EUR-Lex Access to European Union law
This document is an excerpt from the EUR-Lex website
Document 02014R0537-20140616
Regulation (EU) No 537/2014 of the European Parliament and of the Council of 16 April 2014 on specific requirements regarding statutory audit of public-interest entities and repealing Commission Decision 2005/909/EC (Text with EEA relevance)
Consolidated text: Regulation (EU) No 537/2014 of the European Parliament and of the Council of 16 April 2014 on specific requirements regarding statutory audit of public-interest entities and repealing Commission Decision 2005/909/EC (Text with EEA relevance)
Regulation (EU) No 537/2014 of the European Parliament and of the Council of 16 April 2014 on specific requirements regarding statutory audit of public-interest entities and repealing Commission Decision 2005/909/EC (Text with EEA relevance)
02014R0537 — EN — 16.06.2014 — 000.001
This text is meant purely as a documentation tool and has no legal effect. The Union's institutions do not assume any liability for its contents. The authentic versions of the relevant acts, including their preambles, are those published in the Official Journal of the European Union and available in EUR-Lex. Those official texts are directly accessible through the links embedded in this document
|
REGULATION (EU) No 537/2014 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 16 April 2014 on specific requirements regarding statutory audit of public-interest entities and repealing Commission Decision 2005/909/EC (OJ L 158 27.5.2014, p. 77) |
Corrected by:
REGULATION (EU) No 537/2014 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL
of 16 April 2014
on specific requirements regarding statutory audit of public-interest entities and repealing Commission Decision 2005/909/EC
(Text with EEA relevance)
TITLE I
SUBJECT MATTER, SCOPE AND DEFINITIONS
Article 1
Subject matter
This Regulation lays down requirements for the carrying out of the statutory audit of annual and consolidated financial statements of public-interest entities, rules on the organisation and selection of statutory auditors and audit firms by public-interest entities to promote their independence and the avoidance of conflicts of interest and rules on the supervision of compliance by statutory auditors and audit firms with those requirements.
Article 2
Scope
This Regulation shall apply to the following:
statutory auditors and audit firms carrying out statutory audits of public-interest entities;
public-interest entities.
Article 3
Definitions
For the purposes of this Regulation, the definitions laid down in Article 2 of Directive 2006/43/EC shall apply, except as regards the term ‘competent authority’ as provided for in Article 20 of this Regulation.
TITLE II
CONDITIONS FOR CARRYING OUT STATUTORY AUDIT OF PUBLIC INTEREST ENTITIES
Article 4
Audit fees
Without prejudice to Article 25 of Directive 2006/43/EC, for the purposes of the first subparagraph, contingent fees means fees for audit engagements calculated on a predetermined basis relating to the outcome or result of a transaction or the result of the work performed. Fees shall not be regarded as being contingent if a court or a competent authority has established them.
For the purposes of the limits specified in the first subparagraph, non-audit services, other than those referred to in Article 5(1), required by Union or national legislation shall be excluded.
Member States may provide that a competent authority may, upon a request by the statutory auditor or the audit firm, on an exceptional basis, allow that statutory auditor or audit firm to be exempt from the requirements in the first subparagraph in respect of an audited entity for a period not exceeding two financial years.
Where the fees received from such a public-interest entity continue to exceed 15 % of the total fees received by such a statutory auditor or audit firm or, as the case may be, by a group auditor carrying out the statutory audit, the audit committee shall decide on the basis of objective grounds whether the statutory auditor or the audit firm or the group auditor, of such an entity or group of entities may continue to carry out the statutory audit for an additional period which shall not, in any case, exceed two years.
Article 5
Prohibition of the provision of non-audit services
A statutory auditor or an audit firm carrying out the statutory audit of a public-interest entity, or any member of the network to which the statutory auditor or the audit firm belongs, shall not directly or indirectly provide to the audited entity, to its parent undertaking or to its controlled undertakings within the Union any prohibited non-audit services in:
the period between the beginning of the period audited and the issuing of the audit report; and
the financial year immediately preceding the period referred to in point (a) in relation to the services listed in point (e) of the second subparagraph.
For the purposes of this Article, prohibited non-audit services shall mean:
tax services relating to:
preparation of tax forms;
payroll tax;
customs duties;
identification of public subsidies and tax incentives unless support from the statutory auditor or the audit firm in respect of such services is required by law;
support regarding tax inspections by tax authorities unless support from the statutory auditor or the audit firm in respect of such inspections is required by law;
calculation of direct and indirect tax and deferred tax;
provision of tax advice;
services that involve playing any part in the management or decision-making of the audited entity;
bookkeeping and preparing accounting records and financial statements;
payroll services;
designing and implementing internal control or risk management procedures related to the preparation and/or control of financial information or designing and implementing financial information technology systems;
valuation services, including valuations performed in connection with actuarial services or litigation support services;
legal services, with respect to:
the provision of general counsel;
negotiating on behalf of the audited entity; and
acting in an advocacy role in the resolution of litigation;
services related to the audited entity's internal audit function;
services linked to the financing, capital structure and allocation, and investment strategy of the audited entity, except providing assurance services in relation to the financial statements, such as the issuing of comfort letters in connection with prospectuses issued by the audited entity;
promoting, dealing in, or underwriting shares in the audited entity;
human resources services, with respect to:
management in a position to exert significant influence over the preparation of the accounting records or financial statements which are the subject of the statutory audit, where such services involve:
structuring the organisation design; and
cost control.
By way of derogation from the second subparagraph of paragraph 1, Member States may allow the provision of the services referred to in points (a) (i), (a) (iv) to (a) (vii) and (f), provided that the following requirements are complied with:
they have no direct or have immaterial effect, separately or in the aggregate on the audited financial statements;
the estimation of the effect on the audited financial statements is comprehensively documented and explained in the additional report to the audit committee referred to in Article 11; and
the principles of independence laid down in Directive 2006/43/EC are complied with by the statutory auditor or the audit firm.
Member States may establish stricter rules setting out the conditions under which a statutory auditor, an audit firm or a member of a network to which the statutory auditor or audit firm belongs may provide to the audited entity, to its parent undertaking or to its controlled undertakings non-audit services other than the prohibited non-audit services referred to in paragraph 1.
If his, her or its independence is affected, the statutory auditor or the audit firm shall apply safeguards where applicable in order to mitigate the threats caused by such provision of services in a third country. The statutory auditor or the audit firm may continue to carry out the statutory audit of the public-interest entity only if he, she or it can justify, in accordance with Article 6 of this Regulation and Article 22b of Directive 2006/43/EC, that such provision of services does not affect his, her or its professional judgement and the audit report.
