Summary, Key Findings, and Recommendations
1. The current full assessment of the Basel Core Principles (BCPs) for the Russian Federation used the methodology issued by the Basel Committee on Banking Supervision (BCBS) in September 2012. The assessment took place in the course of the 2016 Financial Sector Assessment Program (FSAP) update. The last complete BCP assessment in the Russian Federation was conducted in 2007 and a targeted assessment of the BCPs examined 10 of the core principles in the course of the 2011 Financial Sector Assessment Program (FSAP) Stability Module.
B. Information and Methodology Used for Assessment
2. It should be noted that the ratings assigned during this assessment are not directly comparable to previous assessments. For the current assessment, the authorities have opted to be assessed on the essential criteria. While grades could be compared between the full BCP assessment of 2007 and the targeted assessment of 2011, the revision to the BCP methodology in 2012 introduced some substantive changes. The revision sought to reflect the lessons from the recent financial sector crisis, to raise the bar for sound supervision reflecting emerging supervisory best practices. New principles and many new criteria were introduced in the 2012 methodology.
3. The assessment team reviewed the framework of laws, rules, and guidance and held extensive meetings with authorities and market participants. The assessment team met officials of CBR, and additional meetings were held with the Ministry of Finance (MoF), auditing firms, and banking sector participants. The authorities provided a comprehensive self-assessment of the CPs, as well as detailed responses to additional questionnaires, and facilitated access to staff and to supervisory documents and files on a confidential basis. Owing to time constraints it was not possible to make as full a study of the documents as the assessors would have wished but the authorities did everything that was possible to facilitate access.
4. The team appreciated the very high quality of cooperation received from the authorities. The team extends its warm thanks to staff of the authorities, who provided excellent cooperation, including extensive provision of documentation and technical support, at a time when many other initiatives related to domestic concerns and international regulatory initiatives were in progress.
5. The standards were evaluated in the context of the sophistication and complexity of the financial system of the Russian Federation. The CPs must be capable of application to a wide range of jurisdictions whose banking sectors will inevitably include a broad spectrum of banks. To accommodate this breadth of application, a proportionate approach is adopted within the CP, both in terms of the expectations on supervisors for the discharge of their own functions and in terms of the standards that supervisors impose on banks. An assessment of a country against the CPs must, therefore, recognize that its supervisory practices should be commensurate with the complexity, interconnectedness, size, and risk profile and cross-border operation of the banks being supervised. In other words, the assessment must consider the context in which the supervisory practices are applied. The concept of proportionality underpins all assessment criteria. For these reasons, an assessment of one jurisdiction will not be directly comparable to that of another.
6. An assessment of compliance with the BCPs is not, and is not intended to be, an exact science. Reaching conclusions required judgments by the assessment team. Banking systems differ from one country to another, as do their domestic circumstances. Furthermore, banking activities are undergoing rapid change after the crisis, prompting the evolution of thinking on, and practices for, supervision. Nevertheless, by adhering to a common, agreed methodology, the assessment should provide the Russian authorities with an internationally consistent measure of the quality of their banking supervision in relation to the revised Core Principles, which are internationally acknowledged as minimum standards.
C. Overview of the Institutional Setting and Market Structure
7. Banking represents the most significant sector of the Russian financial system, although the role of the nonbank sector has been steadily growing. Bank assets amounted to 103 percent of GDP at end-2015. Pension funds, insurance, and mutual funds have assets of 3.6, 2.0, and 3.3 percent of GDP, respectively. The financial system also includes microfinance organizations. Russia has the lowest ratio of bank credit-to-GDP among a group of comparator countries composed of Brazil, India, China, and South Africa and it tends to show slightly lower depth in its financial markets. However, Russia shows much greater financial development, reflecting higher access and efficiency, than these comparator countries and Russia’s overall financial development is higher than the EM average.
8. The banking system is relatively concentrated at the top but is otherwise fragmented. In its relatively short history, the banking system has experienced a strong concentration phase, going from 1,311 banks in 2001 to less than half that number by end-2015. The largest 20 banks account for three quarters of system assets. Government-related banks, dominated by Sberbank and VTB Group, accounted for 60 percent of system assets at end-2015. The top 10 private universal banks hold 16 percent of system assets, foreign-owned banks 13 percent, and 11 percent is in specialized and small banks. Lending is also highly concentrated: the top 10 banks by assets accounted for about 70 percent of lending as of January 2016. Notably, Sberbank and VTB Group together account for a similar share as the remaining 700+ banks. Many of the small banks operate in mono-industrial-cities and are often systemically important for their respective regions.
9. Despite market stresses since 2013, the authorities’ policy response has supported the banks’ soundness indicators. Given the slump in oil prices, the slowdown in global growth and the sanctions the Russian economy experienced challenging times. In response, CBR developed regulatory forbearance measures that positively helped the banking sector and that may mean that indicators have been overstated since end-2014. However, the authorities have been steadily withdrawing these measures with the exception of the FX refinancing operations. The capital adequacy ratio of banks remained broadly unchanged since March 2015 at about 13 percent, in part reflecting a recapitalization program, before declining to about 12 percent in early 2016 as regulatory forbearance was lifted. Capital issuance increased over 2015, offsetting the decline in retained earnings. NPLs have increased, but remain below their 2008 peak. Liquidity has strengthened, with the loan-to-deposit ratio decreasing to 115 percent by end-2015 (returning to the level of mid-2013), reflecting increased retail deposits and the use of the reserve fund to finance the budget deficit.
10. Profitability has declined markedly, over the past few years, reflecting demanding market conditions. Bank profitability has dropped markedly—with the return on assets reaching 0.3 percent at end-2015. The main reasons for the drop in profits are credit losses and declining net interest income. Banks’ profitability is generated largely through fees, other non-lending fees and spreads.
11. Although representing a smaller segment of the financial sector than the banks, an important role is played by nonbank financial institutions (NFIs). This sector primarily includes insurance companies, private pension funds, and management companies of various funds.
|Nonbank Organization||Active Organizations||(in billions of rubles)||(in billions of rubles)|
|Non-state Pension funds||110||2,822.90||146|
|Mutual investment fund||1,542||2,560.30||2,303.9|
|Professional securities market participants||540||753.6||281.4|
12. Since 2014, CBR has become the “mega regulator” of financial markets, absorbing regulatory and supervisory powers for all categories of financial institutions. CBR took the powers of the former Federal Service on Financial Markets and was given an explicit financial stability mandate. Basel III capital ratios entered into force in 2013 and the Basel Liquidity Coverage Ratio is being phased in according to the Basel timetable for the systemically important banks and is on target to meet the 100 percent compliance on January 2019 as required for Basel compliance.
D. Preconditions for Effective Banking Supervision
Sound and sustainable macroeconomic and financial sector policies
13. Russia’s institutional framework supporting the conduct of macroeconomic policy is led by CBR and the Ministry of Finance (MoF). Monetary policy is conducted by CBR and budgetary policy is conducted within a fiscal framework managed by the MoF. In mid-November 2014, CBR switched to a floating exchange rate regime.
14. CBR is managing ongoing policy normalization. Since the end of January 2015, CBR started unwinding the emergency rate hike to 17 percent set in December 2014. The current policy rate is set at 11 percent and inflation is expected to continue to decrease. The current inflation target is set at 4 percent, to be achieved by end-2017. In 2015 alone, the Russian currency lost almost 20 percent of its value vis-à-vis the U.S. dollar.
15. The MoF announced the review of the Federal budget for 2016. The government is considering reduction of budget expenditures compared to figures set in the budget law for 2016. Also government is looking to sell some of its shares in state-owned companies. The 2015 budget deficit required the use of the Reserve Fund and GDP growth in 2016 is expected to be negative again.1 Russia’s government debt remains low, around 20 percent of GDP.
