CRA3: ESMA publishes final draft Regulatory Technical Standards on disclosure requirements for Structured Finance Instruments

by Dechert LLP

Executive Summary

Following the consultation paper published by the European Securities and Markets Authority (ESMA) in February 2014 (see CRA3: ESMA proposes wide-ranging disclosure requirements on EU originators, sponsors and issuers), on 24 June 2014 ESMA published its final draft of the Regulatory Technical Standards (the RTS)1 on, among other things, disclosure requirements for structured finance instruments (SFIs)2 , as required under the Credit Rating Agencies Regulation3 (the Regulation) as amended by the Credit Rating Agencies 3 Regulation4 (CRA3). The RTS will set out: (i) the information that the issuer, originator and sponsor of a SFI must publish under Article 8 of the Regulation; (ii) the frequency with which information is to be updated and (iii) the presentation of information by means of standardised disclosure templates.

The new CRA3 disclosure requirements will apply in addition to (where applicable) existing disclosure requirements under the Prospectus Directive5, Article 409 of the Capital Requirements Regulation6 (CRR), the reporting requirements for eligible collateral under the European Central Bank (ECB) and Bank of England funding schemes, and disclosure obligations under Rule 17g-56.

The disclosure requirements under the final draft RTS will (subject as follows) apply to all SFIs issued after the date the RTS come into force, however a phase-in approach will apply to transactions not falling within the six asset classes for which reporting templates (based on existing ECB templates for ABS reporting) are not yet developed. In addition, private and bilateral transactions will only become subject to the RTS after a further consultation process and amendment to the RTS to provide for appropriate specific reporting templates.

The disclosure requirements will apply to all SFIs for which any of the issuer, the originator or the sponsor is established in the EU. Accordingly, there may be some situations in which the RTS will catch non-EU securitisations, where only one of the parties (including, for example, a foreign branch of an EU bank acting as sponsor) is established in the EU.

The most significant features of the final draft RTS are discussed in further detail below.

1. Scope of Application

Despite being implemented under the regulatory framework for Credit Rating Agencies (CRAs), the disclosure requirements for SFIs are imposed directly on originators, sponsors and issuers of SFIs, in order to address CRA3 objectives including reduction of investor dependence on credit ratings, increasing transparency and reinforcement of competition between CRAs by facilitating an increase in unsolicited credit ratings.

Notwithstanding the concerns of the majority of respondents to ESMA’s consultation paper, there has been minimal change to the proposed scope of the disclosure requirements. Under the final draft RTS, the requirements will apply not only to rated SFIs, but to all SFIs for which any of the issuer, the originator or the sponsor is established (i.e. has its statutory seat) in the EU, irrespective of whether rated or unrated, offered to the public or subject to private placement, or admission to or location of trading. Application is not limited to SFIs that qualify as securities, but extends to other financial instruments such as money-market instruments (e.g. ABCP programmes).

However, in recognition of the complexity of developing appropriate reporting obligations for private and bilateral SFIs, the final draft RTS now provide for ESMA to conduct a further public consultation in relation to amendments to the RTS to specifically address private and bilateral SFIs, which will not be subject to the RTS until such specific reporting obligations have been developed by ESMA and adopted by the European Commission.

The disclosure requirements will now apply only after 1 January 2017, to SFIs issued after that date, as well as to SFIs issued after the RTS come into force (the 20th day following publication in the Official Journal of the European Union) and which are still outstanding on 1 January 2017. Issuers, originators and sponsors will not be required to keep a backlog of information in respect of the period between entry into force of the RTS and 1 January 2017.

The disclosure requirements will initially only apply to SFIs backed by the following asset classes specified in the draft RTS: (i) credit cards (ii) residential mortgages, (iii) commercial mortgages, (iv) SME loans, (v) auto loans, (vi) consumer loans, and (vii) leases to individuals/businesses. The draft RTS provides standardised disclosure templates for each of these asset-backed classes. A phase-in approach will then apply for all other SFIs (including those backed by trade receivables, store cards, corporate loans and leases, as well as ABCP programmes, synthetic SFIs and re-securitisations) for which ESMA will be required to develop and publish disclosure templates “as soon as technically possible”.

