A. Institutional and Macro-Economic Setting and Market Structure–Overview

16. The Netherlands has a large and internationally orientated financial sector. Total financial assets of the banking sector currently amount to € 2,852 billion (Q2 2010), which is equal to almost five times GDP. A quarter of assets is ultimately held by foreign institutions (mostly from within the European Economic Area (EEA)).

17. The banking sector has been seriously hit by the global financial crisis, which has resulted in unprecedented write-downs on assets, forcing the authorities to take far-reaching measures to maintain financial stability.

18. Currently, some of the major banks are in the middle of a restructuring process, which has resulted in a consolidation of their balance sheets, a reduction of their risk profile and an increased domestic orientation. In 2009, the banking sector returned to profitability, which is however still considerably below pre-crisis levels. With the economic recovery expected to be modest and the strengthening of regulation, the banking sector will continue to be confronted with a challenging environment in the years ahead.

19. Since the global financial crisis, the financial landscape in the Netherlands has changed significantly. At the end of 2007, the then largest financial institution in the Netherlands, ABN AMRO, was taken over by a consortium of Fortis, Royal Bank of Scotland, and Banco Santander. Almost a year later, in order to maintain financial stability, the Netherlands government decided to buy the Netherlands banking parts of Fortis, including its share within the consortium that contained the Netherlands activities of ABN AMRO. The process of integration of Fortis and ABN AMRO will continue under state ownership. To this end, a new company structure was created in July 2010 under the name of ABN AMRO.

20. In addition to the intervention in Fortis/ABN, the State also supplied capital support to three financial institutions, including Internationale Nederlands Groep (ING). The State also acquired a portfolio of ALT-A mortgages from the U.S. subsidiary of ING. As a condition to this support, the European Commission (EC) has enforced changes to the organization of ING. Within this process, ING has announced its intention to separate its banking and insurance activities, which will thus result in a smaller organization.

21. The Dutch economy is showing gradual signs of recovery after the 2008/2009 recession, and growth is expected to continue at a moderate pace. The fiscal position has deteriorated significantly because of the accommodative fiscal stance taken during the financial crisis and the contraction of GDP in 2009. In 2011, the budget deficit is expected to improve, but will remain at a comparatively high level of 4 percent. In the upcoming years, further fiscal consolidation is expected to further reduce the deficit and to prepare for implications of an ageing population.

A. Sound and Sustainable Macroeconomic Policies

23. The Netherlands has a strong record and a solid institutional framework supporting the conduct of sound macro-economic policies.

24. Monetary policy is conducted by DNB within the ESCB framework. Budgetary policy is conducted within a fiscal framework based on predefined rules and within the requirements of the Stability and Growth Pact (SGP). The fiscal Report on the Observance of Standards and Codes (ROSC) that was conducted by the IMF in 2005 concluded that the Netherlands has a transparent and well understood system of fiscal management, which achieves or exceeds the accepted standards.

25. The recent financial crisis has put severe pressure on financial stability and the budgetary situation of the Netherlands. Measures have been taken in line with the SGP recommendations to ensure that the budget remains on a sustainable path. However, considerable adjustment still needs to be made.

26. The Banking Act (DNB Act of 1998 with subsequent amendments) and the AFS explicitly assign to DNB the responsibility to safeguard the stability of the financial system. Within DNB, the Financial Stability Division (FSD) is primarily responsible for this task. Within this division, a separate department for macro-prudential supervision was created in 2010 to further improve the monitoring of macro-prudential risks.

B. A Well Developed Public Infrastructure

27. The Netherlands has a well developed business climate with an adequate legal framework including corporate, bankruptcy and private property laws. Credit institutions must apply either International Financial Reporting Standards (IFRS) accounting principles or the provisions as laid down in Title 9 Book 2 of the Dutch Civil Code (DCC) (which in itself is largely compliant with the IFRS standards). Their accounts are legally required to be validated by independent auditors to ensure that financial statements are correct and provide a true and fair view of the financial position of the company.

28. The auditing profession is subject to self-regulation through the NIVRA and to regulation by the AFM. These bodies ensure that the audit profession is subject to licensing and appropriate professional training.

C. Payment and Settlement Systems

29. DNB participates in the ‘Trans European Automated Real-Time Gross Settlement Express Transfer 2 (TARGET2), the Real-Time Gross Settlement (RTGS) of the Eurosystem and operates ‘TARGET2.NL’. Equens provides clearing services for the interbank market through the systems ‘Equens CSM’ (international Single European Payment Area (SEPA) compliant transactions), and ‘CSS’ (domestic transactions). Point of Sale (POS) and ‘guest use’ Automated Teller Machine (ATM) transactions are routed and authorized through the ‘SWITCH’ system, which is operated by Equens as well. Currence⁴ is the legal owner of the payment products ‘PIN’, ‘iDEAL’, and ‘Direct Debit’.

30. Securities traded on Euronext Amsterdam are cleared by the Paris-based Central Counter Party LCH Clearnet SA (CCP LCH). Clearnet SA are settled in the Central Securities Depository (CSD) Euroclear Nederlands system ‘ESES’. ESES uses DVP model 1 and is a platform with an integrated settlement model in the Central Bank Money (CeBM). ESES is also used by the CSDs in Belgium and France in co-operation with DNB, the National Bank of Belgium (NBB) and Banque de France (BdF). The (I) CSD Euroclear Bank provides settlement for Euronext Amsterdam in the Commercial Bank Money (CoBM). European Multilateral Clearing Facility (EMCF), the Amsterdam based CCP, provides clearing services to a number of trading venues across Europe (the UK, Hungary, and Scandinavia).

A. The structure of the Act on Financial Supervision and Secondary Legislation

35. The regulatory framework applied by DNB comprises three levels. The most fundamental is the AFS which came into force on January 1, 2007. The AFS is supplemented by various orders in council and ministerial orders and decrees. Finally, DNB is vested with the power to issue rules and policy guidelines, which mainly concern the interpretation of the law.

36. The AFS consists of seven parts and three annexes. Part 1 concerns general provisions, including such matters as definitions and the objectives and powers of DNB and the AFM. Part 2 concerns licensing and market access matters. Part 3 concerns the prudential supervision of financial intermediaries, including the various prudential standards, such as minimum solvency, liquidity, accounting, and reports. Part 4 concerns standards for the conduct of financial businesses, while Part 5 relates to conduct of business in the financial markets. Part 6 relates to the supervision of providers of settlement services, while Part 7 contains final provisions.

A. Objectives, Independence, Powers, Transparency and Cooperation (CP1)

45. In 2007, the AFS introduced a new legal framework for the supervisory authorities in the Netherlands. Compared to the situation prevailing during the previous Basel Core Principles assessment in 2004, this has resulted in substantially improved clarity of mandates and objectives for supervisory authorities. DNB and the AFM appear to possess a clear understanding of their respective roles and responsibilities under the Twin Peaks system, and cooperation and coordination between the two agencies appear to have functioned well in practice, including during the period of greatest financial stress during the crisis.

46. The structure introduced by the AFS does, however, provide for a larger role for the MoF than in most other comparable systems. For example, DNB has relatively limited rule-making authority of its own, since most regulation is either directly contained in the AFS itself or in decrees that are the responsibility of the MoF. This arrangement gives the MoF a more active role in the supervisory policy process than is typical, although the authorities explain it on the grounds that rule-making powers are a delegated authority from parliament and that close MoF involvement is necessary to ensure proper accountability mechanisms that are compatible with the Netherlands constitution. The same justification is given of the provision in the AFS, which empowers the minister to overturn DNB rules that are deemed to constitute an “unreasonable administrative burden” on the financial markets. DNB is authorized by law to “lay down temporary, generally binding regulations in order to contribute to the stability of the financial sector.” Such regulation must be reported to the MoF without delay. Furthermore, DNB is exempted from the provision in the Dutch Independent Administrative Authorities Act (Zelfstandig bestuursorganen, ZBO’s) which stipulates that the minister may set policy rules with regard to the exercise of duties by an independent administrative authority.

47. Nonetheless, the circumstances in which this power might be invoked need to be more closely defined, either by amendment to the law or a public statement from the MoF of a non-exhaustive list of circumstances in which these powers might be invoked.

48. There may also be a case for greater DNB involvement in the rule-making process, as policies are generally more effective if they are directly informed by the experience of application and enforcement.

49. It is also argued that there is a clear distinction to be made between the rule-making process and the execution of these rules through supervision. The latter is clearly reserved by DNB, which is therefore, fully independent in operational matters, except for exceptional cases that would need to be justified on the grounds of “public good.” As with the provision of the law relating to an “unreasonable administrative burden”, a more precise definition of the circumstances in which such powers might be invoked would be desirable.

50. The AFS also gives the MoF a role in approving DNB’s supervisory budget. It is not clear to what extent the MoF uses this power to influence the allocation of supervisory resources and what criteria it may use in deciding on the reasonableness of DNB’s proposed budget. It is also unclear to what extent this arrangement may have contributed to a situation in which the resources devoted to banking supervision do not appear to be proportionate to the size and complexity of DNB’s supervisory task. The Netherlands banking system is one of the largest in the world relative to GDP; and contains a number of large, diversified, and internationally active financial conglomerate groups that require close monitoring and intensive interaction with host-supervisors overseas. DNB devotes fewer FTE posts to banking supervision than to either insurance or pensions supervision, both sectors which are considered less complex and which pose fewer risks to the state than the banking sector. The assessment team recommends that DNB and the MoF jointly conduct a review of the adequacy of resources currently devoted to banking supervision; for example, by benchmarking against other countries with banking systems of comparable size and complexity.

51. The AFS also provides DNB with an extensive range of legal sanctions and powers to ensure compliance with law and regulation. Nonetheless, until recently, DNB has been less reliant on the use of these powers to the full, preferring instead to rely on “moral suasion.” In part, this preference may reflect a traditional concept of the bank supervisor’s role, and in part it may reflect a degree of uncertainty about the extent of the powers of DNB staff, given that the AFS is a relatively new instrument. However, there is some evidence that reliance on moral suasion has not always been effective and has become progressively less-effective, given changes in the Netherlands banking system over the past decade. In recognition of this, DNB recently engaged in a major cultural change project (“VITA”), one component of which is to encourage supervisors to make more use of their formal powers. The assessment team strongly supports this initiative and encourages DNB to use to the full its range of enforcement powers.

52. The AFS also provides adequate legal protection to individual staff members of DNB. The assessment team is aware of the discussions that have been taking place between the supervisory authorities and the respective ministries to limit the authorities’ prospective financial liability in the event of a law suit being brought against them. However, since the limitation of the legal liability of regulatory agencies (as opposed to the staff of those agencies) is not a feature of this core principle, the team is satisfied that the relevant Core Principles (CP) component is fully complied with.

B. Licensing and Structure (CPs 2–5)

53. The AFS defines clearly the permissible activities of a bank as well as prohibits institutions, which are not licensed by DNB to pursue the business of banking from using the word “bank” in their name. The conditions that must be met to obtain a license to pursue the business of a bank are set out in the AFS, as supplemented by the Decree on Prudential Regulation (DPR). The criteria allow DNB sufficient discretion to set conditions and to assess to what extent these conditions have been fulfilled and to determine whether the requested license should be issued. Among the criteria to be considered are that the owners and senior management should be “fit and proper” persons. In the light of lessons learned from recent cases, a change in the AFS is being prepared to replace the separate assessments for fitness and properness, with a single suitability assessment. This assessment is meant to cover fitness, properness and other facts and/or circumstances that may influence the suitability of a person.

54. The AFS also provides for DNB or in certain cases, the minister of finance, to issue a “declaration of no objection” either to significant changes in control of banks or of significant acquisitions by banks. DNB undertakes detailed scrutiny of such applications before deciding to issue a declaration of no objection.

C. Prudential Regulation and Requirements (CPs 6–18)

55. Capital adequacy rules are based on Basel II, as transposed into EU law by the CRD. The CRD provides for a comprehensive set of requirements with respect to credit market, and operational risks. In practice, the DPR and the rules made by DNB follow CRD requirements very closely, and the Netherlands has chosen not to apply a higher national standard where provided for in the directive, with the exception of the definition of “own funds” (capital) where DNB enforces a de-facto maximum limit of 25 percent of hybrid capital instruments in Tier 1 (the CRD imposes a 50 percent limit). The Netherlands legislation provides for the full range of options in respect of advanced and standardized approaches within the CRD, and banks are subject to detailed assessments before being permitted to adopt the advanced approaches with respect to credit, market, and operational risks.

56. The standard Pillar 1 minimum solvency ratio for all banks is 8 percent. In practice, however, banks operate at capital levels that are much higher than the legal minimum. DNB sets capital requirements on a bank-by-bank basis, using an assessment methodology that builds on the Basel II, Pillar 2 process. Banks are required to develop their own Internal Capital Adequacy Assessment Program (ICAAP), which is assessed against independently developed supervisory benchmarks. DNB also requires banks to engage in regular stress-testing exercises and conducts an annual macro stress test of its own.

57. Banks’ compliance with prudential requirements is assessed through regular supervisory returns that are based on the standard format developed by the CEBS and through regular on-site contacts with bank management and risk control functions. DNB is increasingly making use of thematic examinations by expert teams. A review of banks using the Advanced Measurement Approach for Operational Risk (AMO) was recently concluded and resulted in significant supervision action to remedy the deficiencies identified.

58. DNB has had in place a comprehensive set of liquidity rules since 2003. These are being enhanced in the light of lessons learned from the crisis and will also be amended to incorporate the recommendations contained in Basel 3. Currently, reporting forms do not distinguish between liquidity in the major currencies (reporting is in euros only) and the assessment team recommends that DNB’s standardized liquidity report be amended to permit analysis according to major currencies.

59. DNB does not set any specific rules with respect to problem assets, provisioning and reserves. Instead, the level of required provisions is set according to the Expected Loss (EL) estimates calculated in accordance with the Internal Ratings Based approach under Basel II/Capital Requirements Directive (CRD). This methodology does not distinguish conceptually between provisions and capital, as the level of required capital increases in line with increasing EL. This is in accordance with the Basel II/CRD methodology. Provisioning policies are set on an individual bank basis in compliance with the requirements of IFRS or to the DCC that broadly conforms to IFRS. The primary responsibility for assessing the adequacy of provisions resides with the external auditor. Reliance on accounting standards for loan valuation and provisioning may be reasonable, given high levels of competency and integrity in the Dutch accounting profession. However, the supervisor should aim to provide guidance on the definition of default and outline its expectations concerning the level of provisions that would be appropriate when assets are impaired.

60. DNB does not set any specific limits on exposures to related parties. DNB argues that provisions of the AFS Section 3:17 provide an adequate legal basis for controlling related party lending, although this section does not make a specific reference to such lending. The definition of a related party is based on the Dutch Commercial Code. DNB uses “moral suasion” to ensure that transactions are appropriately arms length. Although the assessors found no evidence to suggest that related party lending is, or has been, a significant issue in the Netherlands, and therefore this relatively informal system of control may be judged effective, nonetheless for purposes of full compliance with CP11 DNB needs to put in place a more formal framework of limits and prohibitions on lending to related parties.

61. DNB adopts a principles-based approach that is aimed at addressing possible conflicts of interest and preventing abuse arising from exposures to related parties, rather than relying on detailed formal requirements. Maximum limit for intra group transactions is set at 25 percent.

D. Methods of Ongoing Banking Supervision (CPs 19–21)

62. DNB’s supervisory approach is risk-based, drawing on a comprehensive risk analysis framework, FIRM, and an associated RAP. The FIRM methodology is currently under review to reflect lessons learned from the financial crisis. Prior to the financial crisis, the risk-assessment methodology appears not to have adequately identified the main systemic vulnerabilities, such as increased leverage, increased reliance on wholesale funding, and the acquisition of substantial portfolios of structured securities that lead to the need for public sector capital support. The authorities are taking measures to address these lessons, including closer integration of macroprudential and microprudential supervision. In addition, as part of its “VITA” project DNB is also taking steps to enhance the intrusiveness of its supervision and to ensure that it results in adequate follow-up and enforcement actions (“conclusiveness”).

63. For the purposes of off-site supervision, DNB makes substantial use of banks’ internal management reports. This practice means that the amounts of data collected in standardized form are relatively limited (e.g., there is no standardized reporting of nonperforming assets) and are at different reporting dates. This makes it difficult to conduct comparative or aggregate analysis (stress tests). With the increased emphasis being placed on macroprudential surveillance, DNB needs to introduce more standardized and more granular reporting to facilitate this type of analysis. In addition, the standardized data currently collected by DNB is mainly at the consolidated level and does not contain sufficient solo reporting for “relevant entities” that are part of the consolidation group. DNB needs the data to be able to identify risks that arise in particular group companies as well as at the consolidated group level. The required extension of the supervisory reporting framework may imply that DNB’s legal powers to collect data need to be extended.

64. On-site inspections are not held according to a fixed schedule. The frequency of visits to individual banks is determined according to available resources and risk analysis. Examination findings are discussed with the bank concerned and subsequently recorded in a senior management letter. Comprehensive on-site examinations are not conducted on the largest banks. Instead, they are subject to thematic risk-based examinations on specific aspects of their operations, such as governance structure, risk management, asset and liability management, internal audit, integrity and compliance, and IT. In light of the financial crisis, DNB should consider supplementing these thematic examinations with periodic broader scope examinations with the intention of gaining a comprehensive understanding of the interaction of risks within a particular financial group.

65. Among the main shortcomings of the supervisory process in the pre-crisis period would appear to be that DNB did not sufficiently integrate the vulnerabilities identified in the course of its financial stability assessments with its supervision of individual banks. DNB was not unique among supervisors in lacking this perspective. The measures currently being adopted by DNB should go some distance towards remedying these shortcomings. For the purposes of compliance with the relevant Core Principles, however, the assessors are satisfied that DNB’s practices were in accordance with those envisaged when the Basel Core Principles were last revised in 2006.

E. Accounting and Disclosure (CP 22)

66. Netherlands banks are required to compile their financial statements in accordance with either IFRS (for publicly listed banks) or the DCC (for banks that are not publicly listed), the disclosure provisions of which are substantially the same as IFRS. In practice, many non-publicly listed banks voluntarily apply IFRS. Under the Twin Peaks structure, responsibility for monitoring compliance with accounting and disclosure standards is primarily with the AFM. However, DNB conducts a regular dialogue with both the auditors of individual banks and the accounting profession more generally. It has also established a comprehensive set of disclosure standards for banks based on Basel II, Pillar 3.

F. Corrective and Remedial Powers of Supervisors (CP 23)

67. The AFS provides DNB with a comprehensive set of intervention powers. However, in the past, DNB has not invoked its powers to the full, preferring instead to deal with emerging problems through the use of “moral suasion” rather than formal enforcement measures. While this technique of supervision may have been relatively successful in the past, the evidence suggests that in recent years moral suasion has become a much less effective tool, in part due to changes in the structure and ownership of the Netherlands financial system. DNB has recognized the shortcomings of moral suasion and has embarked on project VITA to ensure that its supervision becomes more “intrusive and conclusive.” The assessment team supports the objectives of this initiative and encourages DNB to make further progress on implementing it. In particular, there is a need to ensure that supervisory staff are fully aware of the range of legal powers at their disposal and that they should be prepared to use those powers whenever necessary.

68. With regard to resolution powers, DNB currently does not have at its disposal the full range of instruments that are necessary to conduct the orderly resolution of banks. Although DNB is empowered to give directions or appoint a special administrator to a problem bank, there exist no instruments to force an orderly resolution without shareholder approval. The MoF and DNB are jointly working on legislation to introduce additional crisis management tools, including the option of being able to transfer deposits of a failing bank to another bank. The assessment team also supports this initiative and encourages DNB and MoF to finalize this work as soon as practicable.

G. Consolidated and Cross-Border Banking Supervision (CPs 24–25)

69. DNB undertakes banking supervision on both a consolidated and on a solo basis in accordance with the CRD. In practice, supervisory activities are performed on both a consolidated and a solo basis, including quarterly returns provided by the banks, capital adequacy calculations, large exposures, exposures to related parties, and the supervisory review process. DNB also possesses extensive information-gathering powers with respect to subsidiaries and affiliated companies of a bank, and has the power to review the overall activities of a banking group, both domestic and cross-border. DNB also works in close cooperation with the AFM. If foreign affiliates or subsidiaries are involved, memorandum of understanding (MoUs) with foreign supervisors or colleges of supervisors facilitate the exchange of information between the supervisors.

70. DNB has recently taken measures to enhance the functioning of the college of supervisors arrangements in line with the recommendations of the Financial Stability Board (FSB). There are currently 14 colleges in place for banks, banking groups or financial conglomerates, which have regular exchanges of information and conference calls and meet at least once a year. For eight of the (largest) banks, operating on a cross-border basis, a multilateral written agreement is signed between members of the respective colleges. These agreements provide for further formal arrangements for home and host supervisors.

71. Although DNB has the necessary legal and regulatory powers to apply effective consolidated supervision of cross-border banking groups, there have been examples where DNB appears to have relied to a large extent on the supervision exercised by the host supervisor. Within the current institutional framework and the resulting division of home-host responsibilities as well as the general resources constraint under the risk based approach it would appear that DNB could intensify its capacity towards large, diversified cross-border groups to the degree of intensive scrutiny that their risk profiles warrant. The constraints on supervisory resources noted in relation to CP 1(2) above, may have contributed to this state of affairs. DNB may wish to consider strengthening the resources it devotes to its oversight of subsidiaries located outside the Netherlands and its practices and procedures for obtaining relevant information concerning their operations and the risks that they pose to the group.

Table 1.

The Netherlands: Summary Compliance with the Basel Core Principles–Detailed Assessments

Table 1.

The Netherlands: Summary Compliance with the Basel Core Principles–Detailed Assessments

Core Principle	Grading	Comments
1. Objectives, independence, powers, transparency, and cooperation	C	The authorities comply with this CP.
1.1 Responsibilities and objectives	C	The authorities comply with this subcomponent of CP 1.
1.2 Independence, accountability and transparency	LC	The AFS gives the MoF a substantial role in the rule-making process and it also possesses the powers to overturn specific DNB rules. There is in practice, no evidence of government or industry interference which compromises the operational independence of DNB. However, the circumstances in which these powers could be used need to be more precisely specified to make the process more transparent.
		The law allows the MoF to play a role in approving DNB’s supervisory budget. As further discussed under CP 24, the resources that DNB commits to banking supervision would not appear proportionate to the scale and complexity of the risks arising from this sector. DNB and MoF may want to consider a benchmarking exercise against other countries with banking systems of comparable size and complexity.
1.3 Legal framework	C	The authorities comply with this subcomponent of CP 1.
1.4 Legal powers	C	The authorities comply with this subcomponent of CP 1.
1.5 Legal protection	C	The authorities comply with this subcomponent of CP 1. Notwithstanding the discussions that have been taking place between the supervisory authorities and the respective ministries to limit the authorities’ prospective financial liability in the event of a law-suit being brought against them, the assessment team is satisfied that the authorities and individual members of staff are adequately protected.
1.6 Cooperation	C	The authorities comply with this subcomponent of CP 1.
2. Permissible activities	C	The authorities comply with this CP.
3. Licensing criteria	C	The authorities comply with this CP. A joint DNB and the AFM policy rule on the extended scope of the assessment of fitness and properness came into force on January 1, 2011. The new policy rule will expand, the variables of the assessment, the composition and functioning of the managing and supervisory boards, the information and antecedents that the supervisors will take into account when assessing a person’s fitness, and the weighing of the information and antecedents used. The policy rules will further enhance cooperation between DNB and the AFM (such as a joint panel for periodic review of the policy rule). Subsequent amendments to the AFS are being drafted to reinforce the described approach.
4. Transfer of significant ownership	C	The authorities comply with this CP.
5. Major acquisitions	C	The authorities comply with this CP.
6. Capital adequacy	C	The authorities comply with this CP. The minimum solvency ratio for all banks is 8 percent. In practice, however, banks operate at capital levels that are much higher than the legal minimum. DNB sets capital requirements on a bank-by-bank basis, using an assessment methodology that builds on the Basel II.
7. Risk management process	C	The authorities comply with this CP.
8. Credit risk	C	The authorities comply with this CP.
9. Problem assets, provisions, and reserves	C	DNB does not set any specific rules in respect of problem assets, provisioning and reserves. Instead, provisioning, policies are set on an individual bank basis, in compliance with the requirements of IFRS and DCC, which broadly conforms to IFRS. The primary responsibility for assessing the adequacy of provisions resides with the external auditor. Reliance on accounting standards for loan valuation and provisioning may be reasonable, given high levels of competency and integrity in the Dutch accounting profession. However, the supervisor should consider providing guidance on the definition of default and outline its expectations concerning the level of provisions that would be appropriate when assets are impaired.
10. Large exposure limits	C	The authorities comply with this CP.
11. Exposure to related parties	LC	DNB has followed an informal but generally effective approach to controlling related party lending. However, for purposes of full compliance with this CP the supervisor should have in place specific rules detailing the limits and prohibitions on related party lending.
12. Country and transfer risks	C	The authorities comply with this CP.
13. Market risks	C	The authorities comply with this CP.
14. Liquidity risk	C	The authorities comply with this CP. DNB has had in place a comprehensive set of liquidity rules since 2003. These are being enhanced in light of lessons learned from the crisis and will also be amended to incorporate the recommendations contained in Basel 3. Currently, reporting forms do not distinguish between liquidity in the major currencies (reporting is in euros only), and it is recommended that DNB’s standardize liquidity reports to permit analysis according to major currencies.
15. Operational risk	C	The authorities comply with this CP.
16. Interest rate risk in the banking book	C	The authorities comply with this CP.
17. Internal control and audit	C	The authorities comply with the CP.
18. Abuse of financial services	C	The authorities comply with this CP. It is noted that a number of CP 18-relevant issues as identified by the FATF assessment remain to be addressed.
19. Supervisory approach	C	The authorities comply with this CP. Prior to the financial crisis, the risk-assessment methodology appears not to have adequately identified the main systemic vulnerabilities, such as increased leverage, increased reliance on wholesale funding and the acquisition of substantial portfolios of structured securities, which lead to the need for public sector capital support. The authorities have taken measures to address these shortcomings, including closer integration of macroprudential and microprudential supervisory approaches.
20. Supervisory techniques	C	The authorities comply with this CP.
21. Supervisory reporting	LC	For the purposes of off-site supervision, DNB makes substantial use of banks’ internal management reports. This practice means that the amounts of data collected in standardized form are relatively limited (e.g., there is no standardized reporting of nonperforming assets) and are at different reporting dates. This makes it difficult to conduct comparative or aggregate analysis (stress tests). With the increased emphasis being placed on macroprudential surveillance, DNB needs to introduce more standardized and more granular reporting to facilitate this type of analysis. In addition, the standardized data currently collected by DNB is mainly at the consolidated level and does not contain sufficient solo reporting for “relevant entities” that are part of the consolidation group. DNB needs the data to be able to identify risks that arise in particular group companies as well as at the consolidated group level. The required extension of the supervisory reporting framework may imply that DNB’s legal powers to collect data need to be extended.
22. Accounting and disclosure	C	The authorities comply with this CP.
23. Corrective and remedial powers of supervisors	LC	Although the law provides DNB with a comprehensive set of intervention powers, in the past it has preferred to employ “moral suasion” rather than formal enforcement actions. This technique is becoming increasingly ineffective, as DNB recognizes. An internal project is underway to ensure that formal powers are more widely used.
		The AFS does not provide DNB with a full range of resolution tools, e.g., the ability to impose restructuring on a bank without shareholder approval. A joint MoF/DNB project is developing amendments to the legislation to provide for a full range of powers.
24. Consolidated supervision	LC	Although DNB has the necessary legal and regulatory powers to apply effective consolidated supervision of cross-border banking groups, there have been examples where DNB appears to have relied to a large extent on the supervision exercised by the host supervisor. Supervision of large, diversified cross-border groups could be intensified to the degree of intensive scrutiny that their risk profiles warrant. The constraints on supervisory resources noted in relation to CP 1(2) above, may have contributed to this state of affairs. DNB may wish to consider strengthening the resources it devotes to its oversight of subsidiaries located outside the Netherlands, and its practices and procedures for obtaining relevant information concerning their operations and the risks that they pose to the group.
25. Home-host relationships	C	The authorities comply with this CP.

View Table

Table 1.

The Netherlands: Summary Compliance with the Basel Core Principles–Detailed Assessments

Core Principle	Grading	Comments
1. Objectives, independence, powers, transparency, and cooperation	C	The authorities comply with this CP.
1.1 Responsibilities and objectives	C	The authorities comply with this subcomponent of CP 1.
1.2 Independence, accountability and transparency	LC	The AFS gives the MoF a substantial role in the rule-making process and it also possesses the powers to overturn specific DNB rules. There is in practice, no evidence of government or industry interference which compromises the operational independence of DNB. However, the circumstances in which these powers could be used need to be more precisely specified to make the process more transparent.
		The law allows the MoF to play a role in approving DNB’s supervisory budget. As further discussed under CP 24, the resources that DNB commits to banking supervision would not appear proportionate to the scale and complexity of the risks arising from this sector. DNB and MoF may want to consider a benchmarking exercise against other countries with banking systems of comparable size and complexity.
1.3 Legal framework	C	The authorities comply with this subcomponent of CP 1.
1.4 Legal powers	C	The authorities comply with this subcomponent of CP 1.
1.5 Legal protection	C	The authorities comply with this subcomponent of CP 1. Notwithstanding the discussions that have been taking place between the supervisory authorities and the respective ministries to limit the authorities’ prospective financial liability in the event of a law-suit being brought against them, the assessment team is satisfied that the authorities and individual members of staff are adequately protected.
1.6 Cooperation	C	The authorities comply with this subcomponent of CP 1.
2. Permissible activities	C	The authorities comply with this CP.
3. Licensing criteria	C	The authorities comply with this CP. A joint DNB and the AFM policy rule on the extended scope of the assessment of fitness and properness came into force on January 1, 2011. The new policy rule will expand, the variables of the assessment, the composition and functioning of the managing and supervisory boards, the information and antecedents that the supervisors will take into account when assessing a person’s fitness, and the weighing of the information and antecedents used. The policy rules will further enhance cooperation between DNB and the AFM (such as a joint panel for periodic review of the policy rule). Subsequent amendments to the AFS are being drafted to reinforce the described approach.
4. Transfer of significant ownership	C	The authorities comply with this CP.
5. Major acquisitions	C	The authorities comply with this CP.
6. Capital adequacy	C	The authorities comply with this CP. The minimum solvency ratio for all banks is 8 percent. In practice, however, banks operate at capital levels that are much higher than the legal minimum. DNB sets capital requirements on a bank-by-bank basis, using an assessment methodology that builds on the Basel II.
7. Risk management process	C	The authorities comply with this CP.
8. Credit risk	C	The authorities comply with this CP.
9. Problem assets, provisions, and reserves	C	DNB does not set any specific rules in respect of problem assets, provisioning and reserves. Instead, provisioning, policies are set on an individual bank basis, in compliance with the requirements of IFRS and DCC, which broadly conforms to IFRS. The primary responsibility for assessing the adequacy of provisions resides with the external auditor. Reliance on accounting standards for loan valuation and provisioning may be reasonable, given high levels of competency and integrity in the Dutch accounting profession. However, the supervisor should consider providing guidance on the definition of default and outline its expectations concerning the level of provisions that would be appropriate when assets are impaired.
10. Large exposure limits	C	The authorities comply with this CP.
11. Exposure to related parties	LC	DNB has followed an informal but generally effective approach to controlling related party lending. However, for purposes of full compliance with this CP the supervisor should have in place specific rules detailing the limits and prohibitions on related party lending.
12. Country and transfer risks	C	The authorities comply with this CP.
13. Market risks	C	The authorities comply with this CP.
14. Liquidity risk	C	The authorities comply with this CP. DNB has had in place a comprehensive set of liquidity rules since 2003. These are being enhanced in light of lessons learned from the crisis and will also be amended to incorporate the recommendations contained in Basel 3. Currently, reporting forms do not distinguish between liquidity in the major currencies (reporting is in euros only), and it is recommended that DNB’s standardize liquidity reports to permit analysis according to major currencies.
15. Operational risk	C	The authorities comply with this CP.
16. Interest rate risk in the banking book	C	The authorities comply with this CP.
17. Internal control and audit	C	The authorities comply with the CP.
18. Abuse of financial services	C	The authorities comply with this CP. It is noted that a number of CP 18-relevant issues as identified by the FATF assessment remain to be addressed.
19. Supervisory approach	C	The authorities comply with this CP. Prior to the financial crisis, the risk-assessment methodology appears not to have adequately identified the main systemic vulnerabilities, such as increased leverage, increased reliance on wholesale funding and the acquisition of substantial portfolios of structured securities, which lead to the need for public sector capital support. The authorities have taken measures to address these shortcomings, including closer integration of macroprudential and microprudential supervisory approaches.
20. Supervisory techniques	C	The authorities comply with this CP.
21. Supervisory reporting	LC	For the purposes of off-site supervision, DNB makes substantial use of banks’ internal management reports. This practice means that the amounts of data collected in standardized form are relatively limited (e.g., there is no standardized reporting of nonperforming assets) and are at different reporting dates. This makes it difficult to conduct comparative or aggregate analysis (stress tests). With the increased emphasis being placed on macroprudential surveillance, DNB needs to introduce more standardized and more granular reporting to facilitate this type of analysis. In addition, the standardized data currently collected by DNB is mainly at the consolidated level and does not contain sufficient solo reporting for “relevant entities” that are part of the consolidation group. DNB needs the data to be able to identify risks that arise in particular group companies as well as at the consolidated group level. The required extension of the supervisory reporting framework may imply that DNB’s legal powers to collect data need to be extended.
22. Accounting and disclosure	C	The authorities comply with this CP.
23. Corrective and remedial powers of supervisors	LC	Although the law provides DNB with a comprehensive set of intervention powers, in the past it has preferred to employ “moral suasion” rather than formal enforcement actions. This technique is becoming increasingly ineffective, as DNB recognizes. An internal project is underway to ensure that formal powers are more widely used.
		The AFS does not provide DNB with a full range of resolution tools, e.g., the ability to impose restructuring on a bank without shareholder approval. A joint MoF/DNB project is developing amendments to the legislation to provide for a full range of powers.
24. Consolidated supervision	LC	Although DNB has the necessary legal and regulatory powers to apply effective consolidated supervision of cross-border banking groups, there have been examples where DNB appears to have relied to a large extent on the supervision exercised by the host supervisor. Supervision of large, diversified cross-border groups could be intensified to the degree of intensive scrutiny that their risk profiles warrant. The constraints on supervisory resources noted in relation to CP 1(2) above, may have contributed to this state of affairs. DNB may wish to consider strengthening the resources it devotes to its oversight of subsidiaries located outside the Netherlands, and its practices and procedures for obtaining relevant information concerning their operations and the risks that they pose to the group.
25. Home-host relationships	C	The authorities comply with this CP.

Table 2.

The Netherlands: Detailed Assessment of Compliance with the Basel Core Principles

Table 2.

The Netherlands: Detailed Assessment of Compliance with the Basel Core Principles

Principle 1	Objectives, independence, powers, transparency and cooperation. An effective system of banking supervision will have clear responsibilities and objectives for each authority involved in the supervision of banks. Each such authority should possess operational independence, transparent processes, sound governance and adequate resources and be accountable for the discharge of its duties. A suitable legal framework for banking supervision is also necessary, including provisions relating to authorization of banking establishments and their ongoing supervision; powers to address compliance with laws as well as safety and soundness concerns; and legal protection for supervisors. Arrangements for sharing information between supervisors and protecting the confidentiality of such information should be in place.
Description	The Dutch financial system explicitly recognizes two separate objectives of financial supervision. DNB is responsible for prudential supervision and the AFM for business of conduct supervision. This cross-border approach of supervision, with two independent supervisors, is referred to as the Twin Peaks model.
Assessment	Compliant.
Comments	See sub-components 1–6.
Principle 1(1)	Responsibilities and objectives. An effective system of banking supervision will have clear responsibilities and objectives for each authority involved in the supervision of banks.
Description	EC 1: The duties and powers of DNB as prudential supervisor follow from the Bank Act of 1998 with subsequent amendments and the Act on Financial Supervision (AFS), which came into effect in 2007. Section 4(1) of the Bank Act states that DNB is given the task of exercising supervision of financial institutions in accordance with applicable legislation. In addition, Section 3(2) of the Bank Act states that DNB has the duty to contribute, within the framework of the ESCB, to the smooth conduct of policies relating to the financial supervision of credit institutions and the stability of the financial system. The objectives of financial supervision and the responsibilities of the supervisors are described in the AFS. Section 1:24 assigns the responsibility of prudential supervision to DNB and Section 1:25 assigns the responsibility of conduct of business supervision to the AFM. This reflects the Netherlands model of financial supervision, which is based on an objectives-based approach (the Twin Peaks model). Responsibilities for different objectives are given to DNB and the AFM. Sections 1:46 through 1:50 and Section 1:54 determine the collaboration between the supervisors. In addition, there is a covenant between DNB and the AFM that arranges cooperation and information sharing. EC 2: Credit institutions fall under the scope of the AFS. With regard to banking supervision, DNB is the main and primary supervisor, bearing responsibility for market access, licensing and financial regulation. The AFS contains the implementation of the capital requirement directive and the framework for prudential standards for banks. A general description of the objectives of prudential supervision of DNB is to be found on DNB’s website. A more detailed description is posted on the “Open Book” section of the website. This part of the website contains links to relevant legislation, information about the implementation of European directives, fact sheets on the most important topics, publication of enforcement measures, and criteria for market access. It also contains a detailed description of the supervisory method DNB applies (the “FIRM-method). In addition, the ‘Open Book’ contains a section with an overview of laws, regulations, administrative rules, and general guidance adopted in the field of prudential supervision, which EU member states are required to disclose according to Section 144(a) of the CRD. The AFS is the main law for prudential regulation. Under the AFS, there are 19 decrees, 19 ministerial decrees, and 12 supervisory regulations. Together, these instruments provide the framework for the prudential supervision of banks. In addition, DNB issues policy supervision rules, containing guidance and best practice on prudential regulation. EC 3: Banking regulation is regularly updated. Technical changes have been incorporated in, for example, the “Reparatiebesluit Wft”, which came into effect on January 1, 2009. Further amendments to the AFS will be taken up in a continuous cycle. The first amendment was submitted to parliament in August 2009. It is foreseen that regular updates are to be taken up at one or two year intervals. To support this cycle of regulation, DNB sends a letter to the Minister of Finance each year indicating relevant legislation that needs to be taken up or amended. EC 4: Information on the financial strength and performance of the industry is found on DNB’s website. This contains information about the financial markets (interest rates, exchange rates, share indexes, and share issuance data), financial institutions (including supervisory information about the balance sheets and profit and loss accounts of the different institutions), and financial stability indicators. In addition, there is information available on the website about the financial position of households, balance of payments data, and the IMF’s Special Data Dissemination Standard (SDDS) statistics. AC 1: Supervisory programmes are determined on the basis of a risk-based assessment of financial risks, which is the (net) result of perceived risks for the financial institution and risk-mitigating factors that are in place. These risks are then evaluated on the basis of probability and impact on financial stability. This assessment determines the supervisory program that is assigned to the financial institution.
Assessment	Compliant.
Comments
Principle 1(2)	Independence, accountability and transparency. Each such authority should possess operational independence, transparent processes, sound governance and adequate resources, and be accountable for the discharge of its duties.
Description	EC 1: The system of financial supervision in the Netherlands is based on the principle that DNB is fully independent in its operational activities. This is explicitly embedded in the AFS and is reflected in several dimensions. Regulatory and supervisory independence. Within the context of the AFS, DNB can exercise its supervisory activities and decide on the admission of financial enterprises to the financial markets (Section 1:24, Paragraph 2). Section 1:29 of the AFS determines that the minister can only revoke binding regulations laid down by DNB when the Minister is of the opinion that DNB has laid down generally binding regulations that are contrary to the law, a treaty or a binding decree of an international institution (Paragraph 1), or imposes an unreasonable burden on the financial markets (Paragraph 2). Also, the supervisor must have failed to remove the observed shortcoming after consultation with the ministry. In addition, only in those exceptional circumstances when the supervisor seriously fails to perform its duties, the Minister may take required measures (the AFS Section 1:43). These powers of the Minister have never been exercised and are reserved for very rare cases and would be subject to public disclosure. Institutional independence. The members of DNB’s governing board are appointed by the crown through a royal decree for renewable terms of seven years. Section 12(3) of the Bank Act 1998 states that the President and the Executive Directors of the Governing Board may be suspended or relieved from office only if they no longer fulfil the conditions required for the performance of their duties or if they have been found guilty of serious misconduct. Budgetary independence. Under the AFS, the minister may lay down rules with respect to the structure of the budget (Section 1:32). Priorities and allocation of the budget are determined by DNB. The budget is discussed with the supervisory board of DNB and then sent to the Minister of Finance and the Minister of Social Affairs and Employment. The ministers can withhold approval if the budget is contrary to the law or public interest (Section 1:30, Paragraph 5). In the course of the year, if there are substantial differences between the actual outcome and the budget, DNB has to notify the Minister of Finance (Section 1:31). In practice, there is a dialogue with the Minister of Finance on the size of the budget. In this vein, the consequences of the recent action plan for the adequacy of the resources of DNB are currently under consultation with the Minister of Finance. EC 2: DNB is accountable for its supervisory activities. The budget identifies the objectives of financial supervision for the upcoming year, based on the government-wide framework of outcome orientated budgeting. At the end of the budget year, DNB has to draw up an accounting report relating to the duties assigned under the AFS (Section 1:34, Paragraph 1). The accounting report is accompanied by a statement of an auditor regarding the fair presentation and a report on whether the collection and deployment of resources are in accordance with the AFS. Approval of the accounting report is given by the ministers and may only be withheld if the report is contrary to law or public interest. The budget and annual report are both available on DNB’s website. EC 3: DNB is a professional organization with highly-skilled employees. The average age of employees in BSD is 41 years with eight years of working experience with DNB and a yearly average of 90 budgeted training hours per employee. The analytical skills, training frequency, and academic qualifications of DNB staff are high. Not only maintaining analytic skills, but also extra focus on the application of the analysis is a priority for DNB. This is highlighted as one of the main priorities in the supervisory policy in the “DNB Supervisory Strategy 2010--2014.” EC 4: The cost of supervision is paid for by the supervised financial entities and the MoF, with the industry paying on average three quarters of the budget. According to Section 1:39 of the AFS, the industry is consulted in the budget preparation process, but does not have ultimate decision-making power. The responsibility to determine its priorities and activities fully remains with DNB. The salary scales of employees are based on a specific agreement with DNB, which is negotiated in accordance with the collective benefit agreement of the banking sector, allowing DNB to attract and retain qualified staff. The level of on-site work is not restricted by the travel budget, training budget, or abilities to attract professional external advice. AC 1: The MoF has recently announced legislation to change some governance aspects at DNB. The main elements include the strengthening of the role of the supervisory board (Raad van Commissarissen (RvV)). In addition to financial control, the RvC will also have supervisory tasks with regard to the supervisory policy made by DNB. Furthermore, appointments to the Governing Board would only be renewable once, thereby determining total tenure to a minimum of 7 years and a maximum of 14 years. However it should be noted that this description of the AC had not been enacted at the time of the assessment and thus does not contain an element of the assessment of this CP.
Assessment	Largely Compliant.
Comments	There is, in practice, no evidence of government or industry interference that compromises the operational or financial independence of DNB, and sound governance and transparent processes are applied. However, the assessment team has the following observations. First, the law seems to provide broad grounds for the Minister to intervene in DNB’s activities. Both the “unreasonable burden on the financial markets” and the “public interest” justification for overturning DNB’s rules and withholding approval for DNB’s budget are very broadly drafted and could be open to misuse. While in practice this is unlikely to be a problem, the assessment team believes that a more satisfactory arrangement would be one in which the grounds for the Minister’s intervention are more precisely defined, either in law or perhaps by a public statement from the MoF of a non-exhaustive list of circumstances in which these powers might be invoked. DNB is authorized by law to “lay down temporary, generally binding regulations in order to contribute to the stability of the financial sector.” Such regulation must be reported to the MoF without delay. It should be noted that DNB is exempted from the provision in the Dutch Independent Administrative Authorities Act (Zelfstandig bestuursorganen, ZBO’s) which stipulates that the minister may set policy rules with regard to the exercise of duties by an independent administrative authority. The second observation is that the resources devoted to banking supervision do not appear to be proportionate to the size and complexity of the supervisory task. The Netherlands banking system is one of the largest in the world relative to GDP and contains a number of large, diversified, and internationally active financial conglomerate groups that require close monitoring and intensive interaction with host supervisors overseas. The assessment team notes that DNB devotes fewer FTE posts to banking supervision than to either insurance or pensions supervision, both sectors which are less complex and which pose fewer risks to the State than the banking sector. The assessment team recommends that DNB and the MoF jointly conduct a review of the adequacy of human resources currently devoted to banking supervision; for example, by benchmarking against other countries with banking systems of comparable size and complexity.
Principle 1(3)	Legal framework. A suitable legal framework for banking supervision is also necessary, including provisions relating to the authorization of banking establishments and their ongoing supervision.
Description	EC 1: The AFS has assigned DNB the sole authority to grant and withdraw licenses to pursue the business of a credit institution in the Netherlands. Section 2:11 of the AFS determines that no person may carry on the business of a bank without being authorized by DNB. Section 2:12 determines the provisions to which an applicant will have to apply. The aspects mentioned in this section are: Expertise; Properness of persons; Policy on the sound conduct of business; Minimum number of persons determining day to day policies; Control structure; Operational structure; Minimum number of members of the supervisory board; Consolidated supervision; Minimum equity capital; Solvency; and Liquidity. EC 2: These provisions are further elaborated in Part 3 of the AFS. Within this framework of the AFS and EU legislation, DNB has the power to set prudential rules with regard to these aspects. DNB has the long-standing practice of consulting drafts of new regulations with the industry. Although it tries to resolve problems in a constructive dialogue, DNB has the ultimate decision-making power and it does not need the consent of the sector. Consultations and the reactions received by the industry are publicly available in the ‘Open Book’ section of DNB’s website. EC 3: AFS Section 1:72 provides employees of DNB with the relevant supervisory powers as defined by the General Administrative Law Act (“Algemene wet bestuursrecht”, Awb). AFS Section 1:74 adds that DNB, as an entity, has the authority to request information from any party for the purpose of the supervision of compliance with the rules under or pursuant to the AFS.
Assessment	Compliant.
Comments
Principle 1(4)	Legal powers. A suitable legal framework for banking supervision is also necessary, including powers to address compliance with laws as well as safety and soundness concerns.
Description	EC 1: Under the AFS, DNB is provided with an extensive set of instruments to take adequate action against an institution if it fails to comply in a satisfactory and timely manner with the AFS and/or derivative regulations or if events take place which may compromise the financial health of that institution. Depending on the nature of the violation and the circumstances, DNB may take punitive or corrective action. The formal instruments of DNB under the AFS consist of: Issuing an instruction to adhere to a particular line of conduct (Section 1:75); Appointing a special administrator (Section 1:76); Imposing an order for incremental penalty payments (Section 1:79); Imposing an administrative fine (Section 1:80); Requesting the court to declare emergency regulations applicable with respect of the credit institution (Section 3:160); Issuing a public warning (Section 1:94); Deciding that a particular auditor or actuary is no longer authorized to issue the statements referred to in this Act in relation to that financial enterprise (Section 1:78); Modifying, withdrawing or limiting, either fully or in part, or attaching further conditions to the license (Section 1:104); and Bringing criminal proceedings against the offender. In addition to these supervisory measures, Section 1:28 enables the DNB, in case of special circumstances, to lay down temporary, generally binding regulations in order to contribute to the stability of the financial sector A decision on the use of formal or informal instruments is dependent on multiple factors and a qualitative judgement by DNB, which is ultimately determined by the effectiveness it is believed to achieve. This means, in some cases, “moral suasion” can achieve a change in behaviour, whereas in other cases more formal instruments are more appropriate. DNB and the AFM have issued a common paper (“Nota handhavingsbeleid”) on their enforcement policy, which describes the main elements DNB uses to determine its actions. EC 2: AFS Section 1:73 in conjunction with Section 1:74 empowers DNB to access any information it deems necessary for the adequate performance of its duties, including access to banks’ Board, management, staff, and records. EC 3: If a financial institution does not comply with the provisions under the AFS (Section 1:76, Paragraph 1) or DNB signals signs of a development that may jeopardize the own funds, solvency, or liquidity of that institution (Section 1:76, Paragraph 3), DNB may appoint a custodian.
Assessment	Compliant.
Comments	DNB has introduced an internal project (“VITA: From Analysis to Action”) to enhance its willingness to use its legal powers. Although the legal powers themselves appear to be adequate, DNB’s past preference for using “moral suasion” has been shown to be ineffective in the changed conditions of the Dutch financial system over the past decade. The assessment team therefore strongly supports DNB’s initiative in this regard and encourages it to make full use of the legal powers provided for in the AFS.
Principle 1(5)	Legal protection. A suitable legal framework for banking supervision is also necessary, including legal protection for supervisors.
Description	EC 1: Neither the AFS, nor any other law includes provisions explicitly protecting DNB or its employees against legal actions brought by third parties to recover damages caused by, for instance, alleged neglect in the exercise of supervisory duties. Volume 6, Chapter 3 of the DCC contains conditions that need to be fulfilled to legally honor third parties claims in the case of imputable and culpable actions or negligence. To date, these conditions have been interpreted restrictively in legal literature and court cases, confirming that the supervisor cannot be easily held liable and therefore protecting the supervisor against such claims. EC 2: Under Section 6:170 of the DCC, an employer is liable for the actions of his employees. By consequence, employees of the supervisory authority enjoy adequate legal protection against liability suits brought by third parties in connection with their supervisory activities. On request of DNB and the AFM, the Ministry of Finance and the Ministry of Justice are exploring the possibilities to limit the financial liability of DNB and the AFM as the supervisory authorities by explicitly laying down the limitation in legislation. This could also make a contribution to a more openly critical approach of supervision.
Assessment	Compliant.
Comments	Notwithstanding the discussions that have been taking place between the supervisory authorities and the respective ministries to limit the authorities’ prospective financial liability in the event of a lawsuit being brought against them, the assessment team is satisfied that individual members of staff of the authorities are adequately protected. Since this CP component is concerned with the legal protection of the staff of supervisory agencies, the assessment team is satisfied that this CP component is fully complied with.
Principle 1(6)	Cooperation. Arrangements for sharing information between supervisors and protecting the confidentiality of such information should be in place.
Description	EC 1: Part 1.3 of the AFS is dedicated to the collaboration between the supervisors, domestically and internationally. AFS Part 1.3.1 is dedicated to the collaboration of supervisors at a national level. Sections 1:46 through 1:50 and Section 1:54 determine the collaboration between DNB and the AFM. Apart from these legal provisions, there is a covenant between DNB and the AFM arranging the cooperation in supervision, regulation and policy making in areas of common interest. In addition, there are regular informal and formal meetings to coordinate information exchange and decision making. Section 1:44, Paragraph 2 determines that the collaboration of the supervisors will be evaluated three years after the inception of the AFS. This report was recently concluded and is available on the website of the MoF. The report concludes that in practice the cooperation between the supervisors is effective, while operating from their own expertise, culture, objectives and responsibilities. Financial institutions do not experience major problems. AFS Part 1.3.2 is dedicated to the collaboration with other EU Member States and part 1.3.3 is dedicated to the collaboration with non-Member States. This includes aspects of exchange of data and information (1:51–1:54; 1:65), compliance (1:55–1:57; 1:66) and enforcement (1:57–1:59; 1:67–1:68). EC 2: In addition to these legal provisions, DNB has concluded 37 MoU’s with relevant EEA and non-EEA supervisors. An overview is provided on DNB’s website. The MoUs contain agreements about (i) the exchange of information, the rights and obligations with regard to requests for and the provision of information; (ii) cooperation in the field of supervision, for example in relation to on-site examinations (announcement, host supervisor involvement, exchange of research results); and (iii) confidentiality with regard to the information provided and received. AFS Part 1.3.3 provides for instructions governing the supply of information to the Commission of the European Communities. This information may relate to, for instance, the granting of an authorization, the granting of a declaration of no-objection, and general difficulties which financial undertakings may encounter. With respect to banks and banking groups of material interest to the home or the host supervisor, colleges of supervisors are in place. There are currently 14 colleges in place for banks, banking groups or financial conglomerates, which have regular exchange of information and conference calls and meet at least one a year. (See also CP 25). EC 3: AFS Section 1:89 states that information received by DNB from financial institutions is to remain secret. In derogation from this section and under specified conditions, the supervisor may supply to a supervisor or supervisory authority of another EU Member State (1:90) or non-Member State (1:65) confidential data or information. One of the preconditions is that information provided to foreign supervisors is subject to guarantees of professional secrecy at least equivalent to those that apply in The Netherlands and that the information shall be for the purpose of performing the supervisory task of the authorities concerned. EC 4: AFS Section 1:89 empowers DNB to refuse any demand for confidential information under in its possession. In addition, Section 1:42, Paragraph 7 determines that the Government Information (Public Access) Act, the National Ombudsman Act and Title 9.2 of the General Administrative Law Act shall not apply to the data or information that is held by the Minister or by the third party working on his instructions.
Assessment	Compliant.
Comments
Principle 2	Permissible activities. The permissible activities of institutions that are licensed and subject to supervision as banks must be clearly defined and the use of the word “bank” in names should be controlled as far as possible.
Description	EC 1: AFS Section 1:1 defines the term: “bank” as an institution that carries out the business to obtain the disposal of callable funds beyond a restricted circle, from parties other than professional market parties and to extend loans at its own expense. The AFS includes separate definitions of “restricted circle”, “callable funds” and “professional market party”. EC 2: Through its licensing procedure, DNB controls the full scope of activities of a credit institution, both for the activities listed in Annex I of the CRD as well as any other activities. The AFS embraces the concept of the ‘universal bank’ meaning that a bank is allowed in principle to pursue all banking activities. In line with this concept, AFS Section 3:32 states that a licensed bank incorporated in the Netherlands is allowed to carry out at least the activities listed in Annex I to the CRD, unless the license granted by DNB expressly states otherwise. Activities that a bank may carry out but which are not listed in Annex I to the CRD include other financial activities such as offering insurance through a subsidiary (provided a license has been obtained in accordance with the relevant provisions of the AFS) and non financial activities (e.g., running a travel agency). Such activities are covered and restricted by DNB’s consolidated supervision. EC 3: Corporations and institutions that have not obtained a license as a credit institution (i.e., either a bank or an electronic money institution) are prohibited, with certain exceptions, by AFS Section 3:7, from using the word ‘bank’ and its derived forms or translations as part of their name or in the pursuit of their business, unless this is done in a context which clearly shows that it does not operate in the financial markets. DNB actively searches for undertakings that illegally conduct activities where a license would have been required. In case an offence is perceived, measures are taken. For an overview of the available measures, please refer to the description given in response to Principle 1(4) on legal powers and Principle 23 on corrective measures. EC 4: DNB can grant dispensation (based on AFS Section 3:7 subsection 4) from this prohibition if the protection that AFS Section 3:7 seeks to provide, can be achieved by other means. A similar legal prohibition also applies to receiving funds repayable on demand (deposits) from the public. AFS Section 3:5 provides that the business of receiving funds repayable on demand or subject to notice being given is an activity that may only be carried out by banks that are licensed in the Netherlands, banks that have obtained a license in another EEA state or institutions that receive such funds as a result of offering securities to the public in accordance with the applicable provisions of the AFS. DNB can grant dispensation from this prohibition if certain criteria are met. The sanction against violation of these prohibitions is the imposition of an administrative fine or a cease and desist order by DNB or, if necessary, prosecution under the Economic Offences Act. EC 5: Pursuant to Section 1:107 of the AFS, all banks that have obtained a license from DNB are entered into a public register. If DNB has restricted the activities that an individual institution is authorized to pursue under its license, that institution’s entry in the Register lists the permitted activities.
Assessment	Compliant.
Comments
Principle 3	Licensing criteria. The licensing authority must have the power to set criteria and reject applications for establishments that do not meet the standards set. The licensing process, at a minimum, should consist of an assessment of the ownership structure and governance of the bank and its wider group, including the fitness and properness of Board members and senior management, its strategic and operating plan, internal controls and risk management, and its projected financial condition, including its capital base. Where the proposed owner or parent organization is a foreign bank, the prior consent of its home-country supervisor should be obtained.
Description	EC 1: Under AFS Section 2:11, DNB is both the licensing authority and the supervisory authority for all banks having their registered office in the Netherlands. The AFM is the competent supervisory authority for the banks’ conduct of business and when dealing with a request for a license to pursue activities as a bank as well as an investment institution, the AFM is competent to assess certain aspects regarding the applicant’s investment activities (AFS Section 1:48). The assessment of the AFM is incorporated into DNB’s decision regarding the license application. EC 2: The AFS contains a detailed set of criteria (Sections 2:12 and 2:13 AFS) that must be met before a license to pursue the business of a bank in the Netherlands may be granted. The criteria allows DNB sufficient discretion to set conditions and to assess to what extent these conditions have been fulfilled and to determine whether the requested license should be issued. This freedom is limited by principles of general administrative law to which all public bodies must adhere. EC 3: The same criteria used to assess an application for a license also apply on an on-going basis to institutions that have been granted a license. DNB has a set of instruments at its disposal to take corrective action if any of these criteria is no longer satisfied (see also CP 1(4)), including the power to withdraw an issued license. The set of instruments for corrective action is currently being reviewed by the MoF and DNB (see also CP 23). The outcome of the review may lead to amendments of the AFS. Having obtained a license, a bank is subject to ongoing supervision by DNB, which includes an ongoing assessment of the bank’s ability to realise its stated objectives and whether any restrictions attached to the license are being complied with. The bank must at all times meet the authorisation criteria. Failure to satisfy any of these criteria may lead to the withdrawal of the license in accordance with AFS Section 1:104 (1) (d). EC 4: Section 2:12 AFS provides that DNB will grant the license to pursue the business of a credit institution (i.e., bank or electronic money institution) in the Netherlands if the criteria, mentioned in 2:12 (1) (a) through (k) of the AFS are met. The standards that need to be met and the information that needs to be submitted are set out in more detail in a number of Decrees and Regulations. An application will not be considered until all information needed to assess the application has been received and will be rejected if the requisite criteria are not met and/or the information provided by the applicant is inadequate. In practice, DNB conducts an extensive dialogue with the applicant to ensure DNB has a thorough understanding of the applicant’s envisaged business. EC 5, 6: If an application for a bank license is submitted, DNB scrutinises persons and corporations holding a qualifying holding (10 percent or more) in the shares or votes of the applicant. Pursuant to Section 3:95 AFS, persons or corporations with a qualifying holding must apply for a declaration of no-objection. If DNB refuses to grant a declaration of no-objection to the holder of a qualifying holding, DNB will also refuse to issue the bank license to the applicant (Section 2:12 (2) AFS). See also description of CP 4 (Transfer of significant ownership) and CP 5 (Major acquisitions). EC 7: A bank must hold a minimum amount of capital or ‘own funds’ in the amount of EUR 5 million (see Section 3:53 AFS and Section 48 of the DPR. EC 8: Before DNB issues a bank license to an institution, as well as during the duration of the period the bank remains active under its license, members of the management board and the supervisory board of a credit institution must meet requirements of fitness and properness. The provisions relevant to these requirements are found in AFS Sections 3:8 and 3:9. Also, procedures must be in place to deal with conflicts of interest (AFS Section 3:10). The assessment of prospective members of a management or supervisory board involves consulting public sources of information, conducting interviews with management board members, reviewing questionnaires, and requesting the persons named as referees to give their judgment. Further provisions regarding the trustworthiness of management and supervisory board members are laid down in the DPR. EC 9, 10: As part of an application for a bank license, a business plan must be presented, detailing the kind and size of activities planned with a projection of the resulting financial developments covering at least three financial years (Section 8 (1)(f) of the Decree on Market Access under the AFS (Besluit markttoegang financiële ondernemingen Wft, hereafter “BMT”). The business plan should also provide insight into the formal and the actual control structure and the prospective administrative organisation, including the financial administration and internal control. The relevant legal provisions in this context are AFS Sections 3:17 and BMT Section 8. The AFS and its subordinate legislation also contain requirements as to banks’ corporate governance, with respect to the organisation and control of banks’ business processes, including outsourcing (Section 3:18 AFS). The application process and especially the evaluation of the business plan includes an assessment of whether the applicant will be able to satisfy DNB’s rules relating to solvency, liquidity, administrative organisation and internal control, both in the short and in the longer term. EC 11: If the license that is applied for concerns a branch of a credit institution that is incorporated outside the EEA, the application must meet similar criteria to a bank incorporated in the Netherlands and the same information must be provided. In addition, AFS Section 2:21 requires that the branch of the non-EEA institution applies a financial bookkeeping separate from that relating to the activities carried out in its home state. DNB also requires a written statement by the relevant foreign supervisor to the effect that it has approved the establishment of a subsidiary or branch in the Netherlands. If a credit institution incorporated within the EEA intends to pursue activities as a credit institution from a branch office in the Netherlands or by providing cross border services, the notification procedures of respectively AFS Sections 2:14 and 2:18 apply, i.e., the credit institution that already has a license within the EEA can obtain a “passport” for its license to another state within the EEA. EC 12: A license once issued may be withdrawn by DNB if the information or documents submitted to obtain the license prove to be incorrect or incomplete to such an extent that the decision made in respect of the application for the license would have been different if, at the time of that decision, the correct circumstances would have been known in full (see Section 1:104 (1) (b) of the AFS). EC 13: Supervision pursuant to the AFS is exercised under the assumption that a bank’s management board is collectively responsible for the implementation of and compliance with the required organisational and risk control measures, including compliance with the requirements of applicable legislation. This means that DNB expects that the management board of a bank as a whole has a good understanding of the risks run by the institution and of the manner in which these risks can be controlled. Regular supervision assesses the quality of an institution’s management on an ongoing basis. AC 1: The assessment of the application does include the ability of shareholders to supply additional financial support if needed. This assessment is largely reflected in the assessment of the financial position of the shareholder. However, a firm obligation on the shareholder to provide support is not laid down in the AFS. Usually, discussions on this subject with the applicant and/or its shareholder will be held during the assessment of the application. This may result in the assessment (through a letters of comfort or based on the discussions itself) that the shareholder is severally liable. Once the applicant has been granted its license and is supervised on a continuing basis, DNB has several legal instruments (see principle 1(4)) in order to correct non-compliance with the solvency and liquidity requirements as laid down in the AFS and its subordinate legislation. AC 2: In its day-to-day supervision, DNB monitors the progress of new entrants in meeting their business and strategic goals, and to determine whether supervisory requirements outlined in the license approval are being met. DNB does not only assess the aforementioned achievement of goals, but also performs a feasibility study on said goals and the accompanying processes to achieve them.
Assessment	Compliant.
Comments	On 1 September 2010, a joint DNB and MoF draft Policy Rule on the fitness and propriety requirements of, members of the management board and the supervisory board of financial institutions was issued for public consultation It is expected that this Policy Rule will enter into force on January 1, 2011. In this Policy Rule DNB and the AFM elaborate on the requirements for fitness, the variables of the assessment (the position and responsibility of the person assessed as well as the nature, scale, complexity and the risk profile of the company), the composition and functioning of the managing and supervisory boards, the information and antecedents that the supervisors will take into account when assessing a person’s fitness and the weighing of the information and antecedents used, and the further cooperation between DNB and the AFM (such as a joint panel for periodic review of the policy rule). In addition to this new Policy Rule, a change in the AFS is being prepared to replace the provisions on the assessments of fitness (Section 3:8 of the AFS) and properness (Section 3:9 of the AFS) with a single suitability assessment. This assessment is meant to cover fitness, properness, and other facts and/or circumstances that may influence the suitability of a person. The legislative proposal is expected to be submitted to Parliament soon. Once these changes have been adopted, the single suitability assessment will enable the weighing between fitness and properness, facilitate decision-making in marginal cases and enable DNB and the AFM to weigh circumstances that are not directly related to fitness or properness, but which may nevertheless affect the suitability of the person (e.g., membership of supervisory boards in multiple companies or a management board member who owns the bank etc.) Supervisory board members are currently only assessed as to their properness. The single suitability assessment will also allow the assessment of their expertise.
Principle 4	Transfer of significant ownership. The supervisor has the power to review and reject any proposals to transfer significant ownership or controlling interests held directly or indirectly in existing banks to other parties.
Description	Based on AFS Section 3:95, institutions should obtain a “declaration of no-objection” from DNB (or, in certain circumstances as described by law, the Minister of Finance)5 in cases where there is a qualifying majority in ownership (or the exercise of control relating to the qualifying majority holding in banks), or a transfer thereof, in other entities as specified by Law. DNB, or in certain cases the Minister of Finance, will issue such a declaration of no-objection unless the acquisition of the qualifying holding would (i) lead to any influence on the applicant which in the opinion of DNB would run counter to sound and prudent banking policy (Section 3:100 (a) AFS), (ii) lead to the applicant forming part of a group whose formal or actual control structure would be lack transparency to a degree that would prevent the adequate exercise of supervision (Section 3:100 (b) AFS) or (iii) lead to an undesirable development of the financial sector (Section 3:100 (c) AFS). As disclosed in the DNB 2009 Annual Report, DNB granted 78 declarations of no-objection for qualifying holdings in banks and 384 of such declarations in total for 2009. Assessment processes differ in size and complexity in relation to the parties involved and are also subject to changes in regulatory environment, mainly as a result of an EU directive regarding procedural rules and evaluation criteria for the prudential assessment of acquisitions and increase of holdings in the financial sector (2007/44/EC, hereafter the ‘Acquisitions Directive’). EC 1: AFS Section 1:1 defines a ‘qualified shareholding’ as a direct or indirect holding representing: interest of 10 percent or more in the share capital of an enterprise (this threshold is increased from 5 percent since the previous FSAP and now also includes group-declaration of no-objection); right to exercise 10 percent or more of the voting rights in a shareholders meeting of an enterprise; or form of control comparable to the items mentioned under (i) and (ii). EC 2, 3: The main provision in respect of supervision on ownership in banks is set out in AFS Section 3:95 (1)(a) which contains a prohibition on obtaining or increasing a qualifying holding in a bank without the prior approval of DNB. The assessment criteria for such approval is outlined in AFS Section 3:100 (1) which states that a declaration of no-objection is granted unless, in the opinion of DNB, holding, acquiring or increasing a qualifying holding by an applicant: would or could lead to an influence on the bank concerned which would conflict with sound and prudential business conduct; would or could lead to the bank concerned forming or becoming part of a group within which the formal or actual control structure is lacking in transparency to such an extent that it could impede adequate exercise of supervision of the respective bank; or would or could lead to an undesirable development of the financial sector (based on the Acquisitions Directive-see below-this criterion would have to be reconsidered. The decision to amend the AFS accordingly however, is still under consideration in Parliament). The Acquisitions Directive entered into force on September 5, 2007. This directive should have been implemented into Netherlands’ law on March 21, 2009, but until now this has not yet been achieved as the proposal for an amendment of the AFS is still under consideration in Parliament. This last criterion is subject to debate in Netherlands’ Parliament, as it was considered not in conformity with the Acquisitions Directive as it did not address pure prudential requirements of either the proposed holder of a qualified shareholding or the target financial institution. However, DNB currently processes applications for a “declaration of no-objection” by using the procedure for the assessment as outlined in the Acquisitions Directive. This has been consistently communicated towards market parties as of March 21, 2009. More specifically, DNB has adopted an approach of using the criteria as proposed by the Acquisitions Directive (open bullets above) to interpret the more broadly defined criteria as currently described in AFS Section 3:100 (1). As a result of the implementation of the Acquisitions Directive the criteria mentioned above will be changed to reflect an assessment which is aimed at more objective prudential requirements in relation to either the proposed holder of a qualifying holding or the target financial institution itself. These criteria are: the reputation of the proposed acquirer; the reputation and experience of any person who will direct the business of the financial institution as a result of the proposed acquisition; the financial soundness of the proposed acquirer, in particular in relation to the type of business pursued and envisaged in the financial institution in which the acquisition is proposed; the ability of the financial institution to comply on an ongoing basis with the applicable prudential requirements. In particular, whether the group of which it will become a part has a structure that makes it possible to exercise effective supervision and effectively exchange information among supervisory authorities and determine the allocation of responsibilities among them; and whether there are reasonable grounds to suspect that, in connection with the proposed acquisition, money laundering or terrorist financing is being or has been committed or attempted, or that the proposed acquisition could increase the risk of this occurring. EC 4: AFS Section 3:103 (1) provides that (legal or natural) persons holding a qualifying holding are obliged to inform DNB of any changes in their respective qualifying holdings should they either reach, exceed or fall below 10, 20, 33, 50, 95, or 100 percent. Pursuant to AFS Section 3:103 (2), a bank has a duty (to the extent of its knowledge) to inform DNB annually of the identity of every (legal or natural) person that holds a qualifying holding in the respective bank. Any changes in a qualifying holding causing the holding to reach exceed or fall below 10, 20, 33, 50, 95, or 100 percent or causing the bank to become or cease to be a subsidiary must be reported by the bank as soon as it is informed of such fact. Information on shareholdings in a bank may also be obtained through specific request, during on-site inspections or meetings with management of the bank. This is a basic element in the practice of ongoing supervision. EC 5: When a declaration of no-objection is granted, DNB may attach restrictions and/or conditions to such declaration of no-objection in accordance with AFS Section 3:104 (1) if it deems that from the assessment of the criteria set out in AFS Section 3:100 (1) certain issues/risks have been identified. Such identified issues may, for example, be too remote or low impact that a rejection of an application for a declaration of no-objection would be disproportionate. In such case imposing certain restrictions or conditions could be sufficient in order to mitigate the identified issues/risks. Should a (legal) person who has been granted a declaration of no-objection not comply with the relevant provisions of the AFS, DNB has the authority to give an instruction (“aanwijzing”, Section 1:75 AFS) in order to have such person act in compliance with the AFS. With regard to the situation that a declaration of no-objection is lacking, DNB has several more intrusive enforcement measures at its disposal. In case a qualifying holding is held by a (legal) person without having been granted a declaration of no-objection, DNB can impose a singular administrative fine (“boete”, AFS Section 1:80) or (as the case may be) a recurring penalty (“dwangsom”, AFS Section 1:79) aimed at forcing a company to act in compliance with the applicable laws. A more specific enforcement measure with regard to declarations of no-objection, as set out in Section AFS 3:104 (2), is that DNB may request the applicable District Court to nullify (vernietigen) a shareholder’s decision that was made by, or in conjunction with, a (legal) person holding a qualifying holding without the mandatory declaration of no-objection. Furthermore, in accordance with AFS Section 3:105 (4), DNB may attach restrictions and/or conditions to an existing declaration of no-objection or revoke such declaration if circumstances occur or facts become known that would have resulted in an different assessment of the respective declaration of no-objection. AC 1: With reference to the AFS banks and/or external auditors must notify DNB of any material issues which may negatively affect the banks’ operation.
Assessment	Compliant.
Comments
Principle 5	Major acquisitions. The supervisor has the power to review major acquisitions or investments by a bank, against prescribed criteria, including the establishment of cross-border operations, and confirming that corporate affiliations or structures do not expose the bank to undue risks or hinder effective supervision.
Description	AFS Section 3:96 contains an assessment procedure (similar but not the same as described under CP 4) specifically for banks that stipulates that banks must obtain a ‘declaration of no-objection’ from DNB before they are allowed to engage in certain activities such as reducing equity capital, major investments, transfers of assets and liabilities, mergers and financial or corporate reorganisations.* Furthermore, the AFS contains a procedure for the establishment of a foreign branch-office, which also requires prior approval of DNB. EC 1, 3, 5: AFS Section 3:96 (1) is specifically addressed to banks and requires a bank to apply for a declaration of no-objection before it may engage in the following activities: reducing equity capital through dividend or reserve distributions; acquiring (or as the case may be increasing) a qualifying holding in another financial institution, the value of which exceeds 1 percent of the banks consolidated balance sheet total; acquiring (or as the case may be increasing) a qualifying holding in a non-financial enterprise if the value exceeds 1 percent of the banks consolidated equity total; acquiring assets or liabilities which in value exceed 1 percent of the banks consolidated balance sheet total; a merger with a company of which the balance sheet total exceeds 1 percent of the consolidated balance sheet total of the respective bank; financial or corporate reorganisations; and allowing a general partner to accede to the bank if the bank has the legal form of a limited partnership (seldom used). The process for the establishment of a foreign subsidiary (separate legal entity) should be distinguished from the establishment of a foreign branch-office (same legal entity). The establishment of foreign subsidiaries of Dutch banks is subject to assessment for a declaration of no-objection as described in Section 3:96 (1) (b) or (c), of the AFS depending on the type of subsidiary. Establishment of a branch-office is regulated by Section 2:108 (branch in another EEA member state) and Section 2:111 (branch in non-EEA member state), respectively. The CRD provides for specific procedural rules on the establishment of a branch office in an EEA member state in contrast to non-EEA member states. In any case, prior approval of DNB is required for the establishment of both types of branches. EC 2, 3, 4: The assessment criteria for a declaration of no-objections in respect of activities by banks are laid down in AFS Section 3:101. Such a declaration of no-objection is granted unless, in the opinion of DNB, the proposed activity by a bank: would or could conflict with capital requirements for the bank as outlined in AFS Section 3:57; would or could lead to an influence on the bank concerned which would conflict with sound and prudential business conduct; and would or could lead to an undesirable development of the financial sector. Should the proposed activity concern a full acquisition/obtaining a qualifying holding by a bank in another bank/financial institution in an EEA member state the Acquisitions Directive would be the regulatory framework under which the assessment would take place. An integral part of the assessment procedure is the obligation to co-operate between the respective competent supervisors (home or host). DNB has the power to prohibit the establishment by Dutch banks of foreign subsidiaries or joint ventures in a particular country if the flow of supervisory information from that country is likely to be insufficient under local legislation or other regulations. As explained above, the establishment of a branch office of a bank is regulated through a different procedure than a declaration of no-objection. The main assessment criterion is similar for both types of branches and requires that from the outset, adequate financial and organisational resources are in place at the respective bank to manage the proposed activities deployed in such foreign branch office as set out in AFS Sections 2:109 and 2:111. EC 6: As is the case for a declaration of no-objection in respect of a qualifying holding in a bank, DNB may attach restrictions and/or conditions to such declaration of no-objection in accordance with AFS Section 3:104(1) if it deems that from the assessment of the criteria set out in AFS Section 3:101 certain issues/risks have been identified. Such identified issues may, for example, be too remote or have too low impact that a rejection of an application for a declaration of no-objection would be disproportionate. In such a case imposing certain restrictions or conditions could be sufficient in order to mitigate the identified issues/risks. Should a bank which has been granted a declaration of no-objection to engage in certain activities not comply with the relevant provisions of the AFS, DNB has the authority to give an instruction (aanwijzing) in order to have such a bank act in compliance with the AFS. Similar to the situation in respect of declarations of no-objection for a qualifying holding in a bank, DNB has several enforcement measures at its disposal for (the absence of) declarations of no-objection for the activities as mentioned above by banks. For the enforcement measures see CP 4 (above). DNB may in accordance with AFS Section 3:105, attach restrictions and/or conditions to an existing declaration of no-objection or revoke such declaration if circumstances occur or facts become known that would have resulted in a different assessment of the respective declaration of no-objection. AC 1: In the event that a bank wishes to acquire a significant shareholding in a bank in a non-EEA member state, the assessment criteria would in general require the supervision in such other country to be reviewed. See also descriptions under CP 24 and 25 for a more detailed description on consolidated supervision and international co-operation.
Assessment	Compliant.
Comments	The EU Acquisitions Directive primarily covers the situation of qualified shareholdings in financial institutions and not the situation where financial institutions engage in the activities as referred to in AFS Section 3:96(1). However, there could be an overlap in some areas such as in the event an acquisition is made by a bank in another bank/financial institution in another EEA member state. In such case the Acquisitions Directive would take priority over national laws as is also provided in the proposal for implementation of the Acquisitions Directive in the AFS.
Principle 6	Capital adequacy. Supervisors must set prudent and appropriate minimum capital adequacy requirements for banks that reflect the risks that the bank undertakes, and must define the components of capital, bearing in mind its ability to absorb losses. At least for internationally active banks, these requirements must not be less than those established in the applicable Basel requirement.
Description	EC 1: All banks, having their registered office in the Netherlands, are required to calculate and report their solvency level on a quarterly basis in accordance with rules laid down in DPR chapter 10. No distinction is made between internationally active or domestic institutions. All banks must submit supervisory returns except for those benefiting from a guarantee, provided in accordance with Section 403 of the DCC by a parent company that in itself is subject to consolidated supervision. AFS Section 3:57 and DPR Section 60, require banks to maintain a minimum solvency level of 8 percent. Rules on the calculation of risk weighted assets are specified in DPR Sections 60a-64 and rules on the composition of eligible capital are specified in DPR Sections 89-94. All these rules are based on the EU CRD and as such, are compliant with the Basel II standards. The same applies to the ‘Supervisory Regulation on the Recognition of Hybrid Instruments as Regulatory Capital Components’ that provides detail on which hybrid capital instruments can be included in Tier 1-capital. These rules are compliant with the Basel Press Release of October 1998 and ensure that hybrid capital is sufficiently loss absorbing and permanent and that the bank has a sufficient level of discretion to skip payments when necessary. Whereas the legal maximum of non-core elements (e.g., hybrids or preference shares) in Tier 1 capital is 50 percent, the de facto maximum (see Section 4:2 of the Hybrid Regulation) enforced by DNB is 25 percent. EC 2: As noted in EC 1, all of DNB’s requirements on the definition of eligible capital, risk weighted assets and minimum ratios are in compliance with the applicable Basel requirements, no distinction is made between internationally active and domestic institutions. EC 3: The standard pillar 1-minimum solvency ratio for all banks is 8 percent (DPR Section 60 (1)). This is a generic requirement for all banks. In practice, however, banks operate at capital levels that are much higher than the legal minimum. AFS Section 3:111a gives DNB the authority to impose a higher capital charge, to pursue a specific provisioning policy or to limit the risk profile of the institution if DNB determines that the institution cannot ensure that its business is conducted in a controlled and sound manner. DNB can also impose a higher capital charge if it comes to the conclusion (on the basis of its Supervisory Review and Evaluation Process (SREP) that the amount or composition of available capital does not adequately cover of the totality of a bank’s risks. Each bank that is required to submit a quarterly solvency report is subject to an annual pillar 2-assessement in which the entire risk profile of the institution is reviewed, along with the composition and amounts of required, available and economic capital and the quality of capital management. In line with the ‘Policy Rule on Principles for the Implementation of Pillar 2 of the Basel II Capital Accord’ banks are required to have a sound ICAAP, a component of which is the setting of capital adequacy target that is in excess of the minimum requirements. The supervisor’s assessment of both the quality of the ICAAP and the outcome of this process in terms of capital (targets) is reviewed by a DNB internal ‘SREP-panel’ consisting of the Division Director Banking Supervision and a number of specialists. In most cases, the SREP-panel endorses to the target ratios proposed for each bank which in practice are significantly in excess of the regulatory minimum. In a few cases where the bank’s internal targets were found to be insufficient, a formal, higher, minimum ratio has been imposed. These banks were also prohibited from distributing their earnings. EC 4: As specified in the Pillar 2 Policy Rule, the ICAAP must be comprehensive, i.e., all material risks (on- or off-balance sheet, quantifiable or not) must be covered. To a large extent, off-balance sheet risks are already covered in Pillar 1, but some of these risks, e.g., certain pension obligations, are specifically addressed in pillar 2. EC 5: See description of EC 3. EC 6: In addition to the measures discussed under EC 3, DNB has other powers at its disposal to take action when an institution’s solvency is endangered. If DNB detects signs of a development that may jeopardise the solvency (or liquidity) of a bank under its supervision, DNB may take any of several measures under AFS Sections 1:75 and 1:76, including an instruction on the course of action to be pursued by the bank or the appointment of a special administrator. The actual measures taken will depend on the circumstances of the particular case. EC 7: The DPR and a number of DNB policies contain detailed quantitative and qualitative requirements for internal (credit, market and operational) risk models. All models that are used by banks for regulatory capital calculation purposes need to be validated by DNB before they can be used. Regular supervisory inspections are conducted to ensure ongoing compliance with applicable rules and the closure of (non-material) gaps that may have been allowed at the time of approval. AC 1, 2: As explained above, no distinction is made between internationally active and domestic banks. All capital regulation, including rules on the scope of consolidation, is in compliance with the Basel requirements. The policy rule “Scope of consolidated and solo-supervision for banks and securities firms” contains detail on which entities fall within or outside the scope of solvency regulation. In general, banking entities in a group that benefit from (among other conditions) a 403-guarantee6 (referring to the relevant section in the CDD) by the parent company (which in itself is subject to consolidated regulation), are usually not tested on a stand-alone basis. However, these are exceptional cases and most banks are subject to stand-alone capital adequacy assessments. Parent (banking) companies that have international activities are subject to regular standalone capital adequacy testing on the basis that free transferability of capital throughout the group cannot be assumed. AC 3: DPR Section 24a as well as ICAAP principle 8 as referred to in the Policy Rule on Pillar 2 requires that the ICAAP process shall be forward-looking. This principle has been the basis for extensive discussions between DNB-staff and the management of banks on issues like capital forecasts and contingency planning. Since 2008 stress testing has been an integral part of these discussions. Banks have to demonstrate that their solvency levels remain healthy in the foreseeable future and under severe but plausible stress scenarios (see annex B of Policy Rule on Pillar 2). In line with the norm set by CEBS, DNB’s board ruled that even under a stress scenario set by DNB, banks should still be able to maintain a minimum Tier 1 ratio of 6 percent. Banks that were not able to meet this test were required to raise fresh capital or were prevented from dividend payments. AC 4: Based on the Policy Rule on Pillar 2 banks are required to report on the distribution of required, available and economic capital throughout the group. In some cases these reports have led to discussions between supervisors and bank management on the distribution of capital and to the redistribution of capital across the group so as to better align (locally) available capital with the (local) risk profile. AC 5: As discussed in respect of EC 3, there are no legal or practical impediments for supervisors to require that individual banks or banking groups maintain capital above the minimum.
Assessment	Compliant.
Comments
Principle 7	Risk management process. Supervisors must be satisfied that banks and banking groups have in place a comprehensive risk management process (including Board and senior management oversight) to identify, evaluate, monitor, and control or mitigate all material risks and to assess their overall capital adequacy in relation to their risk profile. These processes should be commensurate with the size and complexity of the institution.
Description	EC 1: DPR Paragraph 4.2 (“Risk Management”) pursuant to AFS Section 3:17 requires that banks have adequate policies, systems, and procedures to identify, measure and manage their risks. This provision of the DPR stipulates the requirements for banks regarding its risk management framework. It requires, for example, an independent risk management function systematically identifying, measuring and managing risks. Based on DPR Chapter 4 “Controlled pursuit of the business operations” high level standards are set with regard to the qualitative requirements on risk management, organization and control for all types of risk. Based on these–principle based–standards, more detailed guidance is used in supervisory practice. EC 2, 3, 4, 5, 6, 7, 9 and 10: It is up to the bank to justify why a particular risk management framework is adequate for its type of business and it is the role of DNB to assess the adequacy of this arrangement. DNB’s assessment of the risk management framework is a central component of its supervisory activities. DNB evaluates the functioning of risk management on an on-going basis through regular meetings, targeted examinations, and analysis of reports. The assessment includes an assessment of the ability of the risk manager to provide sufficient countervailing power to the business. In most cases the functioning of risk management is assessed when examining a specific risk category (e.g., credit or liquidity risk, see also CP 8, 13, to 16) Overall assessment of risk management is also taken into account when performing the SREP. See also the description in the assessment of CP 6. The assessment of the adequacy of risk management focuses on the following issues: is the Board responsible for risk management and is it capable of this task? risk culture or risk awareness in the bank; independence of the risk management function; access to senior management and the Board by the risk management function. holistic approach to risk management; risk appetite set by top management, based on the business strategy and chosen business model, which is translated into adequate policies and a limit setting structure. Risk reporting to the senior management and Board of the bank; review models and methods used by the bank to measure risks (including the requirement of independent validation of the models); and discussing major initiatives regarding the risk profile and/or the risk management framework. Non compliance is enforced with reference to AFS Section 3:111a and DPR 23. For market, credit and operational risk, DNB performs periodic evaluations of the frameworks governing risk models. One of the items assessed is the extent to which the bank performs internal validation and regular monitoring as well as reviews of its models. EC 8: New products do not need to be reviewed by DNB ex-ante. Through risk management reports and regular meetings with senior management, new products are discussed. Examinations are conducted when product approval processes are identified as an area of risk. AC 1: DPR Section 23(6) requires that the financial undertaking has an independent risk management function that carries out independent risk management in a systematic manner that is aimed at identifying, measuring and evaluating the risk to which financial undertakings or branches are or can be exposed. The risk management is carried out both with regard to the financial undertaking or the branches as a whole and with regard to the separate business units. In the explanatory notes to the DPR it is clarified that the way the risk management function is structured, should depend on the size and complexity of the undertaking. The explanatory notes continue by saying that it is customary that especially larger and more complex banks, risk analysis are conducted by an independent risk management function. In practice, when assessing the set-up of a banks’ risk management organisational structure, all complex banks are expected to have specific units for risk management of material risks. AC 2: On a yearly basis a macro stress test is conducted by DNB. Banks are expected to conduct rigorous, forward looking bank specific stress tests as part of their own risk management. This is evaluated annually as part of the SREP or at a higher frequency if necessary. AC 3: Other material risks are taken into account in an institution’s ICAAP, based on the requirement of AFS Section 3:111a and DPR Section 23.
