The European Securities and Markets Authority (ESMA) and the European Banking Authority (EBA) ‘Guidelines on the assessment of suitability of members of the management body and key function holders under Directive 2013/36 and Directive 2014/65’ will apply from 30 June 2018. This means that each bank, investment firm and certain other entities have less than two months to complete a review of its approach to assessing the suitability of members of the management body and key function holders.
Overview of the Guidelines
Markets in Financial Instruments Directive 2 (MiFID II) extends corporate governance requirements set out in Articles 88 and 91 of the Capital Requirements Directive 2013/36 (CRD IV), which are currently applicable to banks and certain investment firms, to in-scope investment firms. It also includes a number of provisions which set out requirements regarding the composition of the management body and its role.
The guidelines aim to establish harmonised criteria for the assessment of the suitability of the members of the management body (Members) and key function holders, and to ensure that sound assessment processes are part of an institution’s governance arrangements.
In this regard, the guidelines specify the requirements regarding the suitability of members of the management body of a credit institution, investment firm, financial holding company and a mixed financial holding company. This includes any person to whom the management body has delegated executive functions, such as the CEO, management team or executive committee.
The guidelines also specify requirements regarding the suitability of the heads of internal control functions and the chief financial officer (CFO) of a credit institution and certain investment firms when not part of the management body; as well as other key function holders identified on a risk-based approach by an in-scope institution.
The guidelines are divided into eight titles and also contain a number of annexes.
Title I: Application of the proportionality principle
An in-scope institution should apply the proportionality principle when developing and implementing the policies and processes set out in the guidelines, in accordance with the criteria specified in the guidelines for assessing proportionality.
Title II: Scope of suitability assessments by institutions
An in-scope institution must assess the individual and collective suitability of Members both initially and on an on-going basis. The guidelines set out matters that should be taken into consideration for the purpose of a suitability assessment as well as certain triggers for re-assessments.
Title III: Notions of suitability listed in Article 91(12) of Directive 2013/36
Article 91 of CRD IV lists a number of requirements that an in-scope institution must take into account for the purposes of carrying out suitability assessments, including considerations of sufficient time commitment; honesty, integrity and independence of mind of a member of the management body; adequate collective knowledge, skills and experience of the management body; and adequate human and financial resources devoted to the induction and training of such Members.
The guidelines provide additional information on these requirements including, in particular, the requirement that a Member be able to commit sufficient time to perform his or her functions. According to the guidelines, when assessing a Member’s sufficient time commitment an institution must, among other things:
Title III also contains additional information on how to calculate the number of directorships held for the purpose of complying with the limitation on directorships set out in Article 91(3) of CRD IV.
Title IV: Human and financial resources for training of Members
Each institution must ensure a Member has a clear understanding of the institution’s structure, business model, risk profile and governance arrangements and the role of the Member(s) within them. An institution must also promote each Member’s awareness regarding the benefits of diversity in the management body and the institution.
A newly-appointed Member should receive key information at the latest within 1 month after taking up his or her position, and the induction should be completed within 6 months.
An institution must put in place policies and procedures for the induction and training of Members, which may be part of an overall suitability policy. They must also put in place an evaluation process to review the execution and the quality of induction and training provided and to ensure compliance with the induction and training policies and procedures.
Title V: Diversity within the management body
An in-scope institution must put in place and implement a policy promoting diversity on the management body, which refers to the diversity aspects set out in the guidelines.
A significant institution is expected to include a quantitative target for the representation of the underrepresented gender in the management body and specify an appropriate time frame within which the target should be met and how it will be met. A significant institution should also document, as part of the annual review of the management body’s composition, its compliance with the objectives and targets set and reasons for non-compliance as well as remedial measures.
An in-scope institution should implement a diversity policy for staff so as to facilitate an appropriately diverse pool of candidates for management body positions.
Title VI: Suitability policy and governance arrangements
An institution’s management body must adopt and maintain a policy for the assessment of the suitability of Members. The suitability policy should refer to the diversity policy. Changes must be approved by the management body and the institution must maintain documentation regarding the policy’s adoption and any amendments.
The suitability policy must be clear, well-documented and transparent to all staff within the institution. It must include principles on the selection, monitoring and succession planning of its members and for re-appointing existing members.
Title VII: Assessment of suitability by institutions
Generally, suitability assessments should be carried out before a Member is appointed, save in certain specified circumstances.
The guidelines set out the process by which an institution should assess suitability, including on how to gather relevant information.
An institution must monitor on an on-going basis and reassess the individual and collective responsibility of the Members. A significant institution is expected to perform a suitability re-assessment at least every year and a non-significant institution at least every two years.
An institution must transmit the outcome of the suitability assessments of new Members, including its collective assessment, to the competent authorities. This should include the documentation and information listed in Annex III of the guidelines. An institution must also inform the competent authority when re-assessments due to material changes occurred.
If an institution identifies shortcomings in individual or collective suitability it must inform the competent authority without delay.
Title VIII: Suitability assessments by competent authorities
A competent authority is expected to specify the supervisory procedures applicable to the suitability assessments of members of institutions’ management bodies and carry out certain suitability assessments itself.
An institution should be required to notify its competent authority of intended appointments in cases where the competent authority assesses the suitability of the appointment no later than two weeks before the appointment is to be made. Each competent authority should set out a maximum period for the assessment of suitability which should not exceed four months from the date of notification.
The guidelines also contain a number of annexes, including:
Each in-scope institution will need to revise its approach to suitability assessments to ensure compliance with the prescriptive requirements set out in the guidelines.
The EBA’s guidelines on internal governance will also apply from 30 July 2018. These EBA guidelines specify the internal governance arrangements, processes and mechanisms that a credit institution and CRD IV investment firm must implement in accordance with Article 74(1) of the CRD IV Directive to ensure effective and prudent management of the institution.
The Central Bank of Ireland is considering introducing a corporate governance code for investment firms. In 2015 it issued a consultation on corporate governance requirements for investment firms, and it has indicated that it is examining that consultation in the context of MiFID II implementation and expects to issue a feedback statement this month.
The Central Bank is also considering the merits of a senior managers regime similar to the one in the United Kingdom, according to its response to the Law Reform Commission’s issues paper ‘Regulatory Enforcement and Corporate Offences’. Such a regime would permit the Central Bank to require senior managers to submit a statement of responsibilities that clearly states the matters for which they are responsible and accountable. These requirements would assist in assigning responsibility to individuals in a regulatory context and decrease the ability of individuals to claim that the blame for wrongdoing lay elsewhere.