For the purposes of this paragraph:
being involved in the decision-taking of the audited entity and the provision of the services referred to in points (b), (c) and (e) of the second subparagraph of paragraph 1 shall be deemed to affect such independence in all cases and to be incapable of mitigation by any safeguards.
provision of the services referred to in the second subparagraph of paragraph 1 other than points (b), (c) and (e) thereof shall be deemed to affect such independence and therefore to require safeguards to mitigate the threats caused thereby.
Article 6
Preparation for the statutory audit and assessment of threats to independence
Before accepting or continuing an engagement for a statutory audit of a public- interest entity, a statutory auditor or an audit firm shall assess and document, in addition to the provisions of Article 22b of Directive 2006/43/EC, the following:
whether he, she or it complies with the requirements of Articles 4 and 5 of this Regulation;
whether the conditions of Article 17 of this Regulation are complied with;
without prejudice to Directive 2005/60/EC, the integrity of the members of the supervisory, administrative and management bodies of the public-interest entity.
A statutory auditor or an audit firm shall:
confirm annually in writing to the audit committee that the statutory auditor, the audit firm and partners, senior managers and managers, conducting the statutory audit are independent from the audited entity;
discuss with the audit committee the threats to their independence and the safeguards applied to mitigate those threats, as documented by them pursuant to paragraph 1.
Article 7
Irregularities
Without prejudice to Article 12 of this Regulation and Directive 2005/60/EC, when a statutory auditor or an audit firm carrying out the statutory audit of a public-interest entity suspects or has reasonable grounds to suspect that irregularities, including fraud with regard to the financial statements of the audited entity, may occur or have occurred, he, she or it shall inform the audited entity and invite it to investigate the matter and take appropriate measures to deal with such irregularities and to prevent any recurrence of such irregularities in the future.
Where the audited entity does not investigate the matter, the statutory auditor or the audit firm shall inform the authorities as designated by the Member States responsible for investigating such irregularities.
The disclosure in good faith to those authorities, by the statutory auditor or the audit firm, of any irregularities referred to in the first subparagraph shall not constitute a breach of any contractual or legal restriction on disclosure of information.
Article 8
Engagement quality control review
When performing the review, the reviewer shall record at least the following:
the oral and written information provided by the statutory auditor or the key audit partner to support the significant judgements as well as the main findings of the audit procedures carried out and the conclusions drawn from those findings, whether or not at the request of the reviewer;
the opinions of the statutory auditor or the key audit partner, as expressed in the draft of the reports referred to in Articles 10 and 11;
The review shall at least assess the following elements:
the independence of the statutory auditor or the audit firm from the audited entity;
the significant risks which are relevant to the statutory audit and which the statutory auditor or the key audit partner has identified during the performance of the statutory audit and the measures that he or she has taken to adequately manage those risks;
the reasoning of the statutory auditor or the key audit partner, in particular with regard to the level of materiality and the significant risks referred to in point (b);
any request for advice to external experts and the implementation of such advice;
the nature and scope of the corrected and uncorrected misstatements in the financial statements that were identified during the carrying out of the audit;
the subjects discussed with the audit committee and the management and/or supervisory bodies of the audited entity;
the subjects discussed with competent authorities and, where applicable, with other third parties;
whether the documents and information selected from the file by the reviewer support the opinion of the statutory auditor or the key audit partner as expressed in the draft of the reports referred to in Articles 10 and 11.
Article 9
International auditing standards
The Commission shall be empowered to adopt by means of delegated acts in accordance with Article 39 the international auditing standards referred to in Article 26 of Directive 2006/43/EC in the area of audit practice, and the independence and internal quality controls of statutory auditors and audit firms for the purposes of their application within the Union, provided they meet the requirements of points (a), (b) and (c) of Article 26(3) of Directive 2006/43/EC and do not amend any of the requirements of this Regulation or supplement any of its requirements apart from those set out in Articles 7, 8 and 18 of this Regulation.
Article 10
Audit report
The audit report shall be prepared in accordance with the provisions of Article 28 of Directive 2006/43/EC and in addition shall at least:
state by whom or by which body the statutory auditor(s) or the audit firm(s) was (were) appointed;
indicate the date of the appointment and the period of total uninterrupted engagement including previous renewals and reappointments of the statutory auditors or the audit firms;
provide, in support of the audit opinion, the following:
a description of the most significant assessed risks of material misstatement, including assessed risks of material misstatement due to fraud;
a summary of the auditor's response to those risks; and
where relevant, key observations arising with respect to those risks.
Where relevant to the above information provided in the audit report concerning each significant assessed risk of material misstatement, the audit report shall include a clear reference to the relevant disclosures in the financial statements.
explain to what extent the statutory audit was considered capable of detecting irregularities, including fraud;
confirm that the audit opinion is consistent with the additional report to the audit committee referred to in Article 11;
declare that the prohibited non-audit services referred to in Article 5(1) were not provided and that the statutory auditor(s) or the audit firm(s) remained independent of the audited entity in conducting the audit;
indicate any services, in addition to the statutory audit, which were provided by the statutory auditor or the audit firm to the audited entity and its controlled undertaking(s), and which have not been disclosed in the management report or financial statements.
Member States may lay down additional requirements in relation to the content of the audit report.
Article 11
Additional report to the audit committee
If the audited entity does not have an audit committee, the additional report shall be submitted to the body performing equivalent functions within the audited entity. Member States may allow the audit committee to disclose that additional report to such third parties as are provided for in their national law.
