Response to consultation on revised Guidelines on internal governance under CRD

Go back

Question 1: Are subject matter, scope of application, definitions and date of application appropriate and sufficiently clear?

We appreciate EBA’s efforts to provide greater clarity on key aspects of the draft Guidelines, including the subject matter, scope of application, definitions and date of application. However, we have the following concerns regarding their appropriateness and clarity:

  • Subject matter and scope of application. The draft Guidelines appear to exceed the intended scope of interpreting existing EU legislation by introducing new obligations not envisaged under CRD6. We would like to reiterate that the purpose of EBA Guidelines is to support the interpretation and consistent application of current legal frameworks, rather than to establish additional regulatory requirements. If the Guidelines are issued before the full transposition and notification of CRD6 by all Member States, there is a significant risk of overlap or inconsistency with national regimes, which could compromise legal certainty and hinder the objective of regulatory harmonisation across the EU.
  • Definitions. We consider that further alignment of the definitions with the terminology used in CRD6 and national legislative texts that will transpose the Directive is needed. This would help avoid ambiguity and ensure consistency. In order to prevent divergent interpretations across Member States, any new or expanded definitions should be duly justified and remain consistent with both the Directive and nationally implemented measures.
  • Date of application. The draft Guidelines should only become applicable after all Member States have transposed the Directive and notified it to the European Commission. Otherwise, credit institutions may face conflicting requirements and uncertainty during the transition period. In this regard, we recommend that the date of application should not be set earlier than 2027, allowing sufficient time for proper implementation and alignment with national frameworks.
  • Supervisory convergence. We consider that the draft Guidelines should support supervisory convergence across the EU. However, applying them prematurely, before national frameworks are in place, risks fragmenting the regulatory landscape and undermining the objective of harmonisation.

Question 2: Are the changes made in Titles I (proportionality) and II (role of the manamgnet body and committees) appropriate and sufficiently clear?

We appreciate EBA’s efforts to improve clarity and reinforce the principles of proportionality set out in Title I, as well as to clarify the responsibilities of the management body and its committees established outlined in Title II. However, we would like to express several concerns regarding the appropriateness and clarity of the proposed changes:

Title I. Proportionality

While the Guidelines reaffirm the principle of proportionality, we believe that the current drafting does not provide sufficient clarity or flexibility for institutions to apply this principle in practice. The level of prescriptiveness in certain parts of the draft Guidelines may limit the ability of institutions (in particular, those with complex or group structures) to tailor their governance arrangements to their size, nature, and risk profile. It is essential that the Guidelines explicitly recognize the diversity of governance models across Member States, including those established under national law transposing CRD6. Credit institutions should retain the ability to organize their internal governance in the manner they consider most appropriate, in line with their own internal policies and procedures, if they remain compliant with the overarching requirements of the Directive and national laws.

We also observe that the draft Guidelines appear inconsistent in some cases. Although they state that national company law provisions will be respected, certain requirements conflict with existing national frameworks. This inconsistency could lead to confusion and legal uncertainty, especially where national regimes diverge from the approach outlined in the draft Guidelines. Therefore, the Guidelines should fully respect national legal systems and allow institutions to operate within governance structures recognized under national law.

Title II. Role and composition of the management body and committees.

  • Role of the management body and committees. The proposed changes introduced in Title II, particularly regarding the separation of functions, conflicts of interest, and the composition and responsibilities of committees, go beyond the requirements of CRD6 and may restrict organizational flexibility. For example, the proposed restrictions on the compatibility of roles within group structures and the additional requirements for committee composition are not always aligned with the Directive or with national implementing measures. This could result in overlaps or contradictions with national regimes, especially if the Guidelines are applied before full transposition. In particular, the Guidelines are overly restrictive regarding the compatibility of roles, even though institutions already have their own internal policies and procedures in place to mitigate potential conflicts of interest. We believe that credit institutions should retain the flexibility to organize their management bodies and committees in accordance with their own risk management frameworks, if these are effective and compliant with the overarching requirements.

    Moreover, some of the new obligations may introduce unnecessary administrative burdens and do not sufficiently reflect the need for streamlined and agile governance, as emphasized in the EBA’s own work on regulatory simplification.

