I. Summary, Key Findings, and Recommendations
1. The Central Bank of San Marino (CBSM), as the supervisory authority, is developing the bank supervisory regime from a very low base and will need enhanced independence, resources and support over many years if it is to complete the task of rebuilding San Marino’s reputation as a financial center. Prior to 2005, regulation in San Marino was in an extremely underdeveloped state. The CBSM has assisted the authorities in drafting laws, has issued regulations, and recruited more human staff. It has also had to deal with a series of difficult issues1. The staff is professional and committed and is starting to conduct on-site and off-site supervision to enforce their regime. The progress has been good, but there is a very long way to go and it will take a substantial period of effective enforcement before San Marino can rebuild its reputation, hit by the revelation of limited regulation, the consequent weakness of banks and apparent malpractice in certain institutions. The CBSM needs greater independence, resources, and support to fulfill the role it needs to undertake for San Marino.
2. At the request of the CBSM, an assessment of San Marino’s compliance with the Basel Core Principles was undertaken in November 2009 in the context of the Financial Sector Assessment Program (FSAP). The assessment was conducted by Maria Alessandra Freni of the Banca d’ltalia and Richard Pratt, an independent consultant.
B. Information and Methodology Used for Assessment
3. The mission followed the 2006 Core Principles methodology (Essential Criteria). The mission reviewed the self assessment prepared for the mission and other CBSM data. The CBSM web site, CBSM statute, Law 165 (the supervisory law), the anti-money laundering law and key regulations, Instructions and Circulars issued by the CBSM and the Financial Intelligence Agency (FIA) were all reviewed. The mission met representatives of the government, the CBSM, the FIA, and of banks, fiduciary companies, securities, and accountancy firms. All interlocutors responded freely to the mission.
C. Institutional and Macroprudential Setting, Market Structure—Overview
4. The CBSM is the sole regulatory body. The CBSM was created in its present form by Law 96 of 2005and its supervisory powers (which are comprehensive) over the entire financial sector were granted by Law 165 of 2005. The FIA, is responsible for setting and monitoring compliance with detailed anti-money laundering/combating the financing of terrorism (AML/CFT) obligations for the financial sector. The CBSM Governing Council, appointed by the parliament, publishes annual reports and further data on the banking system on its web site. The CBSM is staffed by professional, competent, and diligent supervisory staff.
5. San Marino’s banking supervision regime is only recently in place. Before the current law and regulations were introduced, supervision was underdeveloped with a minimum capital requirement on banks but no minimum capital adequacy ratio (although since 2003-2004 CBSM required banks to calculate regulatory capital and risk weighted assets). There were only two staff in the supervision department of the predecessor to the CBSM (one of whom was part time). Little supervisory reporting took place and no on-site inspections were undertaken. Regulations issued in 2007 and brought into force in 2008 place obligations on the banking sector. This regulation included transitional provisions up to 2013 for a number of key requirements, such as the minimum capital asset ratio and the concentration and connected lending limits. Banks accounting for up to a third of banking assets have adopted these transition provisions although many of them have minimum ratios above the 7 percent minimum required by these measures (and some meet the 11 percent minimum required for banks not on transitional measures). There is insufficient CBSM staff, and the CBSM has not yet completed the implementation of its supervisory methodology, with incomplete supervisory model or manuals and few full inspections of banks. The CBSM’s full independence is compromised to some extent by the extent of influence of government bodies over its budget and certain core functions such as licensing.
6. The banking sector dominates the financial sector. There are 12 banks, all in the private sector, with total banking assets of €11.7 billion (9 times GDP). The three largest banks hold almost three-quarters of banking assets between them. Six banks are foreign-owned, but only two banks are members of foreign banking groups (the other four are owned by non-bank companies registered outside San Marino and not subject to consolidated supervision by a foreign supervisor). Net profit in 2008 was €47million with the nonbank sector contributing €8.3million.2
7. San Marino’s banks attract deposits from Italy and lend them domestically and in Italy. San Marino relies largely on its fiscal and secrecy regime to attract deposits from abroad, overwhelmingly Italy. Just under half of the banking system’s total assets are lent to customers and half of these are lent to nonresidents (almost exclusively in Euros). The rest of the assets are mostly in the form of debt securities (mostly bank securities) and loans to banks. San Marino is vulnerable to policy changes in Italy that may affect the propensity of Italian depositors to use San Marino banks. These risks have crystallized with the Italian tax amnesty in 2009 3 that resulted in a substantial outflow of deposits and a developing liquidity problem.
8. The nonbank financial sector consists of about 56 firms, including 52 finance and fiduciary companies, 2 asset management companies, and 2 insurance companies. Asset management and insurance companies have only recently been licensed and hold very few assets at present. Fiduciary and finance companies, most of which are owned by banks, hold more of the assets of the finance sector and a employ a third of total staff, having experienced high growth during the past few years.4 Financial companies provide leasing and factoring services; fiduciary companies hold customers assets in their own name.
D. Preconditions for Effective Supervision
9. San Marino’s macroeconomic policy is generally sustainable. San Marino does not have an independent monetary policy, being in a monetary agreement with the Eurosystem.5 It has little public debt and has had fiscal surpluses in recent years, although the budget is heavily reliant on the financial sector, which could face a contraction.
10. The public infrastructure is reasonably well developed. Communications are good. Skilled labor has been in short supply, given the policy of the authorities to limit residency and require employers to seek permission to employ non resident staff. San Marino is almost totally dependent on foreign infrastructures for its own operations (such as payment systems, fund transfers, processing of checks, financial instrument, deposits, commercial receipts, credit cards, and cash). This adds to the vulnerability of the banking system.
11. San Marino has engaged in a substantial economic reform effort since 2005 to increase market discipline. New laws have been introduced to reform the commercial sector. Companies’ legislation has been updated and governance requirements strengthened. Tax reform has been undertaken to enhance collection and reduce bureaucracy and new labor laws designed to increase flexibility. Reform of the pension sector reduced liabilities and raised contributions. The financial sector is faced with competition from abroad, particularly Italy.6
12. There is no deposit insurance, and the CBSM is not a lender of last resort. Although the law provides for a deposit insurance system, no such system has yet been developed in San Marino. The CBSM does not issue Euros (except for commemorative coins issued on rare occasions). The CBSM is not a monetary authority capable of engaging in substantial operations to finance the banking system. and has not had permanent arrangements to provide liquidity assistance7 Nevertheless, it has a modest lending facility in place, which has been used to provide a €100 million loan to the largest bank. However, given the large size of bank assets relative to the size of the economy, there is limited scope for liquidity assistance. 89
E. Main Findings
Principle 1: Objectives, independence, powers, transparency, and cooperation
13. The CBSM is established by Law no 96 of 2005, which sets out its overall objectives and functions. The CBSM is responsible for the supervision of the entire financial sector. The supervisory powers and functions of the CBSM are clearly spelt out in Law No. 165 of 2005. The CBSM also has a general responsibility for promoting financial stability. The Governing Council of the CBSM (GCCB) is appointed by the Grand and General Council (GGCSM) on the basis of a proposal from the Committee for Credit and Savings (CCS)10. The statute also gives specific responsibility for supervision matters to the Supervision Committee of the Central Bank (SCCB), appointed by the GCCB, with the approval of the CCS. The Director General of the CBSM (DGCB) is the chief executive of the CBSM and is appointed by the GCCB with the approval of the GGCSM. The GGCSM and the State Congress have roles in the appointment and dismissal of senior management. These complex arrangements undermine full accountability and should be simplified to make the GCCB fully responsible and accountable for the CBSM. This should be subject to changing the GCCB appointment process on the lines of that adopted by other small jurisdictions so that it becomes more open and transparent and addresses conflicts of interest-particularly by encouraging more members from outside San Marino.
14. The independence of the CBSM does not meet international standards. The independence of the CBSM is compromised to a considerable degree by the requirement that decisions on licensing and certain other matters are all subject to the ultimate approval of the State Congress. The CCS is given some powers to influence the CBSM in Article 45 of the CBSM statute and Article 101 of the Law No. 165. The DGCB does not have protection against arbitrary dismissal by the government. The CBSM relies for over half its income on profits from trading and for most of the rest, on a contract with the government for certain services that expired in 2008 and have not been renewed. Budgetary uncertainty is increased further because the CBSM funds the activities of the FIA but has no control over its budget. These matters undermine the independence of the CBSM.11
Principles 2-5: Licensing and structure
15. The law provides the appropriate licensing powers. The authorization criteria applied by the CBSM are reasonably comprehensive, covering fitness and properness, governance and prudential requirements. They are consistent with the ongoing requirements placed on banks. The CBSM has the necessary powers to enforce these requirements. The CBSM has appropriate powers over the acquisitions of banks and their non banking activities. The main weakness in this area is the influence of the State Congress over licensing decisions, as already noted.
Principles 6-16: Prudential regulations and requirements
16. The CBSM imposes a minimum risk weighted capital ratio of 11 percent—higher than the Basel minimum of 8 percent and supplemented by a rule that limits total deposits to 200 times free capital. There is no capital requirement for market risk or interest rate risk in the banking book. Regulations covering large exposures and related party lending are broadly in line with the BCPs. However, banks are permitted to apply for a transitional arrangement that will allow them to phase in requirements for capital, related party lending and large exposures over five years and up to a third of banking system assets are in banks that have been granted this permission.
17. There are appropriate provisions for risk management, large exposures, and related parties, but there are no specific requirements on country and transfer risk and requirements on operational risk are at a high level of generality. Bank directors are given specific responsibilities in the regulations for risk management. However, the regulations do not address country and transfer risk. Although the CBSM may regard such risks as limited in the current circumstances, it needs to ensure that there is a sufficient risk monitoring system in place. Operational risk is covered by the requirement to have a risk management policy and by the specific requirement to examine certain kinds of operational risk, such as fraud and conflicts of interest.
18. Provisions for liquidity risk have only recently been introduced and provisions for operational risk are at a high level of generality. A recent circular on liquidity risk has introduced frequent reporting requirements for banks’ liquidity position, analyzed by maturity categories specified by the CBSM. This requirement was introduced in 2009, and its effectiveness cannot yet be assessed, although the requirements appear to be appropriate.
Principle 18: Abuse of Financial Services
19. The authorities have introduced a substantial body of law and regulations governing the defeat of money laundering and terrorist financing. Prior to 2008, AML/CFT requirements were not effectively enforced. The current law and regulations governing the obligations on banks are broadly appropriate. The law and subsequent instructions are clearly written with a view to matching the international standard. Banks, in some cases at least, have begun to put effective internal programs in place. The risks arise from the legacy of customers taken on before the current regime was in place. The CBSM and FIA are addressing this by requiring risk assessments of existing customers but it is not easy to acquire the relevant information to make such assessments retrospectively. A particular problem arises as a result of the activities of fiduciaries under the old regulations whose activities involved providing nominee facilities for customers who sometimes deposited their funds in cash or in other ways that made tracing the provenance difficult. Fiduciaries place their funds with banks and this can transfer some of the risks to banks.
20. The CBSM and FIA should coordinate their enforcement. Both FIA and CBSM have responsibilities for enforcing compliance with AML/CFT obligations and they have signed a memorandum of understanding (MoU). There is some sharing of information, but their effectiveness could be enhanced by coordinating their enforcement efforts through a jointly planned risk-based approach. There is also a need for additional resources for monitoring compliance with AML/CFT obligations.
Principles 17 and 19-23: Supervisory Methods and Approach
21. The CBSM has most of the supervisory tools at its disposal but does not have sufficient resources fully to undertake its supervisory role. The CBSM has broad and sufficient powers to set, monitor and enforce standards. They have implemented a reporting regime from banks which gives information on which to analyze banks’ performance. The CBSM, however, was only able to conduct two full scope inspections of a bank since 2006, although it conducts other more specific inspections, primarily related to credit risk and has conducted 11 inspections of non bank financial institutions. The CBSM does not have a formal supervisory model (such as CAMEL) and has not completed its supervisory manuals. It has been distracted from its task by ad hoc requests for judicial investigations and by the pressing need to deal with the difficulties facing the banking system in 2009. 12
22. The CBSM should address governance issues in banks. The regulations require that the Board of Directors must ensure that there are proper internal controls. However, the CBSM have noted that there is a weakness in corporate governance in Sammarinese 13 banks arising from over delegation. The CBSM can increase its efforts to educate Boards of Directors but should have the power to remove Boards of Directors as one of its sanctions (albeit subject to appeal).
