Response to consultation on Joint ESMA EBA Guidelines on suitability of management body

Go back

Question 1: Are there any conflicts between the responsibilities assigned by national company law to a specific function of the management body and the responsibilities assigned by the Guidelines to either the management or supervisory function?

Current descriptions in the Guidelines create confusion, and potential legal inconsistencies on roles of executive functions, management functions and supervisory functions.
The notions of management body in its supervisory function and management body in its management Function need to be clarified.

Indeed, the different corporate legal systems within Europe can be synthesised as follows:
• Unitary board system
o (e.g. UK or Spain): one single collective body performs both executive and supervisory functions; or
o (e.g. France): one collective body (i.e. the board of directors) oversees the supervisory Function and some management functions (including the determination of the institution’s strategy); whereas the executive function (i.e. the daily management of the institution) is ensured by one or more physical persons (i.e. the CEO and Deputy CEOs). In such a system, the CEO and Deputy CEOs can be allowed to be members of the board of directors, but when acting as such members, they do not conduct executive functions (they act as every other board member), and they are of course in minority in number.
• Dual board system (e.g. Germany, or France for system with supervisory board and management board): one collective body is in charge of the executive function and one other separate collective body is in charge of supervisory function.

According to our understanding of CRD4, a distinction should be made between the executive function, management function and the supervisory function, irrespective of the corporate legal system applicable. This general principle is observable throughout the whole CRD4 and can be illustrated in particular in Article 88, 1. d) according to which “the management body must be responsible for providing effective oversight of senior management”.
As each national law is different, and because CRD4 expressly mentions in Recital 55 that “the definitions used should not interfere with the general allocation of competences in accordance with national company law”, we strongly recommend that the guidelines expressly clarify that when the term ‘management body’ is used without reference to the supervisory or the management function, the missions allocated to the ‘management body’ shall be allocated to the right body under applicable national law.

Question 2: Are the subject matter, scope and definitions sufficiently clear?

AFME notes that the term ‘key function holders’ does not exist under either Directive 2013/36/EU (CRD4) or Directive 2014/65/EU (MiFID2). We question, therefore, the legal basis for introducing this term, although it is used in the existing EBA 2012 Guidelines. If, notwithstanding that, the term is to be used, we request additional clarification as to how ‘key function holders’ differ from ‘material risk takers’ as defined in Commission Delegated Regulation (EU) 604/2014.

Additionally, these guidelines should take into account remarks made in Internal Governance Draft Guidelines. The definition is currently too large and insufficiently clear to be operational (definitions, page 19 and paragraph 44 page 12). We suggest that the definition should be limited to the Chief Finance Officer (CFO) and heads of key internal control functions of consolidated CRD institutions.

The current definition of ‘Geographical Provenance’ is too broad. Further clarity is needed around how firms would assess individuals against this requirement, especially with regards ensuring that the management body is made up of individuals from diverse “cultural backgrounds”.

Please note, the terms ‘executive directorship’ and ‘non-executive directorship’ are only suitable for unitary board structures; ‘management’ and ‘supervisory’ functions should be used instead.

In paragraph 10, as the application of the Guidelines has been extended to subsidiaries not subject to CRD4 we assume that it is not the intention to apply these Guidelines to other legal entities (e.g. non-operating entities) the same way as to CRD4 institutions, which could be an excessive burden depending on the nature, size and complexity of in the respective legal entity. While the proportionality principle goes some way in confirming that, it would be useful to make expressly clear within the scope how these guidelines would apply to different types of legal entities.

Question 3: Is the scope of assessments of key function holders by CRD-institutions appropriate and sufficiently clear?

As mentioned above, CRD4 does not refer to the concept of “key function holders” and particularly, Article 91.12 of CRD4 does not provide for any assessment (nor any re-assessment) of this population. We therefore recommend removing the section regarding the suitability assessments of key function holders.

