Commission Delegated Regulation (EU) 2021/1351 of 6 May 2021 supplementing Regula... (32021R1351)
EU - Rechtsakte: 06 Right of establishment and freedom to provide services

COMMISSION DELEGATED REGULATION (EU) 2021/1351

of 6 May 2021

supplementing Regulation (EU) 2016/1011 of the European Parliament and of the Council with regard to regulatory technical standards specifying the characteristics of the systems and controls for the identification and reporting of any conduct that may involve manipulation or attempted manipulation of a benchmark

(Text with EEA relevance)

THE EUROPEAN COMMISSION,
Having regard to the Treaty on the Functioning of the European Union,
Having regard to Regulation (EU) 2016/1011 of the European Parliament and of the Council of 8 June 2016 on indices used as benchmarks in financial instruments and financial contracts or to measure the performance of investment funds and amending Directives 2008/48/EC and 2014/17/EU and Regulation (EU) No 596/2014 (1), and in particular Article 14(4) thereof,
Whereas:
(1) It should be ensured that the detection of benchmark manipulation or attempted manipulation is effective and adequate. It is therefore necessary that the systems and controls of a benchmark administrator are proportionate to the nature, the complexity and the risk of manipulation of the benchmark provided and that the risk of manipulation is evaluated on the basis of an objective assessment which takes into account the origin, nature, peculiarity and severity of such risk.
(2) In order to ensure that the detection of any conduct that may involve manipulation or attempted manipulation of a benchmark is effective, it is necessary to provide for appropriate automated systems to monitor input data. However, automated systems alone are not sufficient to ensure that manipulative behaviour is effectively detected. Automated systems should therefore be complemented by an appropriate level of human analysis to be carried out by appropriately trained staff.
(3) To ensure that competent authorities can effectively assess measures taken to identify and report misconduct, administrators should, upon request, provide the competent authority with information on the nature, complexity and risk of manipulation of the benchmark concerned, and substantiate the appropriateness of the level of automation and human analysis chosen.
(4) The employees of a benchmark administrator that are in charge of operating the administrator’s systems and controls should receive appropriate training to enable them to analyse whether or not a given data input is suspicious. Such training should ensure that those employees are aware of the features of proper input data submission and of discrepancies in input data potentially caused by manipulation or attempted manipulation. Effective training should be tailored to the nature, complexity and risk of manipulation of the benchmark provided.
(5) Administrators may prefer to outsource functions related to the systems and controls. Such outsourcing should only be possible to the extent it does not materially impair the administrator’s control over the provision of the benchmark or the ability of the relevant competent authority to supervise the benchmark, and is in any case subject to the requirements of Article 10 of Regulation (EU) 2016/1011.
(6) This Regulation is based on the draft regulatory technical standards submitted to the Commission by the European Securities and Markets Authority (ESMA).
(7) ESMA has conducted open public consultations on the draft regulatory technical standards on which this Regulation is based, analysed the potential related costs and benefits and requested the advice of the Securities and Markets Stakeholder Group established in accordance with Article 37 of Regulation (EU) No 1095/2010 of the European Parliament and of the Council (2).
(8) In order to ensure consistency with the date of application of Article 5 of Regulation (EU) 2019/2175 of the European Parliament and of the Council (3), which introduced in Regulation (EU) 2016/1011 Article 14(4) of that Regulation, this Regulation should apply from 1 January 2022,
HAS ADOPTED THIS REGULATION:

Article 1

Adequate systems and effective control

1.   The adequate systems and effective controls referred to in Article 14(1) of Regulation (EU) 2016/1011 shall be:
(a) appropriate for and proportionate to the nature, complexity and risk of manipulation of the benchmark concerned;
(b) regularly, and at least annually, reviewed, and updated when necessary to ensure that those systems and controls continue to comply with point (a);
(c) be documented in writing in a clear and comprehensible manner, including any changes to or updates of those systems and controls.
For the purposes of point (a) of the first subparagraph, an administrator shall, on a regular basis and at least annually, assess the risk of manipulation of the benchmark provided, taking into account the following elements:
(a) the envisaged operations required to provide the benchmark;
(b) the potential origin, nature, peculiarity and severity of the manipulation risk;
(c) the measures envisaged to address the risk of manipulation, including safeguards, security measures and internal procedures.
2.   The adequate systems and effective controls referred to in Article 14(1) of Regulation (EU) 2016/1011 shall include, to the level appropriate to the nature, complexity and risk of manipulation of the benchmark provided, all of the following elements:
(a) software capable of deferred automated reading, replaying and analysis of input data;
(b) human analysis in the detection and identification of behaviour that may involve manipulation or attempted manipulation of a benchmark.
3.   An administrator shall, upon request by the competent authority, provide the competent authority with the information referred to in paragraph 1, first subparagraph, points (a), (b) and (c), and substantiate the appropriateness of the level of automation and human analysis chosen, as referred to in paragraph 2.

Article 2

Training

1.   The adequate systems and effective controls referred to in Article 14(1) of Regulation (EU) 2016/1011 shall be operated by employees of the administrator who are adequately and regularly trained to:
(a) detect and identify any suspicious input data that could be the result of benchmark manipulation or attempted manipulation;
(b) promptly report any such findings to their internal reporting line.
2.   In determining the content of the training referred to in paragraph 1 of this Article, an administrator shall take into account the nature, complexity and risk of manipulation of the benchmark provided as referred to in Article 1(1), point (a).

Article 3

Input data integrity policy

The adequate systems and effective controls referred to in Article 14(1) of Regulation (EU) 2016/1011 shall be documented in an input data integrity policy indicating:
(a) the risk of benchmark manipulation;
(b) a general description of the adequate systems and effective controls, including their compliance with the requirements laid down in Article 1;
(c) a general description of the training of the employees of the administrator involved in the operation of the adequate systems and effective controls, as referred to in Article 2;
(d) the name and contact details of the persons responsible for the adequate systems and effective controls.

Article 4

Entry into force and application

This Regulation shall enter into force on the twentieth day following that of its publication in the
Official Journal of the European Union
.
It shall apply from 1 January 2022.
This Regulation shall be binding in its entirety and directly applicable in all Member States.
Done at Brussels, 6 May 2021.
For the Commission
The President
Ursula VON DER LEYEN
(1)  
OJ L 171, 29.6.2016, p. 1
.
(2)  Regulation (EU) No 1095/2010 of the European Parliament and of the Council of 24 November 2010 establishing a European Supervisory Authority (European Securities and Markets Authority), amending Decision No 716/2009/EC and repealing Commission Decision 2009/77/EC (
OJ L 331, 15.12.2010, p. 84
).
(3)  Regulation (EU) 2019/2175 of the European Parliament and of the Council of 18 December 2019 amending Regulation (EU) No 1093/2010 establishing a European Supervisory Authority (European Banking Authority), Regulation (EU) No 1094/2010 establishing a European Supervisory Authority (European Insurance and Occupational Pensions Authority), Regulation (EU) No 1095/2010 establishing a European Supervisory Authority (European Securities and Markets Authority), Regulation (EU) No 600/2014 on markets in financial instruments, Regulation (EU) 2016/1011 on indices used as benchmarks in financial instruments and financial contracts or to measure the performance of investment funds, and Regulation (EU) 2015/847 on information accompanying transfers of funds (
OJ L 334, 27.12.2019, p. 1
).
Markierungen
Leseansicht