Accept Refuse

EUR-Lex Access to European Union law

This document is an excerpt from the EUR-Lex website

Document L:2018:169:FULL

Official Journal of the European Union, L 169, 6 July 2018


Display all documents published in this Official Journal
 

ISSN 1977-0677

Official Journal

of the European Union

L 169

European flag  

English edition

Legislation

Volume 61
6 July 2018


Contents

 

II   Non-legislative acts

page

 

 

REGULATIONS

 

*

Commission Delegated Regulation (EU) 2018/959 of 14 March 2018 supplementing Regulation (EU) No 575/2013 of the European Parliament and of the Council with regard to regulatory technical standards of the specification of the assessment methodology under which competent authorities permit institutions to use Advanced Measurement Approaches for operational risk ( 1)

1

 

*

Commission Regulation (EU) 2018/960 of 5 July 2018 amending Annexes II and III to Regulation (EC) No 396/2005 of the European Parliament and of the Council as regards maximum residue levels for lambda-cyhalothrin in or on certain products ( 1)

27

 

 

DECISIONS

 

*

Council Decision (EU) 2018/961 of 26 June 2018 on the position to be adopted, on behalf of the European Union, within the EEA Joint Committee concerning the amendment of Protocol 31 to the EEA Agreement, on cooperation in specific fields outside the four freedoms (Budget Line 02 03 01: Internal Market and Budget line 02 03 04: Internal Market Governance Tools) ( 1)

51

 

*

Council Decision (EU) 2018/962 of 3 July 2018 appointing four members and three alternate members, proposed by the Italian Republic, of the Committee of the Regions

54

 


 

(1)   Text with EEA relevance.

EN

Acts whose titles are printed in light type are those relating to day-to-day management of agricultural matters, and are generally valid for a limited period.

The titles of all other Acts are printed in bold type and preceded by an asterisk.


II Non-legislative acts

REGULATIONS

6.7.2018   

EN

Official Journal of the European Union

L 169/1


COMMISSION DELEGATED REGULATION (EU) 2018/959

of 14 March 2018

supplementing Regulation (EU) No 575/2013 of the European Parliament and of the Council with regard to regulatory technical standards of the specification of the assessment methodology under which competent authorities permit institutions to use Advanced Measurement Approaches for operational risk

(Text with EEA relevance)

THE EUROPEAN COMMISSION,

Having regard to the Treaty on the Functioning of the European Union,

Having regard to Regulation (EU) No 575/2013 of the European Parliament and of the Council of 26 June 2013 on prudential requirements for credit institutions and investment firms and amending Regulation (EU) No 648/2012 (1), and in particular the third subparagraph of Article 312(4) thereof,

Whereas:

(1)

For the purposes of own funds requirements for operational risk, the first subparagraph of Article 312(2) of Regulation (EU) No 575/2013 provides that competent authorities permit institutions to use Advanced Measurement Approaches (‘AMA’) based on the institutions' own operational risk measurement systems where they meet all of the qualitative and quantitative standards set out in that Article, implying compliance of institutions with these requirements at all times. As a result, such an assessment does not only relate to the initial application of an institution for the permission to use the AMA, but also applies on an on-going basis.

(2)

The various elements constituting an institution's AMA framework should not be considered in isolation but rather reviewed and assessed as a package of interwoven elements, so that competent authorities are satisfied with an adequate level of compliance in relation to each part of the framework.

(3)

The assessment by competent authorities of an institution's compliance with the requirements referred to in points (a) and (b) of Article 312(4) of Regulation (EU) No 575/2013 to use Advanced Measurement Approaches should not be conducted in a uniform manner. The nature of the elements to be assessed varies according to the type of assessment conducted which in turn depends on the type of application submitted. Competent authorities are required to assess such compliance where an institution first applies to use AMA, where an institution applies to extend the AMA in accordance with the approved sequential implementation plan, where an institution applies to extend or change the AMA it has been granted permission to use, and where an institution applies to return to the use of less sophisticated approaches in accordance with Article 313 of Regulation (EU) No 575/2013. In addition, competent authorities should conduct an ongoing review of the use of the AMA by institutions. Accordingly, competent authorities should conduct the assessment of an institution's compliance with the requirements to use AMA in accordance with the nature of the elements to be assessed corresponding to the relevant assessment methodology.

(4)

Article 85(1) of Directive 2013/36/EU of the European Parliament and of the Council (2) requires institutions to articulate what constitutes operational risk for the purposes of implementing policies and processes to evaluate and manage the exposure to operational risk. Regulation (EU) No 575/2013 provides a definition for ‘operational risk’ which includes both legal risk and model risk. In Article 3(1) of Directive 2013/36/EU, model risk refers to potential losses owed to errors in the development, implementation or use of internal models but does not include potential losses owed to valuation adjustments from model risk as referred to in Article 105 of Regulation (EU) No 575/2013 on prudent valuation or in Commission Delegated Regulation (EU) 2016/101 (3) and does not refer to model risk associated with using a possibly incorrect valuation methodology as referred to in Article 105(13) of Regulation (EU) No 575/2013. Equally, Regulation (EU) No 575/2013 does not specify how competent authorities should verify compliance with the requirement to articulate any operational risk that relates to legal risk and model risk. Rules specifying the assessment methodology to be used by competent authorities when assessing whether institutions may use the AMA should therefore include such specification.

(5)

It is also necessary to harmonise supervisory approaches with regard to the correct articulation of operational risk in financial transactions, including those related to market risk, as the operational risks of these transactions are proved to be sizeable and their drivers, typically of multifaceted nature, may be not consistently detectable and recordable as such throughout the Union.

(6)

Standards to be respected by an institution's governance and risk management framework are laid down in Article 74 of Directive 2013/36/EU and Article 321 of Regulation (EU) No 575/2013. As a result, the methodology for AMA assessment should provide for verification, by competent authorities, that an institution has a clear organisational structure for the governance and management of operational risk with well-defined, transparent and consistent lines of responsibility taking into account the nature, scale and complexity of the activities of the institution when assessing whether an institution may use the AMA approach. In particular, it should be confirmed that the operational risk management function plays a key role in identifying, measuring and assessing, monitoring, controlling and mitigating the operational risks faced by the institution and that it is sufficiently independent from the institution's business units so as to ensure that its professional judgement and recommendations are both independent and impartial. It should also be determined that senior management is responsible for developing and implementing the operational risk governance and management framework that has been approved by the management body and that such framework is consistently implemented throughout the institution's organisation. Competent authorities should also assess that adequate tools and information are provided at all staff levels so that all staff understand their responsibilities with respect to operational risk management.

(7)

Effective internal reporting systems are a prerequisite of sound internal governance. Competent authorities should therefore ensure that an institution applying for AMA permission adopts effective risk reporting systems not only to the management body and senior management but also to all the functions responsible for the management of operational risks to which the institution is, or might be, exposed. The reporting system should reflect the up-to-date status of operational risk issues at the institution and should include all material aspects of operational risk management and measurement.

(8)

In accordance with Article 321(a) of Regulation (EU) No 575/2013, an institution's internal operational risk measurement system has to be closely integrated into its day-to-day risk management processes. As a result, the methodology for AMA assessment should provide for competent authorities to ensure that an institution applying for an AMA permission actually uses its operational risk measurement system for its day-to-day business process and for risk management purposes on an on-going basis and not solely for the purpose of calculating the own funds requirements for operational risk. Rules on the AMA supervisory assessment should therefore include rules on the supervisory expectations to be met by the institution applying for an AMA permission as regards the ‘use test’.

(9)

In order to provide both institutions and competent authorities with evidence that an institution's operational risk measurement system is reliable and robust and generates more credible operational risk own funds requirements than a simpler operational risk regulatory methodology, competent authorities should verify that the institution has compared the operational risk measurement system against the Basic Indicator Approach or the Standardised Approach for operational risk laid down in Articles 315, 317, and 319 of Regulation (EU) No 575/2013 over a determined period of time. That period of time should be sufficiently long for the competent authority to establish that the institution meets the qualitative and quantitative standards laid down in the Regulation (EU) No 575/2013 for the use of an AMA.

(10)

According to Article 321(g) of Regulation (EU) No 575/2013, an institution's data flows and processes associated with the AMA measurement system are required to be transparent and accessible. Data relating to operational risk is not immediately available as it first needs to be identified within an institution's books and archives, and then properly gathered and maintained. Furthermore, the measurement system is typically very sophisticated and envisages several logical and computational steps for the generation of the AMA own funds requirements. The methodology for AMA assessment should therefore verify that the data quality and IT systems are properly designed and correctly implemented within an institution so as to serve the purpose for which they are built.

(11)

The AMA framework of an institution is subject to internal validation and audit reviews in accordance with points (e) and (f) of Article 321 of Regulation (EU) No 575/2013. Although the organisational structure of the internal validation and audit functions can vary depending on an institution's nature, complexity and business, it should be ensured that the methodology for AMA assessment of the reviews undertaken by these functions adheres to common criteria as to the terms and scope of such reviews.

(12)

Operational risk modelling is a relatively new and evolving discipline. Accordingly, Article 322 of Regulation (EU) No 575/2013 grants significant flexibility to institutions in building the operational risk measurement system for calculating the AMA own funds requirements. Such flexibility, however, should not result in significant differences across institutions with regard to the key components of the measurement system, including the use of internal data, external data, scenario analysis and business environment and internal control factors (known and referred to as ‘the four elements’), the core modelling assumptions that permit capturing severe tail events and the related risk drivers (the building of the calculation data set, the granularity, the identification of the loss distributions and the determination of aggregated loss distributions and risk measures) or the expected loss, the correlation and the criteria for capital allocation which should ensure a measurement system's internal consistency. Therefore, with the view to ensuring that the risk measurement system is methodologically well founded, comparable across the institutions, effective in capturing the institutions' actual and potential operational risk and reliable and robust in generating AMA regulatory capital requirements, the methodology for AMA assessment should provide that the same criteria and requirements are applied by the competent authorities across the Union. The AMA assessment methodology should also take into consideration the idiosyncratic components of operational risk that are related to the institutions' different size, nature and complexity.

(13)

With particular regard to the internal data, consideration should be given to the fact that even though an operational risk loss can arise only from an operational risk event, its occurrence may be revealed by different items, including direct charges, expenses, provisions, uncollected revenues. Whilst some operational risk events have a quantifiable impact and are reflected in the institution's financial statements, others are not quantifiable and do not affect the institution's financial statements and are therefore detectable from other sources including managerial archives and incidents dataset. Therefore, rules specifying the assessment methodology for competent authorities in order to permit institutions to use the AMA should specify what constitutes an operational risk loss and the amount to be recorded for AMA purposes and, more generally, all the potential items that could reveal the occurrence of operational risk events.

(14)

Sometimes, institutions are able to quickly recover emerging operational risk losses. Rapidly recovered losses should not be considered for the purposes of calculating the AMA own funds requirements, although they may be useful for management purposes. Since there are various criteria that institutions use to qualify losses as rapidly recovered, rules on the AMA assessment methodology should include rules specifying the appropriate criteria for qualifying losses as rapidly recovered.

(15)

Risk mitigation techniques may be recognised by competent authorities within the AMA provided that certain conditions are fulfilled, as referred to in Article 323 of Regulation (EU) No 575/2013. In order to effectively apply the rules relating to these mitigation techniques, specific standards should be followed by competent authorities when assessing the application of these rules by an institution. In particular, where those mitigation techniques are in the form of insurance, it is necessary to ensure that such insurance is provided by insurance firms authorised in the Union or in jurisdictions with equivalent regulatory standards for insurance firms, as those applicable in the Union.

(16)

Where risk mitigation techniques are in the form of other risk transfer mechanisms than insurance, competent authorities should ensure that such mechanisms are actually transferring risk and are not used to circumvent the AMA own funds requirements. This condition is essential in light of the peculiarities of operational risk, where there are no clear underlying assets of reference and where unexpected losses play a greater role than in other types of risk. This is further exacerbated in light of the lack of an efficient, liquid, and structured market for operational risk ‘products’ which thus far have been traded outside the banking sector, including catastrophe bonds and weather derivatives. Finally, there is often great difficulty in assessing the legal risk of such mechanisms, even where the terms and conditions of these contracts are clearly and carefully spelled out.

(17)

To ensure a smooth transition for institutions that already have permission to use the AMA or that have applied for a permission to use the AMA before the entry into force of this Regulation, it should be provided that competent authorities apply this Regulation in relation to the assessment of the AMA of these institutions only after a certain transitional period. Given that the regular review of the AMA referred to in Article 101(1) of Directive 2013/36/EU is usually performed on an annual basis, that transitional period should be a year from the date of entry into force of this Regulation.

(18)

Institutions that use Gaussian or Normal-like distributions for recognising correlation within all or parts of their AMA should no longer use them in the context of their AMA as these assumptions would imply tail independence among operational risk categories, thus excluding the possibility of simultaneous occurrence of large losses of different types, an assumption which is neither prudent nor realistic. Enough time should therefore be granted for the smooth transition of these institutions to a new regime where more conservative assumptions, implying positive tail dependence, are introduced within the operational risk measurement system. Given that the implementation of these assumptions might require the modification of some key elements and the related procedures, of the AMA framework, it would be appropriate to provide two years for that transition.

(19)

This Regulation is based on the draft regulatory technical standards submitted by the European Banking Authority to the Commission.

(20)

The European Banking Authority has conducted open public consultations on these draft regulatory technical standards, analysed the potential related costs and benefits and requested the opinion of the Banking Stakeholder Group established in accordance with Article 37 of Regulation (EU) No 1093/2010 of the European Parliament and of the Council (4),

HAS ADOPTED THIS REGULATION:

CHAPTER 1

GENERAL PROVISIONS

Article 1

Assessment of Advanced Measurement Approaches

1.   The assessment under which the competent authorities permit an institution to use Advanced Measurement Approaches (AMA) shall confirm that:

(a)

the elements in Articles 3 to 6 are fulfilled;

(b)

Chapters 2 and 3 are fulfilled;

(c)

Chapter 4 is fulfilled where the institution has adopted the insurance and other risk transfer mechanisms referred to therein.

