Contents    

List of abbreviations

1.Introduction

1.1Purpose of the evaluation

1.2Scope of the evaluation

2.Background to the initiative

2.1History of EU supervisory reporting

2.2The Call for Evidence and the need for review

2.3Initiatives to simplify and streamline supervisory reporting

2.4Intervention logic

3.EVALUATION QUESTIONS

4.METHOD

4.1Inputs into the fitness check

4.2Point of comparison for the analysis

4.3Limitations of the analysis

5.STATE OF PLAY: OVERVIEW OF EU SUPERVISORY REPORTING

5.1Development and set-up of EU-level supervisory reporting requirements

5.2Who reports what to whom

5.3Summary statistics of reporting requirements

5.4Benefits and costs of supervisory reporting

6.ASSESSMENT AND ANSWERS TO EVALUATION QUESTIONS

6.1Effectiveness

6.2Efficiency

6.3Relevance

6.4Coherence

6.5EU value added

7.CONCLUSIONS

7.1Conclusions on the fitness of EU supervisory reporting requirements

7.2Lessons learned

ANNEX 1: PROCEDURAL INFORMATION

ANNEX 2: OVERVIEW OF LEGISLATIVE ACTS IN SCOPE

ANNEX 3: STAKEHOLDER CONSULTATION

3.1Consultation on the evaluation roadmap

3.2Summary of the open public consultation on the fitness check on supervisory reporting

3.3Targeted consultation of national competent authorities

3.4Other consultation activities

ANNEX 4: OVERVIEW OF MAIN ISSUES WITH EU SUPERVISORY REPORTING REQUIREMENTS

4.1Overview of cross-cutting issues

4.2Overview of sector-specific issues

ANNEX 5: STUDY ON FINANCIAL SECTOR COMPLIANCE COSTS – SUMMARY

5.1Study context and method

5.2Supervisory reporting costs across sectors

5.3Incremental costs due to EU level requirements

5.4Breakdown of costs per item

5.5Cost drivers

5.6Benefits of regulation

5.7Limitations of the study

ANNEX 6 DETAILED OVERVIEW OF REPORTING REQUIREMENTS PER REPORTING FRAMEWORK

List of abbreviations

1.Introduction 

EU and national supervisory authorities need access to data to effectively supervise financial institutions, to monitor risks, to ensure financial stability and orderly markets, and to protect investors and consumers of financial services in the EU. EU and national supervisory authorities need access to data to effectively supervise financial institutions, monitor systemic risks and ensure orderly markets, financial stability, and the protection of investors and consumers of financial services. Hence, Regulated financial institutions and other entities active on the financial markets are therefore required to report a wide range of data on their financial condition and their activities to these authorities directly or to bodies set up specifically to collect and store such data. EU law in this area consists of a large number of legislative acts covering a range of financial sector industries (banking, insurance, asset management, pension funds, etc.) and products (loans, securities, financial derivatives, etc.). The reporting requirements included in the various pieces of legislation, with information being requested primarily for supervisory purposes, are collectively referred to as ‘supervisory reporting requirements’.

The financial crisis that started in 2007/8 exposed significant weaknesses in the EU’s regulatory framework governing financial services. It revealed significant data gaps and insufficient reporting to the relevant supervisory authorities. The post-crisis overhaul of the regulatory framework, which involved adopting more than 40 pieces of EU financial services legislation, generated a significant number of new, and mostly more granular, supervisory reporting requirements.

In September 2015, the European Commission launched a Call for Evidence to gather feedback from all stakeholders on the overall impact and coherence of the EU regulatory framework for financial services. Supervisory reporting was one of the main issues highlighted by the respondents. While the stakeholders acknowledged the need for EU supervisory reporting, they argued that supervisory reporting requirements contained in EU legislation are not fully aligned, occasionally overlapping and inconsistent with one another. This makes reporting unnecessarily complex, costly and burdensome, and can impair the quality of data available to supervisors. Similar feedback was received in a number of sectoral legislative reviews carried out around the same time and in day-to-day contacts with stakeholders.

The fitness check of supervisory reporting requirements in EU financial services therefore stems directly from the feedback received to the Call for Evidence. The Communication on the planned follow-up to the Call for Evidence from November 2016 1 identified the need for a review of supervisory reporting requirements, and the Follow-up Report to the Call for Evidence from December 2017 2 launched a public consultation to gather more detailed evidence as part of this fitness check.

The fitness check was listed as a main initiative in the Commission’s 2018 and 2019 Work Programmes, as part of the Regulatory Fitness and Performance (REFIT) programme. It is part of a wider commitment made by the Commission in the May 2015 Better Regulation package to engage in ‘a broad review of reporting requirements to see how burdens can be alleviated. This review will have a particularly strong focus on areas where stakeholders have recently indicated their concerns, such as agriculture, energy, environment and financial services. 3

1.1Purpose of the evaluation 

Following the feedback received in the Call for Evidence and in a number of sectoral legislative reviews, the Commission decided to conduct this fitness check to obtain further evidence and carry out a more in-depth review of supervisory reporting requirements in EU financial services legislation. The aim is to assess whether the requirements are fit for purpose, and to analyse any shortcomings associated with these requirements. As required by the Commission’s Better Regulation guidelines, the assessment examines whether the reporting objectives are set correctly and continue to be the right ones (relevance), whether the requirements are meeting the objectives and have EU value added (effectiveness, EU added value), whether they are consistent across the different legislative acts (coherence), and whether the cost and burden of supervisory reporting is reasonable and proportionate (efficiency).

The broader objective of this analysis is to identify areas where there is scope for simplifying and streamlining supervisory reporting while ensuring that supervisors continue to receive the data they need to fulfil their mandates — in other words without compromising the financial stability, market integrity, and consumer protection objectives of EU financial services legislation.

1.2Scope of the evaluation 

The key elements (and limitations) of the scope of the fitness check are as follows:

·The assessment covers the requirements contained in the body of EU financial services law (the ‘EU financial acquis’) 4 that concern supervisory reporting — i.e. reporting to the competent authorities at EU and national level — either directly or indirectly — for the purposes of ongoing supervision. It also covers reporting to resolution authorities under the Bank Recovery and Resolution Directive, mentioned separately where relevant. As detailed below, the main supervisory (and resolution) reporting frameworks applying to banks, investment firms, insurance companies, managers of investment funds and other financial market participants are therefore within the scope of this fitness check.

·The assessment focuses on reporting requirements under EU legislation. It does not examine in detail purely national reporting requirements, though it looks at the interplay between EU and national requirements.

·Other types of EU reporting requirements are out of scope. In particular, public reporting by companies (including financial institutions) is covered in a separate fitness check 5 . Disclosures targeted to investors were also excluded. Reporting requirements that result in the collection of data for statistical purposes are not included in the detailed analysis, as these stem from regulations of the European Central Bank. Lastly, the assessment also excludes one-off notifications to competent authorities (e.g. for the purpose of authorisation) to focus on regular reporting to supervisors for ongoing supervisory purposes.

·Although not generally considered part of the EU financial services acquis, the assessment includes reporting under the Regulation for energy market integrity and transparency 6 (REMIT) for the part relating to financial transactions in energy markets.

·The assessment focuses on Level 1 and Level 2 legislation. Level 1 legislation sets out the general framework and scope of the supervisory reporting requirements. Level 2 acts are technical standards that define more specifically the content, form and format of the data to be reported and how it is to be reported. Level 3 measures, including questions & answers and other guidance documents by the European Supervisory Authorities (see Section 5 for further explanations), are out of scope as they are not legislative, and were only consulted when necessary to understand the requirements. Related Level 1 and Level 2 acts are taken together and referred to throughout this fitness check as ‘legislative frameworks’ or ‘reporting frameworks’.

·The assessment focuses primarily on legislative acts that contain at least some ‘structured’ supervisory reporting requirements in Level 1 or Level 2 legislation, i.e. those for which data tables have been defined 7 or where the description of the reporting requirements is detailed enough for such tables to be easily created 8 . Legislative acts that do not contain structured requirements at Level 1 and Level 2 are only examined in this document if they give rise to specific reporting issues, as confirmed in the stakeholder consultation. The assessment focuses in particular on the structured, regular (repetitive) reporting of data to supervisors, as opposed to event-driven reporting (e.g. notifications of new business activities, personnel or company structure change notification, applications for waivers, requests for authorisations, etc.) or additional ‘ad hoc’ reporting requests by supervisors to seek new or more detailed data to gather information about specific risks or other issues arising. Nonetheless, all the supervisory reporting issues raised by stakeholders were considered. A detailed analysis of data tables and definitions was only conducted for the requirements specified in ‘structured’ format in the legal texts. Unstructured requirements, by definition, leave a large degree of discretion on the precise content and format 9 and are therefore not easily analysed and compared.

·The assessment uses the general cut-off date of 31 December 2016. This means that it covers only legislative acts that were either in force or published but not yet in force by that date. However, the scope was extended to encompass important Level 2 acts that were adopted after 2016 and specify the technical reporting details, in particular for reporting under the prudential frameworks applying to banks and investment firms (under the Capital Requirements Regulation 10 ) and in insurance (under Solvency II 11 ) as well as the financial transaction reporting under the Markets for Financial Instruments Regulation 12 (MiFIR) and the European Market Infrastructure Regulation 13 (EMIR) 14 . For a few legislative acts within the scope of the assessment (see below), the analysis was more limited because the corresponding Level 2 measures had not yet been adopted or because the reporting requirements were not yet in force.

·The Fitness Check did not specifically consider new sustainability-related data and reporting requirements, notably regarding the exposures to climate and broader environmental sustainability related financial risks, which have to prominence since the March 2018 Communication “Action Plan: Financing Sustainable Growth” 15 .

Changes from the original scope as presented in the Evaluation Roadmap

The proposed scope was set out in the Evaluation Roadmap, which was open for public comment 16 . Based on the feedback received and as the assessment progressed, certain aspects of the scope were changed to ensure that the fitness check addressed all the main issues raised by stakeholders concerning supervisory reporting. The full list of the legislative acts in scope of this fitness check is provided below, with detailed descriptions provided in Annex 2 and Annex 6.

The main changes to the initial scope are as follows:

·The initial scope of the fitness check as presented in the Evaluation Roadmap covered supervisory reporting in Level 1 legislation. Level 2 acts were only to be looked at in detail in a limited number of cases. However, the scope was widened here, given that in most cases, Level 2 legislation contains the core elements of EU level supervisory reporting requirements.

·The cut-off date of 31 December 2016 was relaxed to include a few new or revised Level 2 acts published after that date. This is due to the particular importance of these changes to the reporting frameworks in question, to the extent that assessing the earlier version would not have sufficiently reflected reality and stakeholders’ concerns.

·One legislative act falling outside of the remit of DG FISMA (REMIT and the financial transaction reporting requirements it contains) was added to the scope. The reason is its particularly close interaction with transaction reporting under EMIR and the concerns raised by energy market participants about overlapping or inconsistent reporting in relation to (energy) commodity derivatives.

·Although initially the analysis aimed to focus exclusively on structured supervisory reporting frameworks, the final scope also covers legislative frameworks that do not contain any structured reporting requirements in Level 1 or Level 2 texts but were signalled as problematic during consultations with stakeholders. This includes in particular the reporting requirements for significant banks in the euro area as part of the Banking Union, namely, reporting to the ECB as the direct supervisor under the Single Supervisory Mechanism (SSM) Regulation 17 and to the Single Resolution Board (SRB) under the Single Resolution Mechanism (SRM) Regulation 18   19 .  Additional rules governing the reporting of financial conglomerates under the Financial Conglomerates Directive 20 (FICOD) were also included in the scope.  

Summary of legislative acts (supervisory reporting frameworks) in scope

The following lists the legislative acts (Level 1) covered by this fitness check, showing first the 14 frameworks with ‘structured’ supervisory reporting requirements (broadly ordered by sector, i.e. banking, insurance, financial markets and fund management) and then the three additional frameworks with ‘unstructured’ reporting. The corresponding Level 2 acts that set out reporting details are listed in Annex 6, which also provides further details on each reporting framework. Section 5 provides an overview of the reporting landscape, including what is reported by whom and to whom. As noted above, the frameworks listed capture the issues raised by stakeholders (industry and public authorities) in relation to EU-level supervisory reporting 21 .

Overall, the scope of the fitness check is very broad. From the beginning of the assessment, the challenge has been to balance the aim for comprehensiveness and the need for detail of the assessment. The main aim has been to conduct an overall assessment of the common supervisory reporting challenges across the EU financial acquis, acknowledging however that the challenges require a very detailed assessment of the specific reporting requirements under the different sectoral legislations. Note also that the detailed reporting requirements under some frameworks listed have only recently been adopted or not yet applicable 22 . These and other limitations of the assessment are summarised in Section 4.3.  

The following legal frameworks with ‘structured’ reporting requirements at Level 1 or Level 2 are included in the scope:

·Capital Requirements Regulation (CRR) and the Capital Requirements Directive 23 (CRD IV);

·Bank Recovery and Resolution Directive 24 (BRRD);

·Solvency II;

·Markets in Financial Instruments Regulation (MiFIR) and Markets in Financial Instruments Directive 25 (MiFID II);

·European Market Infrastructure Regulation (EMIR);

·Regulation on settlement and central securities depositories 26 (CSDR);

·Securities Financing Transactions Regulation 27 (SFTR);

·Short-Selling Regulation 28 (SSR);

·Market Abuse Directive 29 (MAD) and Market Abuse Regulation 30 (MAR);

·Alternative Investment Fund Managers Directive 31 (AIFMD);

·Undertakings for the Collective Investment in Transferable Securities 32 (UCITS) Directive;

·Credit Rating Agencies Regulation 33 (CRAR) and Credit Rating Agencies Directive 34 (CRAD);

·Regulation on statutory audit of public-interest entities 35 (SAR) and Directive on statutory audits of annual accounts and consolidated accounts 36 (SAD) 

·Regulation on wholesale energy market integrity and transparency (REMIT).

The scope of the assessment also includes the following legal frameworks, as described above, although they do not contain structured reporting requirements at Level 1 or Level 2:  37

·Single Supervisory Mechanism Regulation (SSM Regulation);

·Single Resolution Mechanism Regulation (SRM Regulation);

·Financial Conglomerates Directive (FICOD).

2.Background to the initiative

2.1History of EU supervisory reporting

While supervisory reporting in EU financial services is not a new phenomenon and has been around since the 1970s, it was more limited in scope and largely based on national requirements, with limited coordination and information exchange. Since then, regulatory requirements have increasingly shifted from national to EU level, with greater coordination also internationally. The financial crisis that started in 2007/08 resulted in a major overhaul of the EU regulatory and supervisory framework for financial services, and triggered corresponding changes also in supervisory reporting requirements.

As illustrated with examples in Box 1, the crisis revealed that supervisors across the globe did not have sufficient information at hand to monitor adequately what had over the years become a highly integrated global economy with highly interlinked markets worldwide and significant interdependencies among financial intermediaries. In other words, the crisis revealed clear information gaps and highlighted the need for more timely, harmonised, and granular data to allow authorities to monitor systemic risks and to promptly evaluate the impacts should these risks materialise.

In response to the financial crisis, the EU has pursued an ambitious regulatory reform agenda, coordinated with its international partners in the G20. It adopted over 40 legal acts to restore financial stability and market confidence 39 . These include new protections for consumers and increased transparency; an improved regulatory framework for banks, insurance, financial markets and asset management; new tools for bank resolution and deposit protection; and the Banking Union with single supervision and resolution for large banks. The high number and broad scope of regulatory reforms undertaken at EU and global level is a reflection of the diversity and severity of the problems undermining the functioning of the financial system prior to the crisis. (Further detail on the new legislative acts adopted since the financial crisis can be found in Annex 6).

New or revised reporting requirements accompanied these reforms, with the aim to provide supervisors with the information to check compliance with the rules, monitor risks and fulfil their other supervisory mandates. As a result of the post-crisis reforms, the scope of supervisory reporting increased significantly, not just in terms of the sheer volume of data to be reported by individual entities but also in terms of the number of reporting entities and activities brought within the scope of the EU legislative framework for financial services. Increased reporting requirements have also been implemented internationally, e.g. in the USA pursuant to the Dodd-Frank Act.

Although the post-crisis reforms were a significant trigger, reporting requirements have also become more detailed and granular than before because of the increasingly complex nature of financial services. Moreover, technological developments have improved computing capacities and enabled automatic processing of large datasets. The related move to more data-driven supervision goes hand in hand with corresponding data needs 40 .

Before the crisis, EU financial services legislation was largely based on minimum harmonisation, allowing Member States to exercise considerable flexibility in transposition. As a result of the post-crisis reforms, the single rulebook was drawn up, providing a single set of uniform rules for the financial sector to be applied throughout the EU. This also led to the creation of the European System of Financial Supervisors (ESFS) and in particular the three European supervisory authorities: the European Banking Authority (EBA), the European Securities and Markets Authority (ESMA), and the European Insurance and Occupational Pensions Authority (EIOPA). These EU agencies, operating since 1 January 2011, are important to further develop the single rulebook and ensure consistent supervision and appropriate coordination among EU supervisory authorities. In addition, the European Systemic Risk Board (ESRB) monitors macro-prudential risks across the EU and can issue warnings and recommendations to call for corrective action. This change in the supervisory structure also meant a change from mainly national reporting to EU-level reporting, with more uniform requirements and reporting of a common set of EU-wide data to enable EU-level supervision.

Lastly, to address the structural weaknesses in the institutional structures supporting economic and monetary union (EMU), the Member States agreed to create a Banking Union. Building on the single rulebook, the first pillar of the Banking Union is the Single Supervisory Mechanism (SSM), which transfers key supervisory tasks for significant banks in the euro area to the ECB. The other key pillar is the Single Resolution Mechanism (SRM), with a Single Resolution Board (SRB) to ensure swift decision-making in the resolution of a failing significant bank. The applicable pieces of legislation stipulate that significant banks are to report information to these European authorities to enable them to fulfil their functions within the Banking Union.

2.2The Call for Evidence and the need for review

On 30 September 2015, the European Commission launched a Call for Evidence on the EU regulatory framework for financial services. The purpose was to check whether the more than 40 pieces of EU legislation adopted since the financial crisis were working as intended. Over 300 stakeholders shared their experience of implementing EU financial regulations and provided their assessment of the individual and combined impact of EU rules.

Although the responses to the Call for Evidence showed overall support for the post-crisis reforms, it also revealed a need to make targeted changes and to fine-tune the rules to make them more effective and efficient in achieving their objectives. One area triggering significant responses was supervisory reporting. Industry stakeholders expressed concerns about the compliance burden stemming from the reporting requirements in various pieces of EU legislation, including the following: 41  

·Respondents perceived the supervisory reporting requirements as too numerous and too complex. The complexity is to a large extent due to duplications and overlap with different reporting frameworks, but also to insufficient standardisation and the lack of clarity on what needs to be reported (e.g. lack of harmonised financial data definitions, lack of references to existing international standards).

·Major changes to EU legislation on supervisory reporting often result in substantial one-off costs, in particular where IT systems or internal procedures need to be adapted. Stakeholders therefore stressed the importance of reducing the frequency of changes to supervisory reporting requirements, and of allowing sufficient time to implement any such changes.

·Respondents perceived ad hoc requirements, e.g. requests by supervisors that go beyond the regular reporting requirements, as particularly disruptive and costly.

Supervisors stressed the importance of access to timely and good quality supervisory data. They argued that the quality of supervisory reporting could be improved further to make more informed and timely decisions on the risk profile of firms or sectors and that remaining data gaps need to be addressed.

In the follow-up report to the Call for Evidence, adopted at the end of 2017 42 , the Commission set out a twofold approach. First, it would take targeted measures to address specific concerns to the extent possible in the short term and, second, it would take a more comprehensive, long-term approach to improve EU supervisory reporting going forward. The Commission has taken and is continuing to take action on both fronts. Section 2.3 provides an overview of the targeted measures already taken or ongoing to simplify and streamline supervisory reporting. This fitness check is part of the second, more long-term approach and provides the more comprehensive assessment needed to feed into further actions.

2.3Initiatives to simplify and streamline supervisory reporting

Significant effort has already been made to simplify and streamline supervisory reporting. The large majority of these initiatives address issues arising from the application of single legislative acts or are limited to legislation applicable to a certain subsector. They cover both primary legislation (Level 1) and changes to technical specifications and detailed reporting rules contained in secondary legislation (Level 2). Moreover, the ESAs have worked or are working a number of non-legislative initiatives which should also contribute to simplifying EU level supervisory reporting. The work carried out to prepare this fitness check and the discussions with stakeholders has directly contributed to several of the initiatives listed.

Legislative initiatives

The most recent key initiatives in the legislative area are:

·CRR Review ('CRR2/CRD5'). On 23 November 2016, the Commission proposed a legislative act to amend the banking prudential requirements contained in CRR/CRD IV. A final political agreement was endorsed in April 2019 and the legislative act was published in June 2019 43 . CRR2/CRD5 aims to strengthen the resilience of the banking sector while making the prudential requirements more proportionate and less burdensome for smaller financial institutions. In particular, the EBA has been mandated to conduct a cost-benefit review of all supervisory reporting requirements and propose ways to reduce the reporting burden, at least for small, non-complex institutions, 44 and to conduct a study to assess the feasibility of an integrated reporting system (i.e. covering statistical, resolution and prudential data) for all EU banks. For the study, the EBA will work together with competent authorities and the authorities responsible for deposit guarantee schemes and resolution, and in particular the ESCB. The study must look at, among other aspects, the setup of a common data dictionary and the feasibility and design of a central data collection system that would allow all relevant authorities to access the data. CRR2/CRD5 has also established a waiver from reporting if the data in question is already available from another source 45 . Moreover, competent authorities can also relieve banks from having to comply with old requirements if the templates for the new supervisory reporting requirements are not ready. Upon the agreement of their supervisor, small non-complex institutions will also benefit from simplified NSFR reporting (‘sNSFR’).

·Investment Firms Supervision package. The review of the CRR also covered a revision of the application of prudential rules and reporting for investment firms, which will no longer be subject to the CRR prudential banking rules. This package introduces greater proportionality for smaller investment firms, including supervisory reporting. In particular, the information that investment firms will be required to report should be concise and proportionate to the nature, scope and complexity of their activities. The largest and most systemic firms will remain under the scope of the CRR and its related reporting requirements. The co-legislators reached agreement on the revised framework in April 2019, with entry into force expected in autumn 2019, after a second vote by the incoming Parliament formally adopting the outcome 46 . The rules apply as of spring 2021. In the meantime, the EBA and ESMA will develop implementing measures in technical areas to complete the framework.

·BRRD and SRMR review (BRRD2 & SRMR2). The review of the BRRD and SRMR is closely related to the CRR/CRD review 47 and aims to establish a more efficient and coherent recovery and resolution framework. The European Parliament and Council adopted the final texts in April 2019, published in June 2019 48 . Although the review introduces new reporting requirements (e.g. internal/external MREL, more detailed reports on ‘bail-inable’ liabilities), it also sets out simplification measures. In particular, it introduces a waiver from MREL reporting for entities that have set out a liquidation strategy. Moreover, the reporting of ‘bail-inable’ liabilities is waived for entities complying with a minimum of 150% of MREL. Lastly, it sets out a mandate for the EBA to specify uniform reporting formats, the instructions, the methodology, and the frequency and dates of reporting related to the MREL requirements.

·EMIR Refit. The EMIR Refit Regulation 49 is one of two legislative acts amending the original EMIR Regulation 50 . The proposal was adopted in May 2017 with political agreement reached in February 2019. The initiative builds on the results of the Commission’s Call for Evidence and aims to make compliance more proportionate and less onerous, especially for non-financial counterparties (NFCs). Part of the regulation amends the EMIR reporting framework. Firstly, it includes an exemption from reporting of intra-group transactions involving an NFC, provided that certain conditions are met. Furthermore, it stipulates that, for OTC transactions between a financial counterparty and a NFC, the former will be responsible and legally liable for reporting both sides of the transaction. In addition, the Refit Regulation introduces a mandate for the Commission to assess whether the obligation to report transactions under EMIR and MiFIR creates a duplicate transaction reporting obligation for non-OTC derivatives and whether reporting of non-OTC transactions could be reduced or simplified (see Section 6.4 for discussion of this issue). Lastly, it introduces a mandate for ESMA to more accurately define the procedures for the reconciliation of data between TRs.

·Solvency II review. In addition to these two adopted initiatives, the European Commission is conducting a review of the Solvency II Directive, expected to be finalised in Q4 of 2020. To this end, the Commission sent a request to EIOPA for technical advice in February 2019 51 , which contains a specific request to review the reporting and public disclosure requirements (assessing appropriateness and proportionality). The EIOPA took on board the key findings and topics that emerged from the fitness check in the area of insurance in its Consultation Paper on proposals for the Solvency II 2020 Review 52 .

·AIFMD review. In addition, the Commission is currently in the process of conducting a review of the AIFMD framework, which will result in a Commission report to the European Parliament and the Council evaluating the application and the scope of this legal framework. The report is expected to be submitted to the EU co-legislators by the end of 2019 or early 2020. As one of its objectives, the review aims to identify areas where effectiveness of the Directive could be improved and is looking into the potential to simplify supervisory reporting.

Non-legislative initiatives

Apart from the above legislative initiatives, there is a range of non-legislative work streams that also aim to address the issues identified. These projects are normally led by the ESAs and the ECB, and often relate to increased standardisation of reporting and messaging formats and corresponding validation rules in sectoral reporting frameworks.

For example, in ESMA, a data strategy was adopted in 2017 which aims to improve data governance, data standardisation, and the general technical implementation of the reporting frameworks under the remit of ESMA. As part of this strategy, ESMA has set up a ‘Data Standing Committee’ which brings national authorities together to tackle cross-cutting issues pertaining to the reporting of data under different regulatory regimes, including the reporting of transactions, positions, record keeping of orders and instrument data under MiFIR, trade reporting under EMIR and SFTR, funds reporting under AIFMD and MMFR, etc. The committee aims to foster supervisory convergence and enhance the quality of reported data 53   54 . 

In the area of banking, several processes are also ongoing or complete, with the aim of simplifying the various reporting frameworks. For example, the EBA and the SRB are cooperating closely on resolution planning with the aim of creating an integrated and — in terms of technical solutions — harmonised set of requirements covering both prudential supervisory and resolution reporting requirements. The EBA is working on a further integration of supervisory reporting requirements with related public disclosure requirements within their remit, with a view to reducing the burden and facilitating banks’ compliance with both. Likewise, the EBA cooperates with the ECB as well on various initiatives, such as the BIRD initiative (see below).

The SSM has carried out several initiatives to reduce the burden for banks stemming from their required reporting to the SSM. In particular, in 2018 the SSM carried out a project (the ‘Simplification Group initiative’) to streamline supervisory reporting requirements initiated by the ECB and the national competent authorities and to improve internal governance 55 .

To ensure consistent application of reporting requirements, the EBA and EIOPA have developed a common methodology for modelling the requirements (the Data Point Model - DPM) which includes a single data dictionary for all their frameworks and templates. Both the EBA and EIOPA also provide common XBRL 56 taxonomies for their frameworks, which the 28 EU national authorities have voluntarily adopted. They also provide validation rules and Q&A mechanisms to ensure a harmonised application of requirements.

In the related area of statistical reporting, the ECB is working on developing common definitions and data models, in particular through two ongoing projects. The first is the European System of Central Banks’ (ESCB) Integrated Reporting Framework (IReF), which aims to integrate existing statistical data requirements for banks into a unique and standardised reporting framework that would be applicable across the euro area 57 . It focuses in particular on requirements of the ECB’s regulations on monetary financial institutions’ balance sheet items and interest rate statistics, securities holdings statistics and bank loan reporting (AnaCredit). The current aim is to implement the IReF by 2024-27. The other project, entitled ‘Banks Integrated Reporting Dictionary’ (BIRD), aims to help banks organise information stored in their internal systems more efficiently in order to better fulfil their reporting requirements. BIRD is a harmonised data model that precisely describes the data to be extracted from the banks’ internal IT systems to derive reports required by supervisory authorities. The BIRD currently covers the reporting requirements of AnaCredit, the group module of ECB statistical reporting of securities holdings, as well as FINREP 58 . The coverage of COREP 59 , asset encumbrance, and resolution planning is currently under development. 

2.4Intervention logic

This fitness check focuses on the provisions contained in the legal acts that make up the EU’s financial services acquis that define supervisory reporting obligations. Hence the intervention logic, summarised in Figure 2.1, refers only to the reporting obligations and not the overall objectives of the different pieces of legislation.

However, it is not straightforward to separate the objectives of supervisory reporting from the wider objectives of the legislation. Also, the objectives that apply specifically to reporting are not always spelled out explicitly in the corresponding legislative text and often follow implicitly from the wider objectives and requirements of the legislation. Supervisory reporting was also not systematically assessed in the impact assessments accompanying the legislative proposals.

The general objective of supervisory reporting requirements is to provide supervisors at EU and national level with the information they need to fulfil their supervisory functions. More specifically, supervisors need relevant, reliable, timely and comparable information to:

·supervise and enforce compliance with the rules;

·monitor risks in the EU financial system;

·promote supervisory convergence in the EU single market for financial services;

·help design and (re-)calibrate regulations and detailed technical standards.

The specific data needs of each specific supervisor to a large extent stems directly from their aims and obligations, and are reflected in the corresponding legislative frameworks.

As noted above, the financial crisis revealed significant data gaps that called for more granular data and comparable information to improve supervision. The pre-crisis situation is the main baseline against which to assess the current supervisory reporting arrangements. Improved supervisory reporting, as part of a post-crisis legislative reform package and enhanced supervision, aims to contribute to the following wider objectives, all with a view to improving the functioning of the EU single market in financial services 60 :

·financial stability (improving the resilience of financial institutions and reducing systemic risk);

·market integrity (limiting market abuse, promoting transparent and well-functioning financial markets); and

·consumer and investor protection (ensuring proper conduct of financial services providers for the benefit of investors or consumers of financial services).

The pieces of legislation within the scope of this fitness check all pursue different specific objectives and apply to different sectors. As a result, the reporting requirements contained therein target different information and data reports to be provided to the supervisory authorities. Section 5 provides an overview of the main objectives per legislation and explains what needs to be reported and why, with further details provided in Annex 6.

Figure 2.1    Intervention logic for supervisory reporting obligations

3.EVALUATION QUESTIONS

This fitness check assesses the fitness of supervisory reporting requirements in the EU financial services acquis against the five Better Regulation criteria (effectiveness, efficiency, relevance, coherence and EU added value) using the following specific evaluation questions.

Effectiveness

·Have EU supervisory reporting requirements improved the information available to supervisory authorities? Do they yield sufficient data that meets the reporting objectives, and is it of good quality, timely and comparable? Are there any data gaps?

·To what extent are the data provided useful and actually used to fulfil supervisory functions?

·To what extent has EU supervisory reporting contributed to achieving the intended wider objectives of improving financial stability, market integrity and investor/consumer protection?

Efficiency

·Is EU supervisory reporting set up in a way that allows reporting entities to provide the data, and supervisory authorities to use the data in an efficient manner?

·What are the main drivers of the costs and burden of EU-level supervisory reporting?

·Are the costs of EU-level supervisory reporting — for reporting entities as well as supervisors — justified and proportionate to the benefits they generate?

·Is there any scope to increase the efficiency of EU-level supervisory reporting, i.e. reducing the costs (e.g. by streamlining and simplifying) without compromising its objectives?

Relevance

·Have the objectives of EU supervisory reporting proven to be appropriate for the supervisory needs?

·Are the reporting objectives still relevant given the developments in financial services?

·Are the technical aspects of the reporting process still relevant, in particular with respect to developments in the fields of modern information and communication technologies (ICT)?

Coherence

·Are the reporting requirements consistent across the different EU reporting frameworks (e.g. in terms of scope, content, definitions, methodology, timing/frequency of submission, etc.)?

·Are some data reported multiple times, when they could be reported once and then shared and used for multiple purposes?

·Are EU supervisory reporting requirements consistent with other reporting obligations?

EU value added

·What is the additional value of EU-level reporting requirements compared to what could be achieved by the Member States at national level? 

·Has the adoption of supervisory reporting requirements at EU level facilitated supervisory reporting?

·Is there a need to increase or reduce the level of EU harmonisation and standardisation to enhance the effectiveness and efficiency of supervisory reporting?

4.METHOD

The fitness check assessed EU supervisory reporting requirements in the relevant legislative frameworks at different levels of detail, from the reporting requirement level, as set out in the legislative acts, down to the detailed data point level.

The following information was collected and analysed:

(I)information on legislative acts and related documents in force, and the relationship between them;

(II)information on supervisory reporting requirements, what type of data they pertain to, and to which entities they apply (i.e. ‘who reports what to whom’);

(III)detailed information on the way data are reported (e.g. data modelling, messaging formats, standards used, etc.);

(IV)information on the impact and benefits of supervisory reporting requirements;

(V)information on the costs of compliance with supervisory reporting requirements; and

(VI)information on any problems identified by stakeholders involved in reporting, processing, or receiving data. 

Section 4.1 provides an overview of the inputs used for the fitness check. Section 4.2 discusses the baseline (or counterfactual) against which EU supervisory reporting requirements are evaluated. Section 4.3 presents some limitations of the exercise.

4.1Inputs into the fitness check

Various activities have been undertaken within the framework of the fitness check, including an open public consultation (OPC) followed by a targeted consultation for national competent authorities (NCAs), an external study on compliance costs, a detailed mapping of reporting obligations, a dedicated stakeholders expert group, as well as a series of workshops with representatives of financial services companies, and one workshop dedicated to NCAs. These inputs generated a significant amount of information, which was processed and completed with the internal assessment. A short overview of the fitness check activities is available in the following sub-sections.

1.

2.

3.

4.

4.1.

4.1.1Open public consultation 

The public consultation ran from December 2017 until March 2018, and was open to any interested parties, but primarily aimed at stakeholders directly or indirectly involved in supervisory reporting, either on the reporting side or on the side receiving and/or processing the reported data. The consultation aimed to gather three different types of information: (i) information on whether supervisory reporting requirements are fit for purpose and functioning effectively and efficiently; (ii) quantitative data on the cost of compliance with these requirements; and (iii) suggestions for areas where supervisory reporting requirements could be simplified and streamlined.

The public consultation generated 391 responses from a variety of stakeholders, including the financial services industry, supervisory and regulatory authorities, business associations and standardisation bodies. Responses were received from most EU Member States, as well as a few third countries. The public consultation provided a vast amount of information which contributed directly to the assessment. The feedback provided an overview of stakeholders’ interpretation of the effectiveness, efficiency and coherence of EU-level supervisory reporting, and an in-depth look at the burdens faced by reporting entities when complying with EU-level supervisory reporting requirements, including examples of specific issues, as well as their impact on the respondents. However, despite containing specific questions on the costs of compliance with EU-level supervisory reporting requirements, the consultation provided mainly qualitative information, with more limited evidence submitted on such costs.

The summary report of the public consultation is provided in Annex 3.

4.1.2Conference on ‘Preparing supervisory reporting for the digital age’

A conference involving more than 200 participants was held on 4 June 2018. It brought together institutional knowledge, industry expertise and academic research to look at the current challenges and future opportunities related to supervisory reporting. The conference started with a presentation and discussion of the Commission’s fitness check and the results received in the open public consultation. The conference also included a panel discussion on the reporting burden for regulated entities and how this compares with the information needs of supervisors. This debate provided insights that better delineate what is effectively required to make sure that supervisors and regulators can carry out their tasks effectively without imposing excessive burdens on financial institutions. A second panel focused on the various ICT challenges and potential technological solutions to improve supervisory reporting so as to ensure that legislation is fit for purpose and able to accommodate new technologies. Panellists offered concrete suggestions on how to streamline and simplify supervisory reporting by taking advantage of opportunities offered by new technologies.

While the conference was mostly forward looking, the presentations and discussions allowed for a better understanding of the issues at stake in the current fast-moving technological context, and provided additional input on the issues faced by stakeholders, building on the initial findings from the open public consultation.

4.1.3External study on the cost of compliance 

In preparation of this fitness check, an external contractor was commissioned to analyse the costs of compliance for companies operating in the financial sector, focusing in particular on the costs of complying with EU-level supervisory reporting obligations. A similar study on the compliance costs for selected financial sector measures was carried out for the Commission and published in 2009 61 . The 2009 study established the baseline cost situation before the introduction of numerous new pieces of EU legislation in the wake of the financial crisis, against which the costs of the new post-crisis requirements could be compared.

The results of the study provide, for a cross-industry and cross-country sample of EU financial services companies, an overview of the overall and incremental costs of compliance with EU financial services legislation that has either been introduced or significantly amended since 2008, including the share of those costs attributable to supervisory reporting. The study identifies the scale, nature and main drivers of these costs, and highlights which reporting frameworks contribute the most to these costs. The aim of the study was to provide as granular data as possible, providing estimates of the parts of total compliance costs that could be attributed to supervisory reporting, distinguishing between different types of cost and where possible attributing those costs to different pieces of legislation.

The results of the study, and its limitations, are summarised in Section 5.4 and in Annex 5 62 .

4.1.4Mapping of reporting requirements

A detailed mapping of reporting requirements was conducted to feed into the fitness check 63 . The mapping covered all existing supervisory reporting requirements down to the data point level, with a twofold aim: (i) providing a comprehensive overview of what is reported at the very detailed level under each legislative framework; and (ii) identifying any overlaps and inconsistencies. The data point analysis was carried out by an external contractor.

An inventory of all reporting obligations down to the data point level provided an important first step for this fitness check. Without such a detailed list of reporting obligations, there would be no way to identify in a systematic/comprehensive way whether or not overlaps and inconsistencies exist, as claimed by stakeholders in the feedback to the Call for Evidence and the open public consultation for this fitness check.

Before the contractor could carry out the in-depth analysis, a single data model needed to be applied to all reporting frameworks. The Data Point Modelling (DPM) approach was chosen as it had already been developed and applied by the European Banking Authority (EBA) for CRDIV/CRR and by the European Insurance and Occupational Pensions Authority (EIOPA) for Solvency II, which are among the most complex frameworks under review. Nonetheless, some adjustments to the existing DPMs had to be undertaken to align them for the purposes of the assessment.

The project resulted in a DPM database covering all reporting requirements and data points derived from the structured supervisory reporting frameworks that fall within the scope of this fitness check. The contractor used this to analyse overlaps and inconsistencies in reporting requirements. The resulting inventory of reporting requirements and data points is presented in Section 5 (with more detail contained in Annex 6).

4.1.5Stakeholder Roundtable 

A Stakeholder Roundtable (SRT), consisting of the representatives from the three European Supervisory Authorities, the ECB, the Single Supervisory Mechanism (SSM) and the Single Resolution Board (SRB), was set up and met on a regular basis during the assessment. It supported the work of the fitness check by providing detailed technical input and on-the-ground knowledge of supervisory reporting.

The SRT helped to guide the work of the fitness check, to gather input from the regulatory and supervisory side, and to validate the findings of the fitness check and in particular the results of the mapping of reporting requirements. It also allowed for constructive dialogue between the different EU-level authorities and helped build understanding and consensus.

Specifically, during the meetings of the SRT and in numerous other exchanges, the roundtable members provided detailed technical input and on-the-ground knowledge of and experience with supervisory reporting. This included information on: (i) issues faced specifically by supervisors; (ii) the costs of reporting for supervisory authorities; (iii) the processes involved in developing and implementing Level 2 legislation and Level 3 tools; and (iv) cooperation among EU and national supervisors. The roundtable also assisted in the review of claims raised by industry stakeholders and the results of the detailed mapping, and provided feedback on issues identified during the assessment.

By providing a forum for constructive and ongoing dialogue between the different EU-level authorities, the SRT helped to build understanding of and consensus on a range of issues. There was support among the roundtable’s members for continuing such dialogue in future.

4.1.6Industry workshops 

To extend the discussions launched in the SRT to a broader range of stakeholders, and in particular to representatives of the financial services industry, a series of workshops were organised as part of the fitness check during November and December 2018. This was also necessary following the discussions started at the conference on ‘Preparing supervisory reporting for the digital age’ and to dig deeper into some of the input obtained from industry during the open public consultation. Three workshops were held with the industry, covering insurance, banking and financial markets, including asset management. The workshops, which gathered between 15 and 35 participants each, usually lasted a whole day, apart from the insurance sector workshop, which was slightly shorter. Each workshop covered issues specific to the sector or type of stakeholder and allowed for in-depth discussions with the reporting experts that attended.

The workshops confirmed issues raised both in the open public consultation and during the conference, including the fact that precise figures for the cost of compliance with supervisory reporting requirements are not readily available. However, new issues and additional information were also gathered, including specific examples and points of view. Some participants sent additional written information as a follow-up to the workshops, including concrete difficulties with the supervisory reporting requirements in their respective areas. The workshops therefore contributed directly to a better understanding of the situation, and helped initiate an important dialogue with a cross-section of stakeholders. Importantly, they also allowed the stakeholders to hear different points of view. The results of the workshops helped to finalise and better define the sector-specific issues presented in detail in Annex 3.4.

4.1.7NCAs workshop and targeted consultation

As comparatively little feedback was received from NCAs during the open public consultation, the Commission undertook additional effort to reach out to supervisory authorities. This included a targeted consultation aimed specifically at this group of stakeholders and an accompanying workshop. The consultation consisted of questions designed to address specific issues from the perspective of the recipients of supervisory data.