If maintained, the list of key function holders should be strictly limited, and we propose that this limitation is to the CFO and heads of key internal control functions, of consolidated CRD institutions.

For paragraphs 16-25, we suggest flexibility for institutions as to how, and in which form, ongoing assessments are to be performed, in particular to keep the administrative burden and the documentation requirements to an adequate level.

On paragraph 20, while we agree with the general requirement to assess the suitability of board members and key function holders on an ongoing basis, we suggest to clarify the triggers for a reassessment to avoid unnecessary administrative burden. For this, 20 b and c seem to be sufficient to cover a reassessment.

On paragraph 21, under a dual board system, institutions usually will not be informed whether members of the supervisory board have accepted a new mandate and even if a policy is implemented requiring notification, to enforce this would be a challenge. Therefore, institutions will regularly not be in a position to reassess the time availability on that basis. In case the draft guidelines will not be able abandon this requirement, it should be clarified that an adequate assessment of the time availability should be performed, once the institution is made aware of the new mandate.

Regarding paragraph 32, which concerns the assessment of the initial and ongoing suitability of key function holders, the Guidelines mention that this is primarily the institutions’ responsibility. However, a clarification should be made as to who, or which body, will be responsible for those tasks within the institution and in this sense, we suggest that the management body should be the responsible party.

Question 4: Do you agree with this approach to the proportionality principle and consider that it will help in the practical implementation of the guidelines? Which aspects are not practical and the reasons why? Institutions are asked to provide quantitative and qualitative information about the size, internal organisation and the nature, scale and complexity of the activities of their institution to support their answers.

AFME agrees with the approach, but the specific case of entities within a group should nevertheless be more taken into account and specified (proportionality principle). Duplication of formalities and documentation required at the different levels of a group organisation must be avoided where possible. For subjects handled by the group, subsidiaries should have rules allowing them to benefit from exemptions or reduced obligations.

Question 5: Do you consider that a more proportionate application of the guidelines regarding any aspect of the guidelines could be introduced? When providing your answer please specify which aspects and the reasons why. In this respect, institutions are asked to provide quantitative and qualitative information about the size, internal organisation and the nature, scale and complexity of the activities of their institution to support their answers.

Yes, as set out below:

In paragraph 16b i “when appointing new members of the management body, including as a result of a direct or indirect acquisition or increase of a qualifying holding in an institution”, It is necessary to clarify that the assessment will not affect other members, but rather the new member and the collective as a whole.

In paragraphs 25&26, the on-going assessment or re-assessment of the individual and collective suitability of the members of the management body appears operationally cumbersome. Limiting to yearly assessment and after important changes would provide greater clarity.

Question 6: Are the guidelines with respect to the calculation of the number of directorships appropriate and sufficiently clear?

AFME agrees that it is reasonable to ensure that members of the management body are able to commit sufficient time to their position, the level of which should be assessed by each individual firm. However, we note that the time required depends on many parameters, sometimes very subjective: qualities and experience of the member, own speed and efficiency of the member; the specificities of the entities, period and level of activity etc.

We also note our comment regarding paragraph 21 above: that under a dual board system, institutions usually will not be informed if a member of the supervisory board accepts a new mandate, and therefore will regularly not be in a position to reassess the time availability on that basis.

It is unclear as to how paragraph 38, which requires members of the management body to have a ‘buffer’ of time in case of ‘increased activity’, will in practice be complied with. AFME agrees that it is reasonable to ensure that members of the management body are able to commit sufficient time to their position, both in normal and ‘stressed’ circumstances, the level of which should be assessed by each individual firm. However, it would be difficult for a firm to require each member of the management body to commit to keeping additional time aside on an ongoing basis in case of an extraordinary event, and the notion of a buffer of time is, in any case, quite subjective and difficult to assess. The same may also be true regarding paragraph 43 on long term absences.

