Brexit: Financial Services Firms: Appendix

by White & Case LLP

White & Case LLP

This appendix contains a brief description of the key EU financial services directives (excluding the insurance sector) which create the core regulatory framework within which financial services firms principally operate as well as basic definitions of some other acronyms used. It also contains a brief discussion of what is meant by "passporting" and what the preconditions to passporting are.

Click here to read the full report Brexit: Financial Services Firms: Mapping the impact of Brexit to make sure high level strategic thinking can be delivered legally and operationally.

Part 1: EU financial services directives

Article 50: Article 50 of the Lisbon Treaty on European Union. This sets out the mechanism by which a state may exit the EU. It creates a negotiating framework and sets down a timeframe but does not prescribe any legal outcomes. The two year timetable specified by Article 50 may be extended by unanimous member state agreement, but not otherwise.

AIFMD: the Alternative Investment Fund Managers Directive: the directive prescribing the regulatory framework to govern the prudential and conduct regulation of alternative investment fund managers and their core service providers, particularly depositories. The AIFMD contains specific rules for passporting and establishing equivalence for third country regulatory regimes.

BRRD: the Bank Recovery and Resolution Directive: the directive establishing the framework for the recovery and resolution of EU credit institutions and investment firms, and setting out the various regulatory tools to be deployed in times of stress (e.g., bail in) and the frame work for the establishment of minimum levels of own funds and eligible liabilities, known as MREL.

CCP: A central counterparty clearing house: an organisation established to facilitate trading done in derivatives and equities markets. CCPs bear most of the credit risk of buyers and sellers when clearing and settling market transactions. CCPs are corporate entities that reduce counterparty, operational, settlement, market, legal and default risk for traders by becoming the counterparty to the buyer and the seller and guaranteeing the terms of a trade even if one party defaults. CCPs receive and hold enough margin (cash or eligible securities) from each buyer and seller to cover their respective obligations under their contracts, with obligations being marked to market.

CRD IV: The Capital Resources Directive IV: The framework directive providing the architecture for the regulation of deposit taking (banking) activities across Europe. It creates a framework of prudential regulation for subsidiaries and branches and creates the framework for cross border regulation for banking business. It contains passporting rules for the provision of certain banking activities in another Member State on either a branch or cross-border services basis.

CSD: Central Securities Depository: a CSD is an entity which provides a central point for depositing financial instruments ("securities"), for example bonds and shares. CSDs' clients are typically financial institutions themselves (such as custodian banks and brokers) rather than individual investors. The core functions of EU CSD are to (a) operate a securities settlement system; (b) record newly issued securities in a book-entry system; and (c) provide and maintain securities accounts at the top tier level. CSDs operate IT platforms allowing for the recording of entitlements to securities and the settlement of securities transactions.

ICSD: International CSDs: Whereas CSDs were primarily created to serve their domestic market, ICSDs or "international CSDs" were created in the 1970s to settle eurobonds, i.e., international bonds denominated in a different currency from that of the country in which they are issued. ICSDs have extended the scope of their services to cover all types of internationally-traded financial instruments, including equities and investment funds. There are two ICSDs in the European Union: Clearstream Banking Luxembourg and Euroclear Bank in Belgium. Both hold a banking license and provide settlement in different currencies.

EEA: European Economic Area: EU members plus three of the four members of the European Free Trade Association (Norway, Iceland, Liechtenstein). Provides access to the EU internal market but without being subject to certain policies (agriculture/fisheries) but subject to obligations to make certain payment to EU but no involvement in substantive decision making. The EEA does provide a framework for cross border provision of financial services distinct from the "third country" provisions of CRD IV and MiFID but its operation has not caught up with recent changes in EU financial services regulation, in particular the roles and rule making responsibilities of the EBA, ESMA and EIOPA.

FSB: The Financial Stability Board: The FSB was established in April 2009 at the Pittsburgh Summit, by the Heads of State and Government of the Group of Twenty who endorsed the FSB's objectives and mandate to assume a global key role in promoting the reform of international financial regulation and to promote financial stability.