The framework for financial stability policy formulation
16. Authorities have strengthened the institutional framework for financial stability. The inter-agency National Council on Ensuring Financial Stability (FSC) was created as an advisory body for the different authorities to exchange views and coordinate on financial stability matters. The FSC has the authority to provide recommendations and request information. Member agencies have to comply or explain. The FSC’s composition is approved by the government. Currently, the FSC is headed by the First Deputy Chairman of the Government of the Russian Federation and comprises the Advisor to the President of the Russian Federation, the Governor and four First Deputy Governors of CBR (monetary policy, financial stability, banking regulation and supervision, financial market regulation and supervision), the Minister of Finance and Deputy Minister of Finance of the Russian Federation, the Minister and Deputy Minister of Economic Development of the Russian Federation, the Managing Director of the State Corporation Deposit Insurance Agency.
17. CBR has used different tools for macroprudential policy but does not have an ex-ante toolkit.2 In the past, CBR has used macroprudential instruments in an ad hoc manner with no formal triggers.
A well-developed public infrastructure
System of business laws
18. Business laws in Russia are based on chapter 4 of the Civil Code, the 208-FZ Federal Law on Joint Stock Companies and the 14-FZ Law on Limited Liabilities Companies. The latest major amendments to business legislation were introduced with Federal Law 99-FZ and Federal Law 210-FZ, from 2014 and 2015 respectively, which changed the types of companies allowed in the Russian Federation, increased the protection of investors holding Russian local securities and improved the conditions for participation in corporate actions (for example by allowing e-voting and e-proxy voting). The Insolvency Law was amended in 2014 to incorporate changes in the insolvency procedures for credit institutions. Other important Federal Laws to register and conduct business are those related to state registration of legal entities and individual entrepreneurs, fundamental principles of Russian legislation on notaries, trade, consumer rights protection and combating money laundering and the financing of terrorism (AML/CFT), as well as the Land code, the Labor Code and the Tax code. One of the most significant changes in these laws was the introduction of the requirement for financial institutions in 2013 to identify their clients, clients’ representatives and beneficial owners and to collect information on their reputation and business purposes. The definition of the “beneficial owner” was also clarified and it currently is consistent with the Financial Action Task Force (FATF) Forty Recommendations Glossary.
Efficient and independent judiciary
19. The judicial power is formally independent from the legislative and the executive powers. The judiciary is primarily regulated by the Constitution of Russia, the Code of Criminal Procedure, the Code of Civil Procedure, the Code of Administrative Procedure, the Code of Arbitration Procedure and the 1996 Federal Constitutional Law on the Judicial System of the Russian Federation. According to the Constitution of the Russian Federation, the judiciary should protect all men (and women) and citizen’s rights and freedoms. In addition, the Constitution confirms that courts alone can administer justice and requires that all judges shall be independent and obey only the Constitution and the law. The courts are financed solely from the federal budget in order to ensure a complete and independent administration of justice. The judicial power is exercised by means of constitutional, civil, arbitration, administrative and criminal proceedings. As a general rule, examination of cases in all courts is open. Judges adopt the Code of Judicial Ethics which asserts the need to guarantee everyone’s right to a fair consideration of a case by a competent, independent and impartial court.
20. There have been changes to the judicial system. In February 2014, the Supreme Court of the Russian Federation, which heads the system of courts of general jurisdiction, was merged with the Supreme Arbitration Court of the Russian Federation, which headed the system of arbitration (commercial) courts, to form a new Supreme Court. Consequently, Russia’s judicial system is now composed of the Constitutional Court of the Russian Federation, the Supreme Court of the Russian Federation, federal courts, district courts, magistrate courts, military courts and arbitration courts. The World Bank Global Competitiveness Report for 2014–2015 ranks Russia as 109 out of 144 in judicial independence, while a year earlier it was ranked as 119. In terms of the efficiency of the legal framework in settling disputes and in challenging regulations, Russia ranks 110 and 99 respectively and in the area of protection of property rights, Russia ranks 120.
21. The legal profession is governed by the Constitution, the Law on the Status of Judges, the Law on Attorneys’ Practice and the Bar and the Foundations of the Legislation on Notary.
The main legal professions in Russia are the public prosecutor, investigator, judge, attorney (advokat), and notary.
The public prosecution service supervises over observance of the legality, law and order in Russia. It consists mainly of the Prosecutor General’s Office of the Russian Federation, the prosecutor’s offices of the subjects of the Russian Federation, city, district and other territorial prosecutor’s offices and military and other specialized prosecutor’s offices.
The Prosecutor General of the Russian Federation must be appointed and removed from office by the Council of the Federation of the Federal Assembly of the Russian Federation by the recommendation of the President of the Russian Federation. The Prosecutor General appoints prosecutors of cities and regional districts’ prosecutors’ offices. Prosecutors of the prosecutors’ offices in the federal subdivisions of the Russian Federation are appointed by the President of Russia upon recommendation of the Prosecutor General and as agreed with the respective subdivision. The term of office of the Prosecutor General is five years.
The Investigative Committee of Russia is the main federal investigating authority in Russia. From 2011, this committee is not included in the structure of government authorities and only the President of the Russian Federation carries out any control over the Committee. The Chairman is appointed and dismissed by the President without the approval of any body of legislative power and reports annually to the President on its activities.
Prosecutors and investigators employed in the prosecution bodies should not be members of any elective or other bodies set up by state authorities and local self-government bodies.
According to the Law of Status of Judges, judicial candidates must have a degree in law and a certain number of years of working experience and are selected on a competitive basis. All judges of the Supreme Court are appointed by the Council of the Federation of the Federal Assembly of the Russian Federation upon recommendation of the President of the Russian Federation. All other judges including of military and arbitration courts are appointed by the President of the Russian Federation.
Lawyers must have a license to practice law in order to appear in court on criminal matters. Under the 2002 Law “On Attorneys’ Practice and the Bar,” each of the Russian regions has a single bar body called Bar Chamber. Lawyers need to be a member of one of such Bar Chamber to be recognized as an attorney.
22. Efficiency of the system in the realization on collateral could be further improved. It may take two years after a court decision in order for a credit organization to be able to acquire the collateral in the case of a loan default. In the meantime, the collateral may deteriorate in value and banks may be asked to create reserves.
Accounting principles and rules
23. The financial reporting framework in Russia is determined and regulated by the state. The MoF is both the official standard-setting body in accounting and financial reporting and the endorsement body of the International Financial Reporting Standards (IFRS). According to Law No. 208-FZ, and Government Decree No 107, IFRS are to be applied in Russia based on a Russian translation prepared by the MoF. In the case of credit institutions, CBR needs to approve the accounting standards, including the Russian Accounting Standards (RAS). The authorities state that RAS are being brought into compliance with IFRS and will be fully in line by 2017. RAS include the requirement for a balance sheet, statement of results of operations, statement of cash flow and statement of changes in ownership equity.
24. Currently, both IFRS and Russian Accounting Standards (RAS) are used in the financial sector. IFRS are required for the consolidated financial statements of the majority of financial entities and those companies whose securities are listed in stock exchanges.3 Those which do not constitute a group according to IFRS must nevertheless compile stand-alone financial statements in accordance with IFRS. All legal entities, regardless of type, are still required to prepare stand-alone (separate) financial statements based on RAS. The rest of legal entities are not still obliged to apply IFRS nor they have to prepare consolidated aggregated financial statements—therefore they only report standalone financial statements under RAS.
25. Over the years RAS has been converging with IFRS, but as of today there are still some differences between the two standards. The most important difference lies in the fact that RAS never adopted IAS 39 on Financial Instruments.4 In addition, there are other variations in the calculation of capital and reserves. Other previous differences, such as the impairment testing of fixed assets, has been recommended by CBR since 2013, and in 2016 will become mandatory. The MoF, has not granted any exemptions that apply under IFRS.
System of independent external audits
26. According to the Auditing Law, financial companies are required to perform an audit on an annual basis. In the law, auditing is defined as an independent check of the financial statements of an audited entity for the purposes of expressing an opinion on the reliability of said financial statements. Requirements on the form, content, and procedure for signing and submitting the audit report are established by federal auditing standards. The code of conduct for audits firms and auditors is specified in the Code of Professional Ethics of Auditors adopted by the Audit Council, which is the national body that discusses standards and regulations in field of auditing. Audit firms and auditors should be independent of the entity, must comply with audit secrecy, and have to be a member of a self-regulating organization of auditors, which should comply with the rules of the Audit Council. In addition, an audit firm or individual auditor should establish and comply with rules of internal and external quality assurance system based on federal standards.