Regarding paragraph 39ff, we fully agree with the exclusion of directorships in organisations that “do not pursue predominantly commercial objectives” from the calculation, in line with Article 91 (3) of CRD4. However, such directorships must also be excluded when assessing an individual’s time commitment as their inclusion would be likely to produce the very consequences that Article 91 (3) seeks to avoid. That is, directors may have to reduce the number of roles they assume within charitable organisations even if the time requirement is low for such roles. Furthermore, the requirement to include “other external professional, political activities and any other functions and relevant activities” is very broad and will not be administrable in practice.

The parameters required for consideration in paragraph 39 will also be a challenge due to the high level of detail required and the global nature of many businesses. From a practical point of view, formalised documentation linked to these requirements will be difficult to provide. These kinds of elements need to be taken into consideration, but they cannot be precisely quantified. They should be given as examples to evaluate an indicated estimated time.

The requirement in paragraph 40 of a written documentation of functions and responsibilities of different positions within the management body by institutions will be hard to achieve in practice. The reason, in particular for a dual board system, is that the boards have a joint responsibility for the management/supervision of the company and definition (and recording) of the required time commitment is only possible where responsibilities have been delegated to individual board members. We are concerned that the envisaged recording and documentation results in a standardised time requirement which contradicts the individual responsibility of board members to ensure that they properly fulfil their roles depending on their individual circumstances and experience. In addition, the institutions will not be able to provide precise information about expected time commitments as this is dependent on the risk and economic situation of the institution during the time the specific board member holds that role. The recording and documentation will also lead to additional administrative burden without ensuring the Guidelines’ intended added value.

Even though the institutions need to ensure that a board member or key function holder has sufficient time to perform their main duties, monitoring performance as an indicator for such a requirement, the actual time requirement attached to different roles varies from one individual to another. An objective assessment with all the details listed in the draft will be hard to be to administer in practice. In particular, ongoing written records for all individual responsibilities will be a significant administrative burden, which we suggest to delete or at least to restrict to material external professional and political functions. Again, the applicability for subsidiaries requires clarification.

Paragraph 50 should be clarified to confirm that it does not go beyond CRD4 rules.

Question 7: Are the guidelines within Title II regarding the notions of suitability appropriate and sufficiently clear?

We are concerned that there may be a conflict between some of the requirements to obtain information on prospective or current members of the management body contained within Title II and national or EU data protection laws, such as the General Data Protection Regulation - Regulation (EU) 2016/679. The consultation paper briefly acknowledges the conflict, in paragraph 179, in relation to Competent Authorities. However, the primary assessment in all cases is to be made by firms. We would therefore suggest that there is a clear acknowledgement that obtaining the required information should be on a ‘best efforts’ basis, and should never put a firm or an individual in conflict with data protection regulations.

On paragraph 57, which refers to Annex II ‘List of skills’: Annex II shall provide examples of skills to be considered in a suitability assessment, but shall not be a ‘non-exhaustive list’, which would mean that all of the skills of Annex II shall be considered, plus those that the entity may consider appropriate. We understand that each entity should consider and weigh skills at its discretion, and we accept that a list of skills is included in the Guidelines, but only as a non-binding recommendation.

On paragraph 66: the entity appoints a management body at its own discretion, according to the factors that it deems convenient, which should not be limited to, or include, all of those referred to in section 66. Therefore, the reference “including the following aspects”, should be substituted by “such as the following aspects”.

The Guidelines also require consideration of “any other evidence that suggests that the person acts in a manner that is not in line with high standards of conduct”. This should read “material evidence”, to avoid any confusion that continuous assessment is necessary. A minimum frequency should also be included, as 'ongoing assessment' should not be read to mean several assessments per year in normal circumstances.

Question 8: Are the guidelines within Title III regarding the Human and financial resources for training of members of the management body appropriate and sufficiently clear?

On paragraph 83, the period of one month for newly appointed members of the management body to receive induction and to clearly understand the institution’s structure, business model, risk profile and governance arrangements is not sufficient. We recommend a longer timeframe.

