|*Other loans may be given a more favorable classification than the delinquent loan on the basis of the quality of the collateral. Sources: BNB, CNB, BNR and NBS|
|It is however questionable whether their sophistication is necessary given the relatively simple character of Serbian banks and with the sometimes limited availability of reliable data. In practice, the judgmental element may lead to substantial interpretational differences between banks and the NBS, with potentially far-reaching consequences for provisioning. The scope for such differences of views was illustrated when NBS staff presented a case study on an existing bank. In this particular example, the NBS and the bank had diverging interpretation on 1/3 of the loan portfolio, with some of the differences being quite extreme.|
|Following onsite verifications, the NBS sometimes requires very significant reclassifications for a large portion of the loan portfolio; frequent allegations by some banks of an “utterly strict” stance of NBS show that the present regulation cannot adequately provide for security with respect to banks’ loan classification being adequate, consistent and transparent. NBS is recommended to consider whether a less elaborate and more precisely defined set of criteria would not better meet the needs of both banks and supervisors with respect to provide for a clear, transparent and broadly accepted classification framework for all types of loans.|
|In a similar vein, it is worthwhile to reconsider certain aspects of the provisioning guidelines for banks. For each class of exposures, the classification regime prescribes|
|wide provisioning brackets (see the table above); these brackets are established at respectively 1-2 %, 5-10%, 20-35 %, 40-75 % and 100 % for the classes A to E. The regulation does not provide further guidance as to the specific provisioning levels within these broad brackets. As for the classification in itself, this leaves scope for diverging interpretations with potentially important repercussions for provisioning. According to NBS-staff members, there is a strong tendency with banks to systematically provision in the lower end of the bracket. NBS inspectors, when performing onsite verifications, often face allegations of being unreasonably demanding.
The aforementioned case study presented by NBS illustrated that the potential impact of different judgments may be very significant. The joint impact of reclassification and resetting of provisioning levels within the existing framework was for the reviewed portfolio to increase the required provisions by approximately 50%.
As Serbia has introduced IFRS-reporting in full for financial institutions, the regular financial reporting is also IFRS-compliant. This implies that banks can only write off assets for incurred losses. The concept of provisioning for expected losses on loan portfolios is explicitly excluded in IFRS. The reporting on loan provisioning is thus, as under the regime of “prudential filters” within the EU5, a specific set of reporting documents, which are not based on banks’ statutory accounts, but rather on an internal assessment and classification, separate from accounting. Reports have to be submitted in electronic version on a quarterly basis. The offsite division of NBS’s Supervisory Department (SD) builds on this reporting to perform an analysis of each bank’s situation with regard to NPL ratios and to provisioning, both on a comparative basis and over time. It can, however, only review on a rather gross basis to what extent provisioning figures are in line with the imposed provisioning brackets imposed by regulation (see above). The result of the analysis is an important and standing part of the reporting to management of the SD on the global financial and prudential situation of each bank and of the overall sector.|
|Comments||The Serbian classification and provisioning rules are clear and prudent regarding the number of overdue days. This in itself justifies a compliant score for this BCP, as the judgmental elements regarding the borrower’s financial status and quality of the collateral allow for stricter classification than on the basis of timeliness of the payment alone. In practice, these qualitative elements and the practice of formulating brackets rather than minimum provisioning levels seem to create scope for differences in interpretation. In this context, it is recommended that the NBS consider to establish a more precise set of criteria for loan classification that meet the needs of both banks and supervisors with respect to provide for a classification framework for all types of exposures and for a provisioning regime that are clear, transparent and broadly accepted.
In the same effort NBS could consider whether the practice of automatically downgrading of exposures in foreign currency (i.e. exposures for which the methodology determined that change of FX has a negative effect on the borrower’s ability to fulfill its obligations or for which the bank does not apply prescribed methodology) is justified, given that unhedged exposures in foreign currency are also subject to higher risk weights. Due regard needs to be given, however, to the potential|
|for “forex-induced credit risk” in the loan portfolios of banks.|
|Principle 10.||Large exposure limits. Supervisors must be satisfied that banks have policies and processes that enable management to identify and manage concentrations within the portfolio, and supervisors must set prudential limits to restrict bank exposures to single counterparties or groups of connected counterparties.|
|Description||Following international best practices, large exposures are defined as exposures to a single person or a group of related persons amounting to at least 10% of the bank’s capital. The NBS applies a ceiling for exposures of a bank to a single person or a group of related persons of 25% of the bank’s capital. “Exposures” include on-balance sheet receivables as well as off-balance sheet exposure. Article 33 in Law on Banks prescribes a range of 400% and 800% of the bank’s capital, within which NBS can set maximum level of total large exposures in its bylaw. The Law on Banks grants the NBS considerable flexibility in defining groups of connected counterparties, which can include parties that are related in such a way that according to the NBS there is a real risk of transfer of losses (Art 2). The 2005 Law on Banks, which contrary to its predecessor provides the basis for consolidated supervision, has closed loopholes created by the conduct of supervision on a solo basis. The NBS commented that it generally has sufficient information to identify portfolio concentrations, but that it doesn’t receive the necessary information to highlight geographical concentrations.|
|Comments||It is recommended that reporting requirements are upgraded in order to allow the NBS to highlight geographical portfolio concentrations. However, given that Serbia is a geographically small country, this is not a material issue.|
|Principle 11.||Exposures to related parties. In order to prevent abuses arising from exposures (both on balance sheet and off balance sheet) to related parties and to address conflict of interest, supervisors must have in place requirements that banks extend exposures to related companies and individuals on an arm’s length basis; these exposures are effectively monitored; appropriate steps are taken to control or mitigate the risks; and write-offs of such exposures are made according to standard policies and processes.|
|Description||The Law on Banks’ definition of related parties covers the bank’s subsidiaries and affiliates and other parties under control of the bank, the direct business interest of key players of the bank and the business interests of family members. The respective provisions of the Law on Banks are drafted in a way that grants the NBS considerable flexibility in defining groups of related parties (Art 2). The Law on Banks explicitly forbids banks to grant more favorable conditions to related parties (art 37). Related party exposures are included in banks’ reporting requirements (Reporting Guidelines for Banks). However, as the NBS can apply a flexible definition of related parties, there may be scope for differences in interpretations between banks and supervisors.
