On 28 December 2017 the new Securitisation Regulation (Regulation EU 2017/2402) and the related CRR Amending Regulation (Regulation EU/2017/2401) were published in the Official Journal of the European Union. Together, they represent the most significant reform of securitisation regulation in the EU for many years, by: harmonising and reforming existing rules on due diligence, risk retention, disclosure and credit-granting which will apply in a uniform way to all securitisations, securitising entities and all types of EU regulated institutional investors; creating a new framework for simple, transparent and standardised long-term securitisations and asset-backed commercial paper programmes (collectively, “STS”); and implementing the revised Basel securitisation framework, including hierarchy of approaches and risk weights, into EU law and recalibrating the prudential treatment for credit institutions investing in STS securitisations. These regulations will enter into force on 17 January 2018 and will be directly applicable across the EU from 1 January 2019, applying to securitisations the securities of which are issued on or after that date. These reforms are a key part of the European Union’s capital markets union project, which aims to facilitate cross-border access to European Key considerations for securitising entities and investors: The new regime applies from 1 January 2019. Market participants will have to pay close attention to it now to ensure current transactions are grandfathered. The framework for the new EU securitisation regulation is fixed, but work on the technical detail is only just beginning. Market participants should fully engage with this. Securitising entities will have a new direct obligation to retain risk, existing approaches to risk retention disclosure and representations should be revisited. Securitising entities will have to make detailed disclosure to competent authorities, investors and potential investors. It is unclear how public this will be. The new due diligence obligations institutional investors are required to make before investing in securitisations are complex and detailed. Some of the criteria for the STS regime are vague. Until there is regulatory clarification, documentary compliance with them will be tricky. The New EU Securitisation Regulation The New EU Securitisation Regulation capital markets and increase their depth and liquidity. The EU co-legislators hope that these reforms will restart securitisation markets in Europe on a sustainable basis, contributing to job creation and economic growth in the EU. They mark the culmination of a lengthy political debate and legislative process. In this briefing we consider the key changes and issues raised by the new EU securitisation regime for market participants. We also consider the impact that Brexit may have on the EU securitisation regime. Risk retention Despite risk retention being the politically most contentious part of the Securitisation Regulation, the final outcome closely reflects the original Commission proposal. Indeed, because the existing level of risk retention (5%) and the existing five structural methods of risk retention have been left largely untouched, in many respects existing practice for transactions will be unaltered. There are, though, some key differences. New “direct approach” to complement the existing “indirect approach” The existing risk retention requirements laid down in different pieces of sectoral legislation (CRR, Solvency II Directive and AIFMD) will be repealed and replaced by a single article providing for a new direct obligation on originators, sponsors and original lenders to retain risk (the so-called ‘direct approach’). The direct approach is intended to complement the existing due diligence requirement on institutional investors to verify before investing whether or not the originator, sponsor or original lender has retained risk (the so-called ‘indirect approach’), which is maintained. A consequence of the new direct approach is that securitising entities established in the EU will be required to retain risk even if the only investors are located outside the EU or are not institutional investors. In complex transactions it may be that numerous entities (which may not be related) potentially fall within the broad definitions of originator, sponsor or original lender and responsibility for risk retention compliance (and potential related liability) will need to be agreed among them. The default regulatory position, assuming lack of agreement, is that the originator is obliged to retain risk. Because the definitions of securitisation, sponsor, originator and original lender are broad and on their face include securitising entities established anywhere in the world without any necessary EU-nexus, under a literal reading of the text securitising entities established in third countries entering into securitisations of local assets aimed at local investors have a direct obligation to retain risk in compliance with the EU regime. In our view, this extreme extra-territorial impact should not be taken to be the intention or effect of the Securitisation Regulation. Originators, sponsors and original lenders will be required to disclose to investors information about the risk retained within investor reports and, for the first time, if they breach their risk retention obligations they will be subject to administrative sanctions (which include public censures, significant fines and bans preventing individuals exercise management functions) and potentially also criminal sanctions. Local competent authorities have been given some discretion in relation to the sanctions they put in The New EU Securitisation Regulation place: in the UK it is likely that the FCA will consult on this in due course. There is