Assessment	Compliant.
Principle 8	Credit risk. Supervisors must be satisfied that banks have a credit risk management process that takes into account the risk profile of the institution, with prudent policies and processes to identify, measure, monitor and control credit risk (including counterparty risk). This would include the granting of loans and making of investments, the evaluation of the quality of such loans and investments, and the ongoing management of the loan and investment portfolios.
Description	EC 1: The DPR Section 24a requires banks to have adequate strategies and procedures to align their own funds with their current and potential risk profile. Furthermore, Section 23a of the DPR requires banks to: establish procedures regarding acceptance, adjustment, renewal and refinancing of credit facilities; have an effective credit administration and monitoring framework for credit portfolios and exposures, including effective systems for the detection and management of problem assets, indexation and provisioning; and ensure that the credit portfolio is diversified in line with the general credit strategy of the bank. Since the introduction of the AFS and its secondary legislation, DNB has assessed the compliance of IRB banks with these requirements through its assessment of applications to use IRB, and as part of its on-going reviews of these banks’ IRB systems. Under pillar 2 of the Basel framework, DNB conducts an assessment of the ICAAP of each institution, through the SREP (AFS Section 3:18a and DPR Section 4.2). An integrated part of the ICAAP is the assessment of an institution’s capital adequacy in respect of credit risk. This assessment is based on routine supervisory work in line with the FIRM process (see CP 6). In addition, stress testing is used to assess the credit risk performance of an institution. EC 2: The control environment of the bank is assessed at least yearly, in the Risk Assessment Process (RAP) cycle. The reference framework for the RAP-cycle is the FIRM methodology which concludes in scores for inherent credit risk, for the credit risk control environment and for a resultant net score. In line with the materiality of these risks, the supervisor determines how, and to what extent, credit risk will be followed up in the supervisory cycle. The options range from off-site examinations of a bank’s risk management information to an in-depth on-site review of the credit risk function. The FIRM scores for credit risk are documented in a separate fact sheet for each bank. Ultimately, the supervisory risk assessment is shared with the bank’s Board. Apart from the annual RAP-cycle, parts of the control environment may be subject of special examinations. Recent examples include: a thematic credit portfolio review on institutions with relatively large foreign exposures and investments; a sector wide periodic data request on exposures in restructuring, arrears and default; and a sector wide examination on financing of and investment in commercial real estate. EC 3: DPR Section 11 requires banks to have adequate policies and procedures to ensure integrity in credit decisions, e.g., preventing conflicts of interest. Furthermore DPR Section 12 requires that banks have procedures to manage and report integrity issues. Sections 14 and 16 require banks to have appropriate measures for customer due diligence. DNB assesses compliance with these provisions through regular contacts with banks’ internal compliance departments as well as special examinations, sometimes conducted on a sector wide basis. EC 4: By AFS Section1:74 DNB is empowered to require information from any party for the purpose of monitoring a bank’s adherence to the Act’s requirements, including those relating to credit and investment portfolios. A bank is legally obliged to co-operate under Section 5:20 of the General Administrative Law Act (“Algemene wet bestuursrecht”). Should an institution fail to do so, DNB can impose a penalty under AFS 1:79 (1d) and 1:80 (1d). In practice DNB generally obtains the cooperation of institutions without needing to apply legal sanctions, and has not experienced any problems in obtaining credit risk information. AC 1: DPR Section 23(4) requires banks to establish procedures and measures with respect to the granting of credit, including limit policies and controls. Assessment of those procedures and measures involves taking into consideration risk committee structures, delegation matrices, limit policies as well as taking note of minutes of such risk committees and/or review samples of individual credit files. AC 2: See EC 2 where counterparty credit risk is included. Additionally, in the Regulation for Solvency Requirements for credit risk a separate chapter addresses the requirements for counterparty credit risk. Counterparty credit risk is covered by the expert group for trading book risk rather than the expert group for credit risk, as DNB take an holistic approach towards all risks in the trading book. In the FIRM framework the appropriateness of processes is assessed in light of the size and complexity of the institution; an institution trading innovative and state-of-the-art products should have state-of-the-art risk management processes and models. AC 3: DPR Section 23a (1) and (2) requires banks to have procedures for the acceptance, adjustment, renewal and refinancing of credit facilities, and that banks have an effective credit administration and monitoring framework for credit portfolios and exposures. More specifically, the Regulation on Solvency Requirements for Credit Risk Section 3:76 stipulates that IRB banks use all relevant information in estimating the risk parameters.
Assessment	Compliant.
Comments
Principle 9	Problem assets, provisions and reserves. Supervisors must be satisfied that banks establish and adhere to adequate policies and processes for managing problem assets and evaluating the adequacy of provisions and reserves.
Description	See also more specific and detailed explanation in the comment section below. EC 1: DPR Section 23 requires banks to have adequate systems and procedures to identify, measure, and manage their risks. More specifically Section 23a requires banks to use effective systems for the continuous administration and monitoring of the various portfolios and receivables that entail credit risks, including the detection and the management of problem loans, performing adequate value adjustments and making provisions. EC 2, 3: The identification and classification of problem assets and provisioning policies and processes are part of the scope of supervision on financial risks, both on and off-balance sheet. As part of the routine supervisory process, discussions are held with bank management on both the overall quality of the asset portfolio and on specific problem assets; these discussions are based on risk management reports and reports by the internal and/or external auditors. Since the start of the credit crisis, DNB has required major institutions to report quarterly on their exposures in arrears. EC 4: Provisioning policies and processes are reviewed during the routine supervisory process. The actual level of provisions is determined by the external auditor in line with accounting principles on asset valuation. DNB will discuss the adequacy of provisions with the external auditor where appropriate. EC 5: Supervisory assessments include a review of policies, processes and organisational resources for problem asset identification and management. This is done through the investigations and reports made by internal auditors and specific on-site supervisory investigations. EC 6: DNB has access to and uses internal risk management reports, Internal Audit reports and reports of External Auditors. EC 7: As noted above (EC 4), the actual level of provisions is determined by the external auditor in line with accounting principles. Although DNB has no direct power to require a bank to increase its level of provisions, it will discuss the adequacy of provisions with the management of the bank and the external auditor if it judges that the level of provisions is inadequate based on its own assessment of risks or likely recoveries. In the event that DNB judges that the level of provisions is not adequate it has the power, by virtue of DPR Sections 3:18 and 3:18a to require a bank to increase its financial strength, e.g., by placing restrictions on the payment of dividends or raising new capital. Recently, the authority for DNB to correct valuations was introduced more directly, through DPR Section 89. EC 8: The assessment of classification of credits and assets is covered in the assessment of EC 2 and 3. The power to require additional provisions is discussed in the assessment of EC 7. EC 9: The Regulation on solvency requirements for credit risk, chapter 4 (“credit risk mitigation”) provides for requirements and methods to value collateral, guarantees and other risk mitigates that may be taken into account for in the calculation of solvency requirements. Either an estimation of the net realisable value or a haircut on market value is applied. These valuations are subject to periodical assessment. EC 10: Asset impairment criteria are contained in accounting principles applied by the external auditor. EC 11: Internal management information on the quality of the asset portfolio, arrears, defaults, provisions etc., is discussed with relevant board members and senior management during routine on-site supervision. EC 12: Since large exposures do not qualify for a retail (portfolio) approach under IRB, the valuation, classification and provisioning of these exposures must be done on an individual exposure basis. AC 1: For IRB banks, DPR Section 1 defines exposures as in default if they are in arrears for more than 90 days. For banks using the standardized approach (Chapter 2 of the Regulation on solvency requirements for credit risk), payments that are in arrears exceeding 90 days will receive a higher capital charge based on Section 2:33 of the aforementioned Regulation.
Assessment	Compliant.
Comments	The external auditor is vested the responsibility to audit the adequacy of provisioning for impaired assets which primary responsibility is with the management of each bank thereof. NIVRA provides and protects the quality and integrity of the auditing profession by its licensing requirements and permanent education. The provision methodology is based on IFRS (& Dutch GAAP, i.e., the DCC), in which framework only incurred losses are provided against. For the purposes of assessing the adequacy of provisions against expected losses (as opposed to the incurred loss approach contained in IFRS) DNB uses the Basel II/CRD IRB framework. This framework does not distinguish conceptually between provisions and required capital, since capital requirements vary according to a bank’s own estimates of its potential losses. According to DPR (art 94-2-f-1/92-2-c), a correction on the IFRS equity is made for the difference between the expected loss as calculated under the IRB methodology and the incurred loss (excess/shortfall) shown in the accounts. See COREP 1.3: “deductions from original and additional own funds” especially line 1.3.7: “IRB provision shortfall and IRB equity expected loss amounts”. The expected losses are calculated based on IRB models as approved by DNB and internally validated. IRB models are used by all large Dutch banks and some small banks. They consequently cover the far majority of the banking population (in balance sheet total). Apart from an extensive validation process, DNB also conducts an annual IRB health check. This consists of off-site and on-site examination of i.e., model governance, use test, monitoring, back testing, model validation, review of expected losses versus provisioning. Further, DNB-amongst others-imposes the CRD default definitions and best estimate LGD regarding problem assets. For small banks using the Standardised methodology no such adjustments are made. In these cases expected losses are taken into account in the ICAAP/SREP process of pillar 2 of the Basel accord. The required capital is increased in accordance with the expected (but not incurred) loss.
Principle 10	Large exposures limits. Supervisors must be satisfied that banks have policies and processes that enable management to identify and manage concentrations within the portfolio, and supervisors must set prudential limits to restrict bank exposures to single counterparties or groups of connected counterparties.
Description	AFS Sections 57 (6) and (7) in conjunction with DPR Sections 1 and 102, provide the legal basis for DNB’s specific regulations on large exposures for banks, investment institutions and clearing institutions. The specific regulations are provided for in Section 7 of the Regulation on solvency Requirements for Credit Risk. (RSK) This legal framework for large exposures is based on the CRD. EC 1, 2 and AC 1: The actual large exposure limit of 25 percent own funds is set in DPR Section 102, while the definitions in DPR Section 1 include those for large exposure is defined as any exposure which exceeds 10 percent of the own funds of the institution. Exposures are defined to include both on- and off-balance sheet items. EC 3: The large-exposure rule includes exposure limits (in percentages of the actual own funds) and risk reporting requirements (Section 7:5 of the Regulation on solvency requirements for credit risk). In order to comply with the reporting requirements regarding large exposures, banks must have management information systems in place which enable them to identify and report concentrations within their portfolios in a timely manner. The reporting system also enables the management of banks and therefore DNB to monitor compliance with the large-exposure regulations. Large exposures are reported quarterly to DNB on both a consolidated and solo basis, except where individual banks have been explicitly exempted from solo reporting in accordance with DPR. Quarterly reporting is more frequent than the minimal requirement set by the CRD. DNB will continue this frequency under the adjustments following from Directive 2009/111/EC amending the CRD (CRD II). EC 4: The concentration and correlation of risks is addressed within the framework of each individual bank’s (credit) risk analysis and the periodical on-site inspections by DNB. Institutions are required to perform systematic analysis of risks, taking into account the concentration, geographical, currency and single risk deriving from large exposures. EC 5: DNB has the power to require banks to take remedial actions in cases where concentrations appear to present significant risks. Within Pillar 2, banks are required to assess and address risk concentration in their portfolio through the ICAAP. Examples are geographical or sector concentrations. For a specific concentration risk, i.e., country concentrations, DNB has published a Policy Rule to provide transparency on how DNB would prefer that institutions address this specific concentration risk (see also Principle 12).
Assessment	Compliant.
Comments	In the context of the CRD II, the large exposure regime is currently being adjusted. The new regime that was implemented by end-2010 will reinforce DNB’s surveillance of large interbank exposures. Furthermore, in the context of CRD II, CEBS has published specific guidelines in order to achieve consistency across supervisory authorities across Europe. DNB is in the process of implementing these guidelines and will implement and enforce these guidelines at the same time as the new large exposures regime.
Principle 11	Exposures to related parties. In order to prevent abuses arising from exposures (both on-balance and off-balance sheet) to related parties and to address conflict of interest, supervisors must have in place requirements that banks extend exposures to related companies and individuals on an arm’s length basis; these exposures are effectively monitored; appropriate steps are taken to control or mitigate the risks; and write-offs of such exposures are made according to standard policies and processes.
Description	See also more detailed description in the comment section to this CP. EC 1: The AFS requires banks to pursue an adequate policy that safeguards controlled and sound business operations (AFS Section 3:17). In addition, DPR Section 11 requires that financial services provided by institutions to persons, managers, shareholders, and other related parties takes place only in the course of the normal business operations and against the usual commercial terms and conditions and collateral (price setting based on at arms length principle). However, the definition does not include the broad range of related parties referred to in the footnote to this EC. EC 2: The AFS requires banks to take measures to prevent conflicts of interests (Section 3:17 Paragraph 1a and DPR Section 11). In addition, banks are obliged to pursue a policy and to clearly document procedures aimed at managing relevant risks with regard to the acceptance, revision, renewal and refinancing of loans (DPR Section 23 and 23a). EC 3, 4: The AFS obliges banks to take measures to prevent the financial enterprise or its employees from committing offences or other transgressions of the law or perform acts that are contrary to generally accepted standards in the financial markets (Section 3:17 Paragraph 2). This requirement provides the basis for DNB to discuss compliance of banks with the more general requirements relating to addressing conflicts of interests. Examples of relevant rules in this respect are: The DCC (Sections 2:146 and 256) that requires companies to take certain measures to prevent a conflict of interest between the company and one or more of its directors. The Netherlands’ Corporate Governance Code. Compliance with the code is mandatory for Dutch exchange listed companies, but is considered a generally accepted standard that also applies to non-listed companies. The Code requires supervisory board members to avoid conflicts of interest between the company and the supervisory board members (Principle 3.6). The Netherlands’ Banking Code is a code designed by the banking sector itself in response to the financial crisis. This Code has subsequently been embedded in Dutch legislation. It requires, inter alia, that the supervisory board is independent of the company (Principle 2.1). EC 5: The large exposures rules, including its provisions and CEBS guidance on connected clients, apply to single exposures to related parties. In accordance with the revised large exposures framework (2009/111/EC, the “CRD II”), a stronger emphasis will be placed on intragroup exposures and further guidance will be provided on the definition of connected clients. With respect to capital deductions, DPR Section 94(2) requires that the institution’s own funds are deducted by qualified participations in financial holdings (i.e., where the institution owns more than 10 percent of the outstanding shares). For participations in non financial entities, where the institution has 10 percent of the outstanding shares, the value of the participation shall not exceed 15 percent of the institution’s regulatory capital. For the qualified participations as whole, a limit of 60 percent of the regulatory capital applies (Section 140 of the Decree). Both provisions are in compliance with the CRD. EC 6, 7: DNB adopts a principles-based approach that is aimed at addressing possible conflicts of interest and preventing abuse arising from exposures to related parties, rather than relying on detailed formal requirements. If DNB is of the opinion that in a specific situation, a bank is in violation of these regulations, DNB has several instruments available to enforce the AFS (see CP 1(4)). Informally, during its day-to-day supervision on banks, DNB makes use of moral suasion to ensure the independence of the supervisory board and its standards in respect to the situation where the shareholder of the bank participates in the board of the bank.
Assessment	Largely Compliant.
Comments	DNB does not set any specific limits on exposures to related parties or on intra-group transactions. DNB argues that provisions of the AFS Section 3:17 provide an adequate legal basis for controlling related party lending, although this section does not make a specific reference to such lending. The relevant section stipulates that a credit institution shall organise its operations in such a way as to safeguard a controlled and sound business operations and that rules shall be laid down with regard to (inter alia) the control of business processes and business risks (in general); and more specifically with regard to integrity. DNB interprets this to mean the prevention of inter alia: conflicts of interest; and relations with clients that could damage confidence in the financial institution, or in the financial markets. This enables DNB to require that credit institutions set adequate limits with respect to intra group exposures and other related parties. The definition of a related party is based on the DCC. DNB makes extensive use of “moral suasion” to ensure that such limits are set and complied with. The assessors found no evidence to suggest that related party lending is, or has been, a significant issue in the Netherlands, and therefore this relatively informal system of control may be judged effective. Nonetheless for purposes of full compliance with CP11 DNB needs to put in place a more formal framework of limits and prohibitions on lending to related parties. These should include, for example, hard limits on lending to other group companies and prohibitions on lending to directors and shareholders beyond a specified (low) threshold.
Principle 12	Country and transfer risks. Supervisors must be satisfied that banks have adequate policies and processes for identifying, measuring, monitoring and controlling country risk and transfer risk in their international lending and investment activities, and for maintaining adequate provisions and reserves against such risks.
Description	EC 1, 2: The basis for the assessment of country risk is the ICAAP. DNB evaluates the ICAAP on an annual basis by performing its SREP analysis, (AFS Section 3:18a and DPR Section 25a). The SREP is intended to establish that an undertaking’s solvency management is sound and that its own funds are sufficient to absorb the risks inherent in its activities. The SREP includes an assessment of a firm’s country concentration risk control. Although DNB places the primary responsibility for taking into account country and transfer risk on the bank itself, it recently (July 15, 2010) published a Policy Rule on “the treatment of concentration risk in emerging countries”. The Policy Rule builds on the requirements set out in AFS Section 3:17 and DPR Sections 23, 24a, and 25a. These sections require that a bank should have sound, effective and comprehensive strategies and procedures to enable it to monitor on an ongoing basis the level, composition and allocation of its equity capital to match the scale and nature of its current and future risks. The Policy Rule on the treatment of concentration risk in emerging countries has been provided to ensure that all Dutch licensed banks adopt a more harmonised approach. The Policy Rule appears to have been designed to bring about changes to the business models of certain entities, especially subsidiaries of foreign banks. EC 3: DNB has not set out a framework for the setting of appropriate provisions for country and transfer risk. However, it seeks to obtain the same outcome by the requirement to address concentration risks under Pillar 2 of CRD (i.e., the ICAAP/SREP process). Undertakings must themselves assess the level of country concentration risks they are running and which supplementary measures to control country risk, such as the limitation of concentrations, are necessary. Where the bank’s internal controls fail to prevent excessive country risk concentrations, DNB’s Policy Rule requires the undertaking to increase its level of own funds. This policy is an integrated part of the ICAAP/SREP process. Under the Policy Rule referred to above, institutions that are assessed to have a high concentration of risk in certain emerging economies are required to hold a capital buffer in addition to that which would normally be assessed under the ICAAP/SREP process. Potential losses are based on material country concentrations, less the credit risk mitigation that is permitted under the Policy Rule. Only material country risks that exceed a 5 percent threshold have to be taken into account. Although there are no strict limits per country banks with concentrations that exceed 20 percent of their balance sheet are required to wind them down as soon as possible (Section 4, diversification table of the Policy Rule). Large concentrations will lead to capital surcharges. Following from the recognition of certified IRB models as a (possible) substitute for applying the Policy Rule on country concentrations, the actual scope of the Policy Rule is largely limited to smaller institutions. EC 4: Reporting of country risk exposures to DNB is through a combination of normal supervisory returns (capital adequacy and large exposures in particular) and through examination of internally generated risk reports under the ICAAP/SREP process.
Assessment	Compliant.
Comments	Although DNB’s approach to setting appropriate provisions for country risk does not draw on any of the possible approaches discussed in EC 3, its assessment of risk concentrations under the ICAAP/SREP process combined with its policy of requiring additional capital for concentrations of country risk that it deems excessive achieves the same purpose as envisaged in this EC and therefore DNB is considered to be compliant with it.
Principle 13	Market risk. Supervisors must be satisfied that banks have in place policies and processes that accurately identify, measure, monitor and control market risks; supervisors should have powers to impose specific limits and/or a specific capital charge on market risk exposures, if warranted.
Description	EC 1: DPR Section 23 stipulates the qualitative requirements to which financial institutions must adhere. These requirements specifically detail the policies and measures to control market risk and how they must be integrated in the company processes. The policies and procedures should contain authorisation procedures, limit setting, limit adherence and measures to be taken in case of emergency situations. The policies and procedures depend on the nature, size, risk profile and complexity of the trading activities of the institution. Each institution must have an independent risk management function which role it is to identify, measure and evaluate the risks the institution is exposed to through its trading activities. EC 2: The Regulation on solvency requirements for market risk requires each bank to have in place limits that must be approved by the board. In addition, the Regulation stipulates that the active management of positions held with trading intent shall be performed in conformity with a clearly documented trading strategy approved by senior management. The trading strategy needs to include clearly defined policies and procedures, covering, at a minimum, which positions may be entered into by a trading desk; which position limits apply and how they are monitored for appropriateness; the extent to which dealers of the financial undertaking have the autonomy, within the limits of the trading strategy and within the position limits, to take positions; the reporting of positions to senior management as an integral part of the financial undertaking’s risk management process; and the active monitoring of positions with reference to market information sources, in particular with respect to the assessment of the marketability or hedge ability of these positions or their risk components. Compliance with these requirements is assessed by DNB through a system of targeted on-site examinations. EC 3: The Regulation on solvency requirements for market risk requires valuation policies covering the frequency of valuation, frequency of verification procedures, mark-to-market vs. mark-to-model and the use of market data. The valuation is subject to an independent price verification which verifies the applied market prices and model inputs. EC 4: The Regulation on solvency requirements for market risk requires banks to have adequate risk measurement programs including stress testing, scenario analysis, validation and testing of market risk measurements. In addition, at least once a year firms are required to evaluate the entire risk management processes, including amongst others the documentation of risk management policies, the management information systems, the valuation processes and the independent valuation verification, the nature and measurement market risks and the back testing process. All models used for solvency calculations need to be approved by DNB. In addition, the programme of back testing needs to be approved by DNB and its results are submitted to DNB each quarter. AC 1: See EC 3 above. More specifically, the Regulation on solvency requirements for market risks stipulates that the valuation shall be subject to independent price verification by regularly checking the market prices or model inputs for accuracy and independence. The independent verification of market prices and model inputs is required to be performed at least monthly, or, depending on the nature of the market or trading activity, more frequently, by a unit independent of the dealing department.
Assessment	Compliant.
Comments
Principle 14	Liquidity risk. Supervisors must be satisfied that banks have a liquidity management strategy that takes into account the risk profile of the institution, with prudent policies and processes to identify, measure, monitor and control liquidity risk, and to manage liquidity on a day to day basis. Supervisors require banks to have contingency plans for handling liquidity problems.
Description	EC 1: DNB sets both qualitative and quantitative guidelines for liquidity management. The legal basis for DNB’s liquidity requirements are AFS Chapter 3, Part 3.3.7, Sections 3.63, 3:64, 3:65, 3:66. Chapter 11 DPR and Section 3:17, second subsection AFS and DPR Chapter 4. The quantitative requirements measure the assets available to the institution to meet its immediate liquidity needs (a “stock” concept) against standardised assumptions of net negative cash outflows based on the maturity profile of liabilities over both a one week and one month time horizon. Liquid assets are defined to include marketable securities, including those eligible for discount with the ECB. Different categories of marketable instruments are subject to a range of haircuts to reflect their liquidity. Banks report their liquidity position on a monthly basis using a standardised regulatory liquidity report (7029–Instruction for 8029, Large Exposures Liquidity (2003)). The qualitative requirements on sound liquidity risk management are based on DPR “Controlled pursuit of the business operations. This requires high level standards to be set with regard to the qualitative requirements on risk management, organization and control for all types of risk. The high level standards are principle-based but more detailed guidance is used in the supervisory practice. This guidance is based on the updated Basel Principles for sound liquidity management and supervision (BCBS September 2008). EC 2, 3: DNB monitors banks’ internal liquidity management strategies and processes by means of the FIRM framework. Liquidity risk is one of the components of the FIRM score and for each institution there is a factsheet dedicated to liquidity risk in which the liquidity position and the liquidity controls/management are scored. The supervisory response over the coming year is determined by this score. It can range from regular talks with the Treasurer, the CRO and the CFO and a monthly standardised liquidity report (basis programme) to specific actions (intended to mitigate specific risks. The assessment of the supervisor is benchmarked within DNB by both a group of risk experts (including inspectors and policy advisors similar to the expert groups as described under the principles for market and credit risk) and the management of the BSD. Ultimately the supervisory risk assessment is also shared with the Board of the supervised institution. EC 4: In addition to the measurement of net funding requirements referred to in EC1, in future DNB proposes to use a more integrated approach to assessing liquidity risk which will include both an ILAAP and a SREP-like approach with regard to the assessment of liquidity risk of a firm and the minimum liquidity requirements set for that firm. According to that process extra liquidity requirements may be formally set for an individual firm in addition to the standard minimum liquidity requirements. Stress testing will be part of the ILAAP (Pillar 2 requirement). Additional liquidity requirements are already set in individual cases or with regard to a specific group of banks. The Basel Principles will be used in the context of the SREP-like procedure with regard to liquidity risk management. In the end the ILAAP/SREP procedure, the Basel Principles and a revised reporting and test system–taking into account CEBS guidance and Basel standards–and a data interface system should be integrated in a reviewed liquidity supervision system. DNB intends to introduce these procedures from December 31, 2010 as part of the CRD II implementation. EC 5 and AC 1: The standardised liquidity report is in Euro only and does not distinguish between major currencies. However, commencing in the second half of 2007, DNB started closer monitoring (via the implementation of a crisis monitoring team) of the liquidity position of a selected group of firms, including all large banks. High frequency reporting has been required, if necessary nearly daily and at least weekly. In this context wholesale run-off scenarios must be reported, in all major currencies. Monitoring includes close monitoring of possible run-offs and the application of stricter requirements with regard to the definition of wholesale funding, e.g., a 100 percent run-off of fiduciary funds, more restricted recognition of received collateral (e.g., not recognized as liquidity buffer component if it is not already registered at the respective central bank) and stricter monitoring of liquidity positions (mismatch) in foreign currencies. EC 6: As part of the enhanced liquidity monitoring regime introduced in the second quarter of 2007, some banks have been encouraged to strengthen their liquidity positions, e.g., upgrading contingency positions, hedging FX positions, reconsidering usage of ECB tender programs or state guaranteed funding programs. A reverse stress treatment has also been applied on the assumption of a full run off during a 2-3 month period. Where necessary supervision has set individual liquidity requirements (above the regulatory minimum) for individual institutions. In addition, the crisis monitoring team also initiated several thematic qualitative assessments e.g., assessment of liquidity funding plans, adequacy of liquidity contingency plans and the analyses of the development of the actual funding profiles. The outcomes of these kinds of assessments were and are discussed with top management of the institutions under supervision. AC 2: As part of ongoing supervision the funding mix and strategic (money and capital) market access is discussed with the banks. In the semi-annually performed funding profile analysis, market access and liability diversification are two of the topics that are looked into. In this analysis special attention is paid to the liquidity of the assets that are used as liquidity buffer. The capacity to sell assets in case liquidity is required is assessed assuming stressed markets. All these elements will be integrated in the ILAAP assessment that will be performed at least annually, starting 2011.
Assessment	Compliant.
Comments	Given the experience of the financial crisis and also taking into account the liquidity requirements envisioned in Basel Ill, DNB is in the process of enhancing the minimum quantitative liquidity standards. These new minimum standards are planned to become effective as of December 31, 2010. The new requirements refine, but do not fundamentally change the basic framework for liquidity management that DNB has operated since 2003. On December 31, 2010 DNB intends formally to implement the September 2008 Basel Principles on Liquidity Risk Management as part of its implementation of CRD II. DNB has already issued a draft version of the proposed “Regulation on liquidity” (implementing CRD II) for consultation. The revised guidance also takes account of the CEBS’s technical advice to the European Commission on liquidity risk management (CEBS September 2008)’, and CEBS’s ‘Guidelines on Liquidity Buffers & Survival Periods’ (CEBS December 2009). The assessment team recommends that DNB’s standardised liquidity report be amended to permit analysis according to major currencies. This could replace the ad hoc reporting system introduced during the crisis.
Principle 15	Operational risk. Supervisors must be satisfied that banks have in place risk management policies and processes to identify, assess, monitor and control/mitigate operational risk. These policies and processes should be commensurate with the size and complexity of the bank.
Description	EC 1: Each authorized bank in the Netherlands is required to organize its operations in such a way as to safeguard controlled and sound business operations (AFS Section 3:17 and 3:18). With regard to AFS Section 3:17 (1) further rules have been laid down in DPR Chapter 4, 5 and 10. Chapter 4 concerns the control of business processes and business risks, integrity and the soundness of the financial enterprise, which includes the control of other risks, including operational risk, that may affect the soundness of the financial enterprise. Chapters 5 and 10 concern outsourcing and operational risk solvency requirements respectively. In addition, DNB has implemented the CRD and CEBS-guidelines through supervisory rules (“Regulation on solvency requirements for operational risk”). Under these requirements, firms are required to meet specified general risk management standards which include ‘robust governance arrangements’ that are ‘comprehensive and proportionate to the nature, scale and complexity’ of the firms’ activities. EC 2: The board of each bank is responsible for the bank’s strategies, policies and processes for the management of operational risk. DNB holds the board responsible for compliance with these strategies and policies, which is explicitly reflected in our assessment frameworks (IT, AMA, etc.) EC 3: DNB periodically assesses, in accordance with the rules laid down in the DPR, the strategies, procedures and measures pursuant to Section AFS 3:17 AFS. DNB’s assessment of the board’s compliance with supervisory requirements is contained in its Risk Assessment Framework and forms a component on the FIRM methodology. Supervisory activities are prioritized based on the outcome of these assessments. Operational risk related items can be found throughout the different work programs since operational risk is embedded in all the business activities. Moreover, DNB has defined specific instruction sets for IT risk (e.g., for change management and for information security and monitoring), outsourcing risk and operational risk. In Spring 2010 an extensive examination of banks that have implemented the Advanced Measurement Approach for Operational Risk (AMA) took place. For the AMA-examination a specific highly detailed evaluation scheme had been prepared. As a follow-up on this examination it is planned to continually revise and update these evaluation schemes. EC 4: Business Continuity Management (BCM) for systemically relevant banks is assessed on an annual basis using the Assessment Framework for Business Continuity Planning (BCP) Financial Core Infrastructure (Ref .TRIM. 2008/316107) and the BCM assessment framework (Ref. TRIM 2005/63169). For all other banks BCM is assessed periodically on a risk-based (FIRM) approach. In addition to the explicit focus on BCM, DNB also organizes a yearly Market Wide Exercise helping banks to test or rehearse their internal and external crisis management and crisis communications processes and procedures. EC 5: Information Technology Risk is an integral part of DNB’s risk assessment methodology. The requirements set out in Section AFS 3:17 and DPR Chapter 4 are fully applicable to Information Technology Risk. Information technology related risks are supervised by a dedicated group of IT risk experts (Expert Centre ICT supervision, consisting of 16 FTE posts) in close cooperation with general supervisors, focusing on IT -governance, IT-security, systems availability, and management. EC 6: In the normal course of supervision significant attention is paid to the risk management framework of supervised institutions. This emphasis is in line with DNB’s “three lines of defense” model (see Section 6, above). DNB regularly requests information generated by the second and third line of defense (and if needed from the first line as well) and as such receives a variety of reporting items from Internal Audit, Operational Risk Management (ORM), Information Risk Management (IRM), Legal & Compliance etc. In addition, the adequacy of systems of control in respect of operational risk are assessed during both the initial approval stage for banks to use the Advanced Indicator Approach (AIA) for the calculation of their operational risk capital charge and DNB’s on-going assessment of their compliance with the relevant criteria. EC 7: Legal risk is an integral part of DNB’s risk assessment methodology (FIRM). The requirements set out in AFS Sections 3:17 and 3:18 AFS and DPR Chapters 4 and 5 DPR are equally applicable to legal risk. EC 8: Outsourcing risk is an integral part of DNB’s FIRM risk assessment methodology. The requirements set out in Section AFS 3:18 and DPR Chapter 5 are specifically applicable to outsourcing risk. A detailed risk assessment framework and specific guidance on outsourcing risk is available for supervisors. Outsourcing risk is benchmarked (as part of the RAP) in the Outsourcing Risk Knowledge Network on an annual basis. AC 1: DNB expects large, internationally active banks to implement the AMA on a group-wide basis. For those banks, group-wide supervisory activities are coordinated through supervisory colleges. Additional risk categories in certain operationally intensive business (e.g., custody and correspondent banking) are included in the FIRM definition of Operational Risk, and are taken into account in the supervisory process.
Assessment	Compliant.
Comments	DNB’s current FIRM operational risk definition differs from the supervisory framework provided by Basel and related supporting guidance (CEBS). DNB’s risk assessment methodology does however address all relevant items of operational risk and as such all relevant items of operational risk are addressed in the supervisory activities of DNB. As part of DNB’s VITA project, a new or revised version of the RAM is being introduced.
Principle 16	Interest rate risk in the banking book. Supervisors must be satisfied that banks have effective systems in place to identify, measure, monitor, and control interest rate risk in the banking book, including a well defined strategy that has been approved by the Board and implemented by senior management; these should be appropriate to the size and complexity of such risk.
Description	EC 1: DPR Chapter 4 requires banks to have adequate systems and procedures to identify, measure and manage their risks. The requirements for the bank’s board to approve, review and implement an interest rate risk strategy and policy are laid down explicitly in DPR Section 23 (2). The FIRM methodology contains a factsheet for interest rate risk in the banking book. This factsheet requires the supervisor to score the bank’s inherent risks, internal controls (including policies, systems, and the involvement of the bank’s board) and vulnerabilities. Each bank’s assessment is benchmarked within DNB by both a group of interest rate risk experts (including inspectors and policy advisors) and by the management of the BSD. Ultimately, this supervisory risk assessment is shared with the bank’s board. Depending on the outcome of the assessment, the follow-up may range from regular talks with ALM management of the bank, off site examinations of the bank’s management information (ALM reports, minutes of ALCO meetings) to a full fledged and in-depth inspection of the ALM function (including governance and involvement of the Board) on-site. EC 2: DPR Section 23(d) requires banks to have adequate systems to assess and manage the interest rate risk in the banking book. Banks have to report on a consolidated basis several key figures: their forecast for the interest rate margin over 1 and 2 years, the economic value of equity, the impact of the standard stress scenario on earnings (Earnings-at-Risk/earnings-prospective to interest rate risk) and on economic value of equity (EVE/value perspective) and the present value of a basis point (PV01). The information is used to test the bank against the outlier criterion (loss of 20 percent EVE). DNB has published guidelines on the measurement of interest rate risk in the banking book to assist supervisors in the assessment (“Guidelines on interest rate risk in the banking Book”, publicly available at the ‘Open Book’ section of DNB’s website). Supervisory assessment of interest rate risk limits, adequacy of measurement methods and systems, as well as competence of ALM staff are covered by the FIRM and SREP methodologies. If considered necessary, supervisory follow-up/measures can range from instructions to the Board of the bank to enhance systems and measurement methods as well as strengthen the interest rate risk management function and governance (decision making in ALCO, segregation of duties), as well as measures to reduce the risk position and impose additional capital requirements under Basel II Pillar 2. EC 3: The obligation for banks to regularly stress test the economic value of their equity is implicitly laid down in DPR Section 25(b). According to this section, DNB is required to take measures if the economic value of equity of a bank would drop by more than 20 percent in a stress test to be defined by the DNB. DNB requires banks to calculate this stress test with the standard, parallel shift of the yield curve with +/- 200 basis points. On a quarterly basis, according to DNB reporting framework, banks have to calculate and report the results of this standard stress test. Note that the impact of these stress tests is not only reported in terms of the potential loss of economic value but also in terms of earnings-at-risk. Based on these supervisory reports, DNB determines which banks are “outliers”. The outlier criterion is one, but not the only, element in determining appropriate supervisory follow up which may range from discussions with the bank’s board to an instruction to reduce risk positions and/or hoard additional capital. In addition to these parallel shifts, DNB expects banks to include in their internal ALM management information also other stress scenarios with non parallel shifts (twists) of the yield curve to the extent relevant. AC 1,2 and 3: The SREP includes an assessment of the risk management and interest rate positions of a bank. In the SREP of a bank, DNB discusses interest rate risks and controls in the Basel II, Pillar 2 dialogue with the Board of the bank. In the context of this SREP and the assessment of the bank’s ICAAP, the bank’s (economic capital) model/methodology and assumptions for interest rate risk in the banking book are assessed by DNB, taking into consideration the size, nature and complexity of a bank’s interest rate risk profile. In the SREP process, the ICAAP of a bank and the bank’s practice in both modeling/measurement and management of interest rate risk in the banking book are benchmarked against the practice encountered by DNB at other, comparable banks. Moreover, under Basel II, Pillar 2 banks are explicitly required to implement the relevant CEBS guidelines on “Technical aspects of the management of interest rate risk arising from nontrading activities under the supervisory review process” (October 2006). This includes the calculation of the impact on the economic value of equity of the standard shock (+/- 200 basis points) to the yield curve. In the event that a bank fails this test, DNB would be obliged (DPR Section 25b) and empowered (AFS Section 3:111a) to take measures, which may include requiring additional capital for interest rate risk in the banking book. The larger systemic relevant banks participate yearly in a macro stress test organized by DNB. This stress test includes non parallel shifts of the yield curve and their impact on the interest rate margin and the capital of the banks involved. Several banks also participated in the CEBS stress test (July 2010). Finally, in the context of Basel II, Pillar 2 banks are required to perform a set of own stress tests tailored to the risk profile of the bank and this set includes stress tests for interest rate risk in the banking book. Under Basel II, Pillar 2 banks are explicitly (DNB Policy Rule on Principles for the Implementation of Pillar 2 of the Basel II Capital Accord, Annex B) required to implement the relevant CEBS guidelines regarding stress testing. AC 4: The segregation of duties and the independence of risk functions within a bank are required according to the general provisions of DPR Section 23. DNB assesses the governance of the ALM function, the adequacy of decision making processes in the ALCO committee (including Board members) and the execution of the ALCO decision with approved limits and controls by the Treasury function of the bank.
Assessment	Compliant.
Comments
Principle 17	Internal control and audit. Supervisors must be satisfied that banks have in place internal controls that are adequate for the size and complexity of their business. These should include clear arrangements for delegating authority and responsibility; separation of the functions that involve committing the bank, paying away its funds, and accounting for its assets and liabilities; reconciliation of these processes; safeguarding the bank’s assets; and appropriate independent internal audit and compliance functions to test adherence to these controls as well as applicable laws and regulations.
Description	EC 1: The DCC contains a number of sections specifying in general terms the responsibilities of the management of companies. Individual managers are responsible to the legal entity for the adequate fulfillment of their duties (DCC, Section 2:9). Furthermore, individual managers may be held personally liable in case of unseemly behavior, if such behavior results in the bankruptcy of the company (DCC, Section 2:138). The AFS (Sections 2:12, 3:8 and 3:9) contains requirements regarding the expertise and trustworthiness of the board members and other managers involved in the day-to-day policy making at the institutions. Furthermore, AFS Section 3:17 prescribes that each financial undertaking has a “clear and adequate organizational structure” as well as “clear and adequate division of tasks, authorities and responsibilities”, which may/has to be aligned with the nature, size, risks, and complexity of the particular financial undertaking”. The Netherlands’ Corporate Governance Code (see a brief description of the Code itself in CP 11) describes the responsibilities of boards of banks which are publicly listed on the Dutch Stock Exchange. Major non-listed Dutch banks such as ABN Amro and Rabobank have voluntarily adopted the Code. The application of the Code is monitored annually by the Netherlands’ Corporate Governance Code Monitoring Committee. Furthermore external auditors produce statements on compliance by individual companies. This statement is contained in the annual report of these companies. As from 2010 the Netherlands’ Banking Code has been incorporated in the DCC and therefore applies to all Dutch banks which are licensed by DNB. In their annual reports, banks must disclose (based on DCC Section 2:391 (5)) their level of compliance with the Code (“Comply-or-explain-principle”). The application of the Code will be monitored annually by the Banking Code Monitoring Committee. EC 2: The adequacy of controls is frequently discussed by supervisors with the management and supervisory boards of the banks. Audit reports (both from internal and external auditors) are discussed with auditors as well as with management and board members as appropriate. During on-site-examinations within business lines or group control functions, significant attention is given to the design and effectiveness of controls. During on site examinations and periodic meetings the findings of internal audit function and compliance function are included in the review. Within DNB’s supervision department, a significant number of supervisors have specialized in corporate governance issues. These supervisors are supported by policy department experts. During the annual RAP, all banks are benchmarked against corporate governance standards. This leads to a “calibration” of risk scores which are given to all banks for control categories such as Organization, Management and Audit. The detailed assessment criteria used in this process are part of FIRM. These risk scores are shared with the management and supervisory boards of the banks. See also CP 19. EC 3: In addition to the assessments referred to under ECs 1 and 2, understanding of risk and commitment to control are monitored through frequent meetings with board members and senior management in which specific business or control activities are discussed. DNB also has meetings with representatives of the Supervisory Board (for example the Audit Committee). An identified lack of knowledge or commitment is discussed with more senior management. See also CPs 19 and 20. EC 4: Each individual board member has a personal “license-to-operate” granted by DNB. This is based on AFS Sections 3:8 and 3:9. DNB can decide that an individual board member is no longer fit-and-proper and thereby revoke the license-to-operate if at any time it decides that the individual fails to show sufficient risk awareness or emphasis on internal controls. On occasions, where DNB has serious doubts about the performance of senior management, it first uses moral suasion to convince the Board to replace these managers. If this has no effect, further more formal measures are applied within the legal powers given to DNB. EC 5: The balance of the skills and resources in the back office and control functions relative to the front office/business origination form part of DNB’s assessment of business plans during the licensing process and as part of on-going supervision. During on-site examinations and periodic meetings, significant attention is given to these aspects. EC 6: DPR Section 21 prescribes that each financial undertaking possesses an independent compliance function responsible for supervising compliance with relevant laws and (internal) regulations. DNB assesses the quality, independence and the effectiveness of the compliance function as part of regular supervisory activities. The performance of the compliance function is monitored during on-site-examinations and in periodic meetings. Furthermore regular meetings are held with management of the compliance function and responsible board members and reports provided by the compliance function are reviewed. EC 7, 8: Reference is made to DPR Section 3:17 as discussed above under EC 1. Furthermore, in accordance with DPR Section 24, each financial undertaking has to verify in a systematic manner that internal rules and procedures are being observed and has to ensure that identified shortcomings or deficiencies are remedied. In general, this task is performed by independent internal auditors. DNB periodically reviews the functioning of the internal audit function, its audit charter, audit planning, its independence, reporting lines, quality assurance system, resources and the audit methodology during on-site inspections. Follow-up by management of the internal audit’s reports is also reviewed. The supervisor has unlimited access to the files of the internal audit function. Assessing the quality, independence and effectiveness of the internal audit function is also performed through other regular supervisory activities. Performance of the audit function is monitored during both on-site examinations in all areas and by specific examinations of the internal audit function. Furthermore, frequent meetings with management of the audit function and responsible board members are held. In the annual risk analysis the internal audit function is assessed and scored individually and benchmarked with other banks. Periodically, DNB performs an industry-wide on-site examination of internal audit functions. Due to the “financial-crisis-related” workload, however the last industry-wide examination was performed in 2005/2006. AC 1, 3: No financial institutions in the Netherlands have made the decision to implement a one tier board. If that were the case, DNB would have the powers to require a number of independent, non executive directors to function on that board based on the Dutch Corporate Governance Code and on the AFS. AC 2: The requirement for the internal audit function to report to an audit committee, or an equivalent structure is covered in the Dutch Corporate Governance Code (principles II. 1, 11.1.4, 111.5, and V.3.1.) and in the Banking Code. This is a requirement that DNB closely monitors in its on-site supervision activities. AC 4: AFS Sections 3.8 and 3.10 provide that banks must notify the supervisor as soon as they become aware of any material information which may negatively affect the fitness and propriety of a Board member or a member of the senior management.
Assessment	Compliant.
Comments
Principle 18	Abuse of financial services. Supervisors must be satisfied that banks have adequate policies and processes in place, including strict “know-your-customer rules, that promote high ethical and professional standards in the financial sector and prevent the bank from being used, intentionally or unintentionally, for criminal activities.