Although the 2008 Decision on Risk Management clarifies the range of receivables (which includes off-balance sheet exposures) additional guidance as to which parties are considered related parties could be helpful. The NBS applies a limit of 5% of capital to exposures to a single related party, while the aggregate exposure to related parties may not exceed 20% of the bank’s capital (Art. 33). These limits are considerably stricter than the limits for exposures to a single or a group of connected counterparties, which may not exceed 25% of the bank’s capital. Art. 38 of the Law on Banks specifies that the beneficiaries from intended related party transactions are not part in the loan approval process. Prior board approval is required for granting loans to related parties,|
|except credits collateralized by either high quality debt securities or linked deposits.|
|Comments||The NBS’s flexible definition of related parties is helpful in deciding on a case-by-case basis whether material linkages exist. Additional guidance as to which parties are considered related parties would be useful in order to prevent differences of interpretation between the banks and the NBS as to which parties are related.|
|Principle 12.||Country and transfer risks. Supervisors must be satisfied that banks have adequate policies and processes for identifying, measuring, monitoring and controlling country risk and transfer risk in their international lending and investment activities, and for maintaining adequate provisions and reserves against such risks.|
|Description||Country risk is among the risk categories highlighted by the NBS in the Decision on Risk Management (p. 8-9). Country risk is defined as the risk of negative effects on the financial result and capital of the bank due to the bank’s inability to collect receivables for reasons arising from political, economic or social circumstances in the country of origin. Banks are required to define limits of exposure to country risk individually by a borrower’s country of origin, or by region in case of concentration of exposure on a specific geographic area.
In practice country risk receives limited supervisory attention. It is mostly left to banks to define limits and provisioning percentages and put in place appropriate risk management policies and procedures. Although this is understandable given that Serbian banks have only very limited foreign operations (besides transactions with parent banks), an upgrading of the supervisory practices is called for.|
|Assessment||Materially Non Compliant|
|Comments||An upgrading of supervisory framework for country risk, by issuing secondary legislation specifying the minimal requirements for managing country risk.|
|Principle 13.||Market risk. Supervisors must be satisfied that banks have in place policies and processes that accurately identify, measure, monitor and control market risks; supervisors should have powers to impose specific limits and/or a specific capital charge on market risk exposures, if warranted.|
|Description||Market risk is among the risk categories mentioned explicitly in the Law on Banks (Art. 32). The article obliges banks to prescribe special policies and procedures for identification and management of market risks and to report regularly to the bank’s exposure to market risk. In the Decision on Risk Management, the NBS defines market risks as the risks of negative effects on the financial result and capital of the bank caused by changes in the value of the portfolio of financial instruments. The NBS distinguishes between exchange rate risk and other market risks. For exchange rate risk, limits are in force to the maximum open foreign currency position that banks can take, which may not exceed 10% of its capital. In the context of the crisis this limit was temporarily relaxed to 20% of capital.
Guidance on other categories of market risks is less prescriptive. Other than the Decision on Risk Management, the NBS has not issued specific regulation on market risk. In assessing a bank’s exposure to the other categories of market risks, banks need to make an assessment of losses in normal and extraordinary market conditions. Loss limits need to reflect a bank’s levels of capital and income. Loss limits also must be commensurate with the assessed risk level and with the highest permissible loss in a specific time period. There is no requirement for banks to conduct stress tests and set up contingency planning mechanisms as part of market risk management. Banks|
|are required to regularly review their loss limits. Banks should also monitor market risks by engaging in daily examinations of trading book positions, compliance with set limits, and trading activity results. Reports on the examination of trading book positions shall contain a review of current and cumulative results at monthly and annual levels. The Serbian authorities indicated in the discussions that foreign banks in Serbia mostly have centralized risk management policies that are put to use in Serbia. Serbian subsidiaries use the same models for managing market risks as their parent banks, but the NBS requires adaptations to ensure adequacy for local operations. Model validation appears to be difficult due to lack of data and shortages of IT specialists. Limits are usually defined by the subsidiary and subsequently approved by the parent. The NBS noted that it is hard to determine whether limits are suitable given the overall characteristics of financial institutions.|
|Assessment||Materially Non Compliant|
|Comments||Although Serbian banks currently have relatively modest trading activities, the NBS is well-advised to step up supervisory area of market risk. The current supervisory approach focuses primarily on important procedural aspects, including verification whether an independent risk function and independent reporting lines are in place. In addition to issuing specific regulation on market risk, the NBS faces the challenge of taking market risk supervision a step further by assessing the specificities of the limits and their appropriateness given the overall characteristics of the institution involved. Scheduled Basel II implementation as of 2011 makes this an urgent issue.|
|Principle 14.||Liquidity risk. Supervisors must be satisfied that banks have a liquidity management strategy that takes into account the risk profile of the institution, with prudent policies and processes to identify, measure, monitor and control liquidity risk, and to manage liquidity on a day-to-day basis. Supervisors require banks to have contingency plans for handling liquidity problems.|
|Description||Liquidity risk is among the risk categories explicitly mentioned in the Law on Banks (Art 30). The NBS requires that the competent body of the bank adopts and enforces liquidity management policies, including a planning of projected inflow and outflow and liquidity monitoring. These demands are further substantiated in a recent Decision on Liquidity Risk Management. It requires proper control activities by the bank’s executive board, bank’s staff and staff responsible for liquidity management (Decision on Liquidity Risk, para 9), while Art 82 of the Law on Banks assigns final responsibility for internal controls to the Executive Board. The adequacy, reliability and efficiency of the arrangements is to be regularly assessed through internal audits.
