(1)

It is important to ensure that the objectives of Directive 2009/65/EC are achieved uniformly throughout the Member States to enhance the integrity of the internal market and offer legal certainty for its participants, including retail and institutional investors, competent authorities and other stakeholders. The form of a Regulation ensures a coherent framework for all market operators and is the best possible guarantee for a level playing field, uniform conditions of competition and the common appropriate standard of investor protection. Furthermore, it ensures the direct applicability of detailed uniform rules concerning the operation of undertakings for collective investment in transferable securities (UCITS) and depositaries, which by their nature are directly applicable and therefore require no further transposition at national level. Adopting a Regulation also ensures that the relevant amendments to Directive 2009/65/EC, as introduced by Directive 2014/91/EU of the European Parliament and of the Council (2), may all be applied from the same date in all Member States.

(2)

Directive 2009/65/EC lays down an extensive set of requirements regarding depositaries' duties, delegation arrangements, and the liability regime for UCITS assets under custody in order to ensure a high standard of investor protection, that takes into account that UCITS is a retail investment scheme. Specific rights and obligations of the depositary, the management company and the investment company should therefore be set out clearly. The written contract should comprise all details necessary for the appropriate safe-keeping of all UCITS' assets by the depositary or a third party to whom safekeeping functions are delegated in accordance with Directive 2009/65/EC for the depositary to properly fulfil its oversight and control functions.

(3)

In order to allow the depositary to assess and monitor custody and insolvency risk, the written contract should provide sufficient detail on the categories of financial instruments in which the UCITS may invest and cover the geographical regions in which the UCITS plans to invest. The contract should also contain details of an escalation procedure in order to specify the circumstances, notification obligations and the steps to be taken by a depositary's staff member, at any level of its organisational structure, in relation to any detected discrepancies, including notification to the management company or the investment company or/and competent authorities, as required by this Regulation. Therefore, the depositary should alert the management company or the investment company of any material risk identified in a particular market's settlement system. The termination of the contract should reflect the fact that it represents the depositary's last resort when not satisfied that assets are sufficiently protected. It should also prevent moral hazard whereby the UCITS would make investment decisions irrespective of custody risks on the basis that the depositary would be liable. In order to maintain a high standard of investor protection, the requirement laying down the details for the monitoring of third parties should be applied in relation to the whole custody chain.

(4)

In order to ensure that the depositary is able to conduct its duties, it is necessary to clarify the tasks provided for in Article 22(3) of Directive 2009/65/EC, and in particular the second layer controls to be undertaken by the depositary. Such tasks should not prevent the depositary from conducting ex-ante verifications in agreement with the UCITS where it deems appropriate. In order to ensure that it is able to conduct its duties, the depositary should establish its own escalation procedure to address situations where discrepancies have been detected. That procedure should ensure the notification of the competent authorities of any material breaches. The oversight responsibilities of the depositary towards third parties should be without prejudice to the responsibilities incumbent on the UCITS under Directive 2009/65/EC.

(5)

The depositary should check that there is consistency between the number of units issued and the subscription proceeds received. Moreover, to ensure that payments made by investors upon subscription have been received, the depositary should further ensure that another reconciliation is conducted between the subscription orders and the subscription proceeds. The same reconciliation should be performed with regard to redemption orders. The depositary should also verify that the number of units in the UCITS' accounts matches the number of outstanding units in the UCITS' register. The depositary should adapt its procedures accordingly, taking into account the flow of subscriptions and redemptions.

(6)

The depositary should take all necessary steps to ensure that appropriate valuation policies and procedures for the assets of the UCITS are effectively implemented, through the performance of sample checks or by comparing the consistency of the change in the net asset value (NAV) calculation over time with that of a benchmark. When setting up its procedures, the depositary should have a clear understanding of the valuation methodologies used by the UCITS to value the UCITS' assets. The frequency of such checks should be consistent with the frequency of the UCITS' asset valuation.

(7)

By virtue of its obligation of oversight under Directive 2009/65/EC, the depositary should set up a procedure to verify on an ex post basis the UCITS' compliance with applicable law and regulations and its rules and instruments of incorporation. This should cover areas such as checking that the UCITS' investments are consistent with its investment strategies as described in the UCITS' rules and offering documents and ensuring that the UCITS does not breach its investment restrictions. The depositary should monitor the UCITS' transactions and investigate any unusual transaction. If the limits or restrictions set out in the applicable law or regulations or the UCITS rules and instruments of incorporation are breached, the depositary should act promptly to reverse the transaction that is in breach of those laws, regulations or rules.

(8)

The depositary should ensure that the income of the UCITS is calculated accurately in accordance with Directive 2009/65/EC. In order to achieve this, the depositary has to ensure that the income calculation and distribution is appropriate and, where it identifies an error, that the UCITS takes appropriate remedial action. Once the depositary has ensured this, it should verify the completeness and accuracy of the income distribution.

