New types of institutional investors will soon fall under the revised and expanded EU risk retention rules that will affect investors' obligations and requirements for new securitizations, including in relation to due diligence and internal monitoring and reporting.

Regulation (EU) 2017/2402 (Securitization Regulation) codifies a general framework for all securitizations and introduces a new securitization framework for “simple, transparent and standardized” securitizations. The Securitization Regulation will apply throughout the European Union (EU) as of January 1, 2019, imposing due diligence, transparency, and risk retention requirements on a broader scope of institutional investors (including undertakings for the collective investments in transferable securities (UCITS) and non-EU alternative investment funds (AIFs)) in securitization positions.

Application to Institutional Investors

While EU AIF managers (AIFMs) are currently subject to due diligence, monitoring, and internal reporting requirements in relation to securitization positions under the EU Alternative Investment Fund Managers Directive 2011/61/EU (AIFMD), the Securitization Regulation repeals and replaces those provisions by including AIFMs as institutional investors and extending the requirements to non-EU AIFMs that market alternative investment funds in the EU.

Institutional investors will also include UCITS managers, which will be subject to the due diligence, monitoring, and reporting requirements in relation to securitization positions for the first time.

If an institutional investor, such as an AIFM or UCITS manager, delegates responsibility for fulfilling the due diligence, monitoring, and reporting requirements, any sanctions may be imposed on the delegate rather than the institutional investor.

Due Diligence Requirements

Prior to holding a securitization position, institutional investors will need to verify that

  • the originator or original lender has granted all credit giving rise to the underlying exposure based on sound and well-defined criteria, with effective systems to apply those criteria;
  • the sponsor, originator, or original lender retains a material net economic interest (at least 5%) throughout the securitization’s lifetime; and
  • the disclosure required by the Securitization Regulation has been made available.

Institutional investors will also need to carry out a risk assessment of the securitization position and underlying exposures, including any structural features that could materially impact the securitization position’s performance (e.g., priorities of payment, credit and liquidity enhancements, market value triggers, and transaction-specific events of default).

Monitoring and Internal Reporting Requirements

Institutional investors holding a securitization position will need to at least

  • establish appropriate written procedures to monitor (1) ongoing compliance with the due diligence requirements outlined above, and (2) the performance of the securitization position and underlying exposure (taking into account, among other factors, the percentage of late repayments, default rates, repurchases, loan modifications, and any collateral types); and
  • perform regular stress tests on cash flows and collateral values supporting the underlying exposures or, where relevant, on the sponsor’s solvency and liquidity.

Additionally, the institutional investors will need to establish internal procedures for

  • reporting material risks arising from the securitization position to their management bodies;
  • recording an understanding of each securitization position and its underlying exposures so that a “comprehensive and thorough understanding” may be demonstrated to the relevant regulatory authority upon request;
  • implementing written policies and procedures for risk management of securitization positions; and
  • maintaining records of the verifications and due diligence undertaken.

Requirements Relating to Noncompliant Positions

The Securitization Regulation requires UCITS management companies and AIFMs that are exposed to a securitization position that no longer meets the requirements of the Securitization Regulation to—in the “best interest of investors” in the UCITS or AIF—“act and take corrective action, if appropriate.”

While “corrective action” is not defined for this purpose, it is clear that such corrective action is not a requirement to sell in all circumstances, as sales of all noncompliant securitization positions may not be in the best interest of investors.

Practical Next Steps

For newly in-scope investors (such as UCITS managers and non-EU AIFMs), practical steps and controls to address these requirements could include

  • considering delegating and/or documenting delegation arrangements for obligations arising under the Securitization Regulation;
  • consolidating any existing procedures for evaluating and reporting exposures to securitization positions (such as from business areas subject to existing AIFMD rules on securitization positions);
  • formulating checklists for fulfilling the due diligence requirements;
  • ensuring that contractual arrangements in relation to securitization positions provide for obtaining the information required for due diligence and monitoring;
  • ensuring that there is a sufficiently detailed audit trail of due diligence and monitoring; and
  • reviewing internal risk reporting lines to management bodies to ensure that material risks arising from securitization positions are properly reported to and managed at a senior level.