Danièle Nouy of ECB spoke at the Second Banking Supervision Conference in Frankfurt, highlighting the progress made by banks in the area of sound governance. Although “banks have made progress” in this area since the start of European banking supervision in 2014, she pointed out areas in which the “progress has been too slow.”
She mentioned that banks must implement the recommendations issued by the Joint Supervisory Teams, with more work still to be done in the following five areas:
- Improving awareness of the importance of the oversight function of boards. Banks should “clearly structure their boards” and the size of their boards should not “impede their work.”
- Ensuring independence within the board. She supported the EBA guidelines in this area, as “independent board members play a key role in providing the checks and balances which are crucial for sound decision-making.”
- Strengthening the link between the board and internal control functions. Risk management, compliance, and internal audit must inform the decisions that are taken at the top, with the heads of these areas reporting regularly and directly to the board of directors. Meanwhile, the board must assess whether internal control functions are working efficiently and effectively.
- Integrating risk appetite frameworks within the organizational strategy. Both financial and non-financial risks must be integrated closely into the entire organization, linked to the overall strategy, and aligned with the remuneration policies.
- Improving data quality. The largest banks need to comply with the principles on risk data aggregation and risk reporting issued by BCBS; “many banks are far from doing so.”
In the context of digitalization offering new opportunities, Ms. Nouy emphasized that banks must ensure that their “three lines of defense” model is adapted to the digital world. As a first line of defense, banks must define additional controls to ensure that IT systems are always available and secure. As a second line, they must define an IT risk strategy, also setting out the desired IT risk appetite. As for the third line of defense, banks must incorporate digitalization into their audit plans and the related methods and processes. Such changes and developments put governance frameworks to the test; it remains to be seen whether they be able to ensure that banks make sound decisions. She added that risk management is one of the supervisory priorities for 2018. In that context, ECB will assess the internal models banks use to determine their risk-weighted assets. ECB also expects banks to improve their internal capital and liquidity adequacy assessment processes (ICAAP and ILAAP).
In conclusion, Ms. Nouy reinforced that banks must improve and adapt their internal governance frameworks to address these challenges. Supervisors will take the stance of being “tough and intrusive” and plan to use all tools that have been developed in the recent years.
Related Link: Speech
Previous ArticleEIOPA Q&A on Regulations: First Update for March 2018
Next ArticleEBA Single Rulebook Q&A: First Update for April 2018
FASB issued a proposed Accounting Standards Update that would grant insurance companies, adversely affected by the COVID-19 pandemic, an additional year to implement the Accounting Standards Update No. 2018-12 on targeted improvements to accounting for long-duration insurance contracts, or LDTI (Topic 944).
EBA published a statement on resolution planning in light of the COVID-19 pandemic.
ESMA updated the reporting manual on the European Single Electronic Format (ESEF).
BCBS Finalizes Revisions to Credit Valuation Adjustment Risk Framework
PRA published a statement to insurers that clarifies the approach to application of the matching adjustment during COVID-19 crisis.
EBA published a report on the implementation of selected COVID-19 policies within the prudential framework for banking sector.
EC launched a consultation to revise the network and information systems (NIS) Directive (2016/1148), which was adopted in July 2016 and is the first horizontal internal market instrument aimed at improving the resilience of the EU against cybersecurity risks.
PRA published a statement that outlines its view on the implications of LIBOR transition for contracts in scope of the “Contractual Recognition of Bail-In” and “Stay in Resolution” parts of the PRA Rulebook.
PRA published the policy statement PS15/20 to reflect additional resilience associated with higher macro-prudential buffers in a standard risk environment with a reduction in Pillar 2A capital requirements.
BCBS published the eighteenth progress report on implementation of the Basel III regulatory framework in member jurisdictions.