Liquidity risk supervision by the NBS is based on standard liquidity ratios (see Gazette and in the Questionnaire dated May 15, 2009). This ratio is calculated as the sum of the bank’s liquid receivables divided by the sum of bank’s liabilities payable on demand or with no predetermined maturity and liabilities due within one month. The NBS applies the following requirements for the liquidity ratio:
Off-balance sheet receivables are excluded in the calculation of receivables, as are classified receivables in the “loss” and “doubtful” category. Weights are applied to banks’ liabilities with no agreed maturity, which includes a number of off-balance sheet items:
at least 1.0 if calculated as the average liquidity ratio for all business days in a month;
at least 0.9 for more than three days in a row;
at least 0.8 if calculated for one business day only.
40% of demand deposits by banks
20% of demand deposits by other depositors
10% of savings deposits
5% of guarantees and other sureties
20% of undisbursed irrevocable credit facilities.
|Banks are to inform the supervisor of any shortfalls within one business day. As of July 1, 2009 banks are also to have liquidity contingency plans in place.|
|Banks are required to adopt procedures to measure and monitor net cash flows on the basis of a gap analysis (i.e., by monitoring assets and liabilities for the remaining maturity period, measuring and comparing cash inflow and outflow, as well as by daily monitoring of net cash flow per maturity buckets). Banks are required to establish procedures for measuring and monitoring liquidity risk in significant currencies (euros, and to a far lesser extent Swiss francs and dollars) and in total amount. The NBS currently does not require banks to perform stress tests nor frequently review underlying assumptions. The current regulatory framework also does not explicitly require that the impact of other risks (e.g. credit, market and operational risk) to bank’s overall liquidity strategy is taken into consideration.|
|With liquid assets accounting for 42% of total assets, and covering 67% of short-term liabilities, Serbian banks are quite liquid. Loans to deposits currently stood at around 100 percent in June 2009. Liquidity was tested in October following a bank run during which almost 20 percent of household savings deposits were withdrawn, but more than a half of the withdrawn deposits have returned.|
|Comments||The NBS should consider enhancing the current secondary legislation in the area of liquidity risk management in a number of aspects in order to ensure that the impact of other risks (e.g. credit, counterparty market and operational risk) is taken into account in the bank’s overall liquidity strategy. This could be done by upgrading the elements of the BIS’s Principles for Liquidity Risk Management into secondary legislation.|
|Principle 15.||Operational risk. Supervisors must be satisfied that banks have in place risk management policies and processes to identify, assess, monitor and control/mitigate operational risk. These policies and processes should be commensurate with the size and complexity of the bank.|
|Description||NBS has issued partial regulation on operational risk, in particular on business continuity planning for banks under the general legal provision on proper organization and internal control. It requires banks’ boards to approve strategies and procedures for ensuring adequate management of certain aspects of operational risk under all circumstances. There is, however, no comprehensive guidance or regulation on operational risk overall.
As part of the onsite inspection plans a review of the effective implementation of the strategy for BCP set by the bank’s boards and of the relevant procedures is performed. The effectiveness of this check is however significantly hampered by the absence of adequate IT-audit capacity within the onsite division. Given that the quality of IT-systems and of IT-security is a cornerstone of operational risk management, this is a major weakness in the overall approach to operational risk mitigation with banks by NBS.|
|Within the information obligations for banks towards the NBS, it is clearly stipulated that banks need to inform the NBS about major incidents potentially affecting business continuity or operational integrity of banks’ internal systems and processes or entailing potential losses over a certain threshold.