The additional report to the audit committee shall be in writing. It shall explain the results of the statutory audit carried out and shall at least:
include the declaration of independence referred to in point (a) of Article 6(2);
where the statutory audit was carried out by an audit firm, the report shall identify each key audit partner involved in the audit;
where the statutory auditor or the audit firm has made arrangements for any of his, her or its activities to be conducted by another statutory auditor or audit firm that is not a member of the same network, or has used the work of external experts, the report shall indicate that fact and shall confirm that the statutory auditor or the audit firm received a confirmation from the other statutory auditor or audit firm and/or the external expert regarding their independence;
describe the nature, frequency and extent of communication with the audit committee or the body performing equivalent functions within the audited entity, the management body and the administrative or supervisory body of the audited entity, including the dates of meetings with those bodies;
include a description of the scope and timing of the audit;
where more than one statutory auditor or audit firm have been appointed, describe the distribution of tasks among the statutory auditors and/or the audit firms;
describe the methodology used, including which categories of the balance sheet have been directly verified and which categories have been verified based on system and compliance testing, including an explanation of any substantial variation in the weighting of system and compliance testing when compared to the previous year, even if the previous year's statutory audit was carried out by other statutory auditor(s) or audit firm(s);
disclose the quantitative level of materiality applied to perform the statutory audit for the financial statements as a whole and where applicable the materiality level or levels for particular classes of transactions, account balances or disclosures, and disclose the qualitative factors which were considered when setting the level of materiality;
report and explain judgements about events or conditions identified in the course of the audit that may cast significant doubt on the entity's ability to continue as a going concern and whether they constitute a material uncertainty, and provide a summary of all guarantees, comfort letters, undertakings of public intervention and other support measures that have been taken into account when making a going concern assessment;
report on any significant deficiencies in the audited entity's or, in the case of consolidated financial statements, the parent undertaking's internal financial control system, and/or in the accounting system. For each such significant deficiency, the additional report shall state whether or not the deficiency in question has been resolved by the management;
report any significant matters involving actual or suspected non-compliance with laws and regulations or articles of association which were identified in the course of the audit, in so far as they are considered to be relevant in order to enable the audit committee to fulfil its tasks;
report and assess the valuation methods applied to the various items in the annual or consolidated financial statements including any impact of changes of such methods;
in the case of a statutory audit of consolidated financial statements, explain the scope of consolidation and the exclusion criteria applied by the audited entity to the non-consolidated entities, if any, and whether those criteria applied are in accordance with the financial reporting framework;
where applicable, identify any audit work performed by third-country auditor(s), statutory auditor(s), third-country audit entity(ies) or audit firm(s) in relation to a statutory audit of consolidated financial statements other than by members of the same network as to which the auditor of the consolidated financial statements belongs;
indicate whether all requested explanations and documents were provided by the audited entity;
report:
any significant difficulties encountered in the course of the statutory audit;
any significant matters arising from the statutory audit that were discussed or were the subject of correspondence with management; and
any other matters arising from the statutory audit that in the auditor's professional judgement, are significant to the oversight of the financial reporting process.
Member States may lay down additional requirements in relation to the content of the additional report to the audit committee.
Upon request by a statutory auditor, an audit firm or the audit committee, the statutory auditor(s) or the audit firm(s) shall discuss key matters arising from the statutory audit, referred to in the additional report to the audit committee, and in particular in point (j) of the first subparagraph, with the audit committee, administrative body or, where applicable, supervisory body of the audited entity.
Article 12
Report to supervisors of public-interest entities
Without prejudice to Article 55 of Directive 2004/39/EC, Article 63 of Directive 2013/36/EU of the European Parliament and of the Council ( 23 ), Article 15(4) of Directive 2007/64/EC, Article 106 of Directive 2009/65/EC, Article 3(1) of Directive 2009/110/EC and Article 72 of Directive 2009/138/EC of the European Parliament and of the Council ( 24 ), the statutory auditor or the audit firm carrying out the statutory audit of a public-interest entity shall have a duty to report promptly to the competent authorities supervising that public-interest entity or, where so determined by the Member State concerned, to the competent authority responsible for the oversight of the statutory auditor or audit firm, any information concerning that public-interest entity of which he, she or it has become aware while carrying out that statutory audit and which may bring about any of the following:
a material breach of the laws, regulations or administrative provisions which lay down, where appropriate, the conditions governing authorisation or which specifically govern pursuit of the activities of such public-interest entity;
a material threat or doubt concerning the continuous functioning of the public-interest entity;
a refusal to issue an audit opinion on the financial statements or the issuing of an adverse or qualified opinion.
Statutory auditors or audit firms shall also have a duty to report any information referred to in points (a) (b) or (c) of the first subparagraph of which they become aware in the course of carrying out the statutory audit of an undertaking having close links with the public-interest entity for which they are also carrying out the statutory audit. For the purposes of this Article, ‘close links’ shall have the meaning assigned to that term in point (38) of Article 4(1) of Regulation (EU) No 575/2013 of the European Parliament and of the Council ( 25 ).
Member States may require additional information from the statutory auditor or the audit firm provided it is necessary for effective financial market supervision as provided for in national law.
At least once a year, the European Systemic Risk Board (ESRB) and the CEAOB shall organise a meeting with the statutory auditors and the audit firms or networks carrying out statutory audits of all global systemically important financial institutions authorised within the Union, as identified internationally, in order to inform the ESRB of sectoral or any significant developments in those systemically important financial institutions.
In order to facilitate the exercise of the tasks referred to in the first subparagraph, the European Supervisory Authority (European Banking Authority — EBA) and the European Supervisory Authority (European Insurance and Occupational Pensions Authority — EIOPA) shall, taking current supervisory practices into account, issue guidelines addressed to the competent authorities supervising credit institutions and insurance undertakings, in accordance with Article 16 of Regulation (EU) No 1093/2010 of the European Parliament and of the Council ( 26 ) and Article 16 of Regulation (EU) No 1094/2010 of the European Parliament and of the Council ( 27 ), respectively.
Article 13
Transparency report
A statutory auditor or an audit firm shall be allowed to update its published annual transparency report. In such a case, the statutory auditor or the audit firm shall indicate that it is an updated version of the report and the original version of the report shall continue to remain available on the website.
Statutory auditors and audit firms shall communicate to the competent authorities that the transparency report has been published on the website of the statutory auditor or the audit firm or, as appropriate, that it has been updated.