Principles 24 and 25: Consolidation and cross border issues
23. The CBSM does not undertake consolidated supervision and the law could inhibit consolidated supervision by foreign supervisors. The CBSM is proposing to introduce comprehensive rules on consolidated supervision in due course but points out that the risks arising from the absence of consolidated supervision are relatively small as only one Sammarinese bank has a foreign subsidiaries and domestic subsidiaries are under the direct supervisory responsibility of the CBSM. For foreign owned banks, the CBSM, properly ensures that the foreign supervisor includes the San Marino bank in its consolidated supervision. However, Article 42 (which gives only the CBSM the right of on-site inspection) and the secrecy provisions in Article 36 of Law No. 165 (which prevent disclosure of confidential information by a bank to anyone except judicial criminal authorities and the CBSM), appear to prevent on-site inspections by foreign supervisors. Moreover, the foreign-owned banks report that they do not report confidential customer information to their parent companies and do not permit their head office internal audit or compliance staff access to their files and this is also consistent with the prohibition on disclosure in Article 36 of Law165.14
24. The scope for cooperation with foreign authorities is too constrained. The combination of the secrecy and international cooperation provisions in the law will place unnecessary barriers in the way of effective and rapid international cooperation. These barriers include the need for prior agreements to be in place (which can be time consuming) and an assessment of the equivalence of the foreign confidentiality regime. Written permission prior to any onward disclosure would prevent many foreign supervisors from accepting information because of compulsory domestic disclosure requirements. These provisions need to be simplified to allow full and rapid cooperation that the CBSM wishes to offer.
|1. Objectives, autonomy, powers, and resources|
|1.1 Responsibilities and Objectives||X|
|1.2 Independence, Acc’bility & Transparency||X|
|1.3 Legal framework||X|
|1.4 Legal powers||X|
|1.5 Legal protection||X|
|2. Permissible activities||X|
|3. Licensing criteria||X|
|4. Transfer of significant ownership||X|
|5. Major acquisitions||X|
|6. Capital adequacy||X|
|7. Risk management process||X|
|8. Credit risk||X|
|9. Problem assets, provisions and reserves||X|
|10. Large exposure limits||X|
|11. Exposures to related parties||X|
|12. Country and transfer risk||X|
|13. Market risk||X|
|14. Liquidity risk||X|
|15. Operational risk||X|
|16. Interest rate risk in the banking book||X|
|17. Internal control and audit||X|
|18. Abuse of financial services||X|
|19. Supervisory approach||X|
|20. Supervisory techniques||X|
|21. Supervisory reporting||X|
|22. Accounting and disclosure||X|
|23. Corrective and remedial powers||X|
|24. Consolidated supervision||X|
|25. Home host relationships||X|
LC: Largely compliant.
MNC: Materially noncompliant.
NA: Not applicable.
LC: Largely compliant.
MNC: Materially noncompliant.
NA: Not applicable.
F. Recommended Action Plan and Authorities’ Response
|Core Principle||Recommended Action|
|1. Objectives, autonomy, powers, and resources|
|1.2 Independence, Accountability & Transparency|
|3. Licensing criteria|
|4. Transfer of significant ownership|
|5. Major acquisitions|
|6. Capital adequacy|
|7. Risk management process|
|8. Credit risk|
|10. Large exposure limits|
|11. Exposures to related parties|
|12. Country risk|
|13. Market risk|
|14. Liquidity risk|
|15. Operational risk|
|16. Interest rate risk in the banking book|
|17. Internal control and audit|
|18. Abuse of financial services|
|19. Supervisory approach|
|20. Supervisory techniques|
|21. Supervisory reporting|
|22. Accounting and disclosure|
|23. Corrective and remedial powers|
|24. Consolidated supervision|
|25. Home host relationships|
G. Authorities’ Response to the Assessment
25. The authorities commented particularly on the question of cooperation and on AML/CFT defenses. On cooperation, the authorities consider that Law 165 permits foreign on-site visits of foreign-owned banks in San Marino, where there is a cooperation agreement in place, especially when the foreign supervisor was accompanied by the CBSM. They thought it right that the CBSM should sign more MoUs with foreign supervisors and considered that the agreement between the Sammarinese and Italian government should pave the way for a MoU between CBSM and Banca d’Italia.
26. Moreover, the authorities considered that, in the context of an MoU the time taken to make an assessment of equivalent confidentiality protection was not unduly burdensome. The authorities further considered that the Regulation allowing foreign owned banks to provide information to their parent banks was fully compliant with the prohibition on disclosure of confidential information in Article 36. In respect of the defenses against money laundering and terrorist financing, the authorities referred to the MONEYVAL report and stated that bearer passbooks did not hide identity but simply the transferability between persons. They questioned whether the mission had demonstrated that the current AML/CFT regulatory regime was less than fully enforced. The authorities pointed out that fiduciary companies were expected to know the beneficial owner of assets deposited with them.
27. The CBSM emphasized the disruptive effect of judicially inspired investigations. Such investigations have taken up a third of on-site inspection resources in 2009 and this may rise to 50 percent in 2010.
28. Current regulations limiting total deposits to a multiple of free capital and plans to meet the EU acquis by 2013 were considered by the authorities sufficient to justify a more favorable rating for Principle 6 on capital adequacy. The authorities drew attention to the rule that limits total direct and indirect deposits to 200 times free capital (the surplus of actual over minimum capital) and considered that this mitigated the effect of the weaknesses to which the assessment drew attention, especially when plans to meet the EU acquis on prudential matters by 2013 were taken into account.
29. The authorities drew attention to current developments. They noted that they were currently negotiating a monetary agreement with the EU that would involve their adopting the EU acquis relevant to the financial sector in full by 2015 and the prudential directives by 2013 (which would include the extension of the Basel II framework to their banks). They also noted that they had introduced a new provision designed to strengthen liquidity management in banks. This introduced a reserve requirement for all banks equal to 8 percent of direct deposits.
II. Detailed Findings
|Principle 1.||Objectives, Independence, Powers, Transparency and Cooperation|
An effective system of banking supervision will have clear responsibilities and objectives for each agency involved in the supervision of banks. Each such agency should possess operational independence and adequate resources. A suitable legal framework for banking supervision is also necessary, including provisions relating to the authorization of banking establishments and their ongoing supervision; powers to address compliance with laws, as well as safety and soundness concerns; and legal protection for supervisors. Arrangements for sharing information between supervisors and protecting the confidentiality of such information should be in place.
|Principle 1(1)||Responsibilities and Objectives|
An effective system of banking supervision will have clear responsibilities and objectives for each agency involved in the supervision of banks.
|Description||Law 165 of 2005 provides for the supervision of the entire financial sector, including banks, insurance, securities business (largely investment advice and collective investment schemes), trust business and other financial services. It defines the CBSM as the only supervisory authority for all financial services activities. The list of supervised activity is in Attachment 1 of Law 165 and can be amended by decree, according to Article 3(1).|
The CBSM is established by Law 96 (the Central Bank statute). It is publicly and privately owned, with some financial institutions owning a total of 30 percent of the shares in it and being entitled to receive dividends from the profits of its operations.
Law 96 sets the CBSM the objective inter alia of promoting stability of the financial system and protecting savings, by supervising credit, financial, and insurance activities.
Law 165 sets out the powers of the CBSM to license and supervise financial institutions. Article 3(1) contains the prohibition on financial services activity without authorization by the CBSM. Article 39 gives the CBSM the power to set implementing binding regulations, circulars and instructions. Article 13 of Law 165 describes minimum authorization criteria concerning legal form, minimum capital, suitability of owners and viability (demonstrated by a business plan), with detailed prudential requirements established in Regulation 2007-07. The definition of regulated activity (Attachment 1 of Law 165) can be amended by decree. Regulation 2007-07, with detailed prudential requirements can be and has been updated regularly since it was first issued.
The CBSM publishes an annual report which includes detailed information on the strength of the banking system. Further information is published monthly. The CBSM published the audited financial results of each bank on its web-site.
|Comments||There are no comments.|
|Principle 1(2)||Independence, Accountability and Transparency|
Each such authority should possess operational independence, transparent processes, sound governance and adequate resources, and be accountable for the discharge of its duties.
|Description||The composition of the management of the CBSM is established in Law 96, Articles 5-15. The principal decision-making body of the CBSM is the Governing Council (GCCB), which is appointed by the Grand and General Council (GGCSM)—the parliament - on the recommendation of the Committee for Credit and Savings (CCS)—an arm of the government. GCCB members are appointed for a five-year term, renewable once. The chairman of the GCCB is appointed by the Grand and General Council for five years, renewable once.|
The GCCB must meet at least 10 times a year, with no more than two months between meetings. The GCCB is generally responsible for the activities of the CBSM.
The GCCB appoints the Director General (DGCB) subject to the approval of the GGCSM, whose term is for six years, renewable indefinitely. The GCCB may delegate tasks to the DGCB. The statute also defines the duties of the Supervision Committee (SCCB) whose chairman is the DGCB and whose members are appointed by the GCCB, on the approval of the CCS. The members of the SCCB are inspectors with professional experience and are appointed for a three-year term, renewable indefinitely.
The CBSM is also subject to the General Meeting of Members. The majority shareholder is the state (Article 20 of Law 96). In addition, 30 percent of the shareholding is held by financial institutions. This body determines the remuneration of the GCCB members and the Board of Auditors and approves the Annual Report. It does not have powers over the day-to-day operations of the CBSM. However, under Article 8(1)(g) of the CBSM Statute, the GCCB or other decision-making bodies can refer matters within their competence to the general meeting.
The powers of each of these elements of the supervisory system are set out in Article 10-15 of Law 96, together with provisions for the necessary quorum and for voting on resolutions in the case of the GCCB and the Supervision Committee.
Article 17 of Law 96 sets out the restrictions on the extraneous activities of the members of the GCCB, the DGCB or Inspectors.
Article 12 gives the State Congress (the government), on the proposal of the CCS, the final say in whether or not a bank is licensed. Article 78 gives the State Congress the final decision on whether a bank is to be subject to extraordinary administration (in this case, in consultation with the CCS). The final decision of the State Congress is also required to put a bank into administrative compulsory winding-up (Article 85).
Article 48 of Law 96 and Article 101 of Law 165 give the CCS the right to set broad objectives to the GCCB on matters of supervision and regulation. The CCS also has a more intrusive power in Article 101 of Law 165.
The CBSM is financed by levies on the regulated sector, the size of the levies being determined by decree, on the CBSM’s proposal. The decree sets minimum levels and allows the CBSM to set an additional levy based on the size of the financial institution.
Article 21 of Law 96 states that the levies should cover the costs of the CBSM. Article 22 provides for the CBSM to be funded by the State for services provided. Article 25 gives the CBSM the right to manage its own resources. It can issue bonds with the authority of its shareholders (the majority shareholder being the State, according to Article 20). In practice, levies raise only a small proportion of the costs (€1 million) with €3 million being paid by the government for banking and other services (under an agreement that expired in 2008 and has not yet been formally reviewed). The remaining €6 million comes from trading activities.
The CBSM Annual Report states that there are insufficient resources available for supervision. It states, however, that salaries are comparable with Italian standards and that training is not subject to resource constraint. The staff resources in the CBSM devoted to supervision have been increasing but remain inadequate for the tasks the CBSM has to undertake. In particular, the legal requirement that CBSM staff undertake judicial investigations with no control over their number or extent is a heavy burden. This duty accounted for over one third of the on-site inspection resources in 2009 and the CBSM forecast that this will rise to 50 percent in 2010. This is discussed further in the assessment of Principle 20—Supervisory techniques.
Article 17(6) of Law 96 states that the members of the GCCB can be dismissed (by the parliament on the proposal of the CCS) only if they cease to be eligible according to the statutory requirements or if they are no longer able to perform their activity. Members of the SCCB (but not the DGCB) can only be dismissed for similar reasons according to Article 15(7) but only with the approval of the CCS. There is no protection for the DG and there is no requirement to disclose reasons for dismissal.
There is no power to commission outside experts on an ad hoc basis except for the external inspectors of the SCCB.
The CBSM is accountable to the GGCSM and is required to publish an Annual Report, according to Article 4 of Law 96. Article 38 requires the CBSM to give reasons for its decisions and allows a person to appeal to the administrative court against a sanction imposed by the CBSM. Article 38 (6) provides that a person has the right to appeal against special measures of the CBSM but it is not clear if this applies to a refusal to license and this has never been tested.
|Comments||The independence of the CBSM is reinforced by various statutory provisions that set out the powers, responsibilities and decision-making processes of its various organs. This presupposes that no other body may undertake or influence these functions.|
However, the independence of the CBSM is compromised because of the role of the State Congress in licensing and in the institution of special administration or compulsory administrative winding up (Articles 12, 78, and 85 of Law 165). It is contrary to best practice for there to be political involvement in decisions such as licensing and special administration because of the potential for conflicts of interests and the possibility that decisions could be taken on political, rather than prudential, grounds. The potential for conflicts of interest is much greater in a small jurisdiction and so the need for the government to give up any role in licensing is much greater. The practice in most other small jurisdictions of similar size to San Marino is to give all licensing and other regulatory decisions solely to the supervisory authority. In the past, the decision to license banks and other financial companies has rested solely with the government, without the need for proper vetting and screening of owners and controllers; the results are affecting San Marino today, in the form of a large number of financial companies undertaking activities of which the CBSM is not fully aware and some obscurity about the true ownership of some banks and other financial businesses.
Independence is further compromised by the role of the CCS is providing intrusive directions. The government has effective control over much of the CBSM the budget and according to the Annual Report for 2008 the CBSM considers it has insufficient staff, particularly as a result of their having to devote between a third and a half of on-site inspection resources to judicial investigations. There is no doubt that the judicial investigations should be conducted and it may be that the CBSM is the best placed institution to conduct them. However, it is not appropriate that such investigations should be conducted at the expense of proper supervision.
The accountability of the decision-making bodies of the CBSM is obscured by the complex matrix of appointment procedures and the ambiguity about the relationship between the GCCB and SCCB.
The authorities are therefore recommended to:
The authorities are recommended to amend the appointment process for the GCCB as follows:
The authorities are further recommended to clarify the lines of accountability for the GCCB by:
|Principle 1(3)||Legal Framework|
A suitable legal framework for banking supervision is also necessary, including provisions relating to authorization of banking establishments and their ongoing supervision.
|Description||Article 3 of Law 165 gives the CBSM the power to authorize banks and prohibits any person from conducting banking (and other defined financial services activity) without authorization.|
Article 12 of Law 165 states that the authorization of the CBSM is not effective without the approval of the State Congress. The application to give approval must be submitted through the CCS. The CBSM states that the approval of the Congress is also required for the extraordinary administration and administrative compulsory winding-up.