2. Information to be disclosed

The draft RTS require the reporting entity (i.e. the party or parties designated by the issuer, sponsor or originator to carry out their reporting obligations) to provide the following information:

  1. loan level information through the standardised disclosure templates;
  2. where applicable:
  • the final offering document or prospectus, together with the closing transaction documents, including any public documents references in the prospectus or which govern the workings of the transaction (excluding legal opinions);
  • the asset sale agreement, assignment, novation or transfer agreement (and any relevant declaration of trust);
  • the servicing, back-up servicing, administration and cash management agreements;
  • the trust deed, security deed, agency agreement, account bank agreement, guaranteed investment contract, incorporated terms or master trust framework or master definitions agreement;
  • any relevant intercreditor agreements, swap documentation, subordinated loan agreements, start-up loan agreements and liquidity facility agreements; and
  • any other relevant underlying documentation.

Information is to be disclosed on a website to be established by ESMA.

The requirement for detailed loan-level disclosure continues to apply to all asset classes (including credit card ABS), despite the objections of a large number of respondents to the February consultation paper.

The requirement to publish a separate cash-flow model has been removed from the draft RTS, however transaction documents published must include a detailed description of the transaction waterfalls (which would usually be the case in any event).

If the transaction is to be Prospectus Directive (PD) compliant, there is no requirement to publish a separate transaction summary, however if the transaction is not PD compliant, then a summary of the main features of the SFI must be provided, including:

  1. the deal structure;
  2. the asset characteristics, cash flows, credit enhancement and liquidity support features;
  3. the noteholder voting rights, the relationship between noteholders and other secured creditors in a transaction;
  4. the triggers in the transaction and the consequences of them being breached;
  5. the structure diagrams containing an overview of the transaction, the cash-flows and the ownership structure.

Where possible, ESMA has used existing ECB reporting templates to avoid disclosure overlap.

3. Frequency of Reporting

The final draft RTS provide for quarterly loan-level reporting (changed from monthly reporting under the previous draft). Other reporting is expected to be provided "without delay" after the issuance of the SFI.

In addition to periodic loan-level reporting, in order to allow an investor to make a proper assessment of the SFIs, the issuer, originator and sponsor should also disclose information as soon as possible following:

  1. a breach of the obligations included in the documentation relating to the SFI;
  2. any significant change in the structure features that can materially impact on the performance of the SFI;
  3. any significant change in the risk characteristics of the SFI and of the underlying assets.

However, in order to avoid duplication, this will only apply where an SFI does not already fall within the EU market abuse disclosure regime.

4. Responsibility for compliance

In an apparent attempt to address concerns as to responsibility for compliance where SFIs have multiple originators, the final draft RTS provide that the issuer, originator and sponsor may designate one or multiple entities to submit information required to be disclosed or outsource this task to a third party, although this will not release the issuer, sponsor or each originator from their individual compliance responsibility.

Despite a number of respondents querying how the delegation process would work in relation to originators not involved in any way in the SFI (e.g. original lenders of loan portfolios sold and later securitised)7, and whether such originators should be subject to the RTS at all, no further guidance or clarity has been given on these points.

5. Extraterritoriality

Neither has ESMA addressed concerns as to the extra-territorial effect of the RTS disclosure requirements. As noted above, the disclosure requirements will apply to all SFIs for which the issuer, the originator or the sponsor is established in the EU. Note that if any one of these entities is established in the EU, the transaction will be subject to the disclosure requirements. For example, a transaction under which an English bank establishes a Jersey issuer to securitise real estate loans would be caught. More interestingly, it appears that if a German bank, through its US branch, originated US mortgage loans for a securitisation, the transaction would be subject to the disclosure requirements. Accordingly, there may be some situations in which the RTS will catch non-EU securitisations, where only one of the parties (including, for example, a foreign branch of an EU bank) is established in the EU.

6. Next Steps

The final draft RTS were submitted to the European Commission on 21 June 2014. The European Commission has three months to decide whether to endorse the final draft RTS.





For the purposes of the Regulation, SFIs are defined by reference to the Capital Requirements Directive (CRD) definition of ‘securitisation’, which covers a transaction or scheme involving tranching of the credit risk associated with securitised exposures. As with the CRR risk retention and disclosure requirements (which replaced the CRD risk retention and disclosure regime as of 1 January 2014) the CRA3 disclosure requirements will not therefore apply to ‘single-tranche’ issuances.


Regulation (EC) 1060/2009 of the European Parliament and of the Council of 16 September 2009 on credit rating agencies.


Regulation (EU) 462/2013 of the European Parliament and of the Council of 21 May 2013, amending Regulation (EC) 1060/2009 on credit rating agencies.


Directive 2003/71/EC of the European Parliament and of the Council of 4 November 2003 on the prospectus to be published when securities are offered to the public or admitted to trading and amending Directive 2001/34/EC.


Regulation (EU) 575/2013 of the European Parliament and of the Council of 26 June 2013 on prudential requirements for credit institutions and investment firms and amending Regulation (EU) 648/2012.