The NBS’s regulations on outsourcing are broadly in line with the requirements of essential criterion 8. They could, however, be upgraded by fully aligning them with international best practices; for example, the guidance issued by CEBS, particular with regard to control environment and internal audit.|
|Comments||The NBS is strongly recommended to prioritize capacity building with BS’s onsite division for allowing it to fully and adequately assess all aspects of banks’ operational risk management.|
|Principle 16.||Interest rate risk in the banking book. Supervisors must be satisfied that banks have effective systems in place to identify, measure, monitor and control interest rate risk in the banking book, including a well defined strategy that has been approved by the Board and implemented by senior management; these should be appropriate to the size and complexity of such risk..|
|Description||The NBS provides general guidance for the management of interest rate risk in the Decision on Risk Management, but it has not issued specific regulation on the topic. The NBS distinguishes (i) maturity mismatch and repricing risk, (ii) base risk and (iii) optionality risk. It requires banks board and management to set and review strategy, set loss limits and set up procedures for managing, monitoring and mitigating interest rate risk in the banking book (IRBB). Through onsite inspection, i.e. by verifying compliance of reporting requirements NBS monitors banks’ exposure to and management of IRBB. The activities of Serbian banks as of today are not overly sophisticated and do therefore not put high demands to the standards for IRBB management. This may change as the Serbian financial sector grows and engages in more complex activities.
Through prudential reporting, the NBS ensures adequate follow-up on IRBB risk. It requires banks, in particular those with potential significant impact, to periodically perform limited types of scenario testing with respect to potential impact of IRBB.|
|Comments||It is recommended that the NBS issues specific regulation on IRBB, so as to provide banks with appropriate guidance.|
|Principle 17.||Internal control and audit. Supervisors must be satisfied that banks have in place internal controls that are adequate for the size and complexity of their business. These should include clear arrangements for delegating authority and responsibility; separation of the functions that involve committing the bank, paying away its funds, and accounting for its assets and liabilities; reconciliation of these processes; safeguarding the bank’s assets; and appropriate independent internal audit and compliance functions to test adherence to these controls as well as applicable laws and regulations.|
|Description||Internal control and audit requirements are anchored in Art. 82 of the Law on Banks, which contains strict governance standards for banks. Overall corporate governance principles are in accordance with international standards. The responsibilities of board and executive management are clearly delineated and ensure proper oversight and control over banks’ operations, organization and financial position.|
|The NBS has full authority over the appointment and removal of board and executive management members. It can remove members whenever they no longer meet fit and proper standards or when they no longer fulfill their responsibilities. The NBS has issued guidance on internal control and internal audit in banks in line with international good practice based on Art 82 of the Law on Banks. Generally accepted control features, including an appropriate division of responsibilities between the operational, recording and supervisory functions of banks and “four eyes principle” are included.|
|Banks are required by law (Art 85 Law on Banks) to establish an independent internal audit function. Its responsibilities need to be clearly defined. The principles in Art 85 ensure independency of the internal audit function and adequate reporting lines towards management and board. Internal audit is required to cover all activities of the bank to ensure the integrity and respect of its systems and internal controls. It has full access to all staff and to all functions, systems and records of the bank. There is, however, no explicit requirement ensuring that internal audit also has full access to outsourced functions.
Although there is a requirement for banks to establish an equivalent of an audit committee (Committee for Monitoring Business Activities of the Bank), its features are not fully in line with international practice in that it only requires one independent director.|
|According to Article 83 of the Law on Banks, Serbian banks are required to have a compliance function. The definition of its role and responsibilities is inspired by international good practice, but the scope should be broadened somewhat. Compliance should indeed fully cover all domains where breaches of laws or regulations potentially expose the bank to reputational risk.|
|Comments||NBS is encouraged to align the scope of compliance function formally to international best practice. Furthermore, particularly the reporting line of internal audit could be enhanced by the requirement to install an audit committee according to international standards.|
|Principle 18.||Abuse of financial services. Supervisors must be satisfied that banks have adequate policies and processes in place, including strict “know-your-customer” rules, that promote high ethical and professional standards in the financial sector and prevent the bank from being used, intentionally or unintentionally, for criminal activities.|
|Description||The Law on Anti-Money Laundering (AML) and Combating the Financing of Terrorism (CFT; “RS Official Gazette” No. 20/2009) constitutes the legal framework in the area of anti-money laundering. In addition to the FIU (APML) and the NBS, other domestic agencies involved in supervision are the Securities Commission, the Tax Administration, the Ministry of Finance, the Bar Association and the Chamber of Licensed Auditors. The APML is a member of the Egmont group since 2003. Cooperation between the NBS and the APML seems well-established. The NBS and the APML have an MOU, enabling the exchange of all relevant information. Material problems related to AML/CFT are reported to the NBS, while individual suspicious transactions are reported to the APML (which may subsequently report to the NBS). The NBS exchanges AML/CFT information only with home supervisors with which it has an MOU.