On paragraph 84, it can sometimes be difficult to identify the appropriate training and induction before the position is taken up because prior to the appointment of the board member at the general meeting, the board member is not appointed.

On paragraph 85, it may be more appropriate for subsidiaries to rely on training and induction policies of their parent company, as adapted to the business and the location of the subsidiary.

Question 9: Are the guidelines within Title IV regarding diversity appropriate and sufficiently clear?

AFME is supportive of the promotion of diversity in the workplace, and our members are committed to this policy objective through a variety of individual and collective schemes and policies. We agree that a diversity policy should “at least refer to…education and professional background, gender, age…and geographical presence”.

However, whilst we appreciate that this is a requirement under CRD4 Article 88(2), AFME does not support the use of targets singling out gender diversity. Gender diversity (as well as age diversity and other diversities) should form a part of a wider diversity policy. We suggest that the Guidelines should not impose quotas, but should refer to existing national laws or ‘soft’ laws.

On paragraphs 92-93 we would appreciate clarity as to whether the expectation is for institutions to develop a standalone diversity policy in case such requirements are already embedded in other existing policies and documents. There are issues regarding the authority to issue such a policy in a dual board system, which leads to an additional administrative burden.

The list of diversity criteria should be a non-binding list. We suggest that EBA-ESMA replace “the diversity policy should at least refer to the following diversity aspects…”, with “the diversity policy should for instance, notably refer to the following diversity aspects…”.

Question 10: Are the guidelines within Title V regarding the suitability policy and governance arrangements appropriate and sufficiently clear?

The guidelines are clear, but insufficiently adapted to some effective entity needs and specificities, notably for entities within a group. Please see comments linked to the group context and proportionality mentioned in Q4.

On paragraph 98, under German corporate law, for instance, the supervisory board has the responsibility to appoint the members of the management board and to supervise and advise the management board and its members. The management board is responsible for managing the corporation. The responsibility for the suitability of the members of the management board is therefore legally with the supervisory board, while the responsibility for key function holders is with the institution, i.e. the management board. In this context, it is unclear where the ultimate responsibility for the creation and maintenance of the proposed suitability policy would sit. At a minimum, two separate policies/documents would appear to be needed in this case.

On paragraphs 123 & 124 concerning the “sufficient number of independent members” that “are not employed by any entity within the scope of consolidation and are not under any other undue influence or conflicts of interest…”, the Guidelines are too restrictive. The independence criteria of members should rely on national legislation or rules. It should give different level of obligations according to the entities specificities. For instance, under the German corporate system, where the members of the supervisory board are either elected by employees or elected by shareholders, the broad definition of ‘independence’ would likely lead to uncertainty around who is actually independent and therefore complicate the establishment of necessary board committees (nomination committee, risk committee).

In our view, the independence of members of the management body requirements are too binding to apply to all regulated entities of a group, especially for non-listed entities or non-material entities exclusively controlled by a group. Only significant heads of groups, whose shares are listed on a regulated market, should be concerned.

The independence criteria of members of the management body is not provided for in CRD4 regulation. Therefore, it should not be presented this way in the Guidelines. Should the independence criteria be maintained, the Guidelines should only refer to independence of mind of the members, as stipulated in the ECB Guide.

Indeed, the notion of independence in the Guidelines may be very difficult to implement, if based on a very restrictive definition of ‘independence’, such as those provided in some national soft laws or laws, (but mainly for listed entities):
• Some reasons lie in the limited number of board members of many regulated entities, the difficulty of finding adequate independent profiles and the costs it imposes;
• Other reasons lie in the fact that in many cases, having systematically ‘independent members’, may not add much value in the supervisory process, this may create additional burden and slow down decision-making processes. This is particularly the case for fully-owned subsidiaries of a group, which is not sufficiently taken into account in the Guidelines.

Question 11: Are the guidelines within Title VI regarding the assessment of suitability by institutions appropriate and sufficiently clear?