Description	In July 2010, the Netherlands was assessed by the IMF for the implementation of the 49 Recommendations of the Financial Action Task Force (FATF). The AML/CFT detailed assessment is not finalized at the time of the BCP assessment. The report will be discussed during the FATF Plenary meeting in February 2011. EC 1: The framework that regulates Customer Due Diligence (CDD) requirements consists of the following laws: the Money Laundering and Terrorist Financing Prevention Act (‘Wet ter voorkoming van witwassen en financieren van terrorisme’ (WWFT) which came into force on August 1, 2008; and subsequent regulations; and the AFS and DPR. Regarding internal controls, the definition of “integrity supervision” in the AFS and in the underlying regulations (including DPR) encompasses obligations designed to fight Money Laundering (ML) and Terrorist Financing (TF). Integrity supervision is carried out by both DNB and the AFM as part of their ongoing supervisory efforts through regular contacts with the supervised institutions. DNB takes responsibility for monitoring compliance with AML/CFT provisions of banks (among others) and uses its powers to conduct programs of on-site and off-site inspections. AML/CFT issues are included in the normal course of DNB supervision and in its regular discussions with bank management. DNB is able to use the sanctions available under AFS, DPR and WWFT to deal with breaches of AML/CFT requirements. EC 2: The key legislative provisions on controls are in the AFS which require regulated financial entities to have measures in place to prevent transgressions of the law; including necessary controls to create AML/CFT defences as defined in the WWFT and to have policies and measures that must be designed to safeguard controlled and sound business operations. DPR creates a general obligation on financial institutions to have client identification and verification procedures (intended to encompass all the AML/CFT obligations created by the WWFT). AFS also provides for detailed rules to be established in regulations that cover the control of integrity (amongst other things). “Integrity” is defined to cover transgressions of the law and relations with clients that might undermine confidence and the authorities state this encompasses measures to combat ML and TF. This applies to all the requirements of the WWFT and other statutes, including measures on CDD, record retention, the detection of unusual transactions and the reporting obligation. WWFT imposes customer due diligence and reporting obligations on (among others) banking institutions subject to the Act and it is implicit that any person subject to the Act should have sufficient internal controls to ensure that it fulfils these obligations, it imposes an obligation to report unusual transactions to the Financial Intelligence Unit of The Nederlands (FIU). EC 3: DPR requires banks to establish procedures and measures concerning the handling and recording of incidents. Incidents are defined as conduct or events that form a serious threat for the sound pursuit of the business operations of the financial undertaking in question. Banks have to take measures following an incident that are aimed at controlling the risks that have occurred and at preventing repetition. They immediately have to inform DNB about any incidents. EC 4: DPR states that the regulated financial entities should make an analysis of integrity risks, translate policies into procedures and measures and inform all business units of these measures. It is a universal approach to establish a risk profile for every customer which results in categorizing them in one of three to five categories of risk ranging from low risk to unacceptable depending on the institution. The nature and extent of CDD appeared to vary according to the risk profile, as is appropriate. According to the WWFT, a financial institution is not permitted to enter into a business relationship or carry out a transaction if it has not performed or is not able to perform necessary CDD measures. The WWFT clearly lays out the situations in which CDD is required: when entering into a business relationship; if they conduct an incidental transaction in or from the Netherlands for the customer of a minimum value of € 15,000, or two or more related transactions with a minimum joint value of € 15,000; if there are indications that the customer is involved in money laundering or terrorist financing, or when the risk of an existing customer’s involvement in money laundering or terrorist financing gives cause to do so; and if they doubt the reliability of customer identification information previously obtained from the customer. The WWFT requires financial institutions to identify the customer and verify the customer’s identity on the basis of documents, data or information from a reliable and independent source. Beside identification and verification of the identity of the customer, financial institutions are required to identify the beneficial owner and take risk-based and adequate measures to verify the beneficial owner’s identity and, in the case of a legal person, a foundation or a trust, to take risk-based and adequate measures to gain insight into the customer’s ownership and control structure. The financial institution is obliged to determine the objective and envisaged nature of the business relationship. Furthermore, the financial institution is obliged, where possible, to carry out ongoing monitoring of the business relationship and the transactions conducted during the existence of this relationship, in order to ensure that these tally with the knowledge which the institution has of the customer and the customer’s risk profile, and to check the source of the assets where appropriate. A financial institution shall notify the FIU of any unusual transaction already conducted or of an intended unusual transaction. Indicators of “unusual transactions” are set out in the regulations. When met, they trigger the reporting of an unusual transaction. WWFT requires financial institutions to perform “supplementary customer due diligence if and as a business relationship or transaction by its nature entails a greater risk of money laundering or terrorist financing”. The provision aims at establishing a general requirement for financial institutions to apply enhanced due diligence measures in the case of greater risk of ML/FT and then lists 3 specific situations (i.e., non face-to-face business, correspondent banking and politically exposed persons (PEPs) in which the enhanced due diligence should apply. The nature and extent of CDD vary according to the risk profile, as is appropriate. A financial institution that enters into a business relationship with a PEP not residing in the Netherlands shall ensure that the decision to enter into that relationship or conduct that transaction is taken or approved by persons whom the institution has authorized to do so (the individual is expected to be a person designated by the executive board of the institution and that the implication is that the person establishing the relationship will hold a senior position in the financial institution); it takes adequate measures to establish the source of the assets used in the business relationship or transaction; and it applies ongoing monitoring of the business relationship. The DCC contains an obligation to keep administrative records on identification data, account files and business correspondence for legal entities for seven years. In addition, the AWR (Algemene Wet inzake Rijksbelastingen) prescribes that any person or entity, with a fiscal obligation, must retain all business records for seven years. The WWFT requires a regulated financial entity to maintain records relating to a transaction that has been the subject to a disclosure and requires that these records should include customer identity (including identity documentation), the beneficiary, the nature, time and place of the transaction, and the extent, origin and destination of the funds (or other property). These data have to be retained for five years from the time of disclosure. It also requires an entity to maintain records of customer identity, including the full names, addresses and birth date of natural persons, the incorporation documents of legal persons (where incorporated under Netherlands’ law), the verification information, and the nature of services provided. It states that these data on customers should be kept for five years after the business relationship is terminated or for five years after the transaction was carried out (presumably where the customer identification data was obtained for an occasional transaction). EC 5: The WWFT forbids a Dutch bank from establishing or continuing a correspondent bank relationship with a shell bank or to maintain any relationship with a bank that is known to allow a shell bank to use its accounts. It is required to gather sufficient information about a correspondent bank outside the EU to obtain a complete picture of the nature of the business operations. Enhanced CDD is required when a bank enters or has entered into a correspondent bank relationship with a bank in a non-Member State. EC 6: DNB examines the risks posed by each institution from the point of view of the customers, products, and business. This is assessed and updated as part of the regular contacts with the institution, including the inspections and the quarterly meetings. This assessment then prompts the allocation of resources and then priorities for the supervisory process. Regarding the number of inspections undertaken by DNB on AML/CFT related matters, over a period of four years, 58 Dutch licensed banks had been subject to 72 AML/CFT related inspections. EC 7: DNB has the powers under both the WWFT and AFS. The WWFT provides for administrative penalties which can be imposed by DNB for specific breaches of the WWFT. In addition, DNB has powers to impose administrative sanctions under the AFS. These sanctions can be applied in respect of breaches of the law and regulation. The provisions of the AFS can be used to impose requirements for controls to implement WWFT measures and therefore weaknesses in such controls could result in sanctions. EC 8: DPR requires credit institutions (among others) to have an internal audit function. This unit should audit, in an independent manner, the procedures and measures and the structure of the organization at least annually. While there is no direct reference to ML and TF, the provisions apply to all procedures and measures. DNB has access to these audit reports. DPR requires credit institution (among others) to have an independent compliance function. The compliance function is required to verify compliance with statutory rules (including any requirements issued under the WWFT). This means that the compliance unit must verify compliance with any rules or procedures designed to ensure that a regulated entity meets its AML/CFT obligations under the WWFT as well as under the AFS itself. The AFS requires senior officers and owners of certain regulated entities to be subject to a full fit and proper test and there are requirements for some employees to be subject to a properness test. It’s required that senior officers of credit institutions (among others) have expertise and are otherwise fit and proper. The DPR creates an obligation to ensure the properness of staff in integrity sensitive positions. EC 9: DPR requires that all relevant business units are informed of the policy and procedures and measures. The bank has to provide for the execution and the systematic assessment of the policy and the procedures and measures, and that there is independent supervision of the execution of the policy and the procedures and measures with regard to the sound pursuit of the business operations and that there are procedures that ensure that identified shortcomings or defects are reported to the responsible compliance person. Finally, the bank has to have procedures that ensure that identified shortcomings with regard to the sound pursuit of the business operations lead to a fitting adjustment. EC 10: Pursuant to the WWFT, financial institutions and employees of that institution are protected from criminal liability for breach of the criminal code regarding duty of confidentiality, when they report unusual transactions or provide additional data or information to the FIU. Protection from civil liability is also laid down in the WWFT: the institution that made an unusual transaction report pursuant to the WWFT will not be held liable for damage caused to a third party as a result of that disclosure, unless it is demonstrated that no such disclosure should reasonably have been made in view of all the facts and circumstances. EC 11: The WWFT requires DNB to inform the FIU of any suspicious transaction. Moreover, DNB has the authority to share information related to suspected or actual criminal activities with judicial authorities, in contravention to the general confidentiality requirement of the WWFT. EC 12: The WWFT provides for an explicit provision for information exchange between the FIU and the supervisory authorities of the WWFT. In addition, there are provisions relating to the disclosure of information between domestic and foreign supervisory authorities in the AFS, to prosecutors and to others. DNB is able to cooperate with domestic or foreign supervisory authorities and share information with them, under certain conditions. One of the conditions mentioned in this section is the requirement that it has to be for supervisory purposes. The authorities are able to provide information without the need for a formal agreement such as an MoU, although it seeks to conclude such agreements where appropriate. AC 1: Not applicable.
Assessment	Compliant.
Comments	The Compliant rating is based on the following: Banks maintain comprehensive programs, policies and procedures to reduce the risk of endangering the financial soundness of the bank through abuse of its operations and services, including physical safety. Supervisors monitor effectively, as part of their on-going supervisory activities that banks comply with their undertakings. Internal audit and internal controls also contribute to overall oversight. There exist adequate reporting requirements on, e.g., suspicious transactions, both within the bank, to the supervisors, and to relevant judicial authorities. On the relationship between CP 18 and the FATF assessments: AML/CFT issues constitute only a part of CP 18, which encompasses all issues of abuse of financial services, including fraud, embezzlement, robbery, phishing and similar activities. Only those AML/CFT issues which are clearly relevant to the financial soundness of the bank are relevant to CP 18. A separate FATF assessment was in process at the time of this BCP compliance assessment was conducted. (See description in EC 1, above).
Principle 19	Supervisory approach. An effective banking supervisory system requires that supervisors develop and maintain a thorough understanding of the operations of individual banks and banking groups, and also of the banking system as a whole, focusing on safety and soundness, and the stability of the banking system.
Description	EC 1, 3 and AC 1: FIRM is the risk analysis tool that DNB uses for the prudential supervision of financial institutions. Risk-based supervision is the mechanism whereby the supervisory authority deploys its capacity in the most efficient manner possible. In the case of risk based supervision, supervisory resources are targeted at those areas where the risks are or are assessed to be most pronounced. Risk analysis is at the very heart of the supervisory authority’s regular activities. By means of inspections, regular supervision and analyses, risk profiles of institutions and organisational units are drawn up in a well-structured manner and recorded in the FIRM application. This permits meaningful comparisons, which in turn provide a basis for planning an ongoing cycle of supervisory work and for possible interventions at individual institutions. The risk analysis method explicitly reflects DNB’s supervisory objectives regarding solvency, liquidity, business integrity, and organisation and control. DNB distinguishes four main risk categories, i.e., Governance Risks (including strategy risks, quality of management, control functions audit and finance), Financial Risks (including solvency, liquidity, credit, market and interest rate risk), Integrity/Compliance Risks and Operational/IT risks (including outsourcing risk). As part of the regular RAP process, the supervisory teams also prepare “Factsheets”. These sheets are described the risk analysis per sub category, including the supervisor’s justification for the score, and the proposed Supervisory Action (see below). The outcome of the RAP, results in a proposed Risk Based Supervision Program (RBSP), which consists of the following main components (please see Section 6, above, for a more detailed description): Base Program (BP): Risk Identification Program (RIP): Risk Mitigation Program (RMP): Thematic supervisory work based on division wide defined themes: Target reviews/on-site examination work to be executed for all (or a sub-set of) banks. The RAP is performed annually in the fourth quarter. The final product comprises the outcome of the Risk Analysis and the RBSP, including the planning of the supervisory actions throughout the calendar year. Risk Analysis and RBSP are benchmarked and challenged in the Knowledge (Expert) Centres, discussed by management and a so-called “Risk Analysis Panel”. In this panel, amongst others, are senior staff from SPD and FSD. The Panel discussion may result in an adjustment of the RBSP’s, changes in the priority of planned supervisory actions and re-allocation of available resources. Furthermore, the outcome is used as input for DNB’s SREP process. After approval of DNB’s senior management, the final product will be communicated with senior management of the individual bank, and its internal and external auditors. During the year, the approved RAP and RBSP are monitored by BSD management on a quarterly basis. The processes and policies concerning risk analysis and planning are documented in the FIRM manual, and RAP guideline instructions. DNB also ensures that a forward-looking view on the risk profile of banks is included in the ICAAP and SREP (base scenario and stress scenario). In addition, DNB has a comprehensive stress methodology in place to cover forward-looking elements. Stress tests are launched on an individual basis as well as at industry level. Furthermore, the forward-looking view and emerging risks are assessed in the strategic risk analysis as part of FIRM, which includes the assessment of the viability of the business models. In 2009 and 2010, with the assistance of an external consultant, DNB has conducted a scenario analysis on the development of strategies in the banking sector. These strategies were assessed on their viability, both in their national and international context. EC 2: Regular assessments of developments and risks in the banking system are made by the Macro Prudential Analysis (MPA)-this is a new element since the 2004 FSAP, following one of the recommendations of that assessment) department, which is part of FSD. Monitoring and analysis draws on material produced by a number of divisions and departments within DNB, including financial markets, financial institutions, infrastructure, and macroeconomic analysis. Since DNB is a cross-sector prudential supervisor, it enjoys information on all sectors of the financial landscape. In addition, DNB also cooperates with the MoF and the AFM on macro prudential issues, including holding regular consultations with them on financial stability issues. An Overview of Financial Stability (OFS) is prepared twice each year, with an external version being published. In addition, macro stress tests are conducted periodically to analyse the resilience of financial institutions under extreme conditions. The frequency of these tests was recently raised from once every six months to once every three months. EC 4: DNB has systems in place to confirm banks and banking groups’ compliance with prudential regulations and other legal requirements (see description of EC 1 and 3 above). DNB intends to increase the frequency of the formal meetings it holds with the boards of banks to at least annually. At these meetings the supervisor discusses the outcome of the RAP and RBSP. EC 5: AFS Section 3:96 requires banking institutions to notify DNB–and in some cases–to apply for a declaration of no-objection of any substantive changes in their activities, structure and overall condition (see also Chapters 4 and 5), or as soon as they become aware of any material adverse developments, including breach of legal or prudential requirements. In addition, the supervisor has a periodical meetings with the head of the compliance function to discuss compliance matters. EC 6: DNB has several systems in place to facilitate the processing, monitoring and analysis of prudential information. For the monitoring of the RBSP, specifically the identification of areas requiring follow-up action (RMP actions), DNB uses amongst others the Probleem Dossier Rapportage (PDR) reports the “RMP monitoring list” and annual evaluation of RBSP. The PDR reports are issued on a quarterly basis and contain for each banking institution an internal supervisory qualification of the supervisory action taken. In addition, DNB has a separate process in place for compiling the quarterly PDR reports.
Assessment	Compliant.
Comments	Prior to the financial crisis the risk assessment methodology used by DNB appears not to have adequately identified the main systemic vulnerabilities, such as increased leverage, increased reliance on wholesale funding, and the acquisition of substantial portfolios of structured securities, that lead to the need for public sector capital support. Supervisory processes and activities were not sufficiently integrated with the overall assessment of financial system vulnerabilities performed by the Financial Stability Division. As a result, insufficient attention was devoted to mitigating risks that were apparent at the system-wide level but which were not so apparent at the level of individual firms. The authorities are taking measures to address these shortcomings including closer integration of macro prudential and micro prudential supervision. DNB has also decided to update and/or revise the current FIRM methodology to take into account the lessons learned from the financial crisis. However, the assessors note that the deeper integration of micro- and macro-prudential supervision is an element of best practice that has emerged since the 2006 revision of the BCPs and therefore does not feature in this CP. The assessors observe that CP 20 requires only that the supervisor has a “thorough understanding...of the banking system as a whole” and does not call for the integration of financial stability assessments with the supervisory process. For this reason, the assessors are satisfied than DNB is in compliance with this CP as presently drafted.
Principle 20	Supervisory techniques. An effective banking supervisory system should consist of on-site and off-site supervision and regular contacts with bank management.
Description	EC 1: DNB does not clearly separate the on- and off-site supervision functions which are conducted by the same supervisory teams. Both on- and off-site supervisors provide input to the annual RAP process, which involves performing a risk assessment for each individual bank, the benchmarking of risk scores, developing a supervisory program and planning. Benchmarking is performed in so called “Knowledge Centers”(in Dutch: “kennisnetwerken”), and scores are challenged in a Risk Analysis Panel. The on-site banking teams are responsible for designing an effective supervisory work programme, which is then challenged by the Panel. See also the more general description of DNB’s supervisory approach in Chapter 6 of this Assessment (“Supervisory Approach–FIRM”). The Knowledge Centers also provide a forum for on-and off- site supervisors discuss various supervisory issues and policy developments. Within DNB, quality assurance is embedded in core day-to-day processes. DNB adopts the four-eyes principle, for example supervisory letters are issued under joint signature, and within there is a full audit trail and authorization process in the documentation system. As part of DNB’s VITA project, a separate division will be responsible for quality assurance. EC 2: The supervisory teams are responsible for planning their activities based on each institution’s the risk analysis (see CP 19). Supervisory teams are responsible for incorporating macro trends (based on information obtained from discussions with FSD), remarks from the Statistics and Information Department (SID), and policy trends as communicated by the SPD, in their daily supervision work and planning. Major cases within on-site supervision, and trends noted in on- and off-site supervision, are discussed on a periodic basis in the so called “AOT” between various DNB divisions. (“AOT stands for “Afstemmingsoverleg Toezicht” or “tuning meeting supervision”.) AOT is a regular meeting of all the Division Directors and Board Members responsible for supervision, i.e., banking, pension fund, insurance supervision, and supervisory policy. EC 3: As part of the Annual Supervisory Program (ASP), DNB supervisory teams perform on-site visits in order to assess the effectiveness of an institution’s governance model, including its internal control environment. These on-site visits consist of discussions with management, analytical review of relevant management information (including Key Risk Indicators), and, if applicable, detail (sample) testing. DNB may also request the internal and/or external auditors of an institution to perform specific investigations. DNB determines the terms of reference of these tasks. DNB holds a discussion with the external auditor of each bank at least annually. In these discussions the effectiveness of the governance model, and the outcome of the risk analyses performed by the supervisor and internal and external audit are standard topics on the agenda. Management information and minutes of (Supervisory) Board and Committee meetings (e.g., Audit Committee and Risk Committee) are also reviewed. DNB determines the reliability of the information received from the banks by reviewing the quality of the preparation process with internal and external auditors. In addition, in line with EU requirements, the DNB has prescribed a compulsory external audit for the COREP and FINREP reports. Supervisory concerns are communicated by the relevant supervisor to the banks in writing (with a copy to external auditors). Follow up is the responsibility of the individual supervisor and/or the supervisory team. DNB continuously evaluates its Supervisory Programme. EC 4: The regular review and analysis of the financial conditions of banks and banking groups forms part of DNB’s current supervisory practice. In Chapter 6 of this assessment the supervisory practice is described in general terms. EC 5: Please refer to the assessment of CP 19 where the relevant processes are described. EC 6: The assessment of the quality of the board during off-site and on-site inspections forms part of DNB’s supervisory practice. If off-site supervision gives rise to questions regarding the professionalism, and/or integrity of the banks (supervisory) Board and/or key management, then this is incorporated in the on-site supervisory planning in order to gain additional evidence. In addition, DNB’s senior management has regular discussions with Board members of the individual banks. See also CP 17. EC 7: The supervisor holds a regular dialogue with a bank’s internal auditors on the internal audit framework, audit approach, audit coverage, planning, quality assurance system, audit reports, and aging of audit findings. Monthly, and/or quarterly internal audit reports are reviewed by the on-site supervision teams, and if the need arises more specific individual internal audit reports are requested from the banks. DNB periodically performs a review of the quality and effectiveness of the audit function for the most important (systemic) Dutch banks. In the years where such a review is not performed, the on-site supervisors discuss the quality of the internal audit function with the external auditors, and/or the Chairman of the Audit Committee. EC 8: Any findings based on on-site supervisory inspections are communicated to the relevant bank in a written report. The Managing Board of the bank must submit a copy of all supervisory reports to the Supervisory Board and external auditor. The bank needs to provide DNB with a written response concerning how they propose to address required actions. AC 1: DNB’s on-site supervisors organize regular meetings with members of the (Supervisory) Boards. More frequent meetings are held with institutions with a higher risk profile. Separate meetings are also held with Supervisory Board members, without the Managing Board being present. DNB has “Tri-Partite” meetings with the external auditors in the presence of the bank’s management twice a year. During the financial crisis these discussions with the external auditors have been further intensified.
Assessment	Compliant.
Comments	Monitoring of the follow-up is currently carried out by the responsible supervisory team. They keep records and regularly discuss the implementation of actions and–if necessary–report on progress. With the creation of the new Intervention and Enforcement Department on January 1, 2011, DNB will create a separate department, exclusively dedicated to monitor follow-up actions structurally, in order to make the supervision more intrusive.
Principle 21	Supervisory reporting. Supervisors must have a means of collecting, reviewing, and analyzing prudential reports and statistical returns from banks on both a solo and a consolidated basis, and a means of independent verification of these reports, through either on-site examinations or use of external experts.
Description	EC 1: Pursuant to AFS Sections 3:72 (1) and (5) and DPR Section 130 and 131, DNB has the authority to require banks to submit standardized reports at regular intervals. These periodic reports include: FINREP. On and off-balance sheet assets and liabilities, profit and loss, loan loss provisioning, and related party transactions in accordance with FINREP (a European harmonised reporting framework by CEBS). COREP: as well as capital adequacy, credit risk, market risk and operational risk in accordance with COREP (also a European harmonised framework by CEBS). FINREP and COREP are submitted on a quarterly basis. Liquidity. Furthermore liquidity (monthly), large exposures, and interest rate risk (quarterly) information is required. Large exposures and asset concentrations: A report on asset concentrations (including by economic sector and geography) has to be submitted annually. Pursuant to AFS Section 3:72 (6), DNB has the authority in exceptional circumstances, to further require a higher frequency or adjust the remittance date for the reporting forms. Both the forms and the explanatory notes or guidelines for FINREP and COREP published by CEBS are available on the internet. The explanatory notes or guidelines for the other (and not European harmonized) supervisory reports are prescribed in regulations. DNB may impose penalties for late or inaccurate reporting. (Decree on fines pursuant to the Act on Financial Supervision). With a few exceptions, most of the reports required by DNB apply at the consolidated group level. As a result, only limited data is available at the solo institutional level, and DNB’s ability to perform appropriate analysis at the solo level is therefore very limited. DNB supplements its prudential reports with banks’ internally generated management reports. This can result in data that is insufficiently standardized and comparable between institutions. EC 2: Pursuant to AFS Section. 3:72 (5) and DPR Section 131, DNB requires the valuation of the items in accordance with valuation methods that the bank applies in its financial statements. The valuation methods are based on the IFRS or, if banks are not obliged to use the IAS, the principles as laid down in the DCC Book 2 (Title 9, Sections 1 to 13 and in addition to these general rules, specific sections for banks apply in Section 14). Based on EU IAS Regulation 2002/1606, companies that are admitted to trading on a regulated market of any EU Member State (publicly traded companies) must report their consolidated accounts based on IFRS as endorsed by the EU. DCC Article 362.8 allows other companies (consolidated and separate/solo accounts) and publicly traded companies (separate/solo accounts) to report based on IFRS as an alternative to Dutch GAAP (DCC Book 2, Title 9, Sections 1 to 13 and in addition to these general rules, specific sections for banks apply in Section 1. DNB has no powers to issue other reporting instructions in addition to these two regimes. DNB has no direct powers to issue valuation instructions for reporting the annual accounts to DNB in addition to IFRS and Title 9. This respects a basic efficiency measure underlying the prudential reporting framework. However, with respect to the calculation of available solvency, a number of corrections (prudential filters) or assessments need to be made. Prudential filters include deductions such as intangible assets, revaluations, own credit risk, cash flow hedges, expected loss shortfall, and certain financial investments (DPR Article 91). Discretionary powers by DNB relate to rule-making for hybrid instrument eligibility, and the assessment of immediate and unencumbered availability of capital items and asset values which may result in bank specific reporting instructions. In addition, DNB sets detailed rules for the calculation of the minimum capital requirements under the Basel II IRB internal approach including model validation, as well as the assessment of specific capital add-ons under the Basel II Pillar 2 rules. This illustrates that regulatory solvency of IRB banks is measured based on expected loss and not on accounting provisioning. (See also Principle 9). EC 3: Valuation requirements originate from generally accepted accounting principles, be it through IFRS or DCC Title 9 Book 2. These standards ensure consistency in reporting. Further, generally accepted accounting standards require firms to show profits net of appropriate provisions; the relevant IFRS standard being IAS 1, specifically Sections 81 to 89 for the presentation of income, and IAS 39 for impairment provisioning of financial instruments. For prudential purposes the DPR obliges banks to adjust accounting information to define regulatory capital that satisfies prudential requirements of Basel II/CRD (DPR Sections 89 to 94). EC 4: The supervisory forms are sent in electronic form to DNB. Banks’ reporting obligations are integrated in the electronic (internet) reporting tool. The data entry programs contain a number of validity checks, thus limiting the chance of incorrect data. After reception of the data, DNB conducts additional validity checks and plausibility checks. The data is stored in a database, available for retrieval and further processing. The information stored in the database is used mainly for the quarterly analysis of each bank. A standard set of ratios and key data is produced for each bank, which is the basis for further analysis. For each bank a report is prepared, highlighting the main developments. The outcome of the analysis for each bank is also used for the planning of on-site supervision examinations. On the other hand the conclusions from on-site examinations can be used as input for a more detailed analysis of specific data of an individual bank. Off-site examinations are primarily performed on the basis of supervisory reports sent to DNB and on the basis of supplementary quantitative information. The supervisory forms include information for prudential purposes as well as some items for macroeconomic purposes. The supervisory forms are also used for the aggregation of data at the level of the banking system as a whole or for specific categories of banks. EC 5: Pursuant to AFS Sections 3:72 (1) and (5) AFS and DPR Section 131, DNB requires harmonized supervisory returns in respect of the scope of consolidation, the valuation of items (referring to IAS/IFRS or DCC Book 2, Title 9), the currency and unit of account used, frequency, reporting reference date and remittance date. Due to the harmonized supervisory framework developed by CEBS for FINREP and COREP, there is no additional national guidance or explanatory notes. To facilitate uniform implementation, CEBS is planning to extend the guidelines and incorporate detailed reporting instructions and data definitions. The explanatory notes or guidelines for the other (and not European harmonised) supervisory reports will also be extended. As noted in EC 1, above, most supervisory reporting is at a consolidated group level and solo reporting by group entities is very limited. DNB also places substantial reliance on banks’ internal management information to provide it with data not contained in its standardised reports. Internally generated information may not, however, be strictly comparable between institutions either in terms of reporting dates or in the definition of items reported. EC 6: Pursuant to AFS Section 1:72 (1) and Sections 5:11 and 5:16 of the General Administrative Law Act (Algemene wet bestuursrecht (Awb), supervisors have a general power and unlimited power to request information from legal and natural persons. EC 7: Pursuant to Section Awb 5:17, the supervisor has the power to demand inspection of professional data and records. The supervisor has similar and unlimited powers towards the bank’s board, management, and staff. EC 8: Banks must enclose a statement-signed by two persons of whom at least one is a Director-with their reports to the effect that the report is in conformity with DNB’s requirements. Furthermore pursuant to AFS Section 3:72 (7) and DPR Section 133 (1), the external auditor has to examine one of the four (quarterly) supervisory reports. This examination covers the correct application of rules, regulations and directives as issued by DNB and the correct application of valuation principles. (See also EC 10). DNB may impose penalties for late or inaccurate reporting (Decree on fines pursuant to the Act on Financial Supervision). EC 9: There are several methods to confirm the validity and integrity of the information: Automated: consistency checks in the e-line system; Visual: plausibility checks by SID; and External auditor. Data must be reported through the electronic (internet) reporting tool for reporting banks (“eline”). The data entry programs made available to the banks contain a number of validity checks, thus limiting the chance of incorrect data. After reception of the data DNB conducts additional validity and plausibility checks. EC 10, 11: See below in the assessment of CP 22.
Assessment	Largely Compliant.
Comments	For the purposes of off-site supervision, DNB makes substantial use of banks’ internal management reports. This practice means that the amounts of data collected in standardized form are relatively limited (e.g., there is no standardized reporting of nonperforming assets) and are at different reporting dates. This makes it difficult to conduct comparative or aggregate analysis (stress tests). With the increased emphasis being placed on macroprudential surveillance, DNB needs to introduce more standardized and more granular reporting to facilitate this type of analysis. In addition, the standardized data currently collected by DNB is mainly at the consolidated level and does not contain sufficient solo reporting for “relevant entities” that are part of the consolidation group. DNB needs the data to be able to identify risks that arise in particular group companies as well as at the consolidated group level. The required extension of the supervisory reporting framework may imply that DNB’s legal powers to collect data need to be extended.
Principle 22	Accounting and disclosure. Supervisors must be satisfied that each bank maintains adequate records drawn up in accordance with accounting policies and practices that are widely accepted internationally, and publishes, on a regular basis, information that fairly reflects its financial condition and profitability.
Description	EC 1: DNB has the power to hold banks responsible for their prudent operation. This includes clear and adequate division of roles and responsibilities, adequate recording of rights and obligations, clear reporting lines, and an adequate system for the provision of information and for communication. The effectiveness of the structure of the organization and of the procedures and measures also has to be tested internally and independently (AFS Section 3:17). EC 2: The DCC requires banks to publish an annual report that includes a management discussion and analysis section and an external auditor’s report (DCC Section 394 of Title 9 of Book 2). Traditionally firms published the annual report by way of a printed booklet that should be made available to anyone with an interest in the firm, at a reasonable cost. Nowadays, firms publish their accounts on their corporate website. For banks, the AFS requires publication of audited financial statements within four months of the year-end. The published financial statements should be filed at the AFM, which includes them in its public register. Similar rules regarding publication apply to semi-annual reports, that is, for banks with listed or traded securities, and quarterly reviews, for banks with traded ordinary shares; see AFS Section 5.25, c-e. (Note that firms can have securities traded over the counter–OTC– on an exchange without the firm having a listing on an exchange. The AFS sets disclosure standards for non-listed firms with traded ordinary shares at a higher level than for non-listed firms with traded securities other than ordinary shares.) After endorsement by the general assembly of shareholders, annual reports should be filed at the AFM within six months after year-end. The AFM then files the reports at the designated Chamber of Commerce. This is a service of the AFM; the general rule is that firms file at their designated Chamber of Commerce themselves. Banks should submit a copy of their audited annual financial statements to DNB within six months after year-end as well (AFS Section 3.71). EC 3: Valuation requirements originate from generally accepted accounting principles, be it through IFRS or DCC Title 9 Book 2. IFRS is mandatory for the consolidated accounts of all listed banks and some non-listed banks also voluntarily use IFRS. The accounts of other non-listed banks are governed by DCC Title 9 Book 2 as are the solo accounts of banks. For prudential purposes the DPR adjusts banks’ accounting information to define regulatory capital that satisfies prudential requirements of Basel II / CRD (DPR Sections 89 to 94). EC 4: The scope and particulars of the external auditor’s audit program, including areas such as the loan portfolio, non-performing assets, loan loss reserves, asset valuations, trading and other securities activities, derivatives, asset securitisations, are based on financial reporting requirements of IFRS, DCC Title 9 Book 2 and ISA. These sets of audit programme requirements are applicable for the verification of the annual financial statements of banks and also for the verification of the additional prudential returns. DNB has direct power, in cooperation with the Ministry of Finance, to establish scope and level of assurance of the audits of prudential returns. With respect to the annual financial statements, DNB has indirect influence on setting the scope and level of coverage of the audits through the ministry of finance, the ministry of justice and the Royal Nivra. EC 5: Further, pursuant to DPR Sections 131(1), 133(1), the “Ruling on Reporting Statements of Financial Institutions” sets out the reports that banks should submit to DNB. Appendix 6 of the Ruling defines reporting frequency and filing deadlines of relevant financial statements and reports. Appendix 7 defines the external auditor’s scope regarding financial statements, reports, and additional information to be included in the audit. EC 6: DNB may decide that a particular external auditor is not qualified to perform the function of external auditor at a particular bank (AFS Section 1:78). EC 7: The banks’ financial statements should comply with generally accepted accounting principles: banks are subject to civil code financial reporting requirements (through Title 9 of Book 2) or, if they are listed on a EU stock exchange, to international financial reporting principles as endorsed by the EU (EU-IFRS). Company law on financial reporting is based on EU accounting directives, which include a number of options, allowing being consistent with IFRS. Interpretative guidelines issued by the Council for Annual Reporting in the Netherlands is focused on aligning practices based on Title 9 Book 2 Civil Code as close as possible to IFRS. EC 8: Banks follow financial reporting disclosure requirements either based on IFRS or DCC Title 9 Book 2, and supplementary disclosure requirements included in the interpretative guidelines (covering authoritative statements and recommendations) on external reporting issued through the Council for Annual Reporting in the Netherlands. In addition, banks have to publish Basel II, Pillar 3 disclosures at least annually and adhere to AFS Article 3:74a. Basel II, Pillar 3 requires banks to have a formal disclosure policy. The AFM is responsible for ensuring that the annual reports and solo/consolidated financial statements, including the validation policies applied by the institution, comply with IFRS and DCC Title 9 Book 2. Further, banks listed on an exchange have to follow disclosure requirements of the relevant Stock Exchange. DNB reviews Basel II, Pillar 3 disclosure policies, as well as disclosure practices for all supervised banks, as well as reviewing the disclosures of selected banks through their annual accounts. EC 9: The disclosures required by either IFRS or DCC include both qualitative and quantitative information on a bank’s financial performance, financial position, risk management strategies and practices, risk exposures, transactions with related parties, accounting policies, basic business, management, and governance. The scope and content of information provided, and the level of disaggregation and detail should be commensurate with the size and complexity of a bank’s operations. In addition, Basel II Pillar 3 requires banks to have a formal disclosure policy. DNB annually reviews Pillar 3 disclosures as well the disclosures made in the annual accounts of selected banks. EC 10: The AFM is responsible for the enforcement of IFRS and DCC Title 9 Book 2 disclosures). Further, banks listed on a stock exchange have to follow disclosure requirements of the relevant Stock Exchange. DNB reviews Pillar 3 disclosure practices for all supervised banks, as well as reviewing the disclosure made in the annual accounts of selected banks. EC 11: DNB regularly publishes aggregated information in various forms: DNB’s Statistical Bulletin. This bulletin is published quarterly and contains monetary and financial statistics for the Netherlands. Financial Stability Overview: published biannually. DNB Quarterly Bulletin: DNB’s Quarterly Bulletin provides information on financial and-economic developments in the Netherlands, Europe and the rest of the world. AC 1: DNB meets external audit firms and external auditors periodically through various platforms and modes. Contacts may take place in the context of day-to-day on-site supervision. Bilateral policy discussions are held annually between DNB and each bank’s external auditor, and between DNB and the large audit firms. DNB representatives meet frequently with Royal NIVRA groups. These meetings are to coordinate financial reporting practices and requirements, auditing (e.g., scope), and issues concerning reporting requirements between banks and DNB. Furthermore, DNB discusses accounting, auditing, and reporting matters at the so called “Vertegenwoordigersoverleg”. This forum comprises of representatives of the Netherlands’ Banking Association, the Royal NIVRA, and supervisors of DNB. This forum was initiated after the recent financial crisis. The purpose is to improve the coordination of communication of and between banks, regulators, supervisors, and auditors. AC 2: Auditors are under a legal obligation actively to report matters of material significance to DNB. The role of the external auditor thus encompasses a statutory information and notification duty. The AFS requires external auditors to provide DNB with any and all information which may be considered necessary for the proper performance of DNB’s supervisory task. Both the AFS and the DPR provide that such information may concern non-compliance with specific supervisory rules, as observed by the external auditor during his audit activities, or threats to the continued existence of the undertaking. If the external auditor does not intend to issue an unqualified opinion or intends to make certain qualifications, he must submit the relevant information to DNB as soon as possible (AFS Sections 3:88 and 3:89, DPR Sections 136 and 137). Sharing this information does not constitute a breach of the duty of confidentiality. AC 3: To promote independence among auditors, the law requires audit firm partner rotation every seven years (Section 24 of the Act on the Supervision of Audit Firms). AC 4: Basel II, Pillar 3 requires banks to have a formal disclosure policy. DNB reviews Pillar 3 disclosure policy and practices for all supervised banks. AC 5: Correspondence from the external auditor to the supervised institution, relating to either the audit examination or any findings concerning internal controls, must also be made available to DNB. The results of external auditors’ activities may contain important information which is taken into account in banking supervision. In view of this, communication lines between DNB and the banks’ external auditors are kept open. Oversight over the quality of work of auditors and auditing firms is governed by law and assigned to the AFM which has the power to access external auditors’ working papers. The AFS sets conditions to the cooperation and communication in this respect between the AFM and DNB.
Assessment	Compliant.
Comments
Principle 23	Corrective and remedial powers of supervisors. Supervisors must have at their disposal an adequate range of supervisory tools to bring about timely corrective actions. This includes the ability, where appropriate, to revoke the banking license or to recommend its revocation.
Description	EC1: Raising supervisory concerns with management or, where appropriate, the board, at an early stage, and requiring that these concerns addressed in a timely manner–Standard procedure, which is laid down in Ladder of Intervention (Lol) (phase: increased vigilance). The Lol is a registration of the working processes used by DNB examiners in banking and insurance supervision. It defines under which circumstances (when), the use of specific formal or informal measures is appropriate (what), and who decides about the use of these instruments (who). Where the supervisor requires the bank to take significant remedial actions, these are addressed in a written document to the Board-Standard procedure, which is laid down in LoI (phase: increased vigilance, focus on file building, which includes written reports to the Board of remedial action to be taken). Requiring the bank to submit regular written progress reports and checks that remedial actions are completed satisfactorily-standard procedure, which is laid down in Ladder of Intervention (phase: increased vigilance, request plan to address the issue that triggered increased vigilance, in combination with intensive monitoring). EC 2: The supervisor participates in deciding when and how to effect the orderly resolution of a problem bank situation (which would include closure, or assisting in restructuring, or merger with a stronger institution). The emergency regulation is meant not only as an instrument for liquidation, but also as a regime under which a restructuring can take place. However, in practice the application of the emergency regulation acts a gateway to winding up/liquidation, mainly because of the stay on payments and the exercise of close out rights in contracts. Also, the supervisor may withdraw the authorization (AFS Article 1:104), but a closure of a bank in this way is not orderly either. Instruments to effect an orderly resolution have not been introduced yet, but the ministry of finance and DNB are jointly working on this. EC 3: All aspects of this criteria are included in the Lol. See also the assessment of CP 1(4). EC 4: Restricting current activities or withholding approval of new activities-Our assessment is that this is possible with instruments ‘giving a direction’, ‘special measures’ (mentioned in AFS Article 3:111a) or ‘appointing a special administrator’, which can be interpreted in the vein of the CRD. Currently, the Ministry of Finance is working on a text in the AFS to make this power more explicit. Restricting or suspending payments to shareholders or share repurchases-Only if own funds diminish as a result of these actions (AFS Article 3:96). Asset transfers-Apart from the power to enforce compliance with solvency and liquidity requirements, DNB has no specific powers to restrict asset transfers. Barring individual from banking and replacing managers, board directors-The AFS stipulates that a co-policymaker must be found to be trustworthy as his/her personal integrity forms part of the integrity of the financial sector (art. 3:9 AFS). Furthermore, the AFS provides for a competence test for persons determining day-to-day policy of institutions (art. 3:8 AFS). In principle, DNB will perform its assessments on the basis of a notification of prospective appointment received from a supervised institution. DNB also has the ability to reassess persons it has previously deemed to be qualified, for example on the basis of new information, or in response to observed behavior of said individual. As such, DNB has a de facto power to bar individuals from certain positions. Restricting the power of managers and board directors and providing for interim management-This is possible by means of the instrument ‘special administrator’ (art. 1:76 AFS). Restricting the powers of controlling owners-A declaration of no objection is required, this declaration can be modified (further conditions) or withdrawn (art. 95 and 1:104 AFS). Facilitating a takeover by or merger with a healthier institution-no explicit powers, but occasionally DNB plays a facilitating role behind the scenes. EC 5: Included in Lol. EC 6: The supervisor applies penalties and sanctions not only to the bank but, when and if necessary, also to management and/or the Board or individuals therein–new AWB Chapter 5 (‘general administrative code’; Article 5:1). With respect to the additional criteria, please note that there are no specific laws or regulations which guard against the supervisor unduly delaying appropriate corrective actions (other than the general liability of DNB). DNB has neither specific powers to ring fence but is able to use other instruments to impose sufficient solvency and liquidity (e.g. the power to give directions (AFS Article 1:75). Finally, DNB coordinates her actions with regulators of non-bank financial entities in a national context (with the conduct of business supervisor the AFM, AFS Article 1:47, within the EU (AFS Article 1:51) as well as outside the EU (AFS 1:65, on the basis of MoUs to settle confidentiality issues).
Assessment	Largely compliant.
Comments	The assessment team finds DNB largely compliant with this CP for two main reasons. First, despite a comprehensive set of intervention powers, in the past there has been reticence on the part of DNB to use some of those powers to the full. The preference has been to deal with emerging problems through the use of “moral suasion” rather than formal enforcement measures. While this technique of supervision may have been relatively successful in the past, the evidence suggests that in recent years moral suasion has become a much less effective tool, in part due to changes in the structure and ownership of the Netherlands financial system. DNB has recognized the shortcomings of moral suasion and has embarked on project VITA to ensure that its supervision becomes more “intrusive and conclusive.” The assessment team supports the objectives of this initiative and encourages DNB to make further progress on implementing it. In particular, there is a need to ensure that supervisory staff are fully aware of the range of legal powers at their disposal and that they should be prepared to use those powers whenever necessary. The second reason for finding DNB largely compliant with this CP is that it currently does not have at its disposal the full range of instruments that are necessary to conduct the orderly resolution of banks. Although DNB is empowered to give directions or appoint a special administrator to a problem bank, there exist no instruments to force an orderly resolution without shareholder approval. The MoF and DNB are jointly working on legislation to introduce additional crisis management tools, including the option of being able to transfer deposits of a failing bank to another bank. The assessment team also supports this initiative and encourages DNB and MoF to finalize this work as soon as practicable.
Principle 24	Consolidated supervision. An essential element of banking supervision is that supervisors supervise the banking group on a consolidated basis, adequately monitoring and, as appropriate, applying prudential norms to all aspects of the business conducted by the group worldwide.
Description	DNB undertakes banking supervision on a consolidated and on a solo basis in accordance with the CRD. These requirements are incorporated in AFS Section 3.6.2 (Consolidated Supervision of Investment Firms and Credit Institutions). With the implementation of the Basel II framework, due attention was paid to the implementation of adequate solo supervision. EC 1: Several measures ensure that DNB is given the necessary insight into the structure of supervised banking groups. Information on the structure of a bank is included in the mandatory returns, but is also discussed in policy meetings with banks and included in on-site inspections. Prior permission from DNB is required for the acquisition of (foreign) participating interests and for the establishment of (foreign) subsidiaries, or third country branches. For the establishment of EU branches notification to DNB is required. EC 2: DNB has the power to review the overall activities of a banking group, both domestic and cross-border. AFS Section 3:72, in conjunction with Section 3:276, provides DNB with the legal authority to require a bank and any enterprise which falls within that bank’s scope of consolidation to provide any and all relevant prudential information DNB may require. Based on this and AFS Section 3:17, in conjunction with AFS Section 3:276, DNB is able to require information of any individual business vehicle within the banking organization group on its financial condition and on the adequacy of risk management and control measures. On the basis of Section 3:18a, DNB performs the SREP for the banking group worldwide on at least a yearly basis. EC 3: The AFS Section 3.3.11 requires that DNB gives a declaration of no-objection before a bank may acquire a qualifying holding in the capital of another financial or non-financial institution and before a person or entity may acquire a qualifying holding in a bank. As a condition attached to declarations of no-objection, DNB is empowered to require frequent financial and non-financial information from banking and non-banking subsidiaries of the parent so that the risks included in non-banking activities can also be assessed and reviewed. Regarding participating interests of banks in non-financial activities, the quantitative limitations of Section 120 of the CRD apply (implemented in Section 140 of the Decree on Prudential Rules for Financial Undertakings): the maximum qualifying holding (participation) is 15 percent of a bank’s own funds and the total of all qualifying holdings may not exceed 60 percent. EC 4: DNB has the power to impose prudential standards on a consolidated basis for the banking group (AFS Section 3:276). In practice, supervisory activities are performed on both a consolidated and solo basis, including quarterly returns provided by the banks, capital adequacy calculations, large exposures, exposures to related parties, and the Supervisory Review Process. EC 5: Cooperation with other relevant supervisors, domestic and cross-border has a legal foundation in AFS Chapter 1.3. If foreign affiliates or subsidiaries are involved, MoUs with foreign supervisors or colleges of supervisors facilitate the exchange of information between the supervisors. DNB also works in close cooperation with the AFM. EC 6: DNB has the power to limit or circumscribe the activities that a banking group may conduct or to prevent activities from being conducted within the group, which cannot be properly supervised. DNB can also take additional measures under Basel II, Pillar 2 as a result of the SREP, (AFS Section 3:111(a)) such as: requiring credit institutions to hold own funds in excess of the minimum pillar 1 level, strengthening internal governance requirements and the ICAAP, requiring credit institutions to apply a specific provisioning policy, restricting or limiting the business, operations or network of credit institutions, and requiring the reduction of the risk inherent in the activities, products and systems of credit institutions. In special situations, when the solvency and/or the liquidity of a bank are endangered, DNB may apply special measures as stipulated by AFS Section 1.4.2. EC 9: DNB also has the power to require the closing of foreign offices of Dutch banks, or to impose limitations on their activities if their oversight is deemed inadequate or if the flow of supervisory information from that country is likely to be insufficient. In such cases, DNB could refuse to grant or withdraw a declaration of no objection, or prohibit the continuation (AFS Section 1:77) of foreign branches or take any of the above mentioned Basel II, Pillar 2 measures. EC 7, 8 and 10: An important element in the supervision of foreign establishments is their governance by the Netherlands head office, whether or not through regional offices (AFS Section 3:17) [EC 7]. DNB regularly monitors whether an institution’s top level management is informed adequately about the state of affairs within the foreign establishments, and whether decision-making and governance have been adequately implemented in the foreign network (AFS Section 3:) [EC 8]. When the risk profile of the foreign operations is higher or when the operations are conducted in supervisory regimes differing fundamentally from those of the Netherlands, DNB pays extra attention to the bank’s internal governance [EC 10]. DNB identifies high risk areas through risk based supervision by means of FIRM. AC 1: Corporate ownership of banking entities is allowed in the Netherlands. The shareholders of banks, including parent companies and their activities are reviewed and tested against criteria regarding fit and proper standards, integrity, safety and financial soundness (AFS Section 3.3.11). If a prospective or existing shareholder fails to meet these criteria, DNB may refuse to grant, or withdraw, its declaration of no-objection, in which case the participating interest may not be acquired or may have to be sold. Remedial actions are available: on the basis of AFS Section 1.4.2, DNB can take special measures, such as a notification given to a bank, to the effect that all or certain bodies of that bank may only exercise their powers after approval has been obtained from one or more persons appointed by DNB and with due observance of the instructions given by these persons. AC 2: Whereas DNB will always have an independent responsibility as regards the supervision of foreign establishments, it may use the results of examinations by the “host supervisor” (AFS Section 1.3.2 and 1.3.3.). DNB’s assessment of the supervision exercised by the “host supervisor” is of importance in this respect. With respect to the supervision of non-EU establishments, DNB assesses the quality of the respective “host supervisor”, particularly in cases where a MoU is (to be) concluded. AC 3: Consolidated supervision of internationally active banks is based on a top down approach of the group. This means that risk areas are identified, examined and dealt with on the basis of risk based supervision regardless of where the risks are located in the organization (domestic or non-domestic). In this process, supervisors use the group’s internal staff departments such as corporate risk or group-audit. These staff departments in turn are supported by decentralised staff functions in the business units. In case of exceptional developments special inspections will be carried out. In addition to making local inspections, DNB also receives reports on foreign establishments by internal and external auditors.
Assessment	Largely Compliant.
Comments	Although DNB has the necessary legal and regulatory powers to apply effective consolidated supervision of cross-border banking groups, there have been examples where DNB appears to have relied to large extent on the supervision exercised by the host supervisor. This reliance is a cornerstone of the Basel Accord and the CRD, in which both EEA supervisors and equivalent supervisors from third countries are considered exercising supervision in compliance with the CRD and or Basel II. Nonetheless, it remains the responsibility of the consolidated supervisor to assess the financial soundness of the overall group and this responsibility requires it to form its own independent judgement of the risks to the group posed by the activities of group subsidiaries. DNB’s ability to form such an independent judgement appears to have been constrained by the failure of supervisory resources to match the demands of regulating large, complex and internationally active firms. In consequence, DNB may wish to consider strengthening the resources it devotes to its oversight of subsidiaries located outside the Netherlands and its practices and procedures for obtaining relevant information concerning their operations and the risks that they pose to the group.
Principle 25	Home-host relationships. Cross-border consolidated supervision requires cooperation and information exchange between home supervisors and the various other supervisors involved, primarily host banking supervisors. Banking supervisors must require the local operations of foreign banks to be conducted to the same standards as those required of domestic institutions.
Description	EC 1, 2: The AFS provides for the principle that confidential information obtained under this Act is secret and that this information shall remain within DNB. In certain exhaustively listed cases however, DNB is permitted to supply confidential information to specific persons or bodies for their respective roles and responsibilities. This permission is specified in AFS Chapter 1.5. Chapter 1.3 of the AFS contains specific instructions for the exchange of information with other supervisory authorities. A distinction is made between the supervisory authorities of other EU Member States and those of non-member states. In addition to these legal provisions, DNB has concluded 37 MoUs with relevant EEA and non-EEA supervisors. The MoUs contain agreements about: (i) the exchange of information, the rights and obligations with regard to requests for and the provision of information; (ii) cooperation in the field of supervision, for example in relation to on-site examinations (announcement, host supervisor involvement, exchange of research results); and (iii) confidentiality with regard to the information provided and received. EC 1, 2, 3, 4 and 9: AFS Section 1:51-1:51a provides that DNB shall cooperate closely with other supervisory authorities and provide them with any information which is essential or relevant for the exercise of the other authorities’ supervisory tasks. In this regard, DNB communicates on request all relevant information and communicates on its own initiative all essential information such as adverse developments or major sanctions and exceptional measures.7 EC 1, 2, 3, 4 and 7 and AC 1: With respect to banks and banking groups of material interest to the home or the host supervisor, colleges of supervisors have been established. There are currently 14 colleges in place for banks, banking groups or financial conglomerates, which have regular exchange of information and conference calls and meet at least once a year. For 8 of the (largest) banks, operating on a cross-border basis, a multilateral written agreement is signed between members of the respective colleges. These agreements provide for further formal arrangements for home and host supervisors with respect to (i) objectives of cooperation; (ii) identification of relevant supervisory authorities of subsidiaries and significant branches;8 (iii) confidentiality of information exchange; (iv) responsibilities of supervisory authorities; and (v) cooperation in on-going and in crisis situations. EC 5, 6: Pursuant to the AFS chapter 2.2 local branches and subsidiaries of foreign banks are subject to the same legal and supervisory regime as are domestic banks. Under mutual recognition agreements, branches of EEA licensed banks carrying out their business in the Netherlands from a branch situated in the Netherlands or by providing services to the Netherlands are exempted from capital adequacy supervision on a solo basis by DNB (home country control principle). DNB’s liquidity requirements, however, have to be met by EU branches in the Netherlands. EC 5, 8: Banks established in a state, not being a member state of the EEA are not allowed to invite, or to receive redeemable funds in the operation of a business outside of a restricted circle from parties, not being professional market parties (AFS Section 3:5), unless DNB has granted authorization as meant in AFS Section 2:20. DNB may grant a license if a bank fulfills all the relevant requirements according to the existing standards for banks applying for a license in the Netherlands. EC 5, 6: On the grounds of AFS Section 3:31, a bank established in the Netherlands which is a subsidiary of a bank established in a non-Member State shall be under sufficient consolidated supervision in the state in which the latter bank is established. EC 7: Conform the arrangements in AFS Section 1.3.2.2 and the MoU between DNB and other supervisory authorities, home country supervisors have on-site access to establishments in the Netherlands after prior consultation with DNB (and vice-versa). DNB discusses the findings of their on-site examinations with them. AC 1: DNB has developed a communication strategy with the relevant host supervisors primarily in the form of the colleges of supervisors for large international banking groups headquartered in the Netherlands. In addition, DNB has established a secure website in which information on banking groups can be exchanged among members of the college.
Assessment	Compliant.
Comments