Article 39 of Law 165 gives the CBSM the power to issue Regulations, Circulars and instructions to implement the law. It can do so on its own authority. These measures are binding. Article 38(5) requires regulations to be issued for consultation and Regulation 2006-02 sets out the consultation procedure.
Article 41 of Law 165 gives the CBSM the power to seek information from banks. Article 42 provides a power of inspection at the offices and branches of authorized banks.
|Comments||It is a fundamental requirement that there should be no government interference in the licensing of banks and extraordinary procedures. The removal of this power is recommended in the assessment of Principle 1(2). It has been taken into account in the rating of Principle 1(2) and therefore does not affect the rating of Principle 1(3).|
|Principle 1(4)||Legal Powers|
A suitable legal framework for banking supervision is also necessary, including powers to address compliance with laws, as well as safety and soundness concerns.
|Description||The powers in Article 41 of Law 165 to obtain information and in Article 42 to conduct inspections provide the CBSM with the power to address compliance with the laws and regulations and to assess the safety and soundness of banks. There are further powers to impose financial and other prudential requirements. These powers give full access to all records and allow the CBSM to question the board, management and staff of banks.|
The CBSM has the ability to assess compliance and to make qualitative judgments.
Article 44 of Law 165 gives the CBSM the power to implement specific measures in respect of individual authorized persons in circumstances defined in Article 45. Article 141 sets out a range of administrative sanctions that the CBSM may apply on its own authority. Article 34 of Law 96 allows the CBSM to suspend a license. It also allows the CBSM to propose to the State Congress the revocation of authorization and the dissolution of the board of management of an authorized bank. Part V Title I of Law 165 also sets out criminal penalties for the most egregious offences such as unauthorized banking activity and failure to co-operate with or lying to the CBSM.
|Comments||There are no comments.|
|Principle 1(5)||Legal Protection|
A suitable legal framework for banking supervision is also necessary, including legal protection for supervisors.
|Description||Article 28 of Law 96 gives protection against civil proceedings where the Governing Council, inspectors, management, or staff of the CBSM have taken action in good faith or in compliance with the CBSM’s powers and functions.|
There is, however, no direct legal provision for meeting the costs of any actions. Although the law prohibits civil actions made when the CBSM management and staff have acted in good faith, they may still have to defend law suits alleging that they failed to act in good faith. However, the CBSM states that the costs of legal action would be paid by the CBSM where the officer acted in good faith.
|Comments||There are no further comments.|
Arrangements for sharing information between supervisors and protecting the confidentiality of such information should be in place.
|Description||There is only one other domestic authority with jurisdiction over the banking sector and that is the Financial Intelligence Agency (FIA). Law 92 of 2008 establishes the relations between them and allows for the CBSM to report suspicious transactions to the FIA and to pass confidential information to it in the context of a money laundering investigation.|
An agreement reached between the two authorities in 2008 reinforces cooperation and allows the FIA to pass information to the CBSM if it becomes aware of something that is of interest to the CBSM and the transmission of information does not prejudice its own work.
Article 29 of Law 96 provides that CBSM (GC, inspectors and staff) are obliged to keep confidential all particulars, information, and data in the CBSM’s possession by reason of its activity of supervising intermediaries. This can only be overridden by the judicial authority and where disclosure is to the FIA.
|Comments||There are no further comments. Comments on international cooperation are in the assessment of Principle 25.|
|Principle 2.||Permissible Activities|
The permissible activities of institutions that are licensed and subject to supervision as banks must be clearly defined, and the use of the word “bank” in names should be controlled as far as possible.
|Description||Banking is defined in Law 165 (Article 1(k) and Attachment 1) as taking deposits and extending credit. Article 5 states that only banks can accept deposits. Article 3 prohibits anyone from undertaking regulated activity without authorization and Article 5 defines the CBSM as the only supervisor of this activity.|
Article 11 of Law 165 mandates the CBSM to keep a public register of banks (and all authorized persons). This is available on the internet and includes information about the location of offices in San Marino.
Article 4 of Law 165 gives the CBSM the power to determine which activities may be undertaken by a bank either as a distinct regulated activity, or as one that is incidental and related to banking. Article II.II.3 of Regulation 2007-07 lists the additional regulated activities that a bank may perform as being investment services, payment services, cash issuing services, foreign exchange intermediation, and equity holdings. The latter may only include acquiring an equity interest for the purpose of disposal and not for assuming the management of another undertaking.
Article II.II.4 of Regulation 2007-07 also lists ancillary activities as including investment and business advice. Banks may undertake certain limited real estate management (limited further by Title VII of Regulation 2007-07). According to this Article, banks may undertake research and data provision services and provide IT for their own or their parent bank’s use.
The use of the word “bank,” “credit,” and “savings” by an unauthorized person is prohibited by Decree 7/6/2006.
|Comments||There are no further comments.|
|Principle 3.||Licensing Criteria|
The licensing authority must have the power to set criteria and reject applications for establishments that do not meet the standards set. The licensing process, at a minimum, should consist of an assessment of the ownership structure and governance of the bank and its wider group, including the fitness and propriety of Board members and senior management, its strategic and operating plan, internal controls and risk management, and its projected financial condition, including its capital base. Where the proposed owner or parent organization is a foreign bank, the prior consent of its home country supervisor should be obtained.
|Description||Article 3 of Law 165 states that the CBSM is responsible for authorizing banks. However, Article 12 states that authorization is not permitted without a declaration of non impediment by the State Congress. The State Congress is under no obligation to take account of any views of the CBSM. Moreover, all banks currently operating in San Marino were licensed at a time when the State Congress was the sole licensing authority and the CBSM is not able to vary the license, to appoint administrators or liquidators of such banks without the permission of the State Congress. Again, the State Congress is under no obligation to take account of the views of the CBSM on such matters. The State Congress is not obliged to provide the CBSM with any information it may have that is material to its decision. The State Congress is not bound by the authorization criteria in Law 165.|
The criteria for authorization are set out in very general terms in Article 13 of Law 165. Article 7 makes clear that authorization must be refused if the criteria are not met. Part III of Regulation 2007-07 sets out the authorization criteria in more detail. The criteria are in the same Regulation as, and are consistent with, ongoing requirements.
Article III.II.3 of Regulation 2007-07 lists specific information that must be submitted with an application for authorization and adds that all useful information must be submitted. Article III.II.9 allows the CBSM to interrupt the 90-day time limit for approving the application if it has asked for further information. Article III.II.8 states that the interruption of the time limit must not extend beyond 12 months.
The minimum criteria set out in Article 13 of Law 165 includes the legal form of the company (which must be a company according to Article III.III.2 of regulation 2007-07) and “such other requirements as will ensure sound and prudent management,” as established by the CBSM. Articles 16-21 create requirements relating to any change in ownership of a bank so as to allow the CBSM to satisfy itself that such a change will not jeopardize sound and prudent management, whether on a solo or consolidated basis.
Article III.II.4 of Regulation 2007-07 requires an applicant to declare the beneficial owner (defined in Regulation 2007-07 to encompass those who exercise control in various ways). Article III.III.1 insists that a bank should have a Board of Directors and a Board of Auditors (whose duties should include oversight of regulatory compliance). Articles III.III.6, III.III.7 and V.II.1 set out the minimum conditions necessary to demonstrate good repute.
Article 13 of Law 165 requires owners of substantial shareholdings to be of good repute. Article 21 allows the CBSM to suspend the voting rights of those who may influence the management but are not of sufficient repute. Article V.II.6 of Regulation 2007-07 sets out the principles of sound and prudent management that the owners of the bank must meet. Article 111.V.9 includes, in the definition of prudent management, the requirement that a bank should have appropriate human resources, structures for keeping custody of documents, appropriate IT, and security. Article III.III.8 requires a bank to submit an organization chart for the company.
Article 45 of Law 165 allows the CBSM to set initial capital requirements and Article III.III.4 of Regulation 2007-07 sets this at €13 million. Article V.II.6 demands transparency of the source of invested funds.
Part IV of Regulation 2007-07 sets out the requirements for corporate officers and the Board of Auditors. The requirements cover the absence of convictions and bankruptcy as well as setting minimum skills and experience qualifications. There are further requirements relating to independence and the absence of conflicts of interest. There is no reference to the absence of regulatory sanctions as a factor to be considered when determining whether a person is of good repute.
Article III.III.8 of Regulation 2007-07 requires an applicant for authorization to submit details of its business plan and proposed activities, together with a description of those responsible for internal oversight, internal audit, risk management and oversight of outsourced functions. The roles of the compliance officer and risk manager are set out in Articles VII.IX.7 and VII.IX.8 and include, in the case of the compliance officer, the performance of obligations relating to the regulations governing financial crime. The overall corporate governance requirements, including the need for directors and a Board of auditors are all set out in the regulation.
Article III.III.8 of Regulation 2007-07 requires an applicant to submit projected financial statements. Article V.II.6 requires the owners to be financially sound and able to contribute further resources.
Article III.VI.1 of Regulation 2007-07 requires the CBSM to confirm that the foreign bank, including the Sammarinese branch or subsidiary, is subject to consolidated supervision by the regulatory authority of the parent bank, that the parent bank’s regulator has approved the activities to be conducted in San Marino and that there is a supervisory agreement between the parent bank supervisor and the CBSM.
Article 10 of Law 165 allows the CBSM to revoke authorization where it has been obtained through false information.
Article VII.IX.4 of Regulation 2007-07 requires the Board of Directors to approve risk management policies, including risk identification, as well as to take strategic business decisions. However, the CBSM states that, in practice, delegation is extensive and this may cast doubt on the extent to which the Board is truly aware of key business decisions and risks.
|Comments||The role of the State Congress detracts from the licensing role of the CBSM, in that the State Congress is able to override the CBSM position by refusing consent to the granting, varying, or revocation of authorization without necessarily giving any reasons, nor taking into account the CBSM view.|
The CBSM cast doubt on compliance with corporate governance requirements because of extensive delegation by directors.
There are no requirements relating to the absence of regulatory disciplinary actions in respect of corporate officers in the list of matters that are relevant to whether or not they are of good repute.
The recommendations already made in respect of Principle 1(2) would remove the role of the State Congress in licensing. The CBSM is also recommended to amend Regulation 2007-07 to include the absence of disciplinary actions by regulatory or professional bodies as criteria affecting fitness and properness. The CBSM is also recommended to consider requiring owners, beneficial owners, auditors and other corporate officers to report any investigations by civil, criminal, professional, or regulatory bodies, so that the CBSM can consider whether the circumstances cast doubt on integrity (for example, where an officer was allowed to resign from a position or office rather than be formally disciplined).
|Principle 4:||Transfer of significant ownership|
The supervisor has the power to review and reject any proposals to transfer significant ownership or controlling interests held directly or indirectly in existing banks to other parties.
|Description||Article I.I.2 (51) defines a substantial interest as one where a person owns more than 2 percent of the corporate capital of another entity.|
Article 2 of Law 165 defines a controlling interest. This covers voting rights and special contractual ties. The Article defines the concept very broadly to include circumstances where the power to appoint managers is held by persons other than those entitled to exercise such powers on the basis of ownership.
Article 17 of Law 165 permits the CBSM to establish the circumstances where the purchase of shares must be authorized in advance. The article also gives the CBSM the power to refuse authorization where the potential purchaser does not meet the criteria that they should be of good repute or where the purchase of shares is in conflict with supervisory objectives or the structure and economic needs of the domestic market. These criteria are mostly comparable to those applying to new applicants.
Article V.III.1 of Regulation 2007-07 states that any person seeking to purchase shares which would bring ownership above 2 percent of the capital or 50 percent of the capital should seek prior authorization from the CBSM. This also applies to any person acquiring control of a bank. Where a new owner is an intermediary, it must declare the beneficial owner. The CBSM is considering adding further thresholds between 2 percent and 50 percent that would also trigger a report on ownership.
Where these requirements are not met, the CBSM can revoke authorization, nullify the relevant shareholders’ resolution or make an order to the new owners to dispose of the ownership interests (Article V.V.1 to V.V.3 of Regulation 2007-07). The CBSM may set a term of the assignment of interest in the latter case under Article 22 of Law 165.
Under Article 41 and 42 of Law 165, the CBSM may seek information on owners and controllers. It could demand such information on a periodic basis but does not in practice do so.
There are no requirements on a bank to notify the CBSM of any information that materially and negatively affects the suitability of a substantial or beneficial owner.
|Comments||The CBSM does not seek periodic reports of ownership but there is a requirement to report as the changes occur.|
The provision that allows the CBSM to take account of the structure and economic needs of the domestic market needs to be handled with care. It is not appropriate for a regulatory authority to refuse a license on the grounds that there are too many banks. That is for the market to decide.
The CBSM is recommended to amend Regulation 2007-07 to require periodic reporting of ownership as part of the routine returns from banks and to require reporting of a change in beneficial ownership even where there is no change in nominal ownership. The CBSM should make progress with its intention to introduce further thresholds between 2 percent and 50 percent for reporting ownership changes.
The CBSM is further recommended to amend the regulation so that a bank is required to notify the CBSM if they become aware of any information that may have a materially negative effect on the suitability of a substantial or beneficial owner.