MiFID: The Markets in Financial Instruments Directive (in process of being updated by MiFID II – implementation date January, 2018) and to be read with the Markets in Financial Instruments Regulation (MiFIR) – the framework directive and regulation providing the architecture for the regulation of investment services across Europe. MiFID governs the process of authorising/licencing entities and the regulatory environment with which all MiFID firms must comply and creates the framework for Passporting of investment business.

PSD: The Payment Services Directive: The framework directive providing the legal foundation for the creation of an EU-wide single market for payments. The PSD aims at establishing a modern and comprehensive set of rules applicable to all payment services in the European Union. The target is to make cross-border payments as easy, efficient and secure as 'national' payments within a Member State. The PSD also seeks to improve competition by opening up payment markets to new entrants, thus fostering greater efficiency and cost-reduction. At the same time the Directive provides the necessary legal platform for the Single Euro Payments Area. PSD provides harmonising rules for conduct of business, execution times, and client classification and treatment.

Settlement Finality Directive: The Settlement Finality Directive adopted in May 1998 is aimed at reducing the systemic risk associated with participation in payment and securities settlement systems, and in particular the risk linked to the insolvency of a participant in such a system. The Directive applies to payment and securities settlement systems as well as any participant in such a system and to collateral security provided in connection with the participation in a system, or operations of the central banks of the Member States in their functions as central banks and, in particular, specifies when a transfer of a security becomes final. It is closely associated with the Financial Collateral Arrangements Directive which facilitated cross border use of collateral and removed many historical processes which impeded the swift and effective grants of security interests. Both sets of rules are foundational to the security and efficiency of liquidity provision across the EU.

SMCR: The Senior Management and Certification Regime of the UK, which replaces the UK's approved persons regime and creates the framework for ensuring the fitness and propriety of senior staffing working in UK Credit Institutions and establishing a framework for direct personal accountability for the most senior levels of management to regulators for breaches of financial services regulations occurring in their areas of responsibility.

"Third Country": any country that is not a member of the EU, or in some cases the EEA. In essence it means a country not subject to EU rules but without benefit, other than under very specific conditions, of access to specific EU markets in respect of specific products or services.

UCITS V: the directive establishing the regulatory framework governing asset managers and their depositories servicing the retail funds industry across the EU. The regime specifies prudential, conduct, investment and disclosure rules. It is the equivalent in the retail funds space to the AIFMD. It contains a passporting mechanic.

Part 2: Licensing and passporting

How do firms provide services "cross border"? Licensing and Passporting are the key concepts:

Entities may operate in the EU through either locally established subsidiaries, which will be separately capitalised (and subject to EU prudential capital rules) and be subject to direct regulation in all aspects of operation by the National Competent Authority ("NCA") of the jurisdiction where they are established, or through branches. A branch may be of either an EU credit institution (in which case it will be subject to both home state (location of incorporation of legal entity) regulation and host state (location of branch) regulation, or of a non-EU authorised bank or broker dealer, in which case the EU NCA will defer some elements of prudential regulation to the jurisdiction of incorporation but will regulate most other matters including e.g., liquidity, governance and conduct.

To provide banking or investment services in the EU, entities (whether from branches or separate legal entities), need to be authorised under MiFID and/or CRD in the EU jurisdiction in which they are set up. A branch of a non-EU entity can ONLY provide services in the EU jurisdiction within which it is set up and authorised.

Passporting is the ability of an EU authorised legal entity to provide services in jurisdiction "A" from an entity in jurisdiction "B". It is a very important EU regulatory concept. Passporting out of London to other EU locations is a very common operating model for financial institutions.

The concept of passporting is in practice mostly utilised for activities conducted under MiFID. Core deposit taking activities which underpin banking activities are regulated under CRD which most banks do not rely on. MiFID does have a passporting mechanic for certain deposit taking and custody functions but these are "ancillary" to the securities related activities which MiFID primarily regulates.

Passporting is not "automatic" – an application needs to be filed with regulators. But generally speaking, applications for passporting by EU authorised entities will be granted.

Non-EU entities e.g., EU established branches of US bank and, following the final departure of the UK from the EU, UK authorised entities) do NOT have passporting rights in respect of their branches in the EU (e.g., a US bank Frankfurt branch cannot provide services in France, for example).   

Click here to download PDF.

DISCLAIMER: Because of the generality of this update, the information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations.