2.   Chapters 1 to 4 shall be taken into account where competent authorities conduct the following:

(a)

an assessment of the materiality of extensions and changes to the AMA used by an institution;

(b)

an assessment of the sequential implementation plan to the AMA used by an institution;

(c)

an assessment of an institution's return to the use of less sophisticated approaches in accordance with Article 313 of Regulation (EU) No 575/2013;

(d)

the ongoing reviews of an AMA used by an institution.

Article 2

Definitions

For the purposes of this Delegated Act, the following definitions shall apply:

(1)

‘body-tail modelling threshold’ means the loss value that separates the body from the tail of the loss distributions;

(2)

‘calculation data set’ means the portion of gathered data, either actual or constructed, that fulfils the necessary conditions to serve as input into the operational risk measurement system;

(3)

‘data collection threshold’ means the loss value from which an institution identifies and collects operational risk losses for management and measurement purposes;

(4)

‘date of accounting’ means the date when a loss or a provision against an operational risk event is first recognized in the Profit and Loss;

(5)

‘minimum modelling threshold’ means the loss value from which the frequency and severity distributions, either empirical or parametric, are fitted to the operational risk losses;

(6)

‘gross loss’ or ‘loss’ means the loss stemming from an operational risk event before recoveries of any type;

(7)

‘misconduct event’ means the operational risk event arising from willful or negligent misconduct, including inappropriate supply of financial services;

(8)

‘operational risk category’ means the level, such as the event type and the business line, at which an institution's operational risk measurement system generates separate frequency and severity distributions;

(9)

‘operational risk profile’ means the representation in absolute figures at a given point in time of an institution's actual and prospective operational risk;

(10)

‘operational risk tolerance’ means an institution's forward looking view, represented in absolute figures, of the aggregate level and types of operational risk that the institution is willing or prepared to incur which will not jeopardise its strategic objectives and business plan;

(11)

‘recovery’ means the occurrence related to the original loss that is independent of that loss and that is separate in time, in which funds or inflows of economic benefits are received from first or third parties;

(12)

‘risk measure’ means a single statistic on operational risk extracted from the aggregated loss distribution at the desired confidence level, including Value at Risk (VaR), or shortfall measures (e.g. Expected Shortfall, Median Shortfall);

(13)

‘System Development Life Cycle’ or ‘SDLC’ means the process for planning, creating, testing, and deploying an IT infrastructure;

(14)

‘timing loss’ means the negative economic impact booked in a financial accounting period due to an operational risk event impacting the cash flows or financial statements of previous financial accounting periods.

Article 3

Operational risk events related to legal risk

1.   Competent authorities shall confirm that an institution identifies, collects and treats data on operational risk events and losses related to legal risk for the purposes of both management of operational risk and calculation of the AMA own funds requirement by verifying at least all of the following:

(a)

that the institution clearly identifies and classifies as operational risk losses or other expenses deriving from events that result in legal proceedings, including at least the following;

(i)

a failure to act where such action is necessary to comply with a legal rule;

(ii)

action taken to avoid compliance with a legal rule;

(iii)

misconduct events.

(b)

that the institution clearly identifies and classifies as operational risk losses or other expenses resulting from voluntary actions intended to avoid or mitigate legal risks arising from operational risk events, including refunds or discounts of future services offered to customers voluntarily where such refunds are not offered as a result of customer complaints;

(c)

that the institution clearly identifies and classifies as operational risk losses resulting from errors and omissions in contracts and documentation;

(d)

that the institution does not classify the following as operational risk:

(i)

refunds to third parties or employees and goodwill payments due to business opportunities, where no breach of any rules or ethical conduct has occurred and where the institution has fulfilled its obligations on a timely basis;

(ii)

external legal costs where the underlying event is not an operational risk event.

For the purposes of paragraph (a), legal proceedings shall be considered to be all legal settlements, including both mandated court settlements and out of court settlements.

2.   For the purposes of this Article, legal rules shall include at least the following:

(a)

any requirement derived from national or international statutory or legislative provisions;

(b)

any requirement derived from contractual arrangements, internal rules and codes of conduct established in accordance with national or international norms and practices.

(c)

ethical rules.

Article 4

Operational risk events related to model risk

Competent authorities shall confirm the following when assessing that an institution identifies, collects and treats data on operational risk events and losses that are related to model risk, as defined in point (11) of Article 3(1) of Directive 2013/36/EU of the European Parliament and of the Council of 26 June 2013, for the purposes of both management of operational risk and calculation of the AMA own funds requirement:

(a)

that at least the following events, and the related losses, resulting from models used for decision-making are classified as operational risk:

(i)

improper definition of a selected model and its characteristics;

(ii)

inadequate verification of a selected model's suitability for the financial instrument to be evaluated or the product to be priced, or its suitability for the applicable market conditions;

(iii)

errors in the implementation of a selected model;

(iv)

incorrect mark-to-market valuations and risk measurement as a result of a mistake when booking a trade into the trading system;

(v)

use of a selected model or its outputs for a purpose for which it was not intended or designed, including manipulation of the modelling parameters;

(vi)

untimely and ineffective monitoring of model performance to confirm whether the model remains fit for purpose.

(b)

that events related to the under-estimation of own funds requirements by internal models authorized by competent authorities are not included in the identification, collection and treatment of data on operational risk events and losses related to model risk.

Article 5

Operational risk events related to financial transactions including those related to market risk

Competent authorities shall confirm that at least the following events, and the related losses, are classified as operational risk when assessing that an institution identifies, collects and treats data on operational risk events and losses that are related to financial transactions and market risk for the purposes of both management of operational risk and calculation of the AMA own funds requirement:

(a)

events due to operational and data entry errors, including the following:

(i)

failures and errors during the introduction or execution of orders;

(ii)

loss of data or misunderstanding of the data flow from the front to the middle and back offices of the institution;

(iii)

errors in classification;

(iv)

incorrect specification of deals in the term-sheet, including errors related to the transaction amount, maturities and financial features.

(b)

events due to failures in internal controls, including the following:

(i)

failures in properly executing an order to unwind a market position in case of adverse price movements;

(ii)

unauthorised positions taken in excess of allocated limits, irrespective of the type of risk they relate to.

(c)

events due to inadequate data quality and unavailability of IT environment, including technical unavailability of access to the market resulting in an inability to close contracts.

Article 6

Quality and auditability of documentation

1.   Competent authorities shall verify the quality of the documentation relating to the AMA used by an institution by confirming at least the following:

(a)

that the documentation is approved at the appropriate management level of the institution;

(b)

that the institution has policies in place outlining standards to ensure the high quality of internal documentation including specific accountability for ensuring that the documentation maintained is complete, consistent, accurate, updated, approved and secure;

(c)

that the layout of the documentation set out in the policies referred to in point (b) identifies at least the following items:

(i)

type of document;

(ii)

author;

(iii)

reviewer;

(iv)

authorising agent and owner;

(v)

dates of development and approval;

(vi)

version number;

(vii)

history of changes to the document.

(d)

that the institution thoroughly documents its policies, procedures and methodologies.

2.   Competent authorities shall verify the auditability of the documentation relating to the AMA used by an institution by confirming at least the following:

(a)

that the documentation is sufficiently detailed and accurate to allow examination of the AMA by third parties, including:

(i)

the understanding of the reasoning and procedures underlying its development;

(ii)

the understanding of the operational risk measurement system in order to determine how the AMA own funds requirements operates, its limitations and key assumptions and being able to replicate the model development.

CHAPTER 2

QUALITATIVE STANDARDS

SECTION 1

Governance

Article 7

Operational risk management process

1.   Competent authorities shall assess the efficacy of an institution's AMA framework for the governance and management of operational risk and that a clear organisational structure with well-defined, transparent and consistent lines of responsibility exists by confirming at least the following:

(a)

that the institution's management body discusses and approves the governance of operational risk, the operational risk management process and the operational risk measurement system;

(b)

that the institution's management body clearly defines and determines the following on at least an annual basis:

(i)

the institution's operational risk tolerance;

(ii)

the institution's operational risk tolerance written statement on the aggregate level of operational risk loss and event types, containing both qualitative and quantitative measures including thresholds and limits based on operational risk loss metrics that the institution is willing or prepared to incur in order to achieve its strategic objectives and business plan, ensuring that it is available and understood throughout the institution;

(c)

that the institution's management body monitors the institution's compliance with the operational risk tolerance statement referred to in point (b) (ii) on a continuous basis;

(d)

that the institution applies an on-going operational risk management process to identify, assess and measure, monitor and report operational risk, including misconduct events, and is able to identify the staff responsible for the management of operational risk process;

(e)

that the information resulting from the process referred to in point (d) is transmitted to the relevant committees and executive bodies of the institution, and that the decisions arising from those committees are communicated to those responsible within the institution for the collection, control, monitoring and management of operational risk and to those responsible for managing activities that give rise to operational risk;

(f)

that the institution evaluates the effectiveness of its operational risk governance, operational risk management process and operational risk measurement system on at least an annual basis;

(g)

that the institution notifies the relevant competent authority of the findings of the evaluation referred to in point (f) on at least an annual basis.

2.   For the purposes of the assessment referred to in paragraph 1, competent authorities shall take into account the impact of the operational risk governance structure on the level of engagement in operational risk management and culture by the staff of the institution, including at least the following:

(a)

the level of awareness, on behalf of the staff of the institution, of operational risk policies and procedures;

(b)

the institution's internal process for challenging the design and the effectiveness of the AMA framework.

Article 8

Independent operational risk management function

1.   Competent authorities shall assess the independence of the operational risk management function from the institution's business units by confirming at least the following:

(a)

that the operational risk management function undertakes the following tasks separately from the institution's business lines:

(i)

the design, development, implementation, maintenance and oversight of the operational risk management process and the operational risk measurement system;

(ii)

the analysis of the operational risk associated with the introduction and development of new products, markets, lines of business, processes, systems and significant changes to existing products;

(iii)

the oversight of business activities that may give rise to an operational risk exposure that could breach the institution's risk tolerance;

(b)

that the operational risk management function receives appropriate commitment by the management body and senior management and is of adequate stature within the organization for fulfilling its tasks;

(c)

that the operational risk management function is not also responsible for the internal audit function;

(d)

that the head of the operational risk management function meets at least the following requirements:

(i)

an appropriate level of experience to manage the actual and prospective operational risk, as indicated by the operational risk profile;

(ii)

regular communication with the management body and its committees as mandated by the risk management structure of the institution;

(iii)

active involvement in the elaboration of the institution's operational risk tolerance and strategy for its management and mitigation;

(iv)

independence from the operational units and functions reviewed by the operational risk management function;

(v)

allocation of a budget for the operational risk management function by the head of risk management referred to in the fourth subparagraph of Article 76(5) of Directive 2013/36/EU or a member of the management body in a supervisory capacity and not by a business unit or executive function.

Article 9

Senior management involvement

Competent authorities shall assess the degree of involvement of senior management of an institution by confirming at least the following:

(a)

that senior management is responsible for implementing the operational risk governance and management framework approved by the management body;

(b)

that senior management has been empowered by the management body to develop policies, processes and procedures for managing operational risk;

(c)

that senior management is implementing the policies, processes and procedures for managing operational risk referred to in point (b).

Article 10

Reporting

Competent authorities shall assess whether the reporting of an institution's operational risk profile and management of operational risk is sufficiently regular, timely and robust by confirming at least the following:

(a)

that problems relating to the institution's reporting systems and internal controls are identified quickly and accurately;

(b)

that the institution's operational risk reports are distributed to appropriate levels of management and to areas of the institution which the reports have identified as an area of concern;

(c)

that the institution's senior management receives at least quarterly reports on the latest status of the institution's operational risk profile and uses these reports in the decision making process;

(d)

that the institution's operational risk reports contain relevant management information and at least a high-level summary of the top operational risks of the institution and of the relevant subsidiaries as well as business units;

(e)

that the institution uses ad hoc reports in case of certain deficiencies in the policies, processes and procedures for managing operational risk to promptly detect and address these deficiencies and therefore substantially reduce the potential frequency and severity of a loss event.’

SECTION 2

Use test

Article 11

Use of the AMA

Competent authorities shall assess that an institution uses the AMA for internal purposes by confirming at least the following:

(a)

that the institution's operational risk measurement system is used to manage operational risks across different business lines, units or legal entities within the organisation structure;

(b)

that the operational risk measurement system is embedded within the various entities of the group and, where it is used at a consolidated level, that the parent institution's AMA framework is extended to the subsidiaries, and that those subsidiaries' operational risk and business environment and internal control factors (BEICF) referred to in Articles 322(1) and 322(6) of Regulation (EU) No 575/2013 are incorporated in the group-wide AMA calculations;

(c)

that the operational risk measurement system is used also for the purposes of the institution's internal capital adequacy assessment process referred to in Article 73 of Directive 2013/36/EU.

Article 12

Continuous integration of the AMA

Competent authorities shall assess that an institution ensures the continuous integration of its operational risk management system into its day-to-day risk management processes by confirming at least the following:

(a)

that the operational risk measurement system is updated on a regular basis and is further developed as more experience and sophistication in management and quantification of operational risk is gained;

(b)

that the nature and balance of inputs into the operational risk measurement system are relevant and reflect the nature of the institution's business, strategy, organisation and operational risk exposure at all times.

Article 13

AMA used to support the operational risk management of the institution

Competent authorities shall assess that an institution uses the AMA to support its operational risk management, by confirming at least the following:

(a)

that the operational risk measurement system is effectively used for the regular and prompt reporting of consistent information that accurately reflects the nature of the business and the operational risk profile of the institution;

(b)

that the institution takes remedial actions to improve internal processes upon receipt of information about findings from the operational risk measurement system.