also a new prohibition on so-called ‘cherry-picking’, seeking to ensure that an originator does not securitise assets which are more risky than comparable assets that it maintains on its balance sheet. Grandfathering, regulatory technical standards and methods of retaining risk The existing five structural methods for retaining risk have been largely left untouched, but the technical detail of these will be set out in new regulatory technical standards (“RTS”) to be developed by the EBA. On 15 December 2017, the EBA published a consultation paper on its proposed new risk retention RTS. It is welcome that in most respects the EBA’s proposed new risk retention RTS closely reflect the existing risk retention RTS enacted under the CRR, which are already familiar to market participants. The extension of the ‘originator interest’ retention method (option (b)) to include “revolving securitisations” and not just “revolving exposures” will provide certainty for synthetic securitisations (which customarily include replenishment provisions) to continue to allow originators to hold the requisite 5% material interest in the form of assets outside the reference portfolio. Institutional investors investing in securitisations issued prior to 1 January 2019 (for example, in the secondary market) will be required to continue to comply with existing risk retention obligations set out in sectoral legislation rather than the new obligations, which will only apply to new securitisations issued on or after 1 January 2019. Securitising entities will be subject to the new direct obligation to retain risk for securitisations issued after 1 January 2019, but on the basis of the existing risk retention RTS until the new risk retention RTS have been adopted, the exact timing of this is uncertain. This should not cause practical difficulties for most securitisations given that the proposed new risk retention RTS closely reflect the existing risk retention RTS. The “sole purpose” test and the originator loophole The revised risk retention requirements also seek to address the EBA’s recommendation to close the so-called ‘originator loophole’: taking advantage of the wide definition of originator in the CRR, this allowed an originator SPE to be established solely for buying a third party’s exposures which it could then securitise immediately. The EBA has consistently opined that these types of structures are non-compliant with the spirit of the risk retention requirements. The Securitisation Regulation provides that “an entity shall not be considered to be an originator where the entity has been established or operates for the sole purpose of securitising exposures.” There is no further guidance within the text of the Securitisation Regulation on how to interpret “sole purpose”, but the EBA’s proposed new risk retention RTS require that a risk retaining originator is “established and operating for purposes consistent with a broader business enterprise”, is able to meet payment obligations consistent with that broader business enterprise and has an adequate corporate governance structure for that broader business enterprise. This proposal goes beyond existing practice and if enacted without modification would therefore require that market participants change practice when structuring transactions. It is likely that the The New EU Securitisation Regulation industry will consider this part of the proposal extremely carefully. Who is on the hook if the risk retention structuring goes wrong? Institutional investors should be able to rely on risk retention disclosure made by securitising entities and take comfort from the fact that their regulatory capital position will not be penalised if they invest in a securitisation on the basis of compliance with their due diligence obligations, even if that securitisation is subsequently found to have breached the risk retention requirements. In this case, their investment may nevertheless fall in value or become illiquid, as subsequent secondary market institutional investors will no longer be able to invest. Institutional investors who invested in reliance on incorrect risk retention disclosure may be able to sue one of the securitising entities for loss (for example, under FSMA issuer liability for published information). For a cross-border transaction, questions as to which securitising entity they sue and which laws, courts and measures of loss apply (in the absence of any direct contractual recourse) could be extremely complex. A consequence of the direct approach is that the drafting of risk retention representations and undertakings in contractual documentation and related risk factors in offering documents may well change: it will be more difficult for securitising entities to argue that they should not bear the risk of structuring a transaction that turns out not to be risk retention compliant. Risk factors and disclosure statements that seek to limit liability towards investors on this basis will need to be reconsidered. Due diligence for EU regulated institutional investors The securitisation industry will be relieved that some of the more controversial positions taken by the European Parliament during the legislative process, including a transparency requirement on investors (so-called ‘investor name give-up’) and a requirement that all investors in securitisations be EU regulated institutional investors or third country institutional investors established in jurisdictions considered by the European Commission to have equivalent regulation, did not make the final text. There remains an underlying debate over whether or not extensive regulatory due diligence requirements will enhance the securitisation industry, given that there are no regulatory equivalents for other kinds of securities which may be equally risky, such