Banking & Finance Law

The European Securitisation Regulation


This memorandum sets out a general overview over the Regulation (EU) 2017/2402 laying down a general framework for securitisation and creating a specific framework for simple, transparent and standardised securitisation (the Securitisation Regulation), which was published on 28 December 2017 in the Official Journal of the European Union and came into force on 18 January 2018.

The Securitisation Regulation further mandates the European Securities and Market Authority (ESMA), the European Banking Authority (EBA) and the European Insurance and Occupational Pensions Authority (EIOPA) with developing regulatory technical standards and implementation technical standards for a number of areas addressed in the piece of legislation.


The Securitisation Regulation represents the culmination of a lengthy political debate and legislative process and a significant breakthrough in the European Union for securitisation transactions. It mainly promotes two purposes: first, the harmonisation and consolidation of certain key elements in the European securitisation market across the financial industries (e.g. existing rules on due diligence, risk retention, disclosure and credit-granting), and second, the creation of a specific legal framework for simple, transparent and standardised long-term securitisations and asset-backed commercial paper programmes (collectively STS).

Final aim of the EU legislator is to promote securitisations as an important element of well-functioning financial markets, to diversify funding sources, allocate risk more widely and free up originators’ balance sheets to allow for further lending to the real economy.

Such aim is pursued by differentiating simple, transparent and standardised securitisations from highly complex, opaque and risky securitisations and incentivising investment in the former over the latter through recalibrated prudential frameworks.

Scope of application

In terms of subjective scope of application, the Securitisation Regulation will apply to credit institutions, insurance companies and pension funds as well as alternative investment fund managers, when such entities act as institutional investors, originators, sponsors, original lenders and securitisation special purpose entities (SSPEs) within securitisation transactions. SSPEs must be established in the European Union or in third countries that are not listed as high-risk and non-cooperative jurisdictions by the Financial Action Task Force (FATF).

For the purpose of the Securitisation Regulation, a “securitisation” is to be understood as “a transaction or scheme, whereby a credit risk is tranched”. Therefore, the new rules will only concern securities issued in tranches, with subordination that determines the distribution of losses during the ongoing life of the transaction and does not apply to mono-tranched securitisations.

From a temporal perspective, the Securitisation Regulation will apply to securitisation transactions the securities of which are issued on or after 1 January 2019 and to any securitisation that creates new securitisation positions on or after 1 January 2019.

Pre-existing securitisations would, generally, continue to be subject to the rules in place immediately before the application date of the Securitisation Regulation, unless new securities are issued or new positions are created. However, the Securitisation Regulation also includes transitional provisions enabling securitisations the securities of which were issued before 1 January 2019 to be designated as STS provided that they satisfy certain criteria at the time of the notification of the STS status. Parties may wish to amend the terms of existing transactions to enable them to be designated as STS. Moreover, the regulatory due diligence rules will apply to all securitisations issued on or after 1 January 2011 or to which new exposures have been added or substituted after 31 December 2014.

Simple, transparent and standardised securitisations

The STS framework set forth under the Securitisation Regulation contains eligibility criteria for STS securitisations, provisions for notifications by securitising entities and reliance and due diligence by investors as well as supervision mechanisms.

The STS criteria are set out on a general basis, rather than being asset-class specific. However, there are separate sets of criteria for STS term transactions and for STS asset-backed commercial paper transactions. Much of the detail remains to be rounded out in technical standards and guidelines which are being developed by the European supervisory authorities.

  • Requirements related to simplicity

Examples of requirements related to simplicity include requiring that the title to the underlying exposures is acquired by the SSPE by means of a true sale, in a manner that is enforceable against the seller or any other third party. The transfer of the title to the SSPE shall not be subject to severe claw-back provisions in the event of the seller’s insolvency.

Moreover, the underlying exposures shall not include any securitisation position and shall be originated in the ordinary course of the originator’s or original lender’s business.