The annual transparency report shall include at least the following:
a description of the legal structure and ownership of the audit firm;
where the statutory auditor or the audit firm is a member of a network:
a description of the network and the legal and structural arrangements in the network;
the name of each statutory auditor operating as a sole practitioner or audit firm that is a member of the network;
the countries in which each statutory auditor operating as a sole practitioner or audit firm that is a member of the network is qualified as a statutory auditor or has his, her or its registered office, central administration or principal place of business;
the total turnover achieved by the statutory auditors operating as sole practitioners and audit firms that are members of the network, resulting from the statutory audit of annual and consolidated financial statements;
a description of the governance structure of the audit firm;
a description of the internal quality control system of the statutory auditor or of the audit firm and a statement by the administrative or management body on the effectiveness of its functioning;
an indication of when the last quality assurance review referred to in Article 26 was carried out;
a list of public-interest entities for which the statutory auditor or the audit firm carried out statutory audits during the preceding financial year;
a statement concerning the statutory auditor's or the audit firm's independence practices which also confirms that an internal review of independence compliance has been conducted;
a statement on the policy followed by the statutory auditor or the audit firm concerning the continuing education of statutory auditors referred to in Article 13 of Directive 2006/43/EC;
information concerning the basis for the partners' remuneration in audit firms;
a description of the statutory auditor's or the audit firm's policy concerning the rotation of key audit partners and staff in accordance with Article 17(7);
where not disclosed in its financial statements within the meaning of Article 4(2) of Directive 2013/34/EU, information about the total turnover of the statutory auditor or the audit firm, divided into the following categories:
revenues from the statutory audit of annual and consolidated financial statements of public-interest entities and entities belonging to a group of undertakings whose parent undertaking is a public-interest entity;
revenues from the statutory audit of annual and consolidated financial statements of other entities;
revenues from permitted non-audit services to entities that are audited by the statutory auditor or the audit firm; and
revenues from non-audit services to other entities.
The statutory auditor or the audit firm may, in exceptional circumstances, decide not to disclose the information required in point (f) of the first subparagraph to the extent necessary to mitigate an imminent and significant threat to the personal security of any person. The statutory auditor or the audit firm shall be able to demonstrate to the competent authority the existence of such threat.
Article 14
Information for competent authorities
Statutory auditors and audit firms shall provide annually to his, her or its competent authority a list of the audited public-interest entities by revenue generated from them, dividing those revenues into:
revenues from statutory audit;
revenues from non-audit services other than those referred to in Article 5(1) which are required by Union or national legislation; and,
revenues from non-audit services other than those referred to in Article 5(1) which are not required by Union or national legislation.
Article 15
Record keeping
Statutory auditors and audit firms shall keep the documents and information referred to in Article 4(3), Article 6, Article 7, Article 8(4) to (7), Articles 10 and 11 Article 12(1) and (2), Article 14, Article 16(2), (3) and(5) of this Regulation, and in Articles 22b, 24a, 24b, 27 and 28 of Directive 2006/43/EC, for a period of at least five years following the creation of such documents or information.
Member States may require statutory auditors and audit firms to keep the documents and information referred to in the first subparagraph for a longer period in accordance with their rules on personal data protection and administrative and judicial proceedings.
TITLE III
THE APPOINTMENT OF STATUTORY AUDITORS OR AUDIT FIRMS BY PUBLIC-INTEREST ENTITIES
Article 16
Appointment of statutory auditors or audit firms
Where Article 37(2) of Directive 2006/43/EC applies, the public-interest entity shall inform the competent authority of the use of the alternative systems or modalities referred to in that Article. In that event, paragraphs 2 to 5 of this Article shall not apply.
Unless it concerns the renewal of an audit engagement in accordance with Article 17(1) and 17(2), the recommendation shall be justified and contain at least two choices for the audit engagement and the audit committee shall express a duly justified preference for one of them.
In its recommendation, the audit committee shall state that its recommendation is free from influence by a third party and that no clause of the kind referred to in paragraph 6 has been imposed upon it.
Unless it concerns the renewal of an audit engagement in accordance with Article 17(1) and 17(2), the recommendation of the audit committee referred to in paragraph 2 of this Article shall be prepared following a selection procedure organised by the audited entity respecting the following criteria:
the audited entity shall be free to invite any statutory auditors or audit firms to submit proposals for the provision of the statutory audit service on the condition that Article 17(3) is respected and that the organisation of the tender process does not in any way preclude the participation in the selection procedure of firms which received less than 15 % of the total audit fees from public-interest entities in the Member State concerned in the previous calendar year;
the audited entity shall prepare tender documents for the attention of the invited statutory auditors or audit firms. Those tender documents shall allow them to understand the business of the audited entity and the type of statutory audit that is to be carried out. The tender documents shall contain transparent and non-discriminatory selection criteria that shall be used by the audited entity to evaluate the proposals made by statutory auditors or audit firms;
the audited entity shall be free to determine the selection procedure and may conduct direct negotiations with interested tenderers in the course of the procedure;
where, in accordance with Union or national law, the competent authorities referred to in Article 20 require statutory auditors and audit firms to comply with certain quality standards, those standards shall be included in the tender documents;
the audited entity shall evaluate the proposals made by the statutory auditors or the audit firms in accordance with the selection criteria predefined in the tender documents. The audited entity shall prepare a report on the conclusions of the selection procedure, which shall be validated by the audit committee. The audited entity and the audit committee shall take into consideration any findings or conclusions of any inspection report on the applicant statutory auditor or audit firm referred to in Article 26(8) and published by the competent authority pursuant to point (d) of Article 28;
the audited entity shall be able to demonstrate, upon request, to the competent authority referred to in Article 20 that the selection procedure was conducted in a fair manner.
The audit committee shall be responsible for the selection procedure referred to in the first subparagraph.
For the purposes of point (a) of the first subparagraph, the competent authority referred to in Article 20(1) shall make public a list of the statutory auditors and the audit firms concerned which shall be updated on an annual basis. The competent authority shall use the information provided by statutory auditors and audit firms pursuant to Article 14 to make the relevant calculations.
If the proposal departs from the preference of the audit committee, the proposal shall justify the reasons for not following the recommendation of the audit committee. However, the statutory auditor or audit firm recommended by the administrative or supervisory body must have participated in the selection procedure described in paragraph 3. This subparagraph shall not apply where the audit committee's functions are performed by the administrative or supervisory body.
The public-interest entity shall inform the competent authorities referred to in Article 20 directly and without delay of any attempt by a third party to impose such a contractual clause or to otherwise improperly influence the decision of the general meeting of shareholders or members on the selection of a statutory auditor or an audit firm.
If a Member State establishes any such requirement, it shall inform the Commission and the relevant European Supervisory Authority thereof.
Article 17
Duration of the audit engagement
Neither the initial engagement of a particular statutory auditor or audit firm, nor this in combination with any renewed engagements therewith shall exceed a maximum duration of 10 years.
By way of derogation from paragraph 1, Member States may
require that the initial engagement referred to in paragraph 1 be for a period of more than one year;
set a maximum duration of less than 10 years for the engagements referred to in the second subparagraph of paragraph 1.
