00Critical services31 MayMarket share data for critical function assessment not available before April
 FMI services - providers and users  
R 09.01Users, providers and users - mapping to critical functions31 MayMarket share data for critical function assessment not available before April
R 09.02FMI Services - Providers and Users - Services provided by FMI or representative institution31 MayTo simplify regular reporting requirement
R 09.03FMI Services - Providers and Users - Services providers enabling access to FMI31 MayTo simplify regular reporting requirement
 Information systems  
R 10.01Critical Information systems (General information)31 MayTo simplify regular reporting requirement
R 10.02Mapping of information systems31 MayTo simplify regular reporting requirement

 

 

Question 2: Are there any technical obstacles or inconsistencies in the template 'R 01.00 - Organisational structure (R-ORG)' which would prevent you from, or make it disproportionate for you, to report the information required thereby?

​Regarding columns 080 (Total assets) and 100 (LRE) of template R 01.00 (Organisational structure), ESBG would like to ask the EBA to clarify whether entities on solo level using nGAAP as their accounting standard should fill in data on an IFRS basis or on an nGAAP basis. Based on the instructions in Annex II, we assume that entities on solo level using nGAAP will have to provide data according to their nGAAP for the columns 080 and 100, while for columns 110 (“Contribution to total consolidated assets"), 120 (“Contribution to total consolidated REA") and 130 (“Contribution to consolidated Leverage Ratio Exposure") data based on IFRS have to be provided for. If that is the case, we would question the expected benefit of columns 080 and 100 since the template R 01.00 will most likely list a variety of entities using nGAAP or IFRS as their respective accounting standards. Besides, institutions might not have the IFRS figures available on solo level.

Additionally, for entities on solo level, detailed information for the contribution to the group figures are not available as group adjustments are done by the consolidating (parent) entity. Therefore, a reconciliation process with solo entities is not possible at this stage. ESBG proposes to re-think this data request for template R 01.00.

​Question 3: Are there any technical obstacles or inconsistencies in the second block of templates (R 02.00 - Liability Structure (R-LIAB), R 03.00 - Own funds (R-OWN), R 04.00 - Intragroup financial inter-connections (R-IFC), major counterparties, R 06.00 - Deposit insurance (R-DIS)) which would prevent you or make it disproportionate for you to report the information required thereby?

In this context, ESBG has similar recommendations to the ones presented above: in short, there must be sufficient time to derive the data. In addition, it should be ensured in particular that the “parent waiver" from the COREP return is valid for the MREL report too. From a superordinate perspective, we can say that a number of components of the second block (particularly the template “Liability Structure") as part of the annual Liability Data Template (LDT) are to a greater extent concretised by the Single Resolution Board (SRB). Accordingly, here, particular attention should be paid so that this does not result in duplicative reporting and/or returns with differing content (e.g., as a result of other cluster formations, etc) for the institutions (concrete example: the accounting standard used as the basis for MREL data at single-institution level should be identical with that of the report to the SRB).

​With regard to the new template for deposit insurance, the name of the institutional protection scheme has to be given in reporting field 050. According to the explanations for this reporting field, this involves institutional protection schemes pursuant to Art. 113(7) CRR. Reference to deposit protection, however, is made only via institutional protection schemes pursuant to Art. 1(2) c) Directive 2014/49/EU (DGS Directive). Presumably, this, therefore, means such institutional protection schemes. Institutional protection schemes recognised pursuant to Art. 113(7) CRR can exist on a voluntary basis too and detached from the obligations of the DGS Directive.

 

R 02.00 (Liability Structure):

​As regards template R 02.00 (Liability structure), it should be noted that columns 090 and 100 are not cumulative since both can include intragroup liabilities and issuances under non-EU Member State jurisdictions/law. When submitting data for individual entities, in some jurisdictions the data will be subject to national accounting standards, which creates issues with some of the definitions in the template. This relates, for example, to the position r330, balance sheet liabilities arising from derivatives (and further the position total liabilities and own funds). In our understanding, the expectation is rather to obtain market values as they would be reported under IFRS within this position. Nevertheless, market values are not necessarily reported on-B/S under national accounting standards.

 

C090 and C100 Intragroup and issuances under non-EU Member State jurisdictions

It should be noted that columns 090 and 100 are not cumulative since both can include intragroup liabilities and issuances under non-EU Member State jurisdictions/law.

 

C100Intragroup

“Liabilities towards entities included in the consolidated financial statements of the ultimate parent entity (as opposed to the regulatory scope of consolidation)."

 

Within this column, not only intragroup liabilities from entities of prudential scope, but also from accounting scope should be reported here.

