In our view, the RTS would gain in clarity of expression if the identification criteria directly set out in the CRD V were also included in the text of RTS. This would avoid cross-checking two sub-sets of criteria (CRD V and RTS) and would result in one single exhaustive list of criteria in one single document, like in the current RTS.
We believe that a few small amendments to the text would prove very useful for institutions to adequately interpret how the different requirements apply at the individual and/or consolidated levels.
In this sense, it is particularly relevant for institutions to understand which subsidiaries it has to apply the criterion under article 7(1)(b) on an individual level when conducting the identification on a consolidated basis, especially for institutions: (i) whose consolidated group includes institutions per se (e.g. credit institutions) and other subsidiaries which are not institutions as per the definition contained in the CRR; and (ii) whose subsidiaries which are institutions (e.g. credit institutions) are located both inside and outside the European Union (that is to say, a consolidated group where not all the institutions are located in the European Union).
With regard to these institutions, the wording of article 1(2) could lead to the following two interpretations when carrying out the identification:
a) Identification of MRTs via Article 7(1)(b) (staff members within the 0.3% of the staff who have been awarded the highest remuneration in the preceding year) only has to be conducted for subsidiaries which are institutions as per the CRR definition (i.e. credit institutions or investment firms located in the EU, and thus subject to the CRD/CRR on an individual basis).
b) In addition to a), identification of MRTs via Article 7(1)(b) (staff members within the 0.3% of the staff who have been awarded the highest remuneration in the preceding year) also has to be conducted for institutions, as defined in the CRR, that are outside the scope of application of the CRR (i.e. credit institutions or investment firms located outside the EU, and thus not subject to the CRD/CRR on an individual basis).
Given that only credit institutions within the EU are subject to an application of the CRD/CRR on an individual basis, only the interpretation under (a) would appear correct. Additionally, it would be aligned with the explanation contained in the cost-benefit analysis accompanied to the RTS, which specifically states that “the draft RTS only affects institutions that are subject to Directive 2013/36/EU” (i.e. only institutions within the EU are susceptible of being subject to obligations on an individual basis).
Additionally, but also regarding the identification process on a consolidated level, it would be useful that the RTS clarify that the application of the criteria shall be based on the group’s (consolidated) risk profile, in the same manner that it does for the application of the criteria on an individual basis (and, of course, without prejudice of the exceptional rules for the application of article 7(1)(b), which have already been commented).
In order to clarify the two issues explained above, we suggest the following amendment to article 1(2):
“The criteria shall be applied in accordance with Article 109 of that Directive on a consolidated, sub-consolidated and individual basis. On an individual basis, the criteria shall be based on the institution’s risk profile. On a consolidated basis, the criteria shall be based on the risk profile on a consolidated basis. The criterion under point (b) of paragraph 1 of Article 7 shall only be applied on an to institutions which are subject to the Directive on an individual basis. When applying the quantitative criterion under point (a) of paragraph 1 of Article 7 on an individual basis, institutions should take into account all remuneration awarded by the institution itself.”
Regarding the definition of Managerial Responsibility, we consider that it is unclear and too broad:
- it refers to “business unit” and not “material business unit”
- business unit, subordinated business unit and subordinated control function are not defined
- point (b) of Art. 2 suggests that managerial responsibility refers also to management of a subordinated unit or subordinated control function and reporting to a Head of unit or control function.
- there is no reference to decision making power/duties and authority of the staff member in relation to the institution risk profile or material business unit profile
In practice, this definition may capture a population which includes staff located in a MBU but not engaging the institutions in terms of capital/impact on risk profile of the MBU or institution, ex. HR of an MBU, Chief of Staff, Head of project office…
We consider that the definition should be clarified/more precise and propose the following definition:
a/ the staff member heads a material business unit or a control function and is directly accountable to the management body as a whole or to a member of the management body or to the senior management
b/the staff member heads a subordinated unit within a Material Business Unit or a subordinated control function within a Control function and:
-has authority to take decisions with significant impact on the institution risk profile or on a material business unit’s risk profile and
- reports directly to a staff member referred to in point (a)
As far as the definition of Control function in Art 3. is concerned it is less precise than in the previous RTS and unclear. It is not mentioned to whom the objective assessments of risks, reporting and assurance are meant to be provided; could it be clarified that it would be to the Management Body or to the senior management as the function has to be independent from the business that it controls?
We do not understand which other functions (apart from RISK, compliance and audit) are concretely targeted. Reporting and assurance do not refer to functions.
In consistency with what is defined in the EBA Guidelines EBA/GL/2017/11 on 26 September 2017 on internal governance and to ensure a consistent application of the criteria across the European Union, we would suggest to keep the same approach and rationale as the definition given for the heads of controls functions, i.e. “the persons at the highest hierarchical level in charge of effectively managing the day-to-day operation of the independent risk management, compliance and internal audit functions.”