as equities or other fixed income debt products, particularly given that institutional investors already have an economic incentive to perform due diligence. Harmonised due diligence requirements for all EU regulated institutional investors Existing due diligence requirements laid down in different pieces of sectoral legislation (CRR, Solvency II Delegated Act and AIFMD) will be repealed and replaced by a single article providing that all types of regulated institutional investors must undertake identical due diligence processes, both before becoming exposed to a securitisation and on an on-going basis as long as they are exposed. The majority of the reformed due diligence requirements are substantially similar to existing due diligence requirements, though some have been clarified and others have been removed. The new regime includes requirements on institutional investors to: The New EU Securitisation Regulation make certain verifications before becoming exposed to a securitisation, including that the structure is risk retention compliant, that the assets were originated on the basis of high credit-granting standards and that the originator, sponsor and securitisation special purpose entity (“SSPE”) comply with their disclosure obligations; carry out a due diligence assessment commensurate with the risks involved before becoming exposed to a securitisation, both in relation to the exposures underlying the securitisation and the structural features of the securitisation, and, for a securitisation that is designated STS, as to whether it meets the STS criteria; and on an on-going basis during the life of the securitisation, establish written procedures to monitor the performance of the securitisation, perform stress tests, ensure there is an adequate level of internal reporting and be able to demonstrate to authorities that they have a comprehensive and thorough understanding of their securitisation position and its underlying exposures. The due diligence obligation only applies to investors that fall within the definition of institutional investor, which includes a range of financial entities regulated under EU financial services regulation. It does not include EU located non-regulated investors or a majority of entities located outside the EU. These non-institutional investors may nevertheless choose to comply with some due diligence requirements voluntarily to ensure that the securitisation is structured to meet EU standards on risk retention, credit granting and transparency. This is because EU institutional investors will not in practice be able to invest in a securitisation which is not structured to comply with such requirements and this may therefore have a significant impact on pricing and liquidity. A bifurcated regime: different requirements for EU and third country securitising entities The verifications that an institutional investor is required to make are to some extent bifurcated, depending on whether the originator, sponsor or original lender is established in the EU or in a third country. This bifurcation is aimed at giving greater flexibility to non-EU established securitising entities, who will in many cases be subject to similar local regulation: In relation to credit-granting, no verification is required for originators and original lenders that are EU credit institutions or investment firms (presumably because these are already directly subject to EU regulation on credit granting). For originators and original lenders established in the EU which are not credit institutions or investment firms, verification is required to ensure that the credit-granting meets the exact requirements of the creditgranting obligation. However, for originators and original lenders established outside the EU the test appears to be somewhat less onerous and there is no specific requirement to verify that the securitising entity takes “appropriate account of factors relevant to verifying the prospect of the obligor meeting his obligations under the credit agreement”. In relation to risk retention, for EUestablished originators, sponsors and original lenders, verification is required to ensure they comply with the detailed EU framework, including the risk retention RTS, whereas for The New EU Securitisation Regulation third country-established originators, sponsors and original lenders, verification is required simply to ensure that a 5% net economic interest is retained, (measured using EU methodology). This raises the question of what verification is required for those securitisations with securitising entities established in different jurisdictions: for example, a sponsor may be established in the EU but the originator and original lender may be established in a third country. The Securitisation Regulation does not directly answer this question, but in our view (and in the absence of further guidance from regulators) institutional investors should have primary regard to the location of the risk retainer when considering which due diligence standard is applicable. In relation to transparency, there is no such bifurcation and thus on the face of the regulation verification is required to ensure compliance with detailed provisions of the transparency obligation and their related RTS, even where all the securitising entities are established in third countries and may already be subject to similar local regulation. Grandfathering, no regulatory technical standards Despite the new due diligence requirements being more prescriptive than the existing principlesbased due diligence regime, the Securitisation Regulation does not envisage dedicated due diligence RTS setting out precise technical detail. The EBA is also not proposing that provisions related to due diligence contained within the existing risk retention RTS will be