27. Broadly, the international firms cover IFRS and smaller, domestic audit firms cover RAS. In Russia, auditors are required to obtain an auditor qualification certificate issued by self-regulating organizations of auditors. 5 An audit firm is just required to have 50 percent of the collegial executive body as auditors but is allowed to participate in a tender with just 2–3 auditors in its team. Bigger audit firms tend to be international firms equipped with more resources and training capabilities.6 As of 2014, there are 3,400 certified auditors in Russia.
Payment and clearing systems
28. The payment system of the Russian Federation comprises CBR payment system (BRPS) and other payment systems operated mainly by credit institutions. The BRPS is considered systemic and comprises the system for intraregional electronic payments (VER), the system for interregional electronic payments (MER), the Banking Electronic Speedy Payment system (BESP system), and a payment system based on letters of advice. The other systemically important payment system is the Payment System - National Settlement Depository (PS NKO ZAO National Settlement Depository). The PS NSD is a part of the post-trade infrastructure of OJSC MICEX-RTS Moscow Exchange (the Moscow Exchange) and is used for the open market, repo transactions, and foreign exchange transactions of CBR. There are four other payment systems which are considered important for consumption: CONTACT, Visa, Golden Crown, and MasterCard.7 Finally, there are another 25 payment systems in operation.
29. In 2013, CBR adopted the National Payment System Development Strategy, outlining its key elements and an Action Plan with defined timelines for their implementation. Consumer protection issues, automation of government payments and adoption of ISO 20222 standards were some of the areas which were the focus of the strategy. An advisory council headed by the Governor of CBR comprising members of executive authorities of the Russian Federation, professional payment services market participants, banking associations, and other professional associations has been formed as part of the broader NPS development strategy.8
30. Furthermore, electronic money is increasingly important and CBR is enhancing regulation and supervision. Supervision in the national payment system now covers money transfer operators, 33 payment system operators, payment infrastructure service operators, 35 operation centers, 36 payment clearing centers, 32 settlement centers, 97 electronic money operators, and the Federal State Unitary Enterprise Russian Post.
31. Russia has 21 functioning credit bureaus according to the State Register of Credit Bureaus. These bureaus process store credit histories and provide credit reports and related services. As of December 2015, credit bureaus kept records of 81.6 million individuals and over 485,000 legal entities. Shares in some credit bureaus are owned by banks.
32. Credit bureaus are supervised by CBR and have been the subjects of reforms to strengthen the financial and real sector. In accordance with the Federal Law “On Credit Histories,” CBR supervises the activities of credit bureaus. The Federal Law “On Credit Histories” entitles CBR to keep the central catalogue of credit histories which informs users, subjects of credit histories, and some other persons defined by laws about the location of the credit histories. The Federal Law “On Credit Histories” was amended in 2014 and 2015 introducing, among other developments, the abolishment of the need for borrowers’ consent in order for the credit institutions to send their information to a credit bureau. Additionally, the amendments provided CBR with a power to request and receive credit history reports from credit bureaus
Public availability of basic economic, financial, and social statistics
33. CBR publishes a range of statistics and analysis on the economy and the financial sector. The Federal State Statistics Service, the government agency for statistics in Russia, publishes social statistics as well. The CBR’ statistics are regularly updated (e.g., financial sector statistics are published on a monthly basis). The Federal State Statistics Service, whose mission is to collect, analyze, and publish data, publishes statistics on labor, living standards, education, public health, offences, industry, agriculture, finance, and investments among others.
Framework for crisis management, recovery and resolution
34. CBR and the Deposit Insurance Agency (DIA) have been extensively and increasingly involved in bank resolution and rehabilitation in the past years. Apart from acting as deposit insurer, the DIA also is the corporate receiver/liquidator of failed banks and is entitled to resolve banks that participate on deposit insurance system. In 2014 and 2015, the DIA was assigned two additional functions: the insurance of funds in non-state pension funds and the injection of capital to banks. During 2015, CBR sent the DIA proposals for participation in bankruptcy preventions of 18 banks. As of February 25, 2016, 30 banks were under bankruptcy prevention measures. CBR revoked the licenses of 86 credit institutions in 2014 and 93 in 2015 and simultaneously provisional administrations were appointed. CBR revoked licenses of 61 Deposit Insurance System member banks in 2014 and 75 in 2015. As of January 2016, liquidation was pending in 288 credit institutions whose banking licenses had been revoked.
35. Before any determination on the possibility or desirability of rehabilitation is made, CBR and the DIA can perform a joint inspection of the bank. If there is evidence that the bankruptcy will create a threat to the depositors or to the stability of the banking system as a whole, CBR can ask the DIA to take part in the prevention of the bankruptcy of a bank. Should a bank’s unstable financial position create a threat to the interests of its depositors, CBR can request that the DIA settle the bank’s liabilities. In the case of rehabilitation or prevention of bankruptcy, the DIA may refuse participation based on the cost-effectiveness of the rehabilitation measures, and other criteria. At the time of the assessment, the DIA has not decided how to measure the feasibility of participating in measures aimed at preventing bank’s bankruptcy. The DIA can use the deposit insurance fund or, as has been done in the majority of cases, ask for a loan from the CBR for bank rehabilitation.
36. Federal Law 127-FZ on Insolvency was amended in 2014 to improve the legal regulation of financial rehabilitation and liquidation of credit institutions. The law reformed the insolvency regime for all credit institutions establishing the possibility of bankruptcy prevention at the expense of private investors, without the involvement of the federal budget, CBR and the DIA. Furthermore, the amendments to the Federal Law on Banks and Banking Activities and to the Federal Law on the Central Bank of the Russian Federation established the obligation for Domestic Systemically Important Banks (D-SIBs) to submit their Recovery Plans to CBR and the option for CBR to request Recovery Plans from any other credit institution. CBR is entitled to develop Resolution Plans for D-SIBs. The DIA is currently requesting the amendment of legislation in order to have powers to write down and convert unsecured liabilities (bail-in) and is looking into assuring deposits from legal entities. Currently, the system does not allow the creation of a bridge bank.
Adequacy of systemic protection (public safety net)
37. The DIA was established in 2004 and up to date it has delivered more than 300 deposit pay-outs since its inception. As of the first of January 2016, the deposit insurance fund had RUB 56.6 billion rubles and covers all credit institutions that attract deposits. In 2014, given the events, the amount of insurance compensation on deposits was raised to RUB 1.4 million for individual deposits per credit institution from RUB 700,000. As of January 1, 2016, the Deposit Insurance System fully covered 99.7 percent of the number of deposit accounts of individuals in Russian banks and 65.1 percent of total amount of individuals’ deposits in Russian banks. Deposits are on average RUB 300,000. The Deposit Insurance Fund is funded ex-ante with premium contributions from the credit institutions it covers. Recently, the DIA adopted a risk-adjusted differential premium system. Starting from the third quarter of 2015, premiums have been set according to the riskiness of the institutions.
Effective market discipline
38. Transparency in bank ownership has been a concern but improvements are being made. In 2014, a requirement for Russian companies to disclose information on their “beneficial owners” in accounting statements was formulated and the definition of beneficial owner was amended to be consistent with FATF requirements. In addition, it was prohibited to maintain accounts in fictitious names as well as to open or maintain accounts with pseudonyms. Furthermore, CBR Regulation 499-P obliges credit institutions to update customer and beneficiary identification information and review the level of risk every time the level of risk changes or at least annually.
39. Governance standards are being enhanced. In order to enhance market discipline, Federal Law 334-FZ of 2014 "On Amendments to Article 8 of the Federal Law on Banks and Banking Activity" obliges credit institutions to publicly disclose information on the qualifications and experience of management and the members of the Board of Directors. In addition, requirements for goodwill have been established for founders and owners of more than 10 percent of the shares in a credit institution, with a 10-year ban for non-compliance. Changes to the Criminal Code establish criminal liability for falsifying financial documents of accounting and reporting of financial organizations, including credit organizations. However, the Corporate Governance Code is voluntary.