As a consequence, our alternative proposal would be:
“Control function” shall be defined as a function independent from the business units that it controls, which has a responsibility to provide objective assessment of risks, compliance and controls to the management body and to the senior management. It includes the risk, compliance and internal audit functions.
The definition of “Material business unit” is broader than in the current RTS with article 4 (b)« it provides a critical function or a core business as defined in points 35 and 36 of paragraph 2 of Article 2 of Directive 2014/59/EU ». Could EBA provide concrete examples of critical function targeted? We consider that such functions are already covered through the identification of MRT under Article 2, Article 3 and through other functions already targeted at the article 6.
The definition of managerial responsibility appears difficult to reconcile with the persons presumed to be MRTs under article 6(1). In this sense, under the proposed definition for managerial responsibility established in article 2, the only staff members performing functions envisaged in article 6 that would be captured by the definition would be those staff members heading subordinated units or subordinated control functions, that is to say, those in letter (b) who report to (a) (i.e. the head of a business unit or a control function).
It would leave outside of the MRT scope any staff member who actually heads an area/function detailed in article 6 (e.g. the Head of Human Resources, the Chief Accounting Officer, the Head of Legal) that is not subordinated to a business unit or a control function, given that article 2(a) only captures the concepts “business unit” and “control function”.
In organizational structures where the functions envisaged under article 6 are performed within or subordinated to, a business unit/control function, this would not appear problematic (the staff member would be identified via article 2(b)). But this is not the case in many (larger) institutions, where the type of functions envisaged in article 6 (“support functions”) are performed by areas not subordinated to any business unit or control functions/areas.
In this sense, and in line with the current version of the RTS, it would appear that the intention would be to capture those “ultimately” responsible for the functions detailed in article 6 (i.e. heads of legal affairs, finance, taxation, human resources, etc.) no matter where they stand in the organizational structure. Only the individual at the highest hierarchical level would be captured provided that they report to a member of the management body or to senior management.
The definition of managerial responsibility would suggest that not only the staff member in charge of the legal affairs is identified under this item, but also the direct reports heading subordinated units. This would significantly expand the list of identified staff in the support functions who do not have direct impact on the risk profile of the institution and would not allow a consistent application among the banks.
It would be more relevant and clearer to come back to the current RTS in force, in particular Article 3.9 and have in Article 6 (1) “the staff member heads a function responsible for” instead of “the staff member has managerial responsibilities for”.
Regarding 6.1.(b), the extended list of the support functions targeted to additional functions such as “the prevention of money laundering and terrorist financing” and “security” to capture function that they may have a material impact on the institution risk profile, we consider that the new wording “the adequacy and appropriateness of accounting procedures” is not clear enough. Finance, taxation and budgeting which are targeted in the current RTS is clearer.
Regarding 6.1.(f) and (g), “human resources” and “remuneration policy”, we do not understand the reason why it has been added “dealing with human resources” and “development or implementation of the remuneration policy”. Even if employees identified are limited to employees with managerial responsibility, in banking groups, many employees are in charge within business units or control functions of dealing with human resources and implementing remuneration policy without having any impact on the institution risk profile. They mostly have limited delegation power to apply a remuneration policy which is different from the Group remuneration policy, and they only apply and implement the Group principles.
Regarding 6.1.(i), “managing outsourcing arrangements of critical or important functions” is not clear and does not represent an existing function within the organization but is directly managed through the strategy of the businesses. In this context, we consider that this criterion and function should be deleted.
Our alternative proposal would be to come back to Article 3.9 of the current RTS
for article 6 (1) as follows:
“1) the staff member heads/is responsible for the following functions:
(a) legal affairs;
(b) Finance, budgeting and definition of accounting norms;
(d) the economic analysis;
(e) the prevention of money laundering and terrorist financing;
(f) the human resources;
(g) the remuneration policy;
(h) the information technology or security.”
In conjunction with the definition of "managerial responsibility" defined in Article 2, the new criteria are tighter than in the current regulation in Article 3.9 RTS. Moreover, the qualitative criteria described in Article 6 (1) are formulated in a very general way and more precise definitions would be desirable, e.g. in point (f) we propose to replace the “dealing with human resources” with the previous normative reference “head of human resources”.
Finally, “managing outsourcing arrangements of critical or important functions” is not clear: the term does not appear in the CRD and it does not represent an existing function within the organization but is directly managed through the strategy of the businesses. In this context, we consider that this criteria and function should be deleted.
If kept, we would ask to clarify the meaning of “managing outsourcing arrangements of critical or important functions”. For large banking groups, it may be that there are outsourcing arrangements of critical or important functions managed between various legal entities within the Group. Our interpretation is that those arrangements are out of scope (i.e. only outsourcing arrangements with third parties to the banking group are covered).