Article 14

AMA used to enhance the operational risk organization and control of the institution

Competent authorities shall assess that an institution uses the AMA to further enhance its operational risk organization and control, by confirming at least the following:

(a)

that the institution's definition of operational risk tolerance and its associated operational risk management objectives and activities are clearly communicated within the institution;

(b)

that the relationship between the institution's business strategy and its operational risk management, including with regard to the approval of new products, systems and processes, is clearly communicated within the institution;

(c)

that the operational risk measurement system increases transparency, risk awareness and operational risk management expertise and creates incentives to improve the management of operational risk throughout the institution;

(d)

that the inputs and the outputs of the operational risk measurement system are used in relevant decisions and plans, including in the institution's action plans, business continuity plans, internal audit working plans, capital assignment decisions, insurance plans and budgeting decisions.

Article 15

Comparison of the AMA with the less sophisticated approaches

1.   Competent authorities shall assess that an institution demonstrates the stability and robustness of the AMA output by confirming at least the following:

(a)

that before granting the permission to use the AMA for regulatory purposes, the institution calculated its own funds requirements for operational risk under both the AMA and the less sophisticated approach previously applicable to it, and that it performed that calculation:

(i)

on a reasonably regular basis, and at least quarterly;

(ii)

covering all relevant legal entities that would use the AMA at the date of the initial implementation;

(iii)

covering all the operational risks that would be covered by the AMA at the date of the initial implementation.

(b)

that the institution complies with at least the following:

(i)

the operational risk management process and the operational risk measurement system have been developed and tested;

(ii)

any problems have been resolved and the system and attendant process have been fine-tuned;

(iii)

it has ensured that the operational risk measurement system generates results which conform to the institution's expectations, including taking account of information from both the institution's existing and previous systems;

(iv)

it has demonstrated it can quickly vary model parameters to understand the impact of changed assumptions with minimal systems adjustments or manual interventions;

(v)

it is able to make appropriate capital adjustments to the own funds requirements before the first ‘live use’ of the AMA;

(vi)

it has demonstrated over a reasonable period that the new systems and reporting processes are robust and generate management information that the institution can use to identify and manage operational risk.

For the purposes of point (a), the assessment of the calculation performed shall cover at least two consecutive quarters.

2.   Competent authorities may grant permission to use the AMA where the institution demonstrates its continuous comparison of the calculation of its own funds requirements for operational risk under the AMA against the less sophisticated approach previously applicable to it, for one year after the permission is granted.

SECTION 3

Audit and internal validation

Article 16

Audit and internal validation functioning

1.   Competent authorities shall assess the degree to which an institution's audit and internal validation functions confirm that the operational risk management and measurement processes implemented for AMA purposes are reliable and effective in managing and measuring operational risk within the organization by verifying at least the following:

(a)

that the internal validation function provides a reasoned and well-informed opinion on whether the operational risk measurement system works as predicted, and that the outcome of the model is suitable for its various internal and supervisory purposes, at least on annual basis;

(b)

that the audit function verifies the integrity of the operational risk policies, processes and procedures, assessing whether these comply with regulatory requirements as well with established controls, at least on annual basis and in particular, that the audit function assesses the quality of the sources and data used for operational risk management and measurement purposes;

(c)

that the functions of audit and internal validation have a review program in place that covers the aspects of the AMA included in this Regulation and is regularly updated with regard to:

(i)

the development of internal processes for identifying, measuring and assessing, monitoring, controlling and mitigating operational risk;

(ii)

the implementation of new products, processes and systems which expose the institution to material operational risk.

(d)

that the internal validation is carried out by qualified resources, which are independent of the validated units;

(e)

that where audit activities are carried out by internal or external audit functions or qualified external parties, these are independent of the process or system being reviewed and, where these are outsourced, that the management body and senior management of the institution remain accountable for ensuring that outsourced functions are performed in accordance with the institutions' approved audit plan;

(f)

that the audit and internal validation reviews on the AMA framework are properly documented and their output is distributed to the appropriate recipients within the institutions, including, where appropriate, the risk committees, operational risk management function, business line management and other relevant staff;

(g)

that the results of the audit and internal validation reviews are summarised and reported on at least an annual basis to the institution's management body or to a committee designated by it for approval;

(h)

that the review and approval of the effectiveness of the institution's AMA framework is undertaken at least on an annual basis.

Article 17

Audit and internal validation governance

Competent authorities shall assess that an institution's audit and internal validation governance is of a high quality by confirming at least the following:

(a)

that audit programs for reviewing the AMA framework cover all significant activities that could expose the institution to material operational risk, including outsourced activities;

(b)

that the internal validation techniques are proportionate to changing market and operating conditions, and that their outcomes are subject to audit review.

SECTION 4

Data quality and IT infrastructure

Article 18

Data quality

1.   Competent authorities shall assess the degree to which the quality of the data used by an institution's in the AMA framework is maintained, and that the building and maintenance procedures are regularly analysed by that institution, by verifying that the institution has at least the following sets of data at its disposal:

(a)

data to build and track its operational risk history, made up of internal and external data, scenario analysis, and BEICF;

(b)

complementary data, including model parameters, model outputs and reports.

2.   For the purposes of paragraph 1, competent authorities shall confirm that the institution has defined appropriate data quality dimensions to provide effective support to its operational risk management process and measurement system, and that it complies on a regular basis with the set dimensions.

3.   For the purposes of paragraph 1, competent authorities shall confirm that the institution's data quality dimensions meet at least the following conditions:

(a)

they are of sufficient breadth, depth, and scope for the task at hand;

(b)

they meet current and potential user needs;

(c)

they are updated promptly;

(d)

they are appropriate for, and consistent with, the extent of their usage;

(e)

they accurately represent the real-life phenomenon that they aim to represent;

(f)

they do not violate any business rule in a database that has to be statically and dynamically maintained.

4.   For the purposes of paragraph 1, competent authorities shall confirm that the institution has appropriate documentation for the design and maintenance of the databases used in the institution's AMA framework, and that the documentation contains at least the following:

(a)

a global map of databases involved in the operational risk measurement system with their descriptions;

(b)

a data policy and a statement of responsibility;

(c)

descriptions of work-flows and procedures related to data collection and data storage;

(d)

a statement of weaknesses with all the weaknesses identified in the databases of the validation and review processes and a statement on how the institution plans to correct or reduce the weaknesses identified.

5.   Competent authorities shall confirm that the policies on the SDLC for AMA are approved by the institution's management body and senior management.

6.   Where the institution uses external data sources, the institution shall ensure that the provisions in this Article are satisfied.

Article 19

Supervisory assessment of IT infrastructure

1.   Competent authorities shall assess the degree to which an institution ensures the soundness, robustness and performance of the IT infrastructure used for AMA purposes by confirming at least the following:

(a)

that the IT systems and infrastructure of the institution for AMA purposes are sound and resilient and that these features can be maintained on a continuous basis;

(b)

that the SDLC for AMA purposes is sound and proper with reference to:

(i)

project management, risk management, and governance;

(ii)

engineering, quality assurance and test planning;

(iii)

systems' modelling and development;

(iv)

quality assurance in all activities, including code reviews and where appropriate, code verification;

(v)

testing, including user acceptance.

(c)

that the institution's IT infrastructure implemented for AMA purposes is subject to configuration management, change management and release management processes;

(d)

that SDLC and contingency plans for AMA purposes are approved by the institution's management body or senior management and that the management body and senior management are periodically informed about the IT infrastructure performance for AMA purposes.

2.   Where the institution outsources parts of the IT infrastructure maintenance for AMA purposes, the institution shall ensure that the provisions in this Article are satisfied.

CHAPTER 3

QUANTITATIVE STANDARDS

SECTION 1

Use of internal data, external data, scenario analysis and BEICF (‘the four elements’)

Article 20

General principles

Competent authorities shall assess an institution's compliance with the standards relating to the use of internal data, external data, scenario analysis and BEICF (‘the four elements’), as referred to in Article 322 of Regulation (EU) No 575/2013, by verifying at least the following:

(a)

that the institution has internal documentation specifying in detail how the four elements are gathered, combined and/or weighted, including a description of the modelling process that illustrates the use and combination of the four elements and of the rationale for the modelling choices;

(b)

that the institution has a clear understanding of how each of the four elements influence the AMA own funds requirements;

(c)

that the combination of the four elements used by the institution is based on a sound statistical methodology, sufficient for estimating high percentiles;

(d)

that the institution applies at least the following when collecting, generating and treating the four elements:

(i)

the criteria set out in Articles 21 to 24 relating to internal data;

(ii)

the criteria set out in Article 25, relating to external data;

(iii)

the criteria set out in Article 26, relating to scenario analysis;

(iv)

the criteria set out in Article 27, relating to BEICF.

SUB-SECTION 1

Internal data

Article 21

Internal data features

Competent authorities shall assess an institution's compliance with the standards relating to internal data features, as referred to in point (i) of Article 20(d), by verifying at least the following:

(a)

that the institution gathers all of the following elements within the group in a clear and consistent manner:

(i)

the gross loss caused by the occurrence of an operational risk event;

(ii)

the recovery.

(b)

that the institution is able to separately identify the gross loss amount, the recovery from insurance and other risk transfer mechanisms (ORTM) and the recovery except from insurance and ORTM following an operational risk event, except for losses that are partly or fully recovered within five working days;

(c)

that the institution implements a system for defining and justifying appropriate data collection thresholds based on the gross loss amount;

(d)

that the operational risk category is reasonable and does not omit loss data that is material for effective operational risk measurement and risk management;

(e)

that for each individual loss, the institution is able to identify and record at least the following elements in the internal database:

(i)

the date of occurrence or start of occurrence of the operational risk event, where available;

(ii)

the date of discovery of the operational risk event;

(iii)

the date of accounting.

Article 22

Scope of operational risk loss

1.   Competent authorities shall confirm that an institution identifies, collects and treats the loss items generated by an operational risk event, as referred to in point (i) of Article 20(d), by verifying that the institution includes at least the following within the scope of operational risk loss for the purposes of both management of operational risk and calculation of the AMA own funds requirements:

(a)

direct charges, including impairments and settlement charges, to the Profit and Loss account and write-downs due to the operational risk event;

(b)

costs incurred as a consequence of the operational risk event, including the following:

(i)

external expenses with a direct link to the operational risk event, including legal expenses and fees paid to advisors, attorneys or suppliers;

(ii)

costs of repair or replacement to restore the position prevailing before the operational risk event, in the form of either precise figures, or, where these are not available, estimates.

(c)

provisions or reserves accounted for in the Profit and Loss account against probable operational risk losses, including those from misconduct events;

(d)

pending losses, in the form of losses stemming from an operational risk event, which are temporarily booked in transitory or suspense accounts and are not yet reflected in the Profit and Loss which are planned to be included within a time period commensurate to the size and age of the pending item;

(e)

material uncollected revenues, related to contractual obligations with third parties, including the decision to compensate a client following the operational risk event, rather than by a reimbursement or direct payment, through a revenue adjustment waiving or reducing contractual fees for a specific future period of time;

(f)

timing losses, where they span more than one financial accounting year and give rise to legal risk.

2.   For the purposes of paragraph 1, competent authorities may, to the extent appropriate, confirm that the institution identifies, collects and treats for the purposes of management of operational risk any additional items where they originate from a material operational risk event, including the following:

(a)

a near miss in the form of a nil loss caused by an operational risk event, including an IT disruption in the trading room just outside trading hours;

(b)

a gain caused by an operational risk event;

(c)

opportunity costs in the form of an increase in costs or a shortfall in revenues due to operational risk events that prevent undetermined future business from being conducted, including unbudgeted staff costs, forgone revenue, and project costs related to improving processes;

(d)

internal costs including overtime or bonuses.

3.   For the purposes of paragraph 1, competent authorities shall also confirm that the institution excludes the following items from the scope of operational risk loss:

(a)

costs of general maintenance contracts on property, plant or equipment;

(b)

internal or external expenditures to enhance the business after the occurrence of an operational risk event, including upgrades, improvements, risk assessment initiatives and enhancements;

(c)

insurance premiums.

Article 23

Recorded loss amount of the operational risk items

1.   Competent authorities shall confirm that an institution records the loss amount generated by an operational risk event, as referred to in point (i) of Article 20(d), by verifying at least the following:

(a)

that the whole amount of the incurred loss or expenses, including provisions, costs of settlement, amounts paid to make good the damage, penalties, interest in arrears and legal fees, is considered as recorded loss amount for the purposes of both management of operational risk and calculation of the AMA own funds requirements, unless otherwise specified;

(b)

that, where the operational risk event relates to market risk, the institution includes the costs to unwind market positions in the recorded loss amount of the operational risk items; and that, where the position is intentionally kept open after the operational risk event is recognized, any portion of the loss due to adverse market conditions after the decision to keep the position open is not included in the recorded loss amount of the operational risk items;

(c)

that, where tax payments relate to failures or inadequate processes of the institution, the institution includes in the recorded loss amount of the operational risk items the expenses incurred as a result of the operational risk event, including penalties, interest charges, late-payment charges, and legal fees, with the exclusion of the tax amount originally due;

(d)

that, where there are timing losses and the operational risk event directly affects third parties, including customers, providers and employees of the institution, the institution includes in the recorded loss amount of the operational risk item also the correction of the financial statement.

2.   For the purposes of paragraph 1, where the operational risk event leads to a loss event, which is partly rapidly recovered, competent authorities shall consider appropriate the inclusion, on behalf of the institution, in the recorded loss amount of only that part of the loss which is not rapidly recovered in accordance with point (b) of Article 21.

Article 24

Operational risk losses that are related to credit risk

1.   Competent authorities shall confirm that an institution identifies, collects and treats operational risk losses that are related to credit risk, as referred to in point (i) of Article 20(d), by verifying that the institution includes within the scope of operational risk loss, for the purposes of management of operational risk, at least the following:

(a)

frauds committed by a client of the institution on its own account, occurring in a credit product or credit process at the initial stage of the lifecycle of a credit relationship, including inducement to lending decisions based on counterfeit documents or miss-stated financial statements, such as non-existence or over-estimation of collaterals and counterfeit salary confirmation;

(b)

frauds committed by means of another, ignorant person's identity, including loan applications through electronic identity fraud using clients' data or fictitious identities or fraudulent use of clients' credit cards.