  • Clarification of scope (paragraph 20). We recommend introducing clarifying language in paragraph 20 to properly delimit the scope of the obligations, in line with Article 88.3 of CRD6, which applies from the level of the management body in its management function. It should be made explicit that the requirement to maintain and report a mapping of duties and individual statements of responsibilities applies exclusively from the level of the management body in its management function. This clarification should also be reflected in paragraph 68.a(c) of the EBA Guidelines (see below response to question 3).
  • Remuneration committee - ESG knowledge (paragraph 51). We believe it is disproportionate to mandate specific ESG expertise—both individually and collectively—for members of the remuneration committee. The current wording already ensures a robust and balanced composition of competencies within the committee. A more suitable approach would be to maintain a broad experience criterion encompassing ESG, remuneration, human resources, and governance, while recognising the complementary roles of the risk committee and other relevant bodies (notably the sustainability committee). This is consistent with Article 76.4.2 of CRD6, which states the following: 

The management body in its supervisory function and, where one has been established, the risk committee shall determine the nature, the amount, the format, and the frequency of the information on risk which it is to receive. In order to assist in the establishment of sound remuneration policies and practices, the risk committee shall, without prejudice to the tasks of the remuneration committee, examine whether incentives provided by the remuneration system take into consideration risks, including those resulting from the impacts of ESG factors, capital, liquidity and the likelihood and timing of earnings.”

Moreover, the proposed drafting does not adequately reflect the full range of responsibilities of the remuneration committee, focusing only on ESG factors and overlooking other key duties.

  • Role of the risk committee (paragraph 61.c). We note that the paragraph 61 expands the responsibilities of the risk committee to include oversight of “fundamental rights”. In our view, the reference to “fundamental rights” exceeds the remit of these Guidelines and the competence of the risk committee. Matters related to fundamental rights are already addressed by broader legal frameworks at both the EU and national levels and should not be included as a specific responsibility of the risk committee within the context of internal governance. We therefore recommend that this reference be deleted from the Guidelines.
  • Diversity and inclusion. We welcome the decision not to impose specific quotas or percentages regarding diversity and inclusion. In the current geopolitical context, such requirements could create challenges for credit institutions with extraterritorial activities. We encourage the EBA to maintain this approach, allowing institutions the necessary flexibility to address diversity and inclusion in a manner that is appropriate to their specific context and operational realities.

 

Question 3: Are the changes made in Title III (governance framework) section 6 appropriate and sufficiently clear?

Regarding the changes introduced in section 6 of Title III on governance framework, particularly with respect to the requirements for mapping of duties and individual statements, we would like to make the following comments:

  • Excessive granularity and operational burden. The proposed obligations regarding the mapping of duties and individual statements introduce an excessive level of granularity, which is incompatible with the need for agile and adaptive management required by credit institutions in a competitive environment. Such detailed requirements may hinder the ability of institutions to respond efficiently to changing business needs and organizational structures.
  • Legal certainty and timing. In the absence of formal transposition of CRD6 by Member States, there is insufficient legal certainty for financial institutions to implement these new requirements, especially since Article 88.3 of CRD6 gives a mandate for Member States to develop it. Therefore, the obligations set out in paragraphs 68a and 68b should be deleted to avoid potential conflicts with national transposition processes.
  • Consolidated reporting (paragraph 68.a(b)). We request the deletion of the obligation to report mappings of duties and individual statements at a consolidated level for each subsidiary. This requirement goes beyond what is established in Article 88.3 of the Directive and represents a disproportionate operational burden, particularly for banking groups with complex structures. For example, a parent entity would be required to maintain an up-to-date repository of individual statements for employees whose responsibilities may frequently change, compromising efficiency.
  • Time commitment (paragraph 68.b(a)). We recommend deleting references to “time commitment”, as suitability matters do not fall within the scope of these Guidelines. In any case, it is not appropriate to include time commitment statements for executive positions.
  • Individual statements in suitability procedures (paragraph 68.b(d)). The requirement to incorporate individual statements into suitability procedures is not foreseen in Article 88.3 of CRD6. If such a requirement is to be considered, it should be addressed exclusively through the future RTS (Regulatory Technical Standards) still under development, not through these Guidelines. The Guidelines should facilitate the implementation of Article 88.3, not expand its scope with additional obligations. Consequently, section 9 of the Guidelines should also remove any reference to suitability procedures.
  • Collective responsibility (paragraph 68.c). Paragraph 68.c establishes a regime of collective responsibility below the management body in its management function, which should not be imposed through a non-binding instrument such as Guidelines. Introducing such an obligation via an inappropriate normative vehicle exceeds the proper remit of Guidelines and creates legal uncertainty in the exercise of internal governance functions. We propose eliminating this paragraph.
  • Annex. We consider that the Annex should not be included in the Guidelines, given its excessive level of detail and interventionism, as explained above.