(9)

In order for the depositary to have a clear overview of all inflows and outflows of cash of the UCITS in all instances, the UCITS should ensure that the depositary receives without undue delay accurate information related to all cash flows, including from any third party with which an UCITS' cash account is opened.

(10)

In order for the UCITS' cash flows to be properly monitored, the depositary should ensure that there are procedures in place and that they are effectively implemented to appropriately monitor the UCITS' cash flows and that those procedures are periodically reviewed. In particular, the depositary should look into the reconciliation procedure to satisfy itself that the procedure is suitable for the UCITS and performed at appropriate intervals taking into account the nature, scale and complexity of the UCITS. Such a procedure should for example compare one by one each cash flow as reported in the bank account statements with the cash flows recorded in the UCITS' accounts. Where reconciliations are performed on a daily basis as for most UCITS, the depositary should perform its reconciliation also on a daily basis. The depositary should in particular monitor the discrepancies highlighted by the reconciliation procedures and the corrective measures taken in order to notify without undue delay the UCITS of any anomaly which has not been remedied and to conduct a full review of the reconciliation procedures. Such a review should be performed at least once a year. The depositary should also identify on a timely basis significant cash flows and in particular those which could be inconsistent with the UCITS' operations, such as changes in positions in UCITS' assets or subscriptions and redemptions, and it should receive periodically cash account statements and check the consistency of its own records of cash positions with those of the UCITS. The depositary should keep its record up to date in accordance with Article 22(5)(b) of Directive 2009/65/EC.

(11)

The depositary has to ensure that all payments made by or on behalf of investors upon the subscription of shares or units of an UCITS have been received and booked in one or more cash accounts in accordance with Directive 2009/65/EC. The UCITS should therefore ensure that the depositary is provided with the relevant information it needs to properly monitor the receipt of investors' payments. The UCITS has to ensure that the depositary obtains this information without undue delay when the third party receives an order to redeem or issue units of an UCITS. The information should therefore be transmitted at the close of the business day from the entity which is responsible for the subscription and redemption of units of an UCITS to the depositary in order to avoid any misuse of investors' payments.

(12)

The depositary should hold in custody all financial instruments of the UCITS that could be registered or held in an account directly or indirectly in the name of the depositary or a third party to whom safekeeping functions are delegated, notably at the level of the central securities depositary. In addition the depositary should hold in custody those financial instruments that are only directly registered with the issuer itself or its agent in the name of the depositary or a third party to whom safekeeping functions are delegated. Those financial instruments that in accordance with applicable national law are only registered in the name of the UCITS with the issuer or its agent should not be held in custody. All financial instruments which could be physically delivered to the depositary should be held in custody. Provided that the conditions on which financial instruments are to be held in custody are fulfilled, financial instruments which are provided as collateral to a third party or are provided by a third party for the benefit of the UCITS have to be held in custody too by the depositary itself or by a third party to whom safekeeping functions are delegated as long as they are owned by the UCITS.

(13)

Financial instruments which are held in custody should be subject to due care and protection at all times. To ensure that the custody risk is properly assessed, in exercising due care, clear obligations should be established for the depositary, which should in particular know what third parties constitute the custody chain ensure that the due-diligence and segregation obligations have been maintained throughout the whole custody chain, ensure that it has an appropriate right of access to the books and records of third parties to whom safekeeping functions are delegated, ensure compliance with the requirements of due-diligence and segregation, with the documents and make those documents available to the management company or the investment company.

(14)

The depositary should at all times have a comprehensive overview of all assets that are not financial instruments to be held in custody. Those assets would be subject to the obligation to verify the ownership and maintain a record under Directive 2009/65/EC. Examples of such assets are physical assets which do not qualify as financial instruments under Directive 2009/65/EC or could not be physically delivered to the depositary, financial contracts such as certain derivatives and cash deposits.

(15)

To ensure a sufficient degree of certainty that the UCITS is indeed the owner of the assets, the depositary should make sure it receives all information it deems necessary to be satisfied that the UCITS holds the ownership right over the asset. That information could be a copy of an official document evidencing that the UCITS is the owner of the asset or any formal and reliable evidence that the depositary considers appropriate. If necessary, the depositary should request additional evidence from the UCITS or as the case may be from a third party.

(16)

The depositary should also keep a record of all assets for which it is satisfied that the UCITS holds ownership. It may set up a procedure to receive information from third parties, whereby procedures which ensure that the assets could not be transferred without the depositary or the third party to whom safekeeping functions are delegated having been informed of such transactions.