2.   For the purposes of paragraph 1, competent authorities shall confirm that the institution takes at least the following actions:

(a)

adjusts the data collection threshold relating to the loss events described in paragraph 1 up to comparable levels as those of the other operational risk categories of the AMA framework, where appropriate;

(b)

includes within the gross loss of the events described in paragraph 1 the total outstanding amount at the time or after the discovery of the fraud, and any related expenses, including interest in arrears and legal fees.

Article 25

External data

Competent authorities shall assess an institution's compliance with the standards relating to external data features, as referred to in point (ii) of Article 20(d), by verifying at least the following:

(a)

that, where the institution participates in consortia initiatives for the collection of operational risk events and losses, the institution is able to provide data of the same quality, in terms of scope, integrity and comprehensiveness, as internal data meeting the standards referred to in Articles 21, 22, 23, and 24 and that it does so consistently with the type of data requested by the consortia reporting standards;

(b)

that the institution has a data filtering process in place which allows the selection of relevant external data, based on specific established criteria and that the external data being used is relevant and consistent with the risk profile of the institution;

(c)

that, in order to avoid bias in parameter estimates, the filtering process results in a consistent selection of data regardless of the loss amount, and that, where the institution permits exceptions to this selection process, it has a policy providing criteria for exceptions and documentation supporting the rationale for those exceptions;

(d)

that, where the institution adopts a data scaling process involving the adjustment of loss amounts reported in external data, or of the related distributions, to fit the institution's business activities, nature and risk profile, the scaling process is systematic and statistically supported and that it provides outputs that are consistent with the institution's risk profile;

(e)

that the institution's scaling process is consistent over time and its validity and effectiveness are regularly reviewed.

Article 26

Scenario analysis

1.   Competent authorities shall assess an institution's compliance with the standards relating to scenario analysis, as referred to in point (iii) of Article 20(d), by verifying at least the following:

(a)

that the institution has a robust governance framework in place relating to the scenario process that generates credible and reliable estimates, irrespective of whether the scenario is used for evaluating high severity events or the overall operational risk exposures;

(b)

that the scenario process is clearly defined, well documented, repeatable and designed to reduce as much as possible subjectivity and biases, including:

(i)

the underestimation of risk due to the number of observed events being small;

(ii)

the misrepresentation of information due to scenario assessors' interests in conflict with the goals and consequences of the assessment;

(iii)

the overestimation of events with temporal proximity to the scenario assessors;

(iv)

the distortion of assessment due to the categories within which the responses are represented;

(v)

the bias in the information presented in background materials to survey questions or within the questions themselves.

(c)

that qualified and experienced facilitators provide consistency in the process;

(d)

that the assumptions used in the scenario process are based, to the maximum extent, on the relevant internal data and external data with an objective and unbiased selection process;

(e)

that the chosen number of scenarios, the level at, or units in, which scenarios are studied, are realistic and properly explained, and that the scenario estimates take into account relevant changes in the internal and external environments that can affect the institution's operational risk exposure;

(f)

that the scenario estimates are generated taking into account potential or probable operational risk events that have not yet, fully or partly, materialised in an operational risk loss;

(g)

that the scenario process and estimates are subject to a robust independent challenge process and oversight.

Article 27

Business Environment and Internal Control Factors

Competent authorities shall assess an institution's compliance with the standards relating to the BEICF as referred to in point (iv) of Article 20(d) by verifying at least the following

(a)

that the institution's BEICF are forward looking and reflect potential sources of operational risk, including rapid growth, the introduction of new products, employee turnover and system downtime;

(b)

that the institution has clear policy guidelines that limit the magnitude of reductions in the AMA own funds requirements resulting from BEICF adjustments;

(c)

that the BEICF adjustments referred to in point (b) are justified and that the appropriateness of their level is confirmed by comparison, over time, with the direction and magnitude of actual internal loss data, conditions in the business environment and changes in the validated effectiveness of controls.

SECTION 2

Core modelling assumptions of the operational risk measurement system

Article 28

General assessment

Competent authorities shall assess an institution's standards relating to the core modelling assumptions of the operational risk measurement system, as referred to in points (a) and (c) of Article 322(2) of Regulation (EU) No 575/2013, by verifying at least the following:

(a)

that the institution develops, implements and maintains an operational risk measurement system that is methodologically well founded, effective in capturing the institution's actual and potential operational risk, and reliable and robust in generating AMA own funds requirements;

(b)

that the institution has appropriate policies on the building of the calculation data set, in accordance with Article 29;

(c)

that the institution applies the appropriate level of granularity in its model, in accordance with Article 30;

(d)

that the institution has in place an appropriate process for the identification of loss distributions, in accordance with Article 31;

(e)

that the institution determines the aggregate loss distributions and risk measures in an appropriate manner, in accordance with Article 32.

Article 29

Building the calculation data set

For the purposes of assessing that an institution has appropriate policies on the building of the calculation data set, as referred to in point (b) of Article 28, competent authorities shall confirm at least the following:

(a)

that specific criteria and examples for the classification and treatment of operational risk events and losses within the calculation data set are defined by the institution, and that such criteria and examples provide a consistent treatment of loss data across the institution;

(b)

that the institution does not use loss net of insurance and ORTM recoveries in the calculation data set;

(c)

that the institution has adopted, for operational risk categories with low frequency of events, an observation period greater than the minimum referred to in point (a) of Article 322(3) of Regulation (EU) No 575/2013;

(d)

that the institution, in the course of building the calculation data set for the purposes of estimating frequency and severity distributions, uses the date of discovery or the date of accounting only, and uses a date no later than the date of accounting for including losses or provisions related to legal risk into the calculation dataset;

(e)

that the institution's choice of the minimum modelling threshold does not adversely impact the accuracy of the operational risk measures and that the use of minimum modelling thresholds that are much higher than the data collection thresholds is limited and, where applied, is properly justified by sensitivity analysis of various thresholds performed by the institution;

(f)

that the institution includes all operational losses above the chosen minimum modelling threshold in the calculation data set and that it uses them, irrespective of their level, for generating the AMA own funds requirements;

(g)

that the institution applies appropriate adjustment rates on the data where inflation or deflation effects are material;

(h)

that losses caused by root event in the form of a common operational risk event or by multiple events linked to an initial operational risk event generating events or losses are grouped and entered into the calculation data set as a single loss by the institution;

(i)

that any possible exceptions to the treatment laid down in point (h) are properly documented and justified to prevent undue reduction of the AMA own funds requirements;

(j)

that the institution does not discard from the AMA calculation data set material adjustments to operational risk losses of single or linked events, where the reference date of these adjustments falls within the observation period and the reference date of the initial, single event or root event referred to in point (h) falls outside such a period;

(k)

that the institution is able to distinguish, for each reference year included in the observation period, the loss amounts pertinent to events discovered or accounted for in that year from the loss amounts pertinent to adjustments or grouping of events discovered or accounted for in previous years.

Article 30

Granularity

For the purposes of assessing that an institution applies the appropriate level of granularity in its model, as referred to in point (c) of Article 28, competent authorities shall confirm at least the following:

(a)

that the institution takes into account the nature, complexity and idiosyncrasies of its business activities and the operational risks which it is exposed to, where grouping together risks sharing common factors and defining the operational risk categories of an AMA;

(b)

that the institution justifies its choice of level of granularity of its operational risk categories on the basis of qualitative and quantitative means, and that it classifies operational risk categories based on homogeneous, independent and stationary data;

(c)

that the institution's choice of level of granularity of its operational risk categories is realistic and does not adversely impact the conservatism of the model outcome or of its parts;

(d)

that the institution reviews the choice of level of granularity of its operational risk categories on a regular basis with the view to ensuring that it remains appropriate.

Article 31

Identification of the loss distributions

For the purposes of assessing that an institution has an appropriate process for the identification of frequency and severity of the distributions of loss, as referred to in point (d) of Article 28, competent authorities shall confirm at least the following:

(a)

that the institution follows a well specified, documented and traceable process for the selection, update and review of loss distributions and the estimate of their parameters;

(b)

that the process for the selection of the loss distributions results in consistent and clear choices by the institution, properly captures the risk profile in the tail and includes at least the following elements:

(i)

a process of using statistical tools, including graphs, measures of centre, variation, skewness and leptokurtosis to investigate the calculation data set for each operational risk category with the view to better understand the statistical profile of the data and selecting the most suitable distribution;

(ii)

appropriate techniques for the estimation of the distribution parameters;

(iii)

appropriate diagnostic tools for evaluating the distributions to the data, giving preference to those most sensitive to the tail;

(c)

that, in the course of selecting a loss distribution, the institution carefully considers the positive skewness and leptokurtosis of the data;

(d)

that, where the data are much dispersed in the tail, empirical curves are not used to estimate the tail region, but that instead sub-exponential distributions whose tail decays slower than the exponential distributions are used, unless exceptional reasons exist to apply other functions, which are in any case properly addressed and fully justified to prevent undue reduction of AMA own funds requirements;

(e)

that, where separate loss distributions are used for the body and for the tail, the institution carefully considers the choice of the body-tail modelling threshold;

(f)

that documented statistical support, supplemented as appropriate by qualitative elements, is provided for the selected body-tail modelling threshold;

(g)

that, in the course of estimating the parameters of the distribution, the institution either reflects the incompleteness of the calculation data set due to the presence of minimum modelling thresholds in the model or that it justifies the use of an incomplete calculation data set on the basis that it does not adversely impact the accuracy of the parameter estimates and AMA own funds requirements;

(h)

that the institution has in place methodologies to reduce the variability of estimates of parameters and provides measures of the error around these estimates including confidence intervals and p-values;

(i)

that, where the institution adopts robust estimators in the form of generalisations of classical estimators, with good statistical properties including high efficiency and low bias for a whole neighbourhood of the unknown underlying distribution of the data, it can demonstrate that their use does not underestimate the risk in the tail of the loss distribution;

(j)

that the institution assesses the goodness-of-fit between the data and the selected distribution by using diagnostic tools of both a graphical and a quantitative nature, which are more sensitive to the tail than to the body of the data, especially where the data are very dispersed in the tail;

(k)

that, where appropriate, including where the diagnostic tools do not lead to a clear choice for the best-fitting distribution or to mitigate the effect of the sample size and the number of estimated parameters in the goodness-of-fit tests, the institution uses evaluation methods that compare the relative performance of the loss distributions, including the Likelihood Ratio, the Akaike Information Criterion, and the Schwarz Bayesian Criterion;

(l)

that the institution has a regular cycle for controlling assumptions underlying the selected loss distributions, and that where assumptions are invalidated, including where they generate values outside established ranges, the institution has tested alternative methods and that it has properly classified any changes made to the assumptions, in accordance with Commission Delegated Regulation (EU) No 529/2014 (5).

Article 32

Determination of aggregated loss distributions and risk measures

For the purposes of assessing that an institution determines the aggregated loss distributions and risk measures in an appropriate manner, as referred to in point (e) of Article 28, competent authorities shall confirm at least the following:

(a)

that the techniques elaborated by the institution for that purpose ensure appropriate levels of precision and stability of the risk measures;

(b)

that the risk measures are supplemented with information on their level of accuracy;

(c)

that, irrespective of the techniques used to aggregate frequency and severity loss distributions, including Monte Carlo simulations, Fourier Transform-related methods, Panjer algorithm and Single Loss Approximations, the institution adopts criteria that mitigate sample and numerical related errors and provides a measure of the magnitude of these errors;

(d)

that, where Monte Carlo simulations are used, the number of steps to be performed is consistent with the shape of the distributions and with the confidence level to be achieved;

(e)

that, where the distribution of losses is heavy-tailed and measured at a high confidence level, the number of steps is sufficiently large to reduce sampling variability to an acceptable level;

(f)

that, where Fourier Transform or other numerical methods are used, algorithm stability and error propagation issues are carefully considered;

(g)

that the institution's risk measure generated by the operational risk measurement system fulfils the monotonic principle of risk, which can be seen in the generation of higher own fund requirements where the underlying risk profile increases and in the generation of lower own funds requirements where the underlying risk profile decreases;

(h)

that the institution's risk measure generated by the operational risk measurement system is realistic from a managerial and economical perspective, and more that the institution applies appropriate techniques to avoid capping the maximum single loss, unless it provides a clear objective rationale for the existence of an upper bound, and to avoid implying the non-existence of the first statistical moment of the distribution;

(i)

that the institution explicitly evaluates the robustness of the outcome of the operational risk measurement system by performing appropriate sensitivity analysis on the input data or its parameters.

SECTION 3

Expected loss and Correlation

Article 33

Expected losses

Competent authorities shall assess an institution's standards relating to expected losses, as referred to in point (a) of Article 322(2) of Regulation (EU) No 575/2013, by confirming that where the institution calculates the AMA own funds requirements only in relation to unexpected losses, it complies with at least the following requirements:

(a)

that the institution's methodology for the estimate of expected losses is consistent with the operational risk measurement system for the estimate of the AMA own funds requirements that comprises both expected losses and unexpected losses, and that the expected loss estimation process is done by operational risk category and is consistent over time;

(b)

that the institution defines the expected loss using statistics that are less influenced by extreme losses, including median and trimmed mean, especially in the case of medium- or heavy-tailed data;

(c)

that the maximum offset for expected loss applied by the institution is bound by the total expected loss and that the maximum offset for expected loss in each operational risk category is bound by the relevant expected loss calculated according to the institution's operational risk measurement system applied to that category;

(d)

that the offsets the institution allows for expected loss in each operational risk category are capital substitutes or that they are otherwise available to cover expected loss with a high degree of certainty over the one-year period;

(e)

that where the offset is something other than provisions, the institution limits the availability of the offset to those operations with highly predictable, stable and routine losses;

(f)

that the institution does not use specific reserves for exceptional operational risk loss events that have already occurred as expected loss offsets;

(g)

that the institution clearly documents how its expected loss is measured and captured, including how any expected loss offsets meet the conditions outlined in points from (a) to (f).

Article 34

Correlation

Competent authorities shall assess an institution's standards relating to correlation, as referred to in point (d) of Article 322(2) of Regulation (EU) No 575/2013, by confirming that where the institution calculates the AMA own funds requirements by recognising less than full correlation across individual operational risk estimates, it complies with at least the following requirements:

(a)

that the institution carefully considers any form of linear or non-linear dependence, relating to all the data, either to the body or to the tail, across two or more operational risk categories or within an operational risk category;

(b)

that the institution supports its correlation assumptions, to the greatest extent possible, on an appropriate combination of empirical data analysis and expert judgement;

(c)

that losses within each operational risk category are independent of each other;

(d)

that where the condition of point (c) is not met, dependent losses are aggregated together;

(e)

that, only where neither of the conditions of points (c) or (d) can be met, dependence within the operational risk categories is appropriately modelled;

(f)

that the institution carefully considers dependence between tail events;

(g)

that the institution does not base the dependence structure on Gaussian or Normal-like distributions;

(h)

that all assumptions regarding dependence used by the institution are conservative given the uncertainties relating to dependence modelling for operational risk, and that the degree of conservatism used by the institution increases as the rigour of the dependence assumptions and the reliability of the resulting own funds requirements decrease;

(i)

that the institution properly justifies the dependence assumptions it uses and that it regularly performs sensitivity analyses with the view to assessing the effect of the dependence assumptions on its AMA own funds requirements.

SECTION 4

Capital allocation mechanism

Article 35

Consistency of the operational risk measurement system

Competent authorities shall assess an institution's standards relating to the internal consistency of the operational risk measurement system, as referred to in point (e) of Article 322(2) of Regulation (EU) No 575/2013, by confirming at least the following:

(a)

that the institution's capital allocation mechanism is consistent with the institution's risk profile and with the overall design of the operational risk measurement system;

(b)

that allocation of the AMA own funds requirements takes into account potential internal differences in risk and quality of operational risk management and internal control between the parts of the group to which the AMA own funds requirements are allocated;

(c)

that there is no observable current or foreseen practical or legal impediment to the prompt transfer of own funds or repayment of liabilities;

(d)

that the allocation of the AMA own funds requirements from the consolidated group level downwards to the parts of the group involved in the operational risk measurement system relies on sound and to, the maximum extent, risk sensitive methodologies.

CHAPTER 4

INSURANCE AND OTHER RISK TRANSFER MECHANISMS

Article 36

General principles

Competent authorities shall assess an institution's compliance with the requirements relating to the impact of insurance and ORTM within an AMA, as referred to in the last sentence of point (e) of Article 322(2) and in Article 323 of Regulation (EU) No 575/2013, by confirming at least the following:

(a)

that the insurance provider meets the authorisation requirements referred to in Article 323(2) of Regulation (EU) No 575/2013, in accordance with Article 37;

(b)

that the insurance is provided via a third party, as referred to in point (e) of Article 323(3) of Regulation (EU) No 575/2013, in accordance with Article 38;

(c)

that the institution avoids the multiple counting of risk mitigation techniques, as referred to in point (e) of Article 322(2) of Regulation (EU) No 575/2013, in accordance with Article 39;

(d)

that the risk mitigation calculation appropriately reflects the insurance coverage, as referred to in point (d) of Article 323(3) of Regulation (EU) No 575/2013, and that the framework for recognising insurance is well reasoned and documented, as referred to in point (f) of Article 323(3) of that Regulation, including the following:

(i)

the insurance coverage relates to the institution's operational risk profile, in accordance with Article 40;

(ii)

the institution uses a sophisticated risk mitigation calculation, in accordance with Article 41;

(iii)

the risk mitigation calculation is aligned to the institution's operational risk profile in a timely fashion, in accordance with Article 42.

(e)

that the institution's methodology for recognising insurance captures all the relevant elements through discounts or haircuts in the amount of insurance recognition, as referred to in points (a) and (b) of Article 323(3) and in Article 323(4) of Regulation (EU) No 575/2013, in accordance with Article 43;

(f)

that the institution demonstrates that a noticeable risk mitigating effect is achieved with the introduction of the ORTM, as referred to in the second sentence of Article 323(1) of Regulation (EU) No 575/2013, in accordance with Article 44.

Article 37

Authorisation equivalence of the insurance provider

For the purposes of assessing the authorisation requirements of the insurance provider as referred to in Article 36(a), competent authorities shall consider that an undertaking authorised in a third country fulfils the requirements of authorisation, where that undertaking satisfies prudential requirements that are equivalent to those applied in the Union, including the requirements referred to in Article 323 of Regulation (EU) No 575/2013.

Article 38

Provision of the insurance via a third party

1.   For the purposes of assessing that the insurance coverage for the purposes of AMA own funds requirements is provided by a third-party entity, as referred to in Article 36(b), competent authorities shall confirm, on the basis of the comprehensive view of an institution's consolidated situation as referred to in Article 4(1), point (47) of Regulation (EU) No 575/2013, that neither the institution nor any other of the entities included in the scope of consolidation has a participation or a qualifying holding, as referred to in Article 4(1), points (35) and (36) respectively, of Regulation (EU) No 575/2013, in the party providing the insurance.

2.   Where the requirements of paragraph 1 are partially met, only that portion of the insurance provided where ultimate liability rests with an eligible third-party entity by virtue of the fact that the risk is effectively transferred outside of the consolidated entities shall be considered as insurance provided via a third party.

Article 39

Multiple counting of risk mitigation techniques

For the purposes of assessing that the insurance coverage for the purposes of AMA own funds requirements avoids the multiple counting of risk mitigation techniques, as referred to in Article 36(c), competent authorities shall confirm that an institution has taken reasonable steps to ensure that neither the institution nor any of the entities included in the scope of the consolidation is knowingly re-insuring contracts that cover operational risk events forming the object of the initial insurance arrangement entered into by the institution.

Article 40

Insurance risk mapping process

1.   For the purposes of assessing that the insurance coverage relates to an institution's risk profile, as referred to in point (i) of Article 36(d), competent authorities shall confirm that an institution has carried out a well-documented and well-reasoned insurance risk mapping process whereby the institution develops an insurance coverage consistent with the likelihood and impact of all operational risk losses that it may potentially face.

2.   For the purposes of paragraph 1, competent authorities shall confirm that the institution complies with at least the following:

(a)

estimates the probability of insurance recovery and the possible timeframe for the receipt of payments by insurers, including the likelihood of a claim being litigated, the length of that process and current settlement rates and terms, based on the experience of its insurance risk management team, supported where necessary by appropriate external expertise including claims counsel, brokers and carriers;

(b)

uses the estimates resulting from point (a) to assess the performance of insurance in the event of an operational risk loss and designs this process with the view to assessing the insurance response for all relevant loss and scenario data being entered into the operational risk measurement system;

(c)

maps the insurance policies based on their assessment resulting from point (b) to the institution's own operational risks at the maximum level of detail, using all the information sources available, including internal data, external data and scenario estimates;

(d)

employs the appropriate expertise and conducts this mapping with transparency and consistency;

(e)

assigns the appropriate weight to the past and expected performance of insurance through an assessment of the components of the insurance policy;

(f)

obtains formal approval from the appropriate risk body or committee;

(g)

periodically re-examines the insurance mapping process.

Article 41

Use of a sophisticated risk mitigation calculation

For the purposes of assessing that an institution uses a sophisticated risk mitigation calculation, as referred to in point (ii) of Article 36(d), competent authorities shall confirm that the modelling approach for incorporating the insurance coverage within the AMA meets at least the following:

(a)

it is consistent with the operational risk measurement system adopted to quantify the gross-of-insurance losses;

(b)

it is transparent in its relationship with the actual likelihood and impact of losses used in the institution's overall determination of its AMA own funds requirements, and is also consistent with that relationship.

Article 42

Alignment of the risk mitigation calculation with the operational risk profile

For the purposes of assessing that the risk mitigation calculation is aligned with an institution's operational risk profile in a timely fashion, as referred to in point (iii) of Article 36(d), competent authorities shall confirm at least the following:

(a)

that the institution has reviewed the use of insurance and has recalculated the AMA own funds requirements, as appropriate, where the nature of the insurance has changed significantly or where there is a major change in the institution's operational risk profile;

(b)

where material losses are incurred, affecting the insurance coverage, that the institution recalculates the AMA own funds requirements with an additional margin of conservatism;

(c)

where there is an unexpected termination or reduction of the insurance coverage, that the institution is prepared to immediately replace the insurance policy on equivalent or improved terms, conditions and coverage, or to increase its AMA own funds requirements to a gross-of-insurance level;

(d)

that the institution calculates capital gross- and net-of-insurance, at a level of granularity such that any erosion in the amount of insurance available, including by payment of a material loss, or a change in insurance coverage, can be immediately recognised for its effect on the AMA own funds requirements.

Article 43

Capture of all the relevant elements

1.   For the purposes of assessing that an institution's methodology for recognising insurance captures all the relevant elements through discounts or haircuts in the amount of insurance recognition, as referred to in Article 36(e), competent authorities shall confirm at least the following:

(a)

that the institution investigates the various factors that create the risk that the insurance provider will not make the payments as expected and decrease the effectiveness of the risk transfer, including the ability of the insurer to pay in a timely manner and the ability of the institution to identify, analyse and report the claim in a timely manner;

(b)

that the institution investigates how the various factors referred to in point (a) have affected the mitigating impact of insurance on the operational risk profile in the past and how they may affect it in the future;

(c)

that the institution reflects the uncertainties referred to in point (a) in its AMA own funds requirements, through appropriately conservative haircuts;

(d)

that the institution carefully takes into account the characteristics of the insurance policies, including whether those policies cover only losses that are claimed or notified to the insurer during the policy term, therefore any loss that is discovered after the policy expires is not covered, or whether they cover losses that are incurred during the policy term, even where they are not discovered and the claim is not lodged until after the expiration of the policy, or whether the losses are first-party direct losses or third-party liability losses;

(e)

that the institution considers and fully documents data on insurance pay-outs by loss type in its loss databases and sets haircuts accordingly;

(f)

that the institution has in place procedures for loss identification, analysis and claims processing, with the view to verifying the actual coverage protection provided by the insurer or the ability to receive the claim payment funds within a reasonable timeframe;

(g)

that the institution explicitly quantifies and models separately the haircuts in relation to each of the identified relevant uncertainties instead of applying one single haircut into the calculation covering all uncertainties or an ex post calculation haircut;

(h)

that the institution takes into account the recognition of the insurer's claims-paying ability risk to the maximum extent, by applying appropriate haircuts in the insurance modelling methodology;

(i)

that the institution ensures that the claims-paying ability risk for counterparty default is assessed on the basis of the credit quality of the insurance company responsible under the given insurance contract, irrespective of whether the insurance company's parent institution has a better rating or whether the risk is transferred to a third party;

(j)

that the institution makes conservative assumptions relating to the renewal of insurance policies on the basis of equivalent terms, conditions, and coverage as the original or existing contracts;

(k)

that the institution has processes in place to ensure that the potential exhaustion of insurance policy limits and the price and availability of reinstatements of cover as well as the cases where the coverage of the insurance contract does not match the operational risk profile of the institution are appropriately reflected in its AMA insurance methodology.

2.   For the purposes of paragraph 1, competent authorities may consider that the requirement for the institution to apply haircuts for the time remaining until the expiry of the insurance contract or for the cancellation term is not necessary where the cover will be renewed and continuous and where at least one of the following conditions is met:

(a)

where the institution can demonstrate the existence of continuous cover on equivalent or improved terms, conditions and coverage for at least 365 days;

(b)

where the institution has in place a policy that cannot be cancelled by the insurer, other than for non-payment of premium, or which has a cancellation period of more than one year.

Article 44

Other risk transfer mechanisms

For the purposes of assessing that an institution has demonstrated that a noticeable risk mitigating effect is achieved with the introduction of ORTM, as referred to in Article 36(f), competent authorities shall apply at least the following:

(a)

confirm that the institution has experience in using ORTM instruments and their characteristics, including probability of coverage and timeliness of payment, before these instruments can be recognized in the institution's operational risk measurement system;

(b)

refuse ORTM as eligible risk mitigation instruments of the AMA own funds requirements where the ORTM are held or used for trading purposes rather than for risk management purposes;

(c)

verify the eligibility of the protection seller including whether it is a regulated or unregulated entity, and the nature and characteristics of the protection provided, whether it is funded protection, securitization, guarantee mechanism or derivatives;

(d)

confirm that outsourced activities are not considered part of ORTM;

(e)

confirm that the institution calculates the AMA own funds requirements gross- and net-of-ORTM for each capital calculation, at a level of granularity such that any erosion in the amount of protection available, can be immediately recognised for its effect on capital requirements;

(f)

confirm that where material losses are incurred, affecting the coverage provided by the ORTM or where changes in the ORTM contracts create major uncertainty as to their coverage, the institution recalculates its AMA own funds requirements with an additional margin of conservatism.

CHAPTER 5

FINAL PROVISION

Article 45

Transitional provision

With regard to the assessment of the AMA, referred to in Article 1, of an institution which, on the date of entry into force of this Regulation, is already using an AMA for the purpose of calculating its own funds requirements for operational risk, or of an institution which has already applied for a permission to use an AMA for that purpose, both of the following shall apply:

(a)

this Regulation shall apply from one year after its entry into force;

(b)

Article 34(g) shall apply from two years after its entry into force.

Article 46

Entry into force

This Regulation shall enter into force on the twentieth day following that of its publication in the Official Journal of the European Union.

This Regulation shall be binding in its entirety and directly applicable in all Member States.

Done at Brussels, 14 March 2018.

For the Commission

The President

Jean-Claude JUNCKER


(1)  OJ L 176, 27.6.2013, p. 1.

(2)  Directive 2013/36/EU of the European Parliament and of the Council of 26 June 2013 on access to the activity of credit institutions and the prudential supervision of credit institutions and investment firms, amending Directive 2002/87/EC and repealing Directives 2006/48/EC and 2006/49/EC (OJ L 176, 27.6.2013, p. 338).

(3)  Commission Delegated Regulation (EU) 2016/101 of 26 October 2015 supplementing Regulation (EU) No 575/2013 of the European Parliament and of the Council with regard to regulatory technical standards for prudent valuation under Article 105(14), OJ L 21, 28.1.2016, p. 54.