By way of derogation from paragraph 1 and point (b) of paragraph (2), Member States may provide that the maximum durations referred to in the second subparagraph of paragraph 1 and in point (b) of paragraph 2 may be extended to the maximum duration of:
20 years, where a public tendering process for the statutory audit is conducted in accordance with paragraphs 2 to 5 of Article 16 and takes effect upon the expiry of the maximum durations referred to in the second subparagraph of paragraph 1 and in point (b) of paragraph 2; or
twenty four years, where, after the expiry of the maximum durations referred to in the second subparagraph of paragraph 1 and in point (b) of paragraph 2, more than one statutory auditor or audit firm is simultaneously engaged, provided that the statutory audit results in the presentation of the joint audit report as referred to in Article 28 of Directive 2006/43/EC.
By way of derogation, Member States may require that key audit partners responsible for carrying out a statutory audit cease their participation in the statutory audit of the audited entity earlier than seven years from the date of their respective appointment.
The statutory auditor or the audit firm shall establish an appropriate gradual rotation mechanism with regard to the most senior personnel involved in the statutory audit, including at least the persons who are registered as statutory auditors. The gradual rotation mechanism shall be applied in phases on the basis of individuals rather than of the entire engagement team. It shall be proportionate in view of the scale and the complexity of the activity of the statutory auditor or the audit firm.
The statutory auditor or the audit firm shall be able to demonstrate to the competent authority that such mechanism is effectively applied and adapted to the scale and the complexity of the activity of the statutory auditor or the audit firm.
For the purposes of this Article, the audit firm shall include other firms that the audit firm has acquired or that have merged with it.
If there is uncertainty as to the date on which the statutory auditor or the audit firm began carrying out consecutive statutory audits for the public-interest entity, for example due to firm mergers, acquisitions, or changes in ownership structure, the statutory auditor or the audit firm shall immediately report such uncertainties to the competent authority, which shall ultimately determine the relevant date for the purposes of the first subparagraph.
Article 18
Hand-over file
Where a statutory auditor or an audit firm is replaced by another statutory auditor or audit firm, the former statutory auditor or audit firm shall comply with the requirements laid down in Article 23(3) of Directive 2006/43/EC.
Subject to Article 15, the former statutory auditor or audit firm shall also grant the incoming statutory auditor or audit firm access to the additional reports referred to in Article 11 in respect of previous years and to any information transmitted to competent authorities pursuant to Articles 12 and 13.
The former statutory auditor or audit firm shall be able to demonstrate to the competent authority that such information has been provided to the incoming statutory auditor or audit firm.
Article 19
Dismissal and resignation of the statutory auditors or the audit firms
Without prejudice to Article 38(1) of Directive 2006/43/EC, any competent authority designated by a Member State in accordance with Article 20(2) of this Regulation, shall forward the information concerning the dismissal or resignation of the statutory auditor or the audit firm during the engagement and an adequate explanation of the reasons therefor to the competent authority referred to in Article 20(1).
TITLE IV
SURVEILLANCE OF THE ACTIVITIES OF STATUTORY AUDITORS AND AUDIT FIRMS CARRYING OUT STATUTORY AUDIT OF PUBLIC-INTEREST ENTITIES
CHAPTER I
Competent authorities
Article 20
Designation of competent authorities
Competent authorities responsible for carrying out the tasks provided for in this Regulation and for ensuring that the provisions of this Regulation are applied shall be designated from amongst the following:
the competent authority referred to in Article 24(1) of Directive 2004/109/EC;
the competent authority referred to in point (h) of Article 24(4) of Directive 2004/109/EC;
the competent authority referred to in Article 32 of Directive 2006/43/EC.
By way of derogation from paragraph 1, Member States may decide that the responsibility for ensuring that all or part of the provisions of Title III of this Regulation are applied is to be entrusted to, as appropriate, the competent authorities referred to in:
Article 48 of Directive 2004/39/EC;
Article 24(1) of Directive 2004/109/EC;
point (h) of Article 24(4) of Directive 2004/109/EC;
Article 20 of Directive 2007/64/EC;
Article 30 of Directive 2009/138/EC;
Article 4(1) of Directive 2013/36/EU;
or to other authorities designated by national law.
The Commission shall consolidate this information and make it public.
Article 21
Conditions of independence
The competent authorities shall be independent of statutory auditors and audit firms.
The competent authorities may consult experts, as referred to in point (c) of Article 26(1), for the purpose of carrying out specific tasks and may also be assisted by experts when this is essential for the proper fulfilment of their tasks. In such instances, the experts shall not be involved in any decision-making.
A person shall not be a member of the governing body, or responsible for the decision–making, of those authorities if during his or her involvement or in the course of the three previous years that person:
has carried out statutory audits;
held voting rights in an audit firm;
was member of the administrative, management or supervisory body of an audit firm;
was a partner, employee of, or otherwise contracted by, an audit firm.
The funding of those authorities shall be secure and free from undue influence by statutory auditors and audit firms.
Article 22
Professional secrecy in relation to competent authorities
The obligation of professional secrecy shall apply to all persons who are or have been employed or independently contracted by, or involved in the governance of, competent authorities or by any authority or body to which tasks have been delegated under Article 24 of this Regulation. Information covered by professional secrecy may not be disclosed to any other person or authority except by virtue of the obligations laid down in this Regulation or the laws, regulations or administrative procedures of a Member State.
Article 23
Powers of competent authorities
The powers referred to in paragraph 2 of this Article shall include, at least, the power to:
access data related to the statutory audit or other documents held by statutory auditors or audit firms in any form relevant to the carrying out of their tasks and to receive or take a copy thereof;
obtain information related to the statutory audit from any person;
carry out on-site inspections of statutory auditors or audit firms;
refer matters for criminal prosecution;
request experts to carry out verifications or investigations;
take the administrative measures, and impose the sanctions referred to in Article 30a of Directive 2006/43/EC.
The competent authorities may use the powers referred to in the first subparagraph only in relation to:
statutory auditors and audit firms carrying out statutory audit of public-interest entities;
persons involved in the activities of statutory auditors and audit firms carrying out statutory audit of public-interest entities;
audited public-interest entities, their affiliates and related third parties;
third parties to whom the statutory auditors and the audit firms carrying out statutory audit of public-interest entities have outsourced certain functions or activities; and
persons otherwise related or connected to statutory auditors and audit firms carrying out statutory audit of public-interest entities.
Member States shall ensure that the competent authorities are allowed to exercise their supervisory and investigatory powers in any of the following ways:
directly;
in collaboration with other authorities;
by application to the competent judicial authorities.
