The EU Securitisation Regulation, Regulation EU 2017/2402 (SECR), complemented by the Capital Requirements Regulation, Regulation EU 575/2013 (CRR), as well as the Delegated Acts for Solvency II and Liquidity Coverage Requirements, collectively form the EU securitisation framework.  This framework sets the rules for key requirements for issuers and investors in securitisations around transparency, due diligence, risk retention, and the capital requirements for prudentially regulated institutions.

In June 2025, the European Commission proposed a comprehensive reform of the EU securitisation regulatory framework. The proposed changes to the current EU securitisation can be summarised as follows:

Due diligence

The EC’s proposal introduces a two-tier due diligence regime for EU and non-EU securitisations by specifying that the simplification of due diligence only applies to EU securitisations.  For investments in positions issued by non-EU issuers, investors will continue to have to comply with current requirements and will not be able to benefit from the simplified due diligence framework proposed by the EC. A securitisation would be deemed to be non-EU if the originator, sponsor, or original lender is established in a third country.

For EU securitisations, the proposal introduces changes to the due diligence requirements for investors,  removing the requirement for institutional investors to independently verify that originators, sponsors, and securitisation special purpose entities (SSPEs) comply with their own due diligence and risk retention obligations. Investors will still be required to carry out their own due diligence, but without the obligation to verify compliance by sell-side entities, which is considered duplicative.

In addition, the risk assessment is made more principled based by removing the detailed list of structural features that investors need to check and by clarifying in a recital that the due diligence assessment should be proportionate to the risk of the securitisation.  Written procedures to monitor compliance with due diligence requirements are also made more principles based by removing a detailed list of information. Secondary market transactions are also given an extra 15 days to document their due diligence. Lastly, delegation of due diligence is aligned with other sectoral legislations where delegation of tasks does not transfer the legal responsibility.

Definition of public securitisation

The proposal introduces a new definition of public securitisation.  Under the new definition, a public securitisation would be one that meets any of the following criteria:

• a prospectus has to be drawn up for that securitisation pursuant to Article 3 of Regulation (EU) 2017/1129 of the European Parliament and of the Council.
• the securitisation is marketed with notes constituting securitisation positions admitted to trading on a Union trading venue as defined in Article 4(1), point (24) of Directive 2014/65/EU of the European Parliament and of the Council.
• the securitisation is marketed to investors and the terms and conditions are not negotiable among the parties.

Securitisations which do not meet these definitions would be considered ‘private’ securitisations.  The definitions would be used to determine the attendant reporting requirements for each type of securitisation which the proposal also amends (see below).

Transparency and reporting

The EC proposal states that there should be a reduction of at least 35% of the number of fields required in the reporting templates for public securitisations.  The EC’s proposal does not state which fields will be reduced, but it calls for any review to consider distinguishing between mandatory and voluntary fields. In addition, the reporting templates should not require loan level information when the underlying exposures are highly-granular and short-term, for example for credit card exposures or certain consumer loans.

The review of the reporting templates based on the principles established at the Level 1 will be carried out by the securitisation sub-committee of the ESAs Joint Committee, under the leadership of the EBA, in cooperation with the other ESAs.  The EBA and other ESAs are likely to consult on its proposals to review the templates at some during the Level 1 reform process or after the reform is adopted by co-legislators.  This consultation is likely to build on the work that ESMA already undertook throughout 2024 and 2025 focusing on the revision of the disclosure framework for private securitisations.  ESMA paused this work in July 2025 to incorporate it into the broader Level 1 reform and any future reviews of the overall transparency framework.

The EC also proposes a differentiated and lighter form of reporting for private securitisations compared to public securitisations.  The EC states that the reporting template for private securitisations should be much lighter than the one for public securitisations. The proposal states that to minimise the implementation costs for industry, this template should follow closely existing notification templates, in particular the guide on the notification of securitisation transactions by the Single Supervisory Mechanism. This likely means that the template for private securitisations will be closer to a notification requirement.  However, these dedicated templates for private securitisations would have to be reported to securitisation repositories under the EC’s proposal.

A key issue around the proposed simplified framework for private securitisations is that the proposed definition of public securitisations (see above) would likely reduce the universe of private securitisations that could benefit from such lighter reporting.

Sanctions regime

The proposal introduces an EU-level minimum framework for administrative sanctions applicable to violations of the SECR due diligence requirements.  This regime would be in addition to the current sanctions regimes under AIFMD and CRR.   The EC proposal amends the current regime to specifically include due diligence in the list of situations where NCAs may apply administrative sanctions to institutional investors for non-compliance.

CRR and STS framework

The proposal seeks to introduce more risk sensitivity into the CRR framework and reduce the capital charges for credit institutions when investing in the senior tranches of non-STS securitisations, and for investment in STS securitisations.  In particular, the EC’s proposal:

• Broadens the eligibility of securitisations for banks’ liquidity buffers.
• Targets the STS framework and the senior tranches of non-STS securitisations.
• Introduces the concept of “resilient securitisations”, which adds another layer to existing STS requirements.
• Amends the framework to assess SRT transactions and introducing a new principles-based approach test.

The homogeneity requirement for securitisations to be able to qualify as STS would also be amended to stipulate that a securitisation where at least 70% (instead of 100% currently) of the underlying pool of exposures consist of SME loans is deemed to comply with that requirement. 

Lastly, the EC’s proposal would also make it easier for insurers to participate in the SRT market by allowing unfunded SRT transactions to qualify for the STS label. 

Solvency II

On 17 July, the EC launched a consultation on the draft Delegated Act under the review of the Solvency II Directive, which includes parts that belong to the wider securitisation reform securitisation.

In the consultation, the EC proposes to reduce the risk factors for securitisation investments:

• for non-STS securitisations, a new set of risk factors is introduced for senior tranches, while the risk factors for non-senior tranches are reduced in order to ensure a senior-to-non-senior capital requirement ratio that better aligns with banking rules.
• for STS securitisation, the prudential treatment of senior tranches is aligned with that of covered bonds, and the treatment of non-senior tranches is adjusted by the same extent as for senior tranches.

The deadline for the EC’s consultation is 5 of September.

Blended finance

The EC proposes that risk retention requirements would not apply where the first loss tranche, representing at least 15% of the nominal value of the securitised exposures, is either held or guaranteed by a multilateral or development institution, including the European Investment Bank.

It also proposes that due diligence requirements would not apply to institutional investors that hold a securitisation position where the first loss tranche representing at least 15% of the nominal value of the securitised exposures is either held or guaranteed by the Union or by national promotional banks, such as the EIB, Cassa Depositi e Prestiti in Italy, ICO in Spain or Kreditanstalt für Wiederaufbau in Germany.