carried over into the new risk retention RTS. The new due diligence requirements will apply to all securitisations which are issued on or after 1 January 2019. Existing sectoral due diligence requirements (contained within CRR, Solvency II Delegated Act and AIFMD) will continue to apply to those legacy securitisations currently subject to them (i.e. those issued on or after 1 January 2011, or older securitisations where new exposures have been added or substituted after 31 December 2014). The penalties for investors who breach their due diligence obligations have not been included within the Securitisation Regulation and these remain in sectoral legislation and include the ability of competent authorities to impose additional risk weights on investors who breach their due diligence requirements. Transparency requirements for securitising entities Some market commentators have suggested that disclosure standards for securitisations within the EU have long been sufficient for investors and that lack of sufficient disclosure was not a significant cause of the financial crisis in the EU. To the extent that this is true, there is a risk that the new granular disclosure requirements will place a burden on securitising entities without giving investors a proportionate benefit and thereby act as an unnecessary disincentive to issuance. The new Securitisation Regulation contains detailed transparency provisions that in some respects reflect the regime that was envisaged to apply from 1 January 2017 under CRA III Article 8(b), but in the event never fully took effect. Like the risk retention regime it is on its face extremely extraterritorial, but in our view it should not be taken to apply to those securitisations without any meaningful EU nexus. The New EU Securitisation Regulation New prescriptive transparency requirements for securitising entities The existing principles-based duty to disclose “all materially relevant data” contained within the CRR will be repealed and replaced by new transparency requirements, substantially similar to the granular disclosure obligations currently contained within the CRA III regime, requiring that the originator, sponsor and SSPE disclose to holders of a securitisation position, potential investors and relevant competent authorities information relating to the securitisation, both before pricing and in some cases on an on-going basis during the life of the transaction, as follows: loan level data, through standardised disclosure templates (on a quarterly basis, no later than one month after the interest payment date); transaction documentation that is essential for the understanding of the transaction, including any offering document or prospectus (by way of summary if necessary to exclude confidential information) and a detailed description of the priority of payments (before pricing); where there is no prospectus, an overview of the main features of the securitisation (before pricing); in the case of STS securitisations, the STS notification (before pricing); investor reports, covering the credit quality and performance of the underlying exposures, data on cash flows and liabilities and risk retention compliance (on a quarterly basis, no later than one month after the interest payment date); and inside information disclosure on an ad hoc basis, on the basis of either the Market Abuse Regulation (where it applies) or a substantially similar regime (where it does not apply). Originators, sponsors and SSPEs shall designate one reporting entity among themselves to fulfil transparency obligations and must disclose transparency information by means of a securitisation repository. The reporting entity must be specified within the securitisation documentation. Securitising parties who breach the disclosure obligations will be subject to administrative sanctions and potentially also criminal sanctions, to be formulated by local competent authorities. Disclosure via securitisation data repositories The requirement to disclose by way of a securitisation repository was not included in the original Commission proposal but reflects a compromise with the European Parliament and to some extent mirrors the EMIR disclosure regime. There are extensive provisions relating to the registration and supervision of securitisation repositories and related regulatory and implementing technical standards are envisaged. How public is securitisation disclosure? Private and bilateral transactions. There is an open question on the extent to which securitisation transparency information will be effectively public. The text of the Securitisation Regulation, which provides an obligation to disclose to specific entities, appears significantly The New EU Securitisation Regulation narrower than the provisions of CRA III which refers to “publish information” and this might be an indication that loan level data, investor reports and transaction documents should not be publically available. However, given that prospective investors are entitled to information before becoming exposed it is hard to see how, from an operational perspective, securitisation repositories will be able to comply with the requirement to make information available to prospective investors without it being in practical terms public. It is clear that private and bilateral transactions (those exempt from the requirement to publish a prospectus regime-compliant prospectus) are not required to disclose transparency information via a securitisation repository, however it appears from the text that they are subject to other transparency requirements, for example to disclose loan level data to their investors directly. Industry participants will hope that ESMA clarifies and narrows this obligation within its disclosure RTS in due course. Grandfathering, regulatory technical