The CBSM is also recommended to publish the criteria by which it will decide whether a bank application is incompatible with the structure and economic needs of the domestic market, making it clear that this does not permit it to protect the market of existing banks.
|Principle 5.||Major acquisitions|
The supervisor has the power to review major acquisitions or investments by a bank, against prescribed criteria, including the establishment of cross-border operations, and confirming that corporate affiliations or structures do not expose the bank to undue risks or hinder effective supervision.
|Description||Article 52 of Law 165 allows the CBSM to make Regulations regarding major acquisitions as well as mergers and demergers. Article VII.VIII.1 of Regulation 2007-07 requires authorization whenever a bank seeks to acquire more than 10 percent of the capital of another entity. This applies to indirect ownership through a controlled entity. There is a 60-day deadline imposed on the CBSM for granting approval.|
The criteria for assessing such applications are established in Article VI.VIII.2 of Regulation 2007-07. The acquisition must not conflict with the sound and prudent management of the bank, nor should it detract from its financial and organizational performance. For foreign acquisitions, the foreign legal system must allow proper supervision by the CBSM. The information that must be submitted to the CBSM under the same Article must show the impact on its financial position, so that the CBSM may assess whether the acquiring bank has the necessary financial resources and organization.
With respect to nonfinancial companies, there is a limit of 5 percent of the bank’s regulatory capital for an individual holding and 25 percent of regulatory capital for aggregate holding. For financial firms, there is an absolute limit of 15 percent of regulatory capital or 25 percent for the aggregate of all equity holdings.
The CBSM has introduced a transitional requirement to allow banks to move to the limits in the regulation, affecting stakes in non financial companies, by the end of 2010. In 2009, the limit was 20 percent with an aggregate limit of 50 percent.
|Comments||Since the full regulatory requirement in respect of holdings of non financial companies will come into effect by the end of 2010, no adjustment to the rating has been made.|
The CBSM is recommended to consider adding, as an additional criterion, the quality of supervision in the host country where the Sammarinese bank acquires a foreign bank.
|Principle 6.||Capital adequacy|
Supervisors must set prudent and appropriate minimum capital adequacy requirements for banks that reflect the risks that the bank undertakes, and must define the components of capital, bearing in mind its ability to absorb losses. At least for internationally active banks, these requirements must not be less than those established in the applicable Basel requirement.
|Description||Article 45 of Law 165 gives the CBSM the power to set requirements for capital and capital adequacy. Title III of Part VII of Regulation 2007-07 sets out the capital requirements in detail.|
Total capital must be no less than €13 million.
The Regulation defines Tier 1 and Tier 2 capital. Tier 1 capital is in accordance with the original Basel capital accord (Basel I).
The regulation allows banks to include, in Tier 2 capital, the capital gains (net of losses) on listed equities held by the bank. Article VII.II.5 provides that capital gains must amount to no more than 30 percent of Tier 1 capital and no more than 35 percent of total capital.
The CBSM requires deductions from capital where there are substantial holdings in other financial enterprises. This is not required by the Basel accord but is consistent with it.
The CBSM may allow a waiver from the normal requirement that investments in subsidiaries that are engaged in finance should be deducted from capital (where the BSM is satisfied that there is no risk of double counting the capital).
The CBSM allows a 50 percent risk weighting for financial leases only in case of claims on “residential real estate,” whether leased directly by the borrower. It also allows for risk weights to be reduced where a loan is covered by a legally binding guarantee. The Basel Accord does not permit either of these.
The risk weightings of different assets are established in Regulation 2007-07 (Article VII.III.4) as are the credit conversion factors for off balance sheet items (Article VII.III.8).
The risk weightings are broadly consistent with the requirements of the original Basel capital accord. They are designed to meet the risk profile of individual banks.
There is no specific provision for capital for market risk, interest rate risk in the banking book, and operational risk.
The solvency ratio of regulatory capital (Tier 1 and Tier 2) to risk weighted assets is 11 percent—higher than the Basel minimum—in order to make an allowance for the additional risks created by the nature of the banking business in San Marino and the absence of specific provisions on market risk, interest rate risk in the banking book, and operational risk.
The CBSM has allowed banks to opt for transitional provisions which phase the capital ratio in over a period to 2013. For those banks that opt for the transitional provisions, the minimum rate for 2009 is 7 percent, below the Basel minimum. Banks whose assets represent 32 percent of total assets have been permitted to opt for the transitional provision which is, in 2009, below the Basel minimum. One bank, the largest, has not yet had its application for transitional provisions approved.
Article 44 of Law 165 allows the CBSM to require a bank to increase its capital and to limit its activities.
Article 46 of Law 165 allows the CBSM the power to convene key decision- making bodies of the bank. The CBSM may revoke the license of the bank under Article 10 of Law 165 or use its Article 44 powers.
The CBSM does not allow the use of internal assessments of risk.
|Assessment||Materially Noncompliant (after transitional provisions, Largely Compliant).|
|Comments||The calculation of the risk-weighted capital ratio is broadly consistent with the original capital accord. The CBSM have also drawn attention to the rule that limits total direct and indirect deposits to 200 times free capital. The CBSM is committed to meeting the EU acquis in prudential matters by 2013. The CBSM has raised the minimum capital ratio to 11 percent and this may be regarded as taking some account of market risk, although there is no way of knowing if this is sufficient for the nature of the risk that is being taken. A recommendation on this point is included in the assessment of Principle 13.|
The transitional provisions means that a substantial proportion of the banking system accounting for 32.2 percent of total bank assets is subject to a minimum that is currently slightly below the Basel minimum and considerably below the minimum the CBSM considers necessary to take account of other risks not separately provided for. There is no capital charge for market risk. It is these departures from the Basel Accord that lead to the rating given. The rating relates to the position at the time of the assessment and would change once the transitional provisions are complete and the EU acquis is met. The rule on the limit to total deposits is covered in the description of operational risk, since the CBSM have also drawn attention to it in that context.
There are no immediate moves towards implementation of Basel II and this is appropriate given the state of development of supervision in San Marino and the nature of other priorities. However, there would be advantage in moving, in due course, to the Standardized approach to capital adequacy in Basel II and the CBSM is recommended to set a timetable for this.
The CBSM is recommended to keep under review the possibility of shortening the transitional period for achieving the required minimum capital adequacy ratio of 11 percent.
|Principle 7.||Risk management process|
Supervisors must be satisfied that banks and banking groups have in place a comprehensive risk management process (including Board and senior management oversight) to identify, evaluate, monitor and control or mitigate all material risks and to assess their overall capital adequacy in relation to their risk profile. These processes should be commensurate with the size and complexity of the institution.
|Description||Article VII.IX.2 of Regulation 2007-07 requires a bank to have a risk management officer. Article VII.IX.4 requires the Board of Directors to take responsibility for risk management policies and risk identification procedures. Article VII.IX.14 creates requirements for the bank’s information systems. Article VII.IX.5 gives the Head of the Executive Structure the responsibility to manage risk.|
Article VII.IX.11-13 creates an obligation on the bank to assess credit, operational and other strategic risk but does not require the Directors to re-assess capital adequacy in the light of their assessment of risk.
There is no requirement on the internal audit department to evaluate the effectiveness of the risk evaluation unit. There is no direct requirement on the Directors to communicate risk management policies to the staff, although this is implicit. There is no direct requirement that the risk management strategy and risk assessment be documented (although this, too, is implicit).
The CBSM states that it monitors risk management effectiveness through on-site inspections (although, in practice, only two full inspections have taken place—see the commentary on Principle 20). Article 44 of Law 165 gives the power to insist on strengthened measures if necessary.
The CBSM regards the use of models to determine risks as not applicable in San Marino.
Article VII.IX.11 establishes obligations relating to credit risk; Article VII.IX.12 to interest rate, liquidity and market risk, and Article VII.IX.13 to operational risk. These require risk management policies to be established and controls to be in place. There are standards relating to credit risk and liquidity risk but not to other risks.
There are no requirements for stress tests, except for liquidity given the current exceptional circumstances.
|Comments||There are no additional requirements to ensure that the Board of Directors assesses the overall adequacy of capital in relation to risk, other than by meeting the capital requirements.|
There is no direct requirement that the Board of Directors approve new products and major risk management initiatives, beyond the general requirement that the Board of Directors approve risk management policies.
The absence of these specific requirements on directors has added importance because of the CBSM’s conclusions on the state of corporate governance in banks and this is what gives rise to the rating.
The CBSM is recommended to strengthen the Regulations to clarify the Board of Directors’ responsibility to approve a documented risk assessment and risk management strategy. The Board should re evaluate risk management policies in the light of a regular (at least annual) reassessment of the risks facing the banks. The evaluation of the risk assessment should include stress tests as appropriate. The Directors should also re-assess capital adequacy in the light of their risk profile. The Directors should approve new products that affect the risk profile. The internal audit department should be required to assess the quality of the risk management and control process. The staff should be trained in the risk management system.
As already noted, the CBSM should introduce standards for market and interest rate risk.
|Principle 8.||Principle 8: Credit risk|
Supervisors must be satisfied that banks have a credit risk management process that takes into account the risk profile of the institution, with prudent policies and processes to identify, measure, monitor and control credit risk (including counterparty risk). This would include the granting of loans and making of investments, the evaluation of the quality of such loans and investments, and the ongoing management of the loan and investment portfolios.
|Description||Article VII.IX.11 of Regulation 2007-07 covers credit risk. It insists that the process should be covered by internal regulations and properly audited. Articles VII.IX.4 gives the Board of Directors the responsibility for approving risk management policies. There is no requirement for periodic review in the Regulation, although the CBSM states that it requests Directors to review risk management policies annually.|
The Article requires the credit extension policy to be documented; there should be adequate assessment of the borrower’s credit rating; procedures for monitoring the loan performance; and processes for dealing with problem loans. There is no specific requirement for criteria for decisions on assuming credit risk, on refinancing existing exposures, or for determining the level of authority for any particular credit exposure.
The general requirement for loan monitoring does not refer explicitly to the continued analysis of the borrower, the documentation, contractual requirements, and collateral, although this is implicit in the requirement in Article VII.IX.11 for an up-to-date record of exposure.
The Article demands that a bank has a system for classifying problem loans, although there is no requirement that this should reflect the bank’s complexity. There is a requirement for a database, and for six monthly reporting of problem loans. There is no requirement for regular reporting on the overall state of the loan portfolio.
The regulation requires data on overall exposure to an individual borrower or connected group of customers.
Article VII.V.1 of Regulation 2007-07 requires transactions with related parties to be undertaken on market terms and the remainder of this Title of the Regulations covers this matter in more detail, including a requirement for regular reporting.
Articles 41 and 42 of Law 165 give the CBSM adequate powers to obtain information on loans.
|Comments||The CBSM is recommended to strengthen the provisions in Regulation 2007-07 relating to the evaluation of credit risk policy and the importance of monitoring and reporting on borrowers, collateral, economic circumstances affecting borrowers or groups of borrowers, total indebtedness of borrowers, limits on particular borrowers or sectors, and implementation of those limits.|
|Principle 9.||Problem assets, provisions and reserves|
Supervisors must be satisfied that banks establish and adhere to adequate policies and processes for managing problem assets and evaluating the adequacy of provisions and reserves.
|Description||Article VII.IX.11 requires a bank to have criteria for identifying, managing and classifying problem loans. There must be a semi-annual report to Directors on problem loans. There must be a procedure for steps to be taken when problem loans are discovered, although this does not refer directly to making provisions or writing off such loans.|
Regulation 2008-02 makes provision for classifying bad debts and this encompasses off balance sheet exposures. It also requires realistic assessments to be made of the repayment and recovery expectations. Impaired loans are classified into three categories—those overdue by 90 days; those where the borrower is in temporary difficulties, and those where the borrowers are insolvent.
The provision to be made for these loans is based on the amount the banks estimate will not be recoverable, taking account of all the factors, including the extent, value and collectability of collateral. In addition, the banks are permitted to make a more general provision that takes account of difficulties in the economic or geographic sectors in which borrowers are placed, even where none of the loans are classified according to one of the three categories.
However, the current rules did not apply before 2009 and the classifications of problem loans are not captured in the supervisory reports (although quarterly reports include the total provision made by banks). Compliance with the current rules will not be apparent until the balance sheets of banks for 2009 are fully reported. The CBSM expects that this will result in an increase in the proportion of problem loans from the 2.7 percent level currently reported.
Article VII.IX.11 requires a review of credit lines at least once a year.
Article VI.III.1 insists that banks set aside at least 20 percent of net earnings into a general reserve fund.
There are no requirements to re-assess the value of collateral and guarantees.
The CBSM has the opportunity to examine compliance through off-site and on-site inspection. Articles 44 and 45 of Law 165 allow the CBSM to insist on remedial measures.
|Comments||There are no further comments.|
|Principle 10.||Large exposure limits|
Supervisors must be satisfied that banks have policies and processes that enable management to identify and manage concentrations within the portfolio, and supervisors must set prudential limits to restrict bank exposures to single counterparties or groups of connected counterparties.
|Description||Article I.I.2 (31) of Regulation 2007-07 defines a group of connected persons. The definition is in broad terms. The CBSM states that it can exercise discretion on a case-by-case basis when defining connecting persons.|
Article VII.IV.1 defines a large exposure as one where the exposure amounts to 10 percent of total regulatory capital. Article VII.IV.2 restricts any single exposure to a person or group of related counterparties to 25 percent of total regulatory capital and the aggregate of such large exposures to 8 times total regulatory capital. “Exposure” is defined in Article I.I of Regulation 2007-07 and includes indirect as well as direct exposures. The CBSM may set more stringent limits. The weight of each exposure shall be adjusted by the same factors that are used to calculate the risk weighted solvency ratio. This calculation excludes certain securities held for trading purposes and also excludes exposures to other San Marino banks (or banks in foreign countries where there is a supervisory agreement in place).