(4)  Regulation (EU) No 1093/2010 of the European Parliament and of the Council of 24 November 2010 establishing a European Supervisory Authority (European Banking Authority), amending Decision No 716/2009/EC and repealing Commission Decision 2009/78/EC (OJ L 331, 15.12.2010, p. 12).

(5)  Commission Delegated Regulation (EC) No 529/2014 of 12 March 2014 supplementing Regulation (EU) No 575/2013 of the European Parliament and of the Council with regard to regulatory technical standards for assessing the materiality of extensions and changes of the Internal Ratings Based Approach and the Advanced Measurement Approach (OJ L 148, 20.5.2014, p. 36).


6.7.2018   

EN

Official Journal of the European Union

L 169/27


COMMISSION REGULATION (EU) 2018/960

of 5 July 2018

amending Annexes II and III to Regulation (EC) No 396/2005 of the European Parliament and of the Council as regards maximum residue levels for lambda-cyhalothrin in or on certain products

(Text with EEA relevance)

THE EUROPEAN COMMISSION,

Having regard to the Treaty on the Functioning of the European Union,

Having regard to Regulation (EC) No 396/2005 of the European Parliament and of the Council of 23 February 2005 on maximum residue levels of pesticides in or on food and feed of plant and animal origin and amending Council Directive 91/414/EEC (1), and in particular Article 14(1)(a) and Article 49(2) thereof,

Whereas:

(1)

For lambda-cyhalothrin maximum residue levels (MRLs) were set in Part B of Annex III to Regulation (EC) No 396/2005.

(2)

For lambda-cyhalothrin the European Food Safety Authority (the Authority), submitted a reasoned opinion on the review of the existing MRLs in accordance with Article 12(2) of Regulation (EC) No 396/2005 in conjunction with Article 12(1) thereof (2). The Authority subsequently submitted a conclusion on the peer review of lambda-cyhalothrin (3), in which the analytical endpoints of the substance were updated. In accordance with Article 43 of Regulation (EC) No 396/2005 the Commission requested the Authority to revise the assessment of lambda-cyhalothrin taking into account the new endpoints. On 2 December 2015, the Authority submitted a reasoned opinion on the revision of the review of the existing MRLs for lambda-cyhalothrin (4). The residue definition of lambda-cyhalothrin covers also the substance gamma-cyhalothrin. The Commission asked the Authority, in accordance with Article 43 of Regulation (EC) No 396/2005, to review the MRLs for lambda-cyhalothrin, taking into account also the possible uses of gamma-cyhalothrin. On 26 July 2017 the Authority submitted a reasoned opinion on the focused review on the existing MRLs for lambda-cyhalothrin in light of the unspecific residue definition (5).

(3)

The Authority proposed to change the residue definition for all products. It identified a risk for consumers concerning the MRLs for kale and rice grain. It is therefore appropriate to lower these MRLs. The Authority concluded that concerning the MRLs of all products some information was not available and that further consideration by risk managers was required. As there is no risk for consumers, the MRLs for those products should be set in Annex II to Regulation (EC) No 396/2005 at the existing level or the level identified by the Authority. The Authority also concluded that concerning the MRLs for sunflower seeds, soya beans and tea no information was available and that further consideration by risk managers was required. The MRLs for these products should be set at the specific limit of determination or at the default MRL as set out in Article 18(1)(b) of Regulation (EC) No 396/2005.

(4)

As regards products on which the use of the plant protection product concerned is not authorised, and for which no import tolerances or Codex maximum residue limits (CXLs) exist, MRLs should be set at the specific limit of determination or the default MRL should apply, as provided for in Article 18(1)(b) of Regulation (EC) No 396/2005.

(5)

The Commission consulted the European Union reference laboratories for residues of pesticides as regards the need to adapt certain limits of determination. As regards several substances, those laboratories concluded that for certain commodities technical development requires the setting of specific limits of determination.

(6)

Based on the reasoned opinions of the Authority and taking into account the factors relevant to the matter under consideration, the appropriate modifications to the MRLs fulfil the requirements of Article 14(2) of Regulation (EC) No 396/2005.

(7)

Through the World Trade Organisation, the trading partners of the Union were consulted on the new MRLs and their comments have been taken into account.

(8)

Regulation (EC) No 396/2005 should therefore be amended accordingly.

(9)

In order to allow for the normal marketing, processing and consumption of products, this Regulation should provide for a transitional arrangement for products which have been produced before the modification of the MRLs and for which information shows that a high level of consumer protection is maintained.

(10)

A reasonable period should be allowed to elapse before the modified MRLs become applicable in order to permit Member States, third countries and food business operators to prepare themselves to meet the new requirements which will result from the modification of the MRLs.

(11)

The measures provided for in this Regulation are in accordance with the opinion of the Standing Committee on Plants, Animals, Food and Feed,

HAS ADOPTED THIS REGULATION:

Article 1

Annexes II and III to Regulation (EC) No 396/2005 are amended in accordance with the Annex to this Regulation.

Article 2

As regards the active substance lambda-cyhalothrin in and on all products, except kale and rice grain, Regulation (EC) No 396/2005 as it stood before being amended by this Regulation shall continue to apply to products which were produced in the EU or imported into the EU before 26 January 2019.

Article 3

This Regulation shall enter into force on the twentieth day following that of its publication in the Official Journal of the European Union.

It shall apply from 26 January 2019.

This Regulation shall be binding in its entirety and directly applicable in all Member States.

Done at Brussels, 5 July 2018.

For the Commission

The President

Jean-Claude JUNCKER


(1)  OJ L 70, 16.3.2005, p. 1.

(2)  European Food Safety Authority, 2014. Reasoned opinion on the review of the existing maximum residue levels (MRLs) for lambda-cyhalothrin according to Article 12 of Regulation (EC) No 396/2005. EFSA Journal 2014;12(1):3546.

(3)  European Food Safety Authority, 2014. Conclusion on the peer review of the pesticide risk assessment of the active substance lambda-cyhalothrin. EFSA Journal 2014;12(5):3677.

(4)  EFSA (European Food Safety Authority), 2015. Reasoned opinion on the revision of the review of the existing maximum residue levels for lambda-cyhalothrin. EFSA Journal 2015;13(12):4324.

(5)  EFSA (European Food Safety Authority), 2017. Reasoned opinion on the focused review of the existing maximum residue levels for lambda-cyhalothrin in light of the unspecific residue definition and the existing good agricultural practices for the substance gamma-cyhalothrin. EFSA journal 2017;15(7):4930.


ANNEX

Annexes II and III to Regulation (EC) No 396/2005 are amended as follows:

(1)

in Annex II the following column for lambda-cyhalothrin is added:

Pesticide residues and maximum residue levels (mg/kg)

Code number

Groups and examples of individual products to which the MRLs apply (1)

Lambda-cyhalothrin (includes gamma-cyhalothrin) (sum of R,S and S,R isomers) (F)

(1)

(2)

(3)

0100000

FRUITS, FRESH or FROZEN; TREE NUTS

 

0110000

Citrus fruits

0,2 (+)

0110010

Grapefruits

 

0110020

Oranges

 

0110030

Lemons

 

0110040

Limes

 

0110050

Mandarins

 

0110990

Others (2)

 

0120000

Tree nuts

0,01  (*1) (+)

0120010

Almonds

 

0120020

Brazil nuts

 

0120030

Cashew nuts

 

0120040

Chestnuts

 

0120050

Coconuts

 

0120060

Hazelnuts/cobnuts

 

0120070

Macadamias

 

0120080

Pecans

 

0120090

Pine nut kernels

 

0120100

Pistachios

 

0120110

Walnuts

 

0120990

Others (2)

 

0130000

Pome fruits

(+)

0130010

Apples

0,08

0130020

Pears

0,08

0130030

Quinces

0,2

0130040

Medlars

0,2

0130050

Loquats/Japanese medlars

0,2

0130990

Others (2)

0,01  (*1)

0140000

Stone fruits

 

0140010

Apricots

0,15 (+)

0140020

Cherries (sweet)

0,3 (+)

0140030

Peaches

0,15 (+)

0140040

Plums

0,2 (+)

0140990

Others (2)

0,01  (*1) (+)

0150000

Berries and small fruits

(+)

0151000

(a)

grapes

 

0151010

Table grapes

0,08

0151020

Wine grapes

0,2

0152000

(b)

strawberries

0,2

0153000

(c)

cane fruits

0,2

0153010

Blackberries

 

0153020

Dewberries

 

0153030

Raspberries (red and yellow)

 

0153990

Others (2)

 

0154000

(d)

other small fruits and berries

 

0154010

Blueberries

0,2

0154020

Cranberries

0,2

0154030

Currants (black, red and white)

0,2

0154040

Gooseberries (green, red and yellow)

0,2

0154050

Rose hips

0,2

0154060

Mulberries (black and white)

0,2

0154070

Azaroles/Mediterranean medlars

0,2

0154080

Elderberries

0,2

0154990

Others (2)

0,01  (*1)

0160000

Miscellaneous fruits with

 

0161000

(a)

edible peel

(+)

0161010

Dates

0,01  (*1)

0161020

Figs

0,01  (*1)

0161030

Table olives

1

0161040

Kumquats

0,01  (*1)

0161050

Carambolas

0,01  (*1)

0161060

Kaki/Japanese persimmons

0,09

0161070

Jambuls/jambolans

0,01  (*1)

0161990

Others (2)

0,01  (*1)

0162000

(b)

inedible peel, small

(+)

0162010

Kiwi fruits (green, red, yellow)

0,05

0162020

Litchis/lychees

0,01  (*1)

0162030

Passionfruits/maracujas

0,01  (*1)

0162040

Prickly pears/cactus fruits

0,01  (*1)

0162050

Star apples/cainitos

0,01  (*1)

0162060

American persimmons/Virginia kaki

0,01  (*1)

0162990

Others (2)

0,01  (*1)

0163000

(c)

inedible peel, large

(+)

0163010

Avocados

0,01  (*1)

0163020

Bananas

0,15

0163030

Mangoes

0,2

0163040

Papayas

0,01  (*1)

0163050

Granate apples/pomegranates

0,01  (*1)

0163060

Cherimoyas

0,01  (*1)

0163070

Guavas

0,01  (*1)

0163080

Pineapples

0,01  (*1)

0163090

Breadfruits

0,01  (*1)

0163100

Durians

0,01  (*1)

0163110

Soursops/guanabanas

0,01  (*1)

0163990

Others (2)

0,01  (*1)

0200000

VEGETABLES, FRESH or FROZEN

(+)

0210000

Root and tuber vegetables

 

0211000

(a)

potatoes

0,01  (*1)

0212000

(b)

tropical root and tuber vegetables

0,01  (*1)

0212010

Cassava roots/manioc

 

0212020

Sweet potatoes

 

0212030

Yams

 

0212040

Arrowroots

 

0212990

Others (2)

 

0213000

(c)

other root and tuber vegetables except sugar beets

 

0213010

Beetroots

0,04

0213020

Carrots

0,04

0213030

Celeriacs/turnip rooted celeries

0,07

0213040

Horseradishes

0,04

0213050

Jerusalem artichokes

0,04

0213060

Parsnips

0,04

0213070

Parsley roots/Hamburg roots parsley

0,04

0213080

Radishes

0,15

0213090

Salsifies

0,04

0213100

Swedes/rutabagas

0,04

0213110

Turnips

0,04

0213990

Others (2)

0,01  (*1)

0220000

Bulb vegetables

0,2

0220010

Garlic

 

0220020

Onions

 

0220030

Shallots

 

0220040

Spring onions/green onions and Welsh onions

 

0220990

Others (2)

 

0230000

Fruiting vegetables

 

0231000

(a)

Solanaceae and Malvaceae

 

0231010

Tomatoes

0,07

0231020

Sweet peppers/bell peppers

0,1

0231030

Aubergines/eggplants

0,3

0231040

Okra/lady's fingers

0,3

0231990

Others (2)

0,01  (*1)

0232000

(b)

cucurbits with edible peel

 

0232010

Cucumbers

0,05

0232020

Gherkins

0,15

0232030

Courgettes

0,15

0232990

Others (2)

0,01  (*1)

0233000

(c)

cucurbits with inedible peel

0,06

0233010

Melons

 

0233020

Pumpkins

 

0233030

Watermelons

 

0233990

Others (2)

 

0234000

(d)

sweet corn

0,05

0239000

(e)

other fruiting vegetables

0,01  (*1)

0240000

Brassica vegetables (excluding brassica roots and brassica baby leaf crops)

 

0241000

(a)

flowering brassica

0,1

0241010

Broccoli

 

0241020

Cauliflowers

 

0241990

Others (2)

 

0242000

(b)

head brassica

 

0242010

Brussels sprouts

0,04

0242020

Head cabbages

0,15

0242990

Others (2)

0,01  (*1)

0243000

(c)

leafy brassica

 

0243010

Chinese cabbages/pe-tsai

0,3

0243020

Kales

0,01  (*1)

0243990

Others (2)

0,01  (*1)

0244000

(d)

kohlrabies

0,01  (*1)

0250000

Leaf vegetables, herbs and edible flowers

 

0251000

(a)

lettuces and salad plants

 

0251010

Lamb's lettuces/corn salads

1,5

0251020

Lettuces

0,15

0251030

Escaroles/broad-leaved endives

0,07

0251040

Cresses and other sprouts and shoots

0,7

0251050

Land cresses

0,7

0251060

Roman rocket/rucola

0,7

0251070

Red mustards

0,01  (*1)

0251080

Baby leaf crops (including brassica species)

0,7

0251990

Others (2)

0,01  (*1)

0252000

(b)

spinaches and similar leaves

 

0252010

Spinaches

0,6

0252020

Purslanes

0,01  (*1)

0252030

Chards/beet leaves

0,2

0252990

Others (2)

0,01  (*1)

0253000

(c)

grape leaves and similar species

0,01  (*1)

0254000

(d)

watercresses

0,01  (*1)

0255000

(e)

witloofs/Belgian endives

0,01  (*1)

0256000

(f)

herbs and edible flowers

0,7

0256010

Chervil

 