Another simplicity requirement is the one concerning “homogeneity”. In particular, the securitisation shall be backed by a pool of underlying exposures that are homogeneous in terms of asset type, taking into account the specific characteristics relating to the cash flows of the asset type including their contractual, credit-risk and prepayment characteristics.

On 15 December 2017, EBA published a consultation on the homogeneity requirement. The Securitisation Regulation has been criticised for the blurry nature of its eligibility criteria relating to the homogeneity of underlying asset pools. One recurring question has been how granular the homogeneity requirement will be, i.e. whether asset pools need to be grouped by class or according to sub-sets exhibiting common characteristics. It is still unclear whether investing in mixed secured and unsecured underlying asset pools would qualify as homogeneous. EBA is currently consulting on an approach that would specify a list of asset categories as well as list of “risk factors” to be considered when determining whether an asset pool is sufficiently homogeneous. Risk factors include type of obligor, type of credit facility and collateral, repayment mechanics and industrial sector. Prior to EBA guidance being progressed, in an effort to tick off each relevant risk factor and given the complex provisions of the proposal, originators may struggle to pool together enough sufficiently similar assets to benefit from economies of scale.

  • Requirements related to transparency

To be a transparent STS term securitisation, entities involved in the transaction shall fulfil with certain information and disclosure requirements.

In particular, before the pricing of the securitisation, the originator and the sponsor shall make available to potential investors data on static and dynamic historical default and loss performance, covering at least five years for retail exposures and seven years for non-retail exposures and a liability cash flow model on an ongoing basis.

An appropriate independent party will verify a sample of the underlying assets and the disclosed data relating to such sample.

In case of a securitisation where the underlying exposures are residential loans or auto loans or leases, the originator and sponsor shall publish the available information related to the environmental performance of the assets financed by such residential loans or auto loans or leases.

  • Requirements related to standardisation

In order for a securitisation to be standardised, certain requirements must be met.

By way of example, the originator, sponsor or original lender shall satisfy the risk-retention requirement.

Generally, the interest rate and currency risks in the securitisation must be mitigated, and the mitigation measures (such as derivatives or otherwise) disclosed. Moreover, general market standard interest rates must be the grounds for any referenced interest payments for either the assets or liabilities of the securitisation.

Principal receipts will be distributed in order of seniority where no enforcement or acceleration notice has been delivered. In addition, there is a ban on provisions requiring automatic liquidation of the underlying exposures at market value.

Other standardisation requirements are related to the transaction documents. Transaction documents shall, inter alia, provide clearly what actions may be taken relating to delinquency and default debtors, as well as priority of payments, triggers, changes to payments priority following trigger breaches and consequent reporting of such breaches.

  • Excluded classes

Certain securitisations have been deliberately excluded from the STS framework. Unlike the general requirements that apply to all securitisations which allow originators, sponsors and SSPEs to be established in third countries, securitisations may only be eligible for the STS designation if each of the originator, sponsor and SSPE is established in the EU. The limitation on the location of STS securitising entities was not included in the original Commission proposal and seems to have arisen partly as a consequence of the UK’s decision to leave the EU. The Commission has been mandated to present a report by 2022 that shall include an assessment over whether to introduce an equivalence regime for third-country securitising entities. Other securitisations deliberately excluded from the STS framework are, among others, securitisations of non-performing loans, managed CLOs, CMBS and synthetic securitisations (although the EBA is required to publish a report on STS synthetic securitisation by July 2019).

  • STS notification and designation

Originators, sponsors and SSPEs (or, in the case of asset-backed commercial paper programmes, just sponsors) are required jointly to notify ESMA, national competent authorities and investors that their securitisation meets the STS criteria, by means of a standardised template to be developed by ESMA, and designate a contact point for investors and competent authorities. This STS notification must include an explanation of how each of the STS criteria is satisfied and will be published on the ESMA website. If a securitisation stops meeting the STS criteria, the originator and the sponsor are required to immediately notify ESMA and competent authorities. While there is no specific obligation to notify investors, it is likely that they would likely have to be notified under the general disclosure obligations. Further detail will be set out in new technical standards.