standards On 19 December 2017, ESMA published a consultation paper proposing transparency RTS and ITS to specify loan level data and the content of investor reports, which to some extent reflect the existing CRA III Delegated Act. The new transparency regime will apply to securitisations the securities of which are issued on or after 1 January 2019 and legacy transactions that seek the STS designation, though loan level data and investor reports should be disclosed on the basis of the Annexes to the CRA III Delegated Act until the new transparency RTS and ITS have been adopted. As is the case with the risk retention RTS, the exact timing of this is uncertain and it may cause practical difficulties for some securitisations which will be required to comply with two different RTS. Regulatory transparency obligations will not apply to legacy transactions issued prior to 1 January 2019 that do not seek the STS designation, though those transactions will likely continue to be subject to contractual disclosure obligations. Credit-granting standards Unlike the existing securitisation provisions of the CRR, the original Commission proposal did not include a direct obligation on securitising entities in relation to credit-granting standards. This proved to be one of the more contentious aspects of the legislative process, with one of the interim draft texts purporting to prohibit RMBS securitisations if the pool of receivables contained any ‘self-certified’ mortgage, even if the original granting of that mortgage was legal at the time it was originated. General criteria for credit granting The new credit granting standards requirement in some respects reflects the existing CRR requirement, that securitising entities apply to exposures to be securitised “the same sound and well-defined criteria for credit-granting which they apply to non-securitised exposures” and apply “the same clearly established processes for approving and where relevant amending, renewing and refinancing credits”. However, it also goes beyond that, requiring that securitising entities have “effective systems in place to apply those criteria and processes in order to ensure that the credit-granting is based on a thorough assessment of the obligor’s credit-worthiness…”, language which tracks closely the Mortgage Credit Directive. This obligation may be harder to meet The New EU Securitisation Regulation in relation to some asset-classes. On a literal reading it also appears to have extra-territorial effect and apply to entities that may have no meaningful involvement in a securitisation (for example original lenders that sell receivables to an originator unaware that they will subsequently be securitised), though in our view this is not the intent or effect of the regulation. Grandfathering in the case of RMBS and selfcertified mortgages RMBS securitisations of self-certified mortgages originated after 20 March 2014 (the date of entry into force of the Mortgage Credit Directive) are prohibited, though legacy self-certified mortgages may be securitised (and existing securitisations containing self-certified mortgages originated prior to 20 March 2014 may be refinanced). Selfcertified mortgages are excluded entirely from the STS regime. Verification by ‘limb (b)’ originators Originators that purchase pools of receivables originated after 20 March 2014 from original lenders are required to diligence the creditgranting standards of the original lender to ensure they meet the above general criteria for creditgranting. In the case of receivables created before the entry into force of the Mortgage Credit Directive, the diligence requirement of originators on original lenders is the same as the existing diligence requirement contained within the existing risk retention RTS, a relatively lower standard. It is somewhat odd to use the entry of force of the Mortgage Credit Directive as a cut-off point in relation to securitisations of all asset classes, but this should not cause practical problems. New regime for simple, transparent and standardised securitisations The second part of the Securitisation Regulation contains a new framework for the regulation of: simple, transparent and standardised term securitisations; and simple, transparent and standardised assetbacked commercial paper (“ABCP”), which will apply to all types of regulated institutional investors, eligible asset classes and transaction structures. Related existing provisions which give favourable prudential treatment to certain high quality securitisations in sectoral legislation, such as the LCR Delegated Act and the Solvency II Delegated Act, will continue for the present, but it is envisaged that they will be aligned to the STS criteria in due course. The STS framework contains eligibility criteria for STS securitisations, provisions for notifications by securitising entities and reliance and due diligence by investors as well as supervision mechanisms. The policy intent is that, by differentiating simple, transparent and standardised securitisations from highly complex, opaque and risky securitisations and incentivising investment in the former over the latter through recalibrated prudential frameworks, European securitisation markets will develop on a more sustainable basis. Certain securitisations have been deliberately excluded from the STS framework, including securitisations with managed portfolios of assets, CMBS and synthetic securitisations, though the Securitisation Regulation envisages that the European Commission may create an STS framework for balance sheet synthetic securitisations in due course. The New EU Securitisation Regulation It is hard to predict the consequences of a bifurcated securitisation regime, though it is likely that there will be unintended consequences as well as intended