Primary tabs


In general, we request to review and amend the terms used with regard to the definitions of ‘financial institutions’ and ‘investment firms’. It must be clarified that only investment firms covered by Article 26 IFR are subject of these guidelines. This applies at least to the following requirements:

 Status of these guidelines (paragraph 1 of the draft guidelines): We request replacing the term ‘financial institutions, including investment firms’ with the term ‘investment firms covered by Article 26 of the Directive (EU) 2019/2034’.

- Subject matter: We request clarifying the subject matter in paragraph 5 of the draft guidelines based on the scope of Article 26 IFD as proposed in our attached response.

- Legal scope: The reference in paragraph 7 of the draft guidelines to the definition of financial institutions of the EBA Delegated Regulation and the MiFID II definition of investment firms is very far reaching and not in line with the scope of the IFD framework. This would involve several entities which are not in scope of the IFD framework but provide MiFID services (such as credit institutions providing MiFID services). The scope of the EBA guidelines should be clearly limited to investment firms in the meaning of Article 2 IFD (authorised and supervised under MiFID II) which do not meet the conditions of Article 12 IFR. Therefore, we request amending the addressees of the draft guidelines (paragraph 8) as proposed in our attached response.
Regarding the criteria for application of the proportionality principle addressed in paragraph 20 of the draft guidelines, we would like to highlight that the amount of assets under management are not suitable and eligible to be a stand-alone criterion in order to ensure an appropriate implementation of the governance requirements. We are aware that the amount of assets under management is a threshold for the own capital requirements, but this is appropriate for that purpose since operational risks could affect all portfolios managed. However, in setting up governance requirements, the nature, scope and complexity of the activities provided by portfolio managers should be relevant (such as the underlying risk profiles of the business activities that are carried out). In addition to the authorised activity, the type of investment policies and strategies of the portfolios managed, the national or cross-border nature of the business activities and the additional licences to provide MiFID services should be relevant. Therefore, we request to clarify that in assessing what is proportionate, the focus should be on the combination of all the mentioned criteria (size, internal organization and the nature, scope and complexity of the activities).

Moreover, we request adding a general provision (new paragraph) that a higher level of sophistication should be expected where investment firms are authorised to hold clients’ money or assets or provide services and activities listed in point (6) and (7) of Section A of Annex 1 to Directive 2014/65/EC. This would be in line with the current approach applicable for limited licence firms defined in Article 4(1)(2)(c) CRR to which the CRD governance rules do not apply. Moreover, the draft EBA guidelines on remuneration policies and practices also address that approach as part of the proportionality principle (cf. paragraph 80 of the draft remuneration guidelines).

Furthermore, we request to clarify in paragraph 26 that a ‘sustainable business model’ does not mean an ESG business model with the requirement to ensure strategies based on sustainable finance models.

As already mentioned in our introduction remarks, the provisions on formal independence of members of the management body in paragraph 37 of the draft guidelines do not apply in Germany. We therefore welcome the reference to ‘without prejudice to national law’. However, we suggest reviewing the need for such a provision in these guidelines because this is already addressed in the Joint ESMA and EBA Guidelines on the assessment of the suitability of members of the management body and key function holders under Directive 2013/36/EU and Directive 2014/65/EU. Any kind of double regulation should be avoided and could help to set up practicable and unambiguous rules.
We request reviewing all references to ‘parent investment firms and their subsidiaries’ and all other terms and definitions used in the group context. It seems that the terms used do not comply with the definitions and scope of the prudential consolidation of IFD/IFR framework in all cases. For example, not every parent company of an investment firm group is an investment firm. This applies in particular to the general group approach in paragraph 77 of the draft guidelines. We therefore disagree with the scope definition to the effect that the ‘parent investment firms and their subsidiaries’ should ensure that governance arrangements are consistent and well-integrated on a consolidated basis.

In that context, we refer to our position paper on the Draft RTS on prudential consolidation of investment firm groups (Article 7(5) of the IFR) where we addressed our concerns in the group context.
As already mentioned in our introduction remarks, we request avoiding any double regulation or more complexity of the requirements. We suggest to delete all requirements which are not covered by Article 26 IFD, but subject to the MiFID requirements (such as whistleblowing processes, conflict of interest policy) and already addressed in other guidelines such as the joint ESMA and EBA guidelines on the assessment of the suitability of members of the management body and key function holders under Directive 2013/36/EU and Directive 2014/65/EU. These requirements are not covered by the mandate given to the EBA to issue guidelines according to Article 26 IFD. The scope of the internal governance guidelines should be limited to:

- a clear organisational structure with well-defined, transparent and consistent lines of responsibility
- effective processes to identify, manage, monitor and report the risks that investment firms are or might be exposed to, or the risks that they pose or might pose to others,
- adequate internal control mechanisms, including sound administration and accounting procedures,
- remuneration policies and practices that are consistent with and promote sound and effective risk management.
We have the impression that the guidelines (in particular the requirements on the tasks and responsibilities of the risk management function) are only focussed on the investment firms risk profile. In general, this is an appropriate approach. However, investment firms providing portfolio management without a licence on dealing on own account or holding client assets or money have their risk management focus on the portfolios managed. We therefore would like to clarify that the governance rules cover these activities in an appropriate and proportionate way.
We assume that the EBA is aware of further developments and the new proposals on digitalisation of operational resilience (DORA) to cover ICT risks and activities provided by ICT parties. The proposal of a new Regulation will cover all internal risk management requirements of supervised entities in that context and due to a lack of legal requirements will replace the current supervisory approaches. We therefore request reviewing the provisions in the draft guidelines in order to avoid double regulation and additional administrative burden through implementation of different provisions on different times.
The proposed external transparency requirements are not part of the mandate given to the EBA in Article 26 IFD. We therefore request limiting the provisions to internal transparency and deleting the provision on external transparency. This applies even more as the Member states shall ensure that the competent authorities have the power to publish certain information (cf. Article 44 IFD). The content of such public information should be the decision of the competent authorities which perfectly know and understand the business models and legal structures of the investment firm markets in each country.