When reference is made to “management” of outsourcing arrangements, this comprises of different layers:
- Management of the vendor and outsourcing-related risks
- Management of the performance and service quality
- Management of the reporting (both of risk and performance) including senior management briefings
Also, in line with typical three-lines-of-defence models, these responsibilities are not necessarily covered by one unit and could affect the consuming business or infrastructure division as well as outsourcing control functions. If kept, clarification on which layer the EBA has in mind when referring to “managing” outsourcing arrangements, especially in line with specific governance requirements resulting from the EBA Outsourcing Guidelines, would be appreciated.
For 6(2), in our view “is a member of a committee” should be replaced by “is a voting member of a committee” for consistency with the criteria 3 and 4 of Article 6.
Moreover we welcome and agree with the proposal in the draft about criteria in 6.3.(b) and 6.4.(b), regarding the staff members who are voting members of a committee which has the authority to take decisions set out in points. Regarding these provisions and about criteria 6.6.(b), we propose to evaluate with a different weight collegial credit decision in a Committee and the vote of a single subject.
Finally, regarding Art. 6.5., we consider that “the staff member has managerial responsibilities in a group of staff members…” should be replaced by “the staff member is the head of a group of staff members…” for the sake of clarity.
For the application of the other quantitative criteria, we understand that the threshold to take into account for the application of the quantitative criteria is:
1) In the case of a staff member performing a professional activity within a material business unit and the activity is of a kind that has a significant impact on the relevant business risk’s profile:
the minimum level among the below 3 thresholds:
- Threshold 1: The maximum between 500K€ and the average remuneration awarded to the members of the institution ‘s management body and senior management
- Threshold 2: 750K€
- Threshold 3: resulting from the application of the 0,3% criteria as defined in 7,1(b), on the individual basis
2) In the case of a staff member or category of staff for whom the institution determines that the staff member or the category of staff is (i) carrying out professional activities and having authorities in a business unit which is not a material business unit as defined in Article 4 or (ii) is carrying out professional activities which do not have a significant impact on the risk profile of a material business unit having regard to the criteria set out in paragraph 1 of Article 5
Case 2.1: The threshold to apply for identification under the quantitative criteria would be the minimum level between:
- Threshold 2: 750K€
- Threshold 3: resulting from the application of the 0,3% criteria as defined in 7,1 (b), on the individual basis
Case 2.2: If the institution can demonstrate (i) or (ii) to the competent authority in charge of its supervision and get its prior approval (that shall only be given in exceptional circumstances if the staff member was awarded total remuneration of EUR 1 000 000 or more in the preceding financial year).
The staff member or category of staff would not be identified, based on the regulator’s approval
Could EBA confirm that this understanding is correct in a Q&A? Exemption for subsidiaries subject to specific remuneration requirements:
For avoidance of doubt, we consider the EBA should include following clarification in the RTS:
As per Recital 10 and the Article 36 of the Directive 2019/878, notwithstanding the decision of the competent Member Sate, the remuneration requirements laid down in Articles 92, 94, and 95 of the amended CRD IV, (“the Remuneration Requirements”) shall not apply on a consolidated basis to subsidiaries undertaking, established in the Union where they are subject to specific remuneration requirements in accordance with other Union legal acts, or established in a third country where they would be subject to specific remuneration requirements in accordance with other Union legal acts if they were established in the Union. As a result, for these undertakings, (“the Exempted Entity(ies)”) the related RTS and remuneration requirements do not apply to their members of staff.
However to prevent possible circumvention, the requirements laid down in Articles 92, 94 and 95 of the amended CRD IV apply on an individual basis to their members of staff acting on behalf of an asset manager or providing services listed in points 2, 3, 4, 6 and 7 of Section 1 of Annex I to Directive 2014/65/EU and who have been mandated to perform professional activities that have a direct material impact on the risk profile or the business of the institutions within the group. More precisely, members of staff performing services like asset management, portfolio management or execution of orders, from an Exempted Entity, are not subject on an individual basis to the application of RTS and remuneration requirements, unless they are mandated via delegation or outsourcing arrangements concluded (explicitly or not) between the Exempted Entity employing them and another not-Exempted Entity belonging to the group.
In point 1) of Article 8 Calculation of remuneration awarded, it is clarified that institutions should calculate the average total remuneration of all members of the management body and senior management taking into account the total remuneration of all members of the management body in its management function and supervisory function as well as all staff that falls under the definition of senior management. It means that the quantification includes components of management body in management function and supervisory function, thus also including non-executive members whose remuneration values are very low. With the extension proposed by the RTS, a substantial number of resources could be identified within the scope of Identified Staff which could then be excluded because they are not operating in significant business units, but this would result in an increase in management costs.