0256020

Chives

 

0256030

Celery leaves

 

0256040

Parsley

 

0256050

Sage

 

0256060

Rosemary

 

0256070

Thyme

 

0256080

Basil and edible flowers

 

0256090

Laurel/bay leaves

 

0256100

Tarragon

 

0256990

Others (2)

 

0260000

Legume vegetables

 

0260010

Beans (with pods)

0,4

0260020

Beans (without pods)

0,2

0260030

Peas (with pods)

0,2

0260040

Peas (without pods)

0,2

0260050

Lentils

0,2

0260990

Others (2)

0,01  (*1)

0270000

Stem vegetables

 

0270010

Asparagus

0,02

0270020

Cardoons

0,01  (*1)

0270030

Celeries

0,03

0270040

Florence fennels

0,2

0270050

Globe artichokes

0,15

0270060

Leeks

0,07

0270070

Rhubarbs

0,01  (*1)

0270080

Bamboo shoots

0,01  (*1)

0270090

Palm hearts

0,01  (*1)

0270990

Others (2)

0,01  (*1)

0280000

Fungi, mosses and lichens

 

0280010

Cultivated fungi

0,01  (*1)

0280020

Wild fungi

0,5

0280990

Mosses and lichens

0,01  (*1)

0290000

Algae and prokaryotes organisms

0,01  (*1)

0300000

PULSES

0,05 (+)

0300010

Beans

 

0300020

Lentils

 

0300030

Peas

 

0300040

Lupins/lupini beans

 

0300990

Others (2)

 

0400000

OILSEEDS AND OIL FRUITS

(+)

0401000

Oilseeds

 

0401010

Linseeds

0,2

0401020

Peanuts/groundnuts

0,2

0401030

Poppy seeds

0,2

0401040

Sesame seeds

0,2

0401050

Sunflower seeds

0,01  (*1)

0401060

Rapeseeds/canola seeds

0,2

0401070

Soyabeans

0,01  (*1)

0401080

Mustard seeds

0,2

0401090

Cotton seeds

0,2

0401100

Pumpkin seeds

0,2

0401110

Safflower seeds

0,2

0401120

Borage seeds

0,2

0401130

Gold of pleasure seeds

0,2

0401140

Hemp seeds

0,2

0401150

Castor beans

0,2

0401990

Others (2)

0,01  (*1)

0402000

Oil fruits

 

0402010

Olives for oil production

0,5

0402020

Oil palms kernels

0,01  (*1)

0402030

Oil palms fruits

0,01  (*1)

0402040

Kapok

0,01  (*1)

0402990

Others (2)

0,01  (*1)

0500000

CEREALS

(+)

0500010

Barley

0,5

0500020

Buckwheat and other pseudocereals

0,01  (*1)

0500030

Maize/corn

0,02

0500040

Common millet/proso millet

0,01  (*1)

0500050

Oat

0,3

0500060

Rice

0,01  (*1)

0500070

Rye

0,01  (*1)

0500080

Sorghum

0,01  (*1)

0500090

Wheat

0,05

0500990

Others (2)

0,01  (*1)

0600000

TEAS, COFFEE, HERBAL INFUSIONS, COCOA AND CAROBS

0,01  (*1) (+)

0610000

Teas

 

0620000

Coffee beans

 

0630000

Herbal infusions from

 

0631000

(a)

flowers

 

0631010

Chamomile

 

0631020

Hibiscus/roselle

 

0631030

Rose

 

0631040

Jasmine

 

0631050

Lime/linden

 

0631990

Others (2)

 

0632000

(b)

leaves and herbs

 

0632010

Strawberry

 

0632020

Rooibos

 

0632030

Mate/maté

 

0632990

Others (2)

 

0633000

(c)

roots

 

0633010

Valerian

 

0633020

Ginseng

 

0633990

Others (2)

 

0639000

(d)

any other parts of the plant

 

0640000

Cocoa beans

 

0650000

Carobs/Saint John's breads

 

0700000

HOPS

10 (+)

0800000

SPICES

(+)

0810000

Seed spices

0,01  (*1)

0810010

Anise/aniseed

 

0810020

Black caraway/black cumin

 

0810030

Celery

 

0810040

Coriander

 

0810050

Cumin

 

0810060

Dill

 

0810070

Fennel

 

0810080

Fenugreek

 

0810090

Nutmeg

 

0810990

Others (2)

 

0820000

Fruit spices

 

0820010

Allspice/pimento

0,03

0820020

Sichuan pepper

0,03

0820030

Caraway

0,03

0820040

Cardamom

2

0820050

Juniper berry

0,03

0820060

Peppercorn (black, green and white)

0,03

0820070

Vanilla

0,03

0820080

Tamarind

0,03

0820990

Others (2)

0,01  (*1)

0830000

Bark spices

0,01  (*1)

0830010

Cinnamon

 

0830990

Others (2)

 

0840000

Root and rhizome spices

 

0840010

Liquorice

0,05

0840020

Ginger (10)

0,05 (+)

0840030

Turmeric/curcuma

0,05

0840040

Horseradish (11)

(+)

0840990

Others (2)

0,05

0850000

Bud spices

0,01  (*1)

0850010

Cloves

 

0850020

Capers

 

0850990

Others (2)

 

0860000

Flower pistil spices

0,01  (*1)

0860010

Saffron

 

0860990

Others (2)

 

0870000

Aril spices

0,01  (*1)

0870010

Mace

 

0870990

Others (2)

 

0900000

SUGAR PLANTS

(+)

0900010

Sugar beet roots

0,01  (*1)

0900020

Sugar canes

0,05

0900030

Chicory roots

0,01  (*1)

0900990

Others (2)

0,01  (*1)

1000000

PRODUCTS OF ANIMAL ORIGIN -TERRESTRIAL ANIMALS

(+)

1010000

Commodities from

 

1011000

(a)

swine

 

1011010

Muscle

0,15

1011020

Fat

3

1011030

Liver

0,05

1011040

Kidney

0,2

1011050

Edible offals (other than liver and kidney)

3

1011990

Others (2)

0,01  (*1)

1012000

(b)

bovine

 

1012010

Muscle

0,02

1012020

Fat

3

1012030

Liver

0,05

1012040

Kidney

0,2

1012050

Edible offals (other than liver and kidney)

3

1012990

Others (2)

0,01  (*1)

1013000

(c)

sheep

 

1013010

Muscle

0,02

1013020

Fat

3

1013030

Liver

0,05

1013040

Kidney

0,2

1013050

Edible offals (other than liver and kidney)

3

1013990

Others (2)

0,01  (*1)

1014000

(d)

goat

 

1014010

Muscle

0,15

1014020

Fat

3

1014030

Liver

0,05

1014040

Kidney

0,2

1014050

Edible offals (other than liver and kidney)

3

1014990

Others (2)

0,01  (*1)

1015000

(e)

equine

 

1015010

Muscle

0,02

1015020

Fat

3

1015030

Liver

0,05

1015040

Kidney

0,2

1015050

Edible offals (other than liver and kidney)

3

1015990

Others (2)

0,01  (*1)

1016000

(f)

poultry

0,01  (*1)

1016010

Muscle

 

1016020

Fat

 

1016030

Liver

 

1016040

Kidney

 

1016050

Edible offals (other than liver and kidney)

 

1016990

Others (2)

 

1017000

(g)

other farmed terrestrial animals

 

1017010

Muscle

0,02

1017020

Fat

3

1017030

Liver

0,05

1017040

Kidney

0,2

1017050

Edible offals (other than liver and kidney)

3

1017990

Others (2)

0,01  (*1)

1020000

Milk

0,02

1020010

Cattle

 

1020020

Sheep

 

1020030

Goat

 

1020040

Horse

 

1020990

Others (2)

 

1030000

Birds eggs

0,01  (*1)

1030010

Chicken

 

1030020

Duck

 

1030030

Geese

 

1030040

Quail

 

1030990

Others (2)

 

1040000

Honey and other apiculture products (7)

0,05  (*1)

1050000

Amphibians and Reptiles

0,01  (*1)

1060000

Terrestrial invertebrate animals

0,01  (*1)

1070000

Wild terrestrial vertebrate animals

0,01  (*1)

1100000

PRODUCTS OF ANIMAL ORIGIN - FISH, FISHPRODUCTS AND ANY OTHER MARINE AND FRESHWATER FOOD PRODUCTS (8)

 

1200000

PRODUCTS OR PART OF PRODUCTS EXCLUSIVELY USED FOR ANIMAL FEED PRODUCTION (8)

 

1300000

PROCESSED FOOD PRODUCTS (9)

 

(**)

Pesticide-code combination for which the MRL as set in Annex III Part B applies.

(F)

=

Fat soluble

Lambda-cyhalothrin (includes gamma-cyhalothrin) (sum of R,S and S,R isomers) (F)

(+)

The European Food Safety Authority identified some information on certain metabolites (compounds Ia, IV and gamma-lactone) formed under sterilization conditions and storage stability as unavailable. When re-viewing the MRL, the Commission will take into account the information referred to in the first sentence, if it is submitted by 6 July 2020, or, if that information is not submitted by that date, the lack of it.

0110000

Citrus fruits

0110010

Grapefruits

0110020

Oranges

0110030

Lemons

0110040

Limes

0110050

Mandarins

0110990

Others (2)

(+)

The European Food Safety Authority identified some information on certain metabolites (compounds Ia, IV and gamma-lactone) formed under sterilization conditions as unavailable. When re-viewing the MRL, the Commission will take into account the information referred to in the first sentence, if it is submitted by 6 July 2020, or, if that information is not submitted by that date, the lack of it.

0120000

Tree nuts

0120010

Almonds

0120020

Brazil nuts

0120030

Cashew nuts

0120040

Chestnuts

0120050

Coconuts

0120060

Hazelnuts/cobnuts

0120070

Macadamias

0120080

Pecans

0120090

Pine nut kernels

0120100

Pistachios

0120110

Walnuts

0120990

Others (2)

0130000

Pome fruits

0130010

Apples

0130020

Pears

0130030

Quinces

0130040

Medlars

0130050

Loquats/Japanese medlars

0130990

Others (2)

(+)

The European Food Safety Authority identified some information on certain metabolites (compounds Ia, IV and gamma-lactone) formed under sterilization conditions and residue trials as unavailable. When re-viewing the MRL, the Commission will take into account the information referred to in the first sentence, if it is submitted by 6 July 2020, or, if that information is not submitted by that date, the lack of it.

0140010

Apricots

(+)

The European Food Safety Authority identified some information on certain metabolites (compounds Ia, IV and gamma-lactone) formed under sterilization conditions as unavailable. When re-viewing the MRL, the Commission will take into account the information referred to in the first sentence, if it is submitted by 6 July 2020, or, if that information is not submitted by that date, the lack of it.

0140020

Cherries (sweet)

(+)

The European Food Safety Authority identified some information on certain metabolites (compounds Ia, IV and gamma-lactone) formed under sterilization conditions and residue trials as unavailable. When re-viewing the MRL, the Commission will take into account the information referred to in the first sentence, if it is submitted by 6 July 2020, or, if that information is not submitted by that date, the lack of it.

0140030

Peaches

(+)

The European Food Safety Authority identified some information on certain metabolites (compounds Ia, IV and gamma-lactone) formed under sterilization conditions as unavailable. When re-viewing the MRL, the Commission will take into account the information referred to in the first sentence, if it is submitted by 6 July 2020, or, if that information is not submitted by that date, the lack of it.

0140040

Plums

0140990

Others (2)

(+)

The European Food Safety Authority identified some information on certain metabolites (compounds Ia and XI) formed under sterilization conditions and storage stability as unavailable. When re-viewing the MRL, the Commission will take into account the information referred to in the first sentence, if it is submitted by 6 July 2020, or, if that information is not submitted by that date, the lack of it.

0150000

Berries and small fruits

(+)

The European Food Safety Authority identified some information on certain metabolites (compounds Ia, IV and gamma-lactone) formed under sterilization conditions and storage stability as unavailable. When re-viewing the MRL, the Commission will take into account the information referred to in the first sentence, if it is submitted by 6 July 2020, or, if that information is not submitted by that date, the lack of it.

0151000

(a)

grapes

0151010

Table grapes

0151020

Wine grapes

0152000

(b)

strawberries

(+)

The European Food Safety Authority identified some information on certain metabolites (compounds Ia, IV and gamma-lactone) formed under sterilization conditions, residue trials and storage stability as unavailable. When re-viewing the MRL, the Commission will take into account the information referred to in the first sentence, if it is submitted by 6 July 2020, or, if that information is not submitted by that date, the lack of it.

0153000

(c)

cane fruits

0153010

Blackberries

0153020

Dewberries

0153030

Raspberries (red and yellow)

0153990

Others (2)

0154000

(d)

other small fruits and berries

0154010

Blueberries

0154020

Cranberries

0154030

Currants (black, red and white)

0154040

Gooseberries (green, red and yellow)

0154050

Rose hips

0154060

Mulberries (black and white)

0154070

Azaroles/Mediterranean medlars

0154080

Elderberries

0154990

Others (2)

(+)

The European Food Safety Authority identified some information on certain metabolites (compounds Ia, IV and gamma-lactone) formed under sterilization conditions as unavailable. When re-viewing the MRL, the Commission will take into account the information referred to in the first sentence, if it is submitted by 6 July 2020, or, if that information is not submitted by that date, the lack of it.

0161000

(a)

edible peel

0161010

Dates

0161020

Figs

0161030

Table olives

0161040

Kumquats

0161050

Carambolas

0161060

Kaki/Japanese persimmons

0161070

Jambuls/jambolans

0161990

Others (2)

0162000

(b)

inedible peel, small

0162010

Kiwi fruits (green, red, yellow)

0162020

Litchis/lychees

0162030

Passionfruits/maracujas

0162040

Prickly pears/cactus fruits

0162050

Star apples/cainitos

0162060

American persimmons/Virginia kaki

0162990

Others (2)

0163000

(c)

inedible peel, large

0163010

Avocados

(+)

The European Food Safety Authority identified some information on certain metabolites (compounds Ia, IV and gamma-lactone) formed under sterilization conditions and residue trials as unavailable. When re-viewing the MRL, the Commission will take into account the information referred to in the first sentence, if it is submitted by 6 July 2020, or, if that information is not submitted by that date, the lack of it.