Article 24
Delegation of tasks
Member States may delegate or allow the competent authorities referred to in Article 20(1) to delegate any of the tasks required to be undertaken pursuant to this Regulation to other authorities or bodies designated or otherwise authorised by law to carry out such tasks, except for tasks related to:
the quality assurance system referred to in Article 26;
investigations referred to in Article 23 of this Regulation and Article 32 of Directive 2006/43/EC arising from that quality assurance system or from a referral by another authority; and
sanctions and measures as referred to in Chapter VII of Directive 2006/43/EC related to the quality assurance reviews or investigation of statutory audits of public-interest entities.
Where the competent authority delegates tasks to other authorities or bodies, it shall be able to reclaim these competences on a case-by-case basis.
The competent authority shall inform the Commission and the competent authorities of Member States of any arrangement entered into with regard to the delegation of tasks, including the precise conditions governing such delegation.
Article 25
Cooperation with other competent authorities at national level
Competent authorities designated pursuant to Article 20(1) and, where appropriate, any authority to whom such a competent authority has delegated tasks shall cooperate at national level with:
the competent authorities referred to in Article 32(4) of Directive 2006/43/EC;
the authorities referred to in Article 20(2), whether or not they have been designated competent authorities for the purposes of this Regulation;
the financial intelligence units and the competent authorities referred to in Articles 21 and 37 of Directive 2005/60/EC.
For the purposes of such cooperation, the obligation of professional secrecy under Article 22 of this Regulation shall apply.
CHAPTER II
Quality assurance, market monitoring, and transparency of competent authorities
Article 26
Quality assurance
For the purposes of this Article:
‘inspections’ means quality assurance reviews of statutory auditors and audit firms, which are led by an inspector and which do not constitute an investigation within the meaning of Article 32(5) of Directive 2006/43/EC;
‘inspector’ means a reviewer who meets the requirements set out in point (a) of the first subparagraph of paragraph 5 of this Article and who is employed or otherwise contracted by a competent authority;
‘expert’ means a natural person who has specific expertise in financial markets, financial reporting, auditing or other fields relevant for inspections, including practising statutory auditors.
They shall carry out quality assurance reviews of statutory auditors and audit firms that carry out statutory audits of public-interest entities on the basis of an analysis of the risk and:
in the case of statutory auditors and audit firms carrying out statutory audits of public-interest entities other than those defined in points (17) and (18) of Article 2 of Directive 2006/43/EC at least every three years; and,
in cases other than those referred to in point (a), at least every six years.
The competent authority shall have the following responsibilities:
approval and amendment of the inspection methodologies, including inspection and follow-up manuals, reporting methodologies and periodic inspection programmes;
approval and amendment of inspection reports and follow-up reports;
approval and assignment of inspectors for each inspection.
The competent authority shall allocate adequate resources to the quality assurance system.
The competent authority shall ensure that appropriate policies and procedures related to the independence and objectivity of the staff, including inspectors, and the management of the quality assurance system are put in place.
The competent authority shall comply with the following criteria when appointing inspectors:
inspectors shall have appropriate professional education and relevant experience in statutory audit and financial reporting combined with specific training on quality assurance reviews;
a person who is a practising statutory auditor or is employed by or otherwise associated with a statutory auditor or an audit firm shall not be allowed to act as an inspector;
a person shall not be allowed to act as an inspector in an inspection of a statutory auditor or an audit firm until at least three years have elapsed since that person ceased to be a partner or employee of that statutory auditor or of that audit firm or to be otherwise associated with that statutory auditor or audit firm;
inspectors shall declare that there are no conflicts of interest between them and the statutory auditor and the audit firm to be inspected.
By way of derogation from point (b) of paragraph 1, a competent authority may contract experts for carrying out specific inspections when the number of inspectors within the authority is insufficient. The competent authority may also be assisted by experts when this is essential for the proper conduct of an inspection. In such instances, the competent authorities and the experts shall comply with the requirements of this paragraph. Experts shall not be involved in the governance of, or employed or otherwise contracted by professional associations and bodies but may be members of such associations or bodies.
The scope of inspections shall at least cover:
an assessment of the design of the internal quality control system of the statutory auditor or of the audit firm;
adequate compliance testing of procedures and a review of audit files of public-interest entities in order to verify the effectiveness of the internal quality control system;
in the light of the findings of the inspection under points (a) and (b) of this paragraph, an assessment of the contents of the most recent annual transparency report published by a statutory auditor or an audit firm in accordance with Article 13.
At least the following internal quality control policies and procedures of the statutory auditor or the audit firm shall be reviewed:
compliance by the statutory auditor or the audit firm with applicable auditing and quality control standards, and ethical and independence requirements, including those set out in Chapter IV of Directive 2006/43/EC and Articles 4 and 5 of this Regulation, as well as relevant laws, regulations and administrative provisions of the Member State concerned;
the quantity and quality of resources used, including compliance with continuing education requirements as set out in Article 13 of Directive 2006/43/EC;
compliance with the requirements set out in Article 4 of this Regulation on the audit fees charged.
For the purposes of testing compliance, audit files shall be selected on the basis of an analysis of the risk of a failure to carry out a statutory audit adequately.
Competent authorities shall also periodically review the methodologies used by statutory auditors and audit firms to carry out statutory audits.
In addition to the inspection covered by the first subparagraph, competent authorities shall have the power to perform other inspections.
Recommendations of inspections shall be implemented by the inspected statutory auditor or audit firm within a reasonable period set by the competent authority. Such period shall not exceed 12 months in the case of recommendations on the internal quality control system of the statutory auditor or of the audit firm.
Article 27
Monitoring market quality and competition
The competent authorities designated under Article 20(1) and the European Competition Network (ECN), as appropriate, shall regularly monitor the developments in the market for providing statutory audit services to public-interest entities and shall in particular assess the following:
the risks arising from high incidence of quality deficiencies of a statutory auditor or an audit firm, including systematic deficiencies within an audit firm network, which may lead to the demise of any audit firm, the disruption in the provision of statutory audit services whether in a specific sector or across sectors, the further accumulation of risk of audit deficiencies and the impact on the overall stability of the financial sector;
the market concentration levels, including in specific sectors;
the performance of audit committees;
the need to adopt measures to mitigate the risks referred to in point (a).
The Commission, following consultations with the CEAOB, ESMA, EBA and EIOPA shall use those reports to draw up a joint report on those developments at Union level. That joint report shall be submitted to the Council, the European Central Bank and the European Systemic Risk Board, as well as, where appropriate, to the European Parliament.
