Royal Decree-Law on urgent measures for adapting Spanish legislation for EU data protection regulations (Royal Decree-Law 5/2018, published in Spain’s Official State Journal on July 30^th, 2018)
This piece of legislation regulates the following measures pending definitive approval of the draft act that will fully adapt Spanish law to the EU General Data Protection Regulation (GDPR):

• It articulates the penalty regime provided for in the GDPR, repealing the classes of breaches currently contained in Organic Law 15/1999 and implementing the prescription periods for the corresponding breaches and penalties.
• It establishes the specifics of the penalty procedure in line with that stipulated in the GDPR with respect cross-border data protection breaches for which there must be a lead supervisory authority (three types of processing: cross-border; processing which substantially relates to or affects data in a given member state; and exclusively national instances of data processing). Pursuant to that procedure, it introduces the obligation that the lead authority subject the various draft decisions to the other authorities; the other authorities will then have a specific period of time for making observations. The scope for suspending proceedings when necessary to get feedback from the authorities of other European States is also provided for. If not done accordingly, cases could expire.
• It identifies the personnel empowered to carry out investigations, establishing the manner in which they can exercise their powers, which people will exercise the investigation and inspection activity and what the powers and tasks expressly established in the GDPR will consist of.
• It stipulates that the Spanish Data Protection Agency shall represent Spain on the European Data Protection Board and determines the regime applicable to the staff of the supervisory authorities of other Member States that participate in joint investigations.

This Royal Decree-Law took effect on the date after its publication and shall remain in effect until a new organic law is passed to fully adapt Spanish law to the EU General Data Protection Regulation, which is currently before Parliament.

CNMV Circular, amending Circular 5/2013, of June 12^th, 2013, which stipulates the contents of the annual corporate governance reports that must be published by listed corporate enterprises, savings banks and other entities that issue securities that are admitted to trading on official securities markets, and Circular 4/2013, of June 12^th, 2013, which stipulates the contents of the annual reports on the remuneration received by directors of listed corporate enterprises and the members of the boards of directors and control committees of savings banks that issue securities admitted to trading on official securities markets (Circular 2/2018, published in the Official State Journal on July 16^th, 2018)
The main changes introduced by the Circular relate to the following aspects:

• It is no longer mandatory to use the templates contained in the standard electronic corporate governance reports and director remuneration reports that had been stipulated in CNMV Circulars 4/2013 and 5/2013. As a result, listed entities now have the choice of presenting these reports in free PDF format, without having to use the standard electronic document, so long as the legally-stipulated report contents are provided. Any such free-format reports, accompanied by the corresponding statistical appendix, must be disclosed by means of a price-sensitive information notice and, in the case of the director remuneration report, submitted to an advisory shareholder vote at the annual general meeting. Savings banks that issue securities admitted to trading on official securities markets may also provide their director remuneration and corporate governance reports in free PDF form; these entities do not have to provide the statistical appendix.
• The Circular introduces the new content required under Royal Decree-Law 18/2017, [1] which increases the scope of the information to be provided in annual corporate governance reports about the diversity policies applied by the reporting entity; such disclosures must refer to gender diversity and, for entities that do not qualify as small and medium enterprises as defined in financial statement audit legislation, also to diversity in respect of the age, disabilities, training and experience of their directors.
• It introduces technical adjustments to both the corporate governance and director remuneration reports in order to eliminate certain sections that are no longer relevant in order to properly understand the corporate governance system of securities issuers and the remuneration of directors of listed corporate enterprises.
• It introduces a new annual corporate governance report template for entities from the institutional public sector that issue securities other than shares; the new template has been simplified and adapted for these entities’ specific characteristics. The new report must follow the format, content and structure of the template provided in annex IV of appendix II of CNMV Circular 5/2013.

CNMV Circular on the interim disclosures by issuers with securities admitted to trading on regulated markets with respect to their semi-annual financial reports, interim management reports and, if required, their quarterly financial reports (Circular 3/2018, published in the Official State Journal on July 3^rd, 2018)
This Circular took effect the day after its publication and applies to the semi-annual financial and management reports corresponding to periods beginning on or after January 1^st, 2018, and have to be presented and published after the date of publication of the Circular.

The purpose of the Circular is to adapt the contents of the separate and consolidated semi-annual financial reports, interim management reports and quarterly financial reports for the changes resulting from: (i) developments in international financial reporting standards, particularly the accounting changes contemplated in IFRS 9 “Financial Instruments” and IFRS 15 “Revenue from Contracts with Customers”; (ii) new Spanish legislation, most importantly Bank of Spain Circular 4/2017 (Accounting Circular) and Royal Decree 583/2017 (of June 12^th, 2017) amending the accounting plan applicable to insurance and reinsurance entities and the rules on the issuance of consolidated financial statements by groups of insurance and reinsurance entities; and, (iii) other improvements taken on board by the CNMV to make the standards easier to understand.

Notes