Responsibility, Objectives, Powers, Independence, Accountability (CPs 1–2)
40. The legal framework currently in place provides CBR with necessary powers and responsibilities. CBR has powers to authorize banks, conduct ongoing supervision, oversee compliance with laws and undertake corrective actions to address safety and soundness concerns. Major reforms have been introduced that increase CBR’s duties and powers in many respects, although implementation is not yet tested in all cases. Responsibilities and objectives of CBR are particularly broad and appear to be intertwined, while some functions seem to concur with the objectives related to safety and soundness of the banking system. While many governance, accountability, and transparency measures are in place, there are some issues of concern notably in respect of legal protection for staff and transparency of dismissal procedures. There is also scope for improvements in the arrangements for decision making in order to better support and communicate the objectivity and independence of CBR to external audiences.
Ownership, Licensing, and Structure (CPs 4–7)
41. The Russian licensing regime for banks appears exhaustive. The legal and regulatory framework provides CBR with a set of instruments and tools to ensure that the licensing process is sound. Banks’ Management and Board members must meet fit and proper qualifications, including the absence of a criminal record. In its licensing process, CBR also informed the mission that all efforts were made to ensure transparency in the ownership structure of applicants. It would be desirable, however, to establish formal procedures to subject the newly established bank to follow up attentive offsite supervision, and if necessary onsite inspection, to ascertain that the bank is performing according to the terms and conditions of the license.
42. CBR also has the power to review, reject, and impose prudential conditions on any proposals to transfer significant ownership or controlling interests held directly or indirectly in existing banks to other parties. In that regard, to address a 2008 FSAP recommendation, CBR vetting threshold for signification transfer of ownership has been lowered from 20 to 10 percent. Further, the CBL has been amended to empower the central bank to address changes of controls that were not vetted by CBR.
43. The legal regime for major acquisitions was found to be weak. While foreign investments by Russian banks require prior approval by CBR, when they lead to the establishment of a subsidiary abroad, the CBR Law does not establish requirements for banks to seek prior CBR approval when making domestic investments in nonbank financial institutions. Without such requirement CBR is not able to measure or consider in advance the possible impact of acquisitions on a bank’s condition or to determine whether the acquisition will affect the transparency of the bank’s organizational structure and affect the ability of CBR to supervise it.
Methods of Ongoing Supervision (CPs 8–10)
44. CBR has developed its risk based approaches since the last assessment and is in the early phases of introducing the next stage of risk based supervision. The introduction of the supervisory review and evaluation process (SREP) based on banks’ own internal assessments and the integration into the analytical approach of CBR is an important evolution. The first full implementation cycle will begin from 2017. Where CBR is less well advanced is in the field of resolution assessment and planning. It is necessary for CBR to have the legal power to require operational or institutional changes based on an assessment of the bank's ability to recover. From a forward looking perspective, CBR needs to remain alert to the potential for banks to seek to manipulate the regulatory perimeter and CBR must remain assiduous in using all forms of information available to it so that the potential for regulatory arbitrage does not arise.
45. CBR has reconfigured its organization of on and offsite supervisory functions since the last assessment. The role of the Chief Inspectorate, supplemented by the Authorized Representative where one is appointed, is central to confirming the quality of banks’ actual practice. In terms of reinforcing priority messages with the banks, though, CBR could invest in greater direct contact with the Boards as recommended by the Financial Stability Board. More systematic meetings and contact with firms in the context of delivering key findings of inspections should be introduced.
46. Structurally, CBR has been reorganized to support a risk-based focus and has established a separate division to supervise the systemically important banks. Institutions that are identified as systemically important banks, according to a methodology based on the Basel standard (Ordinance 3737-U) are supervised directly from Moscow, rather than through the CBR network. The methodology has been in force since July 2015 and the list of systemically important banks must be assessed and re-issued annually under the terms of the Ordinance. Capital buffers, consistent with the Basel approach, are applied to the systemically important banks.
47. CBR has strong powers and rights of access to information and uses its inspection process to obtain assurance on the substance and quality of information it receives. Despite the ability to obtain information and data from institutions, there are some missing elements. There is no requirement for banks to notify CBR in advance of any substantive changes or of material adverse developments. Notification requirements are almost all retrospective. Nor does CBR have the right to require the prompt notification of any material issue that has come to the attention of an external expert in the course of that expert’s work for CBR on a supervisory matter unless it is specifically within the scope of work that CBR has commissioned, although it should be noted that CBR has not yet commissioned work from external experts at the date of the assessment.
Corrective and Sanctioning Powers of Supervisors (CP 11)
48. CBR has a good track record in enforcing the law. It has a wide range of tools and sanctions to choose from and has applied multiple measures over the past years, including revocation of licenses. Certain decisions on sanctions are made public, which is a good practice. There are a few areas for improvement, however. Lack of clarity and transparency in the way laws and regulations are enforced (especially for AML purposes) has been mentioned by market participants, which in turn creates the sentiment that banks are disciplined even for minor problems. CBR supervisory actions should therefore be in most cases predictable, consistent, and proportionate. The amount of fines for AML breaches is also excessively low and not deterrent enough.
Cooperation, Consolidated, and Cross-Border Banking Supervision (CPs 12–13)
49. The framework for collaboration and coordination with domestic and cross-border supervisors is satisfactory. CBR is satisfied with the quality and effectiveness of existing cooperation arrangements, especially with Rosfinmonitoring in the area of AML/CFT and also with the DIA for resolution purposes. Removal of legislative obstacles to the exchange of supervisory information has allowed progress in the field of home and host supervisory cooperation. The legislation governing the CBR (Article 73) contains a potential obstacle to effective home-host practices as a foreign supervisory authority requires written consent to access the premises of a subsidiary established in Russia (foreign-owned branch establishments are not permitted). In practice this has not been an issue, however. Initial moves have also been made in terms of cross-border crisis planning and involvement in recovery and resolution plans for cross-border groups, now that the legal provisions are in place.
50. The legal and regulatory framework in respect to consolidated supervision has been significantly developed and enhanced since the last assessment. Notably, the changes include powers to act in the event of violations by the parent of a banking group, an enhanced scope of information exchange, and expanded definitions based on IFRS. The regulatory and legal changes are, nevertheless, still relatively recent and the practical application and supervisory practice based on the new framework is yet to be substantively demonstrated. The cross-border dimension of consolidated supervision is still mostly undeveloped. Some legal gaps remain and are a hindrance to CBR and relate to the perimeter of the consolidation. First, the supervisor may not require the closure of a foreign branch of a Russian bank. Secondly, the supervisor may not prevent the acquisition of a nonbank financial entity by a banking group.
Corporate Governance (CP 14)
51. Russia has taken several initiatives over the past years to improve governance in banks. The introduction in 2013 of articles 11.1 and 11-1-1 in the banking law is an important step forward as it provides a clear articulation of what the role of the Board of Directors should entail especially with regard to the promotion of CG principles within each credit institution. In 2014, the profound revision of the Corporate Governance Code was also an important step forward, even though it is still a non-binding instrument. New regulations and ordinances have provided more leverage to CBR to monitor and enforce CG related issues. The current regime for CG is governed by piecemeal regulations, which makes it difficult to understand. Moreover, the current norms are different in nature: some of them are binding, others are just optional (CG Code, CBR Letters) and as such not enforceable. Several important regulations pertinent to CG were issued in 2015, and some of them will not be enforceable before 2017. Thus, the current mission is not in a position to assess their effective implementation. Also, the deficiencies in governance policies are largely influenced by problems found in other areas, for example deficiencies in related party transactions and lending to affiliates on more preferable terms than those applied to non-affiliated parties.