The Commission received 44 consultation responses from 35 NCAs in 27 EEA Member States. The targeted consultation aimed to gather information on the benefits of EU reporting requirements, the usage of the reported data and data quality. Feedback was also received on the NCAs’ views and experience of the different reporting processes and on the implementation timelines for EU-level supervisory reporting requirements. The results of the targeted consultation are summarised in Annex 3.3.

As noted in the context of the open public consultation and the workshops with industry stakeholders, a large majority of respondents were unable to provide any data that would quantify the costs and burdens of supervisory reporting for NCAs.

The workshop gathered 23 participants from the NCAs of 13 countries, plus 6 representatives from ESAs. The discussions focused on: (i) the supervisory needs for data; (ii) the different uses of supervisory reporting; (iii) the interplay between EU and national requirements; (iv) the challenges encountered by national authorities with supervisory reporting and; (v) the potential areas for improvement and the vision for the future.

4.1.8Internal assessment 

The external input was assessed and complemented by an internal information-gathering and analysis exercise. This consisted first of all of a review of all EU legislative frameworks on financial services to identify the final scope of the assessment. Further information was also collected and analysis undertaken to complete this fitness check, including: (i) the situation prior to the crisis; (ii) the initial motivation for introducing supervisory reporting requirements in specific sectors or in specific legislative acts, and the objectives of these requirements; (iii) the expected impacts and overall costs of the legislation (primarily as presented in the respective impact assessments); (iv) the set-up of the respective reporting systems; (v) the actual impact of the reporting requirements: and (vi) any ongoing or planned revisions of the reporting requirements at both Level 1 and Level 2. Finally, the internal assessment included the review and analysis of all information gathered through the consultations and external studies.

Information processing and triangulation

In order to assess EU-level supervisory reporting requirements on the basis of the five Better Regulation criteria, information from the different sources had to be analysed and triangulated, and the results then had to be verified as far as possible.

The main sources of the underlying information which fed into the assessment are set out below.

·To identify the list of issues faced by stakeholders, both reporting entities and the supervisory authorities, information was gathered from the open public consultation, the conference, the workshops, the targeted NCA consultation, and the Stakeholder Roundtable discussions.

·To assess the cost of complying with EU-level supervisory reporting requirements and the main drivers of those costs, the information came from the open public consultation, the external compliance cost study, the targeted NCA consultation and the SRT.

·To identify any overlaps and inconsistencies across EU-level supervisory reporting requirements, the sources were: the detailed mapping exercise for providing the full overview of reporting requirements and data points;

·To identify problems specific to the supervisory authorities and also to obtain more detailed information on the actual data needs and data uses, the assessment drew on the NCA workshop, the targeted consultation, and the SRT. 

·To identify challenges in the process of adopting reporting requirements, including challenges and divergences at Member State level, the information came from the stakeholder roundtable and the internal assessment.

The assessment started with the results of the open public consultation. An in-depth analysis of the feedback resulted in a preliminary list of themes or issues with EU supervisory reporting, and initial insight into the costs of compliance. It also allowed for the identification of any divergences between the views of different groups of stakeholders (i.e. industry, NCAs, EU authorities). The preliminary list of key themes was developed taking into account: (i) the frequency and significance of a particular issue raised by stakeholders; (ii) the examples and level of detail provided to support concerns with concrete evidence; and (iii) the extent to which different types or groups of stakeholders shared the view. The open public consultation results provided an initial and in large parts subjective (i.e. from the stakeholders’ perspective) view of the effectiveness, efficiency, relevance, coherence and EU value added of the supervisory reporting requirements. In particular, given the low response rate from public authorities — and therefore from supervisors — the list of themes at this stage was over-representative of the views of the industry.

The conference provided input which helped fine-tune the list of themes. It also contributed to better understanding the underlying specific issues (i.e. examples of specific problems) and how they impact various stakeholders.

The targeted consultation of the NCAs was to a large extent aimed at correcting the shortcoming and at providing more information from the supervisors’ perspective. It provided a significant amount of information on the challenges faced by supervisory authorities, as well as the costs they faced as a result of EU-level supervisory reporting. Moreover, it helped the assessment of supervisors’ actual needs and different uses of data. In parallel, the workshops with NCAs and industry were used on the one hand to present the initial findings of the fitness check to the stakeholders and on the other hand to gather feedback on the issues identified so far, clarify questions and gather additional evidence and further specific examples.

The discussions at the workshops and the input from the targeted NCA consultation, combined with input gathered during regular meetings of the SRT, had two main achievements. First, they provided a deeper perspective into the effectiveness, efficiency, coherence and EU added value of the reporting requirements. Second, they made it possible to finalise a draft list of main themes and issues, supported by concrete specific examples. At this stage, the views of the reporting entities were compared with those of supervisory authorities to provide a balanced assessment and, for example, remove any claims of burdensome reporting requirements when these requirements are in fact justified to achieve the objectives. The list of themes and supporting evidence and specific examples was then consulted internally and through the SRT and fine-tuned where necessary.

The detailed mapping of the reporting requirements, including overlaps and inconsistencies, was cross-checked against the specific examples of overlaps and inconsistencies gathered via the various consultation activities. This made it possible to further develop the assessment of the reporting requirements, in particular, as regards their coherence and efficiency. This verified whether any specific overlaps and inconsistencies are justified and should therefore not be treated as an issue.

The results of the study on the costs of compliance were compared with those gathered in the open public consultation and with the outcome of the detailed mapping exercise to identify the most costly and problematic reporting frameworks. They also directly fed into the analysis of the efficiency of supervisory reporting.

Input gathered via the SRT was cross-checked against the results of the internal assessment to identify issues related to the development and implementation of EU-level supervisory reporting requirements. Similarly, roundtable input was collated with the feedback to the OPC, the targeted consultation, and information gathered in the NCA workshop to further develop the assessment of the effectiveness and added value of EU-level supervisory reporting.

4.2Point of comparison for the analysis

Any evaluation needs an appropriate point of comparison to help capture the change that EU action in this field has brought over time. The current fitness check was motivated by the major overhaul of the EU regulatory and supervisory framework for financial services in the wake of the financial crisis that started in 2007/2008. Conceptually, the main baseline (or counterfactual) is a situation in which the EU would not have acted. However, in practice, this approach is complicated by the nature of the fitness check, being as it is an evaluation of a group of interventions. Some of the legislation within the scope introduced reporting requirements in areas where no data was previously gathered, while others reinforced existing EU-level requirements, and yet others introduced EU requirements that harmonised existing national rules. Moreover, the timing of reforms differed, as some measures had already started to be developed before the crisis occurred. In practice, it is also difficult to identify the reform measures that would have been taken at national level if it had not been for EU-level intervention (see Section 4.3 on limitations below).

More importantly, for the purposes of this fitness check, the baseline for comparison depends on the evaluation criteria and related evaluation questions to be assessed. The effectiveness analysis, for instance, investigates whether the objectives of the legislation are met, and hence uses the desired outcome as a point of comparison.

Efficiency-related evaluation questions in principle have different counterfactuals: when looking at whether the intervention has been implemented in the most efficient manner, or if the current level of efficiency can be improved, the actual situation is compared to a desired, ideal outcome. Elsewhere, when costs and benefits are analysed to determine if the intervention was justified and proportionate, the assessment needs to look at the situation before the intervention. As reporting was not systematically assessed in the impact assessments of the various pieces of legislation within the scope, this rules out a comparison of actual and expected impacts.

When assessing the relevance of reporting, the needs for supervisory reporting both at the time and today are considered. Finally, for both the coherence and the EU value added assessments, the relevant point of comparison is the situation without EU-level intervention, although for some evaluation questions the current situation is assessed against an ideal situation to examine the scope for improvement.

The issue of the relevant baseline is mostly of a conceptual nature, and much of what follows simply seeks to answer the evaluation questions at hand and/or present the areas where problems or scope for improvement have been identified. The baseline matters most for the quantification of costs and benefits of reporting, which is inherently difficult when it comes to supervisory reporting, as further discussed below in Section 4.3 on limitations. In the study of compliance costs, the contractor provides a detailed discussion of the counterfactual and considers various benchmarks, such as a previous cost study capturing compliance costs of the pre-crisis framework.

4.3Limitations of the analysis 

The following sets out the main limitations in the methodology used and evidence available. These were taken into account when the assessment was conducted and conclusions reached.

Scope

As already set out in Section 1.2, the scope of this fitness check is broad and covers a multitude of EU-level reporting requirements across several financial services sectors (e.g. banking, insurance, asset management). An exhaustive assessment would in principle need to answer the evaluation questions separately for each and every legislative framework within the scope and conduct a detailed cost-benefit assessment of all the reporting requirements. This was not the purpose of this fitness check, nor would this have been feasible. Instead, the fitness check focused on identifying the main cross-cutting issues and drawing the main conclusions that apply across different reporting frameworks.

In practice, it turned that many issues raised are actually sector- or even legislation-specific. While this made it more difficult to arrive at a single set of conclusions, it also suggests that the number of problems faced by a single reporting entity may not be as significant as was suspected. This is because many of the reporting requirements will simply not be relevant to particular entities e.g. an asset manager will not be concerned by reporting requirements aimed at insurers, while any inconsistencies between the relevant frameworks are of little impact in practice. Although the presentation in this fitness check broadly follows a cross-cutting approach, sector-specific issues are also presented where possible.

Due to the sheer volume of requirements, the analysis did not, however, provide a detailed assessment of each and every requirement and related data points in all the frameworks within scope.

One of the main elements of the fitness check was an assessment to check for overlapping requirements across different reporting frameworks within scope, which was a repeated claim of the reporting entities. The fitness check aimed to undertake this assessment at a level that was as detailed as possible; in this case, this meant at the level of the individual data points which need to be reported by the supervised entities. The assessment faced the difficulty that for a number of the legislative frameworks, data point models had not been developed and hence could not be used to examine data points across different frameworks on a comparable basis. Therefore, to allow for an assessment at data point level, such models had to be developed by the external contractor carrying out the in-depth mapping exercise. A number of difficulties were encountered in this process, resulting from the complexity and, in some cases, from the lack of a clear and consistent definition of what needs to be reported. Given the scale of the exercise, the underlying models and resulting mapping of requirements and data points were not verified with the technical experts of the ESAs 64 . The results of the overlap analysis were discussed with the SRT.

Incremental nature of EU requirements

In many areas, national supervisory reporting requirements preceded those at EU level, and in a number of cases they continue to exist in parallel to the new EU-level reporting requirements. Hence, not all supervisory reporting requirements introduced at EU level were completely new for reporting entities, and not all EU requirements present significant add‑ons. Also, even if EU requirements were dropped or had never been adopted, this would not imply the removal of reporting obligations. In the hypothetical case of no EU requirements, it is likely that individual Member States would have increased information demands on financial institutions following the financial crisis. The extent and level of divergence of any additional national requirements would significantly influence the point of comparison with EU requirements. Identifying the true ‘incremental’ impact of EU legislation is therefore difficult, even conceptually.

Furthermore, some of the EU legislation adopted or revised since the financial crisis contains only minimum harmonisation provisions, where differing national requirements are permitted and in many cases remain in place. This coexistence of national and EU-level reporting requirements, and the mixture of maximum and minimum harmonisation requirements, created challenges when trying to isolate the impact of the EU requirements. In practice, it was not always possible to assess the EU requirements’ true incremental impact. For instance, the already complex task of measuring the cost of compliance was further complicated by the need to measure only the effects of the incremental EU requirements.

Difficulty of gathering information on costs and benefits

Information — and in particular precise quantitative data — on the cost of compliance with EU-level supervisory reporting requirements was very difficult to collect. There are many reasons for this, in addition to the above problem of isolating the incremental impact of EU requirements as opposed to purely national requirements. This can be illustrated with a few examples: (i) many of the EU-level supervisory reporting requirements are quite new and are still in the process of being implemented, and stakeholders have simply not yet had the time or enough data to estimate costs; (ii) costs incurred in complying with supervisory reporting requirements are often not measured separately from other (substantive) compliance costs, and occasionally not at all; and (iii) some costs incurred in complying with supervisory reporting requirements are inseparable from other administrative costs (e.g. in the case of introduction of a new IT or management system). Even in cases where data was collected, it was often incomplete and incomparable (i.e. including different parameters, presented in different ways, etc.). This applies to the compliance costs of the financial services industry, but also to the costs of supervisors receiving and processing the data. The external contractor conducting the compliance cost study also incurred these difficulties. The results are presented in Section 5, with more details of the methodology used (and its limitations) in Annex 5.

Gathering information on the benefits of supervisory reporting was even more challenging, and the fitness check suggests that a quantitative assessment in monetary terms is, for all intents and purposes, impossible. No such measurements are currently being carried out by any of the stakeholders. It is inherently difficult to measure the benefits of supervisory reporting because they ultimately depend on the fulfilment of the wider objectives of financial stability, market integrity and consumer/investor protection. Attributing the incremental contribution made by access to supervisory data is challenging. While data on compliance costs is presented, the analysis of benefits is therefore mostly qualitative.

The above limitations (i.e. the significant uncertainties and data gaps) make robust assessments difficult and limit significantly the extent to which cost-effectiveness can be analysed. In practice, the difficulty of quantifying benefits meant that some degree of judgement was required to assess whether costs are justified and proportionate. This often meant that the assessment had to rely on the views of policymakers and stakeholders. However, this in itself is a limitation of the assessment, and is presented below.

Sample representativeness

The assessment relied to a significant extent on stakeholder input, as there is little literature or other evidence on the technical topic of EU supervisory reporting. As with all voluntary online surveys, participation in the OPC was decided by the respondents, and the responses were skewed (e.g. with a disproportionately high response rate from one Member State and one industry sector, and very few responses from consumers or their representatives). Efforts were therefore made to correct the results’ non-representativeness. In order to increase the input from the supervisory side, a separate targeted consultation was run that had a high response rate. Efforts were also made to assess the issues faced by industry in different sectors. This was achieved by organising workshops and through select additional meetings with reporting experts. The various stakeholder consultation activities helped to get a comprehensive view of the situation, with all viewpoints reflected. In many cases, the different stakeholders took opposing views. For example, industry representatives considered certain requirements superfluous, whereas national supervisors insisted they provided important information. Where conflicting views emerged, a balancing assessment was needed and provided by the Commission, also in further discussion with the European supervisors. Where such a balancing was not possible, the different viewpoints are presented.

Assessing a ‘moving target’

Supervisory reporting requirements in EU legislation are evolving. Many requirements have only recently been implemented, and some are yet to enter into force (see Section 1.2 and the detailed descriptions in Annex 6). Also, requirements are being reviewed and changed (see Section 2.3). As mentioned in Section 1.2 on the scope of the fitness check, a choice had to be made on the cut-off date for the supervisory reporting requirements which would be included in the assessment. While this has allowed a fixed scope for the project to be determined, it also meant that certain important (or particularly burdensome or costly) reporting requirements introduced just after the cut-off date would not be taken into account. This problem has been mitigated by extending the initial scope to: (i) include a number of revised Level 2 measures adopted shortly after the cut-off date; and (ii) consider all issues raised by stakeholders irrespective of the cut-off date. However, recent developments such as the adopted packages reviewing EMIR, CRR/CRD, BRRD and SRMR and other ongoing or upcoming requirements, such as the sustainability-related data requirements (e.g. regarding the exposures to climate and broader environmental sustainability related financial risks), meant that the set of reporting requirements on which the assessment is based is no longer fully up-to-date when this report was drafted and finalised. As a result, it does not fully reflect the current or upcoming reporting requirements for EU financial institutions.

5.STATE OF PLAY: OVERVIEW OF EU SUPERVISORY REPORTING 

This chapter provides an overview of EU supervisory reporting. The different stages, starting from the setting of the requirements in EU legislation through to the use of the data by supervisors, are illustrated in Figure 5.1. The chapter first describes how the requirements are laid down in EU legislation and implemented, before moving on to an overview of the actual data collection (i.e. what kind of data is reported, how frequently, by whom, to whom, and for what purpose). The overview is supported by summary statistics of the number of requirements, data tables and data points under the different pieces of legislation. The actual use of the data by supervisors is further assessed in Section 6.1. The chapter also provides a short overview of the benefits and costs of supervisory reporting.

Figure 5.1: Main stages of EU supervisory reporting

Source: DG FISMA.

5.1Development and set-up of EU-level supervisory reporting requirements

The requirement to report data for the purposes of ongoing supervision is only one of many requirements of EU financial services legislation. In most cases, this requirement is secondary to the main substantive requirements of particular EU legislation. For this reason, EU-level supervisory reporting requirements are, almost exclusively, not dealt with in separate legislative acts, but are spread across different pieces of legislation dealing with different matters in different sectors. Within these legislative acts, supervisory reporting requirements are usually covered by one or more specific articles, but in most cases make up a fairly small proportion of all (substantive) requirements.

The description of a particular requirement is set out in legal texts at different levels, reflecting the general set-up of EU financial services legislation:

·Level 1 legislation, in the form of regulations or Directives, sets out the general framework and broad outlines of EU rules and requirements for the financial sector. In terms of supervisory reporting requirements, Level 1 acts set out the broad outlines of the reporting requirements, identifying at the general level what needs to be reported by whom to whom and, in some cases, how frequently. Level 1 acts also set out various conditions and/or exemptions relating to these requirements.

·Level 2 legislation sets the more detailed and technical aspects of EU-level rules and requirements. In terms of reporting requirements, these are set out in Regulatory Technical Standards or Implementing Technical Standards (RTS and ITS), drafted by the ESAs and adopted by the Commission by means of delegated or implementing acts. They determine aspects of reporting such as the form in which data is to be reported, the format, templates, standards, and identifiers which need to be used, and specific deadlines.

In addition, at level 3, the ESAs and other EU-level supervisory authorities have a number of powers which go beyond Level 2 legal acts. These are to support the establishment of high-quality common standards and practices and to support the harmonious implementation of the reporting requirements. These tools consist of Level 3 acts such as guidelines and recommendations, and other instruments and tools, such as opinions or Q&As aimed at ensuring supervisory convergence 65 . The ECB (SSM) and SRB also issue guidelines and Q&As, based on the mandate provided under the Level 1 legislation, but this is not further described here 66 .

A summary of the legislative process for setting EU supervisory reporting requirements is sketched out in Figure 5.2.

Figure 5.2: The legislative process in the EU

Source: DG FISMA. 

The Level 1 act is proposed by the European Commission, subject to an impact assessment, public consultation and other processes under the Better Regulation agenda, and is adopted by the European Parliament and the Council as either a regulation or a directive. As far as supervisory reporting requirements are concerned, requirements in these acts are often specifying only the broad outline of the reporting requirements. For this reason, the acts often also include a mandate for the ESAs to prepare the technical details of the RTSs and/or ITSs that further lay down the specific aspects of these requirements. In most cases they also include specific deadlines by which the Level 2 acts are to be adopted, and occasionally provide for one or more reviews in the medium term. However, there is a fair amount of variance between different Level 1 acts as to the level of detail they include directly and that which they delegate to the ESAs.

In preparing the relevant technical standards, the ESAs take into account the empowerments under the relevant Level 1 act as well as the needs and demands of the NCAs and the impact on the reporting entities. In order to ensure that the supervisors’ needs and the impact on reporting entities is taken into account, the ESAs are required to consult interested stakeholders when developing RTSs and ITSs. Such consultations are a key part of the development process, and are undertaken by the ESAs for all new or revised requirements, unless such consultations are disproportionate to the scope and impact of the RTS or ITS concerned or given the particular urgency of the matter. In this way, the ESAs ensure that the reporting entities receive advance notice of what is under consideration and have an opportunity to provide their views. Once the ESAs’ draft RTSs or ITSs have been finalised, they are then submitted to the European Commission for endorsement. In principle, the RTSs/ITSs should be adopted by the Commission within 3 months of submission, but this can take longer in practice if adoption necessitates legal and technical discussions 67 . In the case of RTS, the final draft of the delegated act adopting the standard is then sent to the European Parliament and the Council for a scrutiny period and subsequent adoption 68 .

Based on this implementation and monitoring role, the ESAs are also responsible for initiating any revisions of RTSs and ITSs. These revisions can be undertaken to: (i) further specify certain elements of the reporting requirements (for example further to questions raised by reporting entities during the implementation); (ii) correct elements which are not working as expected; (iii) introduce new elements; or (iv) reflect various developments (market, IT, etc.). RTSs and ITSs may also need to be updated as a result of a revision of the corresponding Level 1 acts. Any amendments to existing RTSs and ITSs arising from such revisions are adopted in following the same procedures as for the initial standards.  

Day-to-day monitoring of the implementation of supervisory reporting requirements is primarily the responsibility of the ESAs. As original authors, but often also as immediate or secondary recipients of the data, the ESAs work closely with NCAs to ensure that the data is reported in line with the requirements and, where applicable, reported on time and with satisfactory quality. To support this work, the ESAs prepare guidance to clarify what is to be reported, how and when 69 . Level 3 documents include:

·Q&As: Questions are submitted to the ESAs by a variety of stakeholders, including reporting entities, competent authorities, consultancy firms and IT providers. The main purpose of the Q&As is to foster and facilitate consistent and effective application of the regulatory framework. Submitted questions are analysed and draft answers are prepared by representatives of the ESA or national authorities and submitted to a review and approval procedure involving all competent authorities, as applicable 70 .

·Guidelines and recommendations: The power to issue guidelines and recommendations can be included in the sector-specific Level 1 text or can be drawn from the ESAs founding regulations. In both cases, the ESAs draw up a draft proposal. Guidelines and recommendations vary in terms of content and objective; in the specific case of reporting, they can be an instrument to specify further existing reporting obligations or define additional reporting practices. Proposals for guidelines and recommendations are typically published for consultation for a period of three months. The feedback received is analysed and the proposal for the guidelines and recommendations revised. After adoption by the ESA’s Board of Supervisors (composed of the ESA Chair and National Supervisory Authorities), the guidelines and recommendations are translated into all EU languages and subject to a comply-or-explain procedure 71 .

5.2Who reports what to whom 

Table 5.1 provides an overview of the EU financial services legislation within the scope of this fitness check, summarising the general objective of the legislation, the relevant financial service or activity covered, and broadly what supervisory data needs to be reported 72 .

The main recipients of the data are the NCAs and relevant EU authorities which both use the data to fulfil their various supervisory functions. The data is not reported to the European Commission, which does not act as a supervisor.

For each framework in scope, Annex 2 and Annex 6 provide a more detailed description of who needs to report what to whom, as well as the detail about the relevant legal acts at Level 1 and 2.

Table 5.1: Overview of supervisory reporting in EU legislation in scope 

Source: DG FISMA.

EU financial sector legislation and related supervisory reporting requirements serve different objectives and are structured by sector, applying to the relevant entities that provide a particular financial service or engage in a particular financial market activity. The objective of the legislation determines also what data needs to be reported, the required level of granularity of that data, the format of the data, the frequency with which it needs to be reported, and the authorities who ultimately receive the data. Moreover, depending on the nature of the reported data, there is a variety of channels in which the data makes its way from the reporting entity to the relevant authorities. For example, it may be submitted sequentially from the reporting entity to the NCA and then onwards to the relevant European authority to allow for EU-wide supervision. Alternatively, it may flow through intermediaries, which pass on the data to the supervisors or allow supervisors to access the data as needed.

Some frameworks serve the purpose of prudential supervision and hence provide for detailed prudential reporting to assess the resilience of individual financial institutions, including banks and investment firms (CRR/CRD IV) and insurance companies (Solvency II). Reporting requirements concern, for example, the capital adequacy and risk exposures of the firms in question. The data is provided on the basis of detailed templates and data point models. In these cases, reporting follows the ‘sequential approach’, whereby reporting entities submit data to their NCA, which then pass on the data to the relevant ESA (see Figure 5.3). The sequential approach combines supervision at national level with close coordination at EU level, with the aim of encouraging regulatory harmonisation and supervisory consistency between the NCAs and the relevant ESA.

In addition, since the crisis, the BRRD requires banks to report to the authorities to facilitate their recovery and resolution in the event of failure. This reduces the risk of taxpayer bail-outs as occurred during the crisis and as such also contributes to the wider financial stability objective.

Furthermore, for significant entities in the Banking Union that fall under the supervision of the SSM, the rules provide for supervisory data to be made available to the ECB, which is in charge of supervision for those entities, and for resolution data to be made available to the SRB. The SSM and SRM Regulations do not contain any ‘structured’ requirements (i.e. data tables) at Level 1 or Level 2, but grant powers to receive and request data 79 . Separately, bancassurers and other financial conglomerates are subject to the FICOD Directive, which governs the supplementary supervision (and related data flows) for these entities, without ‘structured’ requirements at Level 1 and Level 2.

Figure 5.3: Reporting to monitor the resilience and conduct of financial institutions 

Source: DG FISMA.

The data also flows sequentially in the area of fund management. In particular, the AIFMD requires managers of alternative investment funds (e.g. funds of funds, hedge funds, private equity funds, real estate funds) to report information about the relevant funds, including the investment strategy, the fund’s leverage, the main markets and instruments in which an AIFM trades on behalf of its managed AIFs. The AIFMD implements in the EU the G20 agreement following the crisis that hedge funds or their managers should be registered and required to disclose appropriate information on an ongoing basis to supervisors or regulators.

In the case of retail investor funds, the UCITS Directive mandates the publication of certain reports (an annual report, a half-yearly report and a prospectus) that the investment companies also have to send to their respective NCAs 80 . Even though the Directive sets out a minimum content for these reports, other details of reporting remain at the discretion of NCAs 81 . These reports are public and focus on retail investor protection, but NCAs use them also for supervisory purposes. 

Besides the reporting by different financial entities for prudential purposes or to monitor the business conduct of individual institutions 82 , the other key area of reporting concerns transaction reporting. To improve the transparency of markets and facilitate the supervision of specific activities and risks in those markets, the entities involved in financial transactions (e.g. investment firms, market infrastructure providers, non-financial counterparties) are required to report the financial transactions which they execute. The legal frameworks in place apply to different types of financial instruments and different types of transactions (on a trading venue and bilaterally over-the-counter). The frameworks with the most requirements include MiFID II/MiFIR, which covers financial instruments traded on a trading venue or where an underlying instrument is traded on a trading venue, and EMIR for derivatives reporting. The SFTR reporting of repurchase agreements (repos) and other securities financing transactions is due to start in April 2020.

Transaction reporting aims to collect data on financial transactions on an ongoing basis, but usually with a small delay, e.g. within one day of the relevant transactions under EMIR and MiFIR. Transaction reporting is done on the basis of structured templates, with precise instructions on what needs to be reported, how, and using which formats and templates. Transaction reporting generates very granular data pertaining to each individual transaction, which is in contrast to other types of supervisory reporting, e.g. in banking or insurance, which tend to gather aggregated data collected at set frequencies (e.g. annually, semi-annually).

Under EMIR, both counterparties to the trade report their derivatives transactions to one of a number of trade repositories 83 (TRs), which then make the data available to supervisory authorities (both NCAs and the relevant ESAs, as well as certain others, depending on need). Reporting via TRs is also the arrangement under the SFTR. Under MiFID II/MiFIR, reporting entities may choose to submit the transaction reports through a trading venue on whose system the transaction was completed, or through third parties known as Approved Reporting Mechanisms (ARMs) 84 . Trading venues or ARMs then pass that data on to national and European supervisors. These respective processes are depicted in Figure 5.4 below.

Figure 5.4: Transaction reporting

Source: DG FISMA.

85 Although not strictly part of the EU financial acquis, the REMIT Regulation also provides for the reporting of financial transactions in wholesale energy markets, including physical infrastructure-related information such as allocation and use of infrastructure capacity. The Agency for the Cooperation of Energy Regulators (ACER) is the central point of data collection at EU level, and the reported data is subsequently shared in particular with the national (energy) regulatory authorities, competent (financial) authorities, national competition authorities and ESMA. In order to avoid double reporting, REMIT implementing rules require energy derivatives reported under EMIR and/or MIFIR to be provided to ACER by TRs or ARMs.

Reporting also applies to short-selling activities under the SSR, as well as to securities registered in central securities depositories (although reporting under the CSDR is still to be phased in).

This reporting seeks to serve wider market integrity objectives and, where systemic risks are a concern, financial stability. The other type of reporting which contributes to ensuring market integrity is the reporting of data for the prevention of market abuse under MAD/R. In particular, it requires the reporting of suspicious transactions in financial markets and information about insiders with the aim to reduce risks of manipulation or abuse of markets, as well as risks of potential insider trading or illicit communication of privileged information 86 .   

Further detail on who needs to report what to whom, presented separately for each framework, can be found in Annex 2 and Annex 6.

5.3Summary statistics of reporting requirements 

This section provides a ‘quantitative’ overview of the reporting requirements. It is based on the detailed mapping and analysis of reporting requirements conducted as part of this fitness check, providing summary statistics of the number of reporting requirements per framework, the tables, templates and data points.

These quantitative indicators need to be interpreted with care. While they give an indication of the ‘volume’ of requirements and data provided, they do not provide an accurate measure of what is actually reported by individual reporting entities and the related compliance burden. There are different reasons for this as set out below.

Firstly, there are differences in the structure and organisation of reporting requirements within particular legislative frameworks. Aside from the separation between Level 1 and Level 2 legislation mentioned above (framework requirements in the former and more technical requirements in the latter), there is no strict rule on how reporting obligations are organised within a particular legislative framework. While the number of supervisory reporting obligations within a framework often reflects the importance and complexity of the issue being addressed, the number and structure of reporting obligations can still differ significantly between frameworks of a similar nature, or with the same broad objective. Whereas some legislative frameworks might use only one Level 1 article to set out an obligation to report, others may contain several articles which make reference to one another and which are subject to a range of conditions and exemptions. This makes the pure count of articles containing reporting obligations less informative. While not a good indicator per se, the structure of reporting requirements in EU legislation, or the differences in it, contributes to stakeholder concerns about the complexity of reporting, as further discussed in Section 6.

Secondly, given the set-up of EU financial services legislation, not all reporting entities will be covered by all of the reporting frameworks, and even if they are, they will not always be subject to all the requirements contained in them. This will especially be the case for smaller entities with more narrow business activities, which are subject not only to a more limited range of reporting frameworks but also are not required to report on all the reporting templates or tables 87 . Additional exemptions apply under some frameworks to ensure a more proportionate approach to reporting.

Thirdly, the number of data points to be reported does not give an indication of the actual burden of reporting because data volume does not per se reflect complexity. In fact, reporting entities may prefer to pass on all the data they have ready internal access to, as opposed to reporting on a few key indicators that require additional aggregations and adjustments to internal data in order to comply with supervisory requirements.

Finally, as noted before, the scope is focused on supervisory reporting requirements contained in EU legislation (at Levels 1 and 2) for the frameworks listed. Not all reporting is captured and, for example, national implementation or additional national requirements are not considered. Also, while reporting obligations have also been counted for ‘unstructured’ requirements, no count of tables, templates, and data points is provided for the reporting frameworks that do not have any structured reporting requirements in the Level 1 or Level 2 acts (i.e. the SSM and SRM Regulations are excluded from the relevant statistics 88 , and so is FICOD).

The legal texts on which the statistics are based, as well as other information, are presented in Annex 6.

Number of reporting obligations

Chart 5.1 shows the number of reporting obligations per framework. The way the contractor approached the analysis was to: (i) identify all of the different aspects of a requirement to report data (content, form, frequency, deadline, recipient, triggering event, conditions, exemptions, triggers 89 , etc.); and (ii) group these into separate and very specific ‘reporting obligations’ 90 . It should be noted that, at first glance, a legislative act may appear to trigger a single requirement to report certain data (whether presented in one or more articles). However, the approach outlined above may end up generating several different ‘reporting obligations’.’ The chart also shows the number of reporting obligations excluding applications and notifications to focus on regular (repetitive) supervisory reporting as well as reporting upon a request of a supervisor. As a second step, the identified reporting obligations were assessed to determine whether they are structured or unstructured (as defined in Section 1.2). 

The results 91 show that even the frameworks with significant structured requirements also contain additional unstructured obligations to report. A total of 876 supervisory reporting obligations were identified for the frameworks in scope, of which 345 are structured and 531 are unstructured. Excluding notifications and applications the number of obligations goes down to 572, of which 292 are structured and 280 are unstructured. The highest number of reporting obligations was identified in Solvency II, MiFID II/MiFIR and CRR/CRD IV.

For most frameworks, notifications and applications form only a small fraction of structured requirements. In the following sections, which present additional statistics on structured reporting, the applications and notifications are therefore not separated out.

Chart 5.1: Reporting obligations per supervisory reporting framework 

Source: Data mapping conducted by Business Reporting – Advisory Group (BR-AG) on behalf of the European Commission.

Note: The ‘reporting obligation’ is defined as an obligation derived from legal acts to provide specific information required under certain conditions. The chart shows the counts of reporting obligations including application/notifications (striped columns) and excluding those (solid columns). In each case, it shows the split between the number of structured and unstructured obligations. An information requirement is ‘structured’ when a tabular format is present in the relevant L1 and/or L2 measures, or for which such a tabular format could be created without significant doubts. Reporting obligations concerning the exchange of information between competent authorities are excluded.

Number of tables and templates

Structured reporting obligations were also looked at in terms of the number of tables and templates 92 to be reported. Tables and templates are the better indicator of volume and complexity than the reporting obligations, as in practical terms it is on this basis that reporting entities assess their data requirements. However, in line with what was noted above, there is no simple correlation between the number of tables used for a particular reporting obligation and the complexity of that obligation; the fact that more tables are in place for a particular obligation may actually render that obligation easier to meet, as the detailed requirements are very clearly defined and do not leave room for uncertainty, and reporting could therefore be highly or fully automated. In addition, some tables specify the content and format of information to be maintained in the internal records of the reporting entity and made available to the supervisors on request. A more in-depth assessment of the set-up of the tables, the data points which they contain, the definition used, etc. would be required to pass judgement on the complexity of particular reporting obligations to be made. 

As templates can comprise a set of tables, the number of templates is by definition equal or smaller to the number of tables. Note that a single reporting obligation can refer to several tables and templates to be reported; similarly, a single table or template could also relate to multiple reporting obligations 93 . 

As shown in Chart 5.2, the total number of tables is 1,005, of which 747 are closed tables with fixed number of rows and columns 94 - and 258 were classified as open tables 95  -where the number of data to be reported depends on the reporting entity e.g. one row per transaction, with the actual number of rows depending on the volume of transactions 96 . The highest number of tables (and templates) is in place in the relevant legal acts of Solvency II and CRR/CRD IV.

In general, the tables in supervisory reporting obligations are provided for in Level 2 acts rather than in Level 1 legislation 97 . 

Chart 5.2: Tables and unique templates per supervisory reporting framework 

Source: Data mapping conducted by BR-AG on behalf of the European Commission.

Note: A ‘closed table’ is a table with a limited number of rows and columns. An ‘open table’ is a table with a potentially unlimited number of rows and/or columns. The labels correspond to the total number of unique templates and to the total number of tables respectively. A ‘template’ is a structured reporting requirement within a given business area, which can consist of one or more tables. The tables and templates relate to the structured reporting obligations shown in Chart 5.1, including notifications and applications.

Statistics at data point level

The contractor applied the data point model (DPM) approach to the analysis of the data requirements. The EBA DPM was used as a basis to create a single DPM covering all the structured supervisory reporting obligations. Other existing DPMs (e.g. Solvency II developed by EIOPA) were rearranged, both on business and technical level, to be integrated with the EBA DPM for analysis purposes. In cases where for particular frameworks there was no DPM, the underlying requirements were analysed in order to integrate them in the extended single DPM to facilitate analysis across frameworks.

The overall number of data points identified in the analysis for reporting frameworks within the scope of the fitness check is 72,573, of which 68,407 are in closed tables and 4,166 in open tables. The calculation of data points was based on the information requirements described in the Level 1 and Level 2 acts. The number of data points does not refer to the actual size of a report but rather to the number of cells in the tables specified under specific obligations. Specifically, the calculations were carried out as follows:

·for closed tables, a data point corresponds to the number of cells and was obtained by multiplying the number of rows by the number of columns, excluding fields that are not reportable (if any);

·for open tables, the number of data points was considered as being equal to the number of fields to be completed for each entry (e.g. in a single row).

When considering the number of data points associated with each reporting framework, it appears that CRR/CRD IV is the framework with the highest number of data points (43,641 data points), followed by Solvency II 98 (23,001 data points). The remaining frameworks typically contain fewer than 2,000 data points. This is line with the previous statistics. CRR/CRD IV and Solvency II have the highest proportion of structured reporting requirements, the highest number of tables/templates, and the highest number of data points. However, other frameworks also have significant reporting requirements and require high volumes of data to be reported, including reporting frameworks with open tables where the number of actual data to be reported can be very large (e.g. MiFID II/MiFIR, EMIR). Data points in open tables are difficult to compare with those in closed tables, but for overview purposes have simply been added. 

Chart 5.3: Total number of data points per supervisory reporting framework

Source: Data mapping conducted by BR-AG on behalf of the European Commission.

Note: A ‘data point’ is a container defined, for instance, by supervisors to provide a reported fact. In technical terms, it is each combination of one metric and a number of its dimensional characteristics. Usually it corresponds to a ‘cell’ in a closed table. The total number of data points has been obtained by simply adding the number of data points in open and closed tables, although such data points are not as such comparable. The data points relate to the structured reporting obligations shown in Chart 5.1, including notifications and applications.

5.4Benefits and costs of supervisory reporting 

As mentioned in Section 4.3 on limitations, estimating the benefits and costs of supervisory reporting at EU level is challenging. In particular, no meaningful quantitative assessment of the benefits is possible, so only a brief overview of qualitative benefits is provided. Although a cost-benefit comparison is not possible, some estimates of compliance costs are presented, with further details contained in Annex 5.

Benefits

In terms of the qualitative benefits of EU-level supervisory reporting requirements, the assessment showed that supervisors extensively rely on data to fulfil their supervisory functions, including ongoing supervision and assessment of compliance with existing regulations, as well as risk assessment and monitoring. Although reporting entities were overall less positive about their assessment than supervisors, stakeholders generally do not question the need for supervisory reporting. In terms of the wider objectives, many stakeholders also argued that EU-level supervisory reporting requirements have improved monitoring of the systemic risk in the single market, of the interconnectedness of the financial system, and of the developments that may pose a risk to financial stability. They also improve market surveillance 99 and the monitoring of the evolution of business models, financial positions, exposures and risks over time. In the view of stakeholders, the current set of reporting requirements represents a valuable tool for the protection of investors and consumers of financial services. EU harmonised requirements also help create a level playing field for all industry entities and increased legal certainty. They improve the reputation of the financial sector by increasing transparency and accountability.

The introduction of supervisory reporting requirements at EU level also had some internal benefits for stakeholders, contributing to improved internal processes, investment in new IT infrastructures and the development of new analytical tools. For supervisors, this allows them to carry out more detailed, accurate and complex data analysis of the supervised entities. The greater comparability of data at EU level has been useful as well, not only for the supervision of cross-border groups, but also to enable benchmarking of domestic entities against the EU average and to monitor the emergence of EU-wide risks.

Further discussion of the uses and usefulness of supervisory reporting is provided in Section 6.1 discussing the ‘Effectiveness’ as well as in 6.5 on ‘EU value added’.

Costs

Supervisory reporting at EU level generates costs not only for the reporting entities, but also for the supervisory authorities, both in terms of one-off costs to implement the new requirements as well as ongoing costs. According to the input received to the open public consultation (OPC), stakeholders consider supervisory reporting requirements at EU level as contributing the most to compliance cost, with different Member States’ implementation of EU requirements and additional national reporting requirements adding to the costs. The cost of compliance with EU-level supervisory reporting requirements was assessed on the basis of feedback to the OPC and the results of the external compliance cost study.

Cost for reporting entities

In terms of costs to the reporting entities, according to (limited) feedback provided in the public consultation 100 , the average annual ongoing costs of supervisory reporting, expressed as a percentage of operating costs, is less than 1% for just over half of respondents (55%). The respondents also highlighted that the main costs resulted from the need to hire additional human resources and to introduce or modify IT systems as a result of EU-level supervisory reporting requirements. As regards the cost drivers, industry respondents most frequently mentioned an excessive number of reporting requirements, unclear/vague requirements, redundant requirements, and too many/too frequent modifications. They also pointed to overlaps between EU supervisory reporting requirements and statistical reporting. In terms of the reporting frameworks which contribute the most to costs, respondents highlighted CRR/CRD IV, Solvency II, MiFID II/MiFIR, EMIR and AIFMD, depending on the type of activity of the respondent.

The external study aimed to provide both a broader and a more detailed assessment of compliance costs. As summarised in more detail in Annex 5, it attempted first to assess the overall cost of compliance with key financial services legislation (both in terms of one-off and ongoing costs) by business sector, and to then break down the costs by driver and to isolate the proportion of overall compliance costs represented by supervisory reporting requirements.

