The European Central Bank (ECB) published an updated list of supervised entities, a report on the supervision of less significant institutions (LSIs), a statement on macro-prudential policy, results of the most recent review of its risk control framework for collateralized credit operations, a report on observations from the 2022 analysis of technology and cyber risk, and updates on the launch of the Eurosystem Collateral Management System and the digital Euro project. Additionally, ECB announced the introduction of Euro in Croatia, with ECB now directly supervising five significant institutions and overseeing 16 less significant institutions in the country. ECB also announced an administrative penalty on ABANCA Corporación Bancaria, S.A. for knowingly failing to report a significant cyber incident and announced withdrawal of the banking license of RCB Bank Ltd from Cyprus, following a voluntary phasing out of banking operations.
Below are additional key highlights of the recent announcements and publications from ECB:
- The statement on macro-prudential policy notes that ECB has revised its floor methodology for assessing capital buffers for other systemically important institutions (O-SIIs). The revised floor methodology increases the number of buckets to which O-SIIs are allocated from four to six and raises the floor level for the highest bucket to 1.50% while keeping the floor of the lowest bucket unchanged at 0.25%. ECB will use the revised floor methodology to assess O-SII buffers proposed by national authorities as of January 01, 2024.
- The report on LSI supervision examines key developments in the less significant institutions sector, its structure, and major activities aimed at addressing challenges from the supervisory perspective. The findings show that the number of less significant institution fell from more than 3,167 to about 2,089 by the end of 2021, with Germany, Austria and Italy accounting for the bulk of this reduction. The outlook for the LSI sector remains challenging as credit and liquidity risks are on the rise and there has been no fundamental improvement in profitability. When planning, LSIs need to allow for potential impacts on their balance sheets and capital adequacy, particularly from exposures to borrowers hit by at least first and second-round effects of a crisis. Prudent provisioning for credit losses and changes to capital distribution plans should be considered, as may be required by future developments.
- Post a review of its risk control framework for credit operations, ECB decided on several measures to improve the overall consistency of the risk control framework, with these measures taking effect from June 29, 2023. The measures include the increase the valuation haircuts for marketable and non-marketable assets to return to the ECB’s pre-pandemic risk tolerance level and phase-out of the distinction between jumbo and other covered bonds, assigning all covered bonds and multi-cédulas to haircut category II. Another measure involves re-assigning debt instruments issued by the European Union (EU bonds) from haircut category II to haircut category I, the same as used for debt instruments issued by central governments. ECB also decided to set the haircuts for marketable assets with a floating coupon to be equal to those with a fixed coupon, split the longest residual maturity category in the existing haircut schedule into three new categories, and replace the current flat 5% theoretical valuation markdown with a maturity-graduated markdown schedule, extending its application to all theoretically valued marketable assets except those falling under haircut category I. To implement these decisions, ECB has published three guidelines (ECB/2022/48-50).
- In the report on observations on information technology and cyber risk, ECB notes that there exists an increasing information technology outsourcing risk level amid a continued increase in information technology outsourcing expenses. Cloud expenses increased by 45%, albeit from a low basis compared with other information technology outsourcing expenses (total cloud expenses account for 4.2% of total information technology outsourcing expenses). Data quality management remains the least mature information technology risk control domain with the worst self-assessment scores reported by banking institutions. Some banks still report a lack of key risk control measures; for instance, 7% report not having a functional independence between
1st and 2nd line of defense and 32% report not having an up-to-date, reliable, and complete information technology asset inventory identifying critical information technology assets (2020: 36%).
- The Governing Council of the ECB has decided to reschedule the launch of the Eurosystem Collateral Management System (ECMS) from November 20, 2023 to April 08, 2024. The ECMS will be a unified system for managing assets used as collateral in Eurosystem credit operations and will replace the existing individual systems of the euro area national central banks. The ECMS is expected to deliver considerable benefits to the Eurosystem and its counterparties and to the market at large by harmonizing collateral management practices and contributing to further financial integration of the European Union.
- Finally, ECB published documents and a letter on the digital euro prototyping exercise and announced the work on the digital euro rulebook is expected to commence in January 2023. The aim of the prototyping exercise is to test how well potential back-end solutions can integrate with front-end prototypes that have been developed by companies with a track record of developing payment services. The prototypes in the experiments will therefore simulate end-to-end transactions using digital euro. The prototyping exercise is expected to conclude in the first quarter of 2023, at which point the ECB will publish its findings. The full specifications for the application programming interface (API) to be developed duringthe exercise will also be published following the conclusion of the prototyping experiments.
- Report on LSI Supervision (PDF)
- Statement on Macro-Prudential Policy (PDF)
- Review of Risk Control Framework
- Observations on Technology Risk (PDF)
- Updated List of Supervised Entities (PDF)
- Changes in List of Supervised Entities
- Croatia Introduces Euro
- EC on Croatia Joining Euro Area
- License of RCB Bank
- Cyber Incident Penalty on ABANCA
- Launch of Collateral Management System
- Letter on Digital Euro Prototyping (PDF)
- Documents on Digital Euro Prototyping
Keywords: Europe, EU, Banking, Macro Prudential Policy, Basel, Regulatory Capital, O SII Buffer, Less Significant Institutions, Operational Resilience, ABANCA, RCB Bank, Bank Licenses, Cyber Risk, Regtech, Outsourcing Risk, Cloud Computing, Cyber Incident Reporting, ECB
The European Banking Authority (EBA) launched the 2023 European Union (EU)-wide stress test, published annual reports on minimum requirement for own funds and eligible liabilities (MREL) and high earners with data as of December 2021.
The European Banking Authority (EBA) proposed implementing technical standards on the interest rate risk in the banking book (IRRBB) reporting requirements, with the comment period ending on May 02, 2023.
The U.S. Federal Reserve Board (FED) set out details of the pilot climate scenario analysis exercise to be conducted among the six largest U.S. bank holding companies.
The Board of Governors of the Federal Reserve System (FED) adopted the final rule on Adjustable Interest Rate (LIBOR) Act.
The Hong Kong Monetary Authority (HKMA) published a circular on the prudential treatment of crypto-asset exposures, an update on the status of transition to new interest rate benchmarks.
The European Commission (EC) adopted the standards addressing supervisory reporting of risk concentrations and intra-group transactions, benchmarking of internal approaches, and authorization of credit institutions.
The China Banking and Insurance Regulatory Commission (CBIRC) issued rules to manage the risk of off-balance sheet business of commercial banks and rules on corporate governance of financial institutions.
The Hong Kong Monetary Authority (HKMA) made announcements to address sustainability issues in the financial sector.
The European Banking Authority (EBA) published regulatory standards on identification of a group of connected clients (GCC) as well as updated the lists of identified financial conglomerates.
The General Board of the European Systemic Risk Board (ESRB), at its December meeting, issued an updated risk assessment via the quarterly risk dashboard and held discussions on key policy priorities to address the systemic risks in the European Union.