Abstract
This paper provides detailed assessment of observance on the Basel Core Principles for Effective Banking Supervision. The current assessment took place during a period of continuing development and transition. It is based on the assessors’ understanding of the current state of the supervisory approach, but also incorporates, where relevant, the available information about changes expected in the near future. Stress testing has become a critical supervisory tool that encourages firms and supervisors to adopt a more forward-looking view on the strength of their balance sheets and resilience to shocks. The emphasis on stress testing has encouraged firms to strengthen their internal analytical and risk-management capabilities.
Introduction4
26. This assessment of the current state of the implementation of the BCP in the U.K. was conducted during November 3–19, 2015. It reflects the regulatory and supervisory framework in place as of the date of the completion of the assessment. It is not intended to represent an analysis of the state of the banking sector or crisis management framework, which are addressed in the broader FSAP exercise.
27. An assessment of the effectiveness of banking supervision involves a review of the legal framework as well as a detailed examination of the policies and practices of the institutions responsible for banking regulation and supervision.
A. Information and Methodology Used for the Assessment
28. The U.K. authorities agreed to be assessed according to the revised BCPs issued by the Basel Committee for Banking Supervision (BCBS) in September 2012. The assessment was thus performed using a different methodological basis as compared with the previous BCP assessment carried out in 2011. It is important to note, for completeness’ sake, that the two assessments will not be directly comparable: the revised BCPs have a heightened focus on corporate governance and risk management, their practice by supervised entities, and their assessment by the supervisory authority. The revised BCPs raise expectations in measuring the effectiveness of a supervisory framework (see box for more information on the revised BCPs).
29. The U.K. authorities chose to be assessed and rated against both the Essential Criteria (EC) and the Additional Criteria (AC) articulated in the BCP document. To assess compliance, the BCP methodology uses a set of essential and sometimes additional assessment criteria for each principle. The EC are usually the only elements on which to gauge full compliance with a Core Principle (CP). The ACs are recommended best practices against which the U.K. authorities have agreed to be assessed and rated. This option was not available to countries assessed prior to 2012 publication of the revised BCPs. The assessment of compliance with each CP is made on a qualitative basis to allow a judgment on whether the criteria are fulfilled in practice. Effective application of relevant laws and regulations is essential to provide indication that the criteria are met. A four-part grading system is used: compliant; largely compliant; materially noncompliant; and noncompliant. This grading system is explained below.
30. The assessment team reviewed the framework of laws, rules, and guidance and held extensive meetings with U.K. officials. The team conducted additional meetings with banking-sector participants and other stakeholders (auditors, associations, and other market observers). The authorities provided a comprehensive self-assessment of the BCPs, as well as detailed responses to additional questionnaires. In addition, the authorities facilitated access to a variety of supervisory documents and files, staff and systems.
31. The team appreciated the high level of cooperation, candor, and transparency that the authorities demonstrated throughout the review. The team extends its thanks to staff of the authorities, all of whom provided excellent cooperation and undertook considerable efforts to make available extensive documentation as well as access to staff with expertise on U.K. supervisory policies, procedures, and practices. Assessors appreciated, as well, the opportunity to meet with additional official staff with expertise related to the implementation of global regulatory changes under Basel III, its implementation in the EU through the Capital Requirements Directive (CRD) and Capital Requirements Regulation (CRR), and further national regulatory changes. Finally, the assessment team wishes to express its appreciation to the numerous market participants and observers who shared voluntarily their personal insight into the evolution of U.K. supervisory practices.
32. An assessment of compliance with the BCPs is not, and is not intended to be, an exact science; in addition, the BCBS considers the BCPs to be minimum rather than absolute standards. To reach its conclusions regarding the compliance of the U.K. approach to banking supervision against the BCPs, the assessment team did exercise judgment. Nevertheless, the team sought to adhere to a common, agreed methodology that is consistent with assessments done of other countries subsequent to the 2012 release of the revised BCPs. Consequently, the assessment is intended to provide U.K. authorities with an internationally consistent measure of their compliance with the BCPs.
33. To determine the observation of each principle, the assessment has made use of five categories: compliant; largely compliant, materially noncompliant, noncompliant, and nonapplicable. An assessment of “compliant” is given when all EC and ACs are met without any significant deficiencies, including instances where the principle has been achieved by other means. A “largely compliant” assessment is given when there are only minor shortcomings that do not raise serious concerns about the authority’s ability to achieve the objective of the principle; moreover, there is clear intent to achieve full compliance with the principle within a prescribed period of time (for instance, the regulatory framework is agreed but has not yet been fully implemented). A principle is considered to be “materially noncompliant” in case of severe shortcomings, despite the existence of formal rules and procedures; furthermore, evidence suggests that supervision has clearly not been effective, that the practical implementation is weak, or that the shortcomings are sufficient to raise doubts about the authority’s ability to achieve compliance. A principle is assessed “noncompliant” if it is not substantially implemented, several ECs are not complied with, or supervision is manifestly ineffective. Finally, a category of “nonapplicable” is reserved for those cases that the criteria would not relate the country’s circumstances.
The 2012 Revised Basel Core Principles
The revised BCPs reflect market and regulatory developments since the last revision, taking account of the lessons learnt from the financial crisis in 2008/2009. These have also been informed by the experiences gained from FSAP assessments as well as recommendations issued by the G-20 and Financial Stability Board (FSB) and take into account the importance now attached to the following considerations: (i) greater supervisory intensity and allocation of adequate resources to deal effectively with systemically important banks; (ii) application of a system-wide, macro perspective to the microprudential supervision of banks to assist in identifying, analyzing and taking preemptive action to address systemic risk; (iii) the increasing focus on effective crisis preparation and management, recovery and resolution measures for reducing both the probability and impact of a bank failure; and (iv) efforts to foster robust market discipline through sound supervisory practices in the areas of corporate governance, disclosure and transparency.
The revised BCPs strengthen the requirements for supervisors, the approaches to supervision and supervisors’ expectations of banks. Supervisors are now required to assess the risk profile of the banks not only in terms of the risks they run and the efficacy of their risk management, but also in terms of the risks they pose to the banking and the financial systems. In addition, supervisors are required to consider how the macroeconomic environment, business trends, and the build-up and concentration of risk inside and outside the banking sector may affect the risks to which individual banks are exposed. While the BCPs set out the powers that supervisors should have to address safety and soundness concerns, there is a heightened focus on the actual use of the powers, in a forward-looking approach through early intervention.
The number of principles has increased from 25 to 29. The number of essential criteria has expanded from 196 to 231. This includes the amalgamation of previous criteria (which remained largely the same as what was contained in the prior version of the BCPs), and the introduction of 35 new essential criteria. