The European Central Bank (ECB) published the results euro area bank lending survey, updated the questions and answers (Q&A) on AnaCredit Regulation, and issued an opinion on the proposed directive on measures for a high common level of cybersecurity across the European Union.
The results of the bank lending survey show that credit standards for loans or credit lines to enterprises tightened in the first quarter of 2022 mainly due to perceptions of increased risk and decreased risk tolerance, in the context of high uncertainty, supply chain disruptions and high energy and input prices. However, for the second quarter of 2022, banks expect a considerably stronger net tightening of credit standards for loans to firms, likely reflecting the uncertain economic impact of the war in Ukraine and the anticipation of less accommodative monetary policy. Also, banks reported, on balance, a continued increase in firms’ demand for loans or drawing of credit lines in the first quarter of 2022. Loan demand was driven by a strong positive impact of financing needs of firms for working capital, reflecting supply chain disruptions as well as precautionary inventories and liquidity holdings. A total of 151 banks were surveyed and the results reported in the April 2022 survey relate to changes observed in the first quarter of 2022 and expected in the second quarter of 2022, unless otherwise indicated.
As part of AnaCredit Q&A update, ECB clarified how banks should report the attribute “Type of impairment” for instruments that were credit-impaired at initial recognition. According to the AnaCredit Regulation, the data attribute “Type of impairment” for institutions applying IFRS only includes impairment stages 1, 2, and 3 in accordance with European Banking Authority (EBA) reporting framework 2.8. However, in June 2020, the IFRS category “purchased or originated credit-impaired financial asset” (POCI) was included in EBA reporting framework 3.0. Given the new inclusion, ECB clarified that there is no specific category that allows POCIs to be captured explicitly under the data attribute “Type of impairment”. Instead, the value “Stage 3 (IFRS)” is reported by banks applying IFRS for all POCIs which are impaired at the reference date, while the value “Stage 2 (IFRS)” is reported when the POCIs are not impaired at the reference date. Moving forward, the AnaCredit reporting schemes will be updated by introducing a new value “POCI (IFRS)” for the data attribute “Type of impairment” to distinguish POCIs from other instruments subject to impairment in accordance with the EBA reporting framework methodology. The first reference date as of which the new category “POCI (IFRS)” is to be used is September 30, 2022. ECB also clarified that for reference dates up to and including June 30, 2022, the POCIs are to be classified in “Stage 2 (IFRS)” or “Stage 3 (IFRS)”, depending on whether the POCI is impaired or not.
In its opinion, ECB strongly supports the objectives of the proposed directive on measures for a high common level of cybersecurity across the European Union. The key objectives are to increase the level of cyber resilience across all relevant sectors, reduce inconsistencies across the internal market, and improve the level of situational awareness and the collective capability to prepare and respond by ensuring efficient cooperation in the European Union. However, ECB recommends changes to the proposed directive and with respect to these changes a specific drafting proposal has been set out in a technical working document, which is attached to the ECB Opinion. The key recommendations of ECB are as follows:
- Member states must designate one or more competent authorities responsible for the management of large-scale incidents and crises.
- The competent authorities should inform the Oversight Forum, established under digital operational resilience for the financial sector (DORA), when exercising their supervisory and enforcement powers in relation to an essential entity designated as a critical Information and Communications Technology (ICT) third-party service provider under DORA.
- The competent authorities designated under DORA, including the ECB, should participate in the European Cyber Crises Liaison Organization Network (EU-CyCLONe), when large-scale cybersecurity incidents and crises affect the financial sector.
- Information exchange should take place where there are clearly established classification and information-sharing mechanisms, coupled with adequate safeguards to ensure confidentiality.
- Member states should continue to include the financial sector in their respective cybersecurity strategies. Indicatively, as part of their national cybersecurity strategies, member states should adopt policies addressing cybersecurity in the supply chain for ICT products and services used by entities for the provision of their services. The national cybersecurity strategies should be consistent with the regulatory framework that emanates from DORA.
Keywords: Europe, EU, Banking, Lending, Credit Risk, Basel, CRR, IFRS, AnaCredit, Q&A, Reporting, Operational Resilience, Opinion, DORA, Incident Reporting, Third-Party Risk, Cyber Risk, Regtech, EBA, ECB
Previous ArticleBCL Updates Technical Specifications for AnaCredit Reporting
The European Banking Authority (EBA) published four draft principles to support supervisory efforts in assessing the representativeness of COVID-19-impacted data for banks using the internal ratings based (IRB) credit risk models.
The European Council and the European Parliament (EP) reached a provisional political agreement on the Corporate Sustainability Reporting Directive (CSRD).
The Prudential Regulation Authority (PRA) launched a consultation (CP6/22) that sets out proposal for a new Supervisory Statement on expectations for management of model risk by banks.
The European Commission (EC) published the Delegated Regulation 2022/954, which amends regulatory technical standards on specification of the calculation of specific and general credit risk adjustments.
The Bank for International Settlements (BIS) Innovation Hub updated its work program, announcing a set of projects across various centers.
The European Insurance and Occupational Pensions Authority (EIOPA) published two consultation papers—one on the supervisory statement on exclusions related to systemic events and the other on the supervisory statement on the management of non-affirmative cyber exposures.
Certain members of the U.S. Senate Committee on Banking, Housing, and Urban Affairs issued a letter to the Securities and Exchange Commission (SEC)
The European Insurance and Occupational Pensions Authority (EIOPA) published a consultation paper on the advice on the review of the securitization prudential framework in Solvency II.
The Prudential Regulation Authority (PRA) issued a statement on PRA buffer adjustment while the Bank of England (BoE) published a notice on the statistical reporting requirements for banks.
The Basel Committee on Banking Supervision (BCBS) issued principles for the effective management and supervision of climate-related financial risks.