Prudential Requirements, Regulatory Framework, Accounting and Disclosure (CPs 15–29)
52. Russia has made significant progress in improving the risk management supervisory and operational framework. In the past, the risk management regime was not deemed to be sufficiently robust. To address the situation, CBR initiated and completed several reforms aimed at improving the risk management regulatory regime. The most significant changes were made by the Federal law 146-FZ of July 2, 2013 that included new provisions in both the CBL and the law on banks and banking. The overarching objective was to increase CBR’s powers in relation to RM on the one hand and fostering RM processes in banks on the other. Also, Ordinance 3624-U on risk and capital management is a major step forward as it defines more clearly the responsibilities of the board of directors for developing and overseeing management of banks’ entire risk profile and the policies supporting the participation of (independent) directors in overseeing risk management decision-making. Equally important, this Ordinance empowers the CBR to impose Pillar II measures, including capital add-on. Further, Ordinance 3223-U of April 1, 2014 obligates banks to notify CBR when the head of RM has been appointed and sets the qualification requirements for head of RM, internal control, and internal audit functions, in particular the conditions to be met by the applicants in terms of academic background and professional expertise in relevant fields. There is, however, a lack of perspective on the effective implementation of this new regime in banks owing to the fact that key aspects have not been implemented yet.
53. The capital adequacy regime is consistent with international standards. The Russian framework for capital adequacy has been periodically updated to include Basel 2.5 and Basel III standards and was further amended by a series of reforms introduced in December 2015, most of which became effective in January 2016. All Russian banks are subject to Basel capital regulation on both standalone and consolidated levels. Capital adequacy standards applied on a consolidated basis are broadly consistent with those established on a solo level. Also, the implementation of the capital buffers has been assessed by the Regulatory Consistency Assessment Program (RCAP) as compliant with the Basel standard. CBR has implemented the capital conservation buffer, countercyclical buffer, and a systemic risk buffer from January 1, 2016, in line with the Basel standard. The effectiveness of the new Internal Capital Adequacy Assessment Process (ICAAP)/SREP regime remains to be assessed however. Pillar 2 has not been yet fully and thoroughly implemented. The ICAAP process is under way and CBR is still in the process of completing the first SREP cycle which will take some time before being fully operational. According to the timetable set by CBR, SIBs will have to submit their ICAAP by the end of 2016 and CBR will start reviewing their quality in 2017.
54. Risk management standards around credit risk, as with the other risk areas, are still in the process of being fully implemented. However, work in the field of credit risk, based on the activities of the Chief Inspectorate, coupled with the analysis of the curators and the work carried out on stress testing, puts the supervision of credit risk in a more advanced and developed position than that of other risks. CBR performs its own stress tests on the portfolios, monitors regional and sectoral trends, and performs considerable cross checking of information on major exposures.
55. Loan classification and provisioning are under close scrutiny but the level of NPLs remains a concern. Asset quality has deteriorated over the past months. NPLs have grown at a fast pace (especially in the household sector) and the depreciation of the ruble led CBR to take forbearance measures though the issuance of three letters of a temporary nature. These measures were introduced in December 2014 to help banks weather problems stemming from the decline in global oil prices, the Western sanctions over the Ukraine conflict, and the depreciation of the ruble. Some of these measures aimed to allow banks to restructure loans without making provisions or not to re-qualify borrowers in a lower category, under certain conditions (for example, if the problem of servicing the debt arose from the deterioration of macroeconomic conditions). These regulatory concessions expired in December 2015. However, in 2016 credit institutions were given the opportunity not to reclassify the borrower until the borrower has paid back the entire amount of the loan. In that context, it seems realistic to assume that a certain portion of rescheduled loans currently sits in a lower loan category. Only an Asset Quality Review would permit a clear assessment of the current NPL situation. Poor practices have been detected and led to enforcement action. CBR inspections reveal an important number of violations during assessments of asset quality, including lending to shell companies, overvaluation of collateral, misreporting and unreliable financial statements. Collateral valuation is another challenge. According to the discussion with both CBR and market participants, the valuation of certain collateral in particular, real estate is a difficult task in Russia. Appraisals are not reliable and external appraisers have not been trustworthy for many years.
56. The regulatory regime for concentration risk and large exposure limits has been improved. CBR has a wide range of powers to address situations where banks are taking excessive concentration risk, including the power to instruct the bank to mitigate the risk exposure when the concentration is deemed excessive. However, much of the progress made will not be measurable before 2017. For risk management purposes, for example, SIBs have begun to include the impact of significant risks—including risk concentrations—into their stress testing programs since January 1, 2016 only and for non-SIBs, this approach is set to start on January 1, 2017. The definition of economic linkages is not implemented yet, which undermines CBR’s ability to oversee the entire spectrum of concentration. The problem stems from the fact that the determination by CBR—and banks alike—of relatedness between customers connected economically will start to be implemented in 2017. In the same vein, the new regime concerning exposures arising from transactions of person(s) connected to the credit institutions itself will not be implemented before January 2017. It is noteworthy that according to discussions with market participants, the issue of large exposures is a matter of concern. Statistics from CBR on shareholder and insider credit risks confirm the general sentiment. In 2014, the large loan exposure of the banking sector grew by 34.9 percent to RUB 19.5 trillion. The share of large loans in the banking sector assets remained unchanged over the year and stood at 25.1 percent.
57. There are no specific requirements for management of country risk and transfer risk. The general risk management and internal control regulations apply. Country risk is assessed on an ad hoc basis as there are no specific guidelines or regulations for country or transfer risk outside of the general BCBS principles. As a result, the minimum requirements for risk policies, processes, and limits are uncertain. Several improvements are desirable in order to bring Russia to a higher degree of conformity, especially in the current context of ruble depreciation.
58. The framework for transactions with related parties is still weak despite recent progress. Important amendments have been introduced since 2015 to the CBR Law that streamline the legal regime applicable to Related Parties, particularly through a clearer and broader definition of RP. The role allocated to the Banking Supervisory Committee of CBR in deciding about the relatedness of the persons or a group of persons to the credit institution is another hallmark of progress. There are, however, a series of issues that have not been addressed or are not yet implemented and enforced. The definition of related parties arises from a “patchwork” of different legal sources, as opposed to being founded on a single non-ambiguous one. Further, the new regime concerning exposures arising from transactions of person(s) connected to the credit institutions will not be implemented before January 2017. Lastly, the regulatory framework for related party transactions does not require that lending to related parties be on same terms and conditions as those generally offered to the public. CBR made recommendations in that regard but they are not binding and thus not enforceable. Additionally, CBR lacks authority to impose penalties on directors who personally benefited from these favorable conditions.
59. Bank activities giving rise to market risk are not highly developed, and CBR’s powers to enforce risk management and control standards are very new. Historically, the volumes of tradable securities have been low and complex structured products do not feature. Although banks are not authorized to use models for Pillar 1 regulatory capital calculations, they may use economic capital models in the context of their internal capital adequacy assessment. Until 2014, CBR did not have the legal powers to enforce risk management and control standards. Implementation of the new risk management standards is at a very early stage, and a track record is not yet available.
60. The regulatory framework around Interest Rate Risk in the Banking Book—has been enhanced but many of the new provisions, including a greater emphasis on stress testing, are not yet fully in force. There are, at present, limited options available to banks in terms of instruments to hedge interest rate risk. In this context, it becomes even more important for banks to develop meaningful stress scenarios and build management strategies to allow the banks to withstand any future shocks that might manifest.
61. CBR liquidity metrics and risk management standards are well developed for systemic banks. The criterion for the definition of systemic banks includes international activity. At the time of the assessment, quantitative and qualitative standards and CBR’s scrutiny of banks with respect to liquidity was transitioning to the new standards. At this early stage, it is hard to determine the extent to which the new framework is fully in force and actively monitored. The full LCR metrics and management standards will not apply to the non-systemic banks, and for this sector it is not clear that CBR will have clear grounds to act if the supervisor is concerned by the risk management standards of the banks, notably in respect to funding risks.
62. Regarding supervision of operational risk, there are several aspects that would merit improvement. The corpus of norms that govern OR is detailed, but with the exception of Ordinance 3624-U and Regulation 242-P on internal controls, the rest of the relevant norms essentially consists of recommendations from CBR, which by their very nature are not binding. This is the case of Letter 76-T on the organization of OR at lending institutions and Letter 92-T on the organization of Legal Risk and Reputational Risk. CBR has also recommended that the industry adopt the BCBS Principles for sound management of operational risk, but these recommendations are not enforceable. It is advisable to convert CBR recommendations on OR into binding instruments with a view to establishing a general OR management framework that is comprehensive and mandatory.