On paragraph 127 and 128, not all of the newly required assessment of the suitability of directors set out in the Guidelines can be disclosed to the shareholders before such directors are appointed. For instance, the disclosure required would be regulated, in any case, in the national regulation regarding shareholders’ rights.

Additionally, paragraph 127 outlines that suitability assessments should be performed as soon as practicable and at the latest within three weeks. This period of time does not appear to offer a sufficiently material period of time after appointment to perform a meaningful assessment. Please see also our comments in response to Q13.

It must be noted that, with respect to Spain and France, shareholders already have available a report of the management body for the appointment and re-appointment of independent and non-independent directors, plus a report of the nominations committee in the latter case. In such reports, the relevant directors analyse the suitability of the directors according to the regulation in light of his/her competence, experience and merits. Additionally, in the annual corporate governance reports a description is made on matters such as the composition of the board, remuneration, training, conflicts of interest or positions held in other companies.
The disclosure of all the personal and professional details required for the directors could also damage the directors’ privacy.

On paragraph 140, it would be useful to recognise the different roles of the supervisory function within unitary and dual board firms. Specifically, to provide guidance on how collective suitability is applied to each. The matrix in Annex 1 implies that they should be assessed as if the function had the same responsibilities.

Question 12: Are the guidelines with regard to the timing (ex-ante) of the competent authority’s assessment process appropriate and sufficiently clear?

The Guidelines are sufficiently clear; however, we outline our concerns in our response to question 13. Even though there is a limited timeframe for the Competent Authority to revert, our concerns relate to what is considered to be a complete documentation or information. One solution could be to limit the number of emails requiring information or additional documentation by the Competent Authority (as it seems to be the case in Dutch regulation). Another could be to limit the time for the Competent Authority to revert, with the time period started when the file is sent, and with additional questions or requests for information not affecting the overall time limit.

Question 13: Which other costs or impediments and benefits would be caused by an ex-ante assessment by the competent authority?

AFME is concerned by the timings introduced by this consultation paper. The Guidelines issued by the EBA in 2012 were flexible in terms of timings, and noted that, while the assessment should take place before the appointment, it could take place afterwards and must be completed within six weeks. However, this consultation paper suggests a three to four-month assessment period by the Competent Authority, and firms will be required to source all the required information and make their own internal assessment before the assessment period of the Competent Authority can begin. It is not clear from the draft Guidelines exactly what will be considered complete information by the Competent Authority which could add to the timescale. This will create long hiring/appointment delays which could leave a key position unfilled for a significant period.

Where national law requires shareholder approval of proposed directors before their appointment, it would not be possible to make a final assessment of the collective suitability of the management body until such approval has been obtained. In addition, there may arise issues of personal data protection, or of the confidentiality of the proposed appointment and/or the discussions, decisions and strategy of the board of directors in question. We therefore suggest that the Guidelines are modified, allowing some or all of the internal and regulatory assessments to take place ex-post, where national law allows this, with measures put in place that would allow the immediate removal of an individual should the completed assessment subsequently require it.

Question 14: Which other costs or impediments and benefits would be caused by an ex-post assessment by the competent authority?

Please see our response to Q13.

Question 15: Are the guidelines within Title VII regarding the suitability assessment by competent authorities appropriate and sufficiently clear?

The guidelines are appropriate and sufficiently clear.

Question 16: Is the template for a matrix to assess the collective competence of members of the management body appropriate and sufficiently clear?

We find this matrix very extensive, complex, and potentially onerous. We doubt if it will encourage sensible risk taking and collegiate decision making within firms.

Question 17: Are the descriptions of skills appropriate and sufficiently clear?

AFME disagrees with the definition of ‘loyalty’ given at point h. The definition as drafted is broad, and ranges beyond loyalty itself, into areas that might better be described as ‘commitment’ or the already present ‘judgement’.

Question 18: Are the documentation requirements for initial appointments appropriate and sufficiently clear?

Please see our response to Q7.

