The European Banking Authority (EBA) published on 26th September 2017 its revised Guidelines on Internal Governance. These Guidelines aim at further harmonising institutions’ internal governance arrangements, processes and mechanisms across the EU, in line with the new requirements in this area introduced in the Capital Requirements Directive (CRD IV) and also taking into account the proportionality principle. Effective internal governance is fundamental if individual institutions and the banking system as a whole are to operate well.
Weaknesses in corporate governance in a number of institutions have contributed to excessive and imprudent risk-taking in the banking sector, which has led to the failure of individual institutions and systemic problems in Member States and globally. In order to address the potentially detrimental effects of poorly designed corporate governance arrangements on the sound management of risk, and to take into account the new requirements introduced in the CRD in this area, the EBA has updated its Guidelines on internal governance, originally published on 27 September 2011.
The Guidelines put more emphasis on the duties and responsibilities of the management body in its supervisory function in risk oversight, including the role of their committees. They aim at improving the status of the risk management function, enhancing the information flow between the risk management function and the management body and ensuring effective monitoring of risk governance by supervisors. The ‘know-your –structure’ and complex structures sections, especially following the ‘Panama events’, have been strengthened to ensure that the management body is aware of the risks that can be triggered by complex and opaque structures and to improve transparency. In addition, the framework for business conduct has been further developed and more emphasis is given to the establishment of a risk culture, a code of conduct and the management of conflicts of interest.
Legal basis and next steps
Article 74 (1) of Directive 2013/36/EU requires that institutions must have robust governance arrangements, which include a clear organisational structure with well- defined, transparent and consistent lines of responsibility, effective processes to identify, manage, monitor and report the risks they are or might be exposed to, adequate internal control mechanisms, including sound administration and accounting procedures, and remuneration policies and practices that are consistent with and promote sound and effective risk management. Paragraph (3) of that Article mandates the EBA to issue Guidelines on those arrangements, processes and mechanisms.
The EBA Guidelines will apply as of 30 June 2018 to competent authorities across the EU, as well as to institutions on an individual and consolidated basis. The previous EBA Guidelines on internal governance (GL44) will be repealed on the same date.