The results of the study, summarised in Table 5.3 101 , suggest that the average one-off costs of compliance with supervisory reporting requirements in the sample vary significantly across business sectors. This also reflects the sample composition, ranging from an average of €0.5 million for asset managers to more than €45 million for investment banks, with banks, insurers and financial markets falling in between these extremes. The variance in total one-off costs is related to the size of the entities in the different sectors. It is illustrated by the smaller variation, within the range of 0.8% to 1.6%, in the average one-off costs as a proportion of annual operating costs across sectors. In terms of the average ongoing supervisory reporting costs as a proportion of total operating costs, the range is 0.5% to 1%. These results are broadly consistent with the few responses received in the public consultation. The study also confirmed that supervisory reporting was a significant component in total compliance costs, making up on average about 30% of compliance costs (ranging from 20% to 40% across sectors) both on a one-off and ongoing basis. However, these estimates come with significant caveats and reflect the difficulty of firms to estimate compliance costs and isolate the element that is attributable to supervisory reporting.

The study also attempts to estimate the aggregated costs of supervisory reporting for the EU financial industry by extrapolating the results of the sample to the population of all financial institutions. The indicative estimate of ongoing annual supervisory reporting costs for the industry is greater than €4 billion.

Table 5.3: Mean supervisory reporting costs by sector

Source: Study conducted by ICF/CEPS on behalf of the European Commission.

Some of the costs incurred by reporting entities when complying with reporting requirements in the EU-level financial services legislation would likely have been incurred even in the absence of EU legislation, as it can be expected that in this case the supervised entities would be subject to national and/or internationally agreed requirements. For this reason, the compliance cost study attempted to estimate the incremental cost of compliance with EU reporting requirements, i.e. to isolate that part of the cost which is due purely to the existence of requirements at EU level. These were estimated at about 80% of total supervisory reporting costs, both on an ongoing and one-off basis. However, this could be an overestimate of the true incremental cost as much of the data would likely be collected at national level even if it were not standardised at EU level.

Concerning the most ‘costly’ legislative frameworks, this varies between the different sectors, with those legislative frameworks primarily aimed at particular sectors (e.g. CRR/CRV IV, MiFID II/MiFIR for financial markets, and Solvency II for insurers) engendering the highest ongoing costs for those sectors. The results are broadly in line with the more limited estimates obtained during the public consultation.

The main drivers of compliance costs differ somewhat across the sectors and between those generating one-off costs and ongoing costs 102 . Nonetheless, the implementation or updating of IT infrastructure appears to represent the main one-off cost, followed by ‘project management’ fees and consultancy fees. In terms of ongoing costs, the main drivers across the different sectors (not always in the same order, and with a few minor exceptions) relate to IT maintenance, audit fees and data processing costs. 

The reporting burden of complying with supervisory reporting requirements is scaled throughout the supervisory reporting framework to be proportionate to the nature, scale and complexity of the activities of the institutions. Therefore, the scope of any individual institution’s reporting obligations across different reporting frameworks depends on its size and business model (types of activities, risk profile, etc.) As a consequence, and as already noted in Section 5.1, different reporting entities report different datasets, and smaller firms with less complex activities are typically required to report less data. Further provisions apply (or measures have recently been taken) to make reporting requirements more proportionate to firm size and reduce the burden for smaller or less risky firms.

For example, indicative estimates provided by the EBA suggest that small and medium-sized banks report only about 15-20% of the data points reported by the largest banks. As discussed in Section 2.3, CRR2/CRD5 aims to further reduce the burden for smaller financial institutions. Solvency II allows a number of limitations and exemptions from reporting, which work in addition to the embedded proportionality in the reporting framework (e.g. insurers without derivatives in their portfolio do not need to complete the relevant derivative templates). Although the use of limitations and exemptions varies between Member States, some 27% of insurance undertakings in the EU benefit from limitations and exemptions from quarterly reporting, with as many as 70% in some Member States. EIOPA expects further increases in the use of these limitations and exemptions 103 .

These estimates are indicative only, but suggest a significantly lower reporting volume by smaller firms. The external study did not focus on the comparative reporting costs between large and small firms. Nonetheless, the results suggest a positive impact of proportionality embedded in the requirements while also indicating some room for improvement. Although the comparison is not available for compliance costs related to supervisory reporting alone, the comparison of total compliance costs indicate that small and large organisations incurred the same one-off costs as a percentage of their operating costs. For ongoing compliance costs, large organisations in the sample incur somewhat lower costs than smaller organisations (around 3% of total operating costs, compared with 3.5% for smaller organisations). However, the robustness of these results is limited by the sample size and composition, among other factors.

Costs for supervisors

In terms of compliance costs for supervisory authorities, most of them said they were not able to isolate the costs related to supervisory reporting, or had not yet completed such an assessment. The few authorities which did provide estimates asked for them not to be disclosed. As such, no cost figures for supervisory authorities can be reported.

As far as one-off implementation costs are concerned, the most important element relates to IT system development and implementation, which is seen by many supervisors as the most costly part of supervisory reporting in recent years. Short implementation deadlines that do not take into account the complexity of the implementation increase the implementation costs (as further discussed in Section 6.2).

The most resource-intensive, and hence costly, ongoing supervisory activities relate to data quality checks and validation 104 , data cleaning 105 and data analysis. Data validation costs mainly arise from manual interventions, clarification of the requirements to reporting entities and implementation of validation rules that are not directly embedded in the electronic reporting format.

Although a quantification of costs to supervisors was not possible, the qualitative assessment strongly suggests that costs to supervisors are significant.

Costs and benefits of supervisory reporting in other jurisdictions

In this context, it is important to note that supervisory reporting also applies outside the EU. As noted in Section 2.1, many initiatives to stabilise financial markets and introduce greater transparency into the financial system have been agreed internationally, and a large part of the EU post-crisis reform agenda implemented these internationally agreed approaches. This also applies to reporting requirements, which have been substantially strengthened globally.

There is generally little literature available on the cost and benefits of supervisory reporting. Comparative cost estimates are not systematically available, and it was beyond the scope of the fitness check to provide any international comparisons. However, what is available suggests that the reporting burden is significant also in other jurisdictions.

For example, regarding reporting under the AIFMD, KPMG (2013 106 ) presents a survey with evidence of the comparative compliance costs for hedge funds in different jurisdictions. It concludes that hedge funds headquartered in the Asia-Pacific region allocated a larger share of their total operating costs to compliance than their European and North American counterparts. While more than a third (37%) of Asia-Pacific respondents declared they were allocating 10% or more of operating costs to compliance, the percentage was lower for North American (26%) and European (21%) funds. As regards smaller hedge funds, which generally spend more on compliance in relative terms, North American funds on average spend 0.4% of their assets under management on compliance, more than funds in Europe (0.2%) and the Asia-Pacific region. Cost data for supervisory reporting only is not available. However, according to the survey, 46% of respondents said that the impact of ‘AIFMD registration and reporting’ on compliance costs was ‘high’, which is only slightly more than the 42% of respondents which said that the corresponding cost impact of registration and reporting to the U.S. Securities and Exchange Commission was ‘high’. No updates with more recent survey data are available.

Cost comparisons are complicated by the fact that the structure of the supervision differs across jurisdictions. For example, for banking supervision, on-site supervision plays a larger role in the U.S. This affects the data needs and makes it difficult to draw comparisons, given the different nature of costs for the supervised banks. However, available information suggests that the reporting burden in the U.S. is also significant, with industry stakeholders complaining about the level of compliance costs and a need for review. For example, in response to the financial crisis, the Dodd-Frank Act was enacted, resulting in 2,319 pages of legislation, and the U.S. administration implemented approximately 390 regulations by more than a dozen different regulatory agencies 107 . As regards reporting, the U.S. Treasury (2017) concluded that what is known as the ‘bank Call Report is over 80 pages and contains a substantial amount of data fields which are not applicable to community banks and their business model 108 ’. Although steps have already been taken to simplify reporting for these banks, the U.S. Treasury report recommended further streamlining. 

Concerning reporting on securitisations (in this particular case mortgage-related), a regulation in use for this purpose contains 270 fields per mortgage. The U.S. Treasury recommended reducing the number of fields and standardising definitions. It also suggested that relevant U.S. agencies ‘eliminate any required reporting metric that are not necessary for effective supervision 109 ’. To address those concerns, the Economic Growth, Regulatory Relief and Consumer Protection Act of 2018 relaxed certain regulations 110 . The recent revision of the Volcker rule also simplifies and reduces reporting requirements for banking entities 111 . Various industry-led reports also suggest significant compliance burdens related to reporting and Dodd-Franck legislation more generally 112 . Another indicator of the reporting burden is the long list of reports to be submitted by the U.S. branches and agencies of foreign banks (including European banks).

In the insurance sector, Solvency II presents an advanced and detailed supervisory framework, which is quite sophisticated and very detailed, and which currently does not appear to have an equivalent in any other jurisdiction. International work in this area is ongoing. As regards transaction reporting, EMIR reporting follows an international commitment to improve data and transparency in derivatives markets, although the implementation differs between jurisdictions. No evidence on the comparative cost was available. Unlike the EU, the U.S. only applies a one-sided transaction reporting regime for derivatives (i.e. only one counterparty needs to report). However, to increase data quality and reporting accuracy, consideration is also currently being given to collecting at least some information also from the other counterparty.

Overall, many reforms have been agreed internationally, and efforts towards international coordination of requirements continue. The EU reporting requirements in some areas go beyond what is required in other main jurisdictions, but this does not apply across the board. Reporting is perceived a particularly burdensome element of compliance in other jurisdictions as well.

6.ASSESSMENT AND ANSWERS TO EVALUATION QUESTIONS

This section presents the assessment of the fitness of EU supervisory reporting requirements, based on the five evaluation criteria (effectiveness, efficiency, relevance, coherence and EU value added) and related evaluation questions set out in Section 3. This is complemented by an assessment of the main issues raised by stakeholders during the various consultation activities, as summarised in Annex 4.

6.1Effectiveness

As explained in the intervention logic in Section 2, the common underlying objective of EU-level supervisory reporting is to provide EU and national supervisors with the information they need to fulfil their supervisory functions, and thereby help achieve the wider regulatory objectives of financial stability, market integrity and consumer/investor protection. In other words, the right data of the right quality must be available for the supervisors at the right time.

This section evaluates the extent to which this overall objective is met and also identifies the areas where effectiveness could be improved. It is mainly based on the assessment of EU and national supervisors who, as the users of the data, are best placed to assess their data needs and actual use of the data received.

6.1.1Do the supervisory authorities receive the data they need?

This section examines whether reporting requirements provide EU and national supervisors with the data that they need (i.e. the right data without any data gaps), whether the data reported is of the required quality to allow effective use, and whether the reporting frequency is adequate.

Relevance of the reported data (i.e. ‘the right data …’)

The amount of information that needs to be reported for supervision purposes has significantly increased as a result of the post-crisis reforms, and data has become more granular and standardised. But providing supervisory authorities with the right data is not just a matter of the sheer quantity of information being reported. The content of the data must also meet the supervisors’ needs.

The evidence available suggests that supervisors today obtain most (but not all) of the data they need 113 . While a large majority of respondents to the public consultation considered 114 that there are no reporting requirements that should be added, a number of supervisors identified data which they felt are lacking. One example is the lack of end-of-day position reporting in EMIR (as opposed to the reporting of the transactions in derivatives), which several supervisors miss 115 . Other data gaps identified include: (i) the lack of mandatory reporting of the legal entity identifier (LEI) in the AIFMD 116 ; (ii) the need for more information for the monitoring of intraday liquidity of banks than what is available now under CRR; (iii) the absence of mandatory reporting of LEIs of large borrowers under the large exposures framework for banks; (iv) more granular reporting of non-performing loan exposures; and (v) more information on costs and prices allowing a better assessment of financial institutions’ business models and profitability. 

However, the data gaps identified only concern limited and quite specific data sets, more detailed information in the context of already reported data, or the need to report data in a somewhat different structure. They also differ significantly authority by authority (i.e. there are no clear trends of lacking data by sector, etc.). The supervisors also pointed out that data needs change over time (the industry evolves, new risks appear, etc.), so new data will always be needed to fulfil supervisory duties effectively. Therefore, some of the data gaps identified are due to the passage of time, and not to an ineffective design of the legislation. For instance, the relevance of more granular non-performing loan exposures has increased quite recently. In conclusion, while the current EU supervisory reporting requirements do contain some data gaps, they do not reveal a systematic weakness.

From the outset, the legislative process 117 provides for a control mechanism for the relevance of the reported data, in that the main users of the supervisory reports - the ESAs and the NCAs - have an essential role in defining the scope and content of the required data, i.e. the EU-level supervisory reporting requirements. Within the confines of the broad reporting obligation set out at Level 1, the ESAs in coordination with the NCAs are in principle free to define the content of the data to be reported according to their needs or their interpretation of what is required. However, NCAs can only request data in line with their mandate, and it has been noted that some of the most prominent data gaps identified (such as end-of-day position reporting in EMIR or the mandatory reporting of LEIs of large borrowers under the large exposures framework) are due to the limitations of the Level 1 mandate.

In any case, supervisors (both EU and national) can use ad hoc requests to collect data which they feel are lacking, either due to the design of the legislation or to market developments. Ad hoc requests fulfil specific data needs and can therefore close any (temporary) gaps in regular reporting requirements. NCAs also use additional national reporting requests to fulfil specific data needs, as further discussed below.

Reliability of the reported data (i.e. ‘…of the right quality…’)

Reliability in the context of supervisory reporting means that the reported data is consistently good in quality, and can therefore be trusted by the supervisors. Data quality, which is key for the entire supervisory reporting process, refers to accurate and complete data that meets all aspects of the reporting requirements, including: (i) the prescribed content (definitions); (ii) level of granularity; (iii) format; and (iv) consistency (with other data reported). While the relevance of data depends on what has to be reported, data quality depends greatly on how these requirements have been put into practice by the stakeholders. Poor quality data can have a detrimental effect on supervisors’ ability to carry out their statutory tasks — and therefore from the point of view of this assessment, on the effectiveness of EU-level supervisory reporting. Data quality issues can also affect efficiency, e.g. if resolving quality issues leads to additional costs. This aspect is addressed in Section 6.2.

Based on the input of and discussions with supervisory authorities 118 , and on the expertise of the supervisors themselves, the quality of data reported appears to be sufficient overall 119 . However, data quality remained an issue in certain areas. As regards specific reporting frameworks, many stakeholders - including national supervisors - raised concerns about the quality of EMIR data, despite the improvements 120 , while some supervisors also reported issues with AIFMD data (see also Box 3 below). Supervisors confirmed that in certain cases, unresolved quality issues prevent them from using data effectively 121 . EMIR and AIFMD were again mentioned repeatedly, while a few authorities also brought up Solvency II.

Sometimes there are certain problematic sections within a specific framework whose other parts provide data of an acceptable quality. For example, stakeholders consider the quality of the AIFMD data particularly low in the sections on risk measures and leverage of the AIF, while for Solvency II data quality is considered generally low for the assets list and cash flow. Supervisors also noted that reporting quality varies significantly between entities, banks, investment firms, funds, etc. 122 . Finally, data quality can also vary depending on the frequency of the reports within the same framework, e.g. some supervisors noted that quarterly reports under Solvency II have fewer quality issues than the annual ones 123 .

Nevertheless, the quality of data is continuously improving across all supervisory fields as supervisors improve clarity (through guidelines and Q&As), validation rules stabilise, and - in general - as both supervisors and reporting entities gain experience with the various reporting requirements. Several supervisors specifically mentioned EMIR in this context.

Factors determining the quality of data

Several factors determine the quality of data 124 . Clarity and legal certainty, which involves clear and consistent 125 requirements, harmonised concepts and business-friendly definitions that leave little or no room for interpretation, contributes to higher quality data. The lack of clarity or inconsistency (further discussed in Sections 6.2 and 6.4) of certain EU-level supervisory reporting requirements has been flagged as problematic by both industry and supervisors. Reporting entities may sometimes submit data that is incorrect or of a low quality because they misinterpret what is being requested or do not fully understand or value its importance. The result is that the data which is actually reported is not always of the desired quality.

Similarly, factors such as: (i) supervisors’ frequent interaction with the supervised entities; (ii) clear and concise guidance (with examples where necessary); (iii) a well-working Q&A process; and (iv) the availability of a helpdesk, are key for ensuring a consistent approach and thus higher quality. A few reporting entities have argued that guidance is insufficient or sometimes takes too long to be developed, meaning that they may not know what exactly is required, and data quality suffers as a result. At the same time, supervisors point out that their ability to provide clear guidance is hindered when the requirements themselves are unclear and when they face resource constraints.

There also appears to be a link between the quantity and complexity of the required information 126 and data quality. The more complex (and voluminous) a requirement, the more things that can go wrong, and the greater the need for more guidance down the line 127 . Complex requirements also need more resources on both the supervisory and reporting sides, which may take more time to obtain during the implementation phase. For example, EMIR reporting that deals with complex - often bespoke - derivative transactions, has a dual supervision regime (ESMA and NCAs), a participation of financial and non-financial counterparties, has more quality issues than the average.

Technical choices on standards and formats, such as the introduction of XBRL, also help improve data quality. However, as explained in Sections 6.2 and 6.4, there is currently an insufficient and uncoordinated use of these standards. Supervisory entities have confirmed that the current situation – both the lack of and the multiplication of standards, formats, and identifiers – has negatively impacted the quality of data or supervisors’ ability to easily aggregate the reported data or form a comprehensive picture of different parts of the financial system.

Proper quality checks are also important. This involves properly applied validation rules, any additional controls 128  as well as consistently applied enforcement measures. Data quality appears to be best for the data that are most frequently used by supervisors, possibly reflecting the stricter scrutiny 129 and quality enforcement applied to such data. Several reporting entities noted difficulties with data validation rules. For example: (i) by the time the final version of the relevant ITS/RTS is published, there is not enough time left for either the reporting entity or the supervisor to implement and thoroughly test the corresponding validation rules; (ii) the rules are not always clear or consistently applied (e.g. they differ at national and EU level); and (iii) the rules are too strict or numerous, or not flexible enough to cover all institutions and adapt to all business models. All these factors can impair data quality. Nevertheless, the application of validation rules also appears to be improving over time. These and other aspects are also discussed below as they also affect the efficiency and coherence of supervisory reporting.

As most EU-level supervisory reporting requirements are relatively new, both industry and supervisors need to go through a learning curve before quality becomes satisfactory. This is demonstrated by the fact that data quality has been improving over time. Nonetheless, as new requirements are introduced or existing ones modified, the learning curve starts again to a certain extent, and data quality often drops temporarily. Consequently, more stable rules on reporting requirements (i.e. less frequent changes) and, crucially, sufficient time to implement new or amended reporting requirements would improve data quality. There is broad consensus between industry and supervisors on this point.

Reporting firms' differing characteristics also significantly influence data quality. Potentially decisive characteristics - as noted by the supervisors - include: (i) the complexity and diversity of the firm’s business model and the instruments traded; (ii) the resources and priority that the firm gives to reporting; (iii) the effectiveness of the firm’s processes, systems and controls; and (iv) the firm's competences and experience with reporting. If the resources, processes, systems, etc. are inadequate, data quality may suffer for both internal (within the reporting entity) and external (to the supervisors) reporting 130 . Many of the above attributes correlate to the size of the reporting entity. For example, although smaller firms typically have simpler business models and trade with simpler instruments, they also have fewer resources available for their systems, controls and reporting. This may result in lower data quality compared with that of larger and more complex firms, particularly when they need to report the same or a similar amount of data. Therefore, some stakeholders consider that more proportional reporting requirements would significantly contribute to increasing data quality, as reducing the burden on smaller firms would allow them to prepare better quality data without compromising wider objectives like financial stability.

Finally on data quality, stakeholders have noted that involving additional players in the reporting process — such as through outsourcing 131  or by introducing intermediaries like trade repositories between reporting entities and regulators — creates an additional level of complexity and can be a potential source of errors.

Timeliness of the reported data (‘…at the right time’)

The timeliness of the data is another characteristic that affects the effectiveness of supervisory reporting. Two aspects of timeliness were explored: (i) the frequency of the data; and (ii) the time lag between the reference date and the receipt of the data. The latter is in principle influenced by both the reporting deadline 132 and the reporting processes. Issues with timeliness may be due to how the requirements are set (design issues, such as in the relevance of data) and how stakeholders implement them (execution issues, such as in data quality).

The supervisory authorities consider the frequency of data collection to be generally adequate for their purposes, i.e. supervisors obtain the data as frequently as they need it, and that there is virtually no need to increase reporting frequencies. Nonetheless, a few supervisors mentioned specific areas where frequency could be increased. For example, there were specific suggestions that some AIFMD reporting and the Solvency Capital Requirement (SCR) reports in Solvency II could become more frequent for the larger entities. By contrast, some supervisors identified certain cases 133 where they found reporting frequency to be unnecessarily high 134 .

On the time lag between the reference date 135 and the time when the supervisors receive the information, the requirements appear to be properly set up in general. No specific concerns were raised by supervisors about overly long time lags resulting from inappropriately defined requirements that may result in the data being reported too late and which may reduce the relevance of the data once received.

Finally, certain supervisors' timely access to the data may depend on the reporting entities' reporting processes - both internal (i.e. within a reporting entity) and external to supervisors. As with data quality issues, inadequate resources or processes within a reporting entity may in theory also result in delays in reporting data. Under the sequential approach described in Section 4, NCAs have first access to data, while EU supervisors have to wait somewhat longer. When there are different layers of supervision (national and EU level), a certain time lag for some supervisors is inevitable and has indeed been noted by some stakeholders. If the reporting process goes through a designated third party, who then forwards or makes the data available to the NCA and the EU supervisor (e.g. trade repositories in EMIR), this can cause an additional time lag. Some supervisors mentioned that trade repository matching and reconciliations can sometimes add further layers of complexity and therefore increase the timeframe, but they did not consider this a significant issue and acknowledged that it is to some extent inherent in the nature of the data being processed.

6.1.2Usage and usefulness of the reported data

Actual usage of reported data by the supervisors is a strong indication of its usefulness - if the data is actively being used, it implies that right data is reported from the supervisors’ perspective and that this data is of a sufficient quality. It also indicates that the objective of providing supervisors with the data to carry out their statutory duties is being met 136 .

EU and national supervisors confirmed that they regularly use supervisory data for all their activities to meet their supervisory obligations. How these authorities use data depends on their statutory supervisory functions 137 . They provided an overview of their different data uses, which fall under the following broad categories:

·Supervision and enforcement of compliance with regulations (micro-prudential and conduct - individual entity level 138 ):

-detection of misconduct and ensuring market integrity;

-calculation and monitoring of individual risk indicators and certain performance figures (e.g. solvency ratios, liquidity position, exposures, etc.);

-follow-up of supervised entities’ activities;

-preparing detailed analyses for off-site examinations and on-site inspections; and

-non-reporting compliance.

·Financial risk and stability monitoring (macro-prudential – systemic level):

-risk concentration in markets (e.g. exposure of banks to real estate-related imbalances);

-contagion analysis and disruption risks;

-conducting stress tests; and

-developing early-warning systems.

·Promoting supervisory convergence:

-peer reviews;

-data quality action plans; and

-analysis of the strength of banks’ balance sheets and possible top-up of measures.

·Regulatory functions:

-design of regulations;

-identification of thresholds that exist in some regulations;

-calibration of requirements; and

-analyses to assess the impact of regulatory actions.

·Financial market statistics:

-market analyses of trends and risks in financial markets;

-macroeconomic analyses;

-thematic studies, economic working papers;

-input for financial stability discussions;

-occasional economic advice to the government; and

-fulfilment of international data requests.

Supervisors provided several more concrete examples of how they use data reported under particular reporting frameworks in their supervisory activities, in what frequency, and the resulting outputs 139 . Box 3 provides examples of recent EU market-wide analyses, including analyses that has become possible in areas where previously no or limited EU-wide data was available. The selected examples also somewhat contrast the concerns expressed about the limited use of the data and illustrate the data quality issues discussed earlier (EMIR and AIFMD reporting).

Regarding supervisors' views on the usefulness of supervisory reporting at EU level, a large majority of them confirmed that EU-level supervisory reporting requirements introduced or modified since the financial crisis have improved their ability to fulfil their statutory tasks and mandates, such as the prudential or conduct supervision of regulated entities. The others also see the benefits of the current supervisory reporting requirements, but expressed more qualifying views, for example: (i) differentiating between specific reporting frameworks, where improvements are not equally perceived; (ii) pointing out persisting data quality or complexity issues; or (iii) in some areas suggesting that they already had effective national reporting regimes before. Nonetheless, as confirmed by the users of the data, the introduction of supervisory reporting requirements at EU level has been overall effective in providing supervisors with data they need to carry out their functions.

On a more critical note, reporting entities argued that there is insufficient information upfront on how and for what purposes the reported data is used 160 . This leads to a negative perception of the requirements and doubts as to whether some of the requested data is actually necessary. This may also have a negative impact on the quality of the reported data, as the reporting entities do not see the need or understand the importance of the data to be reported, or simply do not have the incentive to meet their reporting obligations diligently. Reporting entities would therefore like to see more transparency on the data they report, for example feedback from supervisors on industry benchmarks, consolidated industry data 161 , etc., and general information on how the collected data is used. This level of transparency would increase accountability and the legitimacy of the reporting requirements. One way of achieving this would be to explicitly provide detailed and justified reporting objectives in all future legislation 162 .

6.1.3Contribution to wider regulatory objectives

At the general level, the new (and revised) supervisory reporting requirements, as part of the wider post-crisis legislative reform package and enhanced supervision, aimed to contribute to the wider objectives of ensuring financial stability, market integrity and consumer/investor protection in the EU single market for financial services. Although supervisory reporting requirements are an important part of the reforms, they are only an ancillary element in the whole package. Numerous new or revised substantive requirements, taking various forms, have been introduced since the financial crisis to restore financial stability and improve the functioning of the EU financial system 163 . While the substantive requirements establish the underlying rules, supervisory reporting requirements ensure that supervisory authorities can verify that these rules and requirements are implemented and respected. Monitoring financial risks and stability also enables policymakers to make adjustments to prevent or mitigate a future financial crisis. As such, the substantive requirements and the supervisory reporting requirements work together to achieve the objectives of financial stability, market integrity and consumer/investor protection, and it is difficult to isolate the specific impact of reporting requirements from the substantive requirements or policy actions.

Nevertheless, the assessment has confirmed that the new EU-level supervisory reporting requirements have significantly helped improve the monitoring of systemic risk in the single market, the interconnectedness of the financial system, and the developments that may pose a risk to financial stability. They also contributed to improving market surveillance 164 and to monitoring the evolution of business models, financial positions, exposures and risks over time. Several supervisors mentioned better understanding the products available or how the industry operates in general as further benefits. The current set of reporting frameworks is also a valuable tool for protecting investors/consumers. Supervisors also reported that they use the data to support their policy work. More generally, the current system of supervision can only function if supervisors have access to the right information to fulfil their functions.

This is confirmed by the feedback to the open public consultation. Most respondents consider that EU supervisory reporting requirements contribute to all three of the wider objectives:  improving financial stability, market integrity, and consumer/investor protection - at least to a certain extent. According to the respondents, the effect was strongest for financial stability, with 76% agreeing that such a link exists and 21% viewing this contribution as significant or very significant.

Chart 6.1: Summary of responses to Question 1.1 of the Public consultation on fitness check on supervisory reporting

Source: DG FISMA.

Note: Respondents were asked to provide their opinion on the extent to which the EU-level supervisory reporting requirements have contributed to improving financial stability, market integrity and investor protection, on a scale ranging from ‘very significantly’ to ‘not at all’.

This trend is even stronger among supervisors and regulators, who are arguably best placed to assess the indirect link between reporting and the fulfilment of wider objectives. While the number of authorities’ responses was very low, most selected either ’very significantly’ or ‘significantly’ for all three areas. This was also confirmed in the targeted consultation and workshop with NCAs.

Furthermore, the reporting requirements have significantly contributed to the wider objectives by stimulating improvements in the supervised entities' business conduct and risk management. While the wider reforms, and the compliance monitoring and enforcement by the supervisors were major contributors, the new reporting requirements in themselves gave the supervised entities a big incentive to focus more resources on internal control and risk management systems, increasing internal data and monitoring capacities, and improving relevant policies and procedures. Although the purposes of supervisory reporting do not (and cannot) fully match internal risk reporting needs, supervisors expect strong integration between internal reporting and regulatory reporting 165 .

History has shown that financial market meltdowns occur fairly regularly, and many experts believe that a new financial crisis is inevitable. The new supervisory reporting requirements have enabled supervisors to better monitor any renewed build-up of the problems that led to the last financial crisis and also to identify potential new ones. Their challenge is to spot emerging problems and the build-up of risks in other areas, where data may not yet be available, or where the need for such data is still ‘unknown’. Nonetheless, at least for the known risks, supervisors are now significantly better equipped to detect - and therefore also proactively address - potential risks not only to financial stability but also to market integrity and investor/consumer protection.

6.2Efficiency

The analysis of EU-level supervisory reporting requirements also explores the key question of their efficiency. The concept of ‘efficiency’ can be defined in several ways, but for the purposes of this fitness check, efficiency is defined as ‘the ability of reporting entities to fulfil EU level supervisory reporting requirements fully and correctly, and of supervisory authorities to process the reported data for their purposes, in the least costly and least burdensome way possible’. In other words, while the effectiveness analysis considers whether supervisors obtain the data they need, the efficiency analysis considers the costs for all stakeholders 166 .

The assessment of efficiency is clearly very closely linked to other criteria assessed in this analysis. Specifically, the efficiency of EU-level supervisory reporting depends somewhat on the coherence of the reporting requirements, as lack of coherence may increase uncertainty and require more manual interventions. Efficiency also has a clear impact on the added value of EU-level requirements in that, if supervisory reporting at EU level is inefficient, it may reduce the benefits of eliminating divergent national requirements. Equally, however, even if requirements at EU level were efficient, differential national implementation or parallel national reporting frameworks would add to the overall reporting burden for the supervised entities and also contribute to complexity and inefficiency of EU supervisory reporting as perceived by stakeholders. As such, certain elements of the analysis of efficiency overlap with the other analyses.

The analysis mainly builds on the feedback to the public and targeted consultations and the compliance cost study, where most reporting entities consider the costs of reporting to be too high for the informational insights they gain from the reported data. Perhaps not surprisingly, supervisory authorities assess the cost-benefit balance more positively, but many also see considerable potential for reducing the costs while maintaining the effective information content of the data.

The main challenge in assessing the efficiency of EU-level supervisory reporting requirements is the difficulty of gathering sound and representative quantitative estimates of both the cost and benefits of such reporting. As explained in Section 5.4 above, it has proven impossible to provide a quantitative estimate of the benefits of EU-level supervisory reporting, and even for the costs of reporting, there is some uncertainty as to the figures. Given this, a quantitative assessment of whether EU level supervisory reporting is efficient — or as efficient as it could be — has not been possible. The assessment was therefore carried out on the basis of qualitative inputs and focuses on the potential to reduce the reporting burden without materially compromising its effectiveness. After presenting the views of different stakeholders, this section looks at the main drivers of costs and burdens arising from EU-level supervisory reporting requirements, before assessing whether this implies that such costs and burdens are excessive. It concludes with a brief look at whether there is any room for increasing efficiency.

6.2.1Stakeholder views: Ability of reporting entities to report and supervisory authorities to collect and process data efficiently

To check whether current EU-level supervisory reporting is efficient, it is necessary to analyse it from the point of view of the different stakeholders involved. On the one hand, one needs to verify whether reporting entities can understand the requirements, and then collect, prepare, and submit the data without major obstacles and without unnecessary costs and burdens. On the other hand, one needs to check whether the supervisory authorities can process and use the data which they receive rapidly and without any unnecessary verifications or modifications.

Efficiency assessment from the point of view of the reporting entity

In response to the public consultation, reporting entities generally felt that EU-level supervisory reporting is not very efficient. Almost 4 out of 5 respondents (79%) felt that supervisory reporting at EU-level is either very (17%) or rather (62%) inefficient. On the other hand, only 15% of reporting entities felt that EU-level supervisory reporting is quite efficient, with none seeing it as very efficient. Reporting entities gave a long list of issues which in their view render EU-level supervisory reporting inefficient. This includes: (i) unclear and inconsistent requirements; (ii) the excessive volume of requirements; (iii) insufficient use of standards and identifiers; (iv) overlaps between different reporting requirements; and (v) requirements to report data which is not easily available, at least in the required format, etc. These issues are analysed further in the following sections, with Section 6.4 ‘Coherence’ focusing on the consistency of supervisory reporting requirements across the different legislative frameworks.

Reporting entities pointed out that there is uncertainty as to what needs to be reported and how, meaning that they need to spend considerable time and effort trying to understand EU-level supervisory reporting requirements before even preparing the data for reporting. Moreover, inconsistencies — in terms of definitions, standards and formats, deadlines, etc. — and the fact that on occasion, data which needs to be reported may not be easily or readily available in the form or format in which it is requested — means that there is a need for a significant amount of manual processing, which can be quite burdensome and costly. It also means that reporting entities are not able to make full use of available IT tools to automate their supervisory reporting processes as far as possible.

Note that not all legislative frameworks are necessarily affected by all of these issues — or at least not to the same extent — and that some of the issues may only be temporary given that many of the requirements are still fairly new and that some initiatives to address the issues are already under way. Nonetheless, the overall impact of these burdens is that, from the point of view of the reporting entities, the current set-up of EU-level supervisory reporting requirements does not allow data to be reported as efficiently as it could be if these issues did not exist.

Efficiency assessment from the point of view of the supervisory authorities

In the public consultation, supervisory authorities were more positive than the reporting entities on the efficiency of EU-level supervisory reporting, with just over half of them (56%) seeing it as either very or quite efficient. On the other hand, 33% of supervisory authorities see supervisory reporting at EU level as rather inefficient, with 11% going as far as to declare it very inefficient.

Supervisory authorities measure efficiency in terms of how easily and quickly they can process the reported data to get it to a stage where they can use them for supervision purposes 167 . While the focus of the assessment from the point of view of supervisory authorities is quite different from that of reporting entities, both have identified many of the same issues with EU-level supervisory reporting requirements. For example: (i) a high level of complexity; (ii) insufficient application of the principle of proportionality and materiality; (iii) an insufficient or non-aligned use of standards, formats, and identifiers; (iv) the redundancy of a certain number of requirements; and (v) an excessive number of modifications and inadequate implementation timelines. These issues were further identified and discussed in the targeted consultation of NCAs.

6.2.2Main drivers of the costs and burdens of EU-level supervisory reporting

The analysis for the fitness check has looked closer at the issues mentioned by stakeholders in the public consultation, the targeted NCA consultation and stakeholder workshops. As mentioned in the previous section, the feedback to these consultations suggests that the existing EU-level requirements create many unnecessary burdens that generate additional costs. In response to a specific question on the main overall factors driving the excessive cost of EU-level supervisory reporting, stakeholders identified the volume, content, and set-up of the requirements, as well as the frequency of changes and, to a lesser degree, insufficient guidance. Other issues, such as the use of IT or greater automation, were mentioned much less frequently — although comments to other questions suggested that many of the other issues affecting EU-level supervisory reporting have elements which may hinder full automation.

The assessment for the fitness check has given a better insight into the specific challenges posed by EU-level supervisory reporting requirements and how they drive the costs and burdens faced by stakeholders.

One of the broad themes that has emerged is that EU-level supervisory reporting requirements are quite complex, with industry stakeholders in particular feeling that the level of complexity is excessive. The concept of ‘complexity’ is quite broad, but dialogue with stakeholders has provided a clearer picture of what it implies. Specifically, industry stakeholders mentioned issues such as: (i) the requirements not being easily understandable (e.g. too many cross-references between different frameworks, the frequent split of the details of what needs to be reported and to whom between Level 1 and Level 2 acts, etc.); (ii) similar requirements being used for different purposes and for different reporting entities; (iii) similar data being reported at different levels of aggregation; and (iv) some of the reports inaccurately capturing specific transactions as the framework was not designed for them.

The compliance cost study pointed to ‘familiarisation with the requirements’ as one of the most important drivers of one-off costs in most sectors, along with investments in IT infrastructure. The latter is because the significant amount of data required can only be dealt with by sufficiently advanced IT systems, and costly external service providers are sometimes needed. Supervisors on the other hand — in particular NCAs — mention the sheer volume of data being reported (particularly in the area of transaction reporting), the occasionally complicated data structure, and the multiple technical formats in which they receive the data. While the reporting of granular data is generally favoured by supervisors as it allows for a better insight into their respective sectors, it requires significant resources to process. The high flow of data requires NCAs not only to make significant investments in the development of IT systems/tools for the processing of data, but also to hire IT professionals, which — due to high demand — some NCAs (and reporting entities) are finding difficult. The complexity therefore affects not only the timely collection of data, but also their analysis.

A further aspect of the complexity of EU-level supervisory reporting requirements, pointed out primarily by supervisory authorities, is the distribution of EU-level supervisory reporting requirements between Level 1 and Level 2 legislation. As explained in Section 5.1, Level 1 legislation sets out a high-level framework for the requirements, while the details — including the form, content, format, frequency, etc. — of the reports are defined by the ESAs at Level 2. However, concerns have been raised that in some cases Level 1 legislation is too prescriptive 168 . Some 'prescriptive' rules may be unintentional, but others may have been introduced for political reasons during the negotiation or adoption process. This reduces the ability of the ESAs to define the reporting requirements to best reflect the supervisors’ needs (and supervised entities’ standard practices) and to adapt them as these needs or the market conditions change. The result is that either the reporting requirements are not entirely suited to the data needs, or complex workarounds need to be developed, which significantly increases the burden for both the reporting entities and the supervisors 169 . Some supervisors have also noted that the Level 2 process may not be suitable to set supervisory reporting, and that a more flexible (but binding) legal instrument may be needed to set reporting requirements at the level of the ESAs.

Moreover, industry stakeholders consider that there are simply too many requirements, with too many data fields and too many templates spread across too many legislative acts. They argue that the set-up of requirements is suboptimal, and that given the large volume of relevant legal text and accompanying guidelines and the way the requirements are drafted, it can be difficult for reporting entities to identify which data requirements apply to them. In their view, the same information could be gathered with fewer, simpler requirements if the reporting frameworks were better aligned. It should be noted that this view is not shared by the supervisors, as they argue that, in principle, all of the reporting requirements serve their purpose and are therefore necessary — and that granular data may in fact be less costly to provide than data aggregations. Nonetheless, some supervisors have suggested that there may be possibilities to reduce the data flow without eliminating necessary requirements.

A related concern is that the proportionality of EU-level supervisory reporting requirements is not systematically ensured. In other words, the requirements do not adequately reflect the different levels of systemic importance of the various financial sector entities and products being supervised or the specific characteristics of the different markets. For example, reporting entities mentioned that solo-level reporting under CRR/CRD IV is unnecessary for smaller, non-complex financial institutions. Quarterly reporting for smaller institutions under FINREP was also put in question. Finally, some NCAs argued that EMIR reporting was designed for markets with big volumes of derivatives transactions and is therefore less appropriate for smaller markets. Nonetheless, as noted also in Section 5.4., proportionality is already embedded in certain reporting frameworks 170 , and further proportionality measures have been introduced in recent initiatives.

Moreover, certain decisions on what needs to be reported are taken at the request of certain national supervisors in order to fulfil their needs, rather than for pure efficiency reasons (e.g. solo-level reporting under CRR/CRD IV, where host country supervisors wish to have access to local information). As indicated in Section 2.3, efforts on a range of issues are being or have already been made in certain frameworks to reduce the reporting burden. Nonetheless, the proportionality of supervisory reporting requirements remains a concern, especially for smaller and less complex financial sector entities.

Some requirements appear to be redundant and could potentially be eliminated without a loss in data for the supervisors. For example, data is sometimes required to be reported at the wrong level, in an inappropriate form or at an excessive level of granularity. Similarly, the data required is sometimes immaterial or irrelevant to the supervisory authorities’ responsibilities. Finally, the required information can at times be easily constructed using data reported under other frameworks. Examples include the obligation to report certain short selling data under SSR (i.e. certain net short positions) and under MiFIR — which are seen as providing limited information to the supervisors and are challenging to calculate — or the submission of semi-annual reports under UCITS.

Some supervisory authorities also mentioned as superfluous the need to report individual transactions under EMIR, as they consider the requirements under MiFIR to be more appropriate for this purpose. Some also consider that the high level of granularity of COREP and FINREP reports produce unnecessary data. However, some supervisors insisted on the importance of this data. It was also pointed out that the detailed data reflect the underlying substantive requirements with which the reporting entities have to comply (and provide proof of compliance). There may therefore be scope for simplifying specific requirements or reporting templates, thereby increasing efficiency. However, views on which data elements are actually needed for supervisory purposes and which are redundant differ significantly among the supervisors. Importantly, some NCAs noted that even where data is not currently used, this does not mean that it will not be used in the future. This suggests a need for further analysis 171 .

EU-level reporting requirements are often difficult to understand. This is partly due to numerous cross-references between different reporting frameworks but, as argued by stakeholders, also because the different frameworks (including the underlying Level 1 acts) do not always use consistent definitions (see also Section 6.4) and the definitions which are used are not always clear. In addition, certain definitions are left to the interpretation of national competent authorities. This means that reporting entities spend significant time and effort on trying to understand what exactly needs to be reported and how, and to verify whether similar-looking reporting requirements are requesting (exactly) the same data — and if not, on trying to identify the precise differences. The overall result is uncertainty in the supervisory reporting process, with reporting entities often needing to guess the intention of the regulator. In this context, industry stakeholders also raised concerns about the lengthy process of Q&As, as they consider that delays in the ESA's answers to questions hinder efforts to reduce the uncertainty.

A related issue is that EU supervisory reporting requirements do not make sufficient use of (international) standards, commonly used formats and identifiers. Where these are not specified in EU legislation, different versions (in particular formats) are sometimes used by supervisory authorities in different Member States. Reporting entities need to fulfil these different requirements, which implies greater costs and burdens and a higher possibility of errors. Even when they are specified in EU legislation, the use of standards, formats, and identifiers is not always consistent. Although some legislative frameworks impose standards, formats, and identifiers, they sometimes differ from the ones already specified elsewhere. Other legislative acts merely recommend them or make them optional. Inconsistent standards and formats also make it difficult for supervisors to aggregate or link the reported data. A more detailed assessment on the divergent requirements in terms of standards, formats, and identifiers is provided in Section 6.4 ‘Coherence’. Finally, some reporting frameworks — and in particular ad hoc requests — often make use of older file formats like Excel and PDF. This does not reflect recent technological developments and negatively impacts efficiency, among others by hampering greater automation.

A further challenge arises when data needs to be reported to different supervisors. While this is not necessarily a problem in itself, in practice it can become a problem due to the lack of common definitions and the differing standards, formats (both modelling and file formats), and identifiers mentioned above. As a result, reporting entities need to support different standards, formats, and identifiers, and either need to translate/map between them — often using costly and highly burdensome manual processes — or they have to create similar reports with the same information, thereby duplicating work and incurring additional costs.

Related to the issues of a large number of requirements and redundant requirements, very many reporting entities claim that the lack of alignment between the different legislative frameworks means that there are numerous overlaps between the supervisory reporting requirements which these contain. Supervisory authorities do not fully agree with this claim. They argue that while reporting requirements do sometimes overlap (e.g. requirements in the ITS on resolution reporting), frequently they only appear to overlap but are in fact used for different purposes and therefore the data need to be reported more than once in different forms. As described in more detail in Section 6.4 ‘Coherence’, the in-depth analysis conducted as part of this fitness check suggests that there are very few direct overlaps in terms of data points and such overlaps mainly apply to transaction reporting.

Another challenge is that supervisory authorities (both at EU and national level) do not cooperate or share data with each other enough 172 . This sometimes leads them to create new, parallel reporting processes or to initiate ad hoc requests for additional information from reporting entities even if that data or very similar data with the same information content has already been reported elsewhere 173 . This results in reporting entities having to potentially report the same or similar data several times to a number of different supervisory authorities. The same data being requested twice may not actually be burdensome — especially when processes are automated, but it becomes more problematic when the data is similar but not quite the same.

Reporting entities argue that ad hoc requests cannot adequately be planned for and therefore prepared for, and point out that they hardly ever include technical specifications on the form of the data or the method of its transfer 174 . Consequently, ad hoc requests cannot usually be incorporated into the reporting entities’ internal business and IT systems and can therefore be very challenging to comply with, especially considering the complexity and frequency of such requests 175 . Reporting entities suggest that greater sharing of data between supervisory authorities would help eliminate a number of existing supervisory reporting requirements, both at EU and national level, and reduce the need for ad hoc requests.

However, as already discussed in Section 6.1 on ‘Effectiveness’, supervisory authorities feel very strongly about the need for ad hoc requirements, as this is the only way they can request data in crisis situations or where the EU-level reporting requirements have not yet been amended to reflect any new supervisory needs. Nonetheless, while ad hoc requests cannot be eliminated entirely, there appears to be room for improvement in how they are managed and used, as also argued by some supervisors.

This in turn is linked to the issue of harmonisation in financial services legislation. Reporting entities, in particular those operating in different countries and across borders, argued that the greater the level of harmonisation in supervisory reporting requirements, the easier and less costly it is for them to comply. Although increasingly taking the form of directly applicable regulations that thrive for maximum harmonisation, EU financial services legislation still mostly makes use of directives and is based on minimum harmonisation. Furthermore, even when regulations are used, there are still a few instances when Member States are allowed to diverge from or go beyond their requirements. This means that the implementation at Member State-level can, and frequently does, diverge. In the case of minimum harmonisation directives, the divergence can potentially be quite significant. This obviously greatly complicates the situation for the reporting entities and diminishes the cost saving benefits of the replacement (or harmonisation) of national supervisory reporting requirements with EU-level requirements 176 . This is further discussed in Sections 6.4 ‘Coherence’ and 6.5 ‘EU value added’.

Reporting entities are subject to additional or more detailed requirements than what is defined in the EU legislation, contrary to its objective of, in principle, harmonising requirements. While there was some disagreement between stakeholders as to the existence and to the level of such ‘gold-plating’ in specific Member States, even if it exists in only a few Member States shows that it is an issue, especially for reporting entities that are active in several national markets. The existence of additional national reporting requirements magnifies the problem of insufficient harmonisation and diminishes the cost saving benefits of having harmonised supervisory reporting requirements at EU level. As well as the previously mentioned lack of harmonisation of requirements it also contributes to stakeholders' perception of the high costs and complexity of requirements mentioned earlier in this section. Further information is provided in Section 6.5 ‘EU value added’.

Despite the legislator's consultation policies, reporting entities feel they are not always adequately consulted during the drafting of reporting requirements, especially when not enough time is set aside for it in the legislative process. Moreover, overly frequent changes can lead to what reporting entities refer to as ‘consultation overload’, which can adversely affect these entities’ ability to provide effective feedback to consultations. As a result, the requirements may on occasion unnecessarily deviate from the entities’ internal business processes, thereby imposing additional compliance costs 177 . Moreover, insufficient ex ante consultation of financial service providers prior to the development of EU-level supervisory reporting requirements sometimes leads to situations where the requested data is not readily or easily available in the form in which it is to be reported. This requires reporting entities to undertake significant (and often manual) data processing efforts to collect or prepare the required data, which, in addition to not being efficient, can also lead to errors.

The assessment also identified issues with the validation of the reported data, which is a process at the level of supervisors that aims to ensure data quality. Reporting entities argue that some validation rules result in too many error messages, that there are wrong references in the validation checks, or that there is insufficient feedback on the reasons for rejections. One example provided is the case of rejections in AIFMD reports due to insignificant rounding errors in the totals. Stakeholders suggest that some validation rules are simply too strict and result in rejections for very minor errors or discrepancies. They argue that validation rules may therefore need to be more thoroughly tested and subject to more extensive consultations before being implemented. They should also be used in a way that reflects the materiality of any errors or discrepancies, i.e. they should be used more strictly where the risk is higher. Differences in data validation rules as applied in different Member States and between reporting frameworks were also mentioned as a concern 178 . All these factors contribute to a high level of uncertainty and therefore an additional burden for reporting entities who may need to clean their data (possibly manually), sometimes unnecessarily, or with insufficient feedback as to the errors. This may also lower the data quality for supervisors requiring extra validation work.

Another issue which appears to cause a significant burden is the lack of stability in the requirements, i.e. the large number and frequency of modifications. In this respect, EMIR was singled out as the most challenging, as it has brought forward changes requiring major IT updates every year since 2014 179 . However, a number of other recent modifications were also mentioned, including modifications to FINREP and COREP reporting standards and to CRR/CRD IV and BRRD/SRMR Level 1 legislation 180 . Recent initiatives (see Section 2.3) will bring further changes to the requirements.

Linked to this, reporting entities complain that they are given insufficient time to implement new or modified requirements. Similarly, the ESAs argue that they do not have enough time under Level 1 legislation to implement requirements or to develop sound requirements at Level 2. For example, the final MiFIR RTS/ITS were only available 2 months before entering into force, and Solvency II consortium reporting also had a short implementation deadline. MiFID II/MiFIR implementation was delayed by one year, as ESMA and the industry would not have had sufficient time to set up the necessary IT systems. Changes are one of the key sources of reporting burden for both groups of stakeholders. Frequent changes to the reporting requirements require constant updates to existing IT systems and hamper the introduction of cost mitigation measures through the consolidation of such efforts. In their contributions to the compliance cost study, some banks indicated that even fairly minor modifications to their IT systems can take up to 18 months to implement. NCAs argue that such frequent modifications, aside from creating capacity issues, make it more complex and time-consuming to determine and analyse longer time series data. Implementing those changes at short notice can be difficult, costly, and time-consuming, and can reduce data quality. This will lead to a decrease in supervisors’ efficiency as they will first need to resolve any such data quality issues, which raises the question of whether a rapid roll-out ultimately holds any benefits.

EU-level supervisors are well aware of these issues. They have pointed out that the frequent changes over recent years — in particular in new legislation — are due on the one hand to the relative novelty of many such requirements (as already discussed in Section 6.1 on Effectiveness) and the resulting learning curve, and on the other hand to the limited amount of time provided in Level 1 for setting out the requirements. This has meant that at times the first versions of supervisory reporting requirements for some reporting frameworks were not as detailed as they should have been, with the ESAs aiming to develop them further at a later stage. As these requirements are developed further, the frequency of changes can be expected to drop somewhat. Nonetheless, should the deadlines for implementation remain insufficient, any modifications of the requirements at Level 1 may continue to cause problems with developing requirements at Level 2. Finally, frequent changes to the data validation rules were also raised as a concern, as they impose additional costs given that a high number of releases often require human intervention and impede automation.

Reporting entities raised concerns about too frequent reporting and the fact that frequencies differ and reporting deadlines are not always coordinated across supervisory reporting frameworks and often do not fit well with other reporting requirements, such as the publication of annual or quarterly financial results. In terms of excessively frequent reporting, several reporting entities gave the example of quarterly reporting under CRR/CRD IV which cannot be waived for smaller firms, unlike quarterly reporting under Solvency II. This view is not shared by all the supervisors, most of whom argue that the reporting frequency is appropriate for their information needs and that there is little scope to reduce it. Some supervisors also argued that the reporting frequency has to be consistent with the substantive requirements on solvency or liquidity that must be complied with continuously 181 . As regards different deadlines between frameworks, the overlap of fourth-quarter and annual reporting under Solvency II was mentioned as problematic. Reporting entities also noted the differences in the regimes for transaction reporting, with data required to be transmitted as soon as possible (within 15 minutes), some in the early morning of the next day (T+1 at 7am), some the day after at the close of business (T+1 at 5pm).

Finally, it was argued that EU-level supervisory reporting requirements — and EU legislation more broadly — are currently not ‘IT ready’. In other words, they are not set up in a way that allows stakeholders to fully use the latest IT technologies and tools for EU-level supervisory reporting. The financial services industry has seen drastic technology-led changes over the past few years, becoming increasingly digitalised and data-driven. To be effective, supervision must keep pace with the developments in the financial services sector. While the number and granularity of EU-level supervisory reporting requirements have increased significantly over the past few years, reflecting the increasingly complex nature of global financial services, and the volume of reported information continues to increase, the way the data is provided to supervisors and processed by them has not followed technological changes closely enough.

This was confirmed in the open public consultation, where 50% of all respondents considered that supervisory reporting requirements are not very well adapted to developments in the fields of modern information and communication technologies (ICT) and digital processes, while only 23% of respondents felt that they are fairly well adapted. It was often stressed that while automated approaches are essential to meet the reporting obligations given the large amount of data, and reporting entities already use IT tools and processes as much as possible 182 , the reporting process still requires frequent manual adjustments and/or inputs. This negatively impacts the efficiency of supervisory reporting at EU level, in that it hampers its full automation and prevents supervisors from using the very latest processing tools and analytical methods, (e.g. big data). The relevance of EU supervisory requirements in the light of technological changes is further discussed in Section 6.3 ‘Relevance’.

6.2.3Costs versus benefits of EU-level supervisory reporting

As shown is Section 5.4, supervisory reporting at EU level generates significant one-off and ongoing costs to both reporting entities and supervisory authorities. As with the introduction of any such system, some of these costs are unavoidable. Another part of Section 5.4 and Section 6.1 on effectiveness clearly show that EU-level supervisory reporting also generates very significant benefits. Therefore, the evidence on costs and lack of quantitative evidence on benefits do not necessarily call into question the need for supervisory reporting. The feedback from all groups of stakeholders points to the contrary, that the supervisory reporting is necessary for a well-functioning financial system. Nonetheless, the numerous challenges with the current EU-level supervisory reporting requirements identified by stakeholders and presented in the previous section suggest that there are opportunities for reducing these costs. As such, this fitness check cannot provide a comparative comparison of costs and benefits, but concludes that although EU-level supervisory reporting is justified, the requirements and the way they are implemented and work in practice are not as efficient as they could be.

Also, while the introduction of EU-level supervisory reporting requirements has increased the efficiency of supervisory reporting at EU level by replacing many national systems with a single EU system, this benefit has not been maximised due to the numerous issues with the current interplay of EU and national-level reporting requirements. This is discussed further in Sections 6.4 and 6.5.

Finally, although consumers and their representatives have given limited input to the consultation activities, it is clear that the costs and benefits are not spread evenly across the different stakeholder groups. For instance, while the costs are mostly borne by supervisors and reporting entities, other groups benefit from supervisory reporting, for instance consumers and investors, and society as a whole thanks to a better functioning EU financial system.

6.2.4Scope for increasing the efficiency of EU-level supervisory reporting

The results of the analysis suggest that there is scope for reducing the costs and burdens of EU-level supervisory reporting while ensuring that supervisors continue to receive the right data, at the right time, and of the right quality to enable them to carry out their statutory obligations. The analysis has identified a range of issues that lead to unnecessary costs and therefore reduce the efficiency of current EU-level supervisory reporting. Although further analysis would be needed as to the feasibility and impact, addressing these issues should help reduce the cost and complexity of reporting and processing the data, and therefore increase the efficiency of supervisory reporting at EU level.

Given the lack of detailed quantitative information on the benefits and costs of EU-level supervisory reporting, it is very difficult to estimate the potential efficiency gains of addressing these issues. However, the compliance cost study can give a general indication. The study has identified significant compliance costs associated with supervisory reporting. It has also shown that the main one-off cost items are the investment to update IT systems, project management costs, familiarisation with requirements and other related staff costs. For ongoing costs, on the other hand, the main categories are data collection, data processing and validation, information storage, and IT maintenance costs. Taken together, the costs are significant, suggesting room for potential cost savings.

The analysis has also shown that many of the problem areas are closely interlinked and in some cases the resolution of one issue depends on, or is affected by what is done (and how) to address another. In some cases, a single set of actions may help address several issues at once. Moreover, stakeholders, both from the industry and the supervisors, were virtually unanimous in requesting that any changes to EU-level supervisory reporting requirements should be better planned, better coordinated, take place less frequently and with adequate implementation timelines. Subsequently, any action to increase the efficiency of EU-level supervisory reporting should address the identified issues coherently and comprehensively, on the basis of close interaction between the co-legislators, the supervisory authorities, and the industry. This means moving towards a more mature, stable governance system. While this may be complex and require time and effort, there is a very clear call from all groups of stakeholders to take such an approach when developing EU-level supervisory reporting requirements.

6.3Relevance

This section evaluates the alignment of the reporting objectives described in the intervention logic. It first examines whether the original objectives were appropriate. It then goes on to examine whether they are still appropriate in light of potentially changing needs, and therefore whether the action as set out in the intervention logic in Section 2.4 continues to be justified at EU level. Finally, it examines whether technical aspects of the reporting process are still relevant, particularly in light of ICT developments.

6.3.1 Relevance of the objectives of EU supervisory reporting

The pieces of legislation setting out the reporting requirements for the fitness check apply to different sectors, and pursue different objectives. Reporting requirements - in terms of information and data content that must be provided to the supervisory authorities - reflect the objectives of a particular piece of sectoral legislation. As explained in Section 2.4, isolating the specific objectives of supervisory reporting from the objectives of a particular legislation is not straightforward, and the specific objectives of supervisory reporting are not systematically defined in the legislation. Rather, reporting requirements are often ancillary to the substantive requirements of the legislation, with the objectives defined implicitly.

The main common objective of supervisory reporting is to provide supervisors at EU and national level with relevant, reliable, timely and comparable information that they need to fulfil their supervisory functions and thereby help achieve the wider regulatory objectives of financial stability, market integrity and consumer/investor protection.

The analysis concludes that supervisory reporting, is generally appropriate for meeting the original needs. EU and national supervisors need the right information from the supervised entities to fulfil their supervisory function. Supervisory reporting requirements introduced in the different pieces of legislation after the financial crisis allowed supervisors to carry out their tasks, namely: (i) supervising and enforcing compliance with the rules; (ii) monitoring risks in the EU financial system; (iii) promoting supervisory convergence in the EU single market for financial services; and (iv) helping design and (re)calibrate regulation and detailed technical standards.

In addition to the observed improvements in the functioning of the financial system and its supervision since the crisis, the following evidence from supervisors indicates that the objectives of EU supervisory reporting have proven to be appropriate for the supervisory needs:

·In the targeted consultation, NCAs confirmed that EU supervisory reporting requirements introduced since the financial crisis improved their ability to fulfil their statutory tasks and mandates, such as supervising entities.

·NCAs stated that the new supervisory reporting requirements provide more granular and standardised qualitative and quantitative data, which ultimately improved their ability to fulfil their supervisory tasks.

·NCAs specifically mentioned significant improvements in the monitoring of systemic risks, the interconnectedness of the financial system, and the developments that may pose a risk to financial stability. Supervisory reporting also improved market surveillance and monitoring developments in business models, financial positions, exposures and risks over time. Several NCAs mentioned the benefits of better understanding the products available or how the industry operates in general. NCAs confirmed that the current reporting regimes are also a valuable tool for protecting consumers and investors. NCAs also reported using the data to support their policy work.

Industry stakeholders also do not question the need for EU supervisory reporting per se.

Concluding that the objective of EU supervisory reporting has been appropriate for supervisory needs does not mean, however, that each and every single reporting requirement is (still) necessary. A reporting requirement can cease to be necessary either because the objective it fulfils is not relevant or because it does not fulfil the objective effectively, efficiently and with sufficient EU added value — even though the objective itself remains highly relevant. Assessing each and every individual supervisory requirement and its content according to the above mentioned criteria is outside the scope of this fitness check and would instead fall under the reviews and evaluations of the specific pieces of sectoral legislation. Nevertheless, the respective sections of this document provide a general assessment of the need for the reporting requirements based on their effectiveness, efficiency and EU added value.

6.3.2 Relevance of objectives in light of changing needs

The regulatory framework put in place after the financial crisis, and the wider market developments, have significantly changed the financial services landscape over the last 10 years. For example, banks have significantly improved their balance sheet and funding resilience, and reduced their involvement in certain complex activities. Many banks have reduced their exposure to capital markets activity such as trading and market making, and recent observations suggest a reduction in the interconnectedness between banks 183 , with lower interbank exposures, especially cross-border.

Nonetheless, due to the evolving nature of systemic risks, there is still a need for surveillance - particularly in certain key areas, such as the impact of shifting activities to the non-bank sector and the rise of Fintech. This includes monitoring CCPs’ resilience, liquidity risks associated with the growing size of portfolios of asset managers and new asset classes introduced by Fintech innovation. Supervisors and authorities need to monitor the adjustment, assessing any risks that may emerge, while they should also play a role in facilitating the process by removing impediments where necessary.

Despite the various changes in the landscape, the main supervisory reporting objectives remain relevant overall, and collecting data is still essential for supervisors to fulfil their mandate.

However, due to the evolving landscape data needs are changing and as such specific supervisory reporting requirements are not always systematically aligned with the data supervisors need at any given time. As the market evolves, new risks emerge and the importance of some risks increases or decreases, which creates the need for new requirements (e.g. sustainability-related data, such as exposures to climate and other sustainability-related financial risks, or data on crypto assets positions), or for changes to existing requirements (e.g. a new interest rates benchmark index or new underlying assets for a derivative instrument), and for a review of the continued need for specific requirements that were important in the past (e.g. highly granular sovereign debt exposures). To implement the necessary changes with a high degree of legal certainty, the Level 2 (and potentially Level 1) legislation needs to be revised.

As the adoption of Level 1 and Level 2 legislation is a rather lengthy process that takes several months to complete, supervisors turn to non-legislative alternatives that allow the reporting to keep up with market developments (e.g. guidelines). However, this comes at the expense of legal certainty. There is currently no legal instrument that would resolve this trade-off between flexibility and legal certainty. Both ESMA and EBA have called for dedicated and appropriate legal instrument for reporting rules and instructions that would provide both legal certainty to market participants and the necessary flexibility for supervisors to adopt the relevant reporting requirements as required, in light of changing market practices or other supervisory needs 184 .

Supervisors also sometimes use ad hoc data requests to promptly adapt reporting to changing needs.

As explained in Section 6.2, frequent changes in requirements entail costs, and therefore need to be weighed against the benefits of these changes in terms of better data access and full alignment between the required data and the data received at any point in time.

6.3.3 Relevance in light of technological developments

While the objectives of the reporting requirements remain highly relevant, the way the data is provided to supervisors and processed by them has not followed technological changes close enough. This was confirmed in the open public consultation, where 50% of respondents, including those from public authorities, considered that supervisory reporting requirements are not very well adapted to developments in modern information and communication technologies (ICT) and digital processes.

The new reporting requirements reflect the increasingly complex nature of financial services. The volume of information needed to monitor and evaluate regulatory compliance continues to increase in line with the introduction of new financial instruments and new types of market participants entering the market. The speed at which the information is obtained and processed can also be critical in certain areas.

The current approach to designing reporting requirements entails the creation of reporting templates tailored to a particular legislation and supervisor. This results in a multitude of reporting data flows that contain similar information in varying forms and formats (discussed in detail in Section 6.4). On the supervisors’ side the data is therefore difficult to reuse, reconcile and/or aggregate. On the reporting entities' side the multiple reporting streams create unnecessary burden (discussed in detail in Section 6.2). Several stakeholders questioned the relevance of the template-based approach when designing reporting requirements, considering the technological solutions that are available.

Regulatory technology (RegTech), is a new field in the finance industry with the potential to help financial service providers to manage compliance tasks, including reporting, through an automated process. Supervisory technology (SupTech), on the other hand, refers to technologies used by supervisory agencies themselves 185 . Regulators and supervisors, alongside the industry, are working on solutions to adapt supervisory reporting requirements to take advantage of the latest advances in these fields.

Centralised structures that will act as both a common database of reported granular data and a repository of the interpretation of reporting rules in a format that is readable by computers are currently being considered by both EU and national-level supervisors. These would remove the template-based reporting design and should help remove any gaps between the supervisors’ intents and the reporting entities' understanding. This would result in standardised information of better quality that is easier to manage and process.

The innovations mentioned above should have a profound impact on the efficiency and effectiveness of reporting without altering the relevance of the reporting objectives.

There are also changes being proposed that could remove the need for supervisory reporting as such. Reporting entities currently actively send data to supervisors – a push approach. Alternatives to this process proposed by industry stakeholders include providing supervisors access to the reporting entities’ databases – a pull approach – and/or using distributed ledger technologies (DLT) to make the information available to the supervisors.

Although direct access to the reporting entities’ data would effectively eliminate reporting requirements and therefore significantly reduce the administrative burden on the reporting entities, it would entail costs for the supervisors who would need to develop IT infrastructure to retrieve the information from the reporting entities’ systems and transform (filter, aggregate, etc.) it to suit their supervisory needs. These tasks would be further complicated by the fact that the structure of internal data kept by reporting entities is not standardised. Furthermore, the responsibility for the accuracy of the obtained information would be unclear, and the reconciliation process would not be straightforward and would likely require the reporting entities to duplicate the information transformation internally. Therefore, at present, it does not seem feasible to replace the current (‘push’) approach to supervisory reporting.

In the public consultation, a few stakeholders proposed using DLT to meet supervisory reporting requirements, though they did not provide specific details on the scope of application or the technical implementation. The Commission carried out an internal study on DLT technologies 186  which concluded that no existing blockchain or DLT project is capable of serving the technical needs of supervisory reporting at this point. DLT-based supervision would require fundamental changes to the financial system and governing legislation that are unlikely to be completed in the near future. 187

The rapid technological progress in recent years brought promising RegTech and SupTech solutions which have the potential to profoundly reshape and improve supervision. Deploying such solutions and harnessing their potential requires legal and regulatory clarity, suitable IT infrastructures and standardised data structures. While progress is rapid, there are currently no comprehensive alternatives that could entirely replace reporting while continuing to provide supervisors with the information that enables them to fulfil their supervisory duties. Hence, supervisory reporting remains relevant for the time being.

6.4Coherence

A key aspect of a comprehensive evaluation of the supervisory reporting frameworks is to assess the coherence of the applicable requirements. The coherence analysis is of particular importance in this subject field as the reporting requirements were individually drawn up, contained in their own respective legislative frameworks, despite a high degree of interactions between some of them. While efforts were made to align requirements where appropriate, in the wake of the financial crisis the emphasis was laid on rapidly changing the applicable rulesets to address the regulatory shortcomings identified. Ensuring fully consistent reporting requirements, especially across frameworks, was often secondary to this process. This situation has improved over time, with a range of reviews and Level 2 modifications addressing a number of problems related to coherence identified in recent years.

The most appropriate starting point to assess coherence is to assess the current requirements from the perspective of reporting entities. Since reporting entities need to comply with the various reporting requirements, they need to face and address any inconsistencies in their day-to-day compliance work. At the same time, the analysis also takes into account the input provided by supervisors who receive and use the data on a day-to-day basis to carry out their supervisory functions.

It should be noted that certain perceived inconsistencies actually do not exist on closer inspection of the technical specifications, or have been put in place deliberately. Minor differences in the reporting fields, formats or procedures may in fact be intentional given that the requirements in question pursue specific regulatory objectives. The responses to the public consultation and further engagement with stakeholders clearly demonstrate this rift in perception between reporting entities and supervisors. As such, an identified inconsistency may not necessarily merit potential future amendments. Each identified issue would also first need to be analysed against the underlying reason for applying the current setup.

Most reporting entities need to comply with requirements under multiple frameworks. In particular, various transactions and position reporting obligations apply in addition to the sectoral, entity-based requirements. Market participants such as banks, insurers or asset managers need to meet these obligations whenever they engage in transactions falling within the scope of the respective frameworks. Part of the analysis therefore assesses whether there are situations where similar or the same data is reported in a different form, format or level of aggregation. It also tries to identify any overlapping requirements across or within the different transaction reporting regimes.

Although the focus is on the coherence of EU supervisory reporting requirements, from the perspective of reporting entities inconsistencies can arise from the interplay of national and EU-level requirements (also discussed in Section 6.5 under ‘EU value added’) as well as from the coexistence of other reporting frameworks, such as the statistical reporting frameworks operated by the ECB. These are touched upon but not assessed in detail.

The result of the assessment of coherence crucially also impacts on other parts of the fitness check, in particular the assessment of efficiency and, to a lesser extent, effectiveness. Inconsistent requirements will inevitably reduce the efficiency of reporting. In most cases, inconsistent requirements will increase the compliance costs faced by reporting entities. This is particularly true in the initial implementation phase of new or amended reporting regimes. It will require reporting processes to be micro-tailored to the reporting regime or respective reporting channels within a framework. This requires increased efforts and time by the compliance and IT divisions, which will have significant cost implications, not only in the setup of these systems but also for maintenance (i.e. variable costs over time). The same also applies to supervisors and their internal data handling and analytical processes.

A lack of coherence can likewise reduce the effectiveness of reporting. This is particularly true where such inconsistencies create obstacles to or, in the worst case, prevent the merging and cross-analysis of data across reporting frameworks. While the reported data may effectively meet the specific regulatory objective attached to the framework, it significantly reduces the usability of reported data for supervisory purposes and its overall informational value. In a few cases, inconsistencies even within single frameworks may lead to situations where the specific regulatory objectives are not, or not fully, met.

This section examines: the inconsistencies between EU supervisory reporting frameworks (Section 6.4.1); the existence of overlapping requirements where data is reported multiple times (Section 6.4.2); the underlying drivers of inconsistencies (Section 6.4.3); and the coherence between EU supervisory reporting and other reporting frameworks (Section 6.4.4).

6.4.1.Inconsistencies between EU supervisory reporting frameworks

This part of the assessment is sub-divided into sections dealing with individual aspects of coherence, specifically (i) scope and content, (ii) definitions, (iii) timing and frequency, (iv) reporting standards, formats and identifiers, and (v) reporting processes.

Scope and content

The scope and content of the reporting frameworks analysed varies greatly. This is due to each framework addressing specific sectors and activities. As such, the reporting requirements faced by an insurer will be very different to those applying to a bank, asset manager or other investment firm. This discrepancy is inevitable and intended, given that entities pursue dissimilar activities and present different risk factors. Moreover, the underlying regulatory frameworks pursue different objectives in terms of reporting.

At the general level, EU supervisory reporting is broadly coherent in that it reflects the structure of the legislative framework governing EU financial services and targets reporting entities active in different sectors and pursuing different activities. However, at the detailed level, various inconsistencies are observed. These inconsistencies are the focus of this section. They are presented from the perspective of reporting entities in different sectors, including banking, insurance, asset management and financial markets (focusing in particular on transaction reporting). Overall, the issue of a lack of coherence between EU supervisory reporting frameworks is most prominent in financial transaction reporting.

Banking

The core supervisory reporting requirements in the banking sector are rooted in CRR/CRD IV. While the overall framework mandates the reporting of a large amount of data points, it is broadly consistent in itself, owing also to the templates and data point model developed by the EBA in technical standards. Moreover, it generally takes a maximum harmonisation approach, thus reducing the scope for divergences at Member State level. Minor differences in a few data fields were nonetheless identified, such as their precise formatting, prescribed methodology (e.g. for purpose of aggregation) and validation rules. Although national options have been increasingly restricted as part of the harmonisation efforts undertaken under the Banking Union, there are also still issues that give rise to an unnecessary compliance burden.

The main inconsistencies in this sector, as confirmed by stakeholders, relate to the different approaches taken for supervisory reporting under the CRR/CRD IV framework versus reporting for the purpose of recovery and resolution under the BRRD. Problems were identified particularly in the reporting of similar (but not identical) data. For example, the reporting on the minimum required eligible liabilities (MREL) under the BRRD overlap with some COREP/FINREP requirements under the CRR. The frameworks are, however, not fully aligned regarding the reporting approach, thus adding to entities’ reporting burden. Likewise, the data required by the SRB for calculating contributions to the Single Resolution Fund are similar to what is already available to supervisory authorities given COREP/FINREP requirements 188 . The other example provided is that banks likewise have to report their leverage ratio in different ways. However, resolution reporting is relatively recent, and steps are being taken to address these issues and improve consistency (see also Section 2.3 and Annex 4.2) while also recognising that the objectives and data needs for supervisors and resolution authorities are different.

There are also inconsistencies and duplicate reporting between supervisory (and resolution) reporting under CRR/CRD IV (BRRD) and reporting for statistical purposes under the ECB's AnaCredit, MFI Interest Rate Statistics (MIR Statistics) and Balance Sheet Items (BSI) reporting frameworks. These latter frameworks are not in the scope of the fitness check but nonetheless need to be mentioned to the extent that stakeholders raised issues during the consultation process. It was found that there are several overlaps that require banks to report certain data elements several times. While the duplication of reporting requirements can indicate a lack of coherence in itself, the key issue is in fact that these regimes do not always require the reporting of the exact same data but often show minor variations. This is the case with FINREP solo reporting and ECB BSI statistical reporting. Both frameworks require detailed information on balance sheet items at a solo level. However, the specific reporting fields and breakdowns required are not fully aligned. This requires banks to maintain separate reporting systems in order to tailor the reported values in line with the detailed requirements under the two frameworks. While many of these items are similar, they are not identical and thus imply the implementation of separate internal data processing and modulation systems. However, due to their different purpose and methodological approaches 189 it is not easy to reconcile the FINREP and BSI requirements, even on a solo level.

This issue similarly exists with national reporting requirements, which are either not aligned with EU requirements or go beyond them. While the CRR/CRD IV package implemented closely harmonised reporting requirements, this has not necessarily resulted in national legislators and supervisors abandoning their prior reporting regimes. While these frameworks again do not officially fall into the scope of the analysis, it was found that additional national-based reporting requirements apply in most Member States. This is the case even though NCAs also collect and have access to the data collected under the harmonised EU regimes. Coherence problems arise in this area since the national requirements are often differently framed in terms of scope and content. Especially problematic is the lack of full harmonisation in the EU of accounting rules, i.e. the application of different accounting rules (IFRS vs national GAAP) at the EU level and across Member States 190 . This fundamental divergence in Member State approaches prevents the CRR/CRD IV from reaching its full intended impact. Such an approach implies that banks need to collect and maintain two different sets of data, even though the informational content is essentially the same. Other examples include the application of different methodologies for calculating reportable figures or requiring data which is not required under the EU harmonised regime.

Insurance

At EU level, reporting requirements for insurers are predominately contained within Solvency II. Coherence between reporting frameworks is therefore less of an issue for insurance companies. This is also evidenced in the concerns raised by stakeholders from the insurance sector during the various consultation activities, which almost all referred to issues specific to Solvency II (see also Annex 4.2 for the overview).

Solvency II sets out harmonised requirements. Nonetheless, a similar issue exists in this field as in the banking sector in terms of divergences at national level. There are small variations in the interpretation of requirements by national supervisors and thereby the way that they are imposed in practice. This issue is being addressed by the common EIOPA taxonomy. Currently, however, certain inconsistencies remain. In addition, there is fragmentation at national level over applicable exemptions or reduced reporting requirements. Solvency II provides the option for national supervisors to tailor the applicable reporting requirements to make them more proportionate for smaller insurance companies. While designed to make the reporting framework more efficient, this optionality in terms of national transposition can create inconsistent requirements for insurers across Member States. This is not only because not all Member States make use of this option but also because the extent to which limitations or exemptions are granted differ from one Member State to another. As a result, insurers need to meet different requirements depending on the Member State in which they are incorporated. Although this has a limited impact on insurers that are active in only one Member State, it can be burdensome for insurance groups that operate locally authorised entities in multiple countries.

Moreover, as already mentioned in Section 6.2 on efficiency, reporting entities regularly face ad hoc requests at national level which are not standardised across Member States. In the insurance sector, concerns about ad hoc requests mainly focus on stress testing, i.e. an area where comparability of data across Member States is crucial for accurately assessing cross-border financial stability risks.

On inconsistencies across EU frameworks, the main issue noted by a few insurance groups is inconsistencies across the Solvency II and FICOD regimes. Financial conglomerates report the information once as an insurance group and again as a financial conglomerate group. Inconsistencies relate in particular to the reporting of intra-group transactions and risk concentrations. The ESAs have very recently launched a consultation on this matter with a view to developing a single framework of requirements 191 .

Other than this, various inconsistencies between Solvency II and other reporting frameworks (statistical reporting and public reporting) were noted, as well as a number of issues specific to Solvency II. For example, the financial stability reporting carried out by insurers contains the similar data already reported under Solvency II. These two reports, however, have to be submitted at different times, meaning that insurers need to carry out calculations and checks twice. There are also overlaps between the information provided in annual reports and other reports submitted to NCAs, such as the Solvency and Financial Condition Report (SFCR) and the Regular Supervisory Report (RSR). In particular, information on the organisation of the reporting insurer and its group structure, risk management and governance need to be submitted multiple times. Likewise, accounting data is captured twice, in the annual report and under solvency requirements. Several overlaps were also identified within the Quantitative Reporting Templates (QRTs). For example, information on premiums and payments has to be reported in four different sections of the QRT 192 . 

Asset management

Within asset management, the key pieces of EU legislation are the UCITS and AIFM Directives applicable to collective investment schemes and alternative investment funds (hedge funds, private equity funds, real estate funds, etc.), respectively. As directives, both legislative acts provide Member States with a certain degree of freedom in transposing them into national law. While this provides for a more flexible regulatory approach which takes into account national differences, it has also led to fragmented supervisory reporting requirements. Both reporting regimes show a range of such fragmentation issues. The AIFMD provides a much more harmonised regime than UCITS. While the AIFMD stipulates a harmonised data collection framework at the European level via the NCAs that report to ESMA, reporting under the UCITS Directive remains predominately at the discretion of national competent authorities 193 . As a result, reporting for UCITS funds can vary from one Member State to another.

Under the AIFMD, fragmentation issues are more specific to certain subsets of reporting. For example, the risk profile section 194 is not standardised, with different calculation methodologies applying for figures such as Net Equity Delta, Net DV01 or Net CS01. Furthermore, several Member States apply additional reporting obligations at national level that are more granular that those envisaged under the AIFMD. Such supplementary reportable data includes metrics concerning the funds' portfolio composition in terms of financial instrument (usually on ISIN basis), geographical focus, and the investment strategy or risk profile of the fund as a whole.

Beyond issues of national fragmentation, there are also certain inconsistencies with other EU reporting frameworks which are outside the scope of this fitness check but which interact with those under UCITS and the AIFMD. There are currently a few overlapping reporting obligations, especially for AIFs. These include in particular reporting under the Money Market Fund Regulation 195 as well as the data collected under the ECB's investment fund statistics for monetary statistical purposes. Both frameworks cover a range of metrics that AIFs are already required to report under the AIFMD. For some of these calculation methodologies vary, which means that the data need to be tailored to fit the respective framework.

Financial markets and transaction reporting

The area where stakeholders raised most concerns about lack of coherence is financial transaction reporting, with the main frameworks being EMIR, MiFIR, SFTR and REMIT.

Transactions in financial instruments often fall within the scope of more than one EU supervisory reporting framework. In principle, there are provisions in place to prevent duplicate reporting across the frameworks. In practice, however, the legal provisions in place do not effectively address the existing overlaps — and in a number of cases appear to miss the true nature of the problem. While MiFIR Article 26(7)(7) specifies that trades do not need to be reported under MiFIR if reported under EMIR, a further provision stipulates that this exemption is valid only if the EMIR transaction report contains the same details as required under MiFIR. However, since the two reporting regimes are designed for substantially different objectives (market integrity and financial stability, respectively), the data to be reported is by definition different and hence the reports will never be fully aligned in terms of their content. As such, the trade still needs to be reported twice, although some of the data elements reported are similar.

The REMIT regime similarly lays down that transactions do not need to be reported if already reported under EMIR. However, EMIR requires end-of-day transaction reporting while REMIT asks for market transactions. The relevant transaction reports are therefore not identical in most cases, meaning that the envisioned relief is often not noticeable.

This experience has been taken on board in the development of the SFTR reporting regime. While total return swaps would usually need to be reported under both SFTR and EMIR, it is explicitly stipulated that only the EMIR reporting applies for these instruments. The precise phrasing of this provision exhaustively clarifies the scope in this regard, instead of referring to re-reporting of data if already captured. As such, this provision should meet its aim of avoiding double reporting under both regimes. Overlaps with other regimes are also avoided given the different scope of the legislative frameworks.

The analysis across the respective regimes has demonstrated that a limited number of inconsistencies do occur across these reporting frameworks in terms of the content, format, modelling and conditionality of fields (see also Annex 4.2). One of the less disruptive types of discrepancies concerns cases where a certain reporting field is mandatory in one framework but conditional or optional in another. Such conditionality can be easily integrated into automated internal reporting processes and only requires minor changes in the setup of systems. Similarly, there are cases where the labels of the same reporting field in terms of content across the frameworks do not match. Although not ideal, such discrepancies will lead only to a minor additional compliance burden. It should be noted, however, that such inconsistencies may also be a burden for supervisors as they present an obstacle for cross-framework data analyses.

Significantly more burdensome are inconsistencies in content. On the one hand, this will typically require an adjustment in the reporting process within the reporting entity. On the other, it may severely limit the analytical capacity of supervisors when trying to merge or cross-analyse data sets under different frameworks. Additional processes will be required to first clean and then align the data. Further types of inconsistencies are modelling discrepancies. In these cases, the frameworks are not aligned in terms of the setup of the applicable reporting fields, while the informational content overlaps. There are only two occurrences of this sort described in Annex 4.2. Together with content inconsistencies, this type of inconsistency is the most burdensome issue for reporting entities as the reported data needs to be re-modulated to fit each framework. If other inconsistencies are present, especially in content, additional efforts are required (see Annex 4.2 for details).

Definitions

The consistency assessment of definitions used is by virtue closely related to the content and format of reportable data. Depending on the field descriptions and Level 3 guidance provided, the definition of terms may be inherently linked to certain consistency issues such as the ones described in the previous subsection. For example, a certain data field may carry a reference to a term that is not consistently defined across different pieces of legislation. This will lead to different data being reported under the frameworks. It is often not clear whether such circumstances constitute more of an issue of incoherent definition(s) or incoherent reportable content. Deviating definitions can cause other inconsistencies since they are key determinants of reporting obligations, especially their scope and/or required data element(s). In general, having unclear, differing or even conflicting definitions will lead to an additional compliance burden for both reporting entities and supervisors, especially during the implementation phases of new reporting frameworks.