In addition, we would like to raise the following comments regarding Annex III ‘Documentation requirements for initial appointments’

Section 1
• Paragraph 1.2a: We consider the need to provide these documents as excessive – all the relevant information included in these documents is already made available to the shareholders (remuneration, responsibilities, term of office, golden parachutes, non-compete clauses, etc.). Moreover, such documents, where appropriate, may include other personal information which we understand shall not be disclosed.
• Paragraph 1.3: we request the inclusion of a specific term (such as three years, as set out in the 2012 Guidelines), and include a reference for the provision of this information to be conditioned upon to the compliance of the corresponding data protection regulation.
• In addition, we request a modification to the sentence “…in the banking or financial sector, including” such as “…in the banking or financial sector, including, to the extent possible or permitted by the referenced persons…”.

Section 5
• The applicable national and EU regulation related to accounting, financial reporting, capital markets and corporate enterprises already provides detailed definitions of conflicts of interest and related parties, and thus definitions of such terms should not be included in the Guidelines.
• Moreover, the concept of conflicts of interest requires that (i) the affected person has conflicting interests with the entity; and (ii) the matters affected by the conflicts are within his/her scope of decision-making. Consequently, we suggest replacing paragraphs 5.1 a, b and c by a generic reference to the applicability of national and EU regulation defining conflicts of interest and related parties. Additionally, we suggest that the following amendments to Section 5 are included:
• Section 5, paragraph 5.1: we suggest the replacement of “All financial and non-financial interests that could create potential conflicts of interest, should be disclosed, including but not limited to…”, with “All financial and non-financial interests that could create potential conflicts of interest (excluding such ordinary commercial relations held by the affected person with the entity that are offered in similar market conditions by the entity to groups of clients), should be disclosed, including but not limited to…”.
• Section 5.1 d: we suggest the replacement of “whether or not the individual is being proposed on behalf of any one substantial shareholder” with “whether or not the individual is being proposed on behalf of any one significant shareholder (as this term is defined in the regulation applicable to capital markets)”.
• Section 5.1 f: we suggest the replacement of “any positions of political influence (nationally or locally) held over the past 2 years” with “any positions of significant political influence over the entities’ businesses or activities (nationally or locally) held over the past 2 years”.

Section 6
• The applicable Regulation on corporate enterprises already provides the directors’ fiduciary duties vis–à–vis the entity, considering the nature of the directors’ position and the functions attributed to them, and ensures that they have sufficient dedication.
• This is complemented in the case of credit entities’ regulation with detailed provisions on the sufficient time commitment of the directors and on the limitation of positions. The applicable regulation thus already provides the framework of the time to be committed by directors, by mixing the due directors’ compliance with their fiduciary duties (reflected in a commitment made by the director to the entity) plus an objective limitation of positions set out in the credit entities’ regulation. Other provisions included in the Guidelines regarding specific time to be committed, evaluation of non-commercial commitments, the size of entities and number of meetings in each mandate, exceeds the requirements and scope of the regulation, and will provide a too simple, objective and possibly wrong view of the time that the proposed director may commit to the entity.

Section 7
• Section 7.1: The roles and functions of each director in unitary board systems are included in the applicable regulation and in the entity’s bylaws and/or board regulations. We therefore suggest this section is deleted, or adapted for unitary board structures.

Question 19: What level of resource (financial and other) would be required to implement and comply with the Guidelines (IT costs, training costs, staff costs, etc., differentiated between one off and ongoing costs)? If possible please specify the respective costs/resources separately for the assessment of suitability and related policies and procedures, the implementation of a diversity policy and the guidelines regarding induction and training. When answering this question, please also provide information about the size, internal organisation and the nature, scale and complexity of the activities of your institution, where relevant.

The implementation of the Guidelines will involve additional training costs and staff costs. However, such costs are currently hardly predictable, and we are therefore unable to provide a detailed answer in response to this question.

Name of organisation

Association for Financial Markets in Europe (AFME)