 

If entities within the accounting scope of consolidation, that are not part of the prudential scope of consolidation, have to be reported within this column,  the total sum of all liabilities won't match FINREP numbers, total assets etc. anymore.

 

Additionally, the reporting scope of consolidation for the SRB Liability Data Template is prudential scope CRR. This is also reflected by the fact that total assets r900 corresponds to FINREP F1.3 as well as by the fact that the carrying amount corresponds to FINREP financial statements (see point 5. Amount reporting).

 

r330 Balance sheet liabilities arising from derivatives Secured liabilities – collateralized part (BRRD art. 44/2/b)

“This should be completed with the accounting value of liabilities arising from derivatives, for the total amount corresponding to FINREP (F1.2-020-010 + F1.2-150-010)."

 

Note, that nGAAP might have a different treatment of certain positions as IFRS (e.g. on balance derivatives refer to market values in IFRS, but are treated differently under certain national accounting standards).

 

R350Structured notesA clear definition for this row is required. The guidance note refers to instructions for BCBS Basel III Monitoring Exercises; however, it is not clear which exercise is meant and none of the instructions currently available on the BCBS website contain any information on this topic.
R511Of which: capital instruments/share capitalWhat should be reported in this line, - we expect C01-030-010 or is it only the paid-up share capital?

 

Ad R 03.00 (Own funds):

​The instructions state that where the entity the report refers to is not subject to individual own funds requirements, the contribution of the entity to the consolidated prudential own funds shall be reported as reported in the COREP template C 06.02 regarding the contribution of entities to solvency of the group. Given that the own funds template does not require entities to enter information on actually available own funds but rather requires an input of capital requirements in percentage terms, this approach is not possible. The contribution of entities to the solvency of the group only includes information on own funds of the entities in question that are counted as own funds at group level – there is no possibility to infer a capital requirement for these entities that could be entered in the own funds template.

 

Cell referenceTopicComment
R320Pillar 2 Guidance

Why is Pillar 2 guidance (P2G) listed under “Pillar 2 capital requirements"? P2G is not considered to be a minimum requirement (as the instructions state, it is not directly binding).

In addition, non-SSM countries do not currently apply a concept of P2G as this is not a term contained in current legislation (either CRD or SSMR). We assume that entities that do not receive a P2G as part of their SREP decision enter a value of zero in this field.

What should be entered under the “fully fledged" amount for P2G? Since P2G does not have any transitional rules, we would assume to enter the same amount in columns 010 and 020 in this template. This should be confirmed.

 

 

Question 4: Are there any technical obstacles or inconsistencies in the third block of templates (critical functions and core business lines, R 08.00 - Critical services (R-SERV), FMI services, critical information systems) which would prevent you or make it disproportionate for you to report the information required thereby?

No. However, it should be noted that for numerous economic functions (e.g. Payment, Cash, Settlement, Clearing, Custody as well as Capital Markets and Wholesale Funding) market data is not available. And for economic functions where market data is generally available, the data as of 31 December is not published by national banks or national statistics bodies before April.

Apart from that, the term “critical function" in resolution planning should not differ from the terminology in recovery planning, in ESBG's opinion. This should be in the interests of the authorities involved too. However, on the basis of the data requested in the template for “critical function", this is unfortunately not the case, according to ESBG's understanding.

​ 

Question 5: The reporting of FMIs and information systems is already required since 2016. In practice are you operationally able to provide such view and do you think it is necessary to set a transition period, for example to progressively build up over the course of three years a full view of the systems within groups?

Because of the complexity of the necessary data collection and the general, regular systems adjustments, it is, in ESBG's view, necessary to allow for a transitional phase of at least 3, ideally 5 years.

The data for FMIs and information systems are not readily available, but must be collected in an extensive manual process covering multiple divisions within banks. A transition period of 3 years would certainly be helpful for banks to set up processes and methods to ease the collection of the relevant data. However, a transitional period can make sense only if definitions and requirements of the EBA and resolution authorities are transparent and understandable. If definitions (e.g. for “information systems" – see also question 7) are not understandable, a transitional period is fairly pointless. The definitions and requirements should, moreover, not be constantly adjusted, but should be fixed for the duration of the transitional period. So far, the definitions and requirements have been “moving targets".

​ 

Question 6: The reporting of FMI services and enabling services, in templates R 09.02 and R 09.03 could be facilitated if a list of typical services was included. Can you suggest such list?

Such a list would, in our opinion, have to be drawn up by the competent authorities on the basis of their collective experiences/empirical values. In ESBG's view, there should be no reports from the institutions.