The current landscape of EU reporting frameworks exhibits a range of non-aligned definitions, often stemming from the fact that the underlying legislation was developed for different purposes. In the banking field, inconsistent reporting concept definitions exist, for example for counterparty, exposure classification or resolution consolidation rules. In some cases there are more than two diverging definitions of essentially the same underlying term. This was identified to be the case, for instance, across FINREP and non-performing loan tables. The terms 'default', 'impaired' and 'stage 3' all refer to very similar situations whereby the borrower is unable to service the loan. Such definitional inconsistencies also relate back to the Level 1 text rather than stem from the actual templates or tables.

There are also concrete cases of definitional inconsistencies within the transaction reporting field. For example, the concept of 'traded on a trading venue' (TOTV) is not defined within MiFIR and is therefore unclear to some extent with regard to OTC trades 196 . At the cut-off date of the analysis, there were also diverging interpretations by NCAs over the definition of FX spot and FX forward within MiFIR. The definition was not fully clear about the time lag to delivery under which an FX trade could still be considered spot. This issue was at the time partially resolved by ESMA, which provided further Level-3 guidance on the interpretation of the provision. While helpful, it did not fully address the issue as Level-3 guidance is technically not legally binding. To achieve this, the clarification would need to be raised to Level 2 197 . Likewise, the definition of 'entering into transaction' in EMIR differs from the meaning in REMIT. The latter refers to entering into a transaction in ‘wholesale energy markets’ and not to being counterparty to a contract. The definition of ‘delivery point or zone’ across these two frameworks is also not aligned. Differences in this data field might, however, be justified given the specifics of non-derivative energy transactions. Similarly, the definition of 'financial counterparty' excludes CCPs under EMIR while they are explicitly included under SFTR.

In the reporting frameworks relating to asset management the key issue once again arises from the fact that UCITS and AIFMD both take the form of directives which do not fully harmonise all definitions and reporting items. Given the drafting of the Level-1 and -2 legal texts, both reporting frameworks require further guidance on the reporting obligations (see ESMA Guidelines 198 ). Despite these efforts, some minor deviations in definitions or their interpretation remain across Member States, depending on the respective transposing legislation. It was also noted by some supervisors that the definitions for individual fields leave much discretion to AIFMs on underlying methodology and assumptions. This results in poor consistency across the same fields reported by different managers, for example on concepts such as assets under management (AuM) and reported gross/commitment leverage calculations.

In the insurance sector, the analysis did not point to any definitional inconsistencies. It should be noted, however, that a limited number of definitions of the same terms will vary when comparing them across other non-insurance frameworks. This can be particularly burdensome for entities that have additional non-insurance activities, especially large banks that also operate an insurance division. For most insurers, however, it is the consistency within the sector-specific legislation (especially Solvency II) that matters.

Inconsistencies in wording

Besides definitional inconsistencies, a lack of consistency in wording can also be observed. Linguistic inconsistency does not change the content of the reporting requirements and is less significant in impact than definitional inconsistencies. However, it contributes to a lack of clarity and may also hamper any potential application of machine learning techniques that could be used for future extraction of reporting requirements. Examples include:

·The concept of reporting certain data annually is expressed in multiple ways, including: ‘on annual basis’, ‘at least every year’, ‘at least annually’, ‘at least once a year’, ‘at least once every 12 months’, ‘each year’, ‘on a regular basis and not less than once a year’, ‘regular basis and at least annually’, ‘Regularly, and at least once a year’.

·The concept of ‘semi-annual’ can also be found in the legal acts occurring as ‘biannual’, ‘every six months’, ‘twice per year’, ‘twice a year’, ‘half-yearly’, ‘at least once every 6 months’.

·Sometimes reporting entities are obliged to ‘submit’ data, sometimes to ‘report’, other times to ‘provide’ or to 'send'.

In the review of reporting obligations, a number of other types of inconsistencies were also noted. These concerned, for example, how the tables and templates are structured in different frameworks (or where some requirements are presented as a list in text format although it could be presented as a structured data table). They also concerned the level of detail provided (e.g. the detailed metadata attributes are provided in the Level-2 texts in some frameworks but not others).

Timing and frequency

A further area where inconsistencies is the timing and frequency of reporting. This aspect is mainly an issue in banking- and insurance-related reporting as well as, to a lesser extent, asset management. While there is a range of inconsistencies also in the transaction reporting field, they do not create a significant additional compliance burden on either reporting entities or supervisors. The details of a transaction will remain the same regardless of when it is reported. As such, the reportable data will not change 199 . Minor additional burdens may however arise from the fact that different timelines imply that reporting entities will need to keep track of the various obligations and prescribed timing in order to comply.

The situation is very different in the other subsectors, as a large degree of requested data relates to positions and exposures. Depending on the activities of the reporting entity, these figures will change on a daily basis. If data is reported at different times under the respectively applicable regimes, this implies the duplication of data cleaning and verification processes.

Under Solvency II, for example, different deadlines apply to a range of reports that request mainly the same content. This includes inconsistencies such as mandating the submission of Q4 reports at a different time from the annual reports. Equally, the reporting deadline for local summary reports is earlier than for Solvency II reports. These issues have already been registered during the roll-out of Solvency II with a view to addressing them in the review to be carried out in 2020 (see Annex 4.2 for this).

Similar cases exist in the banking sector. Differences in timing are particularly prevalent across EU and national reporting frameworks. Minor issues also exist regarding CRR/CRD reporting and the ECB statistical reporting frameworks. Here efforts are already being undertaken to address the outstanding problems. A further issue relates to changing submission requirements. This is particularly the case for the SRB’s reporting requirements, which have seen multiple iterations of changes to the resolution field. Each time the approach is amended, banks need to change and align internal reporting processes and procedures.

The key issue noted by stakeholders in the banking sector relates to ad hoc requests. Every year, a number of ad hoc information requests are sent to banks from both national and European supervisors. These requests tend to target different banks and different aspects of their operations. As ad hoc requests, they will be issued at frequencies unforeseeable to reporting entities. In effect, these requests tend to give rise to a high degree of manual input. Stakeholders in the banking sector highlighted that at times extremely short deadlines further aggravate the compliance burden. Often such ad hoc requests mark the beginning of the development of a more structured regular reporting process. They are issued because new information that is currently not available to supervisors needs to be gathered quickly to ensure effective supervision. A recent example is the collection of NPL data via ad hoc requests, which will be formalised under a revised version of FINREP 200 . However, it often remains unclear to banks whether setting up a new internal reporting mechanism to meet ad hoc requests is warranted. Improved communication of future supervisory intentions may thus be merited. Ensuring that ad hoc requirements adhere to certain standard rules and formats, at least to the extent possible, would also help to limit compliance burdens.

Standards, formats, and identifiers

The supervisory reporting frameworks analysed pursue a variety of different objectives and therefore differ significantly in terms of scope and content. Nevertheless, supervisors ideally want to be able to draw from, combine and cross-analyse data reported under the respective frameworks in order to gain a more accurate and detailed picture of the state of the market and the actors involved. While the structure of reporting is bound to differ depending on the regulatory objectives pursued by each framework, this goal can nonetheless be achieved provided that the representation of data elements is harmonised 201 . A key factor that facilitates the move towards a fully aligned data representation is the application of common standards, formats and identifiers. This ensures that there is consensus on the representation and meaning of the data elements involved. On the one hand, this enables supervisors to merge and cross-examine datasets, at least to a certain extent 202 . On the other hand, it lowers the cost of compliance for reporting entities as they do not need to convert or reformat data elements to match a different representation methodology. Overall, it facilitates the multi-use of reported data and constitutes a prerequisite for a potential future move to reporting data only once, to be used for multiple purposes.

When comparing the different frameworks, it is immediately evident that there are significant differences in the respective approaches. Table 6.1 below provides an overview of the data modelling standards and reporting formats under the different reporting frameworks, based on the detailed data mapping conducted by the external contractor.

Table 6.1: Overview of standards and formats

Source: DG FISMA elaboration based on BR-AG study.

Note: i) Unlocked machine-readable format; ii) Custom schemas provided by the Agency for the Cooperation of Energy Regulators (ACER). DPM: Data Point Modelling; XBRL: Extensible Business Reporting Language; XML: Extensible Markup Language; XSD: XML Schema Definition;

In terms of data modelling, the large majority of frameworks analysed apply either the Data Point Modelling (DPM) or ISO 20022 203 standard. Both of these apply a single standardisation approach in terms of methodology, process and repository. Each standard holds certain benefits and drawbacks which make them more or less suitable for reporting certain data. The ISO 20022 standard is generally applied where the framework mandates a significant or high amount of reports and messages, as is the case under transaction reporting regimes such as MiFIR or EMIR. It is particularly suitable in this context as it concretely defines messaging concepts, which enables reporting entities to automate the reporting process to a large extent 204 . In addition, it allows for the development and easy inclusion of new messaging types if required. The DPM approach, on the other hand, employs a higher degree of abstraction and also sets out hierarchies, dimensions and links. This facilitates the analysis of large balance-sheet type datasets, within which reported figures are closely interrelated. It is adopted as the data modelling standard in CRR and Solvency II reporting. 

While each of these standards is appropriate for application in their respective fields, there are issues when trying to combine data reported under DPM and ISO 20022. These issues result in particular from the fact that each standard applies its own dictionary. As a result, certain definitions of data elements are non-aligned 205 . It should be noted, however, that it is theoretically possible to map one standard onto the other. To accurately and fully carry out such mapping, consensus is needed above all on the dictionary/definitions used 206 . These problems are significantly greater still when comparing DPM or ISO 20022 against XSD or the schemata applied by ACER under REMIT. On the latter, it should be noted that ACER also accepts reports compiled under the EMIR and MiFIR frameworks, meaning that they currently face two different standards in their database. This may present significant hurdles in their analytical approaches. Lastly, some reporting frameworks (e.g. SSR, UCITS Directive) do not apply any data modelling standard, which prevents any potential modelling approach that may allow at least a limited merging and cross-analysis of data.

Of equally high importance are the types of reporting or messaging formats that are accepted by the respective regimes. As shown in Table 6.1, reporting entities are required to submit the reports in one of several available formats (XBRL, XML, PDF, XLS, etc.).

For the two main prudential reporting frameworks (CRR and Solvency II), reporting based on XBRL, the international standard for business reporting, is now the norm. While a few stakeholders noted that the implementation has been costly, it has allowed significant data efficiencies and allowed high levels of automation, especially where the whole flow of data from reporting entity to NCA to EU authority is based on the same XBRL artefacts. While on the insurance side all 28 NCAs have adopted the EIOPA XBRL taxonomy, on the banking side reporting by banks to the national authority does not always follow XBRL. As summarised in more detail in Annex 3.3, a small number of NCAs adopted other formats for prudential reporting, for example to make concessions for smaller banks or to allow additional validations. Current technical system limitations were also noted that did not yet allow the NCA to take full advantage of EBA's XBRL taxonomy, but investments were underway to allow XBRL reporting in the short term.

More generally, reporting formats are not fully harmonised within or between reporting frameworks. For example, different reports are provided through various formats e.g. Excel spreadsheet, XBRL, text file and XML, which makes managing the reports more difficult for both the reporting entities and the supervisors receiving the data. Some stakeholders have therefore called for greater harmonisation of these standards and formats, including consistent empowerment of the ESAs to set them (see also Section 6.4.3). The assessment confirms that there is a case for exploring this further.

Table 6.2: Overview of referenced identifiers

Source: DG FISMA elaboration based on BR-AG study.

Note: i) Reuters Instrument Code (RIC) and Wertpapierkennnummer (WKN); ii) Alternative Instrument Identifier (AII), EIC (Energy Identification Code); iii) Nomenclature of Territorial Units for Statistics (NUTS), Value Added Tax (VAT) code; iv) EIC, Global Location Number (GLN).

* BIC is no longer permissible within the framework of EMIR (since October 2017) and MiFID II/MiFIR (since November 2017).

Lastly, Table 6.2 provides an overview of different identifiers referenced in the various legislative frameworks. Table 6.2 includes a wide variety of commonly used or well-known identifiers, including those used for identifying financial products, trading venues or markets, legal entities, financial transactions, etc. For some of these areas, more than one such identifier exists, and Table 6.2 aims to give an idea of the use of these identifiers in EU legislation. As can be seen in the table, a large number of identifiers apply, two of which are referenced in the majority of frameworks, namely the International Securities Identification Number (ISIN) and the Legal Entity Identifier (LEI). The way in which the identifiers are referenced differs, e.g. in terms of whether their use and reporting are mandatory or not.

During the consultation, stakeholders specifically referred to the LEI as a positive example of an international standard, defined in ISO standard 17442, which can bring significant benefits and efficiencies for reporting entities and supervisors. Once issued, the same LEI can be reused in a variety of supervisory reports. Information associated with each LEI is freely available on a daily basis on the Global LEI Foundation (GLEIF) website. Thus, granular information reported by entities identified by LEIs (e.g. counterparties reporting derivatives transactions under EMIR) can be linked with the underlying reference data and merged with other datasets. In this way, large datasets can be processed quickly. This represents a significant improvement over having to match information on counterparties contained in different datasets, conducting additional quality checks and maintaining this information over time.

Standards for identifying simple concepts, such as currencies, country codes, sectors, dates and times, etc., have already proven invaluable and now standards for identifying more complex concepts are undergoing a process of harmonisation which promises to deliver great benefits. For instance, the European Commission and other European authorities are participating in international work to define a standard for a Unique Transaction Identifier (UTI) and Unique Product Identifier (UPI).

However, the respective pieces of EU sectoral legislation do not all explicitly refer to the relevant existing international data standards, such as the LEI, ISO 10962 Classification of Financial Instruments (CFI), ISO 6166 ISIN, and the UTI and UPI once these two identifiers are developed and implemented. There is therefore scope for increasing the use of international standards.

For example, while provisions under relevant EU financial market regulations (MiFID II/MiFIR, EMIR, SFTR, CSDR and CRAR) now envisage the use of LEIs for different types of entities (trading venues, investment firms, CCPs, CSDs, CRAs, rated entities and issuers, settlement internalisers, counterparties involved in financial transactions, among others), this is not the case for relevant entities in the investment funds market. Neither the AIFMD nor the UCITS Directive obliges entities to obtain the LEI. The AIFMD reporting framework stipulates that AIFs need to report their fund identifier code. Where available, this should include the corresponding LEI code 218 . However, some stakeholders (mainly among supervisors) have pointed to the non-mandatory nature of reporting an LEI code as a key data gap (see Section 6.1).

Equally, the mandatory use of other international identifiers and classification taxonomy could be explored to foster harmonisation of the relevant data. Like the LEI, these identifiers have the potential to reduce the amount of supervisory reporting, not least by removing the need to report separately the reference data which these identifiers contain (see Section 6.4.2 below on overlaps). Their introduction may also render some of the older identifiers redundant.

Reporting processes

As described in Section 5.2, the individual reporting regimes take broadly different approaches on the applicable reporting channel (or channels). Many of the main frameworks follow the sequential approach (e.g. CRR/CRD IV, Solvency II, AIFMD and UCITS) where the data is reported to the NCAs and then on to the European authorities.

A large majority of NCAs consider this model to be particularly effective. It was noted that the increased knowledge of and proximity to the reporting entities tends to have positive impacts on data quality. More timely access to data furthermore allows NCAs to react more promptly to any adverse developments. Potential downsides however include issues of fragmentation (where reporting is not fully harmonised) and related issues of data sharing and comparability across Member States. Even under frameworks such as MiFIR, which applies a closely harmonised approach, there can be differences in the reporting setup across Member States. For example, NCAs’ validation systems may operate slightly differently and apply different conditions 219 . This was particularly the case in the early phase of application where it could happen that the same report was accepted in one Member State but rejected in another. This can lead to additional burdens, especially for conglomerates whose sub-entities pursue reportable activities across multiple jurisdictions, as the data needs to be tailored to meet the different validation requirements of each system.

Regimes such as MiFIR also enable reporting entities to outsource the reporting function to a third party (via an 'Approved Reporting Mechanism' (ARM) or the trading venue where the transaction is executed). Under EMIR and SFTR, transaction data is also reported to a third party, namely the trade repositories which act as storage facilities and hold certain responsibilities for reconciling the reported data. The data collected by TRs is made accessible to ESAs and NCAs as well as certain other institutions.

The TR approach was developed with a view to generating competition between TRs that should help to minimise the costs of reporting. In practice, however, the TR approach under EMIR initially led to significant problems in data quality and reconcilability across TRs. The different TRs did not apply consistent formats, thus making transaction data reconciliation highly complex and very time-consuming. The ESAs and NCAs were essentially facing data silos that were not suitable for gathering intelligence on, and analysing systemic risks arising from, the overall cross-exposures and interconnections in derivative markets. This was subsequently resolved with the introduction of TRACE, which aligned the formats in which TRs provide data to supervisors and resolved the silo issue by establishing a single access point through which supervisors can access the data. The recently adopted EMIR Refit initiative (see Section 2.3) attempts to address the issue of diverging formats for reporting to TRs by providing ESMA with a mandate to harmonise TR formats. Nonetheless, it may still take a considerable amount of time before the revised RTS/ITS are developed and become applicable.

Each of these reporting setups has certain merits but also disadvantages. They were developed with a view to pursuing the specific regulatory objectives most effectively. Whether this fully justifies the significant discrepancies across the frameworks cannot be answered conclusively. What is ultimately important is that supervisors receive all the required data in high quality and in a timely fashion.

It is clear, however, that differences in the reporting channels can add to the compliance burden of reporting entities. This is particularly the case where frameworks and individual data fields show overlaps, and where different data flows go hand in hand with inconsistent definitions, standards and formats. Also, the agencies and data infrastructure operators do not necessarily apply the same validation rules for the same data fields. This leads to increased complexity and costs as reporting entities may need to re-modulate their data for their reports to be accepted under each of the respective regimes. Different approaches also apply to late reporting or misreporting. While ACER offers the possibility to open a contingency plan in such cases different rules apply for late or missing reports under MiFIR, EMIR and SFTR. These differences arise due to the different primary legislation mandates provided to ACER and ESMA respectively.

Overall, the lack of consistent reporting channels is not an issue in itself. For the reporting entities it ultimately does not matter where the reportable data needs to be sent to, as long as the process is clearly defined. Likewise, the supervisors' main interest lies only in receiving high-quality data in a timely fashion. As long as the reporting channel facilitates this, there are no major issues that arise from it. What gives rise to unnecessary compliance burdens is the application of different formats, standards, methodologies or validation and data preparation rules. Provided that these aspects are all fully aligned, there would be a negligible impact of different reporting channels on reporting entities.

Supervisors on the other hand may still face issues stemming from the lack of coherent reporting channels. These issues however pertain more to limitations on the accessibility of data and impediments to data sharing across supervisors and reporting frameworks (i.e. supervisors do not receive or do not have access to all the data that they would like to). NCAs and ESAs generally receive all the data they need to carry out their supervisory functions according to the respective frameworks (for specific data gaps identified see Section 6.1). There can be issues, however, where there are no mandatory data-sharing arrangements (often these are subject to specific conditions) with supervisors other than the one(s) receiving the data according to the framework in question. This can affect in particular host NCAs, where data is only received by the home NCA of the supervised entity. The analysis has shown that there are significant discrepancies in when and how data is shared across NCAs. Anecdotal evidence from supervisors indicates that these issues arise mainly due to lack of trust in the other NCAs’ data protection means. At times, these can be overcome by personal contacts between colleagues across the NCAs. Increased efforts and more far-reaching data-sharing mandates could address these problems with relative ease. Such data-sharing agreements are lacking not only at the European level but often also across the different national authorities. In some cases, this is the justification put forward by NCAs for requesting data that has already been reported under another regime (see Annex 3.3).

6.4.2.Overlaps in reporting frameworks and potential means to streamline reporting

The various reporting regimes currently in place draw upon a large amount of data in each of their respective sub-fields. Each of the reporting processes places a compliance burden on reporting entities, both in the initial setup of systems and during their operation in terms of data processing and cleaning as well as maintenance of systems. As mentioned in previous sections, one of the main claims put forward by reporting entities both in the Call for Evidence and the fitness check public consultation is that there are significant overlaps in reportable data. The general claim made is that, in effect, many data elements could be deleted or even whole reporting regimes abandoned without a loss in the level of information available to supervisors. In most circumstances, such claims were heavily disputed by ESAs and NCAs. Most supervisors articulated the view that all data elements are required in order for them to carry out their supervisory activities effectively. On the contrary, it was often argued that additional data elements are needed in certain regimes to gain more complete insights into the activities pursued by financial-sector entities.

To assess the validity of claims of data overlaps, the external contractor conducting the detailed data-mapping exercise also provided an analysis of such overlaps. The study approached the question of cross-framework reporting overlaps from two different but complementary sides. One side of the project carried out an analysis of the level of reporting obligations ('top-down' approach) while the other compared the individual data points (‘bottom-up’ approach). A key challenge in this analysis was that there is no common practice of describing and encoding the required data. The information requirements range from basic business logs to abstract data models. The different approaches to representing structured data, e.g. as a list, table or simple set of descriptions, are not unified, at times even within the same legislative act. Moreover, coherence in codification of rows and columns in the tables, if applied, is usually observed only within a single act. As already explained in Section 4, it was decided to apply the DPM methodology in order to trace reporting obligation overlaps in structured information requirements. For the purposes of the assessment, a single and consistent DPM was developed as a merger of EBA and EIOPA DPMs, and enriched later with concepts necessary to reflect other, not DPM-based, reporting frameworks.

The analysis showed that there are 11 pairs of frameworks with reporting obligation overlaps. However, the extent of these overlaps fall well short of the claims put forward by reporting entities that there are a substantial number of overlaps. Overall, only 160 data point overlaps were identified out of a total of 72,643 data points that were in the scope of the analysis (see Chart 6.2 and Table 6.3). Furthermore, 118 of the overlaps identified relate to contextual or reference data that is necessarily required under each framework, such as identifiers or data which could easily be mapped to external data sources (e.g. price currency). Overlaps in identifier fields, in particular, should not be viewed as negative or burdensome requirements as they are easily filled and can facilitate the matching and aggregation of data across frameworks. When excluding these types of overlaps, the total number of overlapping data points falls to 42, a number and proportion (less than 0.06%) that is negligible compared to the overall number of data points reported.

Chart 6.2: The number of pairs of cells where the same data points are required under overlapping supervisory reporting obligations (per pair of frameworks)

Source: Data mapping conducted by BR-AG on behalf of the European Commission.

Table 6.3: The results of the overlap analysis represented in terms of the number and percentage of data points per framework

Source: Data mapping conducted by BR-AG on behalf of the European Commission.

It should be noted, however, that the result of such an analysis crucially depends on the definition of an 'overlap'. The analysis carried out applied a narrow definition. To be classified as an overlap, the respective data point pair needed to represent a perfect match in terms of content 220 . The analysis did not take account of data points that are very similar but not identical. Applying a wider definition of what constitutes an overlap could significantly increase the total. It should be noted, however, that a wider definition would also move the analysis towards identifying inconsistencies rather than real overlaps in the precise data points that are reported.

When reporting entities refer to 'high degrees of overlaps between frameworks', it appears that their definition is less narrow and also includes similar data points. For instance, reporting entities are sometimes required to submit the same value under different reporting frameworks but the information requested (i.e. data point) is not actually the same. Credit institutions, for example, need to report the value of revenue to the national central bank. At the same time, institutions are required to provide the value of revenue from the domestic market to the NCA. If a credit institution does not have revenue from foreign markets (i.e. is operating only on the domestic market), the values will be the same, despite the fact that the information requirements are different.

The detailed analysis did not cover statistical reporting frameworks or national frameworks as these lie outside the scope of the fitness check. It can be safely assumed that such an analysis would show a significantly higher number of overlaps, especially as even a range of supervisors indicated that there are overlaps between EU supervisory, statistical and national reporting frameworks. In particular, where legacy national reporting systems have been maintained there is a high likelihood that data elements will overlap. Such national regimes could potentially be reduced in scope or even abandoned completely if the data of the same informational content is already reported under one of the European regimes. Statistical frameworks, on the other hand, often apply a different level of aggregation to supervisory frameworks, meaning that data would need to be converted accordingly in order to use them across frameworks. In some circumstances, this may in fact not be possible at all.

The reduction and streamlining of national reporting requirements lies outside the remit of EU legislation. Member States and their supervisory bodies will often be reluctant to abandon their regimes. The interplay between EU and national reporting is further discussed in Section 6.5, with Annex 3.3 containing further information on the reasons provided by NCAs for maintaining additional national reporting.

Data aggregations and duplicate reporting of underlying data

Lastly, the above assessment of overlaps did not take account of data points that could be calculated on the basis of two or more other data points. This aspect would be particularly interesting to investigate further across frameworks. In principle, if the underlying granular data were reported once, it could be used for multiple purposes, including different aggregations to meet different supervisory needs.

One illustration is the reporting of positions and exposure versus those capturing individual transactions. Assuming accurate and complete transaction reporting, positions and exposures of reporting entities could, in theory, be calculated automatically provided that the position or exposure is known at some starting date.

In the absence of further detailed analysis, there is an easily identifiable key hurdle which prevents or restricts the application of such systems for the purpose of streamlining the current reporting frameworks. This constraint arises from the fact that each of the reporting frameworks was designed to meet very specific supervisory and regulatory objectives. In effect, the frameworks often do not match in terms of scope or applied concepts and definitions.

For example, it appears at first sight that MiFIR transaction reports could be used to calculate the short position of market participants and could thus serve to directly satisfy the short position reporting regime under the SSR. Provided that respective positions are reported and known at one point in time, forthcoming short and long flagged MiFIR reported transactions could be aggregated to provide the current short/long position of market participants. The scopes of the two reporting regimes differ greatly, however. While the SRR framework captures all natural persons, the transaction reporting in MiFIR is limited to investment firms 221 . As such, only a part of the SSR positions reporting framework could be covered. Moreover, the MiFIR transaction reporting regime captures all transactions throughout the intermediation chain. Both aspects give rise to significant governance issues. Given that an automatic position aggregation system of this sort would only cover part of the SSR regime, and bearing in mind that significant efforts would be needed to set up and maintain such a system, it can be expected that the complexity and costs would outweigh the benefits.

Likewise, it could be envisaged that MiFIR, EMIR and SFTR transaction reports could be used to satisfy certain exposure- or position-reporting obligations applicable to banks, insurers and asset managers. Similar to the example of MiFIR and SSR, this would require a system that automatically associates transactions with the relevant transacting party and accounts for and aggregates the relevant positions.

Although theoretically feasible, the potential for calculating positions and exposure on the basis of transaction reports faces several obstacles. Some of these are of a technical nature and may prove difficult to overcome in practice. The main problem with the combined regime envisioned lies in the IT system that would link transactions to the respective reporting entities in order to replicate the current position or exposure. This IT system and database would need to be able to process huge volumes of data. In terms of throughput, it would be required to handle several million transactions daily, amounting to terabytes of data. Experience gathered in the implementation phase of existing regimes, such as under MiFIR, have shown that even the mere storage process for data volumes of this size is challenging. This combined system would, however, not only need to store data but also to combine and merge datasets and carry out computations in order to establish current positions and exposures. Given today's IT systems, it would probably be technically possible but would also imply significant setup and maintenance costs. Maintenance and security are likely to present further obstacles. A fully centralised system of this sort would be more efficient but would also carry risks in terms of the permanence of data storage and susceptibility to cyber threats. These technical challenges should, however, become increasingly manageable in the future as IT systems and processing power develop further. Especially the development of irrefutable data storage systems, such as distributed ledger technologies, could help to overcome potential problems.

A bigger issue is the question of responsibility and liability for the computed data. In the case of flaws, would the reporting entity remain liable or would the supervisor be responsible (provided of course that the core reported data is accurate)? If any problems arose in the computational process, the supervisor could not hold the reporting entity liable. Responsibility for this part of the reporting process would lie with the supervisor. This issue is in fact the main reason why such a system is not favoured by most national and EU supervisory authorities, which instead prefer more aggregated metrics to be reported as well. Additionally, it is argued that having such metrics reported separately, even if computable on the basis of a core data set, can act as a verification tool to spot potential irregularities or discrepancies in the reported data.

Alternatively, the system could simply be offered freely to reporting entities to compute and fill data fields, but with responsibility for final checks still resting with them (i.e. final submission carried out by the reporting entity). This approach would, however, critically undermine the intention of setting it up as an automated system. If the reporting entity needs to revise all reported figures, the compliance burden would only be reduced marginally. Given the setup and operating costs of such a system, it may not be worthwhile to set it up in the first place. Additional analysis would be required to firmly assess the merits, costs and limitations of such an approach.

6.4.3.Sources of incoherence between supervisory reporting frameworks

Inconsistencies stem in large part from the way reporting requirements are defined in legislation, starting with the fact that the requirements are spread over different pieces of sectoral legislation that form the EU financial acquis. There are inconsistencies in the way legislation is structured, including the level of detail on reporting that is contained in the Level-1 text and the empowerments given to the ESAs for developing the technical standards. Also, while certain issues would have already arisen on the basis of the initial legislative proposals, there are also instances of inconsistencies being introduced during the co-legislative process. One example is when definitions are changed as a compromise or left vague because no agreement could be reached.

An often problematic aspect is that small parts of the technical specifications are covered in primary legislation while other parts are passed down to Level-2 legislation. This can give rise to problems of coherence as the split in competence may prevent the ESAs from developing fully aligned technical specifications for reporting.

The Level-2 mandates of the ESAs are not aligned across frameworks (see Table 6.4 for examples). This creates further obstacles to the effective tackling of certain issues at level 2. For example, the detailed content of a required report may fall under the mandate of the respective ESA under one framework but not the other. This implies either that the ESA ensures full alignment with the latter framework (and is thereby constrained, potentially preventing it from adopting the most effective technical provisions) or deviates from it, thereby creating inconsistencies. In certain circumstances where detailed content takes precedence, the ESA may decide to pursue the second option.

Many issues arising from inconsistent approaches, such as divergences in mandates handed to ESA or potential conflicts between teleological and literal interpretation of primary legislation which affect the drafting of secondary legislation, are often discovered only in the later implementation stages after the Level-1 text has been adopted. At this point, it is generally too late to tackle all identified issues effectively because of constraints in the text. Reporting frameworks therefore often see a substantial increase in their effectiveness and efficiency following the first legislative review, which provides an opportunity to address the issues identified.

Table 6.4: Empowerment of ESMA under various regimes 222

Source: DG FISMA elaboration.

6.4.4.Coherence of supervisory reporting requirements with other reporting and disclosure frameworks

224 225 226 227 228 The analysis carried out as part of this fitness check covers only those reporting frameworks that include supervisory reporting obligations. There is a range of other reporting and disclosure obligations contained in the EU financial services acquis which do not fall into the category of supervisory reporting. This includes in particular public reporting obligations for companies, such as those stemming from the Transparency Directive, the Accounting Directive and the International Accounting Standards (IAS) Regulation. These are the subject of a separate fitness check. In addition, there are several disclosure frameworks which act to ensure that investors receive sufficient information to base investment decisions on and to increase transparency in the costs and activities of agents acting on behalf of investors. This includes the frameworks set out in the Prospectus Regulation and the Packaged Retail and Insurance-based Investment Products (PRIIPs) Regulation, as well as best-execution reporting on MiFID/R. Moreover, there are market rules in place that stipulate a certain degree of transparency in trading intent and executed trades. This includes above all the pre- and post-trade transparency requirements in MiFID/R.

229 While these frameworks pursue broadly different objectives from supervisory reporting, there are nonetheless certain interactions regarding the reportable data. For example, the data reported publicly by listed financial institutions and corporates overlaps in part with the data reported to supervisors. While the level of granularity is substantially higher under the latter reporting regimes, both sets of data will normally be drawn from the same core datasets. Likewise, there are some key metrics relevant under the Prospectus and PRIIPS Regulation that are equally reported to supervisors. Information overlaps exist in the area of best-execution reporting and pre- and post-trade transparency requirements. The data required under these frameworks is very closely related to data reported under the transaction reporting regimes. Best-execution reporting provides clients with a detailed overview of the execution conditions of orders handled by the agent (usually a broker). Similarly, post-trade transparency requirements act as a public disclosure of trades executed. Both regimes thereby draw upon certain data elements that are also included in transaction reports. While there are equally overlaps in data with regard to pre-trade transparency, such data only captures the trading intent, i.e. it is unclear whether a transaction is actually executed on this basis. As such, the data is of less relevance in the context of transaction reporting. The data on quoting behaviour captured by pre-trade transparency requirements is, however, instrumental for supervisory processes that aim to detect market manipulation.

Beyond these frameworks, and as already noted above, there are the statistical reporting frameworks which predominantly fall under the remit of the ECB as well as national reporting frameworks. Where specific insights as to inconsistencies were found, these have been covered in the above sections.

Lastly, financial market actors including corporates also face reporting obligations in third countries, depending on their activities in those jurisdictions. As in the EU, this includes both supervisory and statistical reporting frameworks. While no detailed analysis was carried out into these frameworks, due to the broad scope and complexity of such an exercise, they capture similar data elements. Given that they broadly pursue the same regulatory and supervisory objectives, and that many reforms were agreed internationally, the data requirements will also be comparable even if the setup and specific requirements will vary. Increasing consistency at international level, especially in the use of identifiers and standards, could lead to significant reductions in overall compliance costs. It would ensure that supervisors have the same comparable data at their disposal, which would facilitate supervisory cooperation and convergence, as further discussed below.

6.5EU value added 

Supervisory reporting obligations, like all requirements linked to EU legislation, should be subject to the principle of subsidiarity, which is fundamental to the functioning of the European Union. In this regard, there is a need to demonstrate a clear case for setting reporting requirements at EU level rather than at local or national level alone. This section assesses the value added of EU supervisory reporting requirements overall. It examines the interplay between EU and national requirements and whether the level of harmonisation is adequate.

6.5.1Value added of EU-level supervisory reporting requirements

Responses to the public consultation and discussions at the stakeholder workshops showed a general acceptance of the need for supervisory reporting at EU level. Supervisory arrangements prior to the last financial crisis were primarily national-based arrangements, with insufficient cooperation and information exchange among national supervisors. However, the post-crisis measures included the creation of the European System of Financial Supervision, with the ESAs working in tandem with national supervisors and the ESRB in charge of overseeing stability in the financial system as a whole. This system can only function if data is available for the relevant authorities to fulfil their mandates — i.e. an EU system of financial supervision requires data that is comparable on an EU-wide basis.

The ESAs were established to help develop and ensure consistent application of the Single Rulebook and promote the convergence of regulatory and supervisory practices. The overarching goal was to improve the functioning of the single market in financial services and help deepen the EMU. As explained in Section 5, they develop technical standards and issue guidelines and recommendations with a view to establishing consistent, efficient and effective supervisory practices. They can take emergency actions and coordinate the response in adverse market conditions. They also undertake specific functions in relation to consumer protection and financial activities. For these and other supervisory and regulatory functions, the ESAs need access to the relevant data.

Similarly, the ESRB needs timely access to comprehensive and consistent data that encompasses the various components of the financial system so as to fulfil its broad mandate to oversee risks to financial stability in the EU financial system.

The same also applies to the functioning of the Single Supervisory Mechanism as one of the pillars of the Banking Union. This has benefited from a reporting framework defined at European level since it was set up in 2014. Such a common reporting framework makes a key contribution to building a Banking Union, reducing differences between countries and facilitating the development of pan-European banks. More generally, access to comparable data based on common reporting is needed for any supervision of activities in an integrated market, especially activities of a cross-border nature.

EU-level requirements have delivered value added by providing data to supervisors that was not previously available (e.g. reporting of derivative contracts under EMIR). They have also created new EU reporting regimes that allow for overviews of entire sectors on an EU-wide basis (e.g. AIFMD data).

In several areas, EU reporting requirements have replaced the different local approaches to reporting, leading to greater harmonisation and standardisation as well as enhancing the unique interpretation of the requirements. This has thus also reduced the overall costs of reporting. One such example is the standardisation of reporting definitions, formats and processes in MiFID II/MiFIR transaction reporting. Such uniformity of requirements allows for EU-wide software and data-warehousing solutions, ultimately lowering costs for reporting entities and creating efficiencies in the processing and analysis of the data at the level of supervisors. Another example is the ITS on supervisory reporting for banks as part of the CRR, which has been developed with the aim of further harmonising the reporting requirements for institutions across Member States and reducing the reporting burden, especially for cross-border entities. The ITS is binding and directly applicable in all EU Member States. It includes uniform formats, frequencies, dates of reporting, definitions, levels of granularity to be applied and the IT solutions to be used.

These uniform requirements reduce the reporting burden for cross-border institutions, allowing groups to establish group-wide harmonised reporting standards and processes. They also achieve greater convergence of supervisory practices and allow supervisors to assess risk consistently across the EU. This enables them to compare supervisory data more effectively and identify emerging systemic risks.

6.5.2Adequacy of harmonisation and the interplay of EU vs national requirements

While EU-level reporting obligations are needed and have clear value added, this is not to say that every reporting obligation delivers this value added over and above what could be achieved by local or national reporting. Some risks are more local, and the benefits of EU harmonised supervisory reporting are clearly stronger for cross-border groups than small reporting entities that operate only in their local markets. In the consultation and workshops many small firms, in particular in the banking sector, argued that the reporting burden for them was excessive and EU harmonised data not needed. This makes the case for proportionality in EU requirements (as also discussed in Section 6.2). However, EU-wide data is still needed for effective supervision, particularly from a systemic perspective. Also, it is far from clear that a removal of EU requirements would significantly reduce reporting costs: national supervisors still need the data and, due to the crisis, would likely have imposed additional reporting even without EU legislation requiring them to do so. The majority of NCAs stated that they need the required data for supervisory purposes, and indeed most do request data beyond the EU minimum.

There is an inherent tension between having EU-level requirements and national flexibility to deal with specific national circumstances and adopt tailor-made requirements for local markets. On balance, however, the majority of stakeholders consulted were more concerned about insufficient harmonisation (rather than excessive harmonisation). They called for further standardisation of reporting and raised concerns about inefficiencies resulting from the parallel existence of national and EU-level requirements.

6.5.3Is the level of harmonisation adequate?

A majority of respondents to the consultation consider that options left to Member States in the implementation process have increased the reporting burden, and also stated that an increased level of harmonisation could reduce costs. This view was particularly prominent among the larger reporting entities with some amount of cross-border activities, but a need for further harmonisation was also expressed by some NCAs. At the same time, however, caution was expressed. It was felt there should be further harmonisation only if proportionality is ensured, and if harmonisation takes into account existing reporting frameworks at national level and remains consistent with those frameworks in order to ensure that existing systems and processes are reused where possible.

The level of flexibility to set or adapt national reporting requirements varies significantly across frameworks. It is largest for reporting frameworks that are implemented at EU level through directives rather than directly applicable regulations. On this, stakeholders (industry and supervisory authorities) expressed particular concerns about insufficient harmonisation in the area of investment funds. They pointed to the problems this causes for entities operating across borders: whilst the AIFMD has harmonised reporting requirements to a certain extent, some areas of reporting have not been harmonised across the EU. There is national 'gold-plating' of EU minimum requirements, and reporting entities may have to calculate and report the same reporting items to different competent authorities in different ways 230 . As already noted in Section 5.1, reporting under the UCITS Directive is significantly more fragmented than under the AIFMD. The UCITS Directive only stipulates certain minimum data elements that should be covered by yearly and half-yearly reports. Further details and potential additional data elements are left to the discretion of NCAs to define and UCITS funds are often subject to national reporting requirements that are not formally set out in the EU Directive. The other area where stakeholders have raised numerous concerns is bank resolution reporting under the BRRD. Whereas the supervisory reports that banks provide under CRR are based on maximum harmonisation, this is not the case for resolution reporting. This results in differences and inconsistencies between resolution and supervisory reporting at both national and EU level 231 . 

However, concerns about insufficient harmonisation are not limited to EU directives. Many respondents also commented that regulations still provide Member States with leeway to adapt EU requirements or request additional data (see also below). Moreover, given that the detailed reporting requirements are specified by the ESAs in Level-2 documents and technical guidance, much depends on the ability of the ESAs to set those requirements. The requirements are the result of intense discussions within the ESAs, also requiring compromises among the NCAs.

Moreover, as explained in Section 5.1, an ESA's ability to determine the reporting content, formats, standards, methods, etc. depends on the powers the legislation gives them to implement it, and these differ across reporting regimes. In some cases, the ESAs are not able to prescribe the reporting details.

These difficulties are avoided when the Level-1 text sets out the goal and general content of the EU reporting requirements and grants the ESAs the necessary powers to determine the details. This concerns not only the detailed content of the data to be reported but also the standardised technical formats of the reports and the methods and arrangements for reporting. The Commission proposed such enhanced powers in the recent review of the EMIR (‘EMIR Refit’ — see Section 2.2).

Further harmonisation can also be achieved through further technical guidance. Some NCAs and industry stakeholders noted that the level of technical documentation provided by the ESAs was not always detailed enough to prevent different interpretations of the data, although equally some national authorities show reluctance to agree to modifications in such technical documentation as this may entail costs. As in other areas, there is a need for more supervisory convergence in reporting, and in coordination and cooperation between EU and national authorities.

EU value added could also be enhanced when it comes to developing IT tools needed to create databases and analyse the big volumes of data that are being made available, for example in transaction reporting. A number of sectoral regulations impose obligations to build databases on NCAs, who in turn often delegate the development of IT projects (e.g. in the case of MiFIR) to the relevant ESA (ESMA) as a centralised solution is more efficient and leads to more harmonised results. Directly empowering the relevant ESA to develop large-scale EU-wide databases and to make the data available to NCAs as necessary would avoid multiplication of individual NCAs' efforts and improve consistency.