For clarity and to avoid confusion, we recommend that section 7 retains its previous title “organisational framework in a group context”. If not, it may be confused with section 6.1, which currently shares the same heading. Maintaining distinct and consistent titles is essential to ensure the readability and technical accuracy of the Guidelines.

In summary, while we support the objective of enhancing governance frameworks, we believe that the requirements in section 6 are overly detailed, create unnecessary administrative burdens, and may conflict with both the Directive and national implementing rules. Our primary recommendation is to delete the identified paragraphs. If not, we would urge a thorough revision of this section to ensure clarity, proportionality, and legal certainty.

Question 4: Are the changes made in Title III section 7 (third-country branches) appropriate and sufficiently clear?

Non-Applicable

Question 5: Are the changes made in Title IV (risk culture) appropriate and sufficiently clear?

We have significant concerns regarding the changes introduced in Title IV, particularly with respect to the new restrictions on the compatibility of roles and conflicts of interest within intra-group structures, as set out in paragraph 107.a of the draft Guidelines. In this regard, we would like to propose the following:

  • Deletion of paragraph 107.a. The provisions set out in paragraph 107.a of the draft Guidelines introduce additional restrictions on the compatibility of roles and conflicts of interest within banking groups that are not foreseen in CRD6. These limitations reduce the organizational flexibility of banking groups and create unnecessary burdens, without clear justification. Therefore, we consider that the proposed prohibition on combining the role of CEO of a subsidiary and chair of the parent company should be rejected. This scenario differs fundamentally from the situation addressed in Article 88.1 of CRD6, which refers to the simultaneous holding of CEO and chair roles within the same entity.

Moreover, the simultaneous exercise of the role of member of the management body, in both its management and supervisory functions, in different institutions within the same group, is not considered problematic under the current conflicts of interest framework. On the contrary, CRD (Article 91.4), the EBA Guidelines on Suitability and the Guidelines on Fit & Proper issued by the ECB do not require additional reporting obligations in these cases but rather recognise a privileged calculation that facilitates the compatibility of such intra-group roles. The introduction of stricter requirements in this area is not only unnecessary but may also contradict the existing regulatory framework and the current supervisory practices.

Additionally, we believe that these new restrictions may undermine the ability of banking groups to leverage internal expertise and ensure effective oversight across group entities, especially in complex or cross-border structures. The flexibility to allocate roles within the group, subject to robust internal policies and conflict of interest mitigation measures, is essential for efficient and effective governance. Imposing blanket prohibitions or additional reporting requirements could have the unintended consequence of reducing the pool of qualified candidates for key positions and increasing administrative burdens, without a corresponding benefit in terms of risk culture or governance quality.

It is also important to highlight that the current regulatory framework already provides for adequate safeguards to address potential conflicts of interest, including requirements for transparency, disclosure, and the implementation of internal policies and procedures. In this regard, we consider that the draft Guidelines should recognise and build upon these existing mechanisms, rather than introducing duplicative or conflicting obligations.

  • Deletion of paragraph 107.c. The provisions set out in paragraph 107.c of the draft Guidelines address matters that are already fully covered by the general rules on the duty of loyalty, avoidance of conflict of interest, and the abstention that apply to both the CEO and other board members. Therefore, we consider that the introduction of an additional regime is not justified and would only create overlaps and legal uncertainty.

In summary, while we support the objective of fostering a strong risk culture, we believe that the changes in Title IV, particularly those relating to intra-group governance and the cooling off period, are not appropriate. In this regard, we recommend that the draft Guidelines be revised to ensure consistency with the Directive, respect for national and group-level governance arrangements, and the preservation of organizational flexibility, while continuing to promote high standards of risk culture and conflict of interest management.

Question 6: Are the changes made in Title V (internal control framework) appropriate and sufficiently clear?

Non-Applicable

Question 7: Are the changes made in Title VI (business continuity managment) appropriate and sufficiently clear?

Non-Applicable

Upload files

Name of the organization

Spanish Savings and Retail Banking Association (CECA)