(17)

When delegating safekeeping functions to a third party in accordance with Article 22a of Directive 2009/65/EC, the depositary is required to implement and apply an appropriate and documented procedure to ensure that the delegate complies with the requirements of Article 22a(3) of that Directive at all times. In order to ensure a sufficient level of protection of assets, it is necessary to set out certain principles that should be applied in relation to the delegation of safekeeping functions.

(18)

Those principles should not be taken to be exhaustive, either in terms of setting out all details of the depositary's exercise of due skill, care and diligence, or in terms of setting out all the steps that a depositary should take in relation to those principles themselves. The obligation to monitor on an ongoing basis the third party, to whom safekeeping functions have been delegated should consist of verifying that the third party correctly performs all the delegated functions and complies with the delegation contract and other legal requirements such as independence requirements and prohibition of reuse. The depositary should also review elements assessed during the selection and appointment process and compare them with the development of the market. The depositary should at all times be in a position to appropriately assess the risks related to the decision to entrust assets to the third party. The frequency of the review should be adapted so as to always remain consistent with market conditions and associated risks. For the depositary to effectively respond to a possible insolvency of the third party, it should undertake contingency planning, including the possible selection of alternative providers as may be relevant. While such measures may reduce the custody risk faced by a depositary, they do not alter reduce the obligation to return the financial instruments or pay the corresponding amount should they be lost, which depends on whether or not the requirements of Article 24 of Directive 2009/65/EC are fulfilled.

(19)

In order to be satisfied that UCITS assets and UCITS rights are protected against a third party insolvency, the depositary has to understand the insolvency law of the third country where a third party is located and ensure the enforceability of their contractual relation. Before delegating the safekeeping functions to a third party located outside of the Union, the depositary has to receive an independent legal opinion on the enforceability of the contractual arrangement with the third party under the applicable insolvency law and case law of the country the third party is located in, in order to ensure that the contractual arrangement is enforceable also in case of insolvency of the third party. A depositary's duty to assess the regulatory and legal framework of the third country also includes the reception of the independent legal opinion assessing insolvency law and case law of the third country where that third party is located. Those opinions may be combined, as the case may be, or issued for each jurisdiction by relevant industry federations or law firms for the benefit of several depositaries.

(20)

The contractual arrangement with the selected third party to whom the safekeeping functions are delegated should contain an early termination clause, as it is necessary for the depositary to be in position to terminate that contractual relationship in cases where the law or case law of a third country changes in such a way that the protection of the UCITS' assets is no longer ensured. In those cases the depositary has to notify the management company or the investment company thereof. The management company or the investment company has to notify its competent authorities and take all necessary measures which are in the best interest of the UCITS and its investors. The notification of the competent authorities about the increased custody and insolvency risk to UCITS' assets in a third country should not discharge the depositary or the management company or the investment company from their duties and obligations laid down in Directive 2009/65/EC.

(21)

When delegating safekeeping functions, the depositary should ensure that the requirements of Article 22a(3)(c) of Directive 2009/65/EC are fulfilled and that the assets of the UCITS clients of the depositary are properly segregated. This obligation should particularly ensure that assets of the UCITS are not lost due to insolvency of the third party to whom safekeeping functions are delegated and that assets of UCITS are not reused by the third party on its own account. Furthermore, the depositary should be allowed to prohibit temporary deficits in client assets, use buffers or put in place arrangements prohibiting the use of a debit balance for one client to offset a credit balance for another. While such measures may reduce the custody risk faced by a depositary when delegating safekeeping functions, they do not alter the obligation to return the financial instruments or pay the corresponding amount where these are lost, which depends on whether or not the requirements of Directive 2009/65/EC are fulfilled.

(22)

Before and during the delegation of safekeeping functions, the depositary should ensure, by means of its pre-contractual and contractual arrangements, that the third party takes measures and puts in place arrangements to ensure that the UCITS assets are protected from distribution among or realisation for the benefit of creditors of the third party itself. Directive 2009/65/EC requires all Member States to bring their relevant insolvency laws in line with this requirement. It is therefore necessary that the depositary obtain independent information about the applicable insolvency laws and case law of a third country where the UCITS' assets are required to be held.

(23)

The depositary's liability under the second subparagraph of Article 24(1) of Directive 2009/65/EC is triggered in the event of the loss of a financial instrument held in custody by the depositary itself or by a third party to whom the safekeeping has been delegated, provided that the depositary does not demonstrate that the loss results from an external event beyond reasonable control, the consequences of which would have been unavoidable despite all reasonable efforts to the contrary. That loss should be distinguished from an investment loss for investors resulting from a decrease in the value of assets as a consequence of an investment decision.