View Table

Table 2.

The Netherlands: Detailed Assessment of Compliance with the Basel Core Principles

Principle 1	Objectives, independence, powers, transparency and cooperation. An effective system of banking supervision will have clear responsibilities and objectives for each authority involved in the supervision of banks. Each such authority should possess operational independence, transparent processes, sound governance and adequate resources and be accountable for the discharge of its duties. A suitable legal framework for banking supervision is also necessary, including provisions relating to authorization of banking establishments and their ongoing supervision; powers to address compliance with laws as well as safety and soundness concerns; and legal protection for supervisors. Arrangements for sharing information between supervisors and protecting the confidentiality of such information should be in place.
Description	The Dutch financial system explicitly recognizes two separate objectives of financial supervision. DNB is responsible for prudential supervision and the AFM for business of conduct supervision. This cross-border approach of supervision, with two independent supervisors, is referred to as the Twin Peaks model.
Assessment	Compliant.
Comments	See sub-components 1–6.
Principle 1(1)	Responsibilities and objectives. An effective system of banking supervision will have clear responsibilities and objectives for each authority involved in the supervision of banks.
Description	EC 1: The duties and powers of DNB as prudential supervisor follow from the Bank Act of 1998 with subsequent amendments and the Act on Financial Supervision (AFS), which came into effect in 2007. Section 4(1) of the Bank Act states that DNB is given the task of exercising supervision of financial institutions in accordance with applicable legislation. In addition, Section 3(2) of the Bank Act states that DNB has the duty to contribute, within the framework of the ESCB, to the smooth conduct of policies relating to the financial supervision of credit institutions and the stability of the financial system. The objectives of financial supervision and the responsibilities of the supervisors are described in the AFS. Section 1:24 assigns the responsibility of prudential supervision to DNB and Section 1:25 assigns the responsibility of conduct of business supervision to the AFM. This reflects the Netherlands model of financial supervision, which is based on an objectives-based approach (the Twin Peaks model). Responsibilities for different objectives are given to DNB and the AFM. Sections 1:46 through 1:50 and Section 1:54 determine the collaboration between the supervisors. In addition, there is a covenant between DNB and the AFM that arranges cooperation and information sharing. EC 2: Credit institutions fall under the scope of the AFS. With regard to banking supervision, DNB is the main and primary supervisor, bearing responsibility for market access, licensing and financial regulation. The AFS contains the implementation of the capital requirement directive and the framework for prudential standards for banks. A general description of the objectives of prudential supervision of DNB is to be found on DNB’s website. A more detailed description is posted on the “Open Book” section of the website. This part of the website contains links to relevant legislation, information about the implementation of European directives, fact sheets on the most important topics, publication of enforcement measures, and criteria for market access. It also contains a detailed description of the supervisory method DNB applies (the “FIRM-method). In addition, the ‘Open Book’ contains a section with an overview of laws, regulations, administrative rules, and general guidance adopted in the field of prudential supervision, which EU member states are required to disclose according to Section 144(a) of the CRD. The AFS is the main law for prudential regulation. Under the AFS, there are 19 decrees, 19 ministerial decrees, and 12 supervisory regulations. Together, these instruments provide the framework for the prudential supervision of banks. In addition, DNB issues policy supervision rules, containing guidance and best practice on prudential regulation. EC 3: Banking regulation is regularly updated. Technical changes have been incorporated in, for example, the “Reparatiebesluit Wft”, which came into effect on January 1, 2009. Further amendments to the AFS will be taken up in a continuous cycle. The first amendment was submitted to parliament in August 2009. It is foreseen that regular updates are to be taken up at one or two year intervals. To support this cycle of regulation, DNB sends a letter to the Minister of Finance each year indicating relevant legislation that needs to be taken up or amended. EC 4: Information on the financial strength and performance of the industry is found on DNB’s website. This contains information about the financial markets (interest rates, exchange rates, share indexes, and share issuance data), financial institutions (including supervisory information about the balance sheets and profit and loss accounts of the different institutions), and financial stability indicators. In addition, there is information available on the website about the financial position of households, balance of payments data, and the IMF’s Special Data Dissemination Standard (SDDS) statistics. AC 1: Supervisory programmes are determined on the basis of a risk-based assessment of financial risks, which is the (net) result of perceived risks for the financial institution and risk-mitigating factors that are in place. These risks are then evaluated on the basis of probability and impact on financial stability. This assessment determines the supervisory program that is assigned to the financial institution.
Assessment	Compliant.
Comments
Principle 1(2)	Independence, accountability and transparency. Each such authority should possess operational independence, transparent processes, sound governance and adequate resources, and be accountable for the discharge of its duties.
Description	EC 1: The system of financial supervision in the Netherlands is based on the principle that DNB is fully independent in its operational activities. This is explicitly embedded in the AFS and is reflected in several dimensions. Regulatory and supervisory independence. Within the context of the AFS, DNB can exercise its supervisory activities and decide on the admission of financial enterprises to the financial markets (Section 1:24, Paragraph 2). Section 1:29 of the AFS determines that the minister can only revoke binding regulations laid down by DNB when the Minister is of the opinion that DNB has laid down generally binding regulations that are contrary to the law, a treaty or a binding decree of an international institution (Paragraph 1), or imposes an unreasonable burden on the financial markets (Paragraph 2). Also, the supervisor must have failed to remove the observed shortcoming after consultation with the ministry. In addition, only in those exceptional circumstances when the supervisor seriously fails to perform its duties, the Minister may take required measures (the AFS Section 1:43). These powers of the Minister have never been exercised and are reserved for very rare cases and would be subject to public disclosure. Institutional independence. The members of DNB’s governing board are appointed by the crown through a royal decree for renewable terms of seven years. Section 12(3) of the Bank Act 1998 states that the President and the Executive Directors of the Governing Board may be suspended or relieved from office only if they no longer fulfil the conditions required for the performance of their duties or if they have been found guilty of serious misconduct. Budgetary independence. Under the AFS, the minister may lay down rules with respect to the structure of the budget (Section 1:32). Priorities and allocation of the budget are determined by DNB. The budget is discussed with the supervisory board of DNB and then sent to the Minister of Finance and the Minister of Social Affairs and Employment. The ministers can withhold approval if the budget is contrary to the law or public interest (Section 1:30, Paragraph 5). In the course of the year, if there are substantial differences between the actual outcome and the budget, DNB has to notify the Minister of Finance (Section 1:31). In practice, there is a dialogue with the Minister of Finance on the size of the budget. In this vein, the consequences of the recent action plan for the adequacy of the resources of DNB are currently under consultation with the Minister of Finance. EC 2: DNB is accountable for its supervisory activities. The budget identifies the objectives of financial supervision for the upcoming year, based on the government-wide framework of outcome orientated budgeting. At the end of the budget year, DNB has to draw up an accounting report relating to the duties assigned under the AFS (Section 1:34, Paragraph 1). The accounting report is accompanied by a statement of an auditor regarding the fair presentation and a report on whether the collection and deployment of resources are in accordance with the AFS. Approval of the accounting report is given by the ministers and may only be withheld if the report is contrary to law or public interest. The budget and annual report are both available on DNB’s website. EC 3: DNB is a professional organization with highly-skilled employees. The average age of employees in BSD is 41 years with eight years of working experience with DNB and a yearly average of 90 budgeted training hours per employee. The analytical skills, training frequency, and academic qualifications of DNB staff are high. Not only maintaining analytic skills, but also extra focus on the application of the analysis is a priority for DNB. This is highlighted as one of the main priorities in the supervisory policy in the “DNB Supervisory Strategy 2010--2014.” EC 4: The cost of supervision is paid for by the supervised financial entities and the MoF, with the industry paying on average three quarters of the budget. According to Section 1:39 of the AFS, the industry is consulted in the budget preparation process, but does not have ultimate decision-making power. The responsibility to determine its priorities and activities fully remains with DNB. The salary scales of employees are based on a specific agreement with DNB, which is negotiated in accordance with the collective benefit agreement of the banking sector, allowing DNB to attract and retain qualified staff. The level of on-site work is not restricted by the travel budget, training budget, or abilities to attract professional external advice. AC 1: The MoF has recently announced legislation to change some governance aspects at DNB. The main elements include the strengthening of the role of the supervisory board (Raad van Commissarissen (RvV)). In addition to financial control, the RvC will also have supervisory tasks with regard to the supervisory policy made by DNB. Furthermore, appointments to the Governing Board would only be renewable once, thereby determining total tenure to a minimum of 7 years and a maximum of 14 years. However it should be noted that this description of the AC had not been enacted at the time of the assessment and thus does not contain an element of the assessment of this CP.
Assessment	Largely Compliant.
Comments	There is, in practice, no evidence of government or industry interference that compromises the operational or financial independence of DNB, and sound governance and transparent processes are applied. However, the assessment team has the following observations. First, the law seems to provide broad grounds for the Minister to intervene in DNB’s activities. Both the “unreasonable burden on the financial markets” and the “public interest” justification for overturning DNB’s rules and withholding approval for DNB’s budget are very broadly drafted and could be open to misuse. While in practice this is unlikely to be a problem, the assessment team believes that a more satisfactory arrangement would be one in which the grounds for the Minister’s intervention are more precisely defined, either in law or perhaps by a public statement from the MoF of a non-exhaustive list of circumstances in which these powers might be invoked. DNB is authorized by law to “lay down temporary, generally binding regulations in order to contribute to the stability of the financial sector.” Such regulation must be reported to the MoF without delay. It should be noted that DNB is exempted from the provision in the Dutch Independent Administrative Authorities Act (Zelfstandig bestuursorganen, ZBO’s) which stipulates that the minister may set policy rules with regard to the exercise of duties by an independent administrative authority. The second observation is that the resources devoted to banking supervision do not appear to be proportionate to the size and complexity of the supervisory task. The Netherlands banking system is one of the largest in the world relative to GDP and contains a number of large, diversified, and internationally active financial conglomerate groups that require close monitoring and intensive interaction with host supervisors overseas. The assessment team notes that DNB devotes fewer FTE posts to banking supervision than to either insurance or pensions supervision, both sectors which are less complex and which pose fewer risks to the State than the banking sector. The assessment team recommends that DNB and the MoF jointly conduct a review of the adequacy of human resources currently devoted to banking supervision; for example, by benchmarking against other countries with banking systems of comparable size and complexity.
Principle 1(3)	Legal framework. A suitable legal framework for banking supervision is also necessary, including provisions relating to the authorization of banking establishments and their ongoing supervision.
Description	EC 1: The AFS has assigned DNB the sole authority to grant and withdraw licenses to pursue the business of a credit institution in the Netherlands. Section 2:11 of the AFS determines that no person may carry on the business of a bank without being authorized by DNB. Section 2:12 determines the provisions to which an applicant will have to apply. The aspects mentioned in this section are: Expertise; Properness of persons; Policy on the sound conduct of business; Minimum number of persons determining day to day policies; Control structure; Operational structure; Minimum number of members of the supervisory board; Consolidated supervision; Minimum equity capital; Solvency; and Liquidity. EC 2: These provisions are further elaborated in Part 3 of the AFS. Within this framework of the AFS and EU legislation, DNB has the power to set prudential rules with regard to these aspects. DNB has the long-standing practice of consulting drafts of new regulations with the industry. Although it tries to resolve problems in a constructive dialogue, DNB has the ultimate decision-making power and it does not need the consent of the sector. Consultations and the reactions received by the industry are publicly available in the ‘Open Book’ section of DNB’s website. EC 3: AFS Section 1:72 provides employees of DNB with the relevant supervisory powers as defined by the General Administrative Law Act (“Algemene wet bestuursrecht”, Awb). AFS Section 1:74 adds that DNB, as an entity, has the authority to request information from any party for the purpose of the supervision of compliance with the rules under or pursuant to the AFS.
Assessment	Compliant.
Comments
Principle 1(4)	Legal powers. A suitable legal framework for banking supervision is also necessary, including powers to address compliance with laws as well as safety and soundness concerns.
Description	EC 1: Under the AFS, DNB is provided with an extensive set of instruments to take adequate action against an institution if it fails to comply in a satisfactory and timely manner with the AFS and/or derivative regulations or if events take place which may compromise the financial health of that institution. Depending on the nature of the violation and the circumstances, DNB may take punitive or corrective action. The formal instruments of DNB under the AFS consist of: Issuing an instruction to adhere to a particular line of conduct (Section 1:75); Appointing a special administrator (Section 1:76); Imposing an order for incremental penalty payments (Section 1:79); Imposing an administrative fine (Section 1:80); Requesting the court to declare emergency regulations applicable with respect of the credit institution (Section 3:160); Issuing a public warning (Section 1:94); Deciding that a particular auditor or actuary is no longer authorized to issue the statements referred to in this Act in relation to that financial enterprise (Section 1:78); Modifying, withdrawing or limiting, either fully or in part, or attaching further conditions to the license (Section 1:104); and Bringing criminal proceedings against the offender. In addition to these supervisory measures, Section 1:28 enables the DNB, in case of special circumstances, to lay down temporary, generally binding regulations in order to contribute to the stability of the financial sector A decision on the use of formal or informal instruments is dependent on multiple factors and a qualitative judgement by DNB, which is ultimately determined by the effectiveness it is believed to achieve. This means, in some cases, “moral suasion” can achieve a change in behaviour, whereas in other cases more formal instruments are more appropriate. DNB and the AFM have issued a common paper (“Nota handhavingsbeleid”) on their enforcement policy, which describes the main elements DNB uses to determine its actions. EC 2: AFS Section 1:73 in conjunction with Section 1:74 empowers DNB to access any information it deems necessary for the adequate performance of its duties, including access to banks’ Board, management, staff, and records. EC 3: If a financial institution does not comply with the provisions under the AFS (Section 1:76, Paragraph 1) or DNB signals signs of a development that may jeopardize the own funds, solvency, or liquidity of that institution (Section 1:76, Paragraph 3), DNB may appoint a custodian.
Assessment	Compliant.
Comments	DNB has introduced an internal project (“VITA: From Analysis to Action”) to enhance its willingness to use its legal powers. Although the legal powers themselves appear to be adequate, DNB’s past preference for using “moral suasion” has been shown to be ineffective in the changed conditions of the Dutch financial system over the past decade. The assessment team therefore strongly supports DNB’s initiative in this regard and encourages it to make full use of the legal powers provided for in the AFS.
Principle 1(5)	Legal protection. A suitable legal framework for banking supervision is also necessary, including legal protection for supervisors.
Description	EC 1: Neither the AFS, nor any other law includes provisions explicitly protecting DNB or its employees against legal actions brought by third parties to recover damages caused by, for instance, alleged neglect in the exercise of supervisory duties. Volume 6, Chapter 3 of the DCC contains conditions that need to be fulfilled to legally honor third parties claims in the case of imputable and culpable actions or negligence. To date, these conditions have been interpreted restrictively in legal literature and court cases, confirming that the supervisor cannot be easily held liable and therefore protecting the supervisor against such claims. EC 2: Under Section 6:170 of the DCC, an employer is liable for the actions of his employees. By consequence, employees of the supervisory authority enjoy adequate legal protection against liability suits brought by third parties in connection with their supervisory activities. On request of DNB and the AFM, the Ministry of Finance and the Ministry of Justice are exploring the possibilities to limit the financial liability of DNB and the AFM as the supervisory authorities by explicitly laying down the limitation in legislation. This could also make a contribution to a more openly critical approach of supervision.
Assessment	Compliant.
Comments	Notwithstanding the discussions that have been taking place between the supervisory authorities and the respective ministries to limit the authorities’ prospective financial liability in the event of a lawsuit being brought against them, the assessment team is satisfied that individual members of staff of the authorities are adequately protected. Since this CP component is concerned with the legal protection of the staff of supervisory agencies, the assessment team is satisfied that this CP component is fully complied with.
Principle 1(6)	Cooperation. Arrangements for sharing information between supervisors and protecting the confidentiality of such information should be in place.
Description	EC 1: Part 1.3 of the AFS is dedicated to the collaboration between the supervisors, domestically and internationally. AFS Part 1.3.1 is dedicated to the collaboration of supervisors at a national level. Sections 1:46 through 1:50 and Section 1:54 determine the collaboration between DNB and the AFM. Apart from these legal provisions, there is a covenant between DNB and the AFM arranging the cooperation in supervision, regulation and policy making in areas of common interest. In addition, there are regular informal and formal meetings to coordinate information exchange and decision making. Section 1:44, Paragraph 2 determines that the collaboration of the supervisors will be evaluated three years after the inception of the AFS. This report was recently concluded and is available on the website of the MoF. The report concludes that in practice the cooperation between the supervisors is effective, while operating from their own expertise, culture, objectives and responsibilities. Financial institutions do not experience major problems. AFS Part 1.3.2 is dedicated to the collaboration with other EU Member States and part 1.3.3 is dedicated to the collaboration with non-Member States. This includes aspects of exchange of data and information (1:51–1:54; 1:65), compliance (1:55–1:57; 1:66) and enforcement (1:57–1:59; 1:67–1:68). EC 2: In addition to these legal provisions, DNB has concluded 37 MoU’s with relevant EEA and non-EEA supervisors. An overview is provided on DNB’s website. The MoUs contain agreements about (i) the exchange of information, the rights and obligations with regard to requests for and the provision of information; (ii) cooperation in the field of supervision, for example in relation to on-site examinations (announcement, host supervisor involvement, exchange of research results); and (iii) confidentiality with regard to the information provided and received. AFS Part 1.3.3 provides for instructions governing the supply of information to the Commission of the European Communities. This information may relate to, for instance, the granting of an authorization, the granting of a declaration of no-objection, and general difficulties which financial undertakings may encounter. With respect to banks and banking groups of material interest to the home or the host supervisor, colleges of supervisors are in place. There are currently 14 colleges in place for banks, banking groups or financial conglomerates, which have regular exchange of information and conference calls and meet at least one a year. (See also CP 25). EC 3: AFS Section 1:89 states that information received by DNB from financial institutions is to remain secret. In derogation from this section and under specified conditions, the supervisor may supply to a supervisor or supervisory authority of another EU Member State (1:90) or non-Member State (1:65) confidential data or information. One of the preconditions is that information provided to foreign supervisors is subject to guarantees of professional secrecy at least equivalent to those that apply in The Netherlands and that the information shall be for the purpose of performing the supervisory task of the authorities concerned. EC 4: AFS Section 1:89 empowers DNB to refuse any demand for confidential information under in its possession. In addition, Section 1:42, Paragraph 7 determines that the Government Information (Public Access) Act, the National Ombudsman Act and Title 9.2 of the General Administrative Law Act shall not apply to the data or information that is held by the Minister or by the third party working on his instructions.
Assessment	Compliant.
Comments
Principle 2	Permissible activities. The permissible activities of institutions that are licensed and subject to supervision as banks must be clearly defined and the use of the word “bank” in names should be controlled as far as possible.
Description	EC 1: AFS Section 1:1 defines the term: “bank” as an institution that carries out the business to obtain the disposal of callable funds beyond a restricted circle, from parties other than professional market parties and to extend loans at its own expense. The AFS includes separate definitions of “restricted circle”, “callable funds” and “professional market party”. EC 2: Through its licensing procedure, DNB controls the full scope of activities of a credit institution, both for the activities listed in Annex I of the CRD as well as any other activities. The AFS embraces the concept of the ‘universal bank’ meaning that a bank is allowed in principle to pursue all banking activities. In line with this concept, AFS Section 3:32 states that a licensed bank incorporated in the Netherlands is allowed to carry out at least the activities listed in Annex I to the CRD, unless the license granted by DNB expressly states otherwise. Activities that a bank may carry out but which are not listed in Annex I to the CRD include other financial activities such as offering insurance through a subsidiary (provided a license has been obtained in accordance with the relevant provisions of the AFS) and non financial activities (e.g., running a travel agency). Such activities are covered and restricted by DNB’s consolidated supervision. EC 3: Corporations and institutions that have not obtained a license as a credit institution (i.e., either a bank or an electronic money institution) are prohibited, with certain exceptions, by AFS Section 3:7, from using the word ‘bank’ and its derived forms or translations as part of their name or in the pursuit of their business, unless this is done in a context which clearly shows that it does not operate in the financial markets. DNB actively searches for undertakings that illegally conduct activities where a license would have been required. In case an offence is perceived, measures are taken. For an overview of the available measures, please refer to the description given in response to Principle 1(4) on legal powers and Principle 23 on corrective measures. EC 4: DNB can grant dispensation (based on AFS Section 3:7 subsection 4) from this prohibition if the protection that AFS Section 3:7 seeks to provide, can be achieved by other means. A similar legal prohibition also applies to receiving funds repayable on demand (deposits) from the public. AFS Section 3:5 provides that the business of receiving funds repayable on demand or subject to notice being given is an activity that may only be carried out by banks that are licensed in the Netherlands, banks that have obtained a license in another EEA state or institutions that receive such funds as a result of offering securities to the public in accordance with the applicable provisions of the AFS. DNB can grant dispensation from this prohibition if certain criteria are met. The sanction against violation of these prohibitions is the imposition of an administrative fine or a cease and desist order by DNB or, if necessary, prosecution under the Economic Offences Act. EC 5: Pursuant to Section 1:107 of the AFS, all banks that have obtained a license from DNB are entered into a public register. If DNB has restricted the activities that an individual institution is authorized to pursue under its license, that institution’s entry in the Register lists the permitted activities.
Assessment	Compliant.
Comments
Principle 3	Licensing criteria. The licensing authority must have the power to set criteria and reject applications for establishments that do not meet the standards set. The licensing process, at a minimum, should consist of an assessment of the ownership structure and governance of the bank and its wider group, including the fitness and properness of Board members and senior management, its strategic and operating plan, internal controls and risk management, and its projected financial condition, including its capital base. Where the proposed owner or parent organization is a foreign bank, the prior consent of its home-country supervisor should be obtained.
Description	EC 1: Under AFS Section 2:11, DNB is both the licensing authority and the supervisory authority for all banks having their registered office in the Netherlands. The AFM is the competent supervisory authority for the banks’ conduct of business and when dealing with a request for a license to pursue activities as a bank as well as an investment institution, the AFM is competent to assess certain aspects regarding the applicant’s investment activities (AFS Section 1:48). The assessment of the AFM is incorporated into DNB’s decision regarding the license application. EC 2: The AFS contains a detailed set of criteria (Sections 2:12 and 2:13 AFS) that must be met before a license to pursue the business of a bank in the Netherlands may be granted. The criteria allows DNB sufficient discretion to set conditions and to assess to what extent these conditions have been fulfilled and to determine whether the requested license should be issued. This freedom is limited by principles of general administrative law to which all public bodies must adhere. EC 3: The same criteria used to assess an application for a license also apply on an on-going basis to institutions that have been granted a license. DNB has a set of instruments at its disposal to take corrective action if any of these criteria is no longer satisfied (see also CP 1(4)), including the power to withdraw an issued license. The set of instruments for corrective action is currently being reviewed by the MoF and DNB (see also CP 23). The outcome of the review may lead to amendments of the AFS. Having obtained a license, a bank is subject to ongoing supervision by DNB, which includes an ongoing assessment of the bank’s ability to realise its stated objectives and whether any restrictions attached to the license are being complied with. The bank must at all times meet the authorisation criteria. Failure to satisfy any of these criteria may lead to the withdrawal of the license in accordance with AFS Section 1:104 (1) (d). EC 4: Section 2:12 AFS provides that DNB will grant the license to pursue the business of a credit institution (i.e., bank or electronic money institution) in the Netherlands if the criteria, mentioned in 2:12 (1) (a) through (k) of the AFS are met. The standards that need to be met and the information that needs to be submitted are set out in more detail in a number of Decrees and Regulations. An application will not be considered until all information needed to assess the application has been received and will be rejected if the requisite criteria are not met and/or the information provided by the applicant is inadequate. In practice, DNB conducts an extensive dialogue with the applicant to ensure DNB has a thorough understanding of the applicant’s envisaged business. EC 5, 6: If an application for a bank license is submitted, DNB scrutinises persons and corporations holding a qualifying holding (10 percent or more) in the shares or votes of the applicant. Pursuant to Section 3:95 AFS, persons or corporations with a qualifying holding must apply for a declaration of no-objection. If DNB refuses to grant a declaration of no-objection to the holder of a qualifying holding, DNB will also refuse to issue the bank license to the applicant (Section 2:12 (2) AFS). See also description of CP 4 (Transfer of significant ownership) and CP 5 (Major acquisitions). EC 7: A bank must hold a minimum amount of capital or ‘own funds’ in the amount of EUR 5 million (see Section 3:53 AFS and Section 48 of the DPR. EC 8: Before DNB issues a bank license to an institution, as well as during the duration of the period the bank remains active under its license, members of the management board and the supervisory board of a credit institution must meet requirements of fitness and properness. The provisions relevant to these requirements are found in AFS Sections 3:8 and 3:9. Also, procedures must be in place to deal with conflicts of interest (AFS Section 3:10). The assessment of prospective members of a management or supervisory board involves consulting public sources of information, conducting interviews with management board members, reviewing questionnaires, and requesting the persons named as referees to give their judgment. Further provisions regarding the trustworthiness of management and supervisory board members are laid down in the DPR. EC 9, 10: As part of an application for a bank license, a business plan must be presented, detailing the kind and size of activities planned with a projection of the resulting financial developments covering at least three financial years (Section 8 (1)(f) of the Decree on Market Access under the AFS (Besluit markttoegang financiële ondernemingen Wft, hereafter “BMT”). The business plan should also provide insight into the formal and the actual control structure and the prospective administrative organisation, including the financial administration and internal control. The relevant legal provisions in this context are AFS Sections 3:17 and BMT Section 8. The AFS and its subordinate legislation also contain requirements as to banks’ corporate governance, with respect to the organisation and control of banks’ business processes, including outsourcing (Section 3:18 AFS). The application process and especially the evaluation of the business plan includes an assessment of whether the applicant will be able to satisfy DNB’s rules relating to solvency, liquidity, administrative organisation and internal control, both in the short and in the longer term. EC 11: If the license that is applied for concerns a branch of a credit institution that is incorporated outside the EEA, the application must meet similar criteria to a bank incorporated in the Netherlands and the same information must be provided. In addition, AFS Section 2:21 requires that the branch of the non-EEA institution applies a financial bookkeeping separate from that relating to the activities carried out in its home state. DNB also requires a written statement by the relevant foreign supervisor to the effect that it has approved the establishment of a subsidiary or branch in the Netherlands. If a credit institution incorporated within the EEA intends to pursue activities as a credit institution from a branch office in the Netherlands or by providing cross border services, the notification procedures of respectively AFS Sections 2:14 and 2:18 apply, i.e., the credit institution that already has a license within the EEA can obtain a “passport” for its license to another state within the EEA. EC 12: A license once issued may be withdrawn by DNB if the information or documents submitted to obtain the license prove to be incorrect or incomplete to such an extent that the decision made in respect of the application for the license would have been different if, at the time of that decision, the correct circumstances would have been known in full (see Section 1:104 (1) (b) of the AFS). EC 13: Supervision pursuant to the AFS is exercised under the assumption that a bank’s management board is collectively responsible for the implementation of and compliance with the required organisational and risk control measures, including compliance with the requirements of applicable legislation. This means that DNB expects that the management board of a bank as a whole has a good understanding of the risks run by the institution and of the manner in which these risks can be controlled. Regular supervision assesses the quality of an institution’s management on an ongoing basis. AC 1: The assessment of the application does include the ability of shareholders to supply additional financial support if needed. This assessment is largely reflected in the assessment of the financial position of the shareholder. However, a firm obligation on the shareholder to provide support is not laid down in the AFS. Usually, discussions on this subject with the applicant and/or its shareholder will be held during the assessment of the application. This may result in the assessment (through a letters of comfort or based on the discussions itself) that the shareholder is severally liable. Once the applicant has been granted its license and is supervised on a continuing basis, DNB has several legal instruments (see principle 1(4)) in order to correct non-compliance with the solvency and liquidity requirements as laid down in the AFS and its subordinate legislation. AC 2: In its day-to-day supervision, DNB monitors the progress of new entrants in meeting their business and strategic goals, and to determine whether supervisory requirements outlined in the license approval are being met. DNB does not only assess the aforementioned achievement of goals, but also performs a feasibility study on said goals and the accompanying processes to achieve them.
Assessment	Compliant.
Comments	On 1 September 2010, a joint DNB and MoF draft Policy Rule on the fitness and propriety requirements of, members of the management board and the supervisory board of financial institutions was issued for public consultation It is expected that this Policy Rule will enter into force on January 1, 2011. In this Policy Rule DNB and the AFM elaborate on the requirements for fitness, the variables of the assessment (the position and responsibility of the person assessed as well as the nature, scale, complexity and the risk profile of the company), the composition and functioning of the managing and supervisory boards, the information and antecedents that the supervisors will take into account when assessing a person’s fitness and the weighing of the information and antecedents used, and the further cooperation between DNB and the AFM (such as a joint panel for periodic review of the policy rule). In addition to this new Policy Rule, a change in the AFS is being prepared to replace the provisions on the assessments of fitness (Section 3:8 of the AFS) and properness (Section 3:9 of the AFS) with a single suitability assessment. This assessment is meant to cover fitness, properness, and other facts and/or circumstances that may influence the suitability of a person. The legislative proposal is expected to be submitted to Parliament soon. Once these changes have been adopted, the single suitability assessment will enable the weighing between fitness and properness, facilitate decision-making in marginal cases and enable DNB and the AFM to weigh circumstances that are not directly related to fitness or properness, but which may nevertheless affect the suitability of the person (e.g., membership of supervisory boards in multiple companies or a management board member who owns the bank etc.) Supervisory board members are currently only assessed as to their properness. The single suitability assessment will also allow the assessment of their expertise.
Principle 4	Transfer of significant ownership. The supervisor has the power to review and reject any proposals to transfer significant ownership or controlling interests held directly or indirectly in existing banks to other parties.
Description	Based on AFS Section 3:95, institutions should obtain a “declaration of no-objection” from DNB (or, in certain circumstances as described by law, the Minister of Finance)5 in cases where there is a qualifying majority in ownership (or the exercise of control relating to the qualifying majority holding in banks), or a transfer thereof, in other entities as specified by Law. DNB, or in certain cases the Minister of Finance, will issue such a declaration of no-objection unless the acquisition of the qualifying holding would (i) lead to any influence on the applicant which in the opinion of DNB would run counter to sound and prudent banking policy (Section 3:100 (a) AFS), (ii) lead to the applicant forming part of a group whose formal or actual control structure would be lack transparency to a degree that would prevent the adequate exercise of supervision (Section 3:100 (b) AFS) or (iii) lead to an undesirable development of the financial sector (Section 3:100 (c) AFS). As disclosed in the DNB 2009 Annual Report, DNB granted 78 declarations of no-objection for qualifying holdings in banks and 384 of such declarations in total for 2009. Assessment processes differ in size and complexity in relation to the parties involved and are also subject to changes in regulatory environment, mainly as a result of an EU directive regarding procedural rules and evaluation criteria for the prudential assessment of acquisitions and increase of holdings in the financial sector (2007/44/EC, hereafter the ‘Acquisitions Directive’). EC 1: AFS Section 1:1 defines a ‘qualified shareholding’ as a direct or indirect holding representing: interest of 10 percent or more in the share capital of an enterprise (this threshold is increased from 5 percent since the previous FSAP and now also includes group-declaration of no-objection); right to exercise 10 percent or more of the voting rights in a shareholders meeting of an enterprise; or form of control comparable to the items mentioned under (i) and (ii). EC 2, 3: The main provision in respect of supervision on ownership in banks is set out in AFS Section 3:95 (1)(a) which contains a prohibition on obtaining or increasing a qualifying holding in a bank without the prior approval of DNB. The assessment criteria for such approval is outlined in AFS Section 3:100 (1) which states that a declaration of no-objection is granted unless, in the opinion of DNB, holding, acquiring or increasing a qualifying holding by an applicant: would or could lead to an influence on the bank concerned which would conflict with sound and prudential business conduct; would or could lead to the bank concerned forming or becoming part of a group within which the formal or actual control structure is lacking in transparency to such an extent that it could impede adequate exercise of supervision of the respective bank; or would or could lead to an undesirable development of the financial sector (based on the Acquisitions Directive-see below-this criterion would have to be reconsidered. The decision to amend the AFS accordingly however, is still under consideration in Parliament). The Acquisitions Directive entered into force on September 5, 2007. This directive should have been implemented into Netherlands’ law on March 21, 2009, but until now this has not yet been achieved as the proposal for an amendment of the AFS is still under consideration in Parliament. This last criterion is subject to debate in Netherlands’ Parliament, as it was considered not in conformity with the Acquisitions Directive as it did not address pure prudential requirements of either the proposed holder of a qualified shareholding or the target financial institution. However, DNB currently processes applications for a “declaration of no-objection” by using the procedure for the assessment as outlined in the Acquisitions Directive. This has been consistently communicated towards market parties as of March 21, 2009. More specifically, DNB has adopted an approach of using the criteria as proposed by the Acquisitions Directive (open bullets above) to interpret the more broadly defined criteria as currently described in AFS Section 3:100 (1). As a result of the implementation of the Acquisitions Directive the criteria mentioned above will be changed to reflect an assessment which is aimed at more objective prudential requirements in relation to either the proposed holder of a qualifying holding or the target financial institution itself. These criteria are: the reputation of the proposed acquirer; the reputation and experience of any person who will direct the business of the financial institution as a result of the proposed acquisition; the financial soundness of the proposed acquirer, in particular in relation to the type of business pursued and envisaged in the financial institution in which the acquisition is proposed; the ability of the financial institution to comply on an ongoing basis with the applicable prudential requirements. In particular, whether the group of which it will become a part has a structure that makes it possible to exercise effective supervision and effectively exchange information among supervisory authorities and determine the allocation of responsibilities among them; and whether there are reasonable grounds to suspect that, in connection with the proposed acquisition, money laundering or terrorist financing is being or has been committed or attempted, or that the proposed acquisition could increase the risk of this occurring. EC 4: AFS Section 3:103 (1) provides that (legal or natural) persons holding a qualifying holding are obliged to inform DNB of any changes in their respective qualifying holdings should they either reach, exceed or fall below 10, 20, 33, 50, 95, or 100 percent. Pursuant to AFS Section 3:103 (2), a bank has a duty (to the extent of its knowledge) to inform DNB annually of the identity of every (legal or natural) person that holds a qualifying holding in the respective bank. Any changes in a qualifying holding causing the holding to reach exceed or fall below 10, 20, 33, 50, 95, or 100 percent or causing the bank to become or cease to be a subsidiary must be reported by the bank as soon as it is informed of such fact. Information on shareholdings in a bank may also be obtained through specific request, during on-site inspections or meetings with management of the bank. This is a basic element in the practice of ongoing supervision. EC 5: When a declaration of no-objection is granted, DNB may attach restrictions and/or conditions to such declaration of no-objection in accordance with AFS Section 3:104 (1) if it deems that from the assessment of the criteria set out in AFS Section 3:100 (1) certain issues/risks have been identified. Such identified issues may, for example, be too remote or low impact that a rejection of an application for a declaration of no-objection would be disproportionate. In such case imposing certain restrictions or conditions could be sufficient in order to mitigate the identified issues/risks. Should a (legal) person who has been granted a declaration of no-objection not comply with the relevant provisions of the AFS, DNB has the authority to give an instruction (“aanwijzing”, Section 1:75 AFS) in order to have such person act in compliance with the AFS. With regard to the situation that a declaration of no-objection is lacking, DNB has several more intrusive enforcement measures at its disposal. In case a qualifying holding is held by a (legal) person without having been granted a declaration of no-objection, DNB can impose a singular administrative fine (“boete”, AFS Section 1:80) or (as the case may be) a recurring penalty (“dwangsom”, AFS Section 1:79) aimed at forcing a company to act in compliance with the applicable laws. A more specific enforcement measure with regard to declarations of no-objection, as set out in Section AFS 3:104 (2), is that DNB may request the applicable District Court to nullify (vernietigen) a shareholder’s decision that was made by, or in conjunction with, a (legal) person holding a qualifying holding without the mandatory declaration of no-objection. Furthermore, in accordance with AFS Section 3:105 (4), DNB may attach restrictions and/or conditions to an existing declaration of no-objection or revoke such declaration if circumstances occur or facts become known that would have resulted in an different assessment of the respective declaration of no-objection. AC 1: With reference to the AFS banks and/or external auditors must notify DNB of any material issues which may negatively affect the banks’ operation.
Assessment	Compliant.
Comments
Principle 5	Major acquisitions. The supervisor has the power to review major acquisitions or investments by a bank, against prescribed criteria, including the establishment of cross-border operations, and confirming that corporate affiliations or structures do not expose the bank to undue risks or hinder effective supervision.