63. There are significant differences between the supervisor’s powers in relation to internal and external control functions. The regulatory framework for the internal control environment has been refreshed within the past two years based on important new powers, which permit CBR to apply risk management and internal control standards. By contrast, there are material deficiencies in the legal framework, restricting the CBR’s ability to act and be effective in relation to the external auditor function. Current weaknesses in the regulatory framework mean that the supervisor may not: reject or rescind the appointment of an external auditor who has inadequate independence or experience or who does not meet professional standards; ensure rotation of the external auditor; or meet with the audit firm to discuss matters pertaining to a supervised institution. Likewise, the auditor may not notify the supervisor of serious matters that come to the auditor’s attention. Furthermore, it is unclear whether CBR has powers to ensure or directly require that the Board and management are held accountable for ensuring that financial statement are properly prepared and subject to an independent external auditor’s opinion according to international standards. In general, and reflecting the weaknesses of the legal framework, CBR’s relationship with the auditing community is restricted. It is not, currently, CBR’s practice to meet with the audit community, except on general matters.
64. CBR attaches importance to disclosure and transparency. CBR is entitled to and has exercised its powers to take measures in the event of non-disclosure of information, partial disclosure or unreliable information, a failure to conduct a required audit, or non-disclosure of the consolidated statements and the auditor’s report on them. CBR has exercised its powers under the law when assessing disclosure by banks and banking groups. Some of the disclosure standards are at early phases of implementation, but the Basel disclosure framework (Pillar 3, Market Discipline) is now in force.
65. With respect to combating money laundering/terrorism financing, CBR has made important progress but further improvements are needed. Banks are subject to close scrutiny, and CBR has been forceful against banks and their management which have committed grave violations of the AML regime. There are a few areas where improvements could be made; these include the promotion of a more risk based approach to ML/TF issues in both the industry and CBR; the use of more proportionality when enforcing the law; and the need to raise the level of compliance in banks regarding the verification of the ultimate beneficial owner and the inclusion of ML/TF risks into the scope of duties to be performed by external auditors.
|1. Responsibilities, objectives and powers||The legal framework currently in place reasonably provides the necessary powers to authorize banks, conduct ongoing supervision, oversee compliance with laws, and undertake corrective actions to address safety and soundness concerns. However, responsibilities and objectives of CBR are particularly broad and appear to be intertwined, while some functions seem to concur with the objectives related to safety and soundness of the banking system.|
|2. Independence, accountability, resourcing and legal protection for supervisors||CBR is a respected institution. While many governance, accountability, and transparency measures are in place, there are some issues of concern notably in respect of legal protection for staff and transparency of dismissal procedures. There is also scope for improvements in the arrangements for decision making in order to better support and communicate the objectivity and independence of CBR to external audiences.|
|3. Cooperation and collaboration||CBR is in a position to exchange information and to cooperate with home supervisors over Russian-based subsidiaries of foreign banks through a number of bilateral MoUs. Adequate information sharing arrangements are also in place with all relevant domestic authorities.|
|4. Permissible activities||There have been cases of financial pyramids in recent years that caused harm to more than nine thousand people. However, according to the CBR, in none of these cases the perpetrators have used in one way or another the words “bank” or “banking” to attract and defraud the customers.|
|5. Licensing criteria||The Russian licensing regime for banks appears exhaustive. The legal and regulatory framework provides CBR a set of instruments and tools to ensure that the licensing process is sound. The professional qualifications required for applicants could be strengthened.|
|6. Transfer of significant ownership||The vetting process of CBR for transfer of significant ownership has been significantly improved.|
|7. Major acquisitions||The regulation does not establish requirements for banks to seek prior CBR approval when making domestic investments in nonbank institutions.|
|8. Supervisory approach||CBR has developed its risk-based approaches since the last assessment and is in the early phases of introducing the next stage of risk based supervision using Basel Pillar 2 (ICAAP and SREP). Where CBR is less well-advanced is in the field of resolution assessment and planning.|
From a forward-looking perspective, CBR needs to remain alert to the potential for banks to seek to manipulate the regulatory perimeter, and CBR must remain assiduous in using all forms of information available to it so that the potential for regulatory arbitrage does not arise.
|9. Supervisory techniques and tools||CBR has developed a careful and scrupulous system of supervisory techniques, integrating its onsite and offsite approaches. Existing practices largely meet the terms of the principle, but there is no requirement for banks to notify CBR in advance of any substantive changes, or of material adverse developments.|
As CBR matures and develops its experience with risk-based supervision, there are some areas, in relation to the nature of communication and flexibility in the system, which merit attention to ensure that future practices remain as effective as necessary.
|10. Supervisory reporting||CBR has strong powers and rights of access to information and uses its inspection process to obtain assurance on the substance and quality of information it receives.|
CBR is introducing some valuable developments, including the establishment of a dedicated department to the issue of valuation; a move to an XBRL taxonomy for supervisory reporting; and CBR is now legally able and, in practice, poised to commission work from external auditors for supervisory issues.
CBR does not, however, other than in certain specific circumstances, have the right to require the prompt notification of a material issue that has come to the attention of an external expert in the course of that expert’s work for CBR on a supervisory matter.
|11. Corrective and sanctioning powers of supervisors||The enforcement arsenal is very broad, and CBR has used all corrective and sanctioning measures at its disposal, ranging from restricting banks’ activities to revocation of licenses. More forceful measures against senior executives and board members would be needed at times. Amounts of fines, particularly for AML/CFT, are not deterrent enough.|
|12. Consolidated supervision||Subsequent to the last assessment, the legal and regulatory framework in respect to consolidated supervision has been significantly developed and enhanced.|
The transformation of CBR into a “mega regulator” appears to have facilitated more systematic information sharing in relation to nonbank group entities as well as coordinated inspection programs. Nevertheless, CBR is at an early stage of making use of the new framework, and greater attention is needed with respect to groups that have foreign establishments.