When conducting full-scope bank investigations, as well as targeted AML/CFT|
|investigations, it is standard routine that the AML specialist of the NBS has a pre-inspection meeting with the APML to receive information about the respective bank. On full-scope inspections, it is also customary that a staff member from the Division for Supervision of Payment and Exchange Operations, which within the NBS is responsible for AML supervision, joins the inspection team. In addition, the NBS also conducts focused AML investigations staffed by the Division for Supervision of Payment and Exchange Operations only. Priorities are defined on the basis of a questionnaire that is sent every 6 months to banks. Aggregate results are posted on the internet.|
|The NBS indicated that, according to APML’s reports, an upward trend was recorded in the number of Suspicious Transactions Reports (STRs) in the total banking sector. NBS has the right to activate the general remedial action framework for non compliance with AML and CFT requirements and it may also impose fines. The APML is required by law to report infringements to the public prosecutor. Banks are obliged to: identify and verify the customer, identify the beneficial owner, obtain information on the purpose and intended nature of a business relationship or transaction, and regularly monitor business transactions of the customer and check the consistency of the customer’s activities with the nature of the business relationship and the usual scope and type of the customer’s business transactions when carrying out a transaction of EUR 15,000 or more, irrespective of whether the transaction is carried out in one or more than one connected operations (Art. 8 and 9 AML/CFT Law). The NBS has relied especially on fines to improve reporting discipline in the financial sector. The minimum content of the know-your-customer (KYC) policies are established in secondary legislation and applies to all financial intermediaries under NBS supervision. The respective Decision covers amongst others: (i) client acceptability considering the level of AML/CTF risk, (ii) classification of clients in risk categories and based on risk factors (iii) customer due diligence, (iv) management of AML/CTF related risks, to which the bank is exposed and (v) training programs.|
|Serbian banks are required to appoint compliance officers (Art. 39, Law on AML and CFT). The compliance officer reports directly to management and is to be given unfettered access to access to data, information, and documentation relevant for his tasks, appropriate human, material, IT, and other resources. The compliance officer enjoys legal protection with respect to disclosure of data and for other legal procedures which may affect performance of his duties. The NBS is not aware of any pending lawsuits against compliance officers. The current Law on AML and CFT does not require banks to systematically screen newly hired personnel. Reporting financial institutions and their employees are notliable for any damage done to customers or third parties for sending AML/CFT data to the APML data and for executing orders of the APML to temporarily suspend execution of transactions or to monitor the financial transactions of a customer (Art.75, Law on AML and CFT).|
|The bank shall not establish or continue a loro correspondent relationship with a bank whose seat is located in a foreign country if a bank has not established a system for the prevention and detection of money laundering and terrorism financing or is not required to apply the regulations in the area of prevention and detection of money laundering and terrorism financing in accordance with the regulations of the foreign country in which it has its seat, or where it is registered (Article 29 (4) AML/CFT Law). Loro correspondent banking relations of Serbian banks with countries that are listed as non-compliant with the international AML/CFT standards at the European Union level|
|or higher, are subject to a enhanced due diligence requirement. The requirements include obligation to: identify and verify the customer, identify the beneficial owner, obtain information on the purpose and intended nature of a business relationship or transaction, and regularly monitor business transactions of the customer and check the consistency of the customer’s activities with the nature of the business relationship and the usual scope and type of the customer’s business transactions, as well as: date of issue and period of validity of the banking license and the name and seat of the competent body of the foreign country which issued the license, description of the system for the prevention and detection of money laundering and terrorism financing in the country of the seat is located, or where the bank has been registered, a mandatory description of internal procedures concerning the prevention and detection of money laundering and terrorism financing, and particularly the procedures regarding customer due diligence, transmission of data on suspicious transactions and persons to the competent bodies, record keeping, internal control, and other procedures adopted by the bank, a written statement of the responsible person in a bank stating that the bank in the state of seat or in the state of registration is under supervision of the competent state body and that it is required to apply the regulations of such state concerning the prevention and detection of money laundering and terrorism financing (Art 29(1) Law on AML and CFT). A written statement stating that the bank does not operate as a shell bank is also required, as well as written statement that the bank does not have any business relationships and or transactions with a shell bank.|
|Comments||Banks should be required to conduct screenings of new staff as a matter of routinge. While loro correspondent banking relationships are subject to an enhanced due diligence regime, consideration could be given to prohibiting correspondent banking relationships with non-compliant countries altogether.|
|Principle 19.||Supervisory approach. An effective banking supervisory system requires that supervisors develop and maintain a thorough understanding of the operations of individual banks and banking groups, and also of the banking system as a whole, focusing on safety and soundness, and the stability of the banking system.|
|Description||Thanks to comprehensive reporting requirements (see BCP 21) NBS has ample information on all relevant aspects of its banking sector at its disposal. Through analysis of individual data and compilation of aggregate figures it has a good overview of the state of affairs at individual banks as well as the banking sector at large. For this purpose, NBS uses a CAMEL-based methodology. This methodology not only ensures consistency in the supervisory approach towards individual banks, but it is also put to use as a planning and prioritization tool, such as for onsite inspections.
Although there is no formalized procedure for a prudential check on new banking activities, the NBS’s analysis performed allows for adequate insight into the risk profiles of banks, while reports on inspections facilitate the periodical assessment of their internal control. No formal analysis is currently made of banks’ business focus, but the banking sector is at present not very sophisticated and NBS appears to be well aware of the business development of both individual banks and the overall sector.
Peer group analysis as well as comparison to the overall sector (both on a cross-sectional basis and through time), both in terms of averages and of time-series, are performed and allow for proper positioning of each institution. The relationships with parent banks and the limited availability of information on their groups may somewhat hamper these efforts, but do not fundamentally affect their effectiveness. Enhanced|
|international cooperation should provide NBS with a clear view on the structure, strategy and financial position of groups to which Serbian banks belong.