6.5.4Coordination and review of national vs EU requirements

The adoption of EU reporting requirements does not necessarily reduce national reporting requirements. In some situations, the national requirements are maintained and institutions must comply with both national and EU requirements, increasing the overall reporting burden and adding to the perception of EU reporting being overly complex. Reporting entities have strongly criticised the fact that parallel reporting can persist even though EU-level reporting has been in force for some years, and that national authorities often ‘gold-plate’ EU requirements by going beyond the minimum required at EU level. They argue that EU-level requirements can only facilitate reporting if parallel national reporting requirements are removed, and that NCAs should be encouraged to delete national data collections when similar collections exist at EU level.

In areas where reporting follows the maximum harmonisation principle (e.g. CRR, Solvency II, MiFIR, EMIR, etc.), NCAs are not able to dispense with EU reporting requirements or add national reporting that falls within the scope of that legislation. However, there is flexibility to add national requirements that are outside the scope of the legislation. Such flexibility exists in any case in relation to reporting frameworks based on minimum harmonisation. As detailed in the summary of the targeted consultation of NCAs (see Annex 3.3), the vast majority of NCAs explained that they customise EU-level requirements and/or complement EU-level data requirements with additional national data collections. These include regular structured reporting as well as ad hoc requests.

More detail on what additional data is requested at national level is provided in Annex 3.3, but the main reasons provided by NCAs for maintaining national requirements in parallel or in addition to EU-level requirements include:

·accounting differences in countries where banks or insurers are reporting under different accounting standards (IFRS and national GAAP), with corresponding separate reporting systems and national templates for those firms reporting under national GAAP;

·country-specific supervisory needs (e.g. assessment of country-specific risks), which are used by NCAs as justification to request additional data in areas not included in EU requirements;

·continuation of time series of data for statistical purposes; and

·legacy reporting, whereby national reporting processes have not (yet) been phased out when EU requirements are implemented.

Several national banking supervisors explained that, because non-listed banks in their Member States are reporting under national GAAP rather than IFRS 232 , they have different reporting systems. They provide for national templates for banks reporting under national GAAP, with corresponding separate reporting also required at consolidated, sub-consolidated and solo level. Additional national reporting based on accounting data is also observed in the area of insurance (with the relevant supervisory authorities requiring reporting based on national GAAP in addition to the Solvency II reports). Streamlining reporting in these cases would require further harmonisation of the underlying accounting systems, for instance through mandatory reporting under IFRS by all financial entities 233 . The cost-benefit trade-off of such an alignment is not clear because of the interaction between the general purpose reporting requirements and other national legislation, such as tax reporting or company law requirements concerning the distribution of profits. This has been examined further in the European Commission's fitness check on public reporting by companies.

Regarding other cases of additional national reporting, industry stakeholders provided many examples of different reporting frameworks where national reports are maintained despite there already being extensive EU-level reporting. One example is supervisory reporting for banks. The FINREP and COREP reporting frameworks under the CRR often resulted in more detailed information being collected than the relevant NCAs had previously required for supervision. Although more detailed than before, banks noted that some NCAs still require additional information in certain areas and therefore maintain, or in some cases have enhanced, previous reporting requirements. Banks also noted that some NCAs have been slow at eliminating national returns following the introduction of FINREP and COREP. In this case, and in the case of other reporting, industry argued that national authorities should be encouraged to abolish or simplify national data collection when similar requirements already exist at EU level.

Some banking supervisors argued that national data collection was necessary in areas where they considered that FINREP or COREP reporting provided insufficiently granular or frequent information, for example on non-performing loans, liquidity, interest rate risk in the banking book, operational risk, etc. In some cases, NCAs referred to country-specific risks, e.g. high NPL ratios in the domestic banking sector or overheating real estate markets that deserved more granular or more frequent reporting on NPLs and real estate lending, respectively.

Insurance supervisors also provided different examples and reasons for maintaining national data collections. Some highlighted country-specific characteristics, e.g. specific insurance products in the national market that are less common elsewhere in the EU. Others pointed to the need for supervisors to have information about the profitability of insurers that is not available in Solvency II reports. On investment fund management, some NCAs explained their need for significantly more granular data (or different aggregations) than required, for example under AIFMD reporting. By contrast, fewer examples of reporting add-ons were provided for transaction data reporting: NCAs saw less need and/or little scope for requiring additional data at national level, noting also that there was often no legacy system in place (e.g. before EMIR).

More generally, many NCAs referred to the need to ask for additional data for statistical purposes, e.g. to complete national financial market statistics, going beyond the supervisory reporting set out in EU legislation. Reference was also made to the additional reporting needs for macro-prudential purposes and to monitor specific risks to financial stability. Some NCAs insisted that national reporting was still necessary to allow the continuation of specific data time series or better assessment of financial stability risks and macroeconomic analysis. In this context, several NCAs also highlighted the need for ad hoc reporting on specific risks, and to have flexible data collection available for NCAs to deal with country-specific data needs.

It was outside the scope of the fitness check to look at national reporting requirements in any detail or to gather an overview of what is required at national level over and above existing EU-level requirements. The ECB/SSM Simplification Group initiative aims, among other goals (see Section 2.3 for details), to create a database of all reports provided by banks in the SSM, including reports stemming from EU and national requirements under regular or ad hoc reporting. This will provide a useful overview and basis for further assessment, and may provide an impetus for further streamlining of national reporting.

Overall, national supervisors take different views on what data is needed for effective supervision, with some requiring more detailed data in certain areas than others. Specific national circumstances can explain some but not all of the differences in approach. There is a case for further coordination at national and EU level and more alignment of what data is needed for effective supervision. Further supervisory convergence, via the ESAs, is also needed in the area of reporting.

Some NCAs have reviewed or are in the process of reviewing their national reporting requirements. Several provided concrete examples of where, as a result of EU requirements, previous national data collections and data templates were discontinued (or are in the process of being discontinued) to avoid duplication or redundant data collection and thus limit the burden on supervised entities.

Further review and streamlining of national requirements is needed, as acknowledged by some NCAs. They explained that there is still some duplication of data, partly for legacy reasons, and that there is a need to take stock, drop duplicate and redundant national reporting and ensure reporting is more consistent and harmonised.

In the workshop with NCAs, some supervisors shared their national efforts to further streamline reporting requirements. This included ongoing reviews of their internal data needs; workshops with industry to identify specific areas in which to streamline national requirements; and improvements in the internal governance process at the NCA whereby new (regular or ad hoc) data requests are vetted and can be approved only after checking that the data is not already reported and assessing the burden on supervised entities. These initiatives suggest that improvements are under way and should be encouraged.

Lastly, and as already noted in Section 6.5 above, improved data-access and data-sharing arrangements across the relevant authorities at national and EU level could offer another route to further simplifying reporting, by reducing the duplication of data collection and processing by multiple authorities. Some NCAs noted that they benefit from legislation or explicit data-sharing agreements between competent authorities in the country (e.g. between prudential and market supervisors). Others, however, highlighted difficulties in sharing such information within the country and in particular on a cross-border basis. This requires them to request data directly from supervised entities even if the data has already been reported to another authority. While there are legal and regulatory barriers and data confidentiality issues, there is a case for further assessing the feasibility and implementation of such data-sharing arrangements at national and EU level.

6.5.5International coordination and harmonisation

Issues around harmonisation and standardisation of reporting do not stop at EU level but apply internationally, in particular when markets are of a global nature and firms are active at global level. Supervisors across the globe have been collecting very similar information from market participants in their respective jurisdictions, but using different standards in terms of definitions and technical formats. This increases the compliance burden for firms that have to report in different jurisdictions and creates challenges for authorities in reconciling and understanding the information reported to them. Efforts are being made in the international community to ensure greater standardisation, and the European Commission and other EU authorities are actively contributing to this international work.

Greater use of international standards is a good way to achieve further harmonisation within the EU in a manner that is consistent with practices in other jurisdictions. The development of the legal entity identifier (LEI) illustrates that global harmonisation of standards is possible. The European Commission is supporting this work stream at international level, and provisions under various EU regulations already envisage the use of the LEI to identify different types of entities (e.g. in MiFID II/MiFIR, EMIR, SFTR, CSDR and CRAR). As also suggested by a number of stakeholders, there is a case for exploring further extending this practice to the identification of entities in other legislation, such as UCITS and AIFMD. Work is also ongoing on other international identifiers, such as the unique product or trade identifiers (UPI and UTI, respectively), and these can be included in EU legislation once developed and implemented 234 . The mandatory use of other international identifiers and classification taxonomies could also be explored further to foster harmonisation of the relevant data.

Overall, there is also a case for EU authorities to continue working closely with international partners to develop standardised reporting approaches and promote greater use of international standards.

7.CONCLUSIONS 

Based on the assessment presented in the previous sections and annexes to this Staff Working Document, this section presents the conclusions on the fitness of EU supervisory reporting requirements. Although it is beyond the scope of the fitness check to provide any policy conclusions or follow-up action to take, the section highlights the main areas with potential to improve EU’s supervisory reporting for the future 235 . It focuses on the cross-cutting conclusions. Annex 4 provides a summary of sector-specific issues and references to the relevant reporting frameworks. 

7.1Conclusions on the fitness of EU supervisory reporting requirements

Overall, EU-level supervisory reporting requirements are broadly effective, highly relevant, and bring EU value added. Nonetheless, a number of issues in the development process, adoption, set-up, and implementation of these requirements limit their efficiency and coherence, and impair the quality and usability of the reported data. Specifically:

·Effectiveness: EU-level supervisory reporting requirements overall meet the objective of enabling supervisory authorities to fulfil their statutory tasks and mandates. Supervisors obtain the data they need to carry out their duties, and they use the reported data across the range of their activities on a regular basis. Data demands change over time as industry evolves and new risks emerge and need to be monitored. This justifies the need to keep some flexibility in reporting, including the option to request data on an ad hoc basis. Although data quality is generally considered adequate, there are quality issues in certain reporting frameworks, reducing the usability of the data. This is partly due to the relative newness of most supervisory reporting requirements, with improvements already noticed and further ones expected over time, but also due to some extent to their set-up and implementation. Deficiencies in firms' reporting systems and lack of resources also reduce data quality. Moreover, the supervised entities called for better feedback on the use of reported data, which could enhance the perceived legitimacy of EU-level supervisory reporting.

·Efficiency: Due to the difficulties in obtaining reliable cost estimates and the lack of means to quantify the benefits of EU supervisory reporting, it has not been possible to carry out a quantitative assessment of the efficiency of supervisory reporting at EU level. The available evidence on compliance costs, however, suggests that reporting entities spend significant financial resources to meet the current reporting requirements. These costs have increased given the more extensive reporting frameworks implemented as part of the post-crisis reforms. For the most part, the new requirements are merited as they improve supervision of the financial markets and institutions. Nevertheless, the assessment identified a number of areas where the set-up and implementation of EU-level supervisory reporting requirements generates some unnecessary costs and burden for both the reporting entities and the supervisors receiving the data. Therefore, EU-level supervisory reporting is not as efficient as it could be. Developments in technology have the potential to improve the efficiency of reporting.

·Relevance: The objective of EU-level supervisory reporting – to provide supervisors with the data they need to fulfil their functions and contribute to the wider financial stability, market integrity and investor/consumer protection objectives – remains highly relevant. However, the analysis is not able to draw a conclusion whether each and every specific requirement is (still) relevant. Data needs change over time as the market develops and risks evolve, and to ensure the continued relevance, there is a case for regularly reviewing requirements against those needs. While alternative solutions are not sufficiently advanced to replace the current reporting system on an EU-wide basis, changes to the RegTech/SupTech environment will continue to place new demands on the supervisory reporting frameworks.  

·Coherence: EU supervisory reporting frameworks are structured on a sectoral basis and fulfil different purposes and data needs. While coherent in this broad sense, the requirements were found to have a range of inconsistencies both across as well as within reporting frameworks. Many of these inconsistencies appear minor and purely technical in nature, but they nonetheless put a burden on reporting entities and supervisors. Key inconsistencies identified include fragmented requirements in terms of reportable data content, non-aligned definitions, different formats of data fields or templates and inconsistent timing of mandated reporting. The assessment did not back up the repeated claim by stakeholders that there are a significant number of duplicate requirements between different reporting frameworks, but it did identify numerous cases of broadly or very similar data being requested. Greater alignment of reporting frameworks could reduce the cost and burden associated with EU-level supervisory reporting and help increase the informational value of the reported data, as it facilitates data aggregation and cross-framework data analyses.

·EU value added: Overall, EU-level reporting requirements have clear added value by providing data to supervisors and regulators that was not available before, and enabling them to oversee entire sectors on an EU-wide basis. They also generate efficiencies in reporting and greater convergence of supervisory practices through harmonised requirements, which enables supervisors to assess risks consistently across the EU, based on comparable data. However, there are concerns about the proportionality of certain EU-level requirements for smaller firms operating in local markets. The assessment also suggests problems related to insufficient harmonisation and standardisation of supervisory reporting (within the EU and also internationally), as well as additional national reporting over and above the EU requirements.

Many of the specific issues identified in this fitness check are the subject of current (and in a few cases, already completed) legislative reviews of sectoral legislation and other initiatives to improve supervisory reporting. The work conducted for this fitness check and the input obtained from stakeholders added momentum and directly contributed to several of these initiatives. Significant efforts have therefore already been made, and continue, to streamline and simplify reporting. However, new reporting requirements have also been added to fill data gaps and improve the ability of supervisors to fulfil their supervisory duties, further increasing the reporting burden on industry.

There is no question about the need for EU supervisory reporting, especially in a world where financial services and their supervision are increasingly data-driven. Nonetheless, the assessment suggests that there is scope for simplifying and streamlining EU-level supervisory reporting, helping to reduce the cost and burden of supervisory reporting at EU level for all stakeholders and further improving the quality of data available to the supervisory authorities. This in turn would further strengthen their ability to meet their objectives of ensuring financial stability, market integrity, and investor/consumer protection. The feasibility of specific policy actions, and the costs of any required changes, would be the subject of a further assessment.

7.2Lessons learned

The following points summarise the lessons learned in this fitness check in terms of the main areas for improvement in EU supervisory reporting. These need to be understood within the above overall conclusion that EU supervisory reporting requirements are broadly fit for purpose. As noted above, sector-specific reviews and other initiatives are already ongoing or planned, and targeted policy action could be taken to improve the relevant supervisory reporting frameworks. This fitness check does not put forward proposals for action. The summary below focuses on the cross-cutting issues and areas for improvement identified.

Legislative process and instruments

·Supervisory reporting is not always sufficiently factored in when designing legislation. Past impact assessments did not systematically set out the objectives of reporting, or assessed its impacts, and instead focused mainly on substantive requirements. Supervisory reporting requirements are built on these requirements and reflect their complexity.

·In line with the Commission’s commitment to Better Regulation, there is a case for better coordination throughout all stages of the legislative process when developing EU-level supervisory reporting requirements (particularly Level 1) to improve coherence across legislation. 

·There is scope to improve the consultation process. Given the technical nature of reporting, input from the ESAs is needed consistently from the early stages and throughout the process of designing the requirements. Moreover, during the consultation process, there has not always been enough time for in-depth involvement of industry during the development of Level 2 legislation and technical standards.

·The separation of content of EU-level supervisory reporting requirements between Level 1 and Level 2 acts is not always optimal, with Level 1 legislation in some cases containing too much technical detail. This creates obstacles to adapt the requirements to changing conditions and to firmly align the technical details across legislation. A more consistent approach in setting reporting requirements in legislation would improve matters, with the general requirement and objective set out at Level 1, and clear and consistent powers given to ESAs to develop the Level 2 technical standards. 

·Given the nature of the process of adopting EU legislation, some inconsistencies affecting supervisory reporting have in some cases appeared during negotiations with co-legislators.

·Implementation timelines are not standardised and in most cases too short. Sufficient time is needed for (i) the ESAs to develop Level 2 requirements, and (ii) the reporting entities and supervisory authorities to implement new or modified requirements, which often require major system updates and adjustments. Better coordination of changes in reporting requirements in terms of timing and sequencing could reduce the burden (e.g. by facilitating batch system updates). A discussion with internal and external stakeholders could help identify the best way of achieving this.

·Industry and supervisors have called for more stability in the requirements. They have incurred costs to implement recent reforms and build systems around current requirements, which are still in the process of being changed. Any proposals to improve reporting would need to consider the costs incurred in making any envisioned changes versus the medium to long-term benefits.

Data needs and uses

·Given the instances of similar data being reported to different entities, supervisory authorities should review more extensively what data they actually need and already have access to. New data needs will emerge, and ad hoc data requests are needed to fulfil specific supervisory data needs. Similarly, redundant requirements should be dropped, where possible, and data reported elsewhere reused to the extent possible. Central data collection points could facilitate this.

·Given the volume of data provided, the industry expects to know more from supervisors on the purposes and actual use of the data. Better communication on these points could help address complaints that supervisors request data that is 'nice-to-have' as opposed to necessary and actually used. This is particularly true in the area of financial stability monitoring. Equally, it is crucial that monitoring techniques regarding market abuse and manipulation remain firmly confidential.

·A review of data use should also keep in mind the principle of proportionality, with the aim of reducing the reporting burden for smaller, less systemically important entities. Though recent initiatives have met the proportionality objective, there is a case for further review where lack of proportionality may be an issue.

·Ad hoc requests for data, though demanding of the reporting entities, are indispensable for the supervisory authorities to request data needed to carry out their duties. However, better coordination between and within authorities, and a stricter screening by supervisors of the need to launch a specific data request, could reduce the reporting burden for industry.

More consistency and greater harmonisation

·A lack of standardised definitions and terminology in EU financial services legislation reduces the clarity and legal certainty of EU supervisory reporting requirements. This applies particularly to the terminology used in the respective detailed reporting templates. The analysis suggests a need for greater standardisation and convergence in their implementation. 

·Insufficient use is made of standards, commonly accepted formats, and identifiers. Even where these are referred to in EU legislation, their use is not coordinated, meaning that reporting entities often have to support numerous standards, formats, and identifiers, and must occasionally report the reference data in parallel. Therefore there is a case for increasing the use of standards, formats, and identifiers, though a further assessment would be needed to identify the most optimal way of doing so. 

·EU-level supervisory reporting requirements for certain frameworks are in many cases not sufficiently harmonised to ensure efficient reporting. There is too much flexibility as concerns their interpretation, too many national specificities and requirements, and cases of ‘gold-plating’. Though these issues apply also to the substantive requirements, they are particularly acute in the technical domain of supervisory reporting. They also reduce the scope for the use of new ICT solutions to improve reporting.

·International efforts to harmonise supervisory reporting at global level are ongoing. The Commission participates actively in the development of global identifiers, such as the UTI and UPI and the implementation of the LEI. Work is underway to push for the global take-up of standards and identifiers. There is also scope for enhancing their use in EU legislation.

Governance

·Reporting entities currently need to report data to different entities using different processes. This gives rise to costs where they need to report similar data several times, often on the basis of slightly different requirements. There is a case for reviewing the different reporting processes, including the role of third-party intermediaries, with a view to simplifying, streamlining, and – where possible – aligning them.

·EU-level reporting requirements change frequently, often due to changes in the underlying legislation, and the changes are often not sufficiently well planned and coordinated across frameworks and authorities. Better planning and coordination of changes in reporting requirements have been called for by those who need to implement them, both reporting entities and supervisors.

·Multiple data requests also result from a lack of data sharing between authorities within and across borders. Improved data-sharing arrangements, subject to ensuring that data protection standards are met, and more generally greater cooperation between authorities could realise efficiencies and maximise the use of the data being reported.

·Many industry stakeholders have called for a ‘report-once’ system, where the reported data could be accessed and used by any of the supervisors depending on their needs. This would mean reviewing supervisors' specific data needs and their current data access rights. Common definitions and standardised formats – a ‘define once’ approach – would also be needed, while ensuring that the specific data needs of different supervisors are fulfilled. Responsibility and liability for the accuracy of the information derived from the reported data would also need to be addressed. For such a system to be fully effective, it would have to go beyond supervisory reporting and include, for example, statistical reporting in a comprehensive and integrated data approach. However, this would require an assessment of the feasibility of such a broader system from both governance and technological angles, as the EBA is currently undertaking in the area of banking.

·Stakeholders consulted during this fitness check have welcomed the opportunity to discuss supervisory reporting, and called for continued exchanges between the authorities at EU and national level, and between industry and supervisors.  Although such exchanges already take place in different forms within particular sectors (e.g. in the ESA committees), there is a need for continued dialogue and cooperation also across sectors. The Stakeholder Roundtable set up for this fitness check has provided invaluable input into the assessment, and there is a case for continued discussion and cooperation between the EU level authorities on supervisory reporting going forward.

Technology

·Though much of supervisory reporting is already automated, there is scope for achieving further efficiencies by using new ICT solutions.

·Recent developments in the fields of RegTech and SupTech are likely to have a significant impact on regulatory compliance and supervisory reporting in the near future. For the moment, EU-level supervisory reporting – and EU financial sector legislation – does not reflect or incorporate these developments. Any strategy on simplifying and streamlining EU supervisory reporting requirements would have to take these developments fully into account.

·Inconsistent definitions and insufficient standardisation of formats and processes hinder the development and application of new technologies. A common financial language (‘define once’) and further standardisation would address these issues and would also be needed for developing standardised, machine-readable and -executable reporting requirements.  

·There is a case for looking further into developing a single hub to which data could be reported, stored, and made available to other EU and national competent authorities. It is one possible technical implementation of the above mentioned ‘report-once’ system, but it could raise a number of other important issues, such as data safety and security and data governance.

ANNEX 1: PROCEDURAL INFORMATION

Lead DG: European Commission Directorate-General Financial Stability, Financial Services and Capital Markets Union, DG FISMA

Organisation

The Fitness Check Roadmap was published in October 2017 and set out the context, purpose and scope of the evaluation exercise. It also contained information on the planned open public consultation, the data collection and methodology and the links with previous Commission initiatives, such as the Call for Evidence.

The Inter-Service Steering Group (ISSG) was set up in October 2017 and gathered representatives from the Commission's Secretariat General and Joint Research Centre, and 5 Directorates-General: CLIMA, CNECT, DIGIT, ENER and ENV. The ISSG was consulted on the Roadmap and the Consultation Strategy, the summary report of the open public consultation, the results of the FDS project, the interim and final study on the cost of compliance, as well as on organisational aspects in relation to the workshops.

The Fitness Check evaluation was also supported by an external study on the cost of compliance for the financial sector. The purpose of the study was to obtain estimates of the cost of compliance with legislative measures in scope, for a cross-industry and cross-country sample of EU financial services companies. More precisely, the study was aimed at providing a clear understanding of the scale and nature of the incremental costs of complying with financial regulations that were either introduced or significantly amended after 2007, and of the main drivers of these costs.

Agenda planning – Timing

Consultation of the Regulatory Scrutiny Board

The meeting of the Regulatory Scrutiny Board (RSB) took place on 3 July 2019. The outcome was a positive opinion, issued on 5 July 2019. In the opinion, the Board acknowledges that the fitness check represents a major undertaking and finds that it is well researched and presented. Two aspects were highlighted for improvement, which were addressed in the following manner:

In addition, the Board's positive opinion identified a number of further considerations, for example in relation to providing further explanations on the scope of the assessment, the objectives of supervisory reporting, the problems arising from different national implementations of rules, and the justification for certain conclusions. The Board also provided further comments of more detailed and technical nature. The comments provided and issues identified by the Board have been taken into account when finalising the Staff Working Document. They resulted in amendments to the text and additional clarifications.

External studies

The external study titled "Study on the costs of compliance for the financial sector" provided quantitative evidence for the Fitness Check evaluation. The call for tenders was launched on 13 December 2017 (contract notice in the Official Journal: 2017/S 239-495286) and ended on 16 January 2018. The contract was awarded to ICF International/CEPS. The contract was signed on 26 March 2018 and covered a period of 11 months. The findings are summarised in section 5 of the main document and Annex 5 236 .

The assessment undertaken within the framework of the Financial Data Standardisation project provided a detailed analysis of the reporting obligations within the legislative frameworks in scope, contributing in particular to the assessment of the efficiency and coherence of EU-level supervisory reporting.

The call for tenders was launched on 26 September 2017 (publication number 2017/S 192-392560) and was awarded to Business Reporting – Advisory Group (BR-AG). The contract was extended in August 2018 to include additional Level 1 and Level 2 measures in the analysis, as well as to carry out some additional specific analytical tasks for the purposes of the Fitness Check of supervisory reporting requirements.

The final deliverables were submitted on 9 April 2019 and provide qualitative and quantitative information about the legislative frameworks in scope. They also provide further insight into the difficulties encountered during the analysis of the reporting obligations, including recommendations for possible improvements.

ANNEX 2: OVERVIEW OF LEGISLATIVE ACTS IN SCOPE

The following provides a short overview of the legislative frameworks in scope of the Fitness Check – the references to the legal texts and description of supervisory reporting (who reports what to whom and why) for each framework is contained at the end in Annex 6:

·CRR/CRD IV: The framework requires credit institutions (including banks and building societies) and investment firms to report to their national supervisory authorities quantitative information about own funds and exposures, balance sheet positions, financial performance, etc. Each National Competent Authority/National Central Bank (NCA/NCB) (and the ECB) shall then transmit the data to the European Banking Authority (EBA).

·BRRD: The BRRD regime is defined for credit institutions (including banks and building societies) and investment firms and it establishes reporting of, among others, information about critical functions, organisational structures, asset and liability positions vis-à-vis counterparties, etc. The receiver of the reported information is the National Resolution Authority (NRA), who shall then transmit it to the EBA or to other Resolution Authorities.

·Solvency II: Insurance and reinsurance undertakings are subject to reporting under the Solvency II Directive. Solvency II requires the provision of information (at both granular and aggregated level) on balance sheet and off-balance sheet items, technical provisions, own funds, etc. The receivers are the national supervisory authorities, who then transmit this information to the European Insurance and Occupational Pensions Authority (EIOPA).

·MiFID II/MiFIR: Under the MiFID II/MiFIR regime, investment firms which execute transactions in financial instruments must report complete and accurate details of such transactions (e.g. financial instrument reference data, details about the transaction, transparency disclosures, etc.). Transaction reports under MiFID II/MiFIR can be submitted to the NCAs by: (i) investment firms themselves, (ii) Approved Reporting Mechanisms (ARMs) acting on behalf of investment firms, or (iii) operators of trading venues through whose system the transaction was completed.

·EMIR: Counterparties to derivative contracts (all asset classes, both exchange-traded and OTC) need to comply with the transaction reporting requirements established under EMIR. The reporting obligation applies to financial counterparties but also non-financial counterparties, subject to some exemptions and simplifications. EMIR trade reporting includes not only data on the transaction itself (e.g. details of the counterparties, the instruments used and the terms of the transaction), but also information on clearing, on-going valuation and collateralisation. The details of derivative transactions are to be reported to a Trade Repository (TR) registered with, or recognised by the European Securities and Markets Authority (ESMA). TRs are obliged to grant to the NCAs and to the other supervisory entities identified in the regulation access to this data.

·CSDR: The CSDR applies to all European central securities depositories (CSDs) and to all market operators in the context of securities settlement. Among others, CSDs need to report quantitative information about the value of securities recorded in settlement systems, as well as information about periodic events. The NCAs receive the vast majority of the information required under the CSDR regime, which is then transmitted to ESMA.

·SFTR: The SFTR introduced an obligation for counterparties (both financial and non-financial) involved in Securities Financing Transactions (SFTs) (e.g. repurchase agreements, securities lending activities) to report the details of these transactions (e.g. information about the counterparty and the collateral, etc.) to a TR registered with or recognised by ESMA. The TRs are the recipients of most of this information, with part of the reporting also provided directly to ESMA. The NCAs and ESMA cooperate closely with each other and exchange information for the purpose of carrying out their duties pursuant to SFTR.

·SSR: The SSR applies to any natural or legal person who has a short position in relation to a financial instrument (e.g. net short positions in shares and sovereign debt and uncovered positions in sovereign credit default swaps or CDSs). The SSR sets out reporting obligations related to a net short position in a financial instrument, including information about the issuer of the financial instrument, information about the position holder and the volume and nominal amount of the position. The receivers are the NCAs, who then provide summary information to ESMA on a quarterly basis.

·MAD/MAR: The MAD/MAR framework concerns natural or legal persons that are trading in or issuing financial instruments which are traded on a stock exchange, on a Multilateral Trading Facility (MTF) platform or over-the-counter. The MAD/MAR sets out a number of reporting requirements, aimed at preventing market abuse practices (this term collectively covering practices such as insider dealing and market manipulation). The main receivers of this information are the NCAs of the home Member State of the trading venue, who then pass this information on to ESMA.

·AIFMD: Under the AIFMD regime, an alternative investment fund manager (AIFM) is required to report, among others, on main instruments held, investment strategy, net asset value, principal exposures, and most important concentrations of the alternative investment fund(s) it manages. The AIFM is also required to submit any notifications and/or authorisation forms, in relation to the AIFMD requirements. The receiver of a vast majority of the information required under AIFMD is the NCA of the home Member State of the AIFM, who shall ensure that all this information is made available to other NCAs, to ESMA and to the ESRB.

·UCITS Directive: The main legislative requirements for undertakings for collateral investments in transferable securities (UCITS) are currently set out in the UCITS legislation. The primary set of reporting requirements relates to notifications and registration applications, but other data sets which are in general dedicated for public disclosure, are also required. Most of the reporting obligations are designed for UCITS and management companies and the main receiver of the information requirements is the NCA of the UCITS home Member State. The NCA of the UCITS home Member State is responsible for submitting the complete documentation to the competent authorities of the Member States in which the UCITS proposes to market its units.

·CRAR/CRAD: The CRAR/CRAD regime applies to credit ratings issued by credit rating agencies (CRAs) registered in the EU and which are disclosed publicly or distributed by subscription. The framework introduced detailed disclosure requirements as to rating analysis, rating methodologies, due diligence on underlying assets, models and key rating assumptions, among others. The EU-registered CRAs need to report this information to ESMA, with data sharing among competent authorities when needed.

·SAR/SAD: The SAR/SAD framework contains a series of requirements governing statutory audits in the EU. These requirements are aimed at enhancing investors’ understanding of the audit process, including critical judgements made during the process. Audit firms or statutory auditors are required to submit various notifications and reports related to their activities in the field of audit. The receivers of most of this information are the NCAs, which may be allowed to transmit it to other NCAs and other authorities (e.g. ECB, ESRB).

·REMIT: Under REMIT, market participants in one or more energy markets or third parties acting on behalf of market participants are required to report details of their transactions and orders in relation to wholesale energy products, including the price, quantity, date and time of trades. The main receiver of the information reported under REMIT is the European Agency for the Cooperation of Energy Regulators (ACER), which is the central point of data collection at EU-level and is mandated to provide access to the reported data to the national regulatory authorities, competent financial authorities, national competition authorities, ESMA and other authorities identified in the regulation. REMIT is primarily an energy commodity data collection regime, and its objective is to detect possible abuses in energy markets.

·SSM Regulation: The SSM Regulation provides the legal framework for the operational arrangements related to the prudential tasks of the ECB’s Single Supervisory Mechanism. Credit institutions and financial holding companies in participating Member States, among others, are required to report the information necessary for authorisation, to notify acquisitions of qualifying holdings, as well as to report any additional information required by the ECB in order to perform the tasks conferred on it by the SSM Regulation. The national competent authorities of the host Member State and the ECB are the main receivers of the reported information.

·SRM Regulation: The SRM Regulation applies to banks under the remit of the Single Resolution Board (SRB), namely: (i) the entities and groups directly supervised by the European Central Bank’s Single Supervisory Mechanism (SSM) and (ii) other cross-border groups. Among others, the entities concerned need to report on their liabilities, critical functions and activities related to financial market infrastructures. For the most part, the receiver of this information is the SRB.

·FICOD: The FICOD regime sets out specific provisions for groups identified as financial conglomerates, including reporting obligations related to the level of capital (on an individual and consolidated basis), risk concentrations and intra-group transactions. The main recipient of the reported information is the competent authority responsible for exercising supplementary supervision (the coordinator), who is mandated to cooperate and exchange information with the competent authorities and the Joint Committee of the ESAs.

ANNEX 3: STAKEHOLDER CONSULTATION

This annex presents the results of the consultation activities performed in the context of the fitness check on EU-level supervisory reporting requirements. These consultation activities consisted of:

·a consultation of the evaluation roadmap

·an open public consultation

·a targeted consultation of national competent authorities

·4 workshops with various stakeholder groups

3.1Consultation on the evaluation roadmap

3.1.1Overview of submitting entities' characteristics

The Commission received 9 responses in the consultation on the evaluation roadmap. As regards the size of the entities having provided feedback, it can be seen that most respondents qualify as 'Large', followed by 'Micro'; only two respondents belong to the category of SMEs (Chart 1). With respect to the type of entities having responded, the large majority are business associations (6 responses out of 9). Public authorities, NGOs and physical persons submitted one answer each (Chart 2). Finally, the breakdown by country of origin illustrates that almost all respondents are domiciled in the Eurozone EU15 Member States, only one answer being submitted from an entity domiciled in a non-Eurozone country (i.e. Poland).

3.1.2Overview of submissions by topic/theme

General issues/dysfunctionalities flagged:

·There is overall support for the Commission's initiative to perform the Fitness Check exercise;

·Most respondents (6 out of 9) consider the current reporting requirements as being costly and burdensome, while others (2 out of 9) go as far as claiming that the current reporting framework has a negative impact on the quality and/or usability of the data reported;

·One respondent considers that the level of transparency towards consumers/investors is insufficient as regards the performance and fees of retail financial products. In this context, the same respondent considers that the ESAs have not properly used their powers in order to enhance transparency on this market segment;

·However, one respondent considers that the reduction of the burden of supervisory reporting requirements should not be done at the expense of consumer/investor protection.

Specific issues/dysfunctionalities flagged

·Certain issues which affect in particular the insurance sector have been flagged by one of the respondents. For instance, the added value of intra-annual calculations is questionable for the non-life insurance business. Also, the same respondent questions the usefulness of the fourth quarter reporting, since the deadline for submitting this information almost coincides with the deadline for the annual reporting.

Recommendations

·Scope of the Fitness Check: Two respondents suggested broadening the scope of the assessment to also include Level 2 and Level 3 legislation. One respondent cautions against harmonizing the various reporting requirements across sectors, which would be particularly cumbersome for insurance corporations (as they have already made major efforts to comply with sector-specific requirements). Another respondent suggests expanding the scope of the Fitness Check to also measure the impact of reporting requirements on non-financial corporations and to ensure that the various reporting requirements EU listed companies face are taken into account. An additional suggestion is to also include FICOD within the scope.

·Outcome of the Fitness Check: Regarding the outcome of the exercise, two respondents suggest using the results of the evaluation in order to determine the overall load of reporting obligations and to assess whether reporting obligations follow the "Single Entry Point" Principle. The same entity calls for concrete action points if overly burdensome requirements were identified (i.e. expressed in terms of content/format/frequency of submissions).

·Reasonable and proportionate requirements: Several respondents (3 out of 9) stressed the importance of ensuring that reporting requirements are reasonable and proportionate. Two respondents also suggested assessing whether additional expenses due to redundancies could be prevented while, at the same time, limiting the disclosure requirements to the material information. One of the respondents representing the insurance industry brings forward several proposals aimed at improving the efficiency and proportionality of reporting requirements, namely: (i) insurance-dominated financial conglomerates should only be subject to Solvency II reporting; (ii) the stress test exercise for the insurance sector should only make use of the existing QRTs; (iii) the ECAI rating reporting requirement should be removed; (iv) Member States should more widely use the options to limit and exempt insurance undertakings from particularly burdensome reporting requirements on grounds of proportionality; and (v) the EMIR obligation for dual-sided reporting (DSR) should be removed and replaced by single-sided reporting.

·Frequency of reporting: It has been suggested by two respondents, both representing the interests of the insurance industry, to adapt the deadlines of financial stability reporting to those of Solvency II reporting, with a view to removing the redundant reporting elements. The same respondent invites the Commission to consider the possibility of reducing the frequency of reporting requirements for insurance undertakings to an annual basis and withdrawing the fourth quarterly reporting.

·Harmonisation and standardisation: One respondent emphasised the need for the Commission to encourage the use of harmonised standards of reporting for financial instruments (i.e. through the use of ISIN and LEI codes for instruments and issuers/counterparties). In this respect, the same respondent considers that financial reference data should be available to all market participants (free of charge or for a fee). Another respondent advances the idea of establishing a single common European repository of transactions to which all EU regulatory authorities would have access.

·Use of technology to streamline reporting: The solutions proposed include digitalisation, harmonisation or interoperability and standardisation. One respondent suggested looking at existing initiatives such as the Fintech/DLT applications in the investment fund space or the MiFID fund unit trade reporting to NCAs.

·Other recommendations: One respondent suggested a (Regulatory) Reporting Market Practice Group could be created in order to facilitate the reporting market practice.

Concrete examples of dysfunctionalities/burdensome requirements

·Several examples have been provided, and refer to such issues as: unclear and disproportionate requirements, lack of clear definitions, confusion triggered by the existence of multiple and parallel standards and the high costs associated with the complexity of certain reporting requirements.

3.2Summary of the open public consultation on the fitness check on supervisory reporting

This summary report of the open public consultation was published in June 2018.  237

Introduction

On 1 December 2017, the European Commission launched a public consultation with regard to the on-going fitness check of supervisory reporting requirements. […] 238  The public consultation was launched with a view to supporting the Commission in this assessment. The consultation was structured along three sections reflecting the main issues and challenges that have been identified with respect to the EU supervisory reporting requirements:

1. Assessing whether supervisory reporting requirements are fit-for-purpose

2. Quantifying the cost of compliance with supervisory reporting requirements

3. Identifying possible ways to simplify and streamline supervisory reporting

While the consultation aimed to gather input only on supervisory reporting requirements applicable at the end of 2016, many respondents nonetheless provided comments on frameworks which only recently entered into application. Many respondents also raised issues with regard to national reporting regimes and statistical reporting requirements, many of which do not fall under the auspices of the European Commission. Despite being outside the scope of the exercise, these responses have nonetheless been analysed as they still provide valuable insights into future evaluations and reviews of the respective legislative acts.

The consultation was closed on 14 March 2018 and received 391 responses sent by respondents from 15 Member States. The following sections provide an overview of the main results of the consultation and issues raised by respondents. Similar to earlier consultative exercises such as the Call for Evidence, a large majority of respondents from industry stressed the significant compliance costs arising from supervisory reporting requirements. They consider many of the reporting frameworks to be overly complex and often questioned the value of some of the data reported, especially where frameworks overlap. They generally call for a streamlining of the requirements (also with regard to national reporting regimes), more timely clarification of requirements, increased harmonisation and standardisation, and applying the principle of proportionality to reflect the size and activities of respective market participants. Public authorities also highlight a range of challenges as concerns the current reporting frameworks and support an increased level of harmonisation and standardisation. However, they generally disagree that the current requirements are too far-reaching and, on the contrary, raise examples where additional data would further facilitate their supervisory or regulatory activities.

Overview of respondents' characteristics

A total of 391 responses were received over the consultation period. The vast majority of respondents represent an organisation or company (88%), while 10% are public authorities and the remaining 2% are private individuals. As regards the type of organisation, the category comprising companies, SMEs, micro-enterprises and sole traders prevails (53%). In terms of geographical coverage, most responses were submitted by entities based in Germany (34%), followed by the United Kingdom (17%) and Belgium (17%). Finally, most respondents operate in the banking industry (17%), followed by insurers (16%) and investment managers (14%). One group of industry respondents submitted responses that were identical on many questions. The overview figures were based on the 133 non-identical responses 239 .

Are you replying as:     Type of organisation:

Where are you based: Field of activity (or sector)

Note: On the left-hand side chart, "Other" designates joint responses submitted by entities incorporated in multiple jurisdictions. On the right-hand side chart, "Other" refers to public authorities and private individuals.

Section 1: Assessing whether the supervisory reporting requirements are fit-for-purpose

Taken together, to what extent have EU level supervisory reporting requirements contributed to improving financial stability, market integrity and investor/consumer protection?

As regards financial stability, 38% of respondents consider that EU supervisory reporting requirements had a moderate contribution towards increasing financial stability. The rest of the respondents were almost equally divided between believing that the effect on financial stability was significant or marginal, with both groups reflecting 17% of total respondents. A similar picture emerges with respect to market integrity and investor/consumer protection. 25% and 23% commented that the reporting requirements have had a moderate impact on the objective of market integrity and investor/consumer protection, respectively. As regards market integrity, a higher percentage of respondents (19%) noted a significant contribution versus only 14% who believe this to be the case in the area of investor/consumer protection. The same applies in reverse for respondents who consider the impact to be marginal (14% vs. 19%). Overall, very few respondents believe that the contribution to either of the regulatory objectives has been very significant. There is, however, a clear divide between industry respondents and public authorities. While barely any industry respondents noted a very significant contribution, regulators and supervisors generally opted either for ’very significantly’ or 'significantly' as their response. This group pointed out that the reporting requirements are very helpful and are, in certain areas, actually not far-reaching enough to achieve the policy objectives.