© White & Case LLP | Attorney Advertising

Written by:

White & Case LLP

White & Case LLP on:

Readers' Choice 2017
Reporters on Deadline

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up using*

Already signed up? Log in here

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
Custom Email Digest
Privacy Policy (Updated: October 8, 2015):

JD Supra provides users with access to its legal industry publishing services (the "Service") through its website (the "Website") as well as through other sources. Our policies with regard to data collection and use of personal information of users of the Service, regardless of the manner in which users access the Service, and visitors to the Website are set forth in this statement ("Policy"). By using the Service, you signify your acceptance of this Policy.

Information Collection and Use by JD Supra

JD Supra collects users' names, companies, titles, e-mail address and industry. JD Supra also tracks the pages that users visit, logs IP addresses and aggregates non-personally identifiable user data and browser type. This data is gathered using cookies and other technologies.

The information and data collected is used to authenticate users and to send notifications relating to the Service, including email alerts to which users have subscribed; to manage the Service and Website, to improve the Service and to customize the user's experience. This information is also provided to the authors of the content to give them insight into their readership and help them to improve their content, so that it is most useful for our users.

JD Supra does not sell, rent or otherwise provide your details to third parties, other than to the authors of the content on JD Supra.

If you prefer not to enable cookies, you may change your browser settings to disable cookies; however, please note that rejecting cookies while visiting the Website may result in certain parts of the Website not operating correctly or as efficiently as if cookies were allowed.

Email Choice/Opt-out

Users who opt in to receive emails may choose to no longer receive e-mail updates and newsletters by selecting the "opt-out of future email" option in the email they receive from JD Supra or in their JD Supra account management screen.


JD Supra takes reasonable precautions to insure that user information is kept private. We restrict access to user information to those individuals who reasonably need access to perform their job functions, such as our third party email service, customer service personnel and technical staff. However, please note that no method of transmitting or storing data is completely secure and we cannot guarantee the security of user information. Unauthorized entry or use, hardware or software failure, and other factors may compromise the security of user information at any time.

If you have reason to believe that your interaction with us is no longer secure, you must immediately notify us of the problem by contacting us at In the unlikely event that we believe that the security of your user information in our possession or control may have been compromised, we may seek to notify you of that development and, if so, will endeavor to do so as promptly as practicable under the circumstances.

Sharing and Disclosure of Information JD Supra Collects

Except as otherwise described in this privacy statement, JD Supra will not disclose personal information to any third party unless we believe that disclosure is necessary to: (1) comply with applicable laws; (2) respond to governmental inquiries or requests; (3) comply with valid legal process; (4) protect the rights, privacy, safety or property of JD Supra, users of the Service, Website visitors or the public; (5) permit us to pursue available remedies or limit the damages that we may sustain; and (6) enforce our Terms & Conditions of Use.

In the event there is a change in the corporate structure of JD Supra such as, but not limited to, merger, consolidation, sale, liquidation or transfer of substantial assets, JD Supra may, in its sole discretion, transfer, sell or assign information collected on and through the Service to one or more affiliated or unaffiliated third parties.

Links to Other Websites

This Website and the Service may contain links to other websites. The operator of such other websites may collect information about you, including through cookies or other technologies. If you are using the Service through the Website and link to another site, you will leave the Website and this Policy will not apply to your use of and activity on those other sites. We encourage you to read the legal notices posted on those sites, including their privacy policies. We shall have no responsibility or liability for your visitation to, and the data collection and use practices of, such other sites. This Policy applies solely to the information collected in connection with your use of this Website and does not apply to any practices conducted offline or in connection with any other websites.

Changes in Our Privacy Policy

We reserve the right to change this Policy at any time. Please refer to the date at the top of this page to determine when this Policy was last revised. Any changes to our privacy policy will become effective upon posting of the revised policy on the Website. By continuing to use the Service or Website following such changes, you will be deemed to have agreed to such changes. If you do not agree with the terms of this Policy, as it may be amended from time to time, in whole or part, please do not continue using the Service or the Website.

Contacting JD Supra

If you have any questions about this privacy statement, the practices of this site, your dealings with this Web site, or if you would like to change any of the information you have provided to us, please contact us at:

- hide
*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.