Description	AFS Section 3:96 contains an assessment procedure (similar but not the same as described under CP 4) specifically for banks that stipulates that banks must obtain a ‘declaration of no-objection’ from DNB before they are allowed to engage in certain activities such as reducing equity capital, major investments, transfers of assets and liabilities, mergers and financial or corporate reorganisations.* Furthermore, the AFS contains a procedure for the establishment of a foreign branch-office, which also requires prior approval of DNB. EC 1, 3, 5: AFS Section 3:96 (1) is specifically addressed to banks and requires a bank to apply for a declaration of no-objection before it may engage in the following activities: reducing equity capital through dividend or reserve distributions; acquiring (or as the case may be increasing) a qualifying holding in another financial institution, the value of which exceeds 1 percent of the banks consolidated balance sheet total; acquiring (or as the case may be increasing) a qualifying holding in a non-financial enterprise if the value exceeds 1 percent of the banks consolidated equity total; acquiring assets or liabilities which in value exceed 1 percent of the banks consolidated balance sheet total; a merger with a company of which the balance sheet total exceeds 1 percent of the consolidated balance sheet total of the respective bank; financial or corporate reorganisations; and allowing a general partner to accede to the bank if the bank has the legal form of a limited partnership (seldom used). The process for the establishment of a foreign subsidiary (separate legal entity) should be distinguished from the establishment of a foreign branch-office (same legal entity). The establishment of foreign subsidiaries of Dutch banks is subject to assessment for a declaration of no-objection as described in Section 3:96 (1) (b) or (c), of the AFS depending on the type of subsidiary. Establishment of a branch-office is regulated by Section 2:108 (branch in another EEA member state) and Section 2:111 (branch in non-EEA member state), respectively. The CRD provides for specific procedural rules on the establishment of a branch office in an EEA member state in contrast to non-EEA member states. In any case, prior approval of DNB is required for the establishment of both types of branches. EC 2, 3, 4: The assessment criteria for a declaration of no-objections in respect of activities by banks are laid down in AFS Section 3:101. Such a declaration of no-objection is granted unless, in the opinion of DNB, the proposed activity by a bank: would or could conflict with capital requirements for the bank as outlined in AFS Section 3:57; would or could lead to an influence on the bank concerned which would conflict with sound and prudential business conduct; and would or could lead to an undesirable development of the financial sector. Should the proposed activity concern a full acquisition/obtaining a qualifying holding by a bank in another bank/financial institution in an EEA member state the Acquisitions Directive would be the regulatory framework under which the assessment would take place. An integral part of the assessment procedure is the obligation to co-operate between the respective competent supervisors (home or host). DNB has the power to prohibit the establishment by Dutch banks of foreign subsidiaries or joint ventures in a particular country if the flow of supervisory information from that country is likely to be insufficient under local legislation or other regulations. As explained above, the establishment of a branch office of a bank is regulated through a different procedure than a declaration of no-objection. The main assessment criterion is similar for both types of branches and requires that from the outset, adequate financial and organisational resources are in place at the respective bank to manage the proposed activities deployed in such foreign branch office as set out in AFS Sections 2:109 and 2:111. EC 6: As is the case for a declaration of no-objection in respect of a qualifying holding in a bank, DNB may attach restrictions and/or conditions to such declaration of no-objection in accordance with AFS Section 3:104(1) if it deems that from the assessment of the criteria set out in AFS Section 3:101 certain issues/risks have been identified. Such identified issues may, for example, be too remote or have too low impact that a rejection of an application for a declaration of no-objection would be disproportionate. In such a case imposing certain restrictions or conditions could be sufficient in order to mitigate the identified issues/risks. Should a bank which has been granted a declaration of no-objection to engage in certain activities not comply with the relevant provisions of the AFS, DNB has the authority to give an instruction (aanwijzing) in order to have such a bank act in compliance with the AFS. Similar to the situation in respect of declarations of no-objection for a qualifying holding in a bank, DNB has several enforcement measures at its disposal for (the absence of) declarations of no-objection for the activities as mentioned above by banks. For the enforcement measures see CP 4 (above). DNB may in accordance with AFS Section 3:105, attach restrictions and/or conditions to an existing declaration of no-objection or revoke such declaration if circumstances occur or facts become known that would have resulted in a different assessment of the respective declaration of no-objection. AC 1: In the event that a bank wishes to acquire a significant shareholding in a bank in a non-EEA member state, the assessment criteria would in general require the supervision in such other country to be reviewed. See also descriptions under CP 24 and 25 for a more detailed description on consolidated supervision and international co-operation.
Assessment	Compliant.
Comments	The EU Acquisitions Directive primarily covers the situation of qualified shareholdings in financial institutions and not the situation where financial institutions engage in the activities as referred to in AFS Section 3:96(1). However, there could be an overlap in some areas such as in the event an acquisition is made by a bank in another bank/financial institution in another EEA member state. In such case the Acquisitions Directive would take priority over national laws as is also provided in the proposal for implementation of the Acquisitions Directive in the AFS.
Principle 6	Capital adequacy. Supervisors must set prudent and appropriate minimum capital adequacy requirements for banks that reflect the risks that the bank undertakes, and must define the components of capital, bearing in mind its ability to absorb losses. At least for internationally active banks, these requirements must not be less than those established in the applicable Basel requirement.
Description	EC 1: All banks, having their registered office in the Netherlands, are required to calculate and report their solvency level on a quarterly basis in accordance with rules laid down in DPR chapter 10. No distinction is made between internationally active or domestic institutions. All banks must submit supervisory returns except for those benefiting from a guarantee, provided in accordance with Section 403 of the DCC by a parent company that in itself is subject to consolidated supervision. AFS Section 3:57 and DPR Section 60, require banks to maintain a minimum solvency level of 8 percent. Rules on the calculation of risk weighted assets are specified in DPR Sections 60a-64 and rules on the composition of eligible capital are specified in DPR Sections 89-94. All these rules are based on the EU CRD and as such, are compliant with the Basel II standards. The same applies to the ‘Supervisory Regulation on the Recognition of Hybrid Instruments as Regulatory Capital Components’ that provides detail on which hybrid capital instruments can be included in Tier 1-capital. These rules are compliant with the Basel Press Release of October 1998 and ensure that hybrid capital is sufficiently loss absorbing and permanent and that the bank has a sufficient level of discretion to skip payments when necessary. Whereas the legal maximum of non-core elements (e.g., hybrids or preference shares) in Tier 1 capital is 50 percent, the de facto maximum (see Section 4:2 of the Hybrid Regulation) enforced by DNB is 25 percent. EC 2: As noted in EC 1, all of DNB’s requirements on the definition of eligible capital, risk weighted assets and minimum ratios are in compliance with the applicable Basel requirements, no distinction is made between internationally active and domestic institutions. EC 3: The standard pillar 1-minimum solvency ratio for all banks is 8 percent (DPR Section 60 (1)). This is a generic requirement for all banks. In practice, however, banks operate at capital levels that are much higher than the legal minimum. AFS Section 3:111a gives DNB the authority to impose a higher capital charge, to pursue a specific provisioning policy or to limit the risk profile of the institution if DNB determines that the institution cannot ensure that its business is conducted in a controlled and sound manner. DNB can also impose a higher capital charge if it comes to the conclusion (on the basis of its Supervisory Review and Evaluation Process (SREP) that the amount or composition of available capital does not adequately cover of the totality of a bank’s risks. Each bank that is required to submit a quarterly solvency report is subject to an annual pillar 2-assessement in which the entire risk profile of the institution is reviewed, along with the composition and amounts of required, available and economic capital and the quality of capital management. In line with the ‘Policy Rule on Principles for the Implementation of Pillar 2 of the Basel II Capital Accord’ banks are required to have a sound ICAAP, a component of which is the setting of capital adequacy target that is in excess of the minimum requirements. The supervisor’s assessment of both the quality of the ICAAP and the outcome of this process in terms of capital (targets) is reviewed by a DNB internal ‘SREP-panel’ consisting of the Division Director Banking Supervision and a number of specialists. In most cases, the SREP-panel endorses to the target ratios proposed for each bank which in practice are significantly in excess of the regulatory minimum. In a few cases where the bank’s internal targets were found to be insufficient, a formal, higher, minimum ratio has been imposed. These banks were also prohibited from distributing their earnings. EC 4: As specified in the Pillar 2 Policy Rule, the ICAAP must be comprehensive, i.e., all material risks (on- or off-balance sheet, quantifiable or not) must be covered. To a large extent, off-balance sheet risks are already covered in Pillar 1, but some of these risks, e.g., certain pension obligations, are specifically addressed in pillar 2. EC 5: See description of EC 3. EC 6: In addition to the measures discussed under EC 3, DNB has other powers at its disposal to take action when an institution’s solvency is endangered. If DNB detects signs of a development that may jeopardise the solvency (or liquidity) of a bank under its supervision, DNB may take any of several measures under AFS Sections 1:75 and 1:76, including an instruction on the course of action to be pursued by the bank or the appointment of a special administrator. The actual measures taken will depend on the circumstances of the particular case. EC 7: The DPR and a number of DNB policies contain detailed quantitative and qualitative requirements for internal (credit, market and operational) risk models. All models that are used by banks for regulatory capital calculation purposes need to be validated by DNB before they can be used. Regular supervisory inspections are conducted to ensure ongoing compliance with applicable rules and the closure of (non-material) gaps that may have been allowed at the time of approval. AC 1, 2: As explained above, no distinction is made between internationally active and domestic banks. All capital regulation, including rules on the scope of consolidation, is in compliance with the Basel requirements. The policy rule “Scope of consolidated and solo-supervision for banks and securities firms” contains detail on which entities fall within or outside the scope of solvency regulation. In general, banking entities in a group that benefit from (among other conditions) a 403-guarantee6 (referring to the relevant section in the CDD) by the parent company (which in itself is subject to consolidated regulation), are usually not tested on a stand-alone basis. However, these are exceptional cases and most banks are subject to stand-alone capital adequacy assessments. Parent (banking) companies that have international activities are subject to regular standalone capital adequacy testing on the basis that free transferability of capital throughout the group cannot be assumed. AC 3: DPR Section 24a as well as ICAAP principle 8 as referred to in the Policy Rule on Pillar 2 requires that the ICAAP process shall be forward-looking. This principle has been the basis for extensive discussions between DNB-staff and the management of banks on issues like capital forecasts and contingency planning. Since 2008 stress testing has been an integral part of these discussions. Banks have to demonstrate that their solvency levels remain healthy in the foreseeable future and under severe but plausible stress scenarios (see annex B of Policy Rule on Pillar 2). In line with the norm set by CEBS, DNB’s board ruled that even under a stress scenario set by DNB, banks should still be able to maintain a minimum Tier 1 ratio of 6 percent. Banks that were not able to meet this test were required to raise fresh capital or were prevented from dividend payments. AC 4: Based on the Policy Rule on Pillar 2 banks are required to report on the distribution of required, available and economic capital throughout the group. In some cases these reports have led to discussions between supervisors and bank management on the distribution of capital and to the redistribution of capital across the group so as to better align (locally) available capital with the (local) risk profile. AC 5: As discussed in respect of EC 3, there are no legal or practical impediments for supervisors to require that individual banks or banking groups maintain capital above the minimum.
Assessment	Compliant.
Comments
Principle 7	Risk management process. Supervisors must be satisfied that banks and banking groups have in place a comprehensive risk management process (including Board and senior management oversight) to identify, evaluate, monitor, and control or mitigate all material risks and to assess their overall capital adequacy in relation to their risk profile. These processes should be commensurate with the size and complexity of the institution.
Description	EC 1: DPR Paragraph 4.2 (“Risk Management”) pursuant to AFS Section 3:17 requires that banks have adequate policies, systems, and procedures to identify, measure and manage their risks. This provision of the DPR stipulates the requirements for banks regarding its risk management framework. It requires, for example, an independent risk management function systematically identifying, measuring and managing risks. Based on DPR Chapter 4 “Controlled pursuit of the business operations” high level standards are set with regard to the qualitative requirements on risk management, organization and control for all types of risk. Based on these–principle based–standards, more detailed guidance is used in supervisory practice. EC 2, 3, 4, 5, 6, 7, 9 and 10: It is up to the bank to justify why a particular risk management framework is adequate for its type of business and it is the role of DNB to assess the adequacy of this arrangement. DNB’s assessment of the risk management framework is a central component of its supervisory activities. DNB evaluates the functioning of risk management on an on-going basis through regular meetings, targeted examinations, and analysis of reports. The assessment includes an assessment of the ability of the risk manager to provide sufficient countervailing power to the business. In most cases the functioning of risk management is assessed when examining a specific risk category (e.g., credit or liquidity risk, see also CP 8, 13, to 16) Overall assessment of risk management is also taken into account when performing the SREP. See also the description in the assessment of CP 6. The assessment of the adequacy of risk management focuses on the following issues: is the Board responsible for risk management and is it capable of this task? risk culture or risk awareness in the bank; independence of the risk management function; access to senior management and the Board by the risk management function. holistic approach to risk management; risk appetite set by top management, based on the business strategy and chosen business model, which is translated into adequate policies and a limit setting structure. Risk reporting to the senior management and Board of the bank; review models and methods used by the bank to measure risks (including the requirement of independent validation of the models); and discussing major initiatives regarding the risk profile and/or the risk management framework. Non compliance is enforced with reference to AFS Section 3:111a and DPR 23. For market, credit and operational risk, DNB performs periodic evaluations of the frameworks governing risk models. One of the items assessed is the extent to which the bank performs internal validation and regular monitoring as well as reviews of its models. EC 8: New products do not need to be reviewed by DNB ex-ante. Through risk management reports and regular meetings with senior management, new products are discussed. Examinations are conducted when product approval processes are identified as an area of risk. AC 1: DPR Section 23(6) requires that the financial undertaking has an independent risk management function that carries out independent risk management in a systematic manner that is aimed at identifying, measuring and evaluating the risk to which financial undertakings or branches are or can be exposed. The risk management is carried out both with regard to the financial undertaking or the branches as a whole and with regard to the separate business units. In the explanatory notes to the DPR it is clarified that the way the risk management function is structured, should depend on the size and complexity of the undertaking. The explanatory notes continue by saying that it is customary that especially larger and more complex banks, risk analysis are conducted by an independent risk management function. In practice, when assessing the set-up of a banks’ risk management organisational structure, all complex banks are expected to have specific units for risk management of material risks. AC 2: On a yearly basis a macro stress test is conducted by DNB. Banks are expected to conduct rigorous, forward looking bank specific stress tests as part of their own risk management. This is evaluated annually as part of the SREP or at a higher frequency if necessary. AC 3: Other material risks are taken into account in an institution’s ICAAP, based on the requirement of AFS Section 3:111a and DPR Section 23.
Assessment	Compliant.
Principle 8	Credit risk. Supervisors must be satisfied that banks have a credit risk management process that takes into account the risk profile of the institution, with prudent policies and processes to identify, measure, monitor and control credit risk (including counterparty risk). This would include the granting of loans and making of investments, the evaluation of the quality of such loans and investments, and the ongoing management of the loan and investment portfolios.
Description	EC 1: The DPR Section 24a requires banks to have adequate strategies and procedures to align their own funds with their current and potential risk profile. Furthermore, Section 23a of the DPR requires banks to: establish procedures regarding acceptance, adjustment, renewal and refinancing of credit facilities; have an effective credit administration and monitoring framework for credit portfolios and exposures, including effective systems for the detection and management of problem assets, indexation and provisioning; and ensure that the credit portfolio is diversified in line with the general credit strategy of the bank. Since the introduction of the AFS and its secondary legislation, DNB has assessed the compliance of IRB banks with these requirements through its assessment of applications to use IRB, and as part of its on-going reviews of these banks’ IRB systems. Under pillar 2 of the Basel framework, DNB conducts an assessment of the ICAAP of each institution, through the SREP (AFS Section 3:18a and DPR Section 4.2). An integrated part of the ICAAP is the assessment of an institution’s capital adequacy in respect of credit risk. This assessment is based on routine supervisory work in line with the FIRM process (see CP 6). In addition, stress testing is used to assess the credit risk performance of an institution. EC 2: The control environment of the bank is assessed at least yearly, in the Risk Assessment Process (RAP) cycle. The reference framework for the RAP-cycle is the FIRM methodology which concludes in scores for inherent credit risk, for the credit risk control environment and for a resultant net score. In line with the materiality of these risks, the supervisor determines how, and to what extent, credit risk will be followed up in the supervisory cycle. The options range from off-site examinations of a bank’s risk management information to an in-depth on-site review of the credit risk function. The FIRM scores for credit risk are documented in a separate fact sheet for each bank. Ultimately, the supervisory risk assessment is shared with the bank’s Board. Apart from the annual RAP-cycle, parts of the control environment may be subject of special examinations. Recent examples include: a thematic credit portfolio review on institutions with relatively large foreign exposures and investments; a sector wide periodic data request on exposures in restructuring, arrears and default; and a sector wide examination on financing of and investment in commercial real estate. EC 3: DPR Section 11 requires banks to have adequate policies and procedures to ensure integrity in credit decisions, e.g., preventing conflicts of interest. Furthermore DPR Section 12 requires that banks have procedures to manage and report integrity issues. Sections 14 and 16 require banks to have appropriate measures for customer due diligence. DNB assesses compliance with these provisions through regular contacts with banks’ internal compliance departments as well as special examinations, sometimes conducted on a sector wide basis. EC 4: By AFS Section1:74 DNB is empowered to require information from any party for the purpose of monitoring a bank’s adherence to the Act’s requirements, including those relating to credit and investment portfolios. A bank is legally obliged to co-operate under Section 5:20 of the General Administrative Law Act (“Algemene wet bestuursrecht”). Should an institution fail to do so, DNB can impose a penalty under AFS 1:79 (1d) and 1:80 (1d). In practice DNB generally obtains the cooperation of institutions without needing to apply legal sanctions, and has not experienced any problems in obtaining credit risk information. AC 1: DPR Section 23(4) requires banks to establish procedures and measures with respect to the granting of credit, including limit policies and controls. Assessment of those procedures and measures involves taking into consideration risk committee structures, delegation matrices, limit policies as well as taking note of minutes of such risk committees and/or review samples of individual credit files. AC 2: See EC 2 where counterparty credit risk is included. Additionally, in the Regulation for Solvency Requirements for credit risk a separate chapter addresses the requirements for counterparty credit risk. Counterparty credit risk is covered by the expert group for trading book risk rather than the expert group for credit risk, as DNB take an holistic approach towards all risks in the trading book. In the FIRM framework the appropriateness of processes is assessed in light of the size and complexity of the institution; an institution trading innovative and state-of-the-art products should have state-of-the-art risk management processes and models. AC 3: DPR Section 23a (1) and (2) requires banks to have procedures for the acceptance, adjustment, renewal and refinancing of credit facilities, and that banks have an effective credit administration and monitoring framework for credit portfolios and exposures. More specifically, the Regulation on Solvency Requirements for Credit Risk Section 3:76 stipulates that IRB banks use all relevant information in estimating the risk parameters.
Assessment	Compliant.
Comments
Principle 9	Problem assets, provisions and reserves. Supervisors must be satisfied that banks establish and adhere to adequate policies and processes for managing problem assets and evaluating the adequacy of provisions and reserves.
Description	See also more specific and detailed explanation in the comment section below. EC 1: DPR Section 23 requires banks to have adequate systems and procedures to identify, measure, and manage their risks. More specifically Section 23a requires banks to use effective systems for the continuous administration and monitoring of the various portfolios and receivables that entail credit risks, including the detection and the management of problem loans, performing adequate value adjustments and making provisions. EC 2, 3: The identification and classification of problem assets and provisioning policies and processes are part of the scope of supervision on financial risks, both on and off-balance sheet. As part of the routine supervisory process, discussions are held with bank management on both the overall quality of the asset portfolio and on specific problem assets; these discussions are based on risk management reports and reports by the internal and/or external auditors. Since the start of the credit crisis, DNB has required major institutions to report quarterly on their exposures in arrears. EC 4: Provisioning policies and processes are reviewed during the routine supervisory process. The actual level of provisions is determined by the external auditor in line with accounting principles on asset valuation. DNB will discuss the adequacy of provisions with the external auditor where appropriate. EC 5: Supervisory assessments include a review of policies, processes and organisational resources for problem asset identification and management. This is done through the investigations and reports made by internal auditors and specific on-site supervisory investigations. EC 6: DNB has access to and uses internal risk management reports, Internal Audit reports and reports of External Auditors. EC 7: As noted above (EC 4), the actual level of provisions is determined by the external auditor in line with accounting principles. Although DNB has no direct power to require a bank to increase its level of provisions, it will discuss the adequacy of provisions with the management of the bank and the external auditor if it judges that the level of provisions is inadequate based on its own assessment of risks or likely recoveries. In the event that DNB judges that the level of provisions is not adequate it has the power, by virtue of DPR Sections 3:18 and 3:18a to require a bank to increase its financial strength, e.g., by placing restrictions on the payment of dividends or raising new capital. Recently, the authority for DNB to correct valuations was introduced more directly, through DPR Section 89. EC 8: The assessment of classification of credits and assets is covered in the assessment of EC 2 and 3. The power to require additional provisions is discussed in the assessment of EC 7. EC 9: The Regulation on solvency requirements for credit risk, chapter 4 (“credit risk mitigation”) provides for requirements and methods to value collateral, guarantees and other risk mitigates that may be taken into account for in the calculation of solvency requirements. Either an estimation of the net realisable value or a haircut on market value is applied. These valuations are subject to periodical assessment. EC 10: Asset impairment criteria are contained in accounting principles applied by the external auditor. EC 11: Internal management information on the quality of the asset portfolio, arrears, defaults, provisions etc., is discussed with relevant board members and senior management during routine on-site supervision. EC 12: Since large exposures do not qualify for a retail (portfolio) approach under IRB, the valuation, classification and provisioning of these exposures must be done on an individual exposure basis. AC 1: For IRB banks, DPR Section 1 defines exposures as in default if they are in arrears for more than 90 days. For banks using the standardized approach (Chapter 2 of the Regulation on solvency requirements for credit risk), payments that are in arrears exceeding 90 days will receive a higher capital charge based on Section 2:33 of the aforementioned Regulation.
Assessment	Compliant.
Comments	The external auditor is vested the responsibility to audit the adequacy of provisioning for impaired assets which primary responsibility is with the management of each bank thereof. NIVRA provides and protects the quality and integrity of the auditing profession by its licensing requirements and permanent education. The provision methodology is based on IFRS (& Dutch GAAP, i.e., the DCC), in which framework only incurred losses are provided against. For the purposes of assessing the adequacy of provisions against expected losses (as opposed to the incurred loss approach contained in IFRS) DNB uses the Basel II/CRD IRB framework. This framework does not distinguish conceptually between provisions and required capital, since capital requirements vary according to a bank’s own estimates of its potential losses. According to DPR (art 94-2-f-1/92-2-c), a correction on the IFRS equity is made for the difference between the expected loss as calculated under the IRB methodology and the incurred loss (excess/shortfall) shown in the accounts. See COREP 1.3: “deductions from original and additional own funds” especially line 1.3.7: “IRB provision shortfall and IRB equity expected loss amounts”. The expected losses are calculated based on IRB models as approved by DNB and internally validated. IRB models are used by all large Dutch banks and some small banks. They consequently cover the far majority of the banking population (in balance sheet total). Apart from an extensive validation process, DNB also conducts an annual IRB health check. This consists of off-site and on-site examination of i.e., model governance, use test, monitoring, back testing, model validation, review of expected losses versus provisioning. Further, DNB-amongst others-imposes the CRD default definitions and best estimate LGD regarding problem assets. For small banks using the Standardised methodology no such adjustments are made. In these cases expected losses are taken into account in the ICAAP/SREP process of pillar 2 of the Basel accord. The required capital is increased in accordance with the expected (but not incurred) loss.
Principle 10	Large exposures limits. Supervisors must be satisfied that banks have policies and processes that enable management to identify and manage concentrations within the portfolio, and supervisors must set prudential limits to restrict bank exposures to single counterparties or groups of connected counterparties.
Description	AFS Sections 57 (6) and (7) in conjunction with DPR Sections 1 and 102, provide the legal basis for DNB’s specific regulations on large exposures for banks, investment institutions and clearing institutions. The specific regulations are provided for in Section 7 of the Regulation on solvency Requirements for Credit Risk. (RSK) This legal framework for large exposures is based on the CRD. EC 1, 2 and AC 1: The actual large exposure limit of 25 percent own funds is set in DPR Section 102, while the definitions in DPR Section 1 include those for large exposure is defined as any exposure which exceeds 10 percent of the own funds of the institution. Exposures are defined to include both on- and off-balance sheet items. EC 3: The large-exposure rule includes exposure limits (in percentages of the actual own funds) and risk reporting requirements (Section 7:5 of the Regulation on solvency requirements for credit risk). In order to comply with the reporting requirements regarding large exposures, banks must have management information systems in place which enable them to identify and report concentrations within their portfolios in a timely manner. The reporting system also enables the management of banks and therefore DNB to monitor compliance with the large-exposure regulations. Large exposures are reported quarterly to DNB on both a consolidated and solo basis, except where individual banks have been explicitly exempted from solo reporting in accordance with DPR. Quarterly reporting is more frequent than the minimal requirement set by the CRD. DNB will continue this frequency under the adjustments following from Directive 2009/111/EC amending the CRD (CRD II). EC 4: The concentration and correlation of risks is addressed within the framework of each individual bank’s (credit) risk analysis and the periodical on-site inspections by DNB. Institutions are required to perform systematic analysis of risks, taking into account the concentration, geographical, currency and single risk deriving from large exposures. EC 5: DNB has the power to require banks to take remedial actions in cases where concentrations appear to present significant risks. Within Pillar 2, banks are required to assess and address risk concentration in their portfolio through the ICAAP. Examples are geographical or sector concentrations. For a specific concentration risk, i.e., country concentrations, DNB has published a Policy Rule to provide transparency on how DNB would prefer that institutions address this specific concentration risk (see also Principle 12).
Assessment	Compliant.
Comments	In the context of the CRD II, the large exposure regime is currently being adjusted. The new regime that was implemented by end-2010 will reinforce DNB’s surveillance of large interbank exposures. Furthermore, in the context of CRD II, CEBS has published specific guidelines in order to achieve consistency across supervisory authorities across Europe. DNB is in the process of implementing these guidelines and will implement and enforce these guidelines at the same time as the new large exposures regime.
Principle 11	Exposures to related parties. In order to prevent abuses arising from exposures (both on-balance and off-balance sheet) to related parties and to address conflict of interest, supervisors must have in place requirements that banks extend exposures to related companies and individuals on an arm’s length basis; these exposures are effectively monitored; appropriate steps are taken to control or mitigate the risks; and write-offs of such exposures are made according to standard policies and processes.
Description	See also more detailed description in the comment section to this CP. EC 1: The AFS requires banks to pursue an adequate policy that safeguards controlled and sound business operations (AFS Section 3:17). In addition, DPR Section 11 requires that financial services provided by institutions to persons, managers, shareholders, and other related parties takes place only in the course of the normal business operations and against the usual commercial terms and conditions and collateral (price setting based on at arms length principle). However, the definition does not include the broad range of related parties referred to in the footnote to this EC. EC 2: The AFS requires banks to take measures to prevent conflicts of interests (Section 3:17 Paragraph 1a and DPR Section 11). In addition, banks are obliged to pursue a policy and to clearly document procedures aimed at managing relevant risks with regard to the acceptance, revision, renewal and refinancing of loans (DPR Section 23 and 23a). EC 3, 4: The AFS obliges banks to take measures to prevent the financial enterprise or its employees from committing offences or other transgressions of the law or perform acts that are contrary to generally accepted standards in the financial markets (Section 3:17 Paragraph 2). This requirement provides the basis for DNB to discuss compliance of banks with the more general requirements relating to addressing conflicts of interests. Examples of relevant rules in this respect are: The DCC (Sections 2:146 and 256) that requires companies to take certain measures to prevent a conflict of interest between the company and one or more of its directors. The Netherlands’ Corporate Governance Code. Compliance with the code is mandatory for Dutch exchange listed companies, but is considered a generally accepted standard that also applies to non-listed companies. The Code requires supervisory board members to avoid conflicts of interest between the company and the supervisory board members (Principle 3.6). The Netherlands’ Banking Code is a code designed by the banking sector itself in response to the financial crisis. This Code has subsequently been embedded in Dutch legislation. It requires, inter alia, that the supervisory board is independent of the company (Principle 2.1). EC 5: The large exposures rules, including its provisions and CEBS guidance on connected clients, apply to single exposures to related parties. In accordance with the revised large exposures framework (2009/111/EC, the “CRD II”), a stronger emphasis will be placed on intragroup exposures and further guidance will be provided on the definition of connected clients. With respect to capital deductions, DPR Section 94(2) requires that the institution’s own funds are deducted by qualified participations in financial holdings (i.e., where the institution owns more than 10 percent of the outstanding shares). For participations in non financial entities, where the institution has 10 percent of the outstanding shares, the value of the participation shall not exceed 15 percent of the institution’s regulatory capital. For the qualified participations as whole, a limit of 60 percent of the regulatory capital applies (Section 140 of the Decree). Both provisions are in compliance with the CRD. EC 6, 7: DNB adopts a principles-based approach that is aimed at addressing possible conflicts of interest and preventing abuse arising from exposures to related parties, rather than relying on detailed formal requirements. If DNB is of the opinion that in a specific situation, a bank is in violation of these regulations, DNB has several instruments available to enforce the AFS (see CP 1(4)). Informally, during its day-to-day supervision on banks, DNB makes use of moral suasion to ensure the independence of the supervisory board and its standards in respect to the situation where the shareholder of the bank participates in the board of the bank.
Assessment	Largely Compliant.
Comments	DNB does not set any specific limits on exposures to related parties or on intra-group transactions. DNB argues that provisions of the AFS Section 3:17 provide an adequate legal basis for controlling related party lending, although this section does not make a specific reference to such lending. The relevant section stipulates that a credit institution shall organise its operations in such a way as to safeguard a controlled and sound business operations and that rules shall be laid down with regard to (inter alia) the control of business processes and business risks (in general); and more specifically with regard to integrity. DNB interprets this to mean the prevention of inter alia: conflicts of interest; and relations with clients that could damage confidence in the financial institution, or in the financial markets. This enables DNB to require that credit institutions set adequate limits with respect to intra group exposures and other related parties. The definition of a related party is based on the DCC. DNB makes extensive use of “moral suasion” to ensure that such limits are set and complied with. The assessors found no evidence to suggest that related party lending is, or has been, a significant issue in the Netherlands, and therefore this relatively informal system of control may be judged effective. Nonetheless for purposes of full compliance with CP11 DNB needs to put in place a more formal framework of limits and prohibitions on lending to related parties. These should include, for example, hard limits on lending to other group companies and prohibitions on lending to directors and shareholders beyond a specified (low) threshold.
Principle 12	Country and transfer risks. Supervisors must be satisfied that banks have adequate policies and processes for identifying, measuring, monitoring and controlling country risk and transfer risk in their international lending and investment activities, and for maintaining adequate provisions and reserves against such risks.
Description	EC 1, 2: The basis for the assessment of country risk is the ICAAP. DNB evaluates the ICAAP on an annual basis by performing its SREP analysis, (AFS Section 3:18a and DPR Section 25a). The SREP is intended to establish that an undertaking’s solvency management is sound and that its own funds are sufficient to absorb the risks inherent in its activities. The SREP includes an assessment of a firm’s country concentration risk control. Although DNB places the primary responsibility for taking into account country and transfer risk on the bank itself, it recently (July 15, 2010) published a Policy Rule on “the treatment of concentration risk in emerging countries”. The Policy Rule builds on the requirements set out in AFS Section 3:17 and DPR Sections 23, 24a, and 25a. These sections require that a bank should have sound, effective and comprehensive strategies and procedures to enable it to monitor on an ongoing basis the level, composition and allocation of its equity capital to match the scale and nature of its current and future risks. The Policy Rule on the treatment of concentration risk in emerging countries has been provided to ensure that all Dutch licensed banks adopt a more harmonised approach. The Policy Rule appears to have been designed to bring about changes to the business models of certain entities, especially subsidiaries of foreign banks. EC 3: DNB has not set out a framework for the setting of appropriate provisions for country and transfer risk. However, it seeks to obtain the same outcome by the requirement to address concentration risks under Pillar 2 of CRD (i.e., the ICAAP/SREP process). Undertakings must themselves assess the level of country concentration risks they are running and which supplementary measures to control country risk, such as the limitation of concentrations, are necessary. Where the bank’s internal controls fail to prevent excessive country risk concentrations, DNB’s Policy Rule requires the undertaking to increase its level of own funds. This policy is an integrated part of the ICAAP/SREP process. Under the Policy Rule referred to above, institutions that are assessed to have a high concentration of risk in certain emerging economies are required to hold a capital buffer in addition to that which would normally be assessed under the ICAAP/SREP process. Potential losses are based on material country concentrations, less the credit risk mitigation that is permitted under the Policy Rule. Only material country risks that exceed a 5 percent threshold have to be taken into account. Although there are no strict limits per country banks with concentrations that exceed 20 percent of their balance sheet are required to wind them down as soon as possible (Section 4, diversification table of the Policy Rule). Large concentrations will lead to capital surcharges. Following from the recognition of certified IRB models as a (possible) substitute for applying the Policy Rule on country concentrations, the actual scope of the Policy Rule is largely limited to smaller institutions. EC 4: Reporting of country risk exposures to DNB is through a combination of normal supervisory returns (capital adequacy and large exposures in particular) and through examination of internally generated risk reports under the ICAAP/SREP process.
Assessment	Compliant.
Comments	Although DNB’s approach to setting appropriate provisions for country risk does not draw on any of the possible approaches discussed in EC 3, its assessment of risk concentrations under the ICAAP/SREP process combined with its policy of requiring additional capital for concentrations of country risk that it deems excessive achieves the same purpose as envisaged in this EC and therefore DNB is considered to be compliant with it.
Principle 13	Market risk. Supervisors must be satisfied that banks have in place policies and processes that accurately identify, measure, monitor and control market risks; supervisors should have powers to impose specific limits and/or a specific capital charge on market risk exposures, if warranted.
Description	EC 1: DPR Section 23 stipulates the qualitative requirements to which financial institutions must adhere. These requirements specifically detail the policies and measures to control market risk and how they must be integrated in the company processes. The policies and procedures should contain authorisation procedures, limit setting, limit adherence and measures to be taken in case of emergency situations. The policies and procedures depend on the nature, size, risk profile and complexity of the trading activities of the institution. Each institution must have an independent risk management function which role it is to identify, measure and evaluate the risks the institution is exposed to through its trading activities. EC 2: The Regulation on solvency requirements for market risk requires each bank to have in place limits that must be approved by the board. In addition, the Regulation stipulates that the active management of positions held with trading intent shall be performed in conformity with a clearly documented trading strategy approved by senior management. The trading strategy needs to include clearly defined policies and procedures, covering, at a minimum, which positions may be entered into by a trading desk; which position limits apply and how they are monitored for appropriateness; the extent to which dealers of the financial undertaking have the autonomy, within the limits of the trading strategy and within the position limits, to take positions; the reporting of positions to senior management as an integral part of the financial undertaking’s risk management process; and the active monitoring of positions with reference to market information sources, in particular with respect to the assessment of the marketability or hedge ability of these positions or their risk components. Compliance with these requirements is assessed by DNB through a system of targeted on-site examinations. EC 3: The Regulation on solvency requirements for market risk requires valuation policies covering the frequency of valuation, frequency of verification procedures, mark-to-market vs. mark-to-model and the use of market data. The valuation is subject to an independent price verification which verifies the applied market prices and model inputs. EC 4: The Regulation on solvency requirements for market risk requires banks to have adequate risk measurement programs including stress testing, scenario analysis, validation and testing of market risk measurements. In addition, at least once a year firms are required to evaluate the entire risk management processes, including amongst others the documentation of risk management policies, the management information systems, the valuation processes and the independent valuation verification, the nature and measurement market risks and the back testing process. All models used for solvency calculations need to be approved by DNB. In addition, the programme of back testing needs to be approved by DNB and its results are submitted to DNB each quarter. AC 1: See EC 3 above. More specifically, the Regulation on solvency requirements for market risks stipulates that the valuation shall be subject to independent price verification by regularly checking the market prices or model inputs for accuracy and independence. The independent verification of market prices and model inputs is required to be performed at least monthly, or, depending on the nature of the market or trading activity, more frequently, by a unit independent of the dealing department.
Assessment	Compliant.
Comments
Principle 14	Liquidity risk. Supervisors must be satisfied that banks have a liquidity management strategy that takes into account the risk profile of the institution, with prudent policies and processes to identify, measure, monitor and control liquidity risk, and to manage liquidity on a day to day basis. Supervisors require banks to have contingency plans for handling liquidity problems.