consequences: there is, for example, a risk that a granular list of prescriptive criteria may stultify market practice at a particular point in time and inhibit market innovation. In its original explanatory memorandum, the European Commission was at pains to stress that, because the STS criteria relate to structure rather than asset quality, nonSTS securitisations would continue to be issued and continue to be good investments, though the extent of the market appetite for them (other than in those asset classes for which the STS regime is not available) remains to be seen. One unfortunate consequence of a clearly bifurcated regime is that those securitisations that cannot meet just one of the criteria will have no regulatory incentive to meet any of the criteria. The STS criteria The STS criteria, which are separated into more than 50 different items organised into three categories of requirements relating to “simplicity”, “standardisation” and “transparency”, relate to the process by which the transaction is structured rather than the underlying credit quality of the assets involved. There is thus no implication that an STS securitisation is free of risks, but rather that a prudent and diligent investor will better be able to analyse and price the risk involved. The criteria are to a large extent based on existing requirements in the LCR Delegated Act and the Solvency II Delegated Act and also advice from the EBA and BCBS-IOSCO. The criteria include requirements relating to the asset sale, asset homogeneity, origination standards, creditworthiness of the underlying debtors, risk retention compliance, interest rate and currency risk mitigation, documentation contents and clarity, external verification of underlying exposures, provision of a liability cash-flow model and provision of documents to potential investors prior to pricing. Given the prudential advantages accorded to STS securitisations, it will be advisable to have them in mind even at origination where potential STS financing or refinancing is envisaged. Interpreting the STS criteria Given that many of the criteria are vague (some extremely so) and therefore potentially open to different interpretations it is welcome that the EBA has been mandated to publish guidelines and recommendations relating to their interpretation, which can be updated and refined on an on-going basis as market and supervisory practice develops over time. In relation to the criteria for homogeneity of assets, on 15 December 2017 the EBA published a consultation on its proposed dedicated homogeneity RTS. The EBA’s intention that this criterion is principles-based (i.e. with a focus on whether the receivables have similar risk profiles and cash flow characteristics) is welcome, but the detailed provisions of the proposal are somewhat complex and it may be difficult for issuers to determine in the case of a particular pool of receivables what “similar” means with respect to underwriting standards and what “uniform” means with respect to the servicing procedures of underlying exposures as these concepts also form part of the definition of homogenous. Prior to this additional regulatory guidance being progressed, market participants wanting STS designation will need to comply with the criteria as best they may, but because of their The New EU Securitisation Regulation vagueness seeking to comply with the criteria by simply copying and pasting them into contractual documentation will not be appropriate. STS notifications and reliance Originators, sponsors and SSPEs are required jointly to notify ESMA, national competent authorities and investors that a securitisation meets the STS criteria, by means of a standardised template to be developed by ESMA, and designate among themselves a contact point for investors and competent authorities. The STS notification must include an explanation of how each criteria has been met and will be published on the ESMA website. If a securitisation stops meeting the STS criteria, the originator and sponsor are required immediately to notify ESMA and competent authorities. While there is no explicit obligation to notify investors of this, it is likely that investors would have to be notified under the general disclosure obligations. Securitising parties who breach their STS obligations will be subject to administrative sanctions and potentially also criminal sanctions, to be formulated by local competent authorities. The recitals to the Securitisation Regulation state that securitising entities have a grace period of three months to rectify good faith erroneous STS designation and during this time the securitisation will continue to be included within the ESMA list. This mechanism is not included within the operative provisions, but presumably securitising entities will be able to rely on it. There is an open question as to the level of reliance an investor may place on the STS notification. The text states that “institutional investors may rely to an appropriate extent on the STS notification… and on the information disclosed by the originator, sponsor and SSPE on the compliance with the STS requirements, without solely or mechanistically relying on that notification or information.” Because this text appears in the context of the requirement for an investor to do a due diligence assessment rather than a mere verification and because the text does not refer simply to the STS notification but also to other information (which arguably includes the transaction documents, offering document and underlying loan level data), it may be that investors will feel compelled to check that the STS notification is consistent with the other information, which will increase costs and may impact secondary market liquidity. A body of practice will no doubt build up over time among market