Article VII.IX.11 requires a bank to have information systems in place to identify their exposures to individuals and groups of connected persons.
There is no specific requirement relating to the establishment of thresholds for acceptable concentrations (other than the Regulations) and no requirement that risk concentrations be reported regularly to the Board (although the President would be required to sign off the quarterly return on large exposures to the CBSM)
The CBSM states that it checks that there are adequate compliance systems in place in on-site and off-site supervision. Circular 2009-01 requires a bank to submit periodically to the CBSM reports on credit and concentration risk quarterly, and concentration of risk to countries of Zone E and B.
There is no requirement on the bank to monitor risks to geographic or economic sectors.
Prior to 2008, there were no requirements to limit large exposures. As a result, banks’ exposure to their most important borrowers is very substantial indeed. The CBSM has implemented a transitional regime to bring the limits on large exposures down to those in the Regulations by 2013. In 2009, the limits are 50 percent of regulatory capital of an individual exposure and 13 times capital for the total of all large exposures. At present, 8 of the 12 banks (which hold 37 percent of the total banking assets) have had their application to adopt the transitional arrangements approved. The proportion could increase considerably if all outstanding applications by banks to be allowed to adopt the transitional provisions are accepted.
|Assessment||Materially Noncompliant (after the transitional period Largely Compliant).|
|Comments||Many of the elements of this Principle are addressed by Regulation 2007-07 in the form of general requirements, for example on the responsibility of the Board and on the requirement for records. Some are also addressed in specific requirements in the Regulations.|
The current transitional arrangements allow for very substantial exposures and this explains the rating that applies while the transitional arrangements are in place.
The CBSM is recommended to keep under review the possibility of shortening the transitional period for reducing the risk concentration limits to the international standard (25 percent of regulatory capital for one exposure and 8 times capital in aggregate).
The CBSM is recommended to amend Regulation 2007-07 to make specific provisions for the bank to make thresholds that limit acceptable risks (in addition to risk concentrations to individuals) to cover risk concentrations to economic or geographic sectors. There should also be a specific requirement for a regular report to the Board.
|Principle 11.||Exposures to related parties|
In order to prevent abuses arising from exposures (both on-balance sheet and off-balance sheet) to related parties and to address conflict of interest, supervisors must have in place requirements that banks extend exposures to related companies and individuals on an arm’s length basis; these exposures are effectively monitored; appropriate steps are taken to control or mitigate the risks; and write-offs of such exposures are made according to standard policies and processes.
|Description||Article I.I.2 of Regulation 2007-07 defines related parties. These include those with an equity stake in, or control over, the bank; those who can appoint senior management; and corporate officers of the bank. The Regulation also covers those connected to a related party and this includes firms controlled by a related party and firms at which related parties have management or supervisory functions.|
It does not explicitly include close family members of the senior management of the bank or of its related parties, although the regulation does require a bank to consider, as a related party, any person who might be expected to assume the debts of another.
Article VII.V.1 states that transactions with related persons must be conducted on market terms.
Article VII.V.2 requires the bank to ensure that there is a report to the Board of Directors in respect of any equity stake in a related party or connected person that exceeds 1 percent of regulatory capital. The Board must also approve increases in such exposure and there must be a favorable opinion from an independent person (the statutory auditors). The Article also places a limit of 20 percent of total regulatory capital on any one exposure and 60 percent on exposure to all related parties and connected persons.
However, there is no requirement for a report to the Board on such exposures or write-offs, nor for any monitoring of such exposures. Apart from a requirement that a connected person be not present when an equity stake is being approved by the Board (Article VII.V.3) and general provisions relating to fraud (Article VII.IX.e) there are no provisions that prevent persons benefitting from connected persons’ exposures from participating in the process of granting and managing the exposure.
Article VII.II.4 of Regulation 2007-07 requires a deduction from regulatory capital of exposures to those who have an equity stake in the bank (and connected parties) but not in respect of exposures to other related parties. Moreover, the CBSM can authorize the non-deduction of such exposures if it determines that it does not amount to a dilution of capital.
Circular 2009-01 requires banks to report related party exposures to the CBSM.
The CBSM has introduced transitional provisions that will allow banks to move towards the limits on exposures to related parties by the end of 2013. In 2009, the limits were 45 percent of regulatory capital for each exposure and 80 percent of regulatory capital for the total of such exposures.
|Assessment||Materially Noncompliant (after transitional period, Largely Compliant).|
|Comments||The definition of related parties is more limited than that required by the Basel Core Principle (BCP), since it does not explicitly include the family members of a related party. The CBSM correctly points out that such members may be covered by a generic provision as described above but there is a risk that banks will interpret the provision narrowly.|
There is no requirement for Board approval other than in the case of an equity stake and no provisions for the Board to determine action in respect of write- offs. There is no requirement that the person who benefits from a related party transaction take no part in the approval process (except for the increase in an equity stake). The deduction from capital, and the ability of the CBSM to authorize waivers even of the deductions it requires, is also a departure from the essential criteria for this principle.
The CBSM is recommended to amend the regulation so that it explicitly covers all related persons, including close family members. The policy of the bank should cover all such related persons. There should be a general rule that any person who is party to a related transaction should not be present when approval is given and should take no part in monitoring or any other activity. On a case by case basis, the CBSM should consider requiring banks to deduct related party exposures from capital, unless there is full collateral. There should be monitoring of all such exposures with aggregates reported regularly to the Board, large exposures reported periodically and exceptions to the bank’s policies reported to the Board for action.
The CBSM is recommended to keep under review the possibility of shortening the transitional period for achieving the limits in the regulation for lending to related parties.
|Principle 12.||Country and transfer risks|
Supervisors must be satisfied that banks have adequate policies and processes for identifying, measuring, monitoring and controlling country risk and transfer risk in their international lending and investment.
|Description||There are no provisions that require banks to monitor and control country risk, other than the general requirement to have risk identification and management systems (Article VII.IX.1 of Regulation 2007-07) and discrimination in the risk weighting calculation between countries in the OECD and elsewhere (Article VII.III.5).|
There are no provisions that require banks to monitor country risks, other than the general requirements in Article VII.IX.14 for an appropriate information system relevant to their complexity, size and geographic structure.
There is no requirement to make provision for country risk, other than the requirement to write down, on a country basis, the value of loans (Regulation 2008-02).
Circular 2009-01 requires a bank to report to the CBSM the loans on a country basis.
|Comments||The CBSM relies entirely on its general requirements for appropriate risk management policies to cover the elements of this principle. Experience shows that the response of banks to this degree of discretion will be mixed. The CBSM does not suggest that it looks for appropriate country risk management in its on-site inspections. The absence of a requirement for country risk management explains the rating.|
The CBSM is recommended to amend Regulation 2007-07 to introduce requirements for banks to identify, manage and control risks arising from their exposure to different countries. This should involve appropriate information systems and proper provisioning.
|Principle 13.||Market risk|
Supervisors must be satisfied that banks have in place policies and processes that accurately identify, measure, monitor and control market risks; supervisors should have powers to impose specific limits and/or a specific capital charge on market risk exposures, if warranted.
|Description||Article VII.IX.4 of Regulation 2007-07 states that the Board of Directors should have risk management and identification policies. Article VII.IX.12 insists that banks should understand market risk. They should record, measure, monitor and manage such risks. The Article also requires a bank to have proper procedures for managing its portfolio. These procedures should include quantitative and qualitative limits and must be approved by the Board of Directors.|
There are no provisions that require timely monitoring or valuation and no requirement to mark positions to market. There are no requirements relating to the valuation of illiquid instruments, sale prices, or assets for which there is no ready market.
There are no provisions for ensuring that there is scenario analysis or stress testing, although the regulation does identify market risk management as part of the overall risk management process.
There is no requirement that the valuation of trading book positions be undertaken by a function independent of business lines, other than the general requirement for segregation of duties in Article VII.IX.1 of Regulation 2007-07.
|Comments||The CBSM accepts that its provisions relating to market risk have not been brought into line with the amendments to the Basel 1 capital accord in respect of market risk (still less with Basel II). The CBSM intends to introduce certain requirements in 2010. The CBSM is recommended to make early progress with this.|
|Principle 14.||Liquidity risk|
Supervisors must be satisfied that banks have a liquidity management strategy that takes into account the risk profile of the institution, with prudent policies and processes to identify, measure, monitor and control liquidity risk, and to manage liquidity on a day to day basis. Supervisors require banks to have contingency plans for handling liquidity problems.
|Description||Article VII.IX.12 of Regulation 2007-07 insists that banks should understand liquidity risk. They should record, measure, monitor, and manage such risks.|
The CBSM has issued a circular setting out guidelines on liquidity risk in February 2009. The Board of Directors of each bank is required to identify all risk factors, determine a liquidity strategy (diversification of funding, liquidity buffers and liquidity requirements for new investments), detect liquidity tensions on a daily basis, and develop internal controls. The bank is then required to analyze liquidity mismatches for different time horizons to identify liquidity mismatches and set liquidity limits.
The CBSM is now requiring banks to send their liquidity reports to the CBSM.
In addition, the CBSM asked the banks to undertake stress testing according to scenarios identified by the CBSM.
|Comments||San Marino was experiencing considerable tensions in respect of liquidity at the time of the mission. However, the origins of this problem arose before the current regulation was in place. Proper liquidity management is a matter that must be put in place well before a crisis and is different from the crisis management measures that may be necessary at times of stress. The compliant rating arises from the terms of the regulation now in place which require proper long term liquidity management to be undertaken by banks in the future.|
The requirement for very frequent liquidity reports may give banks the impression that the CBSM has taken over responsibility for monitoring liquidity in practice. Given the current tensions and the possibility that they may be repeated in the future, the CBSM is recommended to pay particular attention to the specific liquidity management measures and liquidity mismatch limits adopted by banks in line with the regulation.
|Principle 15.||Operational risk|
Supervisors must be satisfied that banks have in place risk management policies and processes to identify, assess, monitor and control/mitigate operational risk. These policies and processes should be commensurate with the size and complexity of the bank.
|Description||There is no explicit capital requirement for operational risk, although CBSM has introduced a rule on total deposits (direct and indirect), whose amount cannot exceed 200 times banks’ free capital margin (equal to regulatory capital minus capital requirement for credit risk); this measure is regarded by CBSM as an approximation of the exposure to operational risk provided that the volume of banking intermediation is strictly dependent on banks’ capitalization.|
Although there is no overall requirement for a bank to manage operational risk, Article VII.IX.13 of Regulation 2007-07 demands that a bank should consider certain specific operational risks, such as fraud, legal and reputational risk, and conflicts of interest.
There are no specific requirements to ensure the Board reviews and evaluates operational risk, other than the general obligation on the Board to have risk identification and management policies (Article VII.IX.4).
There is no general obligation on a bank to have contingency plans or business recovery procedures, although Article VII.IX.14 requires a bank to have the ability to recover from an accident, through back-up and emergency procedures.
Article VII.IX.14 requires a bank to have reliable information systems that are constantly upgraded to reflect the bank’s operating environment.
There is no provision requiring the reporting of operational risk assessment mitigation measures to the CBSM.
Chapter IV or Title VII of Regulation 2007-07 addresses the risks from outsourcing. Article VII.IX.18 requires a bank to have a written contract. The bank must identify the criteria for assessing the outsourcer, establish how to oversee the outsourced service and consider the action necessary if the services prove inadequate. There is no reference to a risk assessment per se.
|Comments||Article VII.IX.13 refers only to selected operational risks, although the extension of the bank’s risk identification to other operational risks is implicit.|
The CBSM is recommended to establish a broader operational risk framework that demands that the Board of Directors assesses the full range of operational risks to which the bank is subject and draws up an appropriate strategy to mitigate, control, and minimize the risks, while monitoring the effect of controls and evaluating the risk strategy on a regular basis.
The CBSM is further recommended to move towards introducing a capital charge founded on the Basel II requirements.
|Principle 16.||Interest rate risk in the banking book|
Supervisors must be satisfied that banks have effective systems in place to identify, measure, monitor and control interest rate risk in the banking book, including a well defined strategy that has been approved by the Board and implemented by senior management; these should be appropriate to the size and complexity of such risk.
|Description||Article VII.IX.4 of Regulation 2007-07 insists that the Board of Directors should have risk management and identification policies. Article VII.IX.12 requires banks to have an accurate understanding of specified risks, including interest rate risks. They should record, measure, monitor and manage such risks.|
However, there are no specific requirements relating to interest rate risk and no quantitative requirements in the Regulations, except for restrictions on the total quantity of loans. Loans (other than home mortgages) must not exceed the sum of total regulatory capital, 80 percent of long and medium term deposits and 30 percent of all other deposits.
There are no requirements for regular monitoring and control and no requirements for stress testing.