For the purposes of CRA3, ‘originator’ is defined by reference to the definition at Article 4 of the CRD, which covers entities directly or indirectly involved in the agreements creating the underlying exposures securitised, as well as any entity which purchases a third party’s exposures and securitises them.


DISCLAIMER: Because of the generality of this update, the information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations.

© Dechert LLP | Attorney Advertising

Written by:

Dechert LLP

Dechert LLP on:

Readers' Choice 2017
Reporters on Deadline

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up using*

Already signed up? Log in here

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
Custom Email Digest
Privacy Policy (Updated: October 8, 2015):

JD Supra provides users with access to its legal industry publishing services (the "Service") through its website (the "Website") as well as through other sources. Our policies with regard to data collection and use of personal information of users of the Service, regardless of the manner in which users access the Service, and visitors to the Website are set forth in this statement ("Policy"). By using the Service, you signify your acceptance of this Policy.

Information Collection and Use by JD Supra

JD Supra collects users' names, companies, titles, e-mail address and industry. JD Supra also tracks the pages that users visit, logs IP addresses and aggregates non-personally identifiable user data and browser type. This data is gathered using cookies and other technologies.

The information and data collected is used to authenticate users and to send notifications relating to the Service, including email alerts to which users have subscribed; to manage the Service and Website, to improve the Service and to customize the user's experience. This information is also provided to the authors of the content to give them insight into their readership and help them to improve their content, so that it is most useful for our users.

JD Supra does not sell, rent or otherwise provide your details to third parties, other than to the authors of the content on JD Supra.

If you prefer not to enable cookies, you may change your browser settings to disable cookies; however, please note that rejecting cookies while visiting the Website may result in certain parts of the Website not operating correctly or as efficiently as if cookies were allowed.

Email Choice/Opt-out

Users who opt in to receive emails may choose to no longer receive e-mail updates and newsletters by selecting the "opt-out of future email" option in the email they receive from JD Supra or in their JD Supra account management screen.


JD Supra takes reasonable precautions to insure that user information is kept private. We restrict access to user information to those individuals who reasonably need access to perform their job functions, such as our third party email service, customer service personnel and technical staff. However, please note that no method of transmitting or storing data is completely secure and we cannot guarantee the security of user information. Unauthorized entry or use, hardware or software failure, and other factors may compromise the security of user information at any time.

If you have reason to believe that your interaction with us is no longer secure, you must immediately notify us of the problem by contacting us at In the unlikely event that we believe that the security of your user information in our possession or control may have been compromised, we may seek to notify you of that development and, if so, will endeavor to do so as promptly as practicable under the circumstances.

Sharing and Disclosure of Information JD Supra Collects

Except as otherwise described in this privacy statement, JD Supra will not disclose personal information to any third party unless we believe that disclosure is necessary to: (1) comply with applicable laws; (2) respond to governmental inquiries or requests; (3) comply with valid legal process; (4) protect the rights, privacy, safety or property of JD Supra, users of the Service, Website visitors or the public; (5) permit us to pursue available remedies or limit the damages that we may sustain; and (6) enforce our Terms & Conditions of Use.

In the event there is a change in the corporate structure of JD Supra such as, but not limited to, merger, consolidation, sale, liquidation or transfer of substantial assets, JD Supra may, in its sole discretion, transfer, sell or assign information collected on and through the Service to one or more affiliated or unaffiliated third parties.

Links to Other Websites

This Website and the Service may contain links to other websites. The operator of such other websites may collect information about you, including through cookies or other technologies. If you are using the Service through the Website and link to another site, you will leave the Website and this Policy will not apply to your use of and activity on those other sites. We encourage you to read the legal notices posted on those sites, including their privacy policies. We shall have no responsibility or liability for your visitation to, and the data collection and use practices of, such other sites. This Policy applies solely to the information collected in connection with your use of this Website and does not apply to any practices conducted offline or in connection with any other websites.

Changes in Our Privacy Policy

We reserve the right to change this Policy at any time. Please refer to the date at the top of this page to determine when this Policy was last revised. Any changes to our privacy policy will become effective upon posting of the revised policy on the Website. By continuing to use the Service or Website following such changes, you will be deemed to have agreed to such changes. If you do not agree with the terms of this Policy, as it may be amended from time to time, in whole or part, please do not continue using the Service or the Website.

Contacting JD Supra

If you have any questions about this privacy statement, the practices of this site, your dealings with this Web site, or if you would like to change any of the information you have provided to us, please contact us at:

- hide
*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.