participants. While the regime does not include any specific penalties for an investor who invests in a securitisation in reliance on an STS notification without having undertaken an appropriate due diligence exercise, it is possible that such an investor may not be able to recover the full value of any loss incurred from the securitising entities and would also be subject to additional risk weights on their investments from competent authorities under sectoral legislation. Third party verifiers There is a specific regulatory framework for the authorisation and supervision of third party verifiers of the STS criteria. The Securitisation Regulation liability regime does not extend to third party verifiers and remains with the securitising entities, though third party verifiers may be subject to other local statutory and tortious heads of liability in relation to their verification. It remains to be seen whether or not third party verifiers are seen by the market to add value by giving additional comfort to originators and credibility to sponsors. The New EU Securitisation Regulation Location of STS securitising entities Unlike the general requirements that apply to all securitisations which allow originators, sponsors and SSPEs to be established in third countries, securitisations may only be eligible for the STS designation if each of the originator, sponsor and SSPE is established in the EU. There is no requirement that the underlying assets are originated in the EU (indeed, the criteria specifically refer to third country credit-granting regimes) and there is no requirement that the investors in STS securitisations are EU established or authorised. The limitation on the location of STS securitising entities was not included in the original Commission proposal and seems to have arisen partly as a consequence of the UK’s decision to leave the EU. The Commission has been mandated to present a report by 2022 that shall include an assessment over whether to introduce an equivalence regime for third-country securitising entities. Grandfathering Securitisations issued prior to 1 January 2019 may benefit from the STS designation provided that they meet the criteria, though in order to make the regime workable several of the criteria need to be met only at the time of the STS notification, rather than on issuance. Some legacy securitisations may in practice find it difficult to comply, particularly with the new risk retention RTS and transparency RTS. Other changes to the EU securitisation regime In addition to the significant changes described above, the new Securitisation Regulation will make numerous other tweaks to current law: Definitions Certain key definitions have been amended: The revised definition of “securitisation” seeks to exclude transactions which fall within the CRR specialised lending framework in CRR. While the policy intent of this exclusion makes sense, this late change to the text was not consulted on and it may have unforeseen consequences. The revised definition of “sponsor” specifically includes non-EU established credit institutions and investment firms, a welcome clarification that reflects existing practice. There is a new definition of “original lender” based on limb (a) of the definition of “originator”. Under a literal reading of the text, this definition includes (and imposes obligations on) entities which might be entirely unrelated to the securitisation and might not be located in the EU. Limitation on re-securitisations From 1 January 2019, there will be a new prohibition on issuing re-securitisations. It is not clear on the face of the Securitisation Regulation whether this prohibition is aimed at securitising entities or investors and it is not clear what, if any, sanctions are envisaged for breaching the prohibition. There are some carve-outs from the prohibition for those re-securitisations that are considered to be “legitimate purpose” resecuritisations, including for fully supported ABCP programmes and in the context of facilitating the winding up of a financial institution. The New EU Securitisation Regulation Limitation on sales to retail investors There are specific provisions regulating sales of securitisation positions to retail investors, unless certain conditions are met, such as the performance of a suitability test by the seller. This provision is somewhat at odds with the MiFID regime, under which it is financial intermediaries rather than sellers who perform suitability tests. However, it is likely that the majority of securitisations will continue to exclude retail participation entirely in any case. Extra-territorial effect of Article 14 CRR on nonEU subsidiaries of EU banking groups An unintended consequence of the current text of the Securitisation Regulation and the CRR Amending Regulation is that Article 14 of the CRR, which imposes EU securitisation due diligence standards on a consolidated group basis, thereby impacting third country established subsidiaries of EU banking groups investing in third country securitisations, will be widened to include EU risk retention, transparency and credit-granting standards as well as due diligence standards. This could put third country established subsidiaries of EU banking groups at a competitive disadvantage, as they would have to comply with the EU standards as well as local standards, whereas local operators would only have to comply with local standards. It is hoped that the EU legislative institutions are able to resolve this concern by the time the new Securitisation Regulation applies. The impact of Brexit Given the on-going withdrawal negotiations between the UK and the EU and the uncertain passage of the EU (Withdrawal) Bill through the Houses of Parliament, the exact impact that Brexit will have on securitisation remains extremely