  • Third party certification agents

The originator, sponsor or SSPE are allowed to use the services of an authorised third-party certification agent to assess the compliance of a securitisation with the STS criteria. However:

  • the originator, sponsor and SSPE would remain liable for any incorrect notification, and
  • a certification would not affect the obligation placed on institutional investors to assess whether a securitisation labelled as STS has actually satisfied the criteria.

Institutional investors are allowed to rely “to an appropriate extent” on the STS notification and the information contained in it, but “without solely or mechanistically relying on that notification or information”.

  • Regulatory capital requirements

The Regulation (EU) 2017/2401 amending Regulation (EU) No 575/2013 on prudential requirements for credit institutions and investment firms (the CRR Amending Regulation) introduces preferential regulatory capital requirements for exposures to STS securitisations, when compared with exposures to non-STS securitisations, for credit institutions and investment firms. Additional criteria are set out in the CRR Amending Regulation to be satisfied by the securitisation in order for such preferential regulatory capital treatment to apply. The European Commission is currently working on adjustments to the regulatory capital treatment of STS securitisations applicable to insurers and reinsurers pursuant to Solvency II.

Risk retention

The existing level of risk retention (5%) and the existing five structural methods of risk retention have been left largely unchanged; therefore, current practice for transactions will be unaltered. However, there are certain key differences, which we briefly expand below.

While under the risk retention provisions of the Regulation (EU) No 575/2013 (the CRR), institutional investors must ensure that originators, sponsors and original lenders retain an economic stake in the viability of a transaction; the new rules impose risk retention requirements directly on originators, sponsors and original lenders.

This means that EU originators, sponsors and original lenders will need to satisfy the requirements even where there is no requirement from investors to do so (e.g. because they are non-EU entities). This direct risk retention obligation applies to any originator, sponsor or original lender, and not just to institutional entities regulated under sectoral legislation.

The Securitisation Regulation clarifies that, for the purpose of satisfying the risk retention rules, “an entity shall not be considered to be an originator where the entity has been established or operates for the sole purpose of securitising exposures”.

The Securitisation Regulation does not specify the meaning of the notion of “sole purpose”. Details of what is required to pass this test, such as how an originator can prove that it has a broader business enterprise, will be included in a new set of regulatory technical standards (RTS) on the risk retention requirements which are in the process of being developed by EBA, and will replace the current RTS under the CRR.

Finally, the risk retention provision set forth under the Securitisation Regulation prohibits originators from intentionally securitising assets which are more likely to suffer losses than comparable assets kept on the originator’s balance sheet.

Transparency requirements

The new Securitisation Regulation contains detailed transparency provisions, which will repeal transparency requirements currently imposed on credit institutions and investment firms under the CRR and on alternative investment fund managers under the AIFM Regulation.

Among others, the reform provides that:

  • originators, sponsors and SSPEs must make available to holders of a securitisation position, competent authorities and, upon request, to potential investors, certain information on the transaction and underlying exposures (e.g. loan level data on a quarterly basis, transaction documentation that is essential to understand the transaction). ESMA is in the process of developing standardised disclosure templates. Originators, sponsors and SSPEs shall appoint one reporting entity among themselves to fulfil such transparency obligations;
  • information must be disclosed via a registered securitisation repository or, if no registered securitisation repository exists, via a website that meets specified requirements as to data control and security;
  • where there is no requirement under EU law to draft a prospectus in relation to a securitisation transaction, the obligation to publicly disclose transaction information by way of securitisation repository or website does not apply (information must be disclosed on a bilateral basis). A transaction summary or overview listing the main features of the securitisation will have to be prepared for such private transactions and made available to holders of securitisation positions, competent authorities and, upon request, to potential investors. In the context of private transactions, however, “potential” investors are likely to be a limited category of persons.