0163020

Bananas

(+)

The European Food Safety Authority identified some information on certain metabolites (compounds Ia, IV and gamma-lactone) formed under sterilization conditions as unavailable. When re-viewing the MRL, the Commission will take into account the information referred to in the first sentence, if it is submitted by 6 July 2020, or, if that information is not submitted by that date, the lack of it.

0163030

Mangoes

0163040

Papayas

0163050

Granate apples/pomegranates

0163060

Cherimoyas

0163070

Guavas

0163080

Pineapples

0163090

Breadfruits

0163100

Durians

0163110

Soursops/guanabanas

0163990

Others (2)

0200000

VEGETABLES, FRESH or FROZEN

0210000

Root and tuber vegetables

0211000

(a)

potatoes

0212000

(b)

tropical root and tuber vegetables

0212010

Cassava roots/manioc

0212020

Sweet potatoes

0212030

Yams

0212040

Arrowroots

0212990

Others (2)

0213000

(c)

other root and tuber vegetables except sugar beets

0213010

Beetroots

0213020

Carrots

0213030

Celeriacs/turnip rooted celeries

0213040

Horseradishes

0213050

Jerusalem artichokes

0213060

Parsnips

0213070

Parsley roots/Hamburg roots parsley

0213080

Radishes

0213090

Salsifies

0213100

Swedes/rutabagas

0213110

Turnips

0213990

Others (2)

0220000

Bulb vegetables

0220010

Garlic

(+)

The European Food Safety Authority identified some information on certain metabolites (compounds Ia, IV and gamma-lactone) formed under sterilization conditions and residue trials as unavailable. When re-viewing the MRL, the Commission will take into account the information referred to in the first sentence, if it is submitted by 6 July 2020, or, if that information is not submitted by that date, the lack of it.

0220020

Onions

0220030

Shallots

(+)

The European Food Safety Authority identified some information on certain metabolites (compounds Ia, IV and gamma-lactone) formed under sterilization conditions as unavailable. When re-viewing the MRL, the Commission will take into account the information referred to in the first sentence, if it is submitted by 6 July 2020, or, if that information is not submitted by that date, the lack of it.

0220040

Spring onions/green onions and Welsh onions

0220990

Others (2)

0230000

Fruiting vegetables

0231000

(a)

Solanaceae and Malvaceae

0231010

Tomatoes

0231020

Sweet peppers/bell peppers

0231030

Aubergines/eggplants

0231040

Okra/lady's fingers

0231990

Others (2)

0232000

(b)

cucurbits with edible peel

(+)

The European Food Safety Authority identified some information on certain metabolites (compounds Ia, IV and gamma-lactone) formed under sterilization conditions and residue trials as unavailable. When re-viewing the MRL, the Commission will take into account the information referred to in the first sentence, if it is submitted by 6 July 2020, or, if that information is not submitted by that date, the lack of it.

0232010

Cucumbers

(+)

The European Food Safety Authority identified some information on certain metabolites (compounds Ia, IV and gamma-lactone) formed under sterilization conditions as unavailable. When re-viewing the MRL, the Commission will take into account the information referred to in the first sentence, if it is submitted by 6 July 2020, or, if that information is not submitted by that date, the lack of it.

0232020

Gherkins

0232030

Courgettes

0232990

Others (2)

0233000

(c)

cucurbits with inedible peel

0233010

Melons

0233020

Pumpkins

0233030

Watermelons

0233990

Others (2)

0234000

(d)

sweet corn

0239000

(e)

other fruiting vegetables

0240000

Brassica vegetables (excluding brassica roots and brassica baby leaf crops)

0241000

(a)

flowering brassica

0241010

Broccoli

0241020

Cauliflowers

0241990

Others (2)

0242000

(b)

head brassica

0242010

Brussels sprouts

0242020

Head cabbages

0242990

Others (2)

0243000

(c)

leafy brassica

(+)

The European Food Safety Authority identified some information on certain metabolites (compounds Ia, IV and gamma-lactone) formed under sterilization conditions and residue trials as unavailable. When re-viewing the MRL, the Commission will take into account the information referred to in the first sentence, if it is submitted by 6 July 2020, or, if that information is not submitted by that date, the lack of it.

0243010

Chinese cabbages/pe-tsai

(+)

The European Food Safety Authority identified some information on certain metabolites (compounds Ia, IV and gamma-lactone) formed under sterilization conditions as unavailable. When re-viewing the MRL, the Commission will take into account the information referred to in the first sentence, if it is submitted by 6 July 2020, or, if that information is not submitted by that date, the lack of it.

0243020

Kales

0243990

Others (2)

0244000

(d)

kohlrabies

0250000

Leaf vegetables, herbs and edible flowers

0251000

(a)

lettuces and salad plants

0251010

Lamb's lettuces/corn salads

0251020

Lettuces

(+)

The European Food Safety Authority identified some information on certain metabolites (compounds Ia, IV and gamma-lactone) formed under sterilization conditions and residue trials as unavailable. When re-viewing the MRL, the Commission will take into account the information referred to in the first sentence, if it is submitted by 6 July 2020, or, if that information is not submitted by that date, the lack of it.

0251030

Escaroles/broad-leaved endives

0251040

Cresses and other sprouts and shoots

0251050

Land cresses

0251060

Roman rocket/rucola

(+)

The European Food Safety Authority identified some information on certain metabolites (compounds Ia, IV and gamma-lactone) formed under sterilization conditions as unavailable. When re-viewing the MRL, the Commission will take into account the information referred to in the first sentence, if it is submitted by 6 July 2020, or, if that information is not submitted by that date, the lack of it.

0251070

Red mustards

(+)

The European Food Safety Authority identified some information on certain metabolites (compounds Ia, IV and gamma-lactone) formed under sterilization conditions and residue trials as unavailable. When re-viewing the MRL, the Commission will take into account the information referred to in the first sentence, if it is submitted by 6 July 2020, or, if that information is not submitted by that date, the lack of it.

0251080

Baby leaf crops (including brassica species)

(+)

The European Food Safety Authority identified some information on certain metabolites (compounds Ia, IV and gamma-lactone) formed under sterilization conditions as unavailable. When re-viewing the MRL, the Commission will take into account the information referred to in the first sentence, if it is submitted by 6 July 2020, or, if that information is not submitted by that date, the lack of it.

0251990

Others (2)

0252000

(b)

spinaches and similar leaves

0252010

Spinaches

0252020

Purslanes

0252030

Chards/beet leaves

0252990

Others (2)

0253000

(c)

grape leaves and similar species

0254000

(d)

watercresses

0255000

(e)

witloofs/Belgian endives

(+)

The European Food Safety Authority identified some information on certain metabolites (compounds Ia, IV and gamma-lactone) formed under sterilization conditions and residue trials as unavailable. When re-viewing the MRL, the Commission will take into account the information referred to in the first sentence, if it is submitted by 6 July 2020, or, if that information is not submitted by that date, the lack of it.

0256000

(f)

herbs and edible flowers

0256010

Chervil

0256020

Chives

0256030

Celery leaves

0256040

Parsley

0256050

Sage

0256060

Rosemary

0256070

Thyme

0256080

Basil and edible flowers

0256090

Laurel/bay leaves

0256100

Tarragon

0256990

Others (2)

(+)

The European Food Safety Authority identified some information on certain metabolites (compounds Ia, IV and gamma-lactone) formed under sterilization conditions as unavailable. When re-viewing the MRL, the Commission will take into account the information referred to in the first sentence, if it is submitted by 6 July 2020, or, if that information is not submitted by that date, the lack of it.

0260000

Legume vegetables

0260010

Beans (with pods)

0260020

Beans (without pods)

0260030

Peas (with pods)

0260040

Peas (without pods)

0260050

Lentils

0260990

Others (2)

0270000

Stem vegetables

0270010

Asparagus

0270020

Cardoons

0270030

Celeries

0270040

Florence fennels

0270050

Globe artichokes

(+)

The European Food Safety Authority identified some information on certain metabolites (compounds Ia, IV and gamma-lactone) formed under sterilization conditions and residue trials as unavailable. When re-viewing the MRL, the Commission will take into account the information referred to in the first sentence, if it is submitted by 6 July 2020, or, if that information is not submitted by that date, the lack of it.

0270060

Leeks

(+)

The European Food Safety Authority identified some information on certain metabolites (compounds Ia, IV and gamma-lactone) formed under sterilization conditions as unavailable. When re-viewing the MRL, the Commission will take into account the information referred to in the first sentence, if it is submitted by 6 July 2020, or, if that information is not submitted by that date, the lack of it.

0270070

Rhubarbs

0270080

Bamboo shoots

0270090

Palm hearts

0270990

Others (2)

0280000

Fungi, mosses and lichens

0280010

Cultivated fungi

0280020

Wild fungi

0280990

Mosses and lichens

0290000

Algae and prokaryotes organisms

0300000

PULSES

0300010

Beans

0300020

Lentils

0300030

Peas

0300040

Lupins/lupini beans

0300990

Others (2)

0400000

OILSEEDS AND OIL FRUITS

0401000

Oilseeds

0401010

Linseeds

0401020

Peanuts/groundnuts

0401030

Poppy seeds

0401040

Sesame seeds

0401050

Sunflower seeds

0401060

Rapeseeds/canola seeds

0401070

Soyabeans

0401080

Mustard seeds

0401090

Cotton seeds

0401100

Pumpkin seeds

0401110

Safflower seeds

0401120

Borage seeds

0401130

Gold of pleasure seeds

0401140

Hemp seeds

0401150

Castor beans

0401990

Others (2)

0402000

Oil fruits

0402010

Olives for oil production

0402020

Oil palms kernels

0402030

Oil palms fruits

0402040

Kapok

0402990

Others (2)

0500000

CEREALS

0500010

Barley

0500020

Buckwheat and other pseudocereals

0500030

Maize/corn

0500040

Common millet/proso millet

(+)

The European Food Safety Authority identified some information on certain metabolites (compounds Ia, IV and gamma-lactone) formed under sterilization conditions and residue truials as unavailable. When re-viewing the MRL, the Commission will take into account the information referred to in the first sentence, if it is submitted by 6 July 2020, or, if that information is not submitted by that date, the lack of it.

0500050

Oat

(+)

The European Food Safety Authority identified some information on certain metabolites (compounds Ia, IV and gamma-lactone) formed under sterilization conditions as unavailable. When re-viewing the MRL, the Commission will take into account the information referred to in the first sentence, if it is submitted by 6 July 2020, or, if that information is not submitted by that date, the lack of it.

0500060

Rice

0500070

Rye

0500080

Sorghum

0500090

Wheat

0500990

Others (2)

0600000

TEAS, COFFEE, HERBAL INFUSIONS, COCOA AND CAROBS

0610000

Teas

0620000

Coffee beans

0630000

Herbal infusions from

0631000

(a)

flowers

0631010

Chamomile

0631020

Hibiscus/roselle

0631030

Rose

0631040

Jasmine

0631050

Lime/linden

0631990

Others (2)

0632000

(b)

leaves and herbs

0632010

Strawberry

0632020

Rooibos

0632030

Mate/maté

0632990

Others (2)

0633000

(c)

roots

0633010

Valerian

0633020

Ginseng

0633990

Others (2)

0639000

(d)

any other parts of the plant

0640000

Cocoa beans

0650000

Carobs/Saint John's breads

(+)

The European Food Safety Authority identified some information on certain metabolites (compounds Ia, IV and gamma-lactone) formed under sterilization conditions, residue trials and analytical methods as unavailable. When re-viewing the MRL, the Commission will take into account the information referred to in the first sentence, if it is submitted by 6 July 2020, or, if that information is not submitted by that date, the lack of it.

0700000

HOPS

(+)

The European Food Safety Authority identified some information on certain metabolites (compounds Ia, IV and gamma-lactone) formed under sterilization conditions and analytical methods as unavailable. When re-viewing the MRL, the Commission will take into account the information referred to in the first sentence, if it is submitted by 6 July 2020, or, if that information is not submitted by that date, the lack of it.

0800000

SPICES

0810000

Seed spices

0810010

Anise/aniseed

0810020

Black caraway/black cumin

0810030

Celery

0810040

Coriander

0810050

Cumin

0810060

Dill

0810070

Fennel

0810080

Fenugreek

0810090

Nutmeg

0810990

Others (2)

0820000

Fruit spices

0820010

Allspice/pimento

0820020

Sichuan pepper

0820030

Caraway

0820040

Cardamom

0820050

Juniper berry

0820060

Peppercorn (black, green and white)

0820070

Vanilla

0820080

Tamarind

0820990

Others (2)

0830000

Bark spices

0830010

Cinnamon

0830990

Others (2)

0840000

Root and rhizome spices

0840010

Liquorice

(+)

The European Food Safety Authority identified some information on certain metabolites (compounds Ia, IV and gamma-lactone) formed under sterilization conditions and analytical methods as unavailable. When re-viewing the MRL, the Commission will take into account the information referred to in the first sentence, if it is submitted by 6 July 2020, or, if that information is not submitted by that date, the lack of it. As from 1 January 2020, the applicable maximum residue level for ginger (Zingiber officinale) in the spice group (code 0840020 ) is the one set for ginger roots (Zingiber officinale) in the Part B of the Annex 1 (code 0213040-006 , equal to the one of horseradish (Armoracia rusticana) code 0213040 ), taking into account changes in the levels by processing (drying), according to Art. 20 (1) of Regulation (EC) No 396/2005.

0840020

Ginger (10)

(+)

The European Food Safety Authority identified some information on certain metabolites (compounds Ia, IV and gamma-lactone) formed under sterilization conditions and analytical methods as unavailable. When re-viewing the MRL, the Commission will take into account the information referred to in the first sentence, if it is submitted by 6 July 2020 or, if that information is not submitted by that date, the lack of it.

0840030

Turmeric/curcuma