Description	EC 1: DNB sets both qualitative and quantitative guidelines for liquidity management. The legal basis for DNB’s liquidity requirements are AFS Chapter 3, Part 3.3.7, Sections 3.63, 3:64, 3:65, 3:66. Chapter 11 DPR and Section 3:17, second subsection AFS and DPR Chapter 4. The quantitative requirements measure the assets available to the institution to meet its immediate liquidity needs (a “stock” concept) against standardised assumptions of net negative cash outflows based on the maturity profile of liabilities over both a one week and one month time horizon. Liquid assets are defined to include marketable securities, including those eligible for discount with the ECB. Different categories of marketable instruments are subject to a range of haircuts to reflect their liquidity. Banks report their liquidity position on a monthly basis using a standardised regulatory liquidity report (7029–Instruction for 8029, Large Exposures Liquidity (2003)). The qualitative requirements on sound liquidity risk management are based on DPR “Controlled pursuit of the business operations. This requires high level standards to be set with regard to the qualitative requirements on risk management, organization and control for all types of risk. The high level standards are principle-based but more detailed guidance is used in the supervisory practice. This guidance is based on the updated Basel Principles for sound liquidity management and supervision (BCBS September 2008). EC 2, 3: DNB monitors banks’ internal liquidity management strategies and processes by means of the FIRM framework. Liquidity risk is one of the components of the FIRM score and for each institution there is a factsheet dedicated to liquidity risk in which the liquidity position and the liquidity controls/management are scored. The supervisory response over the coming year is determined by this score. It can range from regular talks with the Treasurer, the CRO and the CFO and a monthly standardised liquidity report (basis programme) to specific actions (intended to mitigate specific risks. The assessment of the supervisor is benchmarked within DNB by both a group of risk experts (including inspectors and policy advisors similar to the expert groups as described under the principles for market and credit risk) and the management of the BSD. Ultimately the supervisory risk assessment is also shared with the Board of the supervised institution. EC 4: In addition to the measurement of net funding requirements referred to in EC1, in future DNB proposes to use a more integrated approach to assessing liquidity risk which will include both an ILAAP and a SREP-like approach with regard to the assessment of liquidity risk of a firm and the minimum liquidity requirements set for that firm. According to that process extra liquidity requirements may be formally set for an individual firm in addition to the standard minimum liquidity requirements. Stress testing will be part of the ILAAP (Pillar 2 requirement). Additional liquidity requirements are already set in individual cases or with regard to a specific group of banks. The Basel Principles will be used in the context of the SREP-like procedure with regard to liquidity risk management. In the end the ILAAP/SREP procedure, the Basel Principles and a revised reporting and test system–taking into account CEBS guidance and Basel standards–and a data interface system should be integrated in a reviewed liquidity supervision system. DNB intends to introduce these procedures from December 31, 2010 as part of the CRD II implementation. EC 5 and AC 1: The standardised liquidity report is in Euro only and does not distinguish between major currencies. However, commencing in the second half of 2007, DNB started closer monitoring (via the implementation of a crisis monitoring team) of the liquidity position of a selected group of firms, including all large banks. High frequency reporting has been required, if necessary nearly daily and at least weekly. In this context wholesale run-off scenarios must be reported, in all major currencies. Monitoring includes close monitoring of possible run-offs and the application of stricter requirements with regard to the definition of wholesale funding, e.g., a 100 percent run-off of fiduciary funds, more restricted recognition of received collateral (e.g., not recognized as liquidity buffer component if it is not already registered at the respective central bank) and stricter monitoring of liquidity positions (mismatch) in foreign currencies. EC 6: As part of the enhanced liquidity monitoring regime introduced in the second quarter of 2007, some banks have been encouraged to strengthen their liquidity positions, e.g., upgrading contingency positions, hedging FX positions, reconsidering usage of ECB tender programs or state guaranteed funding programs. A reverse stress treatment has also been applied on the assumption of a full run off during a 2-3 month period. Where necessary supervision has set individual liquidity requirements (above the regulatory minimum) for individual institutions. In addition, the crisis monitoring team also initiated several thematic qualitative assessments e.g., assessment of liquidity funding plans, adequacy of liquidity contingency plans and the analyses of the development of the actual funding profiles. The outcomes of these kinds of assessments were and are discussed with top management of the institutions under supervision. AC 2: As part of ongoing supervision the funding mix and strategic (money and capital) market access is discussed with the banks. In the semi-annually performed funding profile analysis, market access and liability diversification are two of the topics that are looked into. In this analysis special attention is paid to the liquidity of the assets that are used as liquidity buffer. The capacity to sell assets in case liquidity is required is assessed assuming stressed markets. All these elements will be integrated in the ILAAP assessment that will be performed at least annually, starting 2011.
Assessment	Compliant.
Comments	Given the experience of the financial crisis and also taking into account the liquidity requirements envisioned in Basel Ill, DNB is in the process of enhancing the minimum quantitative liquidity standards. These new minimum standards are planned to become effective as of December 31, 2010. The new requirements refine, but do not fundamentally change the basic framework for liquidity management that DNB has operated since 2003. On December 31, 2010 DNB intends formally to implement the September 2008 Basel Principles on Liquidity Risk Management as part of its implementation of CRD II. DNB has already issued a draft version of the proposed “Regulation on liquidity” (implementing CRD II) for consultation. The revised guidance also takes account of the CEBS’s technical advice to the European Commission on liquidity risk management (CEBS September 2008)’, and CEBS’s ‘Guidelines on Liquidity Buffers & Survival Periods’ (CEBS December 2009). The assessment team recommends that DNB’s standardised liquidity report be amended to permit analysis according to major currencies. This could replace the ad hoc reporting system introduced during the crisis.
Principle 15	Operational risk. Supervisors must be satisfied that banks have in place risk management policies and processes to identify, assess, monitor and control/mitigate operational risk. These policies and processes should be commensurate with the size and complexity of the bank.
Description	EC 1: Each authorized bank in the Netherlands is required to organize its operations in such a way as to safeguard controlled and sound business operations (AFS Section 3:17 and 3:18). With regard to AFS Section 3:17 (1) further rules have been laid down in DPR Chapter 4, 5 and 10. Chapter 4 concerns the control of business processes and business risks, integrity and the soundness of the financial enterprise, which includes the control of other risks, including operational risk, that may affect the soundness of the financial enterprise. Chapters 5 and 10 concern outsourcing and operational risk solvency requirements respectively. In addition, DNB has implemented the CRD and CEBS-guidelines through supervisory rules (“Regulation on solvency requirements for operational risk”). Under these requirements, firms are required to meet specified general risk management standards which include ‘robust governance arrangements’ that are ‘comprehensive and proportionate to the nature, scale and complexity’ of the firms’ activities. EC 2: The board of each bank is responsible for the bank’s strategies, policies and processes for the management of operational risk. DNB holds the board responsible for compliance with these strategies and policies, which is explicitly reflected in our assessment frameworks (IT, AMA, etc.) EC 3: DNB periodically assesses, in accordance with the rules laid down in the DPR, the strategies, procedures and measures pursuant to Section AFS 3:17 AFS. DNB’s assessment of the board’s compliance with supervisory requirements is contained in its Risk Assessment Framework and forms a component on the FIRM methodology. Supervisory activities are prioritized based on the outcome of these assessments. Operational risk related items can be found throughout the different work programs since operational risk is embedded in all the business activities. Moreover, DNB has defined specific instruction sets for IT risk (e.g., for change management and for information security and monitoring), outsourcing risk and operational risk. In Spring 2010 an extensive examination of banks that have implemented the Advanced Measurement Approach for Operational Risk (AMA) took place. For the AMA-examination a specific highly detailed evaluation scheme had been prepared. As a follow-up on this examination it is planned to continually revise and update these evaluation schemes. EC 4: Business Continuity Management (BCM) for systemically relevant banks is assessed on an annual basis using the Assessment Framework for Business Continuity Planning (BCP) Financial Core Infrastructure (Ref .TRIM. 2008/316107) and the BCM assessment framework (Ref. TRIM 2005/63169). For all other banks BCM is assessed periodically on a risk-based (FIRM) approach. In addition to the explicit focus on BCM, DNB also organizes a yearly Market Wide Exercise helping banks to test or rehearse their internal and external crisis management and crisis communications processes and procedures. EC 5: Information Technology Risk is an integral part of DNB’s risk assessment methodology. The requirements set out in Section AFS 3:17 and DPR Chapter 4 are fully applicable to Information Technology Risk. Information technology related risks are supervised by a dedicated group of IT risk experts (Expert Centre ICT supervision, consisting of 16 FTE posts) in close cooperation with general supervisors, focusing on IT -governance, IT-security, systems availability, and management. EC 6: In the normal course of supervision significant attention is paid to the risk management framework of supervised institutions. This emphasis is in line with DNB’s “three lines of defense” model (see Section 6, above). DNB regularly requests information generated by the second and third line of defense (and if needed from the first line as well) and as such receives a variety of reporting items from Internal Audit, Operational Risk Management (ORM), Information Risk Management (IRM), Legal & Compliance etc. In addition, the adequacy of systems of control in respect of operational risk are assessed during both the initial approval stage for banks to use the Advanced Indicator Approach (AIA) for the calculation of their operational risk capital charge and DNB’s on-going assessment of their compliance with the relevant criteria. EC 7: Legal risk is an integral part of DNB’s risk assessment methodology (FIRM). The requirements set out in AFS Sections 3:17 and 3:18 AFS and DPR Chapters 4 and 5 DPR are equally applicable to legal risk. EC 8: Outsourcing risk is an integral part of DNB’s FIRM risk assessment methodology. The requirements set out in Section AFS 3:18 and DPR Chapter 5 are specifically applicable to outsourcing risk. A detailed risk assessment framework and specific guidance on outsourcing risk is available for supervisors. Outsourcing risk is benchmarked (as part of the RAP) in the Outsourcing Risk Knowledge Network on an annual basis. AC 1: DNB expects large, internationally active banks to implement the AMA on a group-wide basis. For those banks, group-wide supervisory activities are coordinated through supervisory colleges. Additional risk categories in certain operationally intensive business (e.g., custody and correspondent banking) are included in the FIRM definition of Operational Risk, and are taken into account in the supervisory process.
Assessment	Compliant.
Comments	DNB’s current FIRM operational risk definition differs from the supervisory framework provided by Basel and related supporting guidance (CEBS). DNB’s risk assessment methodology does however address all relevant items of operational risk and as such all relevant items of operational risk are addressed in the supervisory activities of DNB. As part of DNB’s VITA project, a new or revised version of the RAM is being introduced.
Principle 16	Interest rate risk in the banking book. Supervisors must be satisfied that banks have effective systems in place to identify, measure, monitor, and control interest rate risk in the banking book, including a well defined strategy that has been approved by the Board and implemented by senior management; these should be appropriate to the size and complexity of such risk.
Description	EC 1: DPR Chapter 4 requires banks to have adequate systems and procedures to identify, measure and manage their risks. The requirements for the bank’s board to approve, review and implement an interest rate risk strategy and policy are laid down explicitly in DPR Section 23 (2). The FIRM methodology contains a factsheet for interest rate risk in the banking book. This factsheet requires the supervisor to score the bank’s inherent risks, internal controls (including policies, systems, and the involvement of the bank’s board) and vulnerabilities. Each bank’s assessment is benchmarked within DNB by both a group of interest rate risk experts (including inspectors and policy advisors) and by the management of the BSD. Ultimately, this supervisory risk assessment is shared with the bank’s board. Depending on the outcome of the assessment, the follow-up may range from regular talks with ALM management of the bank, off site examinations of the bank’s management information (ALM reports, minutes of ALCO meetings) to a full fledged and in-depth inspection of the ALM function (including governance and involvement of the Board) on-site. EC 2: DPR Section 23(d) requires banks to have adequate systems to assess and manage the interest rate risk in the banking book. Banks have to report on a consolidated basis several key figures: their forecast for the interest rate margin over 1 and 2 years, the economic value of equity, the impact of the standard stress scenario on earnings (Earnings-at-Risk/earnings-prospective to interest rate risk) and on economic value of equity (EVE/value perspective) and the present value of a basis point (PV01). The information is used to test the bank against the outlier criterion (loss of 20 percent EVE). DNB has published guidelines on the measurement of interest rate risk in the banking book to assist supervisors in the assessment (“Guidelines on interest rate risk in the banking Book”, publicly available at the ‘Open Book’ section of DNB’s website). Supervisory assessment of interest rate risk limits, adequacy of measurement methods and systems, as well as competence of ALM staff are covered by the FIRM and SREP methodologies. If considered necessary, supervisory follow-up/measures can range from instructions to the Board of the bank to enhance systems and measurement methods as well as strengthen the interest rate risk management function and governance (decision making in ALCO, segregation of duties), as well as measures to reduce the risk position and impose additional capital requirements under Basel II Pillar 2. EC 3: The obligation for banks to regularly stress test the economic value of their equity is implicitly laid down in DPR Section 25(b). According to this section, DNB is required to take measures if the economic value of equity of a bank would drop by more than 20 percent in a stress test to be defined by the DNB. DNB requires banks to calculate this stress test with the standard, parallel shift of the yield curve with +/- 200 basis points. On a quarterly basis, according to DNB reporting framework, banks have to calculate and report the results of this standard stress test. Note that the impact of these stress tests is not only reported in terms of the potential loss of economic value but also in terms of earnings-at-risk. Based on these supervisory reports, DNB determines which banks are “outliers”. The outlier criterion is one, but not the only, element in determining appropriate supervisory follow up which may range from discussions with the bank’s board to an instruction to reduce risk positions and/or hoard additional capital. In addition to these parallel shifts, DNB expects banks to include in their internal ALM management information also other stress scenarios with non parallel shifts (twists) of the yield curve to the extent relevant. AC 1,2 and 3: The SREP includes an assessment of the risk management and interest rate positions of a bank. In the SREP of a bank, DNB discusses interest rate risks and controls in the Basel II, Pillar 2 dialogue with the Board of the bank. In the context of this SREP and the assessment of the bank’s ICAAP, the bank’s (economic capital) model/methodology and assumptions for interest rate risk in the banking book are assessed by DNB, taking into consideration the size, nature and complexity of a bank’s interest rate risk profile. In the SREP process, the ICAAP of a bank and the bank’s practice in both modeling/measurement and management of interest rate risk in the banking book are benchmarked against the practice encountered by DNB at other, comparable banks. Moreover, under Basel II, Pillar 2 banks are explicitly required to implement the relevant CEBS guidelines on “Technical aspects of the management of interest rate risk arising from nontrading activities under the supervisory review process” (October 2006). This includes the calculation of the impact on the economic value of equity of the standard shock (+/- 200 basis points) to the yield curve. In the event that a bank fails this test, DNB would be obliged (DPR Section 25b) and empowered (AFS Section 3:111a) to take measures, which may include requiring additional capital for interest rate risk in the banking book. The larger systemic relevant banks participate yearly in a macro stress test organized by DNB. This stress test includes non parallel shifts of the yield curve and their impact on the interest rate margin and the capital of the banks involved. Several banks also participated in the CEBS stress test (July 2010). Finally, in the context of Basel II, Pillar 2 banks are required to perform a set of own stress tests tailored to the risk profile of the bank and this set includes stress tests for interest rate risk in the banking book. Under Basel II, Pillar 2 banks are explicitly (DNB Policy Rule on Principles for the Implementation of Pillar 2 of the Basel II Capital Accord, Annex B) required to implement the relevant CEBS guidelines regarding stress testing. AC 4: The segregation of duties and the independence of risk functions within a bank are required according to the general provisions of DPR Section 23. DNB assesses the governance of the ALM function, the adequacy of decision making processes in the ALCO committee (including Board members) and the execution of the ALCO decision with approved limits and controls by the Treasury function of the bank.
Assessment	Compliant.
Comments
Principle 17	Internal control and audit. Supervisors must be satisfied that banks have in place internal controls that are adequate for the size and complexity of their business. These should include clear arrangements for delegating authority and responsibility; separation of the functions that involve committing the bank, paying away its funds, and accounting for its assets and liabilities; reconciliation of these processes; safeguarding the bank’s assets; and appropriate independent internal audit and compliance functions to test adherence to these controls as well as applicable laws and regulations.
Description	EC 1: The DCC contains a number of sections specifying in general terms the responsibilities of the management of companies. Individual managers are responsible to the legal entity for the adequate fulfillment of their duties (DCC, Section 2:9). Furthermore, individual managers may be held personally liable in case of unseemly behavior, if such behavior results in the bankruptcy of the company (DCC, Section 2:138). The AFS (Sections 2:12, 3:8 and 3:9) contains requirements regarding the expertise and trustworthiness of the board members and other managers involved in the day-to-day policy making at the institutions. Furthermore, AFS Section 3:17 prescribes that each financial undertaking has a “clear and adequate organizational structure” as well as “clear and adequate division of tasks, authorities and responsibilities”, which may/has to be aligned with the nature, size, risks, and complexity of the particular financial undertaking”. The Netherlands’ Corporate Governance Code (see a brief description of the Code itself in CP 11) describes the responsibilities of boards of banks which are publicly listed on the Dutch Stock Exchange. Major non-listed Dutch banks such as ABN Amro and Rabobank have voluntarily adopted the Code. The application of the Code is monitored annually by the Netherlands’ Corporate Governance Code Monitoring Committee. Furthermore external auditors produce statements on compliance by individual companies. This statement is contained in the annual report of these companies. As from 2010 the Netherlands’ Banking Code has been incorporated in the DCC and therefore applies to all Dutch banks which are licensed by DNB. In their annual reports, banks must disclose (based on DCC Section 2:391 (5)) their level of compliance with the Code (“Comply-or-explain-principle”). The application of the Code will be monitored annually by the Banking Code Monitoring Committee. EC 2: The adequacy of controls is frequently discussed by supervisors with the management and supervisory boards of the banks. Audit reports (both from internal and external auditors) are discussed with auditors as well as with management and board members as appropriate. During on-site-examinations within business lines or group control functions, significant attention is given to the design and effectiveness of controls. During on site examinations and periodic meetings the findings of internal audit function and compliance function are included in the review. Within DNB’s supervision department, a significant number of supervisors have specialized in corporate governance issues. These supervisors are supported by policy department experts. During the annual RAP, all banks are benchmarked against corporate governance standards. This leads to a “calibration” of risk scores which are given to all banks for control categories such as Organization, Management and Audit. The detailed assessment criteria used in this process are part of FIRM. These risk scores are shared with the management and supervisory boards of the banks. See also CP 19. EC 3: In addition to the assessments referred to under ECs 1 and 2, understanding of risk and commitment to control are monitored through frequent meetings with board members and senior management in which specific business or control activities are discussed. DNB also has meetings with representatives of the Supervisory Board (for example the Audit Committee). An identified lack of knowledge or commitment is discussed with more senior management. See also CPs 19 and 20. EC 4: Each individual board member has a personal “license-to-operate” granted by DNB. This is based on AFS Sections 3:8 and 3:9. DNB can decide that an individual board member is no longer fit-and-proper and thereby revoke the license-to-operate if at any time it decides that the individual fails to show sufficient risk awareness or emphasis on internal controls. On occasions, where DNB has serious doubts about the performance of senior management, it first uses moral suasion to convince the Board to replace these managers. If this has no effect, further more formal measures are applied within the legal powers given to DNB. EC 5: The balance of the skills and resources in the back office and control functions relative to the front office/business origination form part of DNB’s assessment of business plans during the licensing process and as part of on-going supervision. During on-site examinations and periodic meetings, significant attention is given to these aspects. EC 6: DPR Section 21 prescribes that each financial undertaking possesses an independent compliance function responsible for supervising compliance with relevant laws and (internal) regulations. DNB assesses the quality, independence and the effectiveness of the compliance function as part of regular supervisory activities. The performance of the compliance function is monitored during on-site-examinations and in periodic meetings. Furthermore regular meetings are held with management of the compliance function and responsible board members and reports provided by the compliance function are reviewed. EC 7, 8: Reference is made to DPR Section 3:17 as discussed above under EC 1. Furthermore, in accordance with DPR Section 24, each financial undertaking has to verify in a systematic manner that internal rules and procedures are being observed and has to ensure that identified shortcomings or deficiencies are remedied. In general, this task is performed by independent internal auditors. DNB periodically reviews the functioning of the internal audit function, its audit charter, audit planning, its independence, reporting lines, quality assurance system, resources and the audit methodology during on-site inspections. Follow-up by management of the internal audit’s reports is also reviewed. The supervisor has unlimited access to the files of the internal audit function. Assessing the quality, independence and effectiveness of the internal audit function is also performed through other regular supervisory activities. Performance of the audit function is monitored during both on-site examinations in all areas and by specific examinations of the internal audit function. Furthermore, frequent meetings with management of the audit function and responsible board members are held. In the annual risk analysis the internal audit function is assessed and scored individually and benchmarked with other banks. Periodically, DNB performs an industry-wide on-site examination of internal audit functions. Due to the “financial-crisis-related” workload, however the last industry-wide examination was performed in 2005/2006. AC 1, 3: No financial institutions in the Netherlands have made the decision to implement a one tier board. If that were the case, DNB would have the powers to require a number of independent, non executive directors to function on that board based on the Dutch Corporate Governance Code and on the AFS. AC 2: The requirement for the internal audit function to report to an audit committee, or an equivalent structure is covered in the Dutch Corporate Governance Code (principles II. 1, 11.1.4, 111.5, and V.3.1.) and in the Banking Code. This is a requirement that DNB closely monitors in its on-site supervision activities. AC 4: AFS Sections 3.8 and 3.10 provide that banks must notify the supervisor as soon as they become aware of any material information which may negatively affect the fitness and propriety of a Board member or a member of the senior management.
Assessment	Compliant.
Comments
Principle 18	Abuse of financial services. Supervisors must be satisfied that banks have adequate policies and processes in place, including strict “know-your-customer rules, that promote high ethical and professional standards in the financial sector and prevent the bank from being used, intentionally or unintentionally, for criminal activities.
Description	In July 2010, the Netherlands was assessed by the IMF for the implementation of the 49 Recommendations of the Financial Action Task Force (FATF). The AML/CFT detailed assessment is not finalized at the time of the BCP assessment. The report will be discussed during the FATF Plenary meeting in February 2011. EC 1: The framework that regulates Customer Due Diligence (CDD) requirements consists of the following laws: the Money Laundering and Terrorist Financing Prevention Act (‘Wet ter voorkoming van witwassen en financieren van terrorisme’ (WWFT) which came into force on August 1, 2008; and subsequent regulations; and the AFS and DPR. Regarding internal controls, the definition of “integrity supervision” in the AFS and in the underlying regulations (including DPR) encompasses obligations designed to fight Money Laundering (ML) and Terrorist Financing (TF). Integrity supervision is carried out by both DNB and the AFM as part of their ongoing supervisory efforts through regular contacts with the supervised institutions. DNB takes responsibility for monitoring compliance with AML/CFT provisions of banks (among others) and uses its powers to conduct programs of on-site and off-site inspections. AML/CFT issues are included in the normal course of DNB supervision and in its regular discussions with bank management. DNB is able to use the sanctions available under AFS, DPR and WWFT to deal with breaches of AML/CFT requirements. EC 2: The key legislative provisions on controls are in the AFS which require regulated financial entities to have measures in place to prevent transgressions of the law; including necessary controls to create AML/CFT defences as defined in the WWFT and to have policies and measures that must be designed to safeguard controlled and sound business operations. DPR creates a general obligation on financial institutions to have client identification and verification procedures (intended to encompass all the AML/CFT obligations created by the WWFT). AFS also provides for detailed rules to be established in regulations that cover the control of integrity (amongst other things). “Integrity” is defined to cover transgressions of the law and relations with clients that might undermine confidence and the authorities state this encompasses measures to combat ML and TF. This applies to all the requirements of the WWFT and other statutes, including measures on CDD, record retention, the detection of unusual transactions and the reporting obligation. WWFT imposes customer due diligence and reporting obligations on (among others) banking institutions subject to the Act and it is implicit that any person subject to the Act should have sufficient internal controls to ensure that it fulfils these obligations, it imposes an obligation to report unusual transactions to the Financial Intelligence Unit of The Nederlands (FIU). EC 3: DPR requires banks to establish procedures and measures concerning the handling and recording of incidents. Incidents are defined as conduct or events that form a serious threat for the sound pursuit of the business operations of the financial undertaking in question. Banks have to take measures following an incident that are aimed at controlling the risks that have occurred and at preventing repetition. They immediately have to inform DNB about any incidents. EC 4: DPR states that the regulated financial entities should make an analysis of integrity risks, translate policies into procedures and measures and inform all business units of these measures. It is a universal approach to establish a risk profile for every customer which results in categorizing them in one of three to five categories of risk ranging from low risk to unacceptable depending on the institution. The nature and extent of CDD appeared to vary according to the risk profile, as is appropriate. According to the WWFT, a financial institution is not permitted to enter into a business relationship or carry out a transaction if it has not performed or is not able to perform necessary CDD measures. The WWFT clearly lays out the situations in which CDD is required: when entering into a business relationship; if they conduct an incidental transaction in or from the Netherlands for the customer of a minimum value of € 15,000, or two or more related transactions with a minimum joint value of € 15,000; if there are indications that the customer is involved in money laundering or terrorist financing, or when the risk of an existing customer’s involvement in money laundering or terrorist financing gives cause to do so; and if they doubt the reliability of customer identification information previously obtained from the customer. The WWFT requires financial institutions to identify the customer and verify the customer’s identity on the basis of documents, data or information from a reliable and independent source. Beside identification and verification of the identity of the customer, financial institutions are required to identify the beneficial owner and take risk-based and adequate measures to verify the beneficial owner’s identity and, in the case of a legal person, a foundation or a trust, to take risk-based and adequate measures to gain insight into the customer’s ownership and control structure. The financial institution is obliged to determine the objective and envisaged nature of the business relationship. Furthermore, the financial institution is obliged, where possible, to carry out ongoing monitoring of the business relationship and the transactions conducted during the existence of this relationship, in order to ensure that these tally with the knowledge which the institution has of the customer and the customer’s risk profile, and to check the source of the assets where appropriate. A financial institution shall notify the FIU of any unusual transaction already conducted or of an intended unusual transaction. Indicators of “unusual transactions” are set out in the regulations. When met, they trigger the reporting of an unusual transaction. WWFT requires financial institutions to perform “supplementary customer due diligence if and as a business relationship or transaction by its nature entails a greater risk of money laundering or terrorist financing”. The provision aims at establishing a general requirement for financial institutions to apply enhanced due diligence measures in the case of greater risk of ML/FT and then lists 3 specific situations (i.e., non face-to-face business, correspondent banking and politically exposed persons (PEPs) in which the enhanced due diligence should apply. The nature and extent of CDD vary according to the risk profile, as is appropriate. A financial institution that enters into a business relationship with a PEP not residing in the Netherlands shall ensure that the decision to enter into that relationship or conduct that transaction is taken or approved by persons whom the institution has authorized to do so (the individual is expected to be a person designated by the executive board of the institution and that the implication is that the person establishing the relationship will hold a senior position in the financial institution); it takes adequate measures to establish the source of the assets used in the business relationship or transaction; and it applies ongoing monitoring of the business relationship. The DCC contains an obligation to keep administrative records on identification data, account files and business correspondence for legal entities for seven years. In addition, the AWR (Algemene Wet inzake Rijksbelastingen) prescribes that any person or entity, with a fiscal obligation, must retain all business records for seven years. The WWFT requires a regulated financial entity to maintain records relating to a transaction that has been the subject to a disclosure and requires that these records should include customer identity (including identity documentation), the beneficiary, the nature, time and place of the transaction, and the extent, origin and destination of the funds (or other property). These data have to be retained for five years from the time of disclosure. It also requires an entity to maintain records of customer identity, including the full names, addresses and birth date of natural persons, the incorporation documents of legal persons (where incorporated under Netherlands’ law), the verification information, and the nature of services provided. It states that these data on customers should be kept for five years after the business relationship is terminated or for five years after the transaction was carried out (presumably where the customer identification data was obtained for an occasional transaction). EC 5: The WWFT forbids a Dutch bank from establishing or continuing a correspondent bank relationship with a shell bank or to maintain any relationship with a bank that is known to allow a shell bank to use its accounts. It is required to gather sufficient information about a correspondent bank outside the EU to obtain a complete picture of the nature of the business operations. Enhanced CDD is required when a bank enters or has entered into a correspondent bank relationship with a bank in a non-Member State. EC 6: DNB examines the risks posed by each institution from the point of view of the customers, products, and business. This is assessed and updated as part of the regular contacts with the institution, including the inspections and the quarterly meetings. This assessment then prompts the allocation of resources and then priorities for the supervisory process. Regarding the number of inspections undertaken by DNB on AML/CFT related matters, over a period of four years, 58 Dutch licensed banks had been subject to 72 AML/CFT related inspections. EC 7: DNB has the powers under both the WWFT and AFS. The WWFT provides for administrative penalties which can be imposed by DNB for specific breaches of the WWFT. In addition, DNB has powers to impose administrative sanctions under the AFS. These sanctions can be applied in respect of breaches of the law and regulation. The provisions of the AFS can be used to impose requirements for controls to implement WWFT measures and therefore weaknesses in such controls could result in sanctions. EC 8: DPR requires credit institutions (among others) to have an internal audit function. This unit should audit, in an independent manner, the procedures and measures and the structure of the organization at least annually. While there is no direct reference to ML and TF, the provisions apply to all procedures and measures. DNB has access to these audit reports. DPR requires credit institution (among others) to have an independent compliance function. The compliance function is required to verify compliance with statutory rules (including any requirements issued under the WWFT). This means that the compliance unit must verify compliance with any rules or procedures designed to ensure that a regulated entity meets its AML/CFT obligations under the WWFT as well as under the AFS itself. The AFS requires senior officers and owners of certain regulated entities to be subject to a full fit and proper test and there are requirements for some employees to be subject to a properness test. It’s required that senior officers of credit institutions (among others) have expertise and are otherwise fit and proper. The DPR creates an obligation to ensure the properness of staff in integrity sensitive positions. EC 9: DPR requires that all relevant business units are informed of the policy and procedures and measures. The bank has to provide for the execution and the systematic assessment of the policy and the procedures and measures, and that there is independent supervision of the execution of the policy and the procedures and measures with regard to the sound pursuit of the business operations and that there are procedures that ensure that identified shortcomings or defects are reported to the responsible compliance person. Finally, the bank has to have procedures that ensure that identified shortcomings with regard to the sound pursuit of the business operations lead to a fitting adjustment. EC 10: Pursuant to the WWFT, financial institutions and employees of that institution are protected from criminal liability for breach of the criminal code regarding duty of confidentiality, when they report unusual transactions or provide additional data or information to the FIU. Protection from civil liability is also laid down in the WWFT: the institution that made an unusual transaction report pursuant to the WWFT will not be held liable for damage caused to a third party as a result of that disclosure, unless it is demonstrated that no such disclosure should reasonably have been made in view of all the facts and circumstances. EC 11: The WWFT requires DNB to inform the FIU of any suspicious transaction. Moreover, DNB has the authority to share information related to suspected or actual criminal activities with judicial authorities, in contravention to the general confidentiality requirement of the WWFT. EC 12: The WWFT provides for an explicit provision for information exchange between the FIU and the supervisory authorities of the WWFT. In addition, there are provisions relating to the disclosure of information between domestic and foreign supervisory authorities in the AFS, to prosecutors and to others. DNB is able to cooperate with domestic or foreign supervisory authorities and share information with them, under certain conditions. One of the conditions mentioned in this section is the requirement that it has to be for supervisory purposes. The authorities are able to provide information without the need for a formal agreement such as an MoU, although it seeks to conclude such agreements where appropriate. AC 1: Not applicable.
Assessment	Compliant.
Comments	The Compliant rating is based on the following: Banks maintain comprehensive programs, policies and procedures to reduce the risk of endangering the financial soundness of the bank through abuse of its operations and services, including physical safety. Supervisors monitor effectively, as part of their on-going supervisory activities that banks comply with their undertakings. Internal audit and internal controls also contribute to overall oversight. There exist adequate reporting requirements on, e.g., suspicious transactions, both within the bank, to the supervisors, and to relevant judicial authorities. On the relationship between CP 18 and the FATF assessments: AML/CFT issues constitute only a part of CP 18, which encompasses all issues of abuse of financial services, including fraud, embezzlement, robbery, phishing and similar activities. Only those AML/CFT issues which are clearly relevant to the financial soundness of the bank are relevant to CP 18. A separate FATF assessment was in process at the time of this BCP compliance assessment was conducted. (See description in EC 1, above).
Principle 19	Supervisory approach. An effective banking supervisory system requires that supervisors develop and maintain a thorough understanding of the operations of individual banks and banking groups, and also of the banking system as a whole, focusing on safety and soundness, and the stability of the banking system.
Description	EC 1, 3 and AC 1: FIRM is the risk analysis tool that DNB uses for the prudential supervision of financial institutions. Risk-based supervision is the mechanism whereby the supervisory authority deploys its capacity in the most efficient manner possible. In the case of risk based supervision, supervisory resources are targeted at those areas where the risks are or are assessed to be most pronounced. Risk analysis is at the very heart of the supervisory authority’s regular activities. By means of inspections, regular supervision and analyses, risk profiles of institutions and organisational units are drawn up in a well-structured manner and recorded in the FIRM application. This permits meaningful comparisons, which in turn provide a basis for planning an ongoing cycle of supervisory work and for possible interventions at individual institutions. The risk analysis method explicitly reflects DNB’s supervisory objectives regarding solvency, liquidity, business integrity, and organisation and control. DNB distinguishes four main risk categories, i.e., Governance Risks (including strategy risks, quality of management, control functions audit and finance), Financial Risks (including solvency, liquidity, credit, market and interest rate risk), Integrity/Compliance Risks and Operational/IT risks (including outsourcing risk). As part of the regular RAP process, the supervisory teams also prepare “Factsheets”. These sheets are described the risk analysis per sub category, including the supervisor’s justification for the score, and the proposed Supervisory Action (see below). The outcome of the RAP, results in a proposed Risk Based Supervision Program (RBSP), which consists of the following main components (please see Section 6, above, for a more detailed description): Base Program (BP): Risk Identification Program (RIP): Risk Mitigation Program (RMP): Thematic supervisory work based on division wide defined themes: Target reviews/on-site examination work to be executed for all (or a sub-set of) banks. The RAP is performed annually in the fourth quarter. The final product comprises the outcome of the Risk Analysis and the RBSP, including the planning of the supervisory actions throughout the calendar year. Risk Analysis and RBSP are benchmarked and challenged in the Knowledge (Expert) Centres, discussed by management and a so-called “Risk Analysis Panel”. In this panel, amongst others, are senior staff from SPD and FSD. The Panel discussion may result in an adjustment of the RBSP’s, changes in the priority of planned supervisory actions and re-allocation of available resources. Furthermore, the outcome is used as input for DNB’s SREP process. After approval of DNB’s senior management, the final product will be communicated with senior management of the individual bank, and its internal and external auditors. During the year, the approved RAP and RBSP are monitored by BSD management on a quarterly basis. The processes and policies concerning risk analysis and planning are documented in the FIRM manual, and RAP guideline instructions. DNB also ensures that a forward-looking view on the risk profile of banks is included in the ICAAP and SREP (base scenario and stress scenario). In addition, DNB has a comprehensive stress methodology in place to cover forward-looking elements. Stress tests are launched on an individual basis as well as at industry level. Furthermore, the forward-looking view and emerging risks are assessed in the strategic risk analysis as part of FIRM, which includes the assessment of the viability of the business models. In 2009 and 2010, with the assistance of an external consultant, DNB has conducted a scenario analysis on the development of strategies in the banking sector. These strategies were assessed on their viability, both in their national and international context. EC 2: Regular assessments of developments and risks in the banking system are made by the Macro Prudential Analysis (MPA)-this is a new element since the 2004 FSAP, following one of the recommendations of that assessment) department, which is part of FSD. Monitoring and analysis draws on material produced by a number of divisions and departments within DNB, including financial markets, financial institutions, infrastructure, and macroeconomic analysis. Since DNB is a cross-sector prudential supervisor, it enjoys information on all sectors of the financial landscape. In addition, DNB also cooperates with the MoF and the AFM on macro prudential issues, including holding regular consultations with them on financial stability issues. An Overview of Financial Stability (OFS) is prepared twice each year, with an external version being published. In addition, macro stress tests are conducted periodically to analyse the resilience of financial institutions under extreme conditions. The frequency of these tests was recently raised from once every six months to once every three months. EC 4: DNB has systems in place to confirm banks and banking groups’ compliance with prudential regulations and other legal requirements (see description of EC 1 and 3 above). DNB intends to increase the frequency of the formal meetings it holds with the boards of banks to at least annually. At these meetings the supervisor discusses the outcome of the RAP and RBSP. EC 5: AFS Section 3:96 requires banking institutions to notify DNB–and in some cases–to apply for a declaration of no-objection of any substantive changes in their activities, structure and overall condition (see also Chapters 4 and 5), or as soon as they become aware of any material adverse developments, including breach of legal or prudential requirements. In addition, the supervisor has a periodical meetings with the head of the compliance function to discuss compliance matters. EC 6: DNB has several systems in place to facilitate the processing, monitoring and analysis of prudential information. For the monitoring of the RBSP, specifically the identification of areas requiring follow-up action (RMP actions), DNB uses amongst others the Probleem Dossier Rapportage (PDR) reports the “RMP monitoring list” and annual evaluation of RBSP. The PDR reports are issued on a quarterly basis and contain for each banking institution an internal supervisory qualification of the supervisory action taken. In addition, DNB has a separate process in place for compiling the quarterly PDR reports.
Assessment	Compliant.
