The EU Regulation on Central Securities Depositories:

Publication | April 2015

1 | What are CSDs?

Central Securities Depositories (CSDs) are systemically important financial market infrastructures that support the issuance, safekeeping and settlement of securities. Central counterparties (CCPs) and CSDs are both part of the post-trade infrastructure but perform different roles. CCPs play a key role in managing counterparty credit risk, they intervene between the trading layer (on the stock exchange, another trading platform or over-the-counter) and the settlement layer on the basis that they act as buyer to every seller and as a seller to every buyer. CSDs, on the other hand, play a key role in operational risk, intervening at the final layer when ownership of the securities is transferred.

In most Member States, there is only one CSD. In the UK, the CSD is Euroclear UK & Ireland Limited, which owns and operates CREST.

2 | What is the purpose of the CSDR?

As part of the European Commission’s (the Commission) agenda of enhancing the safety and soundness of the EU financial system, the recording of securities in book-entry form is seen as an important step towards increasing the efficiency of settlement and ensuring the integrity of securities.

The Central Securities Depositories Regulation (CSDR), alongside the Markets in Financial Instruments Directive (recast) and the Markets in Financial Instruments Regulation, ensures that systemically important securities infrastructures are subject to common EU rules.

The objectives of the CSDR are consistent and complimentary to those of Target2Securities (T2S). The CSDR is intended to harmonise the legal aspects of securities settlement and the rules for CSDs at an EU-wide level, therefore allowing T2S, which aims to harmonise operational aspects of securities settlement, to achieve its objectives more effectively.

The CSDR was published in the Official Journal of the EU (OJ) on 28 August 2014 and its provisions generally came into effect on 17 September 2014 (although some provisions apply at a later date). As with any other EU Regulation, its provisions are directly applicable (i.e. legally binding in all Member States without transposition into national law) as from the day of entry into force, unless otherwise specified.

3 | What is the scope of the CSDR?

The CSDR applies to all market operators in the context of securities settlement and all CSDs. With regards to securities settlement, the requirements in the CSDR mainly apply to transferable securities as defined under the Markets in Financial Instruments Directive.

Members of the European System of Central Banks and other national or public bodies that perform similar services, which would otherwise qualify as CSDs are exempt from certain requirements under the CSDR including those relating to authorisation (see below).

4 | Securities settlement

The CSDR contains three sets of measures which are intended to improve the safety of settlement. The first measure, as already mentioned above, is that securities must be in electronic book-entry form. By recording securities in book-entry form, the CSD would keep an electronic record of ownership rather than issuing certificates to investors.

The second measure is the harmonisation of settlement periods for securities transactions. The CSDR requires that the settlement date for transactions, the date on which the assets have to be transferred to the owed party, must be no later than the second business day after the trade takes place (T+2 requirement).

The third measure is improving settlement discipline. The CSDR requires CSDs to monitor and facilitate a transaction to prevent settlement failure, and if necessary, subject market participants who fail to deliver their securities, to penalties and buy-in procedures requiring the defaulting participant to buy the securities in the market and deliver them to the relevant counterparty.

5 | Authorisation requirements

The CSDR requires EU CSDs to be authorised by their home Member State competent authority. The applicant CSD needs to submit an application for authorisation to its home Member State competent authority, which will assess the application within 30 working days. If the application is not complete, the Member State competent authority will set a time limit by which the CSD has to provide additional information, and inform the CSD when the application is considered complete. Within six months from the submission of a complete application, the Member State competent authority will inform the CSD in writing with a fully reasoned decision as to whether authorisation has been granted or refused.

CSDs established within the EU that are currently providing CSD services need to apply for authorisation under the CSDR within 6 months after the date of entry into force of the relevant regulatory technical standards. Under the CSDR, the European Securities and Markets Authority (ESMA) and the European Banking Authority (EBA) are required to submit to the Commission the draft technical standards by 18 June 2015. The Commission then has 3 months to decide whether to endorse, amend or reject them.

After adoption by the Commission, the European Parliament and Council of the EU (the Council) have 3 months (which may be extended by a further 3 months) to exercise their right of scrutiny. This period may be reduced to 1 month if the Commission adopts the technical standards as submitted by ESMA and the EBA without amendment (with a possibility to extend this period by 1 month at the initiative of the European Parliament or the Council). The standards are published in the OJ immediately after the ‘non-objection’ period from the European Parliament and the Council has elapsed, and will then enter into force on the twentieth day following that of their publication (unless otherwise stated).

6 | Organisational requirements

The CSDR subjects CSDs to strict, uniform, and directly applicable organisational requirements.

Such organisational requirements include the CSD:

  • maintaining and operating effective written organisational and administrative arrangements to identify and manage any potential conflicts of interest between itself and its participants or their clients;
  • having robust governance arrangements, which include a clear organisational structure with well-defined, transparent and consistent lines of responsibility, and effective processes to identify, manage, monitor and report the risks to which it is or might be exposed;
  • establishing user committees for each securities settlement system it operates to advise the management body on key arrangements that impact on their members, including the criteria for accepting issuers or participants in their respective securities settlement systems; and
  • maintaining for a period of at least 10 years a record of its services and activities so as to enable the Member State competent authority to monitor its compliance with the CSDR.