|13. Home-host relationships||Despite legislative obstacles to the exchange of supervisory information, there has nonetheless been progress in the field of home and host supervisory cooperation. A number of colleges are active. Little progress has, however, been achieved at this stage on cross-border crisis planning or in group-wide recovery and resolution planning for internationally active groups.|
|14. Corporate governance||The current regime for CG is governed by piecemeal regulations, which makes it difficult to understand. Moreover, the current norms are different in nature: some of them are binding, other are just optional (CG Code, CBR Letters) and as such not enforceable.|
|15. Risk management process||Russia has made significant progress in improving the RM supervisory and operational framework. There is, however, a lack of perspective on the effective implementation of this new regime in banks owing to the fact that key aspects have not been implemented yet.|
|16. Capital adequacy||There have been significant achievements in fostering the national capital adequacy regime. The mission also recognizes the remaining challenges that CBR and the banking sector alike will face in the years to come. The impact of the prudential framework will depend to the greatest extent on the way banks will meet their new obligations (ICAAP) and how CBR will monitor and supervise them (SREP). These are critical challenges that remain to be evaluated going forward.|
|17. Credit risk||CBR has a comprehensive approach to the supervision of credit risk, combining offsite scrutiny with onsite investigation. CBR performs its own stress tests on the portfolios, monitors regional and sectoral trends, and performs considerable cross checking of information on major exposures.|
|18. Problem assets, provisions, and reserves||Fair-value determination is a big issue for the banking industry, even more so in a volatile environment. As a result, there is a concern that the existing valuation of collateral in the banking sector does not reflect the net realizable value, taking into account prevailing market conditions.|
|19. Concentration risk and large exposure limits||The ICAAP regulation 3624-U of April 15, 2015 contains new provisions on concentration risk. A decision has also been made to lower the maximum limit on a bank’s exposure to a single counterparty or a group of connected counterparties from 25 percent of the eligible capital to 20 percent, as recommended in the 2008 FSAP. CBR has a wide range of powers to address situations where banks are taking excessive concentration risk. However, the definition of economic linkages is not implemented yet, which undermines CBR’s ability to oversee the entire spectrum of concentration.|
|20. Transactions with related parties||Important amendments have been introduced since 2015 to the CBR Law to streamline the legal regime applicable to Related Parties. In particular, the law now captures a person or a group of people connected to the bank. The new regime on exposures arising from transactions of person(s) connected to the credit institutions will not be implemented before January 2017. The regulatory framework for related party transactions does not require that lending to related parties be on the same terms and conditions as those generally offered to the public. CBR lacks authority to impose penalties on directors who personally benefited from these favorable conditions. In the definition of connectedness, the concept of economic linkages has been introduced under the new Art. 64 of CBR Law but it will not be implemented before 2017.|
|21. Country and transfer risks||There are no specific requirements for management of country risk and transfer risk except for exposures on residents residing in off-shore zones.|
|22. Market risk||Banks’ activities giving rise to market risk are less developed than in some other jurisdictions, but market volatility—notably but not exclusively in foreign exchange—may leave some banks with less experience of market risk management more exposed. Until 2014, CBR did not have the legal powers to enforce risk management and control standards. Thus, in common with the other risk areas, the enhanced framework under Ordinance 3624 is valuable but as yet at a very early stage of implementation.|
|23. Interest rate risk in the banking book||As in other risk-focused areas, the regulatory framework has been enhanced but many of the new provisions that require banks to improve their management practices, including a greater emphasis on stress testing, are not yet fully in force.|
|24. Liquidity risk||For systemic banks, which includes all internationally active institutions, the CBR liquidity metrics and risk management standards are well developed and reflect the components of this core principle. The CBR’s understanding and responsiveness with respect to liquidity risk issues commands industry respect. The new standards are, however, not fully implemented yet CBR is at the outset of its scrutiny of whether the banks are meeting the new standards as intended.|
|25. Operational risk||The norms that govern OR, while detailed, are made up essentially of recommendations by CBR which, by their very nature, are not binding. The ordinance on ICAAP requires banks to have RM strategies, including for OR, but this new regime has not been implemented yet. Reporting mechanisms would also need to be improved. CBR does not have the authority to establish outsourcing requirements for credit organizations.|
|26. Internal control and audit||The regulatory framework for the internal control environment has been refreshed within the past two years based on the important new powers in the CBL (Articles 571 and 572) which permit CBR to apply risk management and internal control standards to supervised institutions.|
|27. Financial reporting and external audit||The deficiencies in the legal framework are such that CBR is either significantly restricted or entirely prevented from fulfilling a number of the criteria of this principle. It is of the utmost importance that legislation is passed to remedy these concerns as a matter of urgency. Current weaknesses in the regulatory framework mean that the supervisor may not: reject or rescind the appointment of an external auditor who has inadequate independence or experience or who does not meet professional standards; ensure rotation of the external auditor; or meet with the audit firm to discuss matters pertaining to a supervised institution. Likewise, the auditor may not notify the supervisor of serious matters that come to the auditor’s attention.|
|28. Disclosure and transparency||Some disclosure practices are still in the relatively early phases of implementation but CBR attaches importance to transparency measures and ensures regular disclosures on the performance of the banking sector through the banking sector review.|
|29. Abuse of financial services||CBR has made significant efforts to ensure proper implantation of integrity standards in the banking industry. CBR supervision of AML/CFT issues is intensive and intrusive. CBR also has a track record of enforcing AML/CFT requirements. CBR has raised awareness in the market on AML/CFT issues. Workshops devoted to the practical application of the AML/CFT Law have been organized with the participation of representatives of professional associations. Lastly, cooperation with other relevant domestic agencies has proven to be successful.|
Recommended Actions and Authorities’ Comments
A. Recommended Actions
|Reference Principle||Recommended Action|
|Principle 1||Include language in the CBR Law that would clearly segregate CBR’s safety and soundness duties from other assigned objectives.|
Allow CBR to have access to banking data older than five years.
|Principle 2||Introduce legal protection for staff who act in good faith.|
Introduce a legal requirement so that the reason for the dismissal of the Governor of CBR and the head of the supervisory function must be publicly disclosed.
Consider, through legal amendments if necessary, ensuring that Ministers or ministerial representatives do not participate as observers in Board discussions on regulations that govern banking supervision.
|Consider, though legal amendments if necessary, transferring the ownership of CBR to a different state body in order to confirm in a transparent manner, that there is no conflict between CBR as a supervisory authority and the other functions and objectives that CBR must fulfill.|
|Principle 3||Establish a formal mechanism of cooperation with the French Supervisory and Resolution Prudential Authority.|
|Principle 5||Amend the banking law to establish a life-ban from the banking industry of persons who committed gross and recurrent violations.|
Establish formal procedures to subject a newly established bank to follow up onsite inspection to ascertain that the bank is performing according to the terms and conditions of the license.
Establish formal mechanisms at the CBR head office level for interviewing applicants. The content and objective of these interviews should also be specified.
When a new bank belongs to a group, ensure that controlling/parent entity closely follows the performance of the new entrant.
|Principle 6||Include an explicit requirement obliging banks to notify the supervisor as soon as they become aware of any material information which may negatively affect the suitability of a major shareholder or a party that has a controlling interest.|
|Principle 7||Require ex-ante CBR approval of acquisitions of domestic nonbank financial institutions.|
Subject major acquisitions in non-financial companies to enhanced CBR scrutiny, in particular with respect to the compliance with limits.
Explore the possibility to set restrictions for major acquisitions in non-financial sectors deemed to pose particular concern.
Establish an explicit provision by which the supervisor determines, where appropriate, that new acquisitions and investments will not hinder effective implementation of corrective measures in the future.
Subject any major acquisition to a formal follow up mechanism to ascertain that the new activities acquired do not expose the bank to undue risks.
|Principle 8||Finalize and implement regulations on resolvability of banks and complete resolution assessments for all banks.|
|Principle 9||Introduce formal requirements for a bank to notify CBR in advance of substantive changes to its operation or structure and of any material adverse events.|
Introduce a policy of rotation for individuals who serve as Authorized Representatives.
Review CBR’s communication strategy with banks, to include a greater focus on the relationship with the Board (supervisory board) and to amend instructions and regulations as needed.
Review the CBR’s on and offsite internal supervisory processes to ensure maximum flexibility and swiftness of supervisory response.
|Principle 10||Introduce legislative amendments to grant CBR the power to require external experts to promptly notify CBR of material issues that come to the attention of the experts in the course of their work for CBR. The information notification requirement should not be restricted to the specific scope of the inspection but should include information that would be relevant to CBR for supervisory purposes.|
|Principle 11||Explore possible amendments to the CBR Law to:|
-permit CBR to take enforcement measures against shareholders who violated the law or CBR’s regulations, even if the violation is older than one year;
-augment the 30–day timeframe during which CBR has to send an order to a party who committed a violation; and
-provide CBR the possibility to impose changes in banks’ internal organization and structure.
Complete the revision of Instruction No. 59 on “Penalizing Credit Organizations for Violating Prudential Standards” so that criteria for sanctions used by CBR become more transparent.
Establish formalized guidelines for determining the quantum of an administrative fine.
|Principle 12||Build on and develop early current practices of group wide assessment of risks and exposures, with particular attention to cross-border issues.|
Assess the adequacy of supervisory practices in host jurisdictions where Russian subsidiaries and branches are established.
Establish an active and intrusive consideration of whether Russian subsidiaries and branches are subject to sufficient scrutiny by their own group management.
Introduce legal amendments to permit CBR to close foreign offices within the consolidated banking group.
|Principle 13||Continue to foster college practices and conclude crisis management and recovery and resolution planning for internationally active banking groups.|
Consider legislative amendment to remove the requirement for written consent from a bank to permit a foreign supervisory authority to have access to its offices.
|Principle 14||Include in relevant regulation a specific provision requiring a bank’s board to understand the bank’s and banking group’s operational structure that impede transparency (for example, special-purpose or related structures).|
Convert existing CBR recommendations on CG into binding regulations.
|Principle 15||Consider the proportion of resources dedicated to risk management—and internal control—in CBR’s onsite programs.|
Perform a horizontal review across the system, to ascertain the implementation of the new RM system, with a particular emphasis on the role of the Board towards developing and overseeing management of the banks’ entire risk profile.
|Principle 17||Introduce formal requirements to ensure that banks’ credit policies must identify size and risk thresholds above which approval must be granted by the Board or senior management.|
|Principle 18||Accelerate the process of amending the law to provide CBR with additional legal tools in the areas of provisioning and collateral valuation.|
|Principle 19||Conduct a horizontal review across the industry to verify the degree of conformity with Large Exposure Limit Requirements in light of the new statutory ratio N-25.|
Instruct the industry to increase efforts to establish a clear understanding of relatedness between customers’ connected economically.