The regulations make general requirements for the separation of duties within the bank (Article VII.IX.1).
|Comments||The CBSM is proposing to introduce regulations covering interest rate risk in the banking book and it is recommended that they continue with this as soon as possible.|
|Principle 17.||Internal control and audit|
Supervisors must be satisfied that banks have in place internal controls that are adequate for the size and complexity of their business. These should include clear arrangements for delegating authority and responsibility; separation of the functions that involve committing the bank, paying away its funds, and accounting for its assets and liabilities; reconciliation of these processes; safeguarding the bank’s assets; and appropriate independent internal audit and compliance to test adherence to these controls as well as applicable laws and regulations.
|Description||Articles VII.IX.4 and 5 of Regulation 2007-07 set out the responsibilities of the Board of Directors and the Head of the Executive Structure. The Board is responsible for strategic business decisions, must allocate functions clearly and appropriately, and evaluate the effectiveness of the organizational structure and controls. The Head of the Executive Structure must also ensure effective management of corporate operations. The CEO must verify the effectiveness of the internal controls and define responsibility for functions.|
The Regulation addresses organizational structure and appropriate checks and balances. Article VII.IX.1 insists that there is proper allocation of duties, and appropriate demarcation between operational and supervisory functions. Article VII.IX.2 requires a bank to have separate risk management, compliance and internal audit departments (although CBSM may approve a merger of compliance and risk management units).
Article VII.IX.4 places responsibility for the organizational architecture on the Board of Directors, together with risk identification and the effectiveness of internal controls.
Article 44 of Law 165 gives the CBSM the right to take specific measures in respect of risk mitigation and internal controls. In addition, Article 45 allows the CBSM to propose to the bank’s decision-making authorities that they take certain decisions. Article 15 of Law 165 requires the Directors to remove company officers who do not meet the requirements of good repute.
Article VII.IX.1 requires appropriate demarcation between front and back office and it is up to the CBSM to satisfy itself that the balance between the two is appropriate. Article VII.IX.8 requires a separate compliance officer but there are no provisions requiring direct access to the Board or periodic reports to the Board.
Article VII.IX.6 demands that internal audit is independent that it assesses the adequacy of corporate processes and compliance with them. Article VII.IX.6 requires an internal audit to have appropriate staff, to have direct access to the Board and to make periodic reports. The Article insists that internal audit should have full access to all staff and information
Article VII.IX.9 also establishes that the Board of Auditors (collegio sindacale) has the obligation to notify the CBSM without delay of any act or fact that constitutes inter alia a material irregularity in management; breach of laws and regulations on banking activity; and violation of the bank bylaws provision. A similar reporting duty is put on external auditors (Article VII.IX.10)
|Comments||The Regulations include most of the necessary provisions, with the exception of the ability to remove members of the Board of Directors, the absence of a requirement for a direct reporting line between the Compliance Officer and the Board and the need for periodic reports. There are some other matters that are not explicit in the regulations, for example with respect to the safeguarding of assets and liabilities, the determination of accounting policies, the need for appropriate internal audit methodology, and the importance of a proper audit plan. These matters are implicit in the stated duties of the Directors and Internal Audit and it would be up to the CBSM to ensure that the arrangements were appropriate in practice.|
The CBSM is recommended to amend the Regulation to make explicit the need to safeguard assets and liabilities and for the Board to determine accounting policies. The internal audit should have an audit plan and appropriate methodology.
|Principle 18.||Abuse of financial services|
Supervisors must be satisfied that banks have adequate policies and processes in place, including strict “know-your-customer” rules, that promote high ethical and professional standards in the financial sector and prevent the bank from being used, intentionally or unintentionally, for criminal activities.
|Description||The responsibilities for enforcing AML/CFT compliance|
Article 37 of Law 165 states that one of the supervisory aims of the CBSM is the prevention of financial crime in matters of money laundering and the funding of terrorism (AML/CFT) and other offences of a financial nature. Article 14 of Law 92 of 2008 gives the CBSM the responsibility for verifying the organization and procedures banks must adopt in order to meet their AML/CFT obligations. Article 4 of Law 92 gives the Financial Intelligence Agency (FIA) the function of supervising compliance with the obligations of that law, which include obligations placed on banks (the obligations are also placed on other financial institutions but this assessment is concerned with banks and will focus on them). Article 5 of Law 92 gives the FIA the responsibility of collecting information from banks and undertaking on-site inspections.
The CBSM and the FIA have agreed an MoU, and this sets out their respective roles. Article 4 of the MoU repeats the CBSM’s primary role in respect of banks’ organization and procedures. The FIA is responsible for secondary legislation on specified matters. In practice, the main provisions that govern the AML/CFT obligations are those in Law 92 and the Instructions issued by the FIA. The CBSM issued an Instruction 2008 01 prior to the FIA’s establishment, which is still applicable to banks. Both organizations conduct on-site inspections and ad hoc investigations. The FIA has sought information on the degree of compliance by banks (and other obligated institutions) by means of a questionnaire and has used the results to inform its risk-based approach and priorities for inspections.
There is cooperation between the CBSM and the FIA. However, the results of the questionnaire were not shared with the CBSM and the two organizations do not co-ordinate their inspection visits—although each will report to the other on violations of provisions falling into their areas of responsibility. Both the CBSM and the FIA consider that there are insufficient resources adequately to enforce AML/CFT requirements.
Article 14 of Law 92 requires that the CBSM should report to the FIA any suspicions it may have as regards money laundering.
The CBSM is able to use the sanctions available in Article 141 of Law 165 to enforce AML/CFT obligations. The FIA also has sanctions available, for example in Article 61 of Law 92.
The obligations on banks
Article 15 of Law 165 requires company officers to be of good repute and this should imply that they would not facilitate financial crime. Article VII.IX.13 of Regulation 2007-07 requires banks to minimize the risks of fraud and embezzlement (against the bank itself). However, apart from AML/CFT measures, there are no specific references in the law or Regulations that establish a duty on a bank to observe standards that would guard against the use of a bank for financial crime. Banks reported to the mission that, although they made every effort to prevent the abuse of their services for financial crime, they did not include tax evasion in their definition of financial crime.
Article 36 of Law 92 requires banks to report ML or TF suspicious transactions to the FIA. There is no other obligation to report fraud or other crime to the CBSM, even where it may affect the safety and soundness of the bank. Banks indicate that they have reported major frauds to the CBSM but do not report fraud on a routine basis.
Article 21-26 of Law 92 describes the customer due diligence (CDD) measures that a bank must undertake in order to identify customers and understand their business. It also sets out exactly when and in what circumstances the CDD must be undertaken. The identification measures for individuals, companies and beneficial owners are largely appropriate (except as described below).
Article 22 states that the bank must monitor a customer’s activity to ensure that it remains compatible with the customer profile as established during the initial CDD process. Article 27 specifies some additional CDD and other measures that apply when the customer is taken on other than face-to-face and where a customer is a politically exposed person (PEP). However, although the law requires senior management approval when a new customer is identified as a PEP, there is no comparable requirement when an existing customer or beneficial owner is subsequently found to be, or subsequently becomes, a PEP.
Article 27 also requires enhanced due diligence for any high risk customer, although in such cases, it does not state what those measures might be.
State Congress Decision 9 of January 26, 2009 gives guidance on which foreign country applies AML/CFT measures equivalent to the international standard.
Article 3(a) and (d) of CBSM Instruction 2008 01 requires a bank to obtain the incorporation documents of a legal person.
Records must be updated as appropriate and kept for at least five years according to Article 34 of Law 92. Article 44 requires the bank to adopt policies and procedures, and to inform and train staff.
Internal audit is not explicitly required to assess compliance with AML/CFT controls under Article VII.IX.6 of Regulation 2007-07. However, the compliance officer is required to do so. Article 42 of Law 92 requires the compliance officer also to be the recipient of internal suspicious reports.
Article 44 of Law 92 requires banks to have policies and procedures designed to meet the obligations of the law and these will include the obligation to report suspicions. By implication, these procedures would include management information systems.
Article 39 exempts a suspicious transaction reporter of any liability of any kind where the report is made in good faith.
Anonymous accounts and shell banks
Subject to what follows, all accounts that are anonymous are prohibited, according to Article 30 of Law 92.
Prior to the enactment of the Law, the use of bearer pass books was permitted. These passbooks were, in effect, anonymous bank accounts, where ownership was evidenced by the holding of a bearer passbook. The use of cash to deposit funds was common practice (one fiduciary company told the mission that 60-70 percent of funds it received came in cash in amounts averaging €100,000 to €300,000—a practice that the banks informed the mission was not unusual in their experience of fiduciaries). Checks endorsed by their payee and then subject to multiple endorsements by subsequent payees, which rendered the changes in the ownership of the funds untraceable, were also common. Article 31 of Law 92 places limitations on the use of such instruments. Bearer passbooks will be banned as from June 2010 and any passbook with a balance of over €15,000 is already forbidden. Checks of more than €15,000 must be crossed non negotiable. Cash transactions of over €15,000 can only be conducted through banks, fiduciaries or payment service businesses.
Relationships with shell banks are prohibited by Article 28.
Potential gaps in the requirements
The following points should be noted:
The legacy of the practice prior to 2008
Prior to 2008, AML requirements, although in place since 1999, were not actively enforced. The CBSM and its predecessor bodies had primary responsibility but in fact there were few detailed instructions and no inspection visits. Many of the banks’ customers, therefore, were taken on before the current requirements were in place. Article 5 of CBSM Instruction 2008 01 requires banks to obtain information from existing customers at the first opportunity. There will therefore be a number of customers for whom there is no up-to-date information, because a suitable opportunity has not yet arisen. Moreover, in the case of fiduciaries, there are a substantial number of customers who do not wish to be contacted and there will be particular difficulties in obtaining full information on such customers. The funds of these customers will be held in banks in the name of the fiduciaries and will thus represent a risk for the banks.
The CBSM and FIA have required banks to undertake a risk classification of existing customers and banks have made some progress with this, although not all have completed it. Moreover, some have elected to undertake the task with software that relies on information in the bank’s files. Not all banks have all the necessary data in respect of all their customers. There remains a danger, therefore, that some existing customers will not be subject to appropriate risk profiling.
The problem is exacerbated by the position of the fiduciaries. Because fiduciaries are “obligated institutions”, the banks are permitted to exercise simplified due diligence on them (which in practice means no due diligence as noted above). Moreover, banks are permitted to accept accounts from fiduciaries without knowing the identity of the underlying customers.
Fiduciaries are likely to have taken on customers in the past that made deposits in cash, multiple endorsed checks or by other untraceable means. In such cases, they may have no knowledge of beneficial ownership of funds beyond a signed declaration of the depositor, an introduction from an accountant or notary and such information as may be obtained through questioning the depositor. In such cases, the risk classification of existing customers may be compromised. The statement by one fiduciary to the mission, that 97 percent of customers were classified as low risk, even though virtually all of them deposited funds in the form of cash or multiple endorsed checks, demonstrates the danger that risk classifications may not always have not been properly undertaken (although the mission do not know if this experience is typical).
The limited resources of the FIA and the CBSM to undertake in depth inspections of AML/CFT defenses increase the risk that the current regulations are not yet being enforced.
|Comments||The AML/CFT provisions as they affect banks have been recently updated and, for the most part, are in accordance with international standards. The CBSM and FIA have made good progress with this. Moreover, some of the actions to enforce the new provisions are sensible, such as the series of inspections—focused on the high risk fiduciary companies—and the questionnaire. However, there are some gaps in the requirements and enforcement remains a challenge. The rating arises as a result of the gaps in the legislation and regulations as described above, the absence of any direct requirements to avoid abuse of services for financial crime (other than ML and TF) and the lack of resources for effective enforcement.|
It is important to fill in the gaps and the authorities are recommended to do so by making the following changes:
The authorities are also recommended to amend the exemptions from bank secrecy in Article 36 to allow disclosure to the relevant law enforcement authority of any matter that gave rise to knowledge of financial crime (not just suspicion of ML or TF). The authorities are further recommended to consider how to adapt the regime so that it provides defenses against all kinds of financial crime, rather than just ML and TF (as is required by criterion 6 and 9 of BCP 18). This will require ensuring that the banks’ internal policies and procedures and their training programs cover all risks of abuse of financial services.
Enforcement of the new regime is the key challenge and, inevitably, the CBSM and FIA have limited resources to press banks to embed the new regime into their culture. The authorities are recommended to put additional resources into the work of enforcement, particularly on-site inspections. The extent of the resources required should be assessed taking account of the likely need to continue to undertake ad hoc investigations.
To increase the effectiveness of the resources, the CBSM and the FIA are recommended to collaborate and to plan the enforcement activity jointly. This could mean making joint inspections. Alternatively, it could mean sharing plans for inspections of AML/CFT compliance, so as to ensure that they achieve the widest possible coverage and do not duplicate each other’s work. As is the case now, the results of the inspections should be shared but it would also help to discuss risk assessments, so that each body can operate with a full understanding of each other’s risk perceptions and priorities. This collaboration should not alter the autonomy of the FIA in its core role of receiving, analyzing, and dispensing information on Suspicious Transaction Reports (STRs).
In addition, the CBSM and FIA should strengthen the defenses against the risks that arise because of the legacy of customers and practices that were taken on or adopted before the current regime was in force. Many customers have placed funds with banks and fiduciaries in circumstances where there is a high risk that the beneficial owner is not truly known and that the funds are involved in some sort of financial crime even if that crime is not a predicate offence for money laundering. In order to strengthen the defenses against this legacy problem, the CBSM and FIA are recommended to make clear to the banks (and other obligated institutions) that any customer who has made a deposit of more than a threshold set by the CBSM or FIA in cash or (to the extent that the information is available) multiple endorsed checks with a cumulative value over the threshold, should be regarded as high risk and that the consequences envisaged by the law (Article 27(1) of Law 92) should apply. In particular:
In addition, the CBSM and FIA are recommended to consider advising the banks to refuse to accept omnibus accounts from fiduciaries, especially where there is clear evidence of inadequate due diligence.
|Principle 19.||Supervisory approach|
An effective banking supervisory system requires that supervisors develop and maintain a thorough understanding of the operations of individual banks and banking groups, and also of the banking system as a whole, focusing on safety and soundness, and the stability of the banking system.
|Description||The CBSM has the power to discover all the information it requires about the risk profile of individual banks and groups and insists that the banks have proper risk identification processes.|
The CBSM has the legal ability to assess the risks of the banking system as a whole, since it is the sole regulatory authority. Its annual report gives data for the banking system and makes comments on the strengths of the banking system (allowing for the fact that the report is a public document). The CBSM has a general objective of financial stability and the power to authorize all financial activity as defined in Attachment 1 of Law 165. This includes loans and fiduciary activities.