Scenario analysis is used as a way to add a forward looking element to the supervisory approach. To this effect, the banking supervision department cooperates with other departments within the NBS to define appropriate adverse scenarios for such tests. Serbia has at an early stage detected the risks inherent in the rapid development of consumer credit. It has attempted to slow down the growth of this segment, by imposing caps on the consumer credit-capital ratio and through raising risk weights for unhedged unsecured foreign currency lending. The information systems designed for supervisory application, i.e. for financial and for macro-prudential analysis, for registering general information on banks and for performing ad hoc analysis (including stress testing) appear to be performing and reliable. There is, however, room for enhancing the effectiveness of the macro-prudential approach by developing full early warning systems that allow for preventive action in view of evolutions within the banking sector.|
|Comments||NBS is recommended to further formalize its policy and procedures with regard to analysis at the sector-level. The present approach seems broadly adequate given the current size and complexity of the Serbian banking sector and full compliance is within reach. The framework could however be made more forward looking, e.g., by developing a full early warning system.|
|Principle 20.||Supervisory techniques. An effective banking supervisory system should consist of on-site and off-site supervision and regular contacts with bank management.|
|Description||In addition to the Banking Supervision Department, the NBS has departments for the supervision of insurance companies and voluntary pension funds. The NBS has organized its Banking Supervision Department (BSD) in four divisions, of which offsite analysis and onsite inspection employ some 20 staff members each. There is a legal division (separate from NBS’s overall legal department) that employs 11 people, a small division (3 staff members) for research and finance and a large division for the supervision of exchange offices and payment systems (40). The latter will be split-up by year-end, as supervision of exchange offices is being brought under the auspices of the MoF. The remaining staff will be in charge of payment systems and of AML/TF matters for the whole department. The offsite division has also two special units under its auspices, of which one is dedicated to Basel II implementation (4) and the other to stress-testing (3). The remaining staff is divided into four portfolio-teams, each of which is headed by a portfolio manager6. Portfolios are constituted according to the country of origin of the parent bank. The domestic banks (both private and public) are divided evenly over the four teams.
The offsite analysis department can build on an extensive reporting framework (BCP 21). Reporting inputs enter a comprehensive database that is readily accessible for analytical purposes to management and to the supervisory staff directly concerned. This allows for a comprehensive and well structured information gathering on all key elements for assessing the bank’s financial position, profitability and risk profile.|
|The NBS has set up a semi-automated analysis system over these reports that provide|
|reasonable assurances for consistency and adequacy. For each bank a set of standardized analysis reports is produced and made available to offsite staff7|
|Moreover, all offsite staff have recourse to a proprietary exploitation program (an enhanced “ACCESS”-program). This allows for deeper or more focused analysis whenever deemed necessary by the offsite staff or by management.|
|Financial analysis is combined with qualitative assessments of banks’ organization and management. This qualitative assessment is performed on the basis of the reporting|
|from onsite inspection (see below). The end result is consigned in a CAMEL-based rating system, which was recently updated for better capturing the qualitative aspects of NBS’s assessment of banks.|
|Both for the analysis as such and for the reporting to BS and NBS management on banks’ position, evolution and risk profile, the department head is elaborating with its team a procedures manual, that is in an advanced stage of preparation. It should better ensure the adequacy and consistency of internal processes and procedures for quantitative analysis.|
|Portfolio managers fulfill a key role in the supervisory process. They are in charge of:|
coordinating the overall supervisory approach towards each bank; i.e., defining key elements of its risk profile, proposing prioritization within inspection planning, setting precise timing and planning for supervisory tasks and proposing corrective measures and sanctions for decision;
drafting quarterly reports to NBS management summarizing the main outcomes of the analysis of a bank’s financial position and risk profile, the main findings of onsite inspections, other significant elements gathered through contacts with banks staff and management, prior remedial or sanctioning measures taken (if applicable) including follow-up and the position of the bank within pre-defined peer groups. This report is comprehensive but also rather extensive, covering at least four pages of explanatory notes and several pages of supporting tables and graphs;
proposing, on the basis of the information gathered by offsite and onsite, to management potential remedial measures and/or sanctions for consideration and monitor follow-up;
acting as the primary point of contact with banks, both for information gathering by NBS and for responding to banks’ requests for information and guidance.
