CSSF circular 13/563 - 22/03/2013
Assessment of the suitability of members of the management body and key function holders, and MiFID compliance function requirements
Update of CSSF Circular 12/552 on central administration, internal governance and risk management of banks and investment firms
On 21 March 2013, the CSSF published the Circular 13/563 (the “Circular”, hereafter) amending the Circular 12/552 by introducing the EBA guidelines 2012/06 on the assessment of the suitability of members of the management body and key function holders of 22 November 2012 (“the EBA guidelines”, hereafter).
The CSSF Circular 13/563 introduces as well the ESMA guidelines 2012/388 on certain aspects of the MiFID compliance function requirements (the “ESMA guidelines” hereafter). Key aspects of the ESMA guidelines are provided later in this communication.
The Circular is applicable to credit institutions, investment firms and professionals carrying on lending operations (the “institutions”, hereafter). The deadline for the compliance to the new provisions are:
1) Overview of EBA guidelines 2012/06 on the assessment of the suitability of members of the management body and key function holders
The EBA guidelines set out the process, criteria and minimum requirements for assessing the suitability of members of the management body and key function holders.
The assessment of the experience of members of the management body and key function holders should take into account the nature, scale and complexity of the business of the credit institution as well as the responsibilities of the position concerned. Being of good repute is mandatory.
The suitability assessment shall be performed according the reputation, the experience and the governance criteria that can be summarized as follows:
- Reputation criteria: Some factors shall be carefully considered, such as conviction for a criminal offence or imposition of administrative sanctions for non-compliance with regulatory provisions. The EBA guidelines list as well some indications which should be considered for the investigation of the past business dealing, such as the reasons for any dismissal from former employment or information from recognised credit bureau. Good repute is altered if personal or business conduct gives rise to any material doubt about the ability to ensure the sound and prudent management of the institution.
- Experience criteria: The experience assessment should consider the theoretical experience (education and training) and the practical experience, according particularly the following fields:
- Financial markets;
- Knowledge on regulatory framework and requirements;
- Understanding of the business strategy;
- Knowledge on risk management;
- Understanding of governance, oversight and controls; and
- Ability of interpretation of financial information and identification appropriate controls and measures.
- Governance criteria that include notably:
- Potential conflicts of interest;
- Ability to commit sufficient time;
- Overall composition of the management body;
- Collective knowledge and expertise required; and
- Members‟ ability to perform their duties independently without undue influence from other persons.
All the assessments and their results shall be recorded. In case of negative conclusion of the assessment, the institution shall inform the competent authority of the situation and of the corrective measures.
A policy for selecting and assessing members of the management body shall be established in accordance to the proportionality principle. Such policy shall define amongst other :
- Individual or function responsible for performing the suitability assessment;
- Necessary competencies and skills of a member of the management body;
- Information and evidence that a member of the management body should provide; and
- Situations where a re-assessment of the suitability should be performed.
A similar document shall also exist for key functions, defining at least :
- Positions for which a suitability assessment is required;
- Individuals or function responsible for performing the suitability assessment
- Criteria for reputation and experience to be assessed for the specific position
The CSSF considers that people covered by this assessment include at least the member of the board of directors, the authorised management and the persons in charge of the internal control functions.
2) Overview of ESMA guidelines 2012/388 on certain aspects of the MiFID compliance function requirements
As per implementation in Luxembourg by the CSSF Circular 13/563, the ESMA guidelines are applicable to credit institutions and to investment firms that provide investment services.
The ESMA guidelines are structured as :
- General guidelines, which do not provide further guidance than the provisions of Chapter 6 of the CSSF Circular 12/552 and that apply to all the activities of the institutions; and
- Supporting guidelines, whose purpose is to clarify the application of certain aspects of the MiFID compliance function requirement when providing investment services.
The covered topics are :
|Compliance risk assessment||Responsibility of the compliance function regarding the identification of the level of compliance risk the institutions faces, taking into account the investment services, activities and ancillary services provided and the types of financial instruments traded and distributed|
|Monitoring obligations of the compliance function||Implementation by the compliance function of a risk-based approach to determine the appropriate tools and methodologies, as well as the extent of the monitoring programme and the frequency of monitoring activities performed by the compliance function|
|Reporting obligations of the compliance function||Information to include in the regular written compliance reports to senior management, including a description of the implementation and effectiveness of the overall control environment for investment services and activities and a summary of the risks that have been identified as well as remedies undertaken or to be undertaken|
|Advisory obligations of the compliance function||Purpose of the compliance culture, which is as well to engage staff with the principle of improving investor protection|
|Effectiveness of the compliance function||
|Permanence of the compliance function||Back-up|
|Independence of the compliance function||Position in the organisational structure that ensures that the compliance officer and other compliance staff act independently when performing their tasks|
|Exemptions||Proportionality exemption under Article 6(3) of the MiFID Implementing Directive|
|Combining the compliance function with other internal control functions||
We trust this information is of assistance and remain at your disposal for any further questions. You can also access our dedicated web page (http://www.deloitte.lu/governance/) for further information.
Page Last Updated