Due diligence for EU regulated institutional investors

The Securitisation Regulation sets out due diligence requirements applying to institutional investors only[1].

Existing due diligence requirements provided under different pieces of legislation (CRR, Solvency II Delegated Act and AIFMD) will be repealed and replaced by the ones governed by the Securitisation Regulation. The majority of the reformed due diligence requirements are substantially similar to existing requirements, though some have been specified and others have been removed. Among others, investors have to:

  • make certain verifications before coming exposed to a securitisation, including that the structure is risk retention compliant, assets were originated on the basis of high credit-granting standards and the originator, sponsor and SSPE comply with their disclosure obligations;
  • carry out a due diligence assessment commensurate with the risks involved before becoming exposed to a securitisation, both in relation to the exposures underlying the securitisation and the structural features of the securitisation and, for a securitisation that is designated STS, as to whether it meets the STS criteria; and
  • on an on-going basis during the life of the securitisation, establish written procedures to monitor the performance of the securitisation, perform stress tests, ensure there is an adequate level of internal reporting and be able to demonstrate to authorities that they have a comprehensive and thorough understanding of their securitisation position and its underlying exposures.

Supervision and sanctions for breach

National competent authorities will supervise compliance with the Securitisation Regulation. Where an entity is already supervised by a competent authority under existing EU sectoral legislation, the same authority will generally supervise their compliance with the Securitisation Regulation. Member States are required to designate competent authorities to supervise any currently unsupervised entities (e.g. corporate originators). In relation to the direct risk retention requirements, transparency rules, ban on re-securitisation and criteria for credit granting, only originators, original lenders and SSPEs established in the EU are required to be supervised. However, there is currently no certainty over the geographical scope of application of the Securitisation Regulation.

Securitising parties who breach their STS obligations will be subject to administrative sanctions and potentially also criminal sanctions, to be determined by local competent authorities. A three-month period is provided under the recitals of the Securitisation Regulation for securitising entities to rectify good faith erroneous STS designation and during this time the securitisation will continue to be included within the ESMA list. This mechanism is not included under the operative provisions, but will be presumably relied on by securitising parties.

Other changes to the EU securitisation regime

  • Limitations on re-securitisations

From 1 January 2019 there will be a new prohibition on issuing re-securitisations (i.e. securitisation transactions where the underlying exposures include securitisation positions), subject to certain carve outs including where the securitisation is used to ensure the viability as a going concern of a credit institution, investment firm or financial institution (or to facilitate its winding-up), or to preserve the interest of investors where the underlying exposures are non-performing.

  • Limitation on sales to retail investors

The reforms include specific provisions on sales of securitisation position to retail investors, unless certain conditions are met, such as the performance of a suitability test by the seller. This provision is somewhat in contrast with MiFID regime, which impose performance of the suitability tests on financial intermediaries rather than sellers. It is likely that securitisations will continue to exclude retail participation entirely in any case.

  • Comparative credit granting requirements

Originators, sponsors and original lenders will be required to apply the same sound and well-defined criteria for credit granting to exposures to be securitised as are applied to exposures held on balance sheet. An originator which purchases third parties’ exposures for its own account and then securitises them is required to verify that the original lender also met such credit granting criteria (although there is limited grandfathering for older transactions complying with current rules).




The content of this article is only for information and does not constitute professional advice.
For further information contact Matteo Gallanti




[1] According to Section 2 (Definitions) of the Securitisation Regulation, the term “institutional investors” is defined to include credit institutions, investment firms, insurers, reinsurers and alternative investment fund managers, to whom rules relating to exposures to securitisation transactions already apply, and also UCITS management companies, internally managed UCITS, institutions for occupational retirement provision and investment managers or authorised entities appointed by an institution for occupational retirement provision. It does not include EU located non-regulated investors or the majority of entities located outside the EU. Such no-institutional investors may nevertheless choose to comply with due diligence requirements voluntarily to ensure that the securitisation meets EU standards on risk retention, credit granting and transparency.

Get our latest news