Article 28
Transparency of competent authorities
Competent authorities shall be transparent and shall at least publish:
annual activity reports regarding their tasks under this Regulation;
annual work programmes regarding their tasks under this Regulation;
a report on the overall results of the quality assurance system on an annual basis. This report shall include information on recommendations issued, follow-up on the recommendations, supervisory measures taken and sanctions imposed. It shall also include quantitative information and other key performance information on financial resources and staffing, and the efficiency and effectiveness of the quality assurance system;
the aggregated information on the findings and conclusions of inspections referred to in the first subparagraph of Article 26(8). Member States may require the publication of those findings and conclusions on individual inspections.
CHAPTER III
Cooperation between competent authorities and relations with the european supervisory authorities
Article 29
Obligation to cooperate
The competent authorities of the Member States shall cooperate with each other where it is necessary for the purposes of this Regulation, including in cases where the conduct under investigation does not constitute an infringement of any legislative or regulatory provision in force in the Member State concerned.
Article 30
Establishment of the CEAOB
The Vice-Chair shall be appointed or removed by the Commission.
The Chair and the Vice-Chair shall not have voting rights.
In the event that the Chair resigns or is removed before the end of his or her term of office, the Vice-Chair shall act as Chair until the next meeting of the CEAOB, which shall elect a Chair for the remainder of the term.
The CEAOB shall:
facilitate the exchange of information, expertise and best practices for the implementation of this Regulation and of Directive 2006/43/EC;
provide expert advice to the Commission as well as to the competent authorities, at their request, on issues related to the implementation of this Regulation and of Directive 2006/43/EC;
contribute to the technical assessment of public oversight systems of third countries and to the international cooperation between Member States and third countries in that area, as referred to in Articles 46(2) and 47(3) of Directive 2006/43/EC;
contribute to the technical examination of international auditing standards, including the processes for their elaboration, with a view to their adoption at Union level;
contribute to the improvement of cooperation mechanisms for the oversight of public-interest entities' statutory auditors, audit firms or the networks they belong to;
carry out other coordinating tasks in the cases provided for in this Regulation or in Directive 2006/43/EC.
The Commission shall publish the guidelines and opinions adopted by the CEAOB.
Article 31
Cooperation with regard to quality assurance reviews, investigations and on-site inspections
The requesting competent authority shall not have the right to access information which might breach national security rules or adversely affect the sovereignty, security or public order of the requested Member State.
It may also request that some of its own personnel be allowed to accompany the personnel of the competent authority of that Member State in the course of the investigation, including with regard to on-site inspections.
The investigation or inspection shall be subject throughout to the overall control of the Member State on whose territory it is carried out.
The requested competent authority may refuse to act on a request for an investigation to be carried out as provided for in the first subparagraph of paragraph 5, or on a request for its personnel to be accompanied by personnel of a competent authority of another Member State as provided for in the second subparagraph of paragraph 5, in the following cases:
where such an investigation or on-site inspection might breach national security rules or adversely affect the sovereignty, security or public order of the requested Member State;
where judicial proceedings have already been initiated in respect of the same actions and against the same persons before the authorities of the requested Member State;
where a final judgment has already been delivered in respect of the same actions and the same persons by the authorities of the requested Member State.
Article 32
Colleges of competent authorities
In order to facilitate the exercise of the tasks referred to in Articles 26, and 31(4) to(6) of this Regulation and Article 30 of Directive 2006/43/EC with regard to specific statutory auditors, audit firms or their networks, colleges may be established with the participation of the competent authority of the home Member State and of any other competent authority, provided that:
the statutory auditor or the audit firm is providing statutory audit services to public-interest entities within the jurisdiction of the Member States concerned; or
a branch which is a part of the audit firm is established within the jurisdiction of the Member States concerned.
Members of the college shall review the selection of the facilitator at least every five years to ensure that the selected facilitator remains the most appropriate occupant of that position.
The facilitator shall, within 10 working days of his or her selection, establish written coordination arrangements within the framework of the college regarding the following matters:
information to be exchanged between competent authorities;
cases in which the competent authorities must consult each other;
cases in which the competent authorities may delegate supervisory tasks in accordance with Article 33.
Article 33
Delegation of tasks
The competent authority of the home Member State may delegate any of its tasks to the competent authority of another Member State subject to the agreement of that authority. Delegation of tasks shall not affect the responsibility of the delegating competent authority.
Article 34
Confidentiality and professional secrecy in relation to cooperation among competent authorities
Article 35
Protection of personal data
CHAPTER IV
Cooperation with third-country authorities and with international organisations and bodies
Article 36
Agreement on exchange of information
Information shall only be exchanged under this Article where such exchange of information is necessary for the performance of the tasks of those competent authorities under this Regulation.
Where such exchange of information involves the transfer of personal data to a third country, Member States shall comply with Directive 95/46/EC and the CEAOB shall comply with Regulation (EC) No 45/2001.
Article 37
Disclosure of information received from third countries
The competent authority of a Member State may disclose the confidential information received from competent authorities of third countries where a cooperation agreement so provides, only if it has obtained the express agreement of the competent authority which has transmitted the information and, where applicable, the information is disclosed only for the purposes for which that competent authority has given its agreement, or where such disclosure is required by Union or national law.
Article 38
Disclosure of information transferred to third countries
The competent authority of a Member State shall require that confidential information communicated by it to a competent authority of a third country may be disclosed by that competent authority to third parties or authorities only with the prior express agreement of the competent authority which has transmitted the information, in accordance with its national law and provided that the information is disclosed only for the purposes for which that competent authority of the Member State has given its agreement, or where such disclosure is required by Union or national law or is necessary for legal proceedings in that third country.
Article 39
Exercise of the delegation
Article 40
Review and reports
Article 41
Transitional provisions
Article 42
National provisions
The Member States shall adopt appropriate provisions to ensure the effective application of this Regulation.
Article 43
Repeal of Commission Decision 2005/909/EC
Commission Decision 2005/909/EC is hereby repealed.
Article 44
Entry into force
This Regulation shall enter into force on the twentieth day following that of its publication in the Official Journal of the European Union.
It shall apply from 17 June 2016.
However, Article 16(6) shall apply from 17 June 2017.
This Regulation shall be binding in its entirety and directly applicable in all Member States.
( 1 ) OJ C 191, 29.6.2012, p. 61.
( 2 ) Position of the European Parliament of 3 April 2014 (not yet published in the Official Journal) and decision of the Council of 14 April 2014.