The CBSM has the powers and reporting tools to assess risks. However, it does not yet adopt a risk-based methodology or even a more traditional CAMEL based methodology for supervising banks.
The CBSM has the power to check banks’ compliance and does so but it does not check compliance by banking groups.
|Comments||Although the CBSM adopts no recognized methodology for assessing the risks of banks, it does, in practice, have a good understanding of the factors that affect the safety and soundness of banks.|
Nevertheless, the CBSM is recommended to move to the implementation of a proper methodology for assessing banking risk, using CAMEL or another appropriate technique. This is a more important priority than a move to risk-based supervision.
|Principle 20.||Supervisory techniques|
An effective banking supervisory system should consist of on-site and off-site supervision and regular contacts with bank management.
|Description||The CBSM states that there are no formal procedures for systematic evaluation of the effectiveness of supervisory techniques. Nevertheless, a mix of on-site and off-site supervision is deployed, at the discretion of the head of the Supervision Department and the Supervision Committee. There was an annual inspection plan for 2009 but it was disrupted by a failure to recruit an expected member of staff and the need to carry out ad hoc investigations on behalf of the judiciary. These investigations absorbed over one third of the CBSM’s on-site resources and, as a result, only two full inspections of banks have been conducted since 2006, although other inspections into specific areas of compliance have been undertaken, mostly related to credit risk and 11 full inspections were made of finance companies.|
The CBSM states that, at present, there is no on-site inspection manual and only a partially completed check list for on-site inspections. Nevertheless, the CBSM’s description of its process is thorough and comprehensive and the evidence is that inspections, when conducted, are undertaken diligently. The full inspection examines the corporate governance of the bank, starting with the actions of the Board of Directors and including the quality of management. Staff examine the bank’s risk assessment, policies, controls and procedures as well as examining specific files to determine if the procedures are correctly followed.
The CBSM has developed a comprehensive set of requirements for reporting prudential matters and receives returns from the banks about various matters at frequencies varying from bi-weekly (for liquidity) to annual (for loan loss provisioning). Significant improvements in the reporting requirements have been in place since 2008 and some requirements will only be fully in place in respect of financial statements for 2009. The off-site supervision department analyzes prudential returns to assess financial strength and determine the priorities for on-site work. There are no formal working procedures for this activity but the staff use the information effectively to assess banking risk.
To assess internal audit, the CBSM examines the internal audit regulations within the bank and uses the on-site inspection program.
The CBSM states that inspection reports are in two parts. One part, focusing on compliance breaches, is shown to and discussed with the Bank at a senior level, with the bank required to respond and to correct any failings. The second part is a fuller analysis and assessment.
The Supervision Department’s ability to play its full role is constrained by the number of staff available. The department has been expanding steadily since 2005, with total staff numbers rising from 12 to 25 by the time of the mission. The CBSM has said that it has experienced difficulties recruiting some staff because of the restrictions on employing staff from outside San Marino. On the other hand, the number of staff leaving the Supervision department (other than on transfer) has been very small. This suggests that the CBSM is able to offer competitive terms to its staff.
|Comments||It is recognized that the Inspection Department has been fully stretched in carrying out investigations for the judiciary and has carried out sector inspections on credit risk. The burden of conducting judicial inspections is heavy (given the level of CBSM resources) and unpredictable. It is clearly preventing the CBSM from fully meeting its responsibilities since, two general inspections of banks in three years is not enough to verify the information given by banks although the other inspections are useful. This factor and the absence of full supervisory manuals gives rise to the rating.|
The problem facing the CBSM is a lack of resources and it is important that the CBSM makes a full assessment of the resources it needs properly to fulfill its objectives and, in particular to enforce the obligations on banks. The CBSM needs full financial support in order to fulfill all its tasks, including judicial investigations, when necessary. To this end the CBSM should be provided with the staff resources and full reimbursement of the cost, as recommended in Principle 1(2).
The CBSM should make a full and documented assessment of the staff it needs to fulfill its objectives. It is recommended to make a first round of inspections of all the banks (perhaps using external experts) to determine an initial view of the risks and to use this information to assess the appropriate frequency of future full inspection visits for each bank (taking account of the need to make ad hoc investigations on behalf of the judiciary and the need to make inspection visits on financial companies as well). On the basis of this judgment, the CBSM should assess the required number of on-site inspectors and off-site staff (the latter including those responsible for analyzing supervisory returns). The CBSM should document its future staffing needs and incorporate this information into its budget. Assuming that the budget process is reformed as recommended in the assessment of Principle 1(2), the CBSM will then be able to implement this budget. However, regardless of the authorities’ conclusions on the budget process, they are recommended to approve the CBSM budget based on this assessment of needs. The CBSM can then mount a sustained recruitment campaign—preferably seeking to make a long term agreement with the office of labor so as to provide greater certainty in respect of the number of staff it is permitted to recruit from outside San Marino. It will remain important to recruit and train local staff where appropriate.
The CBSM is further recommended to finalize its on-site and off-site supervision manuals.
|Principle 21.||Supervisory reporting|
Supervisors must have a means of collecting, reviewing and analysing prudential reports and statistical returns from banks on both a solo and a consolidated basis, and a means of independent verification of these reports, through either on-site examinations or use of external experts.
|Description||Article 41 of Law 165 gives the CBSM the power to require banks to submit information. In practice, data is collected on banks on a solo basis and not on a consolidated basis. However, Article 53 allows the CBSM to require a group to be registered and, when this is done, the CBSM can obtain information from any part of the group.|
CBSM states that it receives reports on balance sheet, profit and loss, liquidity, large exposures, loan loss provisioning, asset quality, related party transactions and loan concentration on an economic sector basis.
Regulation 2008-02 sets out the accounting rules to be used and a 2009 circular has given clear instructions to banks as to how to compile reports. This is a relatively new development. Prior to 2008, there were no consistent rules on compiling reports. Regulation 2008-02 also gives the valuation rules that require assets held for trading to be valued at market price.
The frequency of reports is consistent. Liquidity is biweekly. Capital adequacy and related party transactions are quarterly. Balance sheet and loan loss provisions are semi-annual. Loan by sector is annual.
Articles 41 and 42 of Law 165 are comprehensive in the powers they give the CBSM to obtain information.
Article 141 of Law 165 gives the power to impose administrative sanctions for non compliance with periodic reports or for misinformation.
The CBSM checks, both manually and using automated methods, to determine internal inconsistencies in reports. External auditors are expected to check on accounts. On-site inspections are intended to verify information.
Article 42 of Law 165 allows the CBSM to insist on external auditors but there are no specific regulations on this as yet.
|Comment||The CBSM reporting regime is relatively new but it appears to be comprehensive and is providing useful data.|
The CBSM is contemplating introducing rules on consolidated reporting and is recommended to maintain its timetable on this.
|Principle 22.||Accounting and disclosure|
Supervisors must be satisfied that each bank maintains adequate records drawn up in accordance with accounting policies and practices that are widely accepted internationally, and publishes, on a regular basis, information that fairly reflects its financial condition and profitability.
|Description||Article VII.IX.4 of Regulation 2007-07 gives the Board of Directors the responsibility of ensuring the reliability of the accounting system. Article 29 of Law 165 states that a bank must prepare financial accounts that give a true and fair view of the financial position of a bank. The responsibility of the Board of Directors is implicit.|
Article VII.II.3 of Regulation 2007-07 requires that a bank must appoint an external auditor and that the accounts must bear a certificate from the auditor.
Accounting standards and valuation principles are set out in Regulation 2008-02. The accounting standards are specifically designed for Sammarinese banks but a local firm of accountants and the CBSM advised the mission that they followed IFRS in almost every respect except financial leasing and even there, the difference affected the counterparty, not the bank. Where there is any gap in the requirements, the accountants use Italian accounting standards. The CBSM has the power under Article 41 of Law 165 to verify compliance with accounting standards. There has been little enforcement action in practice, since the first accounts subject to the Regulation will be those for 2009.
Article 34 of Law 165 gives the CBSM the power to determine the criteria and procedures for external audit (although they have not in fact done so). Article 42 gives the CBSM the power to appoint external auditors to carry out specific investigations.
The CBSM states that external auditors are required to verify loan portfolio, loan loss reserves, nonperforming assets, asset valuations, trading and other securities activities, derivatives, asset securitizations, and the adequacy of internal controls over financial reporting.
Article 33 of Law 165 gives the CBSM the power to set standards for auditors, although, apart from independence, no such standards have been set in the Regulations. In practice, the auditors state that they follow International Auditing Standards but that there is no independent enforcement of this beyond a requirement on auditors to qualify for inclusion on the public register (which is the responsibility of the Secretary of State for Industry) and to undertake 30 hours of continuous professional development each year. Article 34 states that Auditors must report matters worthy of censure to the CBSM. There are no auditor rotation requirements.
Article 41 of Law 165 gives the CBSM the power to obtain auditor working papers.
Article 31 requires a bank to have financial statements annually which are approved by the general meeting of the bank. These are expected to give a true and fair view and to be consistent from one year to another. Article 29(6) provides that where the application of accounting standards result in financial statements that do not give a true and fair view, in exceptional cases the bank may depart from the standards, provided that this is fully disclosed in the notes to the accounts.
Regulation 2008-02 requires that the accounts deal with business performance, marketing strategy, securities transactions, related party transactions, credit, market and operational risks and risk management strategies.
In its Annual Report, the CBSM published aggregate data on the banking system. There is also monthly information on the web site.
|Comments||San Marino does not require banks to operate on the basis of IFRS. However, the Regulation 2008-02 imposes standards that the CBSM states are broadly in line with IFRS.|
The ability of a bank to depart from the Regulation where the result of the application of standards does not give a true and fair view is a concern. The CBSM is recommended to keep a close watch on the use of this provision and, if there is any evidence of abuse, to seek its removal.
The authorities are further recommended to introduce full acceptance of IFRS when possible. The CBSM should develop an enforcement plan for accounting and auditing standards for banks in the absence of any independent professional body able to undertake this task. The authorities should consider requiring periodic rotation of bank auditors.
|Principle 23.||Corrective and remedial powers of supervisors|
Supervisors must have at their disposal an adequate range of supervisory tools to bring about timely corrective actions. This includes the ability, where appropriate, to revoke the banking licence or to recommend its revocation.
|Description||The CBSM procedure for dealing with supervisory reports is discussed in the description of Principle 20.|
The CBSM has the powers in Article 99 of Law 165 to approve a request from a bank for dissolution. Article 52 also requires the permission of the CBSM for mergers and demergers. Articles 78, 84 and 85 provide powers to take extraordinary measures to address troubled banks (suspension of the bank administrative bodies, extraordinary administration and compulsory administrative winding-up). This can happen for a number of reasons, including the loss of capital or liquidity. In the case of administrative liquidation (Article 78), the approval of the State Congress and CCS is needed. Article 85-96 provides for the compulsory winding up of a bank, also with the authority of the State Congress and the CCS.
The CBSM has a range of regulatory tools. It can draw breaches to the attention of the Board of Directors. It can convene a meeting of the bank’s authorities (Article 46 of Law 165). Article 44 provides the power for the CBSM to take specific measures. Article 14 provides for specific penalties and Article 10 provides for revocation.
Except where the extraordinary administration procedure is involved, the removal of officers is a matter for the Board of Directors. Under Article 15, the Board may remove company officers who do not meet the requirements of good repute. If the Board do not take action, the CBSM can convene a meeting of the bank’s authorities under Article 46 and can propose (but not require) removal. Article 44 also provides for specific measures which could include restricting the activities of the bank. Article VII.IX.6 requires a bank to obtain CBSM approval for certain acquisitions. Article 4 of Law 165 requires CBSM approval for incidental additional activities.
These actions can also be taken where a bank falls close to its minimum capital or even below it.
Article 31 of Law 96 allows the CBSM to impose financial penalties on officers, which must be paid by the bank and then recouped.
|Comments||It has already been noted that the CBSM does not have the power to remove individual members of the Board of Directors and its ability to remove other officers is subject to the approval of the Board of Directors or the General meeting of the shareholders.|
It is not appropriate that a decision on such matters as compulsory winding up or the appointment of a Manager should be taken by political bodies such as the State Congress or the Committee for Credit and Savings. A recommendation on this point has already been made in the commentary on Principle 1(2)
The CBSM are recommended to consider seeking an amendment to Law 165 to give it the power to remove individual corporate officers where the CBSM considers them no longer to be fit and proper.
|Principle 24.||Consolidated supervision|
An essential element of banking supervision is that supervisors supervise the banking group on a consolidated basis, adequately monitoring and, as appropriate, applying prudential norms to all aspects of the business conducted by the group worldwide.
|Description||Articles 57 and 58 of Law 165 give the CBSM the power to regulate banking groups on a consolidated basis. Article 56 provides for a register of a banking group. Part IX requires a Group leader to manage risks arising in the group as a whole. However, detailed regulations on consolidated supervision are yet to be issued.|
The mission was informed that some accounting firms prepare accounts that show, in notes to the accounts, the effect that consolidating reporting would have on the bank group’s published results. The CBSM acknowledged this but pointed out that without any regulations on the rules or standards to be adopted, it would not be possible to rely on the results.