|The offsite division is also involved in the licensing process with particular emphasis on the “economical” aspects (business plans, capital planning). Inspections by the onsite division mostly follow the annual inspection plan developed by the portfolio managers (see above). The annual inspection plan is submitted to the Supervisory Review Committee (SRC) for approval. This planning covers|
|comprehensive inspections of designated banks and targeted inspections, addressing specific topics for all or a set of banks. The planning leaves room for inspections “on demand” whenever deemed necessary. The present staffing allows for an inspection cycle of “full scope” inspections over three years; on average, full-scope inspections last five weeks (three weeks onsite and one week for preparation and report writing).|
|Inspections are performed by teams under the coordination of team leaders. Teams usually consist of some four members, but the actual size may vary. Each team operates under the responsibility of a team leader. Employees need to have a minimum of five years of work experience to assume the role of team leaders. However, at present there are not enough experienced inspectors to ensure an adequate supply of team leaders. Most inspectors have a broad range of skills, but are somewhat specialized in specific areas. The pool of auditors is however small and some specialist skills, in particular in IT audit are practically unavailable within the supervisory department at the NBS.|
|An inspection manual has been elaborated, covering most areas or onsite tasks. The manual is at present under review since the preparation of Basel II implementation requires a shift in emphasis from mere compliance checking to qualitative assessment of organization, systems, processes, procedures and manuals. The need to review compliance with loan classification and provisioning (BCP 9) absorbs a relatively large amount of human resources and thereby limits the potential to fully perform this shift in the near future. An additional element in this respect is the modest contribution of external auditors8, which subsequently leads onsite teams to dedicate significant time to verifying the adequacy of internal and prudential reporting systems with banks.|
|Inspection reports are reviewed by the division head and submitted to the portfolio managers in the offsite division. They are discussed and submitted to NBS management with a proposal for remedial action, if required. The reports are then transmitted to the bank’s management and governing board for comments and response and the action plan is finalized. Banks are obliged to report to the NBS about their compliance with recommendations. Usually, banks’ compliance with recommendations is also subject to targeted follow-up inspection.|
|Comments||NBS’s management is recommended to strengthen capacity building in the on-site and off-site division, both in quantitative and in qualitative terms, as a priority. To this effect NBS management should consider all elements that can contribute such as budgeting issues, career planning, professional status, education opportunities, salary structure and growth and career perspectives. In particular the need to provide for IT-audit capacity with the onsite division is crucial to enable the division to fully adopt a more risk-based approach and to perform adequate qualitative assessments as required under Basel II.
The current focus of onsite on compliance checking needs reconsideration if NBS intends to further pursue full implementation of Basel II, as this requires onsite to shift its focus predominantly to qualitative assessment of banks’ organization, systems and management.|
|Principle 21.||Supervisory reporting. Supervisors must have a means of collecting, reviewing and analyzing prudential reports and statistical returns from banks on both a solo and a consolidated basis, and a means of independent verification of these reports, through either on-site examinations or use of external experts.|
|Description||Based on art 101 of the Law on Banks, NBS has put in place a comprehensive|
|reporting regime. The NBS follows a quarterly reporting cycle for structural analysis (balance sheet structure, breakdown of deposits and loan portfolios) and detailed data facilitating the monitoring of banks’ CAR. Mandatory reporting items include the composition of capital, major deposit-holders, fixed assets and financial investments and exposures top related parties. More detailed tables need to be reported on asset classification, overall credit risk, impaired loans, large exposures, trading book, several elements of market risk and risk weighted assets (both on and off balance sheet). The NBS requires monthly reporting on balance sheet and P/L-account, cash-flow, total deposits and loans and trading book. For liquidity and forex-exposure daily reporting is required. Temporary special ad hoc reporting is required upon the announcement of capital operations by the bank, in special circumstances9 or when specific measures have been taken as part of economic policy.10|
|Reporting is submitted electronically; it is subject to a number of (automated) internal consistency tests and to a (manual) test of probability (in order to check consistency over time). An automated analysis tool provides for standardized exploitation of reports and for delivering standardized analysis reports to offsite analysts.|
|The lack of regular certification by banks’ external auditors of prudential reporting and/or of the integrity and/or reliability of their reporting system is a weakness in the reporting process. There is no formal certification process for prudential reporting and its quality is thus only assessed at comprehensive inspections, such as on average once per two to three years. Although there are no shortcomings that raise concerns about the reliability of reporting,11 the quality thus virtually untested over relatively long periods of time.|
|Comments||The reporting regime is comprehensive and the exploitation systems within the NBS are adequate to ensure effective information gathering and analysis. It is however recommended that the NBS takes additional steps to ensure the reliability of reporting through more regular certification. This would require cooperation with external auditors (see BCP 17). The extent of reporting is sometimes criticized by banks as excessively burdensome, which is exacerbated by a perceived lack of consistency with international practices. The NBS could consider redesigning its reporting requirements along the lines of EU-practice12, taking into account best practices in internal management reporting of Serbian banks. It should aim to minimize the additional reporting burden without losing content.|
|Principle 22.||Accounting and disclosure. Supervisors must be satisfied that each bank maintains adequate records drawn up in accordance with accounting policies and practices that are widely accepted internationally, and publishes, on a regular basis, information that fairly reflects its financial condition and profitability.|
|Description||Serbian accounting legislation has been brought in full compliance with IFRS standards. All banks are required to publish financial reports and additional information according to IFRS disclosure standards. The governing board is ultimately responsible for banks’ annual reports and financial statements.|
|Annual reports are deposited at the NBS and are to be published on the banks’ websites. Major banks publish their audited annual reports in the national press. A project is under finalization to entrust the deposit of reports to a unit at the Ministry of Economic Affairs and to enhance the publication obligations, as part of Basel II preparation (Pillar III). This could further improve access for the general public.
Accounts of banks are audited and certified by external auditors, who need to be licensed to this effect by NBS. Besides the “Big 4” also a small number of local auditing firms is present in Serbia. The NBS approves the appointment of external auditors and can request banks to revoke their designation. NBS receives external auditors’ reports. In extreme circumstances, the NBS may require them to perform specific verifications on its behalf.