uncertain. The relationship between the UK and the EU post-Brexit The relationship between the UK and the EU after Brexit, both during any transition period and in the longer term, is a matter for negotiation. The position of the UK Government is that during a transition period of about two years “access to the UK and European markets would continue on current terms” and that this “means staying in all the EU regulators and agencies”. The position of the EU is that “The legal consequence of Brexit is that UK financial services providers lose their EU passport… but the EU will have the possibility to judge some UK rules as equivalent, based on a proportionate and risk-based approach. And in those areas where EU legislation foresees equivalence.” These positions appear to be at odds. As a matter of EU law, and assuming no agreement to the contrary, the UK will be a third country after Brexit and therefore UK established securitising entities and investors should be considered in the same way as those established in other third countries. In particular, given the precise words of the Securitisation Regulation, it is difficult to see how the ESMA-recognised STS designation could be available to securitisations if any of the sponsor, originator or SSPE are established in the UK. Absent any specific grandfathering mechanism within the context of the withdrawal arrangements, it would also appear in the event any STS securitisations created prior to the date the UK leaves the EU contain UK established securitising entities, the designation (and related prudential treatment) The New EU Securitisation Regulation would lapse on the Brexit date. However, it seems that there is nothing to stop UK-originated assets being sold by a UK original lender to an EUestablished originator and subsequently securitised to gain the STS designation, if access to EU institutional investors is commercially necessary for any given transaction. Transposing EU law into UK domestic law The UK Government aims to ensure as a general rule that the same laws apply in the UK immediately after the UK has left the EU as apply before. Assuming the UK leaves the EU on 29 March 2019, both the Securitisation Regulation and the CRR Amending Regulation (as directly applicable EU regulations, in force and applying from 1 January 2019) will fall within the definition of “retained EU law” under the terms of the EU (Withdrawal) Bill and continue to have effect in domestic law after the UK has left the EU. It may be that some of the secondary measures envisaged by the EU Securitisation Regulation are not in force or do not apply by the date the UK leaves the EU. Any such measures will not automatically be transposed into UK domestic law by virtue of the EU (Withdrawal) Bill, but it is likely that similar provisions will be enacted in the UK by for example statutory instrument. The EU (Withdrawal) Bill purports to grant the UK Government extensive powers to deal with deficiencies in retained EU law arising from withdrawal. Given the extensive powers of EU agencies envisaged by the Securitisation Regulation and the jurisdictional limitations of the EU STS regime, it is likely that this will require considerable work. Inevitably, the process of transposing the Securitisation Regulation into the UK post-Brexit gives rise to certain policy decisions: should the UK create its own dedicated STS regime, mirroring the EU regime but requiring each securitising entity to be established in the UK? In our view this would be a poor policy choice and unnecessarily limit the size of the market available to UK established institutional investors. Despite the UK Government’s statements that regulatory requirements for cross-border business should be “symmetrical” and “reciprocal”, in our view it would be better for the UK’s STS regime to allow the securitising entities to be established in the EU (or indeed elsewhere in the world) on a unilateral basis, provided that certain minimum standards are met. Other regulatory changes impacting securitisation Not directly connected to the Securitisation Regulation, there are a number of other EU regulatory initiatives underway which may impact the regulatory framework of securitisations. There continues to be some uncertainty as to whether securitisation SSPEs will be classified as financial counterparties as part of the ongoing EMIR review, a change that could potentially impose clearing and margin requirements on SSPE issuers (though STS issuers will to some extent be exempt). Under recent proposed changes to the EU Financial Services Supervisory Structure, prospectuses for securitisations would no longer be approved by the home national competent authority but would instead be approved by ESMA. Conclusion On balance, the new Securitisation Regulation represents a victory for the European Securitisation industry, which has succeeded in ensuring that a broadly workable regulation has been enacted. The jury is still out on whether or The New EU Securitisation Regulation not it will succeed in its aims of revitalising European securitisation markets. For the best possible outcome there is still quite a bit of work to do: this includes policy-makers working with industry to ensure that secondary measures are proportionate and pragmatic, re-considering capital requirements across all sectoral regulation to ensure investors and securitising entities are not unduly disincentivised from entering into securitisations and ensuring that market participants have access both from the buy and the sell side to the broadest possible array of issuance and investment opportunities wherever in the world they are located. For further information about the matters highlighted in this briefing, please contact one of the following or your usual Slaughter and May contact.