Comments	Prior to the financial crisis the risk assessment methodology used by DNB appears not to have adequately identified the main systemic vulnerabilities, such as increased leverage, increased reliance on wholesale funding, and the acquisition of substantial portfolios of structured securities, that lead to the need for public sector capital support. Supervisory processes and activities were not sufficiently integrated with the overall assessment of financial system vulnerabilities performed by the Financial Stability Division. As a result, insufficient attention was devoted to mitigating risks that were apparent at the system-wide level but which were not so apparent at the level of individual firms. The authorities are taking measures to address these shortcomings including closer integration of macro prudential and micro prudential supervision. DNB has also decided to update and/or revise the current FIRM methodology to take into account the lessons learned from the financial crisis. However, the assessors note that the deeper integration of micro- and macro-prudential supervision is an element of best practice that has emerged since the 2006 revision of the BCPs and therefore does not feature in this CP. The assessors observe that CP 20 requires only that the supervisor has a “thorough understanding...of the banking system as a whole” and does not call for the integration of financial stability assessments with the supervisory process. For this reason, the assessors are satisfied than DNB is in compliance with this CP as presently drafted.
Principle 20	Supervisory techniques. An effective banking supervisory system should consist of on-site and off-site supervision and regular contacts with bank management.
Description	EC 1: DNB does not clearly separate the on- and off-site supervision functions which are conducted by the same supervisory teams. Both on- and off-site supervisors provide input to the annual RAP process, which involves performing a risk assessment for each individual bank, the benchmarking of risk scores, developing a supervisory program and planning. Benchmarking is performed in so called “Knowledge Centers”(in Dutch: “kennisnetwerken”), and scores are challenged in a Risk Analysis Panel. The on-site banking teams are responsible for designing an effective supervisory work programme, which is then challenged by the Panel. See also the more general description of DNB’s supervisory approach in Chapter 6 of this Assessment (“Supervisory Approach–FIRM”). The Knowledge Centers also provide a forum for on-and off- site supervisors discuss various supervisory issues and policy developments. Within DNB, quality assurance is embedded in core day-to-day processes. DNB adopts the four-eyes principle, for example supervisory letters are issued under joint signature, and within there is a full audit trail and authorization process in the documentation system. As part of DNB’s VITA project, a separate division will be responsible for quality assurance. EC 2: The supervisory teams are responsible for planning their activities based on each institution’s the risk analysis (see CP 19). Supervisory teams are responsible for incorporating macro trends (based on information obtained from discussions with FSD), remarks from the Statistics and Information Department (SID), and policy trends as communicated by the SPD, in their daily supervision work and planning. Major cases within on-site supervision, and trends noted in on- and off-site supervision, are discussed on a periodic basis in the so called “AOT” between various DNB divisions. (“AOT stands for “Afstemmingsoverleg Toezicht” or “tuning meeting supervision”.) AOT is a regular meeting of all the Division Directors and Board Members responsible for supervision, i.e., banking, pension fund, insurance supervision, and supervisory policy. EC 3: As part of the Annual Supervisory Program (ASP), DNB supervisory teams perform on-site visits in order to assess the effectiveness of an institution’s governance model, including its internal control environment. These on-site visits consist of discussions with management, analytical review of relevant management information (including Key Risk Indicators), and, if applicable, detail (sample) testing. DNB may also request the internal and/or external auditors of an institution to perform specific investigations. DNB determines the terms of reference of these tasks. DNB holds a discussion with the external auditor of each bank at least annually. In these discussions the effectiveness of the governance model, and the outcome of the risk analyses performed by the supervisor and internal and external audit are standard topics on the agenda. Management information and minutes of (Supervisory) Board and Committee meetings (e.g., Audit Committee and Risk Committee) are also reviewed. DNB determines the reliability of the information received from the banks by reviewing the quality of the preparation process with internal and external auditors. In addition, in line with EU requirements, the DNB has prescribed a compulsory external audit for the COREP and FINREP reports. Supervisory concerns are communicated by the relevant supervisor to the banks in writing (with a copy to external auditors). Follow up is the responsibility of the individual supervisor and/or the supervisory team. DNB continuously evaluates its Supervisory Programme. EC 4: The regular review and analysis of the financial conditions of banks and banking groups forms part of DNB’s current supervisory practice. In Chapter 6 of this assessment the supervisory practice is described in general terms. EC 5: Please refer to the assessment of CP 19 where the relevant processes are described. EC 6: The assessment of the quality of the board during off-site and on-site inspections forms part of DNB’s supervisory practice. If off-site supervision gives rise to questions regarding the professionalism, and/or integrity of the banks (supervisory) Board and/or key management, then this is incorporated in the on-site supervisory planning in order to gain additional evidence. In addition, DNB’s senior management has regular discussions with Board members of the individual banks. See also CP 17. EC 7: The supervisor holds a regular dialogue with a bank’s internal auditors on the internal audit framework, audit approach, audit coverage, planning, quality assurance system, audit reports, and aging of audit findings. Monthly, and/or quarterly internal audit reports are reviewed by the on-site supervision teams, and if the need arises more specific individual internal audit reports are requested from the banks. DNB periodically performs a review of the quality and effectiveness of the audit function for the most important (systemic) Dutch banks. In the years where such a review is not performed, the on-site supervisors discuss the quality of the internal audit function with the external auditors, and/or the Chairman of the Audit Committee. EC 8: Any findings based on on-site supervisory inspections are communicated to the relevant bank in a written report. The Managing Board of the bank must submit a copy of all supervisory reports to the Supervisory Board and external auditor. The bank needs to provide DNB with a written response concerning how they propose to address required actions. AC 1: DNB’s on-site supervisors organize regular meetings with members of the (Supervisory) Boards. More frequent meetings are held with institutions with a higher risk profile. Separate meetings are also held with Supervisory Board members, without the Managing Board being present. DNB has “Tri-Partite” meetings with the external auditors in the presence of the bank’s management twice a year. During the financial crisis these discussions with the external auditors have been further intensified.
Assessment	Compliant.
Comments	Monitoring of the follow-up is currently carried out by the responsible supervisory team. They keep records and regularly discuss the implementation of actions and–if necessary–report on progress. With the creation of the new Intervention and Enforcement Department on January 1, 2011, DNB will create a separate department, exclusively dedicated to monitor follow-up actions structurally, in order to make the supervision more intrusive.
Principle 21	Supervisory reporting. Supervisors must have a means of collecting, reviewing, and analyzing prudential reports and statistical returns from banks on both a solo and a consolidated basis, and a means of independent verification of these reports, through either on-site examinations or use of external experts.
Description	EC 1: Pursuant to AFS Sections 3:72 (1) and (5) and DPR Section 130 and 131, DNB has the authority to require banks to submit standardized reports at regular intervals. These periodic reports include: FINREP. On and off-balance sheet assets and liabilities, profit and loss, loan loss provisioning, and related party transactions in accordance with FINREP (a European harmonised reporting framework by CEBS). COREP: as well as capital adequacy, credit risk, market risk and operational risk in accordance with COREP (also a European harmonised framework by CEBS). FINREP and COREP are submitted on a quarterly basis. Liquidity. Furthermore liquidity (monthly), large exposures, and interest rate risk (quarterly) information is required. Large exposures and asset concentrations: A report on asset concentrations (including by economic sector and geography) has to be submitted annually. Pursuant to AFS Section 3:72 (6), DNB has the authority in exceptional circumstances, to further require a higher frequency or adjust the remittance date for the reporting forms. Both the forms and the explanatory notes or guidelines for FINREP and COREP published by CEBS are available on the internet. The explanatory notes or guidelines for the other (and not European harmonized) supervisory reports are prescribed in regulations. DNB may impose penalties for late or inaccurate reporting. (Decree on fines pursuant to the Act on Financial Supervision). With a few exceptions, most of the reports required by DNB apply at the consolidated group level. As a result, only limited data is available at the solo institutional level, and DNB’s ability to perform appropriate analysis at the solo level is therefore very limited. DNB supplements its prudential reports with banks’ internally generated management reports. This can result in data that is insufficiently standardized and comparable between institutions. EC 2: Pursuant to AFS Section. 3:72 (5) and DPR Section 131, DNB requires the valuation of the items in accordance with valuation methods that the bank applies in its financial statements. The valuation methods are based on the IFRS or, if banks are not obliged to use the IAS, the principles as laid down in the DCC Book 2 (Title 9, Sections 1 to 13 and in addition to these general rules, specific sections for banks apply in Section 14). Based on EU IAS Regulation 2002/1606, companies that are admitted to trading on a regulated market of any EU Member State (publicly traded companies) must report their consolidated accounts based on IFRS as endorsed by the EU. DCC Article 362.8 allows other companies (consolidated and separate/solo accounts) and publicly traded companies (separate/solo accounts) to report based on IFRS as an alternative to Dutch GAAP (DCC Book 2, Title 9, Sections 1 to 13 and in addition to these general rules, specific sections for banks apply in Section 1. DNB has no powers to issue other reporting instructions in addition to these two regimes. DNB has no direct powers to issue valuation instructions for reporting the annual accounts to DNB in addition to IFRS and Title 9. This respects a basic efficiency measure underlying the prudential reporting framework. However, with respect to the calculation of available solvency, a number of corrections (prudential filters) or assessments need to be made. Prudential filters include deductions such as intangible assets, revaluations, own credit risk, cash flow hedges, expected loss shortfall, and certain financial investments (DPR Article 91). Discretionary powers by DNB relate to rule-making for hybrid instrument eligibility, and the assessment of immediate and unencumbered availability of capital items and asset values which may result in bank specific reporting instructions. In addition, DNB sets detailed rules for the calculation of the minimum capital requirements under the Basel II IRB internal approach including model validation, as well as the assessment of specific capital add-ons under the Basel II Pillar 2 rules. This illustrates that regulatory solvency of IRB banks is measured based on expected loss and not on accounting provisioning. (See also Principle 9). EC 3: Valuation requirements originate from generally accepted accounting principles, be it through IFRS or DCC Title 9 Book 2. These standards ensure consistency in reporting. Further, generally accepted accounting standards require firms to show profits net of appropriate provisions; the relevant IFRS standard being IAS 1, specifically Sections 81 to 89 for the presentation of income, and IAS 39 for impairment provisioning of financial instruments. For prudential purposes the DPR obliges banks to adjust accounting information to define regulatory capital that satisfies prudential requirements of Basel II/CRD (DPR Sections 89 to 94). EC 4: The supervisory forms are sent in electronic form to DNB. Banks’ reporting obligations are integrated in the electronic (internet) reporting tool. The data entry programs contain a number of validity checks, thus limiting the chance of incorrect data. After reception of the data, DNB conducts additional validity checks and plausibility checks. The data is stored in a database, available for retrieval and further processing. The information stored in the database is used mainly for the quarterly analysis of each bank. A standard set of ratios and key data is produced for each bank, which is the basis for further analysis. For each bank a report is prepared, highlighting the main developments. The outcome of the analysis for each bank is also used for the planning of on-site supervision examinations. On the other hand the conclusions from on-site examinations can be used as input for a more detailed analysis of specific data of an individual bank. Off-site examinations are primarily performed on the basis of supervisory reports sent to DNB and on the basis of supplementary quantitative information. The supervisory forms include information for prudential purposes as well as some items for macroeconomic purposes. The supervisory forms are also used for the aggregation of data at the level of the banking system as a whole or for specific categories of banks. EC 5: Pursuant to AFS Sections 3:72 (1) and (5) AFS and DPR Section 131, DNB requires harmonized supervisory returns in respect of the scope of consolidation, the valuation of items (referring to IAS/IFRS or DCC Book 2, Title 9), the currency and unit of account used, frequency, reporting reference date and remittance date. Due to the harmonized supervisory framework developed by CEBS for FINREP and COREP, there is no additional national guidance or explanatory notes. To facilitate uniform implementation, CEBS is planning to extend the guidelines and incorporate detailed reporting instructions and data definitions. The explanatory notes or guidelines for the other (and not European harmonised) supervisory reports will also be extended. As noted in EC 1, above, most supervisory reporting is at a consolidated group level and solo reporting by group entities is very limited. DNB also places substantial reliance on banks’ internal management information to provide it with data not contained in its standardised reports. Internally generated information may not, however, be strictly comparable between institutions either in terms of reporting dates or in the definition of items reported. EC 6: Pursuant to AFS Section 1:72 (1) and Sections 5:11 and 5:16 of the General Administrative Law Act (Algemene wet bestuursrecht (Awb), supervisors have a general power and unlimited power to request information from legal and natural persons. EC 7: Pursuant to Section Awb 5:17, the supervisor has the power to demand inspection of professional data and records. The supervisor has similar and unlimited powers towards the bank’s board, management, and staff. EC 8: Banks must enclose a statement-signed by two persons of whom at least one is a Director-with their reports to the effect that the report is in conformity with DNB’s requirements. Furthermore pursuant to AFS Section 3:72 (7) and DPR Section 133 (1), the external auditor has to examine one of the four (quarterly) supervisory reports. This examination covers the correct application of rules, regulations and directives as issued by DNB and the correct application of valuation principles. (See also EC 10). DNB may impose penalties for late or inaccurate reporting (Decree on fines pursuant to the Act on Financial Supervision). EC 9: There are several methods to confirm the validity and integrity of the information: Automated: consistency checks in the e-line system; Visual: plausibility checks by SID; and External auditor. Data must be reported through the electronic (internet) reporting tool for reporting banks (“eline”). The data entry programs made available to the banks contain a number of validity checks, thus limiting the chance of incorrect data. After reception of the data DNB conducts additional validity and plausibility checks. EC 10, 11: See below in the assessment of CP 22.
Assessment	Largely Compliant.
Comments	For the purposes of off-site supervision, DNB makes substantial use of banks’ internal management reports. This practice means that the amounts of data collected in standardized form are relatively limited (e.g., there is no standardized reporting of nonperforming assets) and are at different reporting dates. This makes it difficult to conduct comparative or aggregate analysis (stress tests). With the increased emphasis being placed on macroprudential surveillance, DNB needs to introduce more standardized and more granular reporting to facilitate this type of analysis. In addition, the standardized data currently collected by DNB is mainly at the consolidated level and does not contain sufficient solo reporting for “relevant entities” that are part of the consolidation group. DNB needs the data to be able to identify risks that arise in particular group companies as well as at the consolidated group level. The required extension of the supervisory reporting framework may imply that DNB’s legal powers to collect data need to be extended.
Principle 22	Accounting and disclosure. Supervisors must be satisfied that each bank maintains adequate records drawn up in accordance with accounting policies and practices that are widely accepted internationally, and publishes, on a regular basis, information that fairly reflects its financial condition and profitability.
Description	EC 1: DNB has the power to hold banks responsible for their prudent operation. This includes clear and adequate division of roles and responsibilities, adequate recording of rights and obligations, clear reporting lines, and an adequate system for the provision of information and for communication. The effectiveness of the structure of the organization and of the procedures and measures also has to be tested internally and independently (AFS Section 3:17). EC 2: The DCC requires banks to publish an annual report that includes a management discussion and analysis section and an external auditor’s report (DCC Section 394 of Title 9 of Book 2). Traditionally firms published the annual report by way of a printed booklet that should be made available to anyone with an interest in the firm, at a reasonable cost. Nowadays, firms publish their accounts on their corporate website. For banks, the AFS requires publication of audited financial statements within four months of the year-end. The published financial statements should be filed at the AFM, which includes them in its public register. Similar rules regarding publication apply to semi-annual reports, that is, for banks with listed or traded securities, and quarterly reviews, for banks with traded ordinary shares; see AFS Section 5.25, c-e. (Note that firms can have securities traded over the counter–OTC– on an exchange without the firm having a listing on an exchange. The AFS sets disclosure standards for non-listed firms with traded ordinary shares at a higher level than for non-listed firms with traded securities other than ordinary shares.) After endorsement by the general assembly of shareholders, annual reports should be filed at the AFM within six months after year-end. The AFM then files the reports at the designated Chamber of Commerce. This is a service of the AFM; the general rule is that firms file at their designated Chamber of Commerce themselves. Banks should submit a copy of their audited annual financial statements to DNB within six months after year-end as well (AFS Section 3.71). EC 3: Valuation requirements originate from generally accepted accounting principles, be it through IFRS or DCC Title 9 Book 2. IFRS is mandatory for the consolidated accounts of all listed banks and some non-listed banks also voluntarily use IFRS. The accounts of other non-listed banks are governed by DCC Title 9 Book 2 as are the solo accounts of banks. For prudential purposes the DPR adjusts banks’ accounting information to define regulatory capital that satisfies prudential requirements of Basel II / CRD (DPR Sections 89 to 94). EC 4: The scope and particulars of the external auditor’s audit program, including areas such as the loan portfolio, non-performing assets, loan loss reserves, asset valuations, trading and other securities activities, derivatives, asset securitisations, are based on financial reporting requirements of IFRS, DCC Title 9 Book 2 and ISA. These sets of audit programme requirements are applicable for the verification of the annual financial statements of banks and also for the verification of the additional prudential returns. DNB has direct power, in cooperation with the Ministry of Finance, to establish scope and level of assurance of the audits of prudential returns. With respect to the annual financial statements, DNB has indirect influence on setting the scope and level of coverage of the audits through the ministry of finance, the ministry of justice and the Royal Nivra. EC 5: Further, pursuant to DPR Sections 131(1), 133(1), the “Ruling on Reporting Statements of Financial Institutions” sets out the reports that banks should submit to DNB. Appendix 6 of the Ruling defines reporting frequency and filing deadlines of relevant financial statements and reports. Appendix 7 defines the external auditor’s scope regarding financial statements, reports, and additional information to be included in the audit. EC 6: DNB may decide that a particular external auditor is not qualified to perform the function of external auditor at a particular bank (AFS Section 1:78). EC 7: The banks’ financial statements should comply with generally accepted accounting principles: banks are subject to civil code financial reporting requirements (through Title 9 of Book 2) or, if they are listed on a EU stock exchange, to international financial reporting principles as endorsed by the EU (EU-IFRS). Company law on financial reporting is based on EU accounting directives, which include a number of options, allowing being consistent with IFRS. Interpretative guidelines issued by the Council for Annual Reporting in the Netherlands is focused on aligning practices based on Title 9 Book 2 Civil Code as close as possible to IFRS. EC 8: Banks follow financial reporting disclosure requirements either based on IFRS or DCC Title 9 Book 2, and supplementary disclosure requirements included in the interpretative guidelines (covering authoritative statements and recommendations) on external reporting issued through the Council for Annual Reporting in the Netherlands. In addition, banks have to publish Basel II, Pillar 3 disclosures at least annually and adhere to AFS Article 3:74a. Basel II, Pillar 3 requires banks to have a formal disclosure policy. The AFM is responsible for ensuring that the annual reports and solo/consolidated financial statements, including the validation policies applied by the institution, comply with IFRS and DCC Title 9 Book 2. Further, banks listed on an exchange have to follow disclosure requirements of the relevant Stock Exchange. DNB reviews Basel II, Pillar 3 disclosure policies, as well as disclosure practices for all supervised banks, as well as reviewing the disclosures of selected banks through their annual accounts. EC 9: The disclosures required by either IFRS or DCC include both qualitative and quantitative information on a bank’s financial performance, financial position, risk management strategies and practices, risk exposures, transactions with related parties, accounting policies, basic business, management, and governance. The scope and content of information provided, and the level of disaggregation and detail should be commensurate with the size and complexity of a bank’s operations. In addition, Basel II Pillar 3 requires banks to have a formal disclosure policy. DNB annually reviews Pillar 3 disclosures as well the disclosures made in the annual accounts of selected banks. EC 10: The AFM is responsible for the enforcement of IFRS and DCC Title 9 Book 2 disclosures). Further, banks listed on a stock exchange have to follow disclosure requirements of the relevant Stock Exchange. DNB reviews Pillar 3 disclosure practices for all supervised banks, as well as reviewing the disclosure made in the annual accounts of selected banks. EC 11: DNB regularly publishes aggregated information in various forms: DNB’s Statistical Bulletin. This bulletin is published quarterly and contains monetary and financial statistics for the Netherlands. Financial Stability Overview: published biannually. DNB Quarterly Bulletin: DNB’s Quarterly Bulletin provides information on financial and-economic developments in the Netherlands, Europe and the rest of the world. AC 1: DNB meets external audit firms and external auditors periodically through various platforms and modes. Contacts may take place in the context of day-to-day on-site supervision. Bilateral policy discussions are held annually between DNB and each bank’s external auditor, and between DNB and the large audit firms. DNB representatives meet frequently with Royal NIVRA groups. These meetings are to coordinate financial reporting practices and requirements, auditing (e.g., scope), and issues concerning reporting requirements between banks and DNB. Furthermore, DNB discusses accounting, auditing, and reporting matters at the so called “Vertegenwoordigersoverleg”. This forum comprises of representatives of the Netherlands’ Banking Association, the Royal NIVRA, and supervisors of DNB. This forum was initiated after the recent financial crisis. The purpose is to improve the coordination of communication of and between banks, regulators, supervisors, and auditors. AC 2: Auditors are under a legal obligation actively to report matters of material significance to DNB. The role of the external auditor thus encompasses a statutory information and notification duty. The AFS requires external auditors to provide DNB with any and all information which may be considered necessary for the proper performance of DNB’s supervisory task. Both the AFS and the DPR provide that such information may concern non-compliance with specific supervisory rules, as observed by the external auditor during his audit activities, or threats to the continued existence of the undertaking. If the external auditor does not intend to issue an unqualified opinion or intends to make certain qualifications, he must submit the relevant information to DNB as soon as possible (AFS Sections 3:88 and 3:89, DPR Sections 136 and 137). Sharing this information does not constitute a breach of the duty of confidentiality. AC 3: To promote independence among auditors, the law requires audit firm partner rotation every seven years (Section 24 of the Act on the Supervision of Audit Firms). AC 4: Basel II, Pillar 3 requires banks to have a formal disclosure policy. DNB reviews Pillar 3 disclosure policy and practices for all supervised banks. AC 5: Correspondence from the external auditor to the supervised institution, relating to either the audit examination or any findings concerning internal controls, must also be made available to DNB. The results of external auditors’ activities may contain important information which is taken into account in banking supervision. In view of this, communication lines between DNB and the banks’ external auditors are kept open. Oversight over the quality of work of auditors and auditing firms is governed by law and assigned to the AFM which has the power to access external auditors’ working papers. The AFS sets conditions to the cooperation and communication in this respect between the AFM and DNB.
Assessment	Compliant.
Comments
Principle 23	Corrective and remedial powers of supervisors. Supervisors must have at their disposal an adequate range of supervisory tools to bring about timely corrective actions. This includes the ability, where appropriate, to revoke the banking license or to recommend its revocation.
Description	EC1: Raising supervisory concerns with management or, where appropriate, the board, at an early stage, and requiring that these concerns addressed in a timely manner–Standard procedure, which is laid down in Ladder of Intervention (Lol) (phase: increased vigilance). The Lol is a registration of the working processes used by DNB examiners in banking and insurance supervision. It defines under which circumstances (when), the use of specific formal or informal measures is appropriate (what), and who decides about the use of these instruments (who). Where the supervisor requires the bank to take significant remedial actions, these are addressed in a written document to the Board-Standard procedure, which is laid down in LoI (phase: increased vigilance, focus on file building, which includes written reports to the Board of remedial action to be taken). Requiring the bank to submit regular written progress reports and checks that remedial actions are completed satisfactorily-standard procedure, which is laid down in Ladder of Intervention (phase: increased vigilance, request plan to address the issue that triggered increased vigilance, in combination with intensive monitoring). EC 2: The supervisor participates in deciding when and how to effect the orderly resolution of a problem bank situation (which would include closure, or assisting in restructuring, or merger with a stronger institution). The emergency regulation is meant not only as an instrument for liquidation, but also as a regime under which a restructuring can take place. However, in practice the application of the emergency regulation acts a gateway to winding up/liquidation, mainly because of the stay on payments and the exercise of close out rights in contracts. Also, the supervisor may withdraw the authorization (AFS Article 1:104), but a closure of a bank in this way is not orderly either. Instruments to effect an orderly resolution have not been introduced yet, but the ministry of finance and DNB are jointly working on this. EC 3: All aspects of this criteria are included in the Lol. See also the assessment of CP 1(4). EC 4: Restricting current activities or withholding approval of new activities-Our assessment is that this is possible with instruments ‘giving a direction’, ‘special measures’ (mentioned in AFS Article 3:111a) or ‘appointing a special administrator’, which can be interpreted in the vein of the CRD. Currently, the Ministry of Finance is working on a text in the AFS to make this power more explicit. Restricting or suspending payments to shareholders or share repurchases-Only if own funds diminish as a result of these actions (AFS Article 3:96). Asset transfers-Apart from the power to enforce compliance with solvency and liquidity requirements, DNB has no specific powers to restrict asset transfers. Barring individual from banking and replacing managers, board directors-The AFS stipulates that a co-policymaker must be found to be trustworthy as his/her personal integrity forms part of the integrity of the financial sector (art. 3:9 AFS). Furthermore, the AFS provides for a competence test for persons determining day-to-day policy of institutions (art. 3:8 AFS). In principle, DNB will perform its assessments on the basis of a notification of prospective appointment received from a supervised institution. DNB also has the ability to reassess persons it has previously deemed to be qualified, for example on the basis of new information, or in response to observed behavior of said individual. As such, DNB has a de facto power to bar individuals from certain positions. Restricting the power of managers and board directors and providing for interim management-This is possible by means of the instrument ‘special administrator’ (art. 1:76 AFS). Restricting the powers of controlling owners-A declaration of no objection is required, this declaration can be modified (further conditions) or withdrawn (art. 95 and 1:104 AFS). Facilitating a takeover by or merger with a healthier institution-no explicit powers, but occasionally DNB plays a facilitating role behind the scenes. EC 5: Included in Lol. EC 6: The supervisor applies penalties and sanctions not only to the bank but, when and if necessary, also to management and/or the Board or individuals therein–new AWB Chapter 5 (‘general administrative code’; Article 5:1). With respect to the additional criteria, please note that there are no specific laws or regulations which guard against the supervisor unduly delaying appropriate corrective actions (other than the general liability of DNB). DNB has neither specific powers to ring fence but is able to use other instruments to impose sufficient solvency and liquidity (e.g. the power to give directions (AFS Article 1:75). Finally, DNB coordinates her actions with regulators of non-bank financial entities in a national context (with the conduct of business supervisor the AFM, AFS Article 1:47, within the EU (AFS Article 1:51) as well as outside the EU (AFS 1:65, on the basis of MoUs to settle confidentiality issues).
Assessment	Largely compliant.
Comments	The assessment team finds DNB largely compliant with this CP for two main reasons. First, despite a comprehensive set of intervention powers, in the past there has been reticence on the part of DNB to use some of those powers to the full. The preference has been to deal with emerging problems through the use of “moral suasion” rather than formal enforcement measures. While this technique of supervision may have been relatively successful in the past, the evidence suggests that in recent years moral suasion has become a much less effective tool, in part due to changes in the structure and ownership of the Netherlands financial system. DNB has recognized the shortcomings of moral suasion and has embarked on project VITA to ensure that its supervision becomes more “intrusive and conclusive.” The assessment team supports the objectives of this initiative and encourages DNB to make further progress on implementing it. In particular, there is a need to ensure that supervisory staff are fully aware of the range of legal powers at their disposal and that they should be prepared to use those powers whenever necessary. The second reason for finding DNB largely compliant with this CP is that it currently does not have at its disposal the full range of instruments that are necessary to conduct the orderly resolution of banks. Although DNB is empowered to give directions or appoint a special administrator to a problem bank, there exist no instruments to force an orderly resolution without shareholder approval. The MoF and DNB are jointly working on legislation to introduce additional crisis management tools, including the option of being able to transfer deposits of a failing bank to another bank. The assessment team also supports this initiative and encourages DNB and MoF to finalize this work as soon as practicable.
Principle 24	Consolidated supervision. An essential element of banking supervision is that supervisors supervise the banking group on a consolidated basis, adequately monitoring and, as appropriate, applying prudential norms to all aspects of the business conducted by the group worldwide.
Description	DNB undertakes banking supervision on a consolidated and on a solo basis in accordance with the CRD. These requirements are incorporated in AFS Section 3.6.2 (Consolidated Supervision of Investment Firms and Credit Institutions). With the implementation of the Basel II framework, due attention was paid to the implementation of adequate solo supervision. EC 1: Several measures ensure that DNB is given the necessary insight into the structure of supervised banking groups. Information on the structure of a bank is included in the mandatory returns, but is also discussed in policy meetings with banks and included in on-site inspections. Prior permission from DNB is required for the acquisition of (foreign) participating interests and for the establishment of (foreign) subsidiaries, or third country branches. For the establishment of EU branches notification to DNB is required. EC 2: DNB has the power to review the overall activities of a banking group, both domestic and cross-border. AFS Section 3:72, in conjunction with Section 3:276, provides DNB with the legal authority to require a bank and any enterprise which falls within that bank’s scope of consolidation to provide any and all relevant prudential information DNB may require. Based on this and AFS Section 3:17, in conjunction with AFS Section 3:276, DNB is able to require information of any individual business vehicle within the banking organization group on its financial condition and on the adequacy of risk management and control measures. On the basis of Section 3:18a, DNB performs the SREP for the banking group worldwide on at least a yearly basis. EC 3: The AFS Section 3.3.11 requires that DNB gives a declaration of no-objection before a bank may acquire a qualifying holding in the capital of another financial or non-financial institution and before a person or entity may acquire a qualifying holding in a bank. As a condition attached to declarations of no-objection, DNB is empowered to require frequent financial and non-financial information from banking and non-banking subsidiaries of the parent so that the risks included in non-banking activities can also be assessed and reviewed. Regarding participating interests of banks in non-financial activities, the quantitative limitations of Section 120 of the CRD apply (implemented in Section 140 of the Decree on Prudential Rules for Financial Undertakings): the maximum qualifying holding (participation) is 15 percent of a bank’s own funds and the total of all qualifying holdings may not exceed 60 percent. EC 4: DNB has the power to impose prudential standards on a consolidated basis for the banking group (AFS Section 3:276). In practice, supervisory activities are performed on both a consolidated and solo basis, including quarterly returns provided by the banks, capital adequacy calculations, large exposures, exposures to related parties, and the Supervisory Review Process. EC 5: Cooperation with other relevant supervisors, domestic and cross-border has a legal foundation in AFS Chapter 1.3. If foreign affiliates or subsidiaries are involved, MoUs with foreign supervisors or colleges of supervisors facilitate the exchange of information between the supervisors. DNB also works in close cooperation with the AFM. EC 6: DNB has the power to limit or circumscribe the activities that a banking group may conduct or to prevent activities from being conducted within the group, which cannot be properly supervised. DNB can also take additional measures under Basel II, Pillar 2 as a result of the SREP, (AFS Section 3:111(a)) such as: requiring credit institutions to hold own funds in excess of the minimum pillar 1 level, strengthening internal governance requirements and the ICAAP, requiring credit institutions to apply a specific provisioning policy, restricting or limiting the business, operations or network of credit institutions, and requiring the reduction of the risk inherent in the activities, products and systems of credit institutions. In special situations, when the solvency and/or the liquidity of a bank are endangered, DNB may apply special measures as stipulated by AFS Section 1.4.2. EC 9: DNB also has the power to require the closing of foreign offices of Dutch banks, or to impose limitations on their activities if their oversight is deemed inadequate or if the flow of supervisory information from that country is likely to be insufficient. In such cases, DNB could refuse to grant or withdraw a declaration of no objection, or prohibit the continuation (AFS Section 1:77) of foreign branches or take any of the above mentioned Basel II, Pillar 2 measures. EC 7, 8 and 10: An important element in the supervision of foreign establishments is their governance by the Netherlands head office, whether or not through regional offices (AFS Section 3:17) [EC 7]. DNB regularly monitors whether an institution’s top level management is informed adequately about the state of affairs within the foreign establishments, and whether decision-making and governance have been adequately implemented in the foreign network (AFS Section 3:) [EC 8]. When the risk profile of the foreign operations is higher or when the operations are conducted in supervisory regimes differing fundamentally from those of the Netherlands, DNB pays extra attention to the bank’s internal governance [EC 10]. DNB identifies high risk areas through risk based supervision by means of FIRM. AC 1: Corporate ownership of banking entities is allowed in the Netherlands. The shareholders of banks, including parent companies and their activities are reviewed and tested against criteria regarding fit and proper standards, integrity, safety and financial soundness (AFS Section 3.3.11). If a prospective or existing shareholder fails to meet these criteria, DNB may refuse to grant, or withdraw, its declaration of no-objection, in which case the participating interest may not be acquired or may have to be sold. Remedial actions are available: on the basis of AFS Section 1.4.2, DNB can take special measures, such as a notification given to a bank, to the effect that all or certain bodies of that bank may only exercise their powers after approval has been obtained from one or more persons appointed by DNB and with due observance of the instructions given by these persons. AC 2: Whereas DNB will always have an independent responsibility as regards the supervision of foreign establishments, it may use the results of examinations by the “host supervisor” (AFS Section 1.3.2 and 1.3.3.). DNB’s assessment of the supervision exercised by the “host supervisor” is of importance in this respect. With respect to the supervision of non-EU establishments, DNB assesses the quality of the respective “host supervisor”, particularly in cases where a MoU is (to be) concluded. AC 3: Consolidated supervision of internationally active banks is based on a top down approach of the group. This means that risk areas are identified, examined and dealt with on the basis of risk based supervision regardless of where the risks are located in the organization (domestic or non-domestic). In this process, supervisors use the group’s internal staff departments such as corporate risk or group-audit. These staff departments in turn are supported by decentralised staff functions in the business units. In case of exceptional developments special inspections will be carried out. In addition to making local inspections, DNB also receives reports on foreign establishments by internal and external auditors.
Assessment	Largely Compliant.
Comments	Although DNB has the necessary legal and regulatory powers to apply effective consolidated supervision of cross-border banking groups, there have been examples where DNB appears to have relied to large extent on the supervision exercised by the host supervisor. This reliance is a cornerstone of the Basel Accord and the CRD, in which both EEA supervisors and equivalent supervisors from third countries are considered exercising supervision in compliance with the CRD and or Basel II. Nonetheless, it remains the responsibility of the consolidated supervisor to assess the financial soundness of the overall group and this responsibility requires it to form its own independent judgement of the risks to the group posed by the activities of group subsidiaries. DNB’s ability to form such an independent judgement appears to have been constrained by the failure of supervisory resources to match the demands of regulating large, complex and internationally active firms. In consequence, DNB may wish to consider strengthening the resources it devotes to its oversight of subsidiaries located outside the Netherlands and its practices and procedures for obtaining relevant information concerning their operations and the risks that they pose to the group.
Principle 25	Home-host relationships. Cross-border consolidated supervision requires cooperation and information exchange between home supervisors and the various other supervisors involved, primarily host banking supervisors. Banking supervisors must require the local operations of foreign banks to be conducted to the same standards as those required of domestic institutions.
Description	EC 1, 2: The AFS provides for the principle that confidential information obtained under this Act is secret and that this information shall remain within DNB. In certain exhaustively listed cases however, DNB is permitted to supply confidential information to specific persons or bodies for their respective roles and responsibilities. This permission is specified in AFS Chapter 1.5. Chapter 1.3 of the AFS contains specific instructions for the exchange of information with other supervisory authorities. A distinction is made between the supervisory authorities of other EU Member States and those of non-member states. In addition to these legal provisions, DNB has concluded 37 MoUs with relevant EEA and non-EEA supervisors. The MoUs contain agreements about: (i) the exchange of information, the rights and obligations with regard to requests for and the provision of information; (ii) cooperation in the field of supervision, for example in relation to on-site examinations (announcement, host supervisor involvement, exchange of research results); and (iii) confidentiality with regard to the information provided and received. EC 1, 2, 3, 4 and 9: AFS Section 1:51-1:51a provides that DNB shall cooperate closely with other supervisory authorities and provide them with any information which is essential or relevant for the exercise of the other authorities’ supervisory tasks. In this regard, DNB communicates on request all relevant information and communicates on its own initiative all essential information such as adverse developments or major sanctions and exceptional measures.7 EC 1, 2, 3, 4 and 7 and AC 1: With respect to banks and banking groups of material interest to the home or the host supervisor, colleges of supervisors have been established. There are currently 14 colleges in place for banks, banking groups or financial conglomerates, which have regular exchange of information and conference calls and meet at least once a year. For 8 of the (largest) banks, operating on a cross-border basis, a multilateral written agreement is signed between members of the respective colleges. These agreements provide for further formal arrangements for home and host supervisors with respect to (i) objectives of cooperation; (ii) identification of relevant supervisory authorities of subsidiaries and significant branches;8 (iii) confidentiality of information exchange; (iv) responsibilities of supervisory authorities; and (v) cooperation in on-going and in crisis situations. EC 5, 6: Pursuant to the AFS chapter 2.2 local branches and subsidiaries of foreign banks are subject to the same legal and supervisory regime as are domestic banks. Under mutual recognition agreements, branches of EEA licensed banks carrying out their business in the Netherlands from a branch situated in the Netherlands or by providing services to the Netherlands are exempted from capital adequacy supervision on a solo basis by DNB (home country control principle). DNB’s liquidity requirements, however, have to be met by EU branches in the Netherlands. EC 5, 8: Banks established in a state, not being a member state of the EEA are not allowed to invite, or to receive redeemable funds in the operation of a business outside of a restricted circle from parties, not being professional market parties (AFS Section 3:5), unless DNB has granted authorization as meant in AFS Section 2:20. DNB may grant a license if a bank fulfills all the relevant requirements according to the existing standards for banks applying for a license in the Netherlands. EC 5, 6: On the grounds of AFS Section 3:31, a bank established in the Netherlands which is a subsidiary of a bank established in a non-Member State shall be under sufficient consolidated supervision in the state in which the latter bank is established. EC 7: Conform the arrangements in AFS Section 1.3.2.2 and the MoU between DNB and other supervisory authorities, home country supervisors have on-site access to establishments in the Netherlands after prior consultation with DNB (and vice-versa). DNB discusses the findings of their on-site examinations with them. AC 1: DNB has developed a communication strategy with the relevant host supervisors primarily in the form of the colleges of supervisors for large international banking groups headquartered in the Netherlands. In addition, DNB has established a secure website in which information on banking groups can be exchanged among members of the college.
Assessment	Compliant.
Comments