There is an obligation for banks to publish both qualitative and quantitative information on their risk exposure and/or risk management strategy according to IFRS. NBS publishes on a regular basis aggregate data on the banking sector and other segments of the financial sector, with the exception of securities brokers. The latter are, however, of limited significance as of today.|
|Comments||Disclosure requirements for banks should be further enhanced to bring them fully in line with international standards under Basel II. Furthermore an update of the NBS’s instruction for bank accounting with a view on bringing it fully in line with international best practice is suggested. It is strongly recommended that the NBS discuss with the audit profession the issuing of a joint paper outlining the specific audit methodology for banks. The NBS and the audit profession could also explore modalities through which the contribution of the external auditors to the supervisory process can be enhanced, starting with their role in the periodical certification of banks’ prudential reports and/or of their reporting processes.|
|Principle 23.||Corrective and remedial powers of supervisors. Supervisors must have at their disposal an adequate range of supervisory tools to bring about timely corrective actions. This includes the ability, where appropriate, to revoke the banking license or to recommend its revocation.|
|Description||The NBS has a wide spectrum of corrective actions at its disposal. The legal framework is defined in the Laws (Art. 110-120), bylaws and internal procedures. The framework consists of the following categories of corrective actions: (i) written warnings, (ii) ordering letters, (iii) a formal NBS Decision to eliminate irregularities, (iv) appointment of receiver and (v) removal of the license of the bank. The measures are further specified in the Decision on Detailed conditions and manners of conducting supervision by the National Bank of Serbia. Banks subject to corrective actions are obliged to report regularly to the NBS and deadlines are in force. The framework is in the process of being expanded, with enhanced responsibility and authority for receivers in the pipeline - including the capacity to impose a temporary moratorium. In addition, the NBS can impose temporary measures, which allows the NBS to react preemptively to observed irregularities, such as liquidity shortfalls. The NBS has the authority to impose fines, either on banks or on individuals within the banks (including members of management or the executive board). In practice, the NBS relies most on ordering letters. It has never used its right to withdraw licenses and only in one recent case a receiver was appointed. MOUs have been established with other relevant supervisors, but the NBS indicated that coordination should be strengthened in practice. This seems most relevant for home supervisors of parent banks (see BCP 25) and (domestically)|
|the Securities Commission.
In addition to the aforementioned corrective actions, the NBS has the authority to impose fines (Art. 137-141) and it can remove and suspend members of the Board of Directors and of the Executive Board (Art. 118) for failing to meet the requirements of the Law or for being responsible for irregularities. It may also order a bank to increase capital, restrict activities, rationalize the organizational structure or suspend the pay-out of dividends (Art. 116).
In order to impose these measures, the NBS observes the principle of proportionality according to Art. 120. In choosing the particular corrective action, it also takes the responsiveness of management to corrective actions and the importance of the respective bank for the Serbian financial system in consideration (Art. 120). In applying its remedial powers, the NBS acts upon information made available through onsite inspections and offsite reporting. The NBS indicated that on average, around half of the onsite inspections results in some sort of formal corrective actions or sanctions, the latter being mostly fines. Proposed corrective and sanctioning measures and fines are submitted for approval to the SRC. A specific proposal is drafted by the Legal department upon approval by the SRC, which is subsequently submitted for approval to the vice-governor and is ultimately signed by the governor. On average, the procedure takes some two weeks. The “checks and balances” are deliberately built in to ensure objectivity and consistency in the application of the instruments, although the NBS indicated in the self-assessment that the procedure prevents the NBS from acting quickly in the face of observed irregularities.|
|Comments||Main priorities are the strengthening of cooperation with other involved supervisors—both domestically and internationally—and ensuring that internal procedures do not prevent the NBS from acting speedily and decisively in the face of serious irregularities.|
|Principle 24.||Consolidated supervision. An essential element of banking supervision is that supervisors supervise the banking group on a consolidated basis, adequately monitoring and, as appropriate, applying prudential norms to all aspects of the business conducted by the group worldwide.|
|Description||The NBS not only supervises banks, but also leasing companies, insurance undertakings and pension funds. Following the enactment of the 2005 Law on Banks, the NBS conducts supervision of banking groups on a consolidated basis (Art. 122). It is therefore in a favorable position to conduct proper consolidated supervision over banking groups whose controlling entity is established in Serbia. Only for securities brokers is supervision entrusted to a separate authority, with which the NBS has a MOU on the exchange of information. Only one Serbian bank has established subsidiaries abroad and the NBS has concluded an MOU with the two host supervisors concerned.
The NBS exerts due diligence with regard to shareholder-structures over banks, their transparency and their potential impact on supervision. Since Serbian banks are not authorized to acquire significant or controlling stakes in non-financial companies, NBS can be expected to have a comprehensive and clear overview on banking groups established within the country. In terms of financial reporting, Serbian law requires publication of consolidated statements on the basis of standards inspired by international practice. The possibility to exclude minor entities from consolidation and the very limited impact of subsidiaries on Serbian banks somewhat limits the impact of|
|this requirement. Full consolidation of all entities is not yet generally practiced. There are no comprehensive supervisory requirements for reporting on a consolidated basis by banks nor does NBS exert a systematic analysis of consolidate risk positions, monitor global lending concentration or impose consolidated capital requirements13. Strengthening of consolidated reported requirements would also improve the NBS’s capacity to enforce compliance with large exposure limits (BCP 10) and related party exposures (BCP 11).|
|Assessment||Materially non compliant|
|Comments||The NBS is recommended to require proper reporting on a consolidated basis for all key elements of banking groups financial position: CAR, risk measurement, provisioning, risk con|