Include in the inspection program for 2017/2018 an analysis of the way concentration risks have been included in banks’ risk management frameworks in light of the new ICAAP regime.
|Principle 20||Strengthen the definition of related parties, which appears neither organic (as it results from the combination of different legal texts) nor exhaustive (as it does not seem to cover all the cases envisaged under this Principle).|
Establish legal prohibition for related party transactions performed on more favorable terms than corresponding transactions with non-related counterparties.
Subject borrowers to the obligation to declare any relatedness with the bank.
Include in the law a provision requiring major shareholders to disclose their “business interests.”
Require banks to report immediately to CBR any serious breach of the statutory ratios applicable to RP.
|Subject banks with LLC status to the obligation whereby transactions with related parties and the write-off of related-party exposures exceeding specified are subject to prior approval by the bank’s Board.|
Define in a regulation the types of transactions that give rise to related party exposures.
Exercise control over the observance by credit institutions of calculated maximum risk per person related to a credit institution.
|Principle 21||Establish specific guidelines or regulations for country or transfer risk outside of the general risk management requirements and risk exposure to offshore residents.|
Establish specific policies to address provisioning for country and transfer risks.
Require detailed prudential return on country risk and transfer risks.
Ensure greater focus of oversight—both at onsite and offsite levels—on risks stemming from country (including sovereign) risks and transfer risks.
|Principle 22||Consider revising the Net Open Position limits in view of recent currency volatility.|
|Principle 24||Consider extending the risk management components of regulation 510-P to the non-systemic sector, in a proportionate manner, for example, in respect of the funding and contingency requirements, to ensure that banks have clear expectations and to assist CBR acting in as timely a manner as possible in the event of deficiencies.|
|Principle 25||Convert CBR recommendations on OR into binding instruments with a view to establishing a general OR management framework, comprehensive and mandatory.|
Provide further guidance and requirements based on the BCBS’s documents “Principles for effective risk data aggregation and risk reporting” of January 2013, “High-level principles for business continuity of August 2006, and “Outsourcing in Financial Services” of February 2005, which are applicable to banks and banking groups of all sizes and profiles.
Empower CBR to establish outsourcing requirements and issue mandatory requirements in that regard.
|Principle 27||The deficiencies in the legal framework should be urgently remedied so that the supervisor has powers to act in the following circumstances:|
It is also important that the auditor have the responsibility to notify the supervisor of serious matters that come to the auditor’s attention.
|Both the auditor and the supervisor should have legal protection in respect of the exchange confidential information.|
Prior to legal changes, and to the extent possible, CBR should foster a closer communication with the bank auditing community on issues of general interest and encourage, to the extent possible, discussion with audit firms on specific banks having obtained the requisite consent for exchange of information.
|Principle 28||Consider adopting some of the best practice approaches of some other leading regulatory authorities who publish information not only at the aggregate but also the individual (including group) level, such as time series on bank performance and risk indicators.|
|Principle 29||Increase intensity of supervision through targeted AML inspections.|
Promote a more risk based approach to ML/TF issues in both the industry and CBR.
Use more proportionality when enforcing AML laws and regulations.
Ensure further transparency of the criteria used to sanction banks in the AML area.
Ensure that external auditors pay attention to AML/CFT issues in their analysis of RM and internal control framework.
B. Authorities’ Response to the Assessment
The Russian Federation authorities truly appreciate professionalism, clear focus, and constructive approach of the assessment team in undertaking the assessment. Thanks to the smooth and efficient collaboration between the CBR and the assessment team, this complex project was effectively completed using limited time and resources dedicated to the exercise.
We are pleased to note that since the previous assessment substantial improvements have been made and this progress is recognized in the report. Due to the creation of a mega-regulator, banking supervision can obtain more information on the activities of banks, banking groups, and financial conglomerates. Amendments to legislation, including the expansion in Bank of Russia powers, have enhanced supervision over banks’ operations with other financial market participants. Moreover, the powers of the CBR to use professional judgment have been enlarged. The CBR is fully committed to further strengthening the supervisory framework based on BCP principles and other international best practices.
Among the banking risks, credit risk traditionally calls for special supervisory attention. Amid vigorous build-up of loan portfolios by banks, more attention is paid to the actual business performance of borrowers and their ability to service loans, and to the quality and adequacy of collateral used to adjust the value of created provisions. CBR bank supervision has approved a program for improving supervision and asset valuation. A new department will be established to assess the risk in all banks, and important legal amendments are being discussed in parliament to empower the CBR to make its own assessment of collateral values.
However, as some of the reforms are only being implemented, this has affected some of the grades. We recognize that the legal framework governing CBR’s relationship and interactions with external auditors is deficient. Important legislative changes (i.e., on information sharing, requirements for an external auditor) are being discussed in parliament.
CBR remains committed to implementing the new legal definition of related parties on January 1, 2017. Requirements for banks to enter into transactions with related parties on same terms and conditions as those generally offered to the public will be prepared for discussion as amendments to the banking law in order to address the current FSAP recommendation.
As to the management of country and transfer risks, CBR is of the opinion that country risk is partly addressed through general risk management requirements, risk weights in the capital adequacy calculations, classification of the borrower, and provisioning of operations with offshore companies. This said, CBR is now looking into the experience of other jurisdictions with this issue and approaches to building stronger regulation.
Regarding FX risk management in credit institutions, the CBR believes that it is relatively more developed in comparison with other types of market risk, as the first regulation on open FX positions limits (Instruction No. 41) was issued by the CBR in 1996, i.e., several years before the introduction of capital requirements for market risk, and since then it has been steadily improved.
As for liquidity risk regulation, the liquidity coverage ratio (the LCR) was introduced in compliance with the Basel III requirements since January 1, 2016, together with the corresponding reporting requirements on the LCR. This was confirmed in the final RCAP report on LCR implementation in Russia, issued by the Basel Committee on March 15, 2016.
Yet, the recent legislative changes enhancing CBR’s risk based approach may not have shown their full potential in practice. Thus the CBR regulations on ICAAP and SREP will increase the intensity of risk management, and future assessments may benefit from longer implementation in practice.
CBR is of the opinion that findings and recommendations of the assessment team on Core Principle 29—Abuse of financial services—are beyond the scope of the respective essential criteria. CBR will nonetheless take into account recommendations on the above matter.
The Russian Federation authorities welcome the possibility to enhance both regulation and supervisory practices and are now putting together an action plan to address valuable FSAP recommendations. Some of the approaches recommended for implementation in Russia require time for additional study.
The Russian Federation authorities would like to thank once again the assessment team for fruitful cooperation.
CBR, December 2015. Monetary Policy Report. http://www.cbr.ru/eng/publ/ddcp/2015_04_ddcp_e.pdf
Financial Stability Board, 2015. Peer Review of Russia.
Banks, insurance companies, pension funds, fund management companies, clearing companies, certain state unitary enterprises and state owned companies.
IAB 39 was replaced in July 2014 by IFRS 9 which will be adopted by 2018.
In order to obtain the certificate, professional competence of the applicant shall be verified through a qualification examination and the applicant should have a work record of at least three years in auditing or bookkeeping and preparation of the financial statements by the day of the results of the qualification examination.
Some of the firms send the audit reports to their Head Quarter offices for a final quality check.
CBR, 2013. Annual Report. http://www.cbr.ru/eng/psystem/general/ar_2013_e.pdf
CBR, 2013. Annual Report. http://www.cbr.ru/eng/psystem/general/ar_2013_e.pdf