7 | Prudential requirements

The CSDR requires CSDs to adopt sound risk-management frameworks for comprehensively managing legal, business, operational and other direct or indirect risk, including measures to mitigate fraud and negligence. To this effect, the CSDR sets out certain prudential requirements including those relating to:

  • legal risk. For the purpose of its authorisation and supervision, as well as for the information of its clients, a CSD shall have rules, procedures, and contracts that are clear and understandable for all the securities settlement systems that it operates and all other services that it provides. Furthermore, a CSD shall design its rules, procedures and contracts so that they are enforceable in all relevant jurisdictions, including in the case of the default of a participant. Lastly, a CSD conducting business in different jurisdictions shall take all reasonable steps to identify and mitigate the risks arising from potential conflicts of law across jurisdictions;
  • general business risk. A CSD shall have robust management and control systems as well as IT tools in order to identify, monitor and manage general business risks, including losses from poor execution of business strategy, cash flows and operating expenses;
  • operation risks. A CSD shall identify sources of operational risk, both internal and external, and minimise their impact through the deployment of appropriate IT tools, controls and procedures, including for all the securities settlement systems it operates. For services that it provides as well as for each securities settlement system that it operates, a CSD shall establish, implement and maintain an adequate business continuity policy and disaster recovery plan to ensure the preservation of its services, the timely recovery of operations and the fulfilment of the CSD’s obligations in the case of events that pose a significant risk of disrupting operations;
  • investment policy. A CSD shall hold its financial assets at central banks, authorised credit institutions or authorised CSDs. The CSDR also requires the CSD to have prompt access to its assets, where required. Furthermore, a CSD shall invest its financial resources only in cash or in highly liquid financial instruments with minimal market and credit risk. Those investments shall be capable of being liquidated rapidly with minimal adverse price effect; and
  • capital requirements. Capital, together with retained earnings and reserves of a CSD, shall be proportional to the risks stemming from the activities of the CSD. It shall be at all times sufficient to: (i) ensure that the CSD is adequately protected against operational, legal, custody, investment and business risks so that the CSD can continue to provide services as a going concern; and (ii) ensure an orderly winding-down or restructuring of the CSD’s activities over an appropriate time span of at least six months under a range of stress scenarios.

8 | Passporting

An authorised CSD may provide services across the EU, including through setting up a branch, provided that those services are covered by its authorisation.

An authorised CSD that wishes to provide services in relation to financial instruments constituted under the law of another Member State and within the territory of another Member State, shall be subject to additional procedures under the CSDR. Such procedures include the CSD communicating to its home Member State competent authority as to where it intends to operate, a programme of operations stating, in particular, the services which it intends to provide, and the currency or currencies that it intends to process.

Once the home Member State competent authority has received the information it needs, it is required to transmit such information to the host Member State competent authority within 3 months. Once the CSD has received a communication from the host Member State competent authority acknowledging receipt of the information it may begin providing services. In the absence of such a communication, the CSD may provide its services in the host Member State after 3 months from the date it transmitted the information to its home Member State competent authority.

9 | Third country CSDs

Third county CSDs may provide their services in the EU, including through setting up a branch.

A third country CSD will need to apply to ESMA for recognition under the CSDR in two specific cases. Any services other than the ones below are not subject to recognition by ESMA. The two specific cases are:

  • where it intends to provide certain core CSD services (issuance and central maintenance services related to financial instruments governed by the law of a Member State); or
  • where it intends to provide its services in the EU through a branch set up in a Member State.

Where a third country CSD provides services in a Member State that require recognition by ESMA, it must apply for recognition under the CSDR within 6 months after the entry into force of the relevant technical standards or a Commission equivalence decision. During this transitional period, third country CSDs providing CSD services that require recognition under the CSDR remain subject to existing national regimes until they have been recognised by ESMA.

10 | Timing

As mentioned at the beginning of this briefing note the CSDR was published in the OJ on 28 August 2014 and generally its provisions came into effect on 17 September 2014, although there are some exceptions.

For example, the CSDR’s requirement for any issuer established in the EU to arrange for its transferable securities to be represented in book-entry form will apply from:

  • 1 January 2023 to transferrable securities issued after that date; and
  • 1 January 2025 to all transferable securities.

However, the requirement to record transferable securities in book-entry form where such securities are the object of a transaction taking place on a regulated trading venue, applied from 17 September 2014.

The T+2 requirement applied from 1 January 2015. If, however, the transaction in transferable securities is executed on a trading venue and settled in a CSD that outsources its activities to a public entity (e.g. in the context of the T2S), the T+2 requirement applies:

  • at least six months before such a CSD outsources its activities to the relevant public entity; or
  • 1 January 2016 (whichever comes first).

In the UK, the Central Securities Depositories Regulations 2014 (the Regulations) came into force on 21 November 2014. Among other things, the Regulations:

  • designate the FCA as the competent authority responsible for the supervision of trading venues and supervision of requirement to record transactions in transferable securities in book-entry form;
  • designate the Bank of England (BoE) as the competent authority responsible for matters including the authorisation and supervision of CSDs and oversight of securities settlement systems in the UK; and
  • extend the BoE's disclosure of information, information gathering and investigatory powers to functions under the CSDR.

During 2015, the FCA will participate in ESMA’s work on the measures for implementing the CSDR.