Many industry respondents claimed that the costs arising from the reporting frameworks are not proportionate to the new informational insights gained from the reported data. In this respect, smaller banks generally contested the added value of being covered by European reporting frameworks under the Capital Requirements Regulation 240 (CRR) (either partially or fully) given the allegedly low financial stability risks that emanate from them. Furthermore, some industry respondents commented that some of the reporting frameworks generate a lot of data that is not or cannot be used effectively to monitor financial stability risks. The most common example provided in this context was the European Market Infrastructure Regulation 241 (EMIR). A few respondents noted that EMIR had in fact improved the regulatory oversight of derivatives markets but criticised data gaps and quality. Several banks also highlighted that the data requirements under the Analytical Credit Datasets Regulation (AnaCredit) 242 exceed the data needed to effectively monitor financial stability risks 243 .

With regard to market integrity, several respondents, mainly investment firms, commented that supervision had improved given the requirements under the Market Abuse Regulation 244 (MAR). On the other hand, many smaller market participants, particularly smaller banks, contested the added value of both the obligation to notify reasonable suspicion of market abuse under MAR as well as the transaction reporting under the Markets in Financial Instruments Regulation 245 (MiFIR). 

Finally, some national authorities noted that further data breakdowns (e.g. domestic vs. non-domestic) could be introduced to better assess systemic risks. Supervisors also mentioned certain cases where parts of the supervisory reporting requirements currently remain within the discretion of national competent authorities (e.g. Undertakings for Collective Investments in Transferable Securities “UCITS” Directive 246 ) and that this leads to both excessive complexity as well as an inability for supervisors to aggregate the reported data at European level (e.g. due to different formats).

Are all of the existing supervisory reporting requirements relevant for maintaining financial stability and upholding market integrity and investor/consumer protection?

Just under half of the respondents (49%) consider that only some of the existing supervisory reporting requirements are relevant for achieving the stated goals, followed by 25% claiming that most of them are relevant. Only 4% consider that all requirements are relevant. Again, answers differed significantly across respondents, with public authorities and consumer bodies generally perceiving the requirements to be more relevant.

A majority of industry respondents again stressed a lack of proportionality in the existing reporting frameworks. Many respondents also explained that several reporting frameworks, especially those applicable to the banking sector, require the reporting of very similar (but not identical) metrics. This point was highlighted in particular with regard to quasi-overlaps between national and European reporting frameworks. At the same time, several respondents (especially public authorities but also market participants) stated that a large majority, if not all, reporting requirements were relevant to achieving these regulatory objectives.

As regards financial stability, several respondents highlighted that the EMIR reporting framework does not fully address risks related to derivatives markets and that it faces problems as concerns data aggregation across trade repositories. It was noted that position reporting would be more effective, especially as the MiFID II 247 /MiFIR framework already captures transactions data. Some of the respondents also criticised the double-sided reporting approach under EMIR as giving rise to additional, unnecessary costs.

Small banks that replied to the public consultation criticised the lack of proportionality with regard to the CRR reporting framework. It was stressed that while most other frameworks provide at least some degree of proportionality (e.g. Solvency II 248 , 249 ), CRR only allows supervisors to impose additional or more frequent reporting requirements. It was also frequently noted that the reporting threshold for AnaCredit is too low. Smaller market participants generally called for the implementation of (higher) reporting thresholds, noting that they do not pose any systemic risks themselves (e.g. with regard to net stable funding ratio (NSFR) 250 , the leverage ratio 251 , or reporting under the Financial Reporting standards (FINREP) 252 ) and that smaller-volume transactions equally carry less risks for the overall financial system (e.g. in the context of MiFID II/MiFIR and EMIR).

Finally, several respondents agreed that a large majority of the reporting requirements are relevant for achieving the stated regulatory objectives but stressed that major challenges arise from the high level of granularity (e.g. Additional liquidity monitoring metrics 253 (ALMM)) and a lack of coherence and redundancy within and between different reporting frameworks.

Is there information that should be reported but which currently is not (i.e. there are reporting requirements that should be added)?

72% of respondents consider there are no reporting requirements that should be added, while 19% claim the opposite.

Several industry respondents as well as public authorities noted that better consideration should be given to the exact purpose of reporting requirements when they are introduced. Examples provided in this context were: (i) under EMIR, transaction reporting for derivatives could be changed to position reporting, at least for exchange traded derivatives in order to gain a better overview of systemic risks; (ii) extending the MiFID II reporting framework to also capture positions; and (iii) harmonising the UCITS reporting framework in order to better facilitate EU-wide data aggregation.

Concrete examples of additional data that should be reported were provided by public authorities. These include: (i) introducing mandatory legal entity identifiers (LEIs) under the Alternative Investment Fund Managers Directive 254 (AIFMD) (in order to combine with data under other frameworks and improve the ability of supervisors to monitor systemic risk); (ii) flagging to identify money market funds and European Long-term Investment Funds under the AIFMD framework; (iii) reporting of LEIs of large borrowers under the large exposures framework for banks; and (iv) more granular reporting of non-performing exposures.

To what extent are supervisory reporting requirements across different EU level reporting frameworks coherent (e.g. in terms of scope, content, methodology, timing/frequency of submission, etc.)?

Many respondents (48%) consider the various EU-level reporting frameworks are somewhat coherent (i.e. have numerous inconsistencies). A combined total of 18% of respondents see the EU reporting frameworks as being fully or mostly coherent, but as many (18%) assess the frameworks to be not coherent. The group of respondents commenting that the frameworks are fully coherent consists mainly of public authorities, although several industry respondents replied that they are mostly coherent.

Many respondents again claimed that there is a lack of proportionality in several reporting frameworks, especially for smaller firms. In the area of banking, some proposed clear-cut exemptions for smaller banks below a certain balance sheet threshold (e.g. EUR 1bn.). Others stated that certain reporting obligations (e.g. under the liquidity coverage ratio (LCR) 255 , ALMM, FINREP, or NSFR) should be carried out less frequently by smaller banks. Several respondents also highlighted partial overlaps between reporting requirements in EMIR and MiFIR, while a few respondents noted that certain reporting obligations are identical. Furthermore, it was stressed that differences in definitions and templates (between EMIR and MiFIR) create an additional unnecessary compliance burden. The point on overlapping requirements and differences in definitions was also raised in relation to other frameworks, in particular with regard to bank-specific prudential and statistical reporting at EU and national level. Respondents from the insurance sector criticised that gold-plating by national regulators can lead to inconsistencies due to slightly different requirements and that certain additional validations are not foreseen in the Solvency II taxonomy. Slight differences in definitions between national and European reporting frameworks as well as overlapping requirements were often flagged also with regard to other reporting frameworks, with respondents stressing that this creates cumbersome additional compliance work.

To what extent is supervisory reporting in its current form efficient?

According to the majority of respondents, supervisory reporting requirements are rather inefficient as they stand (59%), followed by those claiming they are quite inefficient (18%). On the other hand, roughly 3% of respondents (mainly public authorities) find the requirements very efficient.

In addition to the issue of proportionality which was raised on several occasions throughout the different sections, several respondents stated that many of the reporting frameworks require a high amount of manual processing efforts. This often arises due to different interpretations and definitions across the frameworks. Moreover, as already stated above, a majority of industry respondents noted that there are often duplicative reporting requirements or that requirements across frameworks are very similar even though they are not exactly the same. It was stressed that this increases complexity and compliance burden without providing a benefit for supervisory purposes. For instance, many respondents from the banking sector commented that the reporting requirements under Common Reporting Standards framework (COREP) 256 are too granular, especially for small banks, and thus not efficient. Equally, some respondents from the insurance sector consider that Solvency II collects too much/too granular data. At the same time, however, Solvency II was also raised as a positive example of a reporting framework which provides national supervisors with the ability to waive requirements for smaller market participants 257 (e.g. quarterly reporting). Finally, several respondents also stressed that the regulatory objectives with regard to MiFID II/MiFIR and EMIR reporting frameworks could be equally well achieved with fewer reporting fields.

How well are the supervisory reporting requirements adapted to developments in the fields of modern information and communication technologies (ICT) and digital processes?

50% of respondents, including respondents from public authorities, consider that supervisory reporting requirements are not very well adapted to developments in the fields of modern information and communication technologies (ICT) and digital processes, followed by those who believe they are fairly well adapted (23%), whereas 21% said they do not know.

Several respondents commented that despite the use of modern information technology (IT) infrastructure for supervisory reporting, there is still a high manual effort needed to meet all reporting requirements. It was often stressed that while automated approaches are essentially required to meet the reporting obligations (given the large amount of data), the reporting process still frequently requires manual adjustments and/or inputs (e.g. in order to re-format data where the company internal data format differs from the one required by supervisory authorities).

Some respondents also noted that common data collection frameworks (and a centralised repository) and/or 'once and for all' reporting would facilitate modern data integration techniques and automated reporting approaches (see also section 3 below). Finally, it was noted that the high frequency of adaptations to existing reporting frameworks or the creation of new reporting frameworks creates substantial hurdles for the introduction or use of automated reporting solutions. Amending a reporting framework will always require changes to IT systems and respective follow-up testing. There is a risk of introducing coding errors every time a system is changed and it will often require substantial manual efforts to optimise a newly revised system. In addition, respondents noted that new requirements are often not sufficiently clarified or not clarified in a timely manner, which gives rise to complications in the coding process and extensive time pressure (which can also lead to coding errors etc.).

To what extent has the adoption of supervisory reporting requirements at EU level facilitated supervisory reporting in areas where previously only national requirements existed?

The largest single category of respondents (34%) believe that the adoption of supervisory reporting requirements at EU level in areas where previously only national requirements existed has made supervisory reporting more complicated. In their view, the related compliance burden therefore increased substantially. However, almost half of all respondents (46%) feel that EU level supervisory reporting requirements have facilitated supervisory reporting to one degree or another. Several respondents, including industry respondents, remarked that supervisory reporting at the European level has helped to reduce costs in some areas by implementing a more harmonised approach to reporting across Member States.

Nevertheless, many respondents also pointed out that requirements at the European level often failed to replace national reporting regimes. Instead, EU requirements frequently simply added a further layer of requirements, thus increasing the overall compliance burden yet further. In addition, reporting formats and/or data field definitions are seen by respondents to frequently vary across national and European regimes, requiring additional efforts to align the reports with the respective framework.

To what extent have options left to Member States in terms of implementing EU level supervisory reporting requirements (e.g. due to their adoption as Directives rather than Regulations) increased the compliance cost?

A majority of respondents (57%) consider that options left to Member States in the implementation process have at least moderately increased compliance costs. On the other hand, only 11% stated that such options have not impacted their compliance costs at all.

A majority of respondents stressed that an increased level of harmonisation (maximum harmonisation) and standardisation would reduce costs. These comments came in particular from larger market participants with some amount of cross-border activities. Smaller institutions and investment firms generally tended to see national flexibility in implementation as only giving rise to marginal or moderate cost increases.

Respondents that saw high cost increases noted that there are many cases of diverging national implementation. This requires additional efforts to comply with all requirements. Respondents criticised in particular the fact that despite essentially reflecting the same information, national differences in reporting regimes require them to establish new or amended reports, thereby doubling (or, depending on the number of Member States involved, at times increasing many-fold) their compliance burden. These comments were not only limited to EU Directives. Many respondents also commented that some Regulations (e.g. CRR) still provide Member States with leeway to request additional or differently formatted data. Some respondents noted that this also prevents the creation of EU-wide databases, thus limiting the usefulness of the reported data for supervisory purposes.

Are there any challenges in terms of processing the data, either prior to (i.e. within the reporting entity) or subsequent to (i.e. within the receiving/processing entity) it being reported?

78% of respondents claim they face challenges in terms of processing the data, either prior to or subsequent to it being reported. Data processing challenges were reported both by industry respondents as well as public authorities.

Many respondents reiterated that a higher degree of standardisation would help to reduce both challenges faced and compliance costs. Moreover, a reduction of ambiguities would help to facilitate the use of automated solutions and reduce the compliance efforts needed, especially in the implementation phase. Several respondents also noted that longer implementation timelines would help to decrease cost burdens and enable companies to better comply with new requirements.

Public authorities criticised in particular that the implementation of technical specifications and standards is inconsistent in certain areas. They also noted that quality checks are not always (or consistently) implemented and that certain data are not fully usable due to formatting errors or adoption of wrong conventions.

Some respondents also noted that cross-border institutions with activities outside EU jurisdictions have to cope with other non-EU regulations, which can in many circumstances be inconsistent with EU reporting requirements. Greater coordination between authorities at the international level would thus be welcomed in order to decrease related compliance costs.

Section 2: Quantifying the cost of compliance with supervisory reporting requirements

General assessment of compliance costs

Overall, almost all respondents (93%), in particular those from industry, believe that supervisory reporting in its current form is unnecessarily costly for its intended purposes. Only a very few respondents (2%), most of which are public authorities, consider the level of costs as appropriate. In line with these concerns, a large majority of respondents (85%) noted that none of the EU level reporting requirements have brought cost saving benefits while only a few respondents (11%), mostly public authorities, considered that there have indeed been cost saving benefits.

Supervisory reporting requirements imposed by EU regulations and/or directives were flagged as a very significant source of compliance costs. However, different implementation of EU financial legislation by Member States and the existence of national supervisory reporting requirements in addition to those in EU legislation are also perceived as an important source of compliance costs. On the other hand, the existence of other additional supervisory reporting requirements is seen as having contributed the least to the cost of compliance.

Note: Respondents were asked to assess the contribution of EU/national legislative supervisory reporting requirements to the compliance cost by assigning a score, using a scale of 0 (not at all a source of costs) to 4 (very significant source of costs). The figures displayed on the chart represent the average score per option.

By way of examples, respondents from the financial industry flagged in particular the following EU supervisory reporting frameworks as having triggered significant costs of compliance:

·CRR/CRDIV ITS on COREP, FINREP and liquidity reporting (LCR, NSFR, ALMM)

·Statistical reporting (AnaCredit)

·Transaction reporting under EMIR and under MiFIDII/MiFIR

Respondents from the banking sector raised other cost concerns due to overlaps between EU requirements and national requirements, including for example:

·AnaCredit reporting at EU level and article 394 CRR on national reporting of banks’ large exposures

·FINREP at EU level and Système Unifié de Reporting Financier (SURFI) in France

·Reporting of LCR at EU level and reporting under Liquiditätsverordnung (LiqV) in Germany

Concerning the factors perceived as having contributed very significantly to the compliance costs of supervisory reporting, respondents highlighted the existence of too many requirements, the need for additional human resources and the need to introduce/update IT systems. On the other hand, the insufficient use of ICT was identified as a factor not having significantly contributed to compliance costs.

Note: Respondents were asked to assess the factors that have most/least contributed to compliance cost in terms of supervisory reporting by assigning a score to each factor, using a scale of 0 (not at all a source of costs) to 4 (very significant source of costs). The figures displayed on the chart represent the average score per factor.

Respondents highlighted that small and non-complex financial institutions face excessive costs due to the absence of proportionality with regard to supervisory requirements. Moreover, it was suggested that the increased quantity and complexity of these requirements are key factors generating additional costs in terms of human resources, training, legal expertise as well as changes to IT systems. Finally, respondents also argued that the obligation to report at both group and individual company level as well as the absence of materiality thresholds create excessive and unnecessary costs.

As regards the obligation to use structured reporting and/or predetermined data and file formats, respondents were slightly divergent in their views. Over a third of respondents (37%) considered that such structured reporting decreases the compliance costs overall. They noted that a greater use of standards would allow for further automation and eventual reduction of costs, as initial IT costs would be largely compensated in the long-term by reduced ongoing costs. Conversely, 24% had a different view and thought that it can increase the costs. In particular, they argued that the use of data standards (e.g. XBRL tool, QRTs) could be a source of additional costs if not harmonised at all levels (e.g. between entities reporting and receiving data). They also stressed that high costs arise from the implementation of different standards than those in use for internal reporting purposes. More specifically, among the financial industry respondents 56% indicated that a greater use of standards has increased compliance costs, whereas a significant majority of public authorities (67%) argued that the costs have decreased as a result of the use of such standards.

Compliance cost quantification

On average, fewer responses were submitted to the following quantitative questions seeking evidence on compliance costs compared to the more qualitative questions in other sections of the public consultation. Some respondents highlighted the difficulty of providing cost estimates that reflect incremental compliance costs due to supervisory reporting requirements.

For most of the respondents from industry who provided compliance cost estimates (74%), the average initial implementation cost expressed in monetary terms was below EUR 500,000. The second most frequent range (chosen by 18% of respondents who provided an answer) was between EUR 1 million and EUR 50 million. Although very few respondents were able to provide data on implementation costs in relation to turnover, the median value for this metric was 1%, while the average was equal to 3.24%.

As regards the annual running (recurring) costs in 2016, the majority of respondents (55%) claimed their running costs amounted to below 1% of total operating costs. The second most frequent range (36% of respondents) reported costs to be between 1% and 5% of operating costs.

Initial implementation costs in EUR Running costs in 2016 as a % of operating costs

Note: For both charts, the figures on the vertical axis denote the percentage of responses that fall into a certain range. Many respondents pointed out the difficulties encountered when estimating the initial/running costs.

An almost equal number of respondents declared that they keep their supervisory reporting activities fully in-house (48%) or that they partially outsource such activities (44%). Nevertheless, there are some divergences between respondents from different sectors. For example, as regards the respondents from the banking sector, 53% keep the activity fully in-house whereas 37% partially outsource the supervisory reporting process. The difference is even more significant for investment managers, of which 60% indicated that they partially outsource the reporting activity while 20% perform it fully in-house. Among respondents from the insurance sector, almost all of them (90%) declared to keep the reporting activity fully in-house.

Overall, respondents using in-house solutions argued that it is either more cost-effective to do so or that it would require almost the same budget to outsource, notwithstanding the increased number and complexity of reporting obligations. Those that partially outsource reporting activity noted that they mainly rely on technical support of their data centre. Only a few respondents (less than 10%) replied that they fully outsource supervisory reporting activities.

According to industry respondents who provided such information, the average number of full-time equivalent staff (FTEs) dealing with supervisory reporting increased from an (unweighted) average of 12.4 at the end of 2009) to 18.7 at the end of 2016. Furthermore, at the end of 2009, FTEs dealing with supervisory reporting represented on average 18.9% of the compliance workforce. Respondents’ also reported that by the end of 2016, these figures increased to 26.1%. Although illustrative only, these numbers show an overall increase of the compliance workforce dealing with supervisory reporting requirements both in absolute and in percentage terms.

Note: The estimates are the unweighted averages calculated from the FTEs dealing with supervisory reporting requirements, as reported by respondents to this question.

Section 3: Identifying possible ways to simplify and streamline supervisory reporting

Respondents were asked to consider how compliance costs could be reduced while maintaining a sufficient level of supervisory reporting to ensure the intended policy objectives.

In the short term, respondents considered a reduction of the number of data elements, clarification of the content of the data elements, and greater alignment of reporting requirements as the most important measures to reduce compliance costs.

The views were quite different concerning the long term, where respondents viewed the development of a common financial language, greater automation of the reporting process, greater use of ICT and ensuring interoperability as the most important.

Note: Numbers inside the bars show the percentage of answers for a given choice. For each item, respondents had to choose between 'short term' and 'long term', or 'don't know / not applicable'.

Respondents suggested a number of other elements that they consider as having the potential to reduce compliance costs. The majority of public authorities and industry respondents agree that ensuring the precision and consistency of relevant data definitions and the development of a consistent and coherent approach to data reporting across various legislative frameworks can significantly reduce compliance costs. Exploiting synergies between reporting frameworks, including the use of common reporting standards across different data sets, and providing sufficient time to develop and implement any new or amended reporting requirements were other major compliance cost reduction suggestions raised by both the industry and public authorities.

For many industry respondents, improving proportionality in supervisory reporting is the most important element to lessen the reporting burden while continuing to ensure sufficient data collection from a financial stability point of view. Some respondents proposed that regulators should first set broad objectives for new legislation, and then approach industry domain experts in order to identify correct data sets and data sources to meet regulatory objectives efficiently.

A few respondents proposed removing the requirement to report reference data that is already available from open public sources based on standard identifiers (e.g. LEI, International Securities Identification Number (ISIN)).

Development of a common financial language

A large majority of respondents think that a common financial language can both reduce compliance costs of regulatory reporting (68%) and improve supervisory data management (63%). 

Note: The percentages reflect the share of each type of answer in the total number of non-blank answers provided. 'CFL' stands for common financial language.

The majority of respondents, including both public authorities and the industry, consider the need to analyse guidelines, standards, and new legal acts governing regulatory reporting a complex, costly, and time-consuming process. Its complexity frequently leads to differing interpretations of specific concepts by the reporting entities, which makes cross-entity comparison and aggregation difficult.

Most respondents believe a common financial language can help reduce the complexity of the systems and processes used to meet reporting obligations. A standardised financial language would allow firms to have the certainty of a common understanding with the regulator and their peers, facilitating compliance and ensuring a level playing field. Many respondents, including public authorities, believe common identifiers, definitions, and interpretations can enhance cross-sectoral consistency between different reporting regimes.

The majority of respondents think that a common financial language should be developed and overseen at EU (and where possible even global) level to ensure uniform definitions across different jurisdictions and that implementation occurs without regional differences. Industry respondents stressed, however, that a common financial language should promote harmonisation where it bring most benefits, without overriding existing systems and investments – a balancing act that requires focused dialogue between industry and regulators.

The majority believes that a prerequisite for the development of a common financial language is a greater normative harmonisation of the reporting legislation – both supervisory and statistical – at all levels (EU as well as national).

Respondents also mentioned several obstacles standing in the way of a common financial language. Some believe that its development is an ambitious project that would take time – several years in the view of many. Some others, on both the industry and the public authority side, warn that it would be difficult to overcome existing differences in member states national legislation, as well as to obtain industry acceptance and ensure universal and consistent adoption.

Ensuring interoperability between reporting frameworks and/or entities receiving/processing the data

The majority of respondents think ensuring interoperability can reduce the compliance costs of supervisory reporting and improve data management.

Note: The percentages reflect the share of each type of answer in the total number of non-blank answers provided.

A large majority of respondents, both public authorities and the industry, stated that interoperability between frameworks can reduce reconciliation efforts and potentially reduce the absolute volume of reported data. It can also allow supervisors to make prompt and effective use of the data they receive.

Most respondents believe that in a truly interoperable reporting environment firms would only need to capture data once for multiple reporting purposes, reducing the administrative and technical burden of reporting. However, this would require an improved ability of authorities that receive supervisory data to share it amongst themselves. Some respondents added that interoperable public open data platforms could provide greater transparency and allow better scrutiny of reported data.

Many respondents advocated building interoperability on existing structures and processes and in particular using international standards across reporting frameworks. They claimed that this would reduce costs by removing the need for firms to seek specialist support to interpret the reporting requirements. Consistent interpretation would also increase the comparability of data across firms.

Despite the broad level of support for greater interoperability, a majority of respondents consider that achieving full interoperability is only feasible after a significant harmonisation of definitions and data requirements across reporting frameworks and jurisdictions. Many industry as well as public authority respondents propose a granular, joint systematic review by regulators to identify data essential for effective supervision as an important first step. Some consider the introduction of a common financial language a prerequisite for introducing greater interoperability between reporting frameworks.

Many respondents mentioned that implementing interoperability would create a significant strain on the resources of the reporting entities, which would be an important obstacle.

Greater use of ICT in supervisory reporting

The majority of respondents believe that greater use of ICT would reduce the compliance cost of supervisory reporting and improve data management. Notably, between a third and two-fifths of the respondents do not know or do not consider the question applicable.

Note: The percentages reflect the share of each type of answer in the total number of non-blank answers provided.

The majority of respondents do not consider greater use of ICT as an important way to improve regulatory reporting. According to respondents, the majority of recurring reports is already automated. For those reporting activities that are still performed manually, the root cause is the instability (due to frequent changes) or inconsistency (definitions and criteria differing from other reports) of reporting requirements or the infrequency of submission (incidental requests).

Some public authorities are in favour of a greater use of ICT with the objective of enhancing interoperability and enabling the use of state-of-the-art information engineering and data management methods. Some advocate striving for machine-readable reporting requirements, thereby creating the potential for automated, straight-through regulatory reporting.

Many respondents see clear, stable, and transparent requirements provided with sufficient lead-time for development, testing, and implementation as a prerequisite for efficient use of ICT.

Some industry respondents believe greater use of ICT requires common technologies that are open, standardised, stable, already in use, and extensible. Others pointed out that it requires proportionality principles (including the provision by supervisors of ready-made tools with essential functionality) that accommodate smaller entities, which do not have enough volume to build automatic processes.

Greater automation of the supervisory reporting process

The vast majority of respondents consider that greater automation of regulatory reporting can to some degree reduce reporting compliance costs (80%) and improve data management (78%). In both cases, the largest proportion of respondents felt that the role of grater automation is significant (42% and 39%, respectively).  

Note: The percentages reflect the share of each type of answer in the total number of non-blank answers provided.

Almost all respondents considered greater automation of supervisory reporting and greater use of ICT as very closely linked. Their responses, accordingly, mirrored those given on greater ICT use.

Role of EU regulators in facilitating greater use of ICT and/or greater automation of the reporting process

The majority of respondents believe that EU regulators can play a role in facilitating greater use of ICT and greater automation of the reporting process, with more than half of the respondents (53%) even attributing an 'important' or 'crucial' role to EU regulators in this regard. Less than 10% of respondents feel that EU regulators have no role to play in each of these areas.

Note: The percentages reflect the share of each type of answer in the total number of non-blank answers provided.

The majority of respondents see as the most crucial potential contribution of EU regulators the stimulation of a transition to efficient, data driven supervision. According to some respondents, one data model, one set of data definitions, and a single data repository would facilitate the reuse of data and the application of common agreed transformation rules. A few warned that legislation must remain technology neutral. Respondents suggested that EU regulators should, in particular:

·Continue to develop purpose-built communication channels (including stakeholder or expert groups around specific reporting requirements), so that firms and regulators can communicate on an ongoing basis and come to shared understandings of what needs to be reported.

·Coordinate on an international level so that definitions and standards – which may include the greater use of international standards, financial identifiers, and taxonomies – are applicable in multiple jurisdictions.

·Pause the pace of regulatory change, allow for longer implementation timelines, and provide sufficient guidance on regulation so that firms can make strategic and long-term ICT investments.

Finally, public authorities pointed out that there are several initiatives under way aiming at streamlining regulatory reporting, such as efforts to simplify transaction reporting under EMIR or to integrate ECB statistical requirements on insurance undertakings into the Solvency II framework or the Banks’ Integrated Reporting Dictionary (BIRD) initiative. Industry respondents generally praised these initiatives and suggested an extension of their scope.

3.3Targeted consultation of national competent authorities

Between November and December 2018, the Commission carried out a targeted consultation to seek input from National Competent Authorities (NCAs) on EU-level supervisory reporting requirements. The Commission's aim was to gather input and evidence on a number of specific issues from the perspective of NCAs, given that only a few had responded to the public consultation, and that the public consultation questions were not designed to address NCA-specific issues.

The Commission received 44 responses from 35 NCAs in 27 EEA member states 258 . 22 of these respondents indicated that they are responsible for supervising banks, 19 for insurance companies and 26 for markets and conducts. 18 of them specifically noted that they are responsible for other sectors as well, mostly the supervision of investment firms/funds, pension funds and payment institutions or act as a national resolution authority.

3.3.1Benefits of EU reporting requirements

A large majority of NCAs (34 of 42 responses provided) agreed that the EU-level supervisory reporting requirements introduced since the financial crisis improved their capabilities to fulfil their statutory tasks and mandates, such as the supervision of entities. The other 8 respondents also saw benefits in the reporting requirements, but expressed more balanced views, e.g. differentiating between specific reporting frameworks, where improvements are not equally felt, or pointing out still existing data quality issues, complexity issues, or that they already had sufficiently effective national reporting regimes before.

Most NCAs stated that the new EU-level supervisory reporting requirements provide more granular and standardized qualitative and quantitative data 259 , which increases the comparability across EU regulated entities and across countries and which globally improved their capabilities to fulfil their supervisory tasks. Some EU-level supervisory data was not available before in their jurisdiction (e.g. data on derivative transactions 260 , etc.), while other data has largely replaced previous national reporting requirements – freeing up supervisory resources. The new reporting frameworks required NCAs to allocate resources, e.g. improve supervisory processes 261 , build new IT-infrastructure, and create more advanced analytical tools. This allowed NCAs to carry out more detailed, accurate and complex data analysis of the supervised entities. The greater comparability of the data at EU-level has been very useful, in particular for the supervision of cross-border groups, or by enabling benchmarking domestic entities against the EU average key performance indicators (KPIs) published by the ESAs. Receiving data on both individual and consolidated level provide supervisors with valuable insights on how the structure of the reporting entity (at an individual level) contributes to the consolidated position of that (parent-) entity. The new reporting frameworks also allow NCAs to exchange information on transactions with financial instruments more effectively.

As a result, the new EU-level supervisory reporting requirements improved significantly the monitoring of systemic risk in the single market, the interconnectedness of the financial system, and the developments that may pose a threat to financial stability. It also improved market surveillance 262 and the monitoring of the evolution of business models, financial positions, exposures and risks over time. Several NCAs mentioned the benefits of better understanding the products offered, or how the industry operates in general. NCAs confirmed that the current set of reporting regimes certainly represent a valuable tool for the protection of investors/ consumers as well. NCAs reported to also use the data in support of their policy work.

The majority of NCAs (24 out of 42 responses provided) noted that the EU supervisory reporting requirements introduced since the financial crisis stimulated improvements in risk management and business conduct of supervised entities. According to them, new reporting requirements alone prompted the supervised entities to focus more resources in the risk management area, increasing their awareness and improving their risk management policies and procedures. The other NCAs did not exclude such effects either and just pointed out the lack of evidence to that effect (some added it is too soon to assess), or that it is difficult to separate the effects of regulatory reporting and the regulation itself. Some noted that the data reported to supervisors is not the same as the data used for internal risk management.

3.3.2NCAs’ usage of the reported data

The NCAs explained that they use supervisory data across the whole range of their activities on a regular basis to meet their supervisory duties. The accomplishment of their mandatory tasks depends on the availability and quality of the data provided by reporting entities. The data may be used for supervisory purposes internally, and also analysed for statistical purposes and published externally. Supervisory activities include day-to-day individual supervision of entities 263 and institutions (micro-prudential level), and horizontal supervisory monitoring related to the proper functioning of the financial system as a whole (macro-prudential level). Within this framework, the supervisory data allows NCAs to calculate and monitor individual risk indicators and certain performance figures, assess risks, check whether and how financial institutions comply with the applicable regulatory framework, prepare detailed analyses for off-site examinations and on-site inspections, conduct stress-tests, identify certain thresholds, calibrate certain requirements, develop early-warning systems, better understand the regulated entities’ business activities, perform analyses to assess the impact of regulatory actions and to evaluate further regulatory steps, inform financial stability discussions, fulfil international data requests, etc.

The NCAs also explained that the data collected often form the basis of market analyses of trends and risks in financial markets, macro-economic analyses, and occasionally economic advices to the government and result in the publication of various reports, key indicators, benchmarks, thematic studies, economic working papers and various statistics.

In their responses, the NCAs also provided several more concrete examples of how particular reporting frameworks are used in their supervisory activities, in what frequency, and what is the resulting output.

As regards data that is not used, several NCAs did not provide any answer, or claimed that they use all data / all data is useful. Some of the NCAs explained that they were not in the position to answer this question and further work would be needed to map the data received against the different data uses. Some confirmed that such analysis is currently ongoing in their authority.

The majority of NCAs nonetheless acknowledged that not all data was always used effectively by supervisors. The non-usage of data was explained by very different reasons. Quality issues were mentioned most frequently as a factor preventing the use of certain data. In this context, NCAs pointed out that the reporting framework is relatively new and several elements of the reporting process are still in the development. There is a learning curve for ensuring data quality (clear guidance for the industry, implementing IT tools on both sides, etc.), but also for the supervisors to develop the necessary analytical tools and expertise. EMIR and AIFMD were mentioned repeatedly as reporting regimes where data quality issues continue to exist for an extended period, while a few NCAs brought up Solvency II where usage is still in the development 264 . Another reason that appeared frequently is related to proportionality for small and non-complex institutions or to the specificities of the different markets. Even though proportionality has been taken on point, there are still examples of certain data of smaller or less risky institutions which is not looked at, or not looked at with the same frequency as for other institutions. These issues may not necessarily affect a complete report, only that some fields are used more frequently than others. Examples for market specificities affecting report usage are geographical breakdowns that are not used in some more locally oriented markets. Also, some NCAs argued that EMIR reporting was designed for markets with big volumes of derivatives transactions, being less useful in their small market. In addition, NCAs explained that certain data were not used because the data (or similar data) was already reported or available in another report but possibly at a higher level of aggregation that was deemed sufficient by the relevant NCAs. Examples given are certain short selling data under MiFIR and SSR, or reporting of certain transactions data under MiFIR and MAR. Finally, a few cases were noted where an NCA does not find certain data, or the level of detail provided, useful for its work. Some mentioned the granularity of COREP and FINREP reports in this context. However, some NCAs noted, that even where data is not currently used, it does not mean that it will not be used in the future. Another NCA reported that the information used for analysis is mainly the aggregated data and ratios, but the more detailed data helps explain the underlying evolution of the aggregates/ ratios.

The NCAs understand the risk of data not being used and the need to minimise the administrative burden for reporting entities. Some advocated engaging all stakeholders at an early stage of regulation and called for a systematic identification of unused data whenever a certain regulation is reviewed.

As regards the alignment of data collection frequency with data usage, most NCAs (26 out of 44) found it appropriate. Other NCAs however pointed at areas for improvement. Their proposals concerned the possibility to introduce greater proportionality and to differentiate between reporting entities within the same reporting framework, i.e. to adapt the frequency (and the complexity) of the reports according to the risk profile (e.g. size) of institutions. As regards concrete examples, several NCAs mentioned the ALMM (Additional Liquidity Monitoring Metrics) templates, where less frequent reporting could be considered. Others noted that some AIFMD and SCR (Solvency Capital Requirement) reports could usefully be made more frequent for the larger entities. Some NCAs pointed at problems with the frequency of the daily EMIR reports, which they are still not able to process on a daily basis due to capacity issues (while most of them do not contest that the collection frequency is aligned with the intended use of the data).

The majority of NCAs could identify data that they are missing to fulfil their supervisory duties, although some noted that in such cases they could and do rely on national level reporting requirements to fill data gaps. One NCA pointed out that data needs change over time (industry evolves, new risks, etc.), so new data will always be needed to fulfil supervisory duties effectively. NCAs provided examples of missing data across the board, including EMIR end of day position reports, a unique transaction identifier allowing reconstructing a whole transaction chain under EMIR and MiFIR, EU level data on the liquidity of certain classes of financial instruments 265 , mandatory reporting of the legal entity identifier (e.g. in the AIFMD), the Basel Committee’s monitoring tools for intraday liquidity, more granularity in FINREP and more info on costs and prices allowing a better assessment of the banks’ business models and profitability, and AML (anti money laundering) risk related metrics.

As regards the challenges NCAs are facing in terms of data handling, integration, and aggregation processes, huge and complex datasets and data quality issues were mentioned by almost all NCAs. The sheer volume of data (in particular in the area of transaction reporting), the complicated data structure 266 and the required technical format not only require NCAs to make significant investments in the development of IT systems/tools, but also to hire IT professionals, which – due to high demand – some NCAs are having difficulties with. The complexity affects not only the timely collection of data, but also their analysis. General resource constraints and limited budgets were also noted as an issue. Some NCAs noted that they were still on the learning curve and undergoing further investment in systems and know-how.

NCAs frequently mentioned the lack of harmonization of data standards, identifiers, formats, definitions, reporting processes and frequency across different reporting frameworks. This also made it challenging to integrate data from the different areas of reporting (supervisory, statistical, resolution, macro-prudential, monetary, etc.). Some highlighted the need for more joined-up thinking to break the “silo approach” or the potential to realise unexploited synergies and efficiency gains. In addition, frequent revisions and changes to reporting requirements, apart from creating capacity issues, make the determination and analysis of longer time series complex and time consuming. Insufficient implementation time after final publication of a new reporting framework also came up repeatedly (see also below).

3.3.3Data quality

NCAs generally highlighted that data quality is essential for them to fulfil their supervisory duties. When asked about the general quality of data collected, most NCAs reported differences in the different fields of their supervisory activities. In the areas of banking and insurance supervision NCAs were on average satisfied with the general quality of supervisory data (quality is “sufficiently high”; “good”; “acceptable”; “high”; “reasonable”; “more or less in line with the requirements”; ”reliable”, etc.). In the area of markets and conduct supervision, the NCAs’ view appear to be more mixed (“working on it”; “there are issues”; “certainly improving”; “improved significantly”; “acceptable”, “generally sufficient quality”; etc.), and in particular the quality of EMIR data was often criticised. Several NCAs also singled out AIFMD reporting as still having data quality issues. Notwithstanding, almost all NCAs, across all supervisory fields, found it important to note that the quality of data is improving.

Rather than providing overall conclusions, some NCAs pinpointed to particular problematic sections within a framework, while other parts were considered to deliver data of good quality 267 . Several NCAs found that reporting quality varies significantly entity by entity, across banks, investment firms, trade repositories, funds, etc. Finally, some NCAs differentiated between the different frequencies reports within the same framework, e.g. they were happy with the quarterly reports under Solvency II, while the annual submissions proved to be more complex and demanding, especially for small reporters 268 . Some NCAs noted that data quality depended on experience and time for learning; accordingly, data quality is generally poorer for new frameworks, new templates or templates with lower reporting frequency (annual or semi-annual) but can be expected to increase with time and experience.

NCAs identified several factors determining the quality of data. The list begins with clarity and legal certainty: clear and consistent requirements, harmonised concepts and business-friendly definitions, leaving little or no room for interpretation 269 result in higher quality. Closely related to this, frequent interaction with the supervised entities, clear and concise guidance (with examples where necessary), a well working Q&A-process, helpdesk, etc. are key to ensure a consistent approach. NCAs also noted a clear link between the quantity and complexity of the required information and data quality. Proper quality checks were also considered important, including properly implemented validation rules and other additional controls 270 and consistently applied enforcement measures to enhance the quality of data. Technical choices regarding standards and formats, such as the introduction of XBRL, also contribute to improved data quality. Some NCAs found that data quality is best for data most frequently used by supervisors, possibly reflecting the stricter scrutiny and quality enforcement applied to such data.

NCAs acknowledged the necessary learning curve for the industry (as well as for the supervisors) before quality becomes satisfactory. As a result, they noted that better quality data requires a more stable regulatory landscape in terms of reporting requirements (less frequent changes) and sufficient time to adapt to new/amended regulatory provisions and reporting requirements. The different characteristics of reporting firms is also an important factor influencing data quality according to NCAs. Such decisive characteristics are the complexity and diversity of the firm’s business models and instruments traded; the resources and priority that the firm dedicates to the reporting; the effectiveness of the firm’s systems and controls; competences, experience with reporting - many of these attributes correlate with the size of the reporting entity. In this context, NCAs consider the existence of proportional reporting requirements as key to increased (average) data quality.

An NCA observed that firms that are outsourcing transaction reporting often have poor data quality. Another mentioned that the introduction of trade repositories as intermediaries between reporting entities and regulators created an additional level of complexity and potential source for errors.

NCAs’ suggestions for improving data quality reflect the factors they identified as determining it. Regarding concerns about clarity and legal certainty, some NCAs called for clearer legislation, simple, clear and harmonized definitions, a “common financial language” 271 , common identifiers, harmonised data standards and formats, further and clearer guidance and instructions 272 ; appropriate training on the domestic and international level 273 , and a more streamlined and quicker Q&A-process. In this context, meeting with the relevant industry stakeholders to discuss data quality issues, as well as greater coordination among supervisors was considered to be beneficial. The development of risk and supervisory indicators would facilitate the identification of key fields and data to be added and those to be removed from the reporting requirements. Some NCAs also suggested that reporting requirements should include more clearly the purpose of collecting the data in question. Such transparency, together with sharing with the industry the results in an aggregated format could help the reporting entity to better understand the content of the collected reports and their ultimate use, thereby improve data quality.

NCAs also recommended to: implement additional, more detailed, stricter and thoroughly tested validation rules; use further quality checks (such as sanity checks on key fields, definition of standard behaviours/ranges, periodic quality reviews, even on-site activities, etc.); and to strengthen enforcement also to make supervised entities understand that good data quality is key in supervision.

As already noted above, NCAs also called for more stability and consistency in the reporting requirements; and to leave enough time to both reporters and supervisors to adapt to new ones. Finally, some NCAs noted that data quality would be enhanced by simplified and more proportionate reporting requirements that are less burdensome for smaller firms.

3.3.4Differences in reporting processes

NCAs were asked about their views on and experience with the different reporting processes, e.g. where data may flow from the reporting entity to the NCA and forwarded to the EU supervisor (e.g. CRR/CRD4, Solvency II) or from reporting entity to a designated third-party and forwarded to the NCA and the EU supervisory (e.g. transaction reporting under EMIR and SFTR), or from the reporting entity to the EU supervisor and then forwarded to the NCA.