( 3 ) Council Directive 86/635/EEC of 8 December 1986 on the annual accounts and consolidated accounts of banks and other financial institutions (OJ L 372, 31.12.1986, p. 1).
( 4 ) Council Directive 91/674/EEC of 19 December 1991 on the annual accounts and consolidated accounts of insurance undertakings (OJ L 374, 31.12.1991, p. 7).
( 5 ) Directive 2004/109/EC of the European Parliament and of the Council of 15 December 2004 on the harmonisation of transparency requirements in relation to information about issuers whose securities are admitted to trading on a regulated market and amending Directive 2001/34/EC (OJ L 390, 31.12.2004, p. 38).
( 6 ) Directive 2007/64/EC of the European Parliament and of the Council of 13 November 2007 on payment services in the internal market amending Directives 97/7/EC, 2002/65/EC, 2005/60/EC and 2006/48/EC and repealing Directive 97/5/EC (OJ L 319, 5.12.2007, p. 1).
( 7 ) Directive 2009/65/EC of the European Parliament and of the Council of 13 July 2009 on the coordination of laws, regulations and administrative provisions relating to undertakings for collective investment in transferable securities (UCITS) (OJ L 302, 17.11.2009, p. 32).
( 8 ) Directive 2009/110/EC of the European Parliament and of the Council of 16 September 2009 on the taking up, pursuit and prudential supervision of the business of electronic money institutions amending Directives 2005/60/EC and 2006/48/EC and repealing Directive 2000/46/EC (OJ L 267, 10.10.2009, p. 7).
( 9 ) Directive 2011/61/EU of the European Parliament and of the Council of 8 June 2011 on Alternative Investment Fund Managers and amending Directives 2003/41/EC and 2009/65/EC and Regulations (EC) No 1060/2009 and (EU) No 1095/2010 (OJ L 174, 1.7.2011, p. 1).
( 10 ) Directive 2004/39/EC of the European Parliament and of the Council of 21 April 2004 on markets in financial instruments amending Council Directives 85/611/EEC and 93/6/EEC and Directive 2000/12/EC of the European Parliament and of the Council and repealing Council Directive 93/22/EEC (OJ L 145, 30.4.2004, p. 1).
( 11 ) Directive 2013/34/EU of the European Parliament and of the Council of 26 June 2013 on the annual financial statements, consolidated financial statements and related reports of certain types of undertakings, amending Directive 2006/43/EC of the European Parliament and of the Council and repealing Council Directives 78/660/EEC and 83/349/EEC (OJ L 182, 29.6.2013, p. 19).
( 12 ) Directive 2006/43/EC of the European Parliament and of the Council of 17 May 2006 on statutory audits of annual accounts and consolidated accounts, amending Council Directives 78/660/EEC and 83/349/EEC and repealing Council Directive 84/253/EEC (OJ L 157, 9.6.2006, p. 87).
( 13 ) Directive 95/46/EC of the European Parliament and of the Council of 24 October 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data (OJ L 281, 23.11.1995, p. 31.)
( 14 ) Regulation (EU) No 1092/2010 of the European Parliament and of the Council of 24 November 2010 on European Union macro-prudential oversight of the financial system and establishing a European Systemic Risk Board (OJ L 331, 15.12.2010, p. 1.)
( 15 ) Directive 2005/60/EC of the European Parliament and of the Council of 26 October 2005 on the prevention of the use of the financial system for the purpose of money laundering and terrorist financing (OJ L 309, 25.11.2005, p. 15.)
( 16 ) OJ L 120, 7.5.2008, p. 20.
( 17 ) European Supervisory Authority established by Regulation (EU) No 1095/2010 of the European Parliament and of the Council of 24 November 2010 establishing a European Supervisory Authority (European Securities and Markets Authority), amending Decision No 716/2009/EC and repealing Commission Decision 2009/77/EC (OJ L 331, 15.12.2010, p. 84).
( 18 ) European Supervisory Authority established by Regulation (EU) No 1093/2010 of the European Parliament and of the Council of 24 November 2010 establishing a European Supervisory Authority (European Banking Authority), amending Decision No 716/2009/EC and repealing Commission Decision 2009/78/EC (OJ L 331, 15.12.2010, p. 12).
( 19 ) European Supervisory Authority established by Regulation (EU) No 1094/2010 of the European Parliament and of the Council of 24 November 2010 establishing a European Supervisory Authority (European Insurance and Occupational Pensions Authority), amending Decision No 716/2009/EC and repealing Commission Decision 2009/79/EC (OJ L 331, 15.12.2010, p. 48).
( 20 ) Directive 2014/56/EU of the European Parliament and the Council of 16 April 2014 amending Directive 2006/43/EC on statutory audits of annual accounts and consolidated accounts (see page 196 of this Official Journal).
( 21 ) OJ C 336, 6.11.2012, p. 4.
( 22 ) Commission Decision 2005/909/EC of 14 December 2005 setting up a group of experts to advise the Commission and to facilitate cooperation between public oversight systems for statutory auditors and audit firms (OJ L 329, 16.12.2005, p. 38.)
( 23 ) Directive 2013/36/EU of the European Parliament and of the Council of 26 June 2013 on access to the activity of credit institutions and the prudential supervision of credit institutions and investment firms, amending Directive 2002/87/EC and repealing Directives 2006/48/EC and 2006/49/EC (OJ L 176, 27.6.2013, p. 338.)
( 24 ) Directive 2009/138/EC of the European Parliament and of the Council of 25 November 2009 on the taking-up and pursuit of the business of Insurance and Reinsurance (Solvency II) (OJ L 335, 17.12.2009, p. 1.)
( 25 ) Regulation (EU) No 575/2013 of the European Parliament and of the Council of 26 June 2013 on prudential requirements for credit institutions and investment firms and amending Regulation (EU) No 648/2012 (OJ L 176, 27.6.2013, p. 1).
( 26 ) Regulation (EU) No 1093/2010 of the European Parliament and of the Council of 24 November 2010 establishing a European Supervisory Authority (European Banking Authority), amending Decision No 716/2009/EC and repealing Commission Decision 2009/78/EC (OJ L 331, 15.12.2010, p. 12).
( 27 ) Regulation (EU) No 1094/2010 of the European Parliament and of the Council of 24 November 2010 establishing a European Supervisory Authority (European Insurance and Occupational Pensions Authority), amending Decision No 716/2009/EC and repealing Commission Decision 2009/79/EC (OJ L 331, 15.12.2010, p. 48).