With the current layout and the instructions given, the templates can sometimes not be properly filled. The intention of the templates is not always very clear. It would be appreciated if the EBA could provide a list of typical services that they expect. Ideally, the EBA should provide examples of what kind of services/relationships they want to see here.

​ 

Question 7: Does the nomenclature of information systems in template R 10-01 - Critical Information systems (General information) (R-CIS 1) cover the various types of existing systems, and would it in your view enable the authority to properly identify systems that are key in the performance of critical functions?

In the original ITS on information for resolution plans from 2014-2015, the EBA introduced Annex IX called “Information Systems". The instructions of template IX made reference to Section B of the Annex to Directive 2014/59/EU and requested “[…] a detailed inventory and description of the key management information systems, including those for risk management, accounting and financial reporting […]."

Presumably, the templates R 10.01/ R 10.02, now called “Critical Information Systems" of the current consultation process, represent an update of the former Annex IX. We would like to understand whether “Critical Information Systems" are synonymous with “Key Management Information Systems" and whether the reference to Section B of the Annex to Directive 2014/59/EU is still valid. Does the focus of the templates still lie on risk management, accounting and financial reporting? The resolution authorities have to understand that neither “Critical Information Systems" nor “Key Management Information Systems" nor solely “Information Systems" are terms that are commonly used in bank practice. There is no industry-wide standard nor a commonly-accepted definition so far.  The definition of “Critical Information System" in the Instructions is far too vague, in ESBG's opinion. We would even argue that it is unclear what the core intention of the EBA behind the two templates is. The lack of a clear-cut definition and a missing industry standard will inevitably lead to a very heterogeneous data provision across European banks. This cannot be in the interest of resolution authorities.

The IT infrastructure of large banks consist of thousands of IT products and IT systems. These IT products often come in IT supply chains. While information for resolution purposes might be centralised in data warehouses, this information is supplied to the data warehouses by a multitude of other IT products. Without these data supplies, the data warehouse would be useless, only an empty shell. Do “Critical Information Systems" only include the data warehouse or the whole IT supply chain? Furthermore, there are IT products that cannot be mapped to specific critical functions but are indispensable for bank operations and the IT infrastructure of the bank as a whole. How should these IT products be dealt with? If these IT products shall be included in the templates, the list would be quite long.

Considering current market trends (e.g. big data, in memory technologies), the borders between “Management information systems" and IT products supporting the operational business become even more blurred. Thus, a differentiation in this way does not appear sustainable to ESBG.

As the term “Information Systems" is not used in bank-practice, these systems are not readily available. Rather, the identification of these systems is a manual task for thousands of IT products. The resolution authorities need to understand that this is a huge challenge for banks that will need massive resources. Therefore, banks need concrete assistance in the following points: at first, in order to perform a mapping of information systems to critical functions, the critical functions need to be stable (= no moving target). Second, banks need to better understand what the basic intention of the resolution authorities behind the templates is. What does the resolution authority want to know, what is the focus? Third, there must be a clear-cut definition and industry-wide standard of the term “Information Systems" which has to be prescribed by the EBA and resolution authorities. Fourth, the EBA should clearly define the scope of “Information Systems" with regard to IT-supply chains and IT products that support the IT infrastructure and bank operations as a whole and cannot be separately linked to single critical functions.

Moreover, we recommend that the exercise of identifying parts of the IT products and systems for resolution purposes is harmonised with similar tasks which are frequently conducted. To name just two examples, the institutions business continuity management as well as the information security management contain well-known and standard-based procedures to identify the crown jewels of the IT landscape.  

​ 

About ESBG (European Savings and Retail Banking Group)

​ESBG represents the locally focused European banking sector, helping savings and retail banks in 20 European countries strengthen their unique approach that focuses on providing service to local communities and boosting SMEs. An advocate for a proportionate approach to banking rules, ESBG unites at EU level some 1,000 banks, which together employ 780,000 people driven to innovate at 56,000 outlets. ESBG members have total assets of €6.2 trillion, provide €500 billion in SME loans, and serve 150 million Europeans seeking retail banking services. ESBG members are committed to further unleash the promise of sustainable, responsible 21st century banking.

 

​European Savings and Retail Banking Group – aisbl

Rue Marie-Thérèse, 11 ■ B-1000 Brussels ■ Tel: +32 2 211 11 11 ■ Fax: +32 2 211 11 99

Info@wsbi-esbg.org ■ www.wsbi-esbg.org

 

 

Published by ESBG. December 2017.

 

 

>> See the .pdf version





Innovation; Innovation Hub; Digitalisation; European Institutions; European Supervisory Authorities (EBA-ESMA); Proportionality