Most NCAs (26 out of 43 responses provided) believe that the sequential approach, whereby the entities report to the NCA, which then forwards the data to the EU supervisor, has several advantages. Firstly, a large number of respondents think that this approach combines efficiency and proximity, with important implications for data quality, stemming from the direct contact between the reporting entities and the NCA, and also from the NCA’s knowledge of the local market and its specificities. Secondly, several respondents highlighted the merits of the sequential approach in terms of timely access to the data, enhancing the capacity of the NCA to carry out its supervisory duties and to react quickly to any perceived adverse evolution. Two respondents also mentioned improved data confidentiality as an advantage of this type of reporting flow.

As regards the shortcomings of the sequential approach, several NCAs consider that the NCA as an intermediary might be a source of error and time lag due to differences in how the various NCAs have implemented the requirements, including validation rules. Also, the data quality assessment carried out at the national level is often affected by national interpretation, so that a uniform EU wide database cannot be ensured (e.g. in the case of AIFMD reporting, where management companies report first to the NCA as the main contact point, which then transmits the data to ESMA’s central database. Some respondents believe that this sequential reporting process is also more resource-intensive, as each NCA needs to build and maintain the data transmission system and carry out time consuming data quality verifications.

In the area of transaction reporting, where data is reported to a designated third party (e.g. trade repositories in EMIR and SFTR), some NCAs noted advantages of this approach, in particular the fact that any follow-up action with the reporting entities to validate the data or to correct potential errors can be transferred to the specialised third party, thus removing workload from NCAs and ESMA and improving data quality. The benefits of using a unique reporting format were also highlighted.

On the other hand, several NCAs noted that the system of reporting to a designated third party, which then forwards the data to the NCA and the EU supervisor, has a high level of complexity and poses various challenges to the reporting entities and NCAs alike. Firstly, it was argued that data quality and consistency could be more difficult to achieve when reporting to a third party. In the particular case of EMIR reporting, a number of NCAs noted that reporting to separate trade repositories (TRs) has led to non-comparability of the information provided, as reporting can differ across TRs. Some NCAs noted that data quality is affected because the validation process is not fully harmonised and inter-TR reconciliation is complex (in particular in cases where the two counterparties to the trade report to different TRs). Others pointed to problems due to the lack of NCA involvement at the stage of data validation and correction, as TRs do not inform NCAs about the feedback they provide to counterparties. Reference was also made to the specific case of reporting to an Approved Reporting Mechanism (ARM) under MiFIR, arguing that the reporting entities paying the ARM for the service being offered have the tendency to absolve themselves from any responsibility, often resulting in lower data quality.

Only one NCA commented on the pros and cons of a reporting process whereby the entity reports to the EU supervisor, which then forwards the data to the NCA (as is the case under REMIT). According to the respondent, any updates to the rules and requirements could be easier to handle if reporting were delegated to an EU supervisor. On the other hand, the respondent pointed out that this approach also has some disadvantages, as NCAs lose direct contact with the reporting entities, which translates into time lags 274 and data quality issues. Also, the respondent considers that the EU supervisor, as the central manager, bears a high workload and ends up being a bottleneck in this model (for example, regarding system outage or processing capacity limits).

NCAs provided a diverse set of suggested changes and improvements to the current reporting processes. For example, one respondent suggested the need for having one comprehensive regime for reporting for all sectoral legislation as this would be more efficient than having several different reporting regimes - one for each sectoral legislation, while another NCA sees merit in implementing a “multi-use of data” approach, whereby the data once reported can be re-used to fulfil as many different reporting requirements as possible. A number of respondents suggest including even more validation rules and automated controls in order to detect erroneous/missing data and strengthening the testing of these validation rules. A few NCAs think that the process of answering queries is too long and that the Q&A process should be speeded up. Other suggestions include: (i) Simplifying the format and content of the data reported; (ii) Implementing a faster and more transparent approval process for new or updated requirements by the Commission to reduce legal uncertainty and give reporting entities and NCAs more time to prepare; (iii) Introducing materiality thresholds, limiting the scope of resubmission requests to significant changes; or (iv) Centralising the data collection, quality checks and exchange of transaction reporting at the level of ESMA.

3.3.5EU-level and national reporting requirements

On the question of whether there are any aspects of EU legislation or EU-level supervisory requirements that prevent them from setting up national supervisory reporting in an efficient manner, the large majority of NCAs answered negatively. NCAs generally acknowledged the benefits of having a harmonised approach to supervisory reporting and that the EU requirements provided them with the data needed to fulfil their supervisory responsibility.

However, a small number of NCAs argued that the EU level requirements were excessive or that EU rules did not always leave enough flexibility to ask for additional data in some key areas where additional information could be beneficial. One national banking supervisory authority regretted that, due to the divided responsibility for supervising banks in the SSM, it was not allowed to impose additional reporting requirements for the significant banks in its jurisdiction.

While acknowledging tensions between the benefits of having EU-wide harmonised data and national flexibility, a number of NCAs noted that current EU level requirements presented the right balance. They highlighted that these requirements were the result of intense discussions within the relevant ESAs as to what information the NCAs need in order to supervise efficiently and fulfil their mandate. While all NCAs had to make compromises with regard to reporting, it was noted that the points raised by NCAs during these discussions were generally addressed and also that no NCA was deprived of information they thought was essential to have.

NCAs noted that the level of flexibility to set national reporting requirements differed across EU legislation. Some specifically referred to insufficient harmonisation in particular in the area of investment funds (AIFMD and UCITS reporting), noting the problem this causes for entities operating on a cross-border basis. In areas where reporting follows the maximum harmonisation principle, NCAs explained that they were generally not able to dispense of EU reporting requirements or add additional national reporting within the scope of that legislation. However, they referred to significant flexibility in being able to add national requirements that are outside the scope of the legislation or subject to exemptions and discretion. Here, a small number of NCAs complained that harmonisation was insufficient, and some noted that the level of technical documentation provided by the ESAs was not always detailed enough to prevent different interpretations on the data. Others referred to the reluctance of some NCAs to agree to further harmonisation or to modifications in the technical documentation that may entail additional system development costs.

The vast majority of NCAs explained that they customise EU-level requirements when implementing them at national level and/or complement EU-level data requirements with additional national data collections. Even those NCAs that argued that EU requirements were too extensive highlighted specific areas where additional national data was collected to fulfil specific supervisory needs and take account of national specificities.

On the banking side, several national authorities explained that, given the different accounting frameworks open to banks (IFRS or national GAAP), they have different reporting systems and provide for national templates for those banks reporting under national GAAP, with corresponding separate reporting also required at consolidated, sub-consolidated and solo level. Other examples for national data collections related to the reporting of non-performing loans, liquidity, the interest rate risk in banking book, operational risk and other areas where FINREP or COREP reporting was seen as providing insufficient (insufficiently granular or not frequent enough) information. A number of NCAs referred to country specific-risks, e.g. high NPL ratios in the domestic banking sector or overheating real estate markets that deserved more granular or more frequent reporting on NPLs and real estate lending, respectively. In this context, it was noted that these national requirements could be phased out once EU reporting in these areas is enhanced. Also, some NCAs required more extensive reporting on a solo level where the applicable EU requirements would only be for consolidated reporting (e.g. for large exposures). Other examples included additional reporting of the national identification code or similar identifiers and other smaller amendments to the EBA taxonomy. As regards bank resolution reporting, national customisation of EU requirements was justified with reference to legal specificities (e.g. insolvency law) or again accounting requirements (national GAAP vs IFRS).

For insurance, some NCAs referred to additional national validation rules to what is otherwise harmonised Solvency II reporting. Others pointed to the provision in the Solvency II Directive that allows them to adjust requirements to introduce proportionality, so as to alleviate the burden for smaller insurers. Outside the scope of Solvency II, national authorities referred to reporting for statistical purposes, as well as additional reporting to facilitate market conduct supervision and fulfil an authority’s accounting enforcement duties. Additional national reporting based on accounting data was noted by one authority given that the national GAAP differs from Solvency II recognition and valuation principles and undertakings’ position under national GAAP was still considered relevant for supervision. Additional reporting on profitability was also noted. One authority referred to its national summary reports on investments and investment income, stating that the list of asset template in Solvency II proved to be technically too demanding for its current database but that improvements were ongoing.

A few prudential supervisors noted that, because of the maximum harmonisation approach, they had to stop a number of national templates, and consequently were no longer able to gather this data through the regular reporting route, resorting instead to alternative routes and ad hoc data collections.

In the area of investment fund management, national differences were noted to be significant, and several NCAs provided an overview of the data that they regularly requested from the industry, referring also to specific examples where significantly more granular data (and in some cases different aggregations) is required at national level than, for example, required under AIFMD reporting. Examples of additional data collected at national level on AIFs' portfolios included the detailed portfolio composition in terms of each financial instrument (ISIN) invested by the fund or more detailed information on the geographical focus, investment strategy or risk profile of the fund as a whole.

By contrast, few examples of national differences or reporting add-ons were provided in the area of transaction data reporting. For EMIR and to a lesser extent MiFIR, there was no legacy reporting in place at national level. Also, NCAs noted that the EU reporting requirements are very extensive, and that they see little need and/or little scope for requiring additional data at national level.

The few examples of customised requirements set by NCAs referred to providing additional detail to points not covered by ESMA technical documentation or where further clarity of terms and requirements was needed. Also, a couple of NCAs stated a need to add some additional validation rules to enhance data quality checks. Several NCAs noted that they have extended the scope of EU requirements and applied those requirements to collect other data, e.g. on transactions other than those currently covered under the MiFIR transaction regime. One NCA explained that it has extended the MiFIR article 26 requirements that mainly fall on investment firms to regulated markets and MTFs in order to directly collect their data. Another highlighted the data flows it collects from trading venues and systematic internalisers, such as details of contracts concluded on such platforms and lists of financial instruments traded.

More generally, many NCAs referred to the need to ask for additional data for statistical purposes, e.g. to complete national financial market statistics, going beyond the supervisory reporting set out in EU legislation. While a few NCAs referred to efforts to develop more integrated data reporting for supervisory and statistical purposes, others explained the need to collect more data for statistical purposes – sometimes at a more frequent and more granular level than what is required in EU supervisory reporting templates. Reference was also made to the additional reporting needs for macro-prudential purposes and to monitor specific risks to financial stability. Some NCAs insisted that national reporting was still necessary to allow the continuance of specific data time series or to allow better assessment of financial stability risks and macroeconomic analysis. In this context, several NCAs also highlighted the need for ad-hoc reporting on specific risks, and to have flexible data collection available for NCAs to deal with country-specific data needs.

Some NCAs clearly stated that they see national reporting as complementary and made efforts not to impose duplicative requirements, instead using current EU supervisory information where possible and not requesting information from institutions that has already been submitted. Indeed, several NCAs provided concrete examples where, as a result of EU requirements, some prior national data collections and data templates were discontinued (or in the process of being discontinued) to avoid duplication or undue data collections to limit the burden on supervised entities. However, others explained that there is still quite some duplication. They explained that this was partly for legacy reasons, and some stated a need for further review and streamlining of national requirements. A few referred to already ongoing national reviews to eliminate duplicative reporting and harmonise requirements.

Beyond asking for additional data and extending the content and scope of what is being reported, a number of NCAs referred to customisation of EU requirements in relation to the format of reports. For example, instead of applying the XBRL standard for FINREP and COREP data collections in the area of bank prudential reporting, one NCA explained that it adopted another format that made it easier to implement additional validations between reports based on EU taxonomies and national data models. Several NCAs explained that they generally required XBRL reporting of CRR and Solvency II data, but had made concessions for smaller firms and granted them more time and less frequent reporting. A number of other NCAs specifically noted that they do not see any benefits of customising reporting formats and processes as these eventually lead to inefficiencies in terms of workload and data quality. One NCA admitted that due to current technical system limitations, it cannot yet take advantages of the EBA’s XBRL taxonomy and hence required the submission of data tables that differed from the EBA format, but that investments are ongoing to implement a technical system that will allow data to be collected in XBRL format in the short-term. Others also referred to ongoing efforts at national level to streamline national reporting and invest in IT system development. One NCA pointed to a need for more joined up working of the authorities when it comes to developing IT tools to be able to analyse the big volume of data that is being made available, in particular from EMIR transaction reporting. Rather than having a multiplication of individual NCAs' efforts to build their own infrastructure to analyse EMIR data, it would be efficient to work more closely together to develop a common infrastructure for the analysis of the data and detection of relevant risks.

3.3.6Implementation timelines

The NCAs are divided as regards their views on the appropriateness of the implementation timelines for EU-level supervisory reporting requirements. 14 NCAs agreed and 14 NCAs disagreed with that the timelines on average are appropriate, while 13 expressed mixed views 275 , highlighting specific examples where timelines were considered too tight. Critical NCAs linked inappropriate timelines to poor data quality and ultimately inadequate supervision, and/or increased costs for both the industry and supervisors, and higher risk of ad-hoc requests.

In terms of improvement, NCAs made several suggestions for a strict and standardized approach that all implementation timelines should follow. The request that any new requirements or amendments should allow for at least one year of preparations, for both the industry and the supervisory authorities, was frequent. Others refined it by demanding 6 months for minor changes, and 12 months for larger ones. Some NCAs suggested that 6 months of lead time in general would be appropriate. These implementation times should start from the finalisation 276 of the detailed technical requirements at supervisory level (level 2 and 3), which should be facilitated by the legal text at Level 1 277 . Changes should be aligned to achieve consistency and reduce implementation costs and not be too frequent (stability): preferably, new requirements / amendments should be implemented at year-end only, and as such should not change more than once a year (minimum freeze-period). In addition, essential questions of reporting entities must be answered in a timely manner in the implementation phase.

3.3.7Costs and burdens of supervisory reporting for NCAs

As regards the quantification of costs and burdens of supervisory reporting for NCAs, the large majority of respondents were unable to provide any data, noting that this was not being systematically collected and difficult to estimate. Only a few responses included figures in terms of FTEs, or costs, but this data was patchy and not provided in a consistent and comparable manner, often lacking the details on what the estimates referred to. 278 Also, one authority provided detailed cost figures but on a confidential basis.

Instead of quantification, NCAs discussed the administrative burden in qualitative terms. IT system development and implementation 279 was seen by many as the most costly element of supervisory reporting in recent years, in particular during the introduction of the new or amended EU reporting frameworks 280 . NCAs also noted that such one-time costs are relatively higher in smaller countries, as not being proportional to the size of the market. Once the new systems and processes are in place, ongoing day-to-day supervisory activities become relatively more important. The most burdensome of such activities are clearly related to data quality checks/validation 281 , data cleaning 282 and data analysis. System development requires relatively more financial resources, while the day-to-day activities of data analysis and supervision is more human-resource intensive. Two authorities emphasized that investments also led to savings, e.g. automation saves labour costs, or that EU reporting makes national implementation unnecessary.

3.4Other consultation activities

In addition to the consultations, the Commission organised four workshops with the participation of various stakeholders involved in the supervisory reporting that took place in the final two months of 2018.

3.4.1Workshop with representatives of the insurance and pension fund industry

The workshop held with representatives of the insurance and pension fund industry took place on the 19th of November 2018 and gathered 14 participants. The key messages from the workshop are summarised hereafter:

·Insurance corporations and pension funds acknowledged the value of high-quality reporting and welcomed the Fitness Check as an important step towards streamlining the supervisory reporting requirements;

·The regulatory framework applicable to European insurance/reinsurance companies and pension funds is characterised by a relatively high degree of specificity. As a result, the discussion during the workshop remained to a large extent focused on very granular issues related to the Solvency II framework, while very few concrete examples of cross-framework dysfunctionalities emerged. Some participants mentioned the inconsistencies/overlaps between transaction reporting under Solvency II and EMIR on one hand, and position reporting under Solvency II and CRD IV, on the other hand. Nevertheless, no details have been provided as to the particular definitions which are inconsistent, nor as to the overlapping data points;

·The short deadlines for Solvency II reporting emerged as one of the main areas of concern, with some participants claiming that the current deadlines were the main factor affecting data quality. When asked which should be the priority areas for quick fixes, most participants mentioned the improvement of reporting deadlines as a key initiative in that respect, which would require modifications in Level 1 legislation;

·Duplication between the information available in various templates/reports was also frequently mentioned. A typical example given to illustrate this matter was the SFCR report requested under Solvency II, which some participants saw as a repetition of the information already communicated through other public reports 283 ;

·Double-sided reporting under EMIR, the misapplication of the Solvency II provisions on proportionality in certain jurisdictions and gold-plating were other perceived problem areas;

·EIOPA delivered a presentation on its approach to reporting and disclosure and on the upcoming Solvency II 2020 review. The more holistic reporting and disclosure review is intended to focus on, among others, SFCR disclosure, QRTs, proportionality and taxonomy. In its presentation, EIOPA also acknowledged the important role played by the feedback gathered from the insurance industry through the public consultation in preparing for the Solvency II review 284 .

3.4.2Workshop with National Competent Authorities (NCAs)

The workshop held with NCAs took place on the 21st of November 2018 and gathered 29 participants from 12 Member States and Norway. The key messages are summarised below:

·The first session focused on the impact of current EU supervisory reporting requirements on NCAs. While it was broadly agreed that centralisation had many practical benefits for both the reporting entities and supervisors, some workshop participants also cautioned against the shortcomings of having too much standardisation (e.g. due consideration should be given to the business models of the supervised entities). It was also noted that, as some national requirements had to be let go, some NCAs had recourse to ad-hoc requests and other surveys in order to make up for the information which was no longer available. Participants tended to agree that centralisation only made sense when the competent authorities exchanged the information among themselves;

·The second session of the workshop focused on data quality and the feedback provided by the competent authorities to the industry. There was consensus among the participants that data quality would improve considerably if the reporting entities received more feedback from the authorities whenever a new taxonomy was developed, with sufficient lead time for implementation. It was also agreed that sometimes there was a long lag between the moment a reporting entity issued a request for clarification and the moment a Q&A was published. Some validation rules were not easily understood by the entities or were not well defined from the outset, thus acting as blocking factors. Several NCAs stated that they were obliged to find workarounds, only applying the validation rules to those fields which were most relevant for regulatory and/or supervisory purposes;

·The topic of the third session was the interaction between the EU-level and national supervisory reporting. Most participants believed that national requirements could not be completely ruled out, given the local specificities of certain financial sectors. One participant claimed that, if not implemented properly, standardisation could lead to an even larger number of requirements. There was broad consensus across the attendants that more information sharing among the various authorities was desirable, subject to data protection standards being met;

·The aim of the fourth and final session of the workshop was to gather the points of view of the participants on potential ways to streamline supervisory reporting requirements. Several participants advised against implementing small changes, as these would entail significant costs for the smaller players and also for the NCAs. A longer-term approach, with more fundamental changes, would be preferred instead. The harmonisation of definitions across the various pieces of legislation and the emergence of a common financial language were advocated by some attendants and generally found support in the audience. On the contrary, the idea of creating a central data hub was largely dismissed.

3.4.3Workshop with financial market infrastructures and asset managers

The workshop held with financial market infrastructures and representatives of the asset management industry took place on the 28th of November 2018 and gathered 27 participants. The following key messages were delivered:

·Reporting entities have faced a significant increase in reporting requirements since the financial crisis. While industry participants appreciated the need for additional data for supervisory purposes, fragmented silo approaches across legislation have created issues as concerns deviating definitions, formats and standards, which have given rise to disproportionate and unnecessary compliance costs;

·There was wide consensus amongst the participants of the workshop that further harmonisation and alignment across reporting frameworks could lower the reporting burden. A majority, however, noted that small incremental improvements should be avoided. Issues should rather be tackled via major overhauls, addressing also cross-legislative issues in a coordinated manner. The ultimate objective should be to implement a common financial language which will allow moving towards a 'report-once' principle. The extent to which the latter can be achieved was questioned by some participants (given today's technology at least), in particular ESMA and the ECB;

·Industry stakeholders saw an added value stemming from certain supervisory reporting requirements in terms of internal data gathering for internal risk management and business development purposes. They questioned, however, whether data reported under certain other fields was actually used by supervisors. The presentation held by ESMA revealed that (i) reported data was in fact used, although not always in the context envisioned by the respective framework, and (ii) industry representatives were largely unaware of the use-cases presented;

·As concerns transaction reporting, reporting entities flagged several examples of inconsistencies across the MiFIR, EMIR and REMIT frameworks. These relate in particular to definitions used (e.g. criteria for OTC vs. TOTV (traded on trading venue)), formats and standards (e.g. ISO vs. FpML) as well as the more general reporting approaches (e.g. reporting modifications vs. regarding each modification as separate transaction). On the topic of standards it was noted that a wider use would lower the reporting burden but that multiple standards are needed for different aspects (e.g. ISIN would be unusable for OTC).

·On the asset management side, stakeholders complained in particular about the level of fragmentation across nationally transposed legislation. Reporting formats and interpretations of fields often differ from one MS to another while national ad-hoc requests add to these inconsistencies even further. It was also highlighted that certain reporting requirements are inadequately tailored to reflect the activities of certain funds, thus making it difficult to understand what is to be reported (e.g. 'fund turnover' reporting field for private equity (PE) funds).

·The last session on 'the way forward' revealed that stakeholders would highly welcome an increased alignment of standards and the creation of a common financial language. Some participants, however, warned that regulators must be extremely diligent when implementing changes as the situation could otherwise aggravate rather than improve. Many stakeholders also called for an increased centralisation of reporting at the European level as this would automatically avoid diverging national interpretations. There was no firm agreement on whether to address issues separately whenever possible or rather in one fell swoop. Many however appeared to favour the latter option. Meanwhile, there was strong consensus that new legislation and their related reporting frameworks should provide for longer implementation times with appropriate guidance provided to reporting entities duly in advance of the respective go-live date.

3.4.4Workshop with representatives of the banking sector

The workshop held with representatives of the banking sector took place on the 3rd of December 2018 and gathered 15 participants. The discussion could be summarised into several key messages, as follows:

·Banks considered the current supervisory reporting set-up as being considerably better compared to the pre-crisis period, but were aware of inefficiencies in reporting arising from the way new requirements were introduced;

·The main reason for inefficiencies was the design of reporting requirements by the authorities (at both EU and national level) in isolation, without taking into account the data already collected and without consulting the industry on the most efficient use of the data already available at banks;

·The above silo approach has led to inconsistencies in reporting concept definitions between reporting frameworks and to complex reconciliation and aggregation of the reported data (e.g. counterparty, exposure classification, resolution consolidation rules, NPL default definition, etc.);

·One specific and important source of inconsistency was the use of different accounting rules (e.g. IFRS, national GAAPs) as the basis for reporting;

·The second source of inefficiency stemmed from the fact that the reporting requirements were specified in the form of templates specific to a particular supervisor and particular use. This situation led to the reporting of the same underlying granular data with variations in aggregation, categorisation and the amount of reference information provided;

·Supervisors, mainly national, still maintained the existing reporting requirements, even in cases where they overlapped with the newly introduced ones;

·Another cause of burden was the insufficient time for implementation of the reporting requirements. This was due to the improper incorporation of the IT implementation timeline in the overall legislative timeline. By the time the final version of the ITS/RTS was published, the time left for the robust implementation and thorough testing of the reporting and corresponding validation rules on the reporting entity and supervisors’ side was insufficient. This had a negative impact on data quality, leading to requests for resubmission and thus increasing the amount of resources dedicated to the reporting process;

·Ad-hoc requests were seen as particularly burdensome because they compounded the issue of inconsistent definitions with very short deadlines, which prevented using the existing reporting infrastructure and entailed large amounts of manual processing;

·Workshop participants considered that a common dictionary containing definitions of reporting concepts and a mapping of the data currently reported were necessary in order to reduce or eliminate inconsistencies. Any new reporting requirements would then need to be verified against this dictionary to ensure consistencies and avoid overlaps;

·Participants also believed that regulators and supervisors should clearly articulate the supervisory objectives and engage in interactive discussion with the industry early in the requirements design phase to find the most efficient way to provide the data necessary to achieve the stated objectives.

ANNEX 4: OVERVIEW OF MAIN ISSUES WITH EU SUPERVISORY REPORTING REQUIREMENTS

The various consultation activities undertaken as part of the Fitness Check (see Annex 3 for detail) showed that stakeholders do not question the need for supervisory reporting. Also, most acknowledged that supervisory reporting requirements are needed for supervisors to fulfil their mandate and contribute to the overall regulatory objectives of financial stability, market integrity and consumer/investor protection in the EU financial system.

However, stakeholders (from industry and public authorities) raised a very large number of issues, ranging from the very detailed to the quite broad. While chapter 6 of the main report presents the overall assessment according to the five evaluation criteria, this Annex presents the assessment on the basis of the main issues raised by stakeholders.

Annex 4.1 presents a summary of the cross-cutting issues that have been identified by stakeholders. Although this Fitness Check was mainly aimed at assessing EU supervisory reporting requirements on a cross-sectoral basis, focusing in particular on overlapping, duplicating or inconsistent requirements between different legislative frameworks, most issues raised were in fact specific to a particular sector and framework. They often highlighted very detailed requirements within specific frameworks that were seen as not working well or imposing excessive burdens. All specific concerns raised during the public consultation, the conference, targeted consultations, workshops and roundtable discussions were reviewed in detail and assessed.

Annex 4.2 provides a summary overview and short assessment of these sector-specific concerns, grouped into four sectors: banking, insurance, asset management and financial markets. To the extent that they are framework-specific, many of these issues are best addressed in sectoral reviews and improvements of the legislation in question, and in fact many of the issues raised are already within the scope of ongoing reviews or other initiatives addressing supervisory reporting.

4.1Overview of cross-cutting issues 

Although typically sector- or framework-specific at the detailed level, the analysis of these issues suggested some common concerns with supervisory reporting across the EU financial acquis. As can be expected, industry stakeholders often took quite different views from those of regulatory and supervisory authorities, but there was nonetheless agreement on the need for improvement regarding many of the key themes. The common or cross-cutting themes include the following - not ranked in any particular order as their importance differs across sectors and frameworks:

·Complexity and lack of proportionality of requirements

Reporting entities claim that there are too many reporting requirements, too many data fields, and too many templates, and that these are not sufficiently coordinated and aligned. Moreover, it can be difficult for reporting entities to identify which data requirements apply to them, given the large volume of relevant legal text and accompanying guidelines and the way the requirements are drafted. In several areas, the reporting burden is deemed to be excessive compared to the added supervisory insights gained. The complexity of supervisory reporting reflects to a large extent the complexity of the regulatory framework and the financial system itself.

A related concern raised by industry is that proportionality of supervisory reporting is not systematically ensured. While recent efforts have already been made to reduce the reporting burden (e.g. for smaller and less risky banks or investment firms in the CRR or for pension funds and non-financial counterparties reporting OTC derivatives trades under EMIR), the proportionality of supervisory reporting remains a concern. Smaller institutions noted that although they only have to complete a limited number of reporting fields, reflecting their more limited activities, they are still required to go through the full return and justify which parts are relevant and which not. Questions about materiality were also noted in this context, such as the burden arising from the reporting of non-material values in the CRR or the need to reconcile of non-material transaction data across trade repositories in EMIR.

·Unclear and inconsistent definitions

Inconsistent and unclear definitions, both in EU and national reporting, introduce a burden for reporting entities. They imply often time-consuming and labour-intensive data preparation efforts.

While the definitions applied to reported data are often very similar, minor differences in the meanings (e.g. the scope of transactions or exposures covered or the specific calculation method applied) prevent reporting entities from using one single reporting system for all their reporting obligations. Reporting entities then need to operate duplicative reporting systems, with implications in terms of fixed and on-going costs. In addition, there are certain definitions that are not sufficiently clear or are left to the interpretation of national competent authorities. This means that reporting entities face uncertainty in the supervisory reporting process, often needing to guess the intention of the regulator, which can result in potential errors and lower quality data. Examples include the definitions of terms like counterparty, NPL default, various AIFMD reporting fields, resolution consolidation rules and transaction notional amounts modifications, among other.

Inconsistent and unclear definitions also affect supervisors as they make data aggregation and reconciliation across frameworks more difficult. Examples include transaction data differences between EMIR, MiFIR and REMIT reporting requirements (e.g. definition of 'OTC derivative' or 'trading on trading venue' (TOTV) concept).

·Insufficient or inconsistent use of standards and formats

Current EU supervisory reporting requirements make reference to different standards and formats, depending on the legislation and the recipient of the data. Some legislations impose standards and formats – although not necessarily the same ones in different acts – while other legislations only recommend them or do not make any reference to them at all.

The use of common standards and formats can greatly simplify reporting processes. With the current fragmented approach, reporting entities are required to develop IT conversion systems and make manual efforts especially during the system setup phase to convert data from one standard or format to another. Supervisors face similar issues when trying to aggregate data that is reported in different standards or formats. Both aspects risk creating data quality issues.

Finally, all groups of stakeholders emphasise that the greater use of standards and formats could result in a significant reduction of the reporting burden. This applies also to the greater use of identifiers, such as the Legal Entity Identifier (LEI), as the underlying reference data would then no longer need to be reported individually but could be extracted from a central repository. Reporting entities that are internationally active argued in particular for the need to advance and adopt internationally agreed standards (such as the LEI but also other identifiers and reporting standards).

·Distribution of requirements between Level 1 and Level 2 acts

In principle, Level 1 legislation is intended to set out a high-level framework for the requirements, while the details – including the form, content, format, frequency, etc. – of the reports are to be defined by the ESAs at Level 2. However in practice, this approach is not always followed, and in a number of cases, Level 1 legislation may contain more detail than intended. This reduces the ability of the ESAs to define the reporting requirements to best reflect the supervisors' needs (and supervised entities standard practices) and to adapt them as these needs or market conditions change. 285 The result is that either the reporting requirements are not entirely suited to the data needs, or complex workarounds need to be developed, which increases the burden for both the reporting entities and the supervisors.

·Double reporting and overlaps 

Supervised entities complain that there are numerous overlaps across different reporting frameworks. For example, banks point to overlaps between FINREP and COREP reporting of the liquidity ratios and ECB reporting, and that a lot of the data requested as part of resolution reporting (often on an ad-hoc basis) is already reported to the supervisory authorities. Frequently, there will not be a perfect overlap in terms of reporting fields or data points, but the informational content is argued to be very similar if not the same. Regarding transaction reporting, it was noted that the same transaction needed to be repeatedly reported (up to 9 times) under EMIR, MiFIR, REMIT 286 and MAR. 

According to the detailed analysis conducted for this Fitness check, direct overlaps in terms of data points are in fact minimal – and mainly apply to transaction reporting. But even there the issue is not so much the duplication of data to be reported than inconsistencies between frameworks and seemingly similar yet somewhat different requirements that create the main difficulties for reporters. Moreover, stakeholders raised concerns that some of the reports inaccurately capture specific transactions or modifications, as the framework was not designed for them (e.g. MiFIR capturing modifications of swaps as separate transactions or the reporting of exchange traded derivatives (ETDs) under EMIR). According to the industry, the situation is made more complicated by the existence of parallel but non-aligned reporting processes. One example of the latter is trade repository reporting in EMIR vs. approved reporting mechanism reporting in MiFIR.

·Redundancy of certain data requirements

Supervised entities noted that they perceived many reporting requirements as redundant, and provided very concrete examples of redundant requirements, often also repeating concerns noted above about lack of proportionality. Most supervisors concluded that the reported data was broadly relevant and required, but some nonetheless highlighted scope for reducing specific requirements or reporting templates. For example, in the area of banking, although supervisors at the EBA jointly agree on the common EU supervisory reporting standards, some of them noted that parts of the additional liquidity monitoring metrics (AMML) for banks reporting under CRR were overly granular and not adding enough value to the assessment of banks' funding profile compared to the burden; the scope of the reporting of sovereign exposures could also be reduced through applying a higher exemption threshold, with no significant loss of global information needed. As another example, some market supervisors argued that the SSR reporting of net short positions in shares held by natural or legal persons above a certain threshold provided limited information and was difficult to verify and use; and separately, that transaction reporting under EMIR was redundant, since what mattered for systemic risks were the positions and not the individual trades.

The views of supervisory authorities differed significantly, suggesting there is a case for further coordination and agreement as to what data is actually needed for supervisory purposes. Some supervisors admitted that it is too early to assess whether all the data reported is ultimately useful, and that in any case there is a need for review on a regular basis with some reports being dropped when new ones are added as risks change. Some supervisors noted that a reduction of reports could be achieved as long as supervisors maintained a right to ask for additional information as needed. However, such ad hoc reporting raises its own problems, as noted below.

Views also differed as to whether reporting of a data aggregate is redundant if the data is already provided at the granular level that would allow the aggregate to be derived by supervisors themselves. Similarly, stakeholders argued that the requirement to report an identifier makes it unnecessary to also report the underlying reference data – as this data could be extracted from the repository (e.g. if the International Securities Identification Number (ISIN) is reported, there is no need to report most other product-specific details; or if the LEI is reported, this makes it unnecessary to report counterparty details that are inherent in the LEI, such as country of domicile). Nonetheless, some supervisors pointed out that in some cases, the identifiers are requested only 'where available', in which case simply eliminating the reporting might not be feasible. In this context, several stakeholders warned that dropping individual data requirements can also create difficulties and costs, especially if it requires adjusting existing reporting templates; dropping entire templates is easier.

·Inappropriate frequency and timing of reporting

Supervisors generally argued that the reporting frequency was adequate to meet their information needs, and there was little scope to reduce the frequency. Only a few supervisors made the case for a lower reporting frequency, but only with respect to specific requirements, including: i) in banking, as long as the monthly reporting of the liquidity coverage ratio was maintained, the reporting of additional liquidity metrics could be reduced to six months; and ii) in asset management, the submission of semi-annual reports of UCITS to NCAs could be dropped because, unlike the annual reports, which are audited and contain substantial reporting with extensive supervisory information, the semi-annual reports have limited information content as such and the supervisory assessment mainly involves checking the timely submission and formal completeness of the submission. Also, regular reporting of information on business matters that are stable over time (e.g. information on the governance system, as required in the annual solvency and financial condition report (SFCR) of Solvency II) was seen as superfluous by some.

In contrast, reporting entities complained not only about the frequency at which they have to report but also about the fact that frequencies differed and reporting deadlines were poorly coordinated across supervisory reporting frameworks. For example, market participants noted that the differences in the regimes for transaction reporting, with data required to be transmitted as soon as possible (within 15 minutes), some the day after early morning (T+1 at 7am), some the day after at the close of business (T+1 at 5pm). Moreover, supervisory reporting deadlines often do not fit well with other reporting requirements, such as the publication of annual or quarterly financial results.

·Too many ad-hoc requests

Related to issues around reporting frequency and deadlines for supervisory reporting, industry stakeholders raised concerns about ad-hoc data requests (or incidental, one-off requests that come on top of the regular supervisory reporting), including ad hoc requests imposed by supervisory authorities at national and European level, including data requests by the ESAs in response to calls for advice by the European Commission). While supervisors justify these requests by new information needs (e.g. to assess a new risk or specific area of supervisory concern), ad hoc requests add to the compliance burden for supervised entities. Ad hoc requests can be particularly burdensome, also from an IT systems perspective. These requests often do not include technical specifications concerning the form of the data or the method of its transfer. This means that ad hoc requests usually cannot be incorporated into reporting entities’ IT systems and can be challenging given the complexity and frequency of such requests.

·Lack of harmonisation and national ‘gold-plating’

The interplay between EU and national reporting can also create a significant source of burden for firms that operate in different jurisdictions. Cases of insufficient harmonisation allow the Member States some flexibility as to how the reporting requirements are implemented in practice, which often results in significant national divergences. One example of a reporting framework, which industry stakeholders claim is not sufficiently harmonised, is bank resolution reporting under the BRRD, which does not follow the maximum harmonisation principle of bank supervisory reporting under the CRR. “Gold plating” applies in particular to reporting frameworks based on minimum harmonisation (e.g. asset managers highlight significant national differences in the AIFMD report content and a lack of harmonised UCITS reporting), but also to legislation based on maximum harmonisation.

The existence of divergent implementations of EU-level supervisory reporting requirements or of national supervisory reporting requirements in parallel or in addition to EU-level requirements results from a range of factors, including legacy systems (e.g. in banking, where not all national reporting processes have been fully phased out), accounting differences in countries where banks or insurers have to report under national GAAP, and market specificities which are used by NCAs as justification to request additional data (e.g. insurance policies that are specific to a country). National differences also arise when NCAs make ad hoc data requests or because different definitions are applied for the same data fields (where there are no common formats and standards or these are not used). To help address these issues, stakeholders are calling for closer coordination between the national and EU levels.

·Data validation issues

Another area that received significant comment from industry stakeholders concerns the quality control process through the validation of the data transmitted to supervisory authorities. They argue that there have been too many instances of errors or wrong references in the validation checks, and that validation rules should be properly tested and subject to consultation before being implemented. National differences in data validation rules were also a concern, when national supervisors require additional validation, leading to additional burdens for cross-border firms as a uniform internal data validation process is impeded. Differences in validation rules between reporting frameworks (e.g. in the case of EMIR and REMIT reporting of energy financial derivatives) or between different trade repositories under EMIR were also mentioned, causing unnecessary additional IT requirements for the reporters. Separately, as already noted above, non-materiality was also raised as burdensome as overly accurate validations may result in reports being rejected even if the value is not material or is the result of rounding differences. Stakeholders (including supervisors) suggested the need to revisit validation rules to strike a better balance between data accuracy and the additional cost of imposing extra controls.     

·Frequent changes to requirements and insufficient time for implementation

This is one of the key sources of reporting burden for both industry and supervisors, who have all called not only for greater stability in the reporting requirements but also longer lead times to plan and implement new requirements. For example, EMIR has brought forward changes requiring major IT updates every year since 2014. The ECB's short-term exercise (STE) 287 was also mentioned. Final MiFIR RTS/ITS were only available 2 months before entering into force, and an excessively short implementation deadline was noted for Solvency II group reporting.

Problems also arise when the scope changes at the very end of the process. As an example, in 2016, the reporting of the LCR was changed several months after the application of the Delegated Act, and until the new templates became applicable, institutions reported the LCR in old templates that the supervisors could not use. Supervised banks and supervisors noted that this could have been avoided if there had not been a delay in the endorsement of the draft technical standard (in this case example, prepared by EBA) and that this problem could be avoided going forward if the ESAs were given the competence of issuing reporting technical standards that would become directly enforceable when they respond to a mandate in a level 1 text.

Frequent changes to the reporting frameworks require updates or larger overhauls of existing IT systems. Implementing those changes at short notice can be difficult, costly, and time-consuming. Updated systems should ideally be tested before going live. Often, there is little or no time to carry this out in practice, which can result in detrimental impacts on data quality. As a result, supervisors will not be able to rely on the new data until such quality issues are adequately addressed, which raises the question of whether a rapid roll-out ultimately holds any benefits. In this context, industry stakeholders also raised concerns about the lengthy process of Q&As, with delays in the ESAs answers to questions adding to the uncertainty. Separately, frequent changes to the data validation rules were of concern, reducing data quality but also imposing additional costs as a high number of releases often requires human intervention and impedes automation.

·Lack of information on the usage of reported data

Supervised entities argued that there is often no clear link between regulatory objectives and the data to be reported, and that insufficient information is fed back to reporting entities on the use of the reported data. For example, in their view, there is no feedback on banks’ recovery plans and little is known on the usage of EMIR data. Moreover, regarding some reporting frameworks (e.g. EMIR and AIFMD), there is evidence that data is not yet used to the full extent because of data quality issues. However, as shown with examples in Box 3 in section 6.1, supervisors are in fact using this data extensively and some of the results are also fed back to the industry, including a description of where data quality issues stand. Stakeholders from the asset management sector highlight a lack of aggregate data for the sector, especially in light of the considerable effort of individual management companies to report data to supervisors. Again, there are examples of such data being used and published in the meantime. Finally, industry stakeholders argued that supervisors do not have sufficient clarity on how the data they are requesting will be used, and that, as a result, many reporting entities primarily focus on the formal fulfilment of reporting obligations without particular care for the quality of the reported data. Thus, more consideration should be given to the exact purpose of a reporting requirement before it is implemented. Also, a lack of transparency on the part of supervisors on their use of data suggests a lack of accountability and might incentivise supervisors to ask for ‘nice to have’ data that they may not actually need.

·Inadequate consultation of the industry and ‘consultation overload’

Reporting entities further complain that they are not always adequately consulted during the drafting of reporting requirements, especially when there is insufficient time foreseen in the legislative process, but also that overly frequent changes can lead to a 'consultation overload' which can adversely affect entities' ability to provide effective feedback to consultations. As a result, the requirements may unnecessarily deviate from the entities internal business processes, thereby imposing additional compliance costs. For example, in the area of derivatives transaction reporting, stakeholders said they use the FpML information exchange standard internally to record OTC derivative transactions while supervisory reporting under EMIR and MiFIR mandates the use of the ISO 20022 standard. Reformatting from one to the other standard is often problematic as the representations and informational content attached to the respective metrics vary. Better consultations and feedback from the supervisors would allow the industry to contribute to improving the reporting requirements and may help prevent or eliminate superfluous reporting requirements.

·Data gaps