On the other hand, in Regulation 604/2014 at point (15) Being in the same remuneration bracket as senior management or risk takers may also be an indicator that the staff member’s professional activities have a material impact on the institution’s risk profile. For these purposes, the remuneration paid to staff in control functions, support functions and members of the management body in the supervisory function should not be taken into account.
In addition, the current provisions of Art 4.1.(c) of the current RTS referring to remuneration bracket explicitly exclude the management body in its supervisory function: “(c) the staff member was in the preceding financial year awarded total remuneration that is equal to or greater than the lowest total remuneration awarded in that financial year to a member of senior management or meets any of the criteria in points (1), (3), (5), (6), (8), (11), (12), (13) or (14) of Article 3.”
We propose to confirm this approach avoiding to consider components of management body in supervisory function. With regard to the calculation of the average total remuneration, the remuneration of the management in its supervisory function should be excluded. The supervisory board members are generally remunerated on a fee basis, their remuneration is not comparable to the management board members or senior management and evaluated on a full-time basis.
We understand, based on the explanation given on page 11 point 15, that, for the purpose of the identification of identified staff for 2021, the calculation of remuneration awarded refers to fixed compensation awarded in 2020 and variable compensation awarded in reference to 2019 performance year.
There is no necessity to finalise the identification at the beginning of the year (it is not even possible due to the requirement of identifying staff members who have held an identified position for a minimum of 3 months). It also makes sense for firms and staff to consider the remuneration (fixed + variable) for the same performance year.
We understand that the main reason for taking the variable compensation awarded in reference to 2019 performance year and not to 2020 performance year is to allow the institutions that intend to submit exemption requests to be able to submit their exemption requests in due course, if the variable compensation is awarded too late in the year to allow them to respect the exemption submission deadline.
For institutions who do not use the possibility to ask for exemptions, or would be able to submit exemption requests in due course, could EBA give them the flexibility to calculate the remuneration awarded in 2020 defined as the fixed remuneration awarded in 2020 and the variable remuneration awarded on the basis of 2020 performance year? That allows a more relevant and conservative risk approach by identifying more rapidly members of staff whose total compensation awarded in reference to the precedent performance year is above the threshold.
We consider that the RTS should be significantly simplified for small and non-complex institutions and take into account their simple organization as well as the small size of teams that would be in charge of applying the RTS; we also consider that it is not appropriate to apply all the criteria to small and non-complex institutions in particular those which are subsidiaries of banking groups, which already apply the criteria at the Group consolidated level and which already benefit from an exemption by application of the 94.3.(a) of CRDV.
Indeed, in large banking groups the potential material risk takers are already identified at the consolidated or sub-consolidated level of the Group. Consequently, a heavy and complex identification process of the potential material risk takers at individual level would only represent an additional administrative burden for these small and non-complex institutions and for the Group without any impact on the risk management. The process would be too burdensome both at the level of the small and non-complex entities and at the level of the Group (which might have a large number of such subsidiaries) in view of the issues at stake, and may also be detrimental to the attractivity of these small and non-complex entities as regards other sectors. It would create an even greater un-level playing field for sectors and activities that are not subject to CRD IV. Especially when drawing, capturing and retaining the people with the right competence is crucial, in particular in the context of digitalisation.
In the context of a banking Group, for small subsidiaries which benefit from an exemption according to the application of the 94.3 a) of CRDV, our alternative proposal would therefore be to limit the identification criteria to:
- the members of the management body,
- the senior management, and
- possibly the heads of control functions if any at the subsidiary level (they are frequently already identified at the consolidated or sub-consolidated level),
but not to apply the other criteria such as detailed in the present draft RTS, that appear to be irrelevant for the application of the principles on a solo basis at the level of each small subsidiary on top of the application on a consolidated basis at Group level.
With regard to point 18 (criteria to define significant impact on the institutions risk profile), the provisions in Article 5 of the draft RTS refer to “qualitative or quantitative metrics to determine whether the professional activities of staff or categories of staff have a significant impact on the material business unit’s risk profile”, whilst the draft costs-benefits analysis refer to “significant impact of the institutions risk profile”. We would like clarification on that. It would be helpful to have at least an example of such key metrics for financial and non-financial risks.
Regarding No. 20 the reference to “quantitative metrics”, the EBA rightly points to the fact that using quantitative metrics would imply calculation of a risk impact of single staff members (or categories of staff members) whereas the data points necessary in order to estimate/calculate the impact at a staff member level are not available. What does EBA have exactly in mind when referring to “quantitative metrics” in Article 5 (1)?
As mentioned, we think that “objective criteria” would be more appropriate, feasible and understandable than “qualitative and quantitative metrics”.
Also, as stated before, the regulation should enter into force and be applicable for the performance year following that of its publication. It should be avoided that two different set of criteria are used for the same performance year.