(24)

For a loss to give rise to a depositary's liability, it has to be definitive, without prospect of recovering the financial asset. Thus, situations where a financial instrument is only temporarily unavailable or frozen should not count as losses within the meaning of Article 24 of Directive 2009/65/EC. In contrast, three types of situations can be identified where the loss should be deemed to be definitive: where the financial instrument no longer exists or never existed; where the financial instrument exists but the UCITS has definitively lost its right of ownership over it; and where the UCITS has the ownership right but can no longer transfer title of or create limited property rights in the financial instrument on a permanent basis.

(25)

A financial instrument is deemed no longer to exist for instance when it has disappeared following an accounting error that cannot be corrected, or if it never existed, when the UCITS' ownership was registered on the basis of falsified documents. Situations where the loss of financial instruments is caused by fraudulent conduct should be deemed a loss.

(26)

No loss can be ascertained when the financial instrument has been substituted by or converted into another financial instrument, in situations where shares are cancelled and replaced by the issue of new shares in a company reorganisation. The UCITS should not be considered as permanently deprived of its right of ownership over the financial instrument if it has legitimately transferred ownership to a third party. Consequently, where there is a distinction between the legal ownership and the beneficial ownership of assets, the definition of loss should refer to loss of the beneficial ownership right.

(27)

Only in the case of an external event beyond the control of the depositary, the consequences of which are unavoidable despite all reasonable efforts to the contrary, may the depositary avoid to be held liable under Article 24 of Directive 2009/65/EC. The cumulative fulfilment of those conditions should be proven by the depositary in order for it to be discharged of liability, and a procedure should be laid down to be followed for that purpose.

(28)

It should first be determined whether the event which led to the loss was external. The depositary's liability should not be affected by the delegation of safekeeping functions and therefore an event should be deemed external if it does not occur as a result of any act or omission of the depositary or the third party to whom the safekeeping of financial instruments held in custody has been delegated. Then, it should be assessed whether the event is beyond the depositary's control, by verifying that there was nothing a prudent depositary could reasonably have done to prevent the occurrence of the event. Under these steps both natural events and acts of a public authority may be considered as external events beyond reasonable control. In contrast, a loss caused by failure to apply the segregation requirements laid down in Article 21(11)(d)(iii) of Directive 2009/65/EC or the loss of assets because of disruption in the third party's activity in relation to its insolvency cannot be seen as being external events beyond reasonable control.

(29)

Finally, the depositary should prove that the loss could not have been avoided despite all reasonable efforts to the contrary. In this context, the depositary should inform the management company or the investment company and take appropriate action depending on the circumstances. For instance, in a situation where the depositary believes the only appropriate action is to dispose of the financial instruments, the depositary should duly inform the management company or the investment company, which must in turn instruct the depositary in writing whether to continue holding the financial instruments or to dispose of them. Any instruction to the depositary to continue holding the assets should be reported to the UCITS' investors without undue delay. The management company or the investment company should give due consideration to the depositary's recommendations. Depending on the circumstances, if the depositary remains concerned that the standard of protection of the financial instrument is not sufficient, despite repeated warnings, it should consider further possible action, such as termination of the contract provided the UCITS is given a period of time to find another depositary in accordance with national law.

(30)

Investor protection safeguards within the depositary regime need to take into account possible interconnections between the depositary and the management or the investment company such as those arising from common or affiliated management or cross-shareholdings. Those interconnections, where and to the extent permitted under national law, could give rise to the conflict of interests represented by risk of fraud (unreported irregularities to the competent authorities to avoid bad reputation), legal recourse risk (reluctance or avoidance to take legal steps against the depositary), selection bias (the choice of the depositary not based on quality and price), insolvency risk (lower standards in asset segregation or attention to the depositary's solvency) or single group exposure risk (intragroup investments).

(31)

The operational independence of the management company or of the investment company and the depositary, including situations where safekeeping functions have been delegated, provides additional safeguards that ensure investor protection without undue costs by raising behavioural standards of the entities that belong to the same group or that are otherwise linked. The requirements for operational independence should address material elements such as identity or personal links of managers, employees or persons discharging supervisory functions towards other entities or companies in the group, including situations where such persons are affiliated.

(32)

To ensure proportionate treatment, where the management company or the investment company and depositary belong to the same group, at least one third of the members or two persons on the bodies in charge of the supervisory functions or on the management bodies which are also in charge of the supervisory functions, whichever is lower, should be independent.

(33)

As regards corporate governance, the specific features of both one-tier system, where a company is governed by one corporate body that undertakes both the management and supervisory functions, and two-tier system, where the board of directors and the supervisory board exist side by side, should be reflected.

(34)

In order to allow competent authorities, UCITS and depositaries to adapt to the new provisions contained in this Regulation so that those provisions can be applied in an efficient and effective manner, it is appropriate to defer the date of application of this Regulation by 6 months from its date of entry into force.

(35)

The measures provided for in this Regulation are in accordance with the opinion of the expert group of the European Securities Committee,