The CBSM also pointed out that, where Sammarinese banks have financial companies as their subsidiaries, the CBSM has direct supervisory responsibility and can ensure that it understands the risks of the group as a whole.
As already noted, the CBSM is preparing for the introduction of consolidated supervision.
|Comments||Although the CBSM has the powers to engage in consolidated supervision, it does not in fact do so. The reliance on its separate responsibility for fiduciary and financial companies does not cover all the risks associated with banking groups—because of the absence of comprehensive regulation for the fiduciary companies and financial companies and because of the effect of any nonfinancial companies that may be owned by banks (albeit within the limits allowed by regulation).|
The CBSM is recommended to move towards a consolidated supervision regime as soon as priorities allow and, in the meantime, to ensure that the risks arising from domestic holdings of Sammarinese banks are fully understood.
|Principle 25.||Home-host relationships|
Cross-border consolidated supervision requires cooperation and information exchange between home supervisors and the various other supervisors involved, primarily host banking supervisors. Banking supervisors must require the local operations of foreign banks to be conducted to the same standards as those required of domestic institutions.
|Description||Law 165 provides for information exchange with foreign supervisors.|
Its provisions allow for cooperation, whether or not they are home supervisors of banks with a presence in San Marino. Article 103 permits the CBSM to pass any information to a foreign supervisory authority where there is an agreement in place and where the information is necessary for the performance of the foreign authority’s task. The transmission of information is subject to safeguards including that the confidentiality protections of the foreign authority are equivalent to those of the CBSM, that the foreign authority abides by specified limits on the use of the information and that the foreign authority does not disclose the information without the written consent of the CBSM. Article 103 states that the CBSM must enter into agreements to this end.
Regulation 2007-07 (Article III.VI.I 1(b)) prevents the authorization of branches or subsidiaries of foreign banks unless there is a cooperation agreement between the supervisory authorities.
The CBSM states that there are only two foreign authorities of relevance, namely Italy and Croatia, since these are the only two countries where Sammarinese banks have offices, or where the foreign banks have offices in San Marino. An agreement with Croatia was signed in September 2009, and one with the Bank of Italy is to be negotiated.
Article 36 of Law 165 prohibits all disclosures by a bank of confidential information except to a judicial criminal authority or the CBSM itself. Article 42 only provides for the CBSM to conduct inspections of banks. There is no exemption from the Article 36 disclosure prohibition that would allow a foreign supervisor to conduct an on-site inspection, even if given authority by the CBSM. Article 103 allows the CBSM to transmit information to foreign supervisors under closely controlled conditions but this would not allow the CBSM to permit a foreign supervisor to obtain information itself. The CBSM state that it is possible for a foreign supervisor to conduct on-site inspections but have not stated how such inspections would be possible given the prohibition on disclosure of confidential information in Article 36.
The MoU with Croatia states that it permits home state supervisors to make on-site inspections in the host country. Under the agreement, the Croatian supervisor may only carry out an inspection with the consent of the CBSM, must give two months notice and supply other details and can only carry out an inspection on its own if the CBSM is, for some reason, not able to do so. In particular, CBSM approval can only be given if in accordance with its domestic legislation. In fact, Law 165 does not allow for this. Since there are no Croatian banks in San Marino, this has not become an issue.
Article 75 of Law 165 requires foreign banks to seek authorizations for the activities of branches and for activities where there is no branch. The CBSM has yet to establish regulations for activities carried out without branches. Article III.VI.1 of Regulation 2007-07 states that the CBSM will only authorize a branch of a foreign bank when it has the agreement of the home supervisor, who must supervise on a consolidated basis. There are no branches of foreign banks in San Marino at present.
As noted above, Article 36 of Law 165 prevents a bank from passing information to any supervisory authority other than the CBSM and prevents it from passing it to any other person. Article IX.IV.1 of Regulation 2007-07 states that information passed to a foreign bank that is necessary to enable it to meet its home supervisor’s regulatory requirements is exempt from the bank secrecy restriction. The CBSM state that the Regulation is fully compliant with Article 36 and this view is respected. However, San Marino subsidiaries of foreign banks report that they do not feel able to pass confidential information to their parent company, nor do they allow head office internal audit or compliance staff access to their files. This prevents proper risk management by the parent company and thus also prevents proper consolidated supervision by the foreign home supervisor. This may be because they do not see how a provision in a Regulation can override the clear prohibition on disclosure in Article 36 of Law165. Moreover, the Regulation only applies to legal or regulatory requirements (and not for other internal risk management purposes that may not be specifically required by law or regulation).
The CBSM have made the point that they are responsible for the monitoring of compliance with Article 36 and that they would not take action against a bank for passing information to a parent bank in compliance with the regulation and would not take action if a bank were to cooperate with a foreign supervisor’s on-site visit that had been approved by the CBSM. The CBSM state that, as a matter of policy, they would not regard disclosure to a foreign parent bank as an illegal disclosure under Article 36.
The agreement with Croatia provides for home country supervisors to have access to host facilities. There is no provision for the CBSM to consult a foreign supervisor before taking action against a San Marino bank that is subject to consolidated supervision by a foreign supervisor.
|Comments||It is commendable that the provisions of Article 36 on bank secrecy and the provisions of Article 103 of Law 165 make provision for cooperation with foreign supervisors. However, the terms of these articles could restrict effective information sharing in practice and will restrict proper consolidated supervision by home state supervisors.|
The requirements in Article 103 (2)(d) relating to the need for an agreement, for an assessment that foreign confidentiality protection is equivalent to that in San Marino and the requirement for written permission from the CBSM prior to any further disclosure from a recipient, are not entirely without merit or precedent. Some other countries have some of these provisions. However, the combination of these provisions in the context of San Marino could restrict information sharing.
First, agreements take time, whereas information requests are often urgent (and San Marino has just one such agreement at present).
Second, the requirement that a recipient authority undertakes to make no further disclosure without the written permission of the CBSM may make it difficult for recipients to accept confidential information. Many authorities (as does the CBSM itself) have legal obligations to report information giving rise to suspicion of money laundering and terrorist financing to their Financial Intelligence Units. They could not accept information on the basis that they could be forced to choose between failing to abide by a domestic legal obligation and an undertaking they had made to the CBSM not to make any disclosures without permission.
Third, the requirement that other authorities have confidentiality provisions at least equivalent to that of San Marino, would create a burden on the CBSM to make a comparative analysis prior to each request from a foreign country. The law in San Marino is at one extreme of the range of confidentiality or secrecy provisions and so the requirement that other authorities have provisions at least equivalent is more burdensome than would be the case with many other countries.
As noted above, some other countries have some provisions that are not unlike those in San Marino. They do not always impede information exchange because the authorities may interpret them flexibly, or find ways to minimize the effect. The CBSM may well consider that it can do likewise. However, San Marino is just moving on from a history of almost total bank secrecy and the CBSM could well find that it is under pressure, backed by the threat of legal action from banks about whose customers’ information is exchanged, to demonstrate that it is abiding by the letter of the law. This could in practice impede the flexibility with which the CBSM may consider it can interpret the provisions in the law.
The authorities are recommended to remove the requirement that the confidentiality provisions of a foreign authority be “equivalent” to those of the CBSM and substitute the requirement that the confidentiality arrangements should be “adequate” for the protection of the information concerned, according to the judgment of the CBSM. There should be no requirement for a prior agreement before information can be shared (even though such agreements can be valuable). The requirement that the foreign recipient should be prevented from onward disclosure without the prior written consent of the CBSM should be removed and replaced by a requirement that the CBSM should seek an assurance that there would be no onward disclosure unless there was an obligation to do so and that in such a case, the recipient authority would consult the CBSM and use its best endeavors to resist that onward disclosure.
The desire of the CBSM to permit foreign owned banks to share information with their parent companies is understood and accepted. The CBSM’s view that the Regulation is fully compatible with the law is respected. However, Article 36 is quite clear that there can be no disclosure of confidential information except to a judicial criminal authority or to the CBSM itself. The CBSM make the point that they are the monitor of bank secrecy and would not take action against a bank for providing information in accordance with its own Regulation or for cooperating with a foreign supervisor’s on-site visit that the CBSM had approved. However, a bank would be justified in taking the view that the CBSM may not always be prepared or even able to permit disclosures that appear to breach Article 36.
A foreign home state supervisor must be able to conduct on-site inspections in San Marino without the need for the bank to rely on CBSM forbearance of an apparent breach of Article 36. The authorities are recommended to change Law 165, so as to allow expressly that a foreign owned bank may pass confidential information to its parent bank and home state supervisor. The law should also make clear provisions that allow a foreign supervisor with responsibility for a bank with a Sammarinese subsidiary to make an on-site inspection in San Marino with the same access to confidential material as is available to the CBSM itself.16
|Credit to banks||456||n/a||840||84.0||986||17.5||1,251||26.8||10.8|
|Credit to clients||2,856||n/a||3,954||38.5||4,470||13.0||5,129||14.7||44.5|
|and other asset|
|Debts to banks||121|
|Debts to clients||2,341||n/a||2,587||10.5||2,896||12.0||3,166||9.3||27.4|
|Profits from fees||37||43||50||45|
For more details see the FSSA report which includes descriptions of the substantial outflow of deposits as a result of a tax amnesty in Italy, the effect on one bank of difficulties with a major Italian investment, together with the outcome of a report from MONEYVAL on the standard of AML/CFT compliance.
The tax amnesty law (“scudo fiscale”)—which was adopted by the Italian government in September 2009—allows Italian individuals and businesses to avoid administrative and criminal sanctions if their off-shore assets are disclosed and at repatriated to Italy before December 15, 2009. On December 16, 2009, the deadline was extended to April 2010.
Following the introduction of the euro in 1999 the European Community initiated the negotiation of a monetary arrangement with San Marino where the Italian lira was the official currency on the basis pre-existing arrangements with Italy. Italy took care of the negotiation; the ECB also participated on issues falling within its field of competence. The Monetary agreement was concluded in 2001; it allows San Marino to use the euro as its official currency, obliging the country to grant legal tender status to euro banknotes and coins from 1 January 2002. San Marino is not allowed to issue any banknotes; however it is entitled to issue a specified amount of euro coins each year. San Marino can also issue collector coins on the occasion of national events. Collector coins are denominated in values which are different from circulation coins and have no legal tender outside the Republic of San Marino. San Marino is also permitted to continue issuing gold coins denominated in “scudi”, without this having an impact on the amount of euro that it is allowed to issue annually. Coins denominated in scudi do not have legal tender status outside San Marino. To underline the common responsibility for euro banknotes and coins, it has been agreed San Marino will cooperate closely with the European Community to combat counterfeiting of euro banknotes and coins and suppress and punish such counterfeiting occurring within their territories. The Monetary agreement with San Marino does not provides that the sammarinese credit institutions have access to the Eurosystem monetary policy; however the agreement leaves open the possibility that such institutions might have, in the future, access to euro area payment systems, but, so far, no such access has been established. (source: “Monetary and Exchange Rate Arrangements of the Euro Area with Selected Third Countries and Territories”, European Central Bank, Monthly Bulletin, April 2006).
Source: IMF Article IV Report 2007.
The question of liquidity provision is discussed in the FSSA
In 2006 the CBSM provided liquidity assistance equivalent to 1.7 percent of GDP to a small bank eventually placed under special administration; the government assumed repayment of the loan. On November 25, 2009, a Decree-Law was adopted allowing the government to guarantee the repayment of CBSM borrowing from domestic or foreign financial institutions (Article 1); proceeds would be used for LOLR operations to financial institutions confronted with a temporary liquidity need (Article 4).
The Committee is an arm of Government. Article 48 of Law no 96 of 2005 (BCSM Statute) provides that the Committee is composed of the Secretary of the State for Finance—who chairs the Committee—and a minimum of two to a maximum of four persons appointed by the Congress of State among its members.
In February 2010, the Committee for Credit and Savings withdrew approval for the Director of Bank Supervision, thereby forcing the Governing Council to dismiss him; the decision was taken with the contrary vote of the Chairman of the BCSM. The Chairman and the Director General of the CBSM subsequently resigned.
As previously note, these difficulties included the substantial outflow of deposits as a result of the Italian tax amnesty and one bank had difficulties with a major Italian investment.
“Sammarinese” banks refers to banks in San Marino
In January 2010, the Grand and General Council enacted and the Captains Regent approved an amendment to Article 36 of Law 165. However, the amendment does not address the two issues discussed here. Information can be passed to foreign parent banks but only according to the provisions relating to consolidated supervision in Law 165. Furthermore, the new provisions on bank secrecy do not expressly address the issue concerning the access of head office internal audit or compliance staff access to Sammarinese subsidiaries’ files.
In February 2010, the Committee for Credit and Savings withdrew the approval for the Director of Bank Supervision, thereby forcing the Governing Council to dismiss him; the decision was taken with the contrary vote of the Chairman of the BCSM. The Chairman and the Director General of the CBSM subsequently resigned.
In January 2010, the Grand and General Council enacted and the Captains Regent approved an amendment to Article 36 of Law 165. However, the amendment does not address the two issues discussed here. Information can be passed to foreign parent banks but only according to the provisions relating to consolidated supervision in Law 165. Furthermore, the new provisions on bank secrecy do not expressly address the issue concerning the access of head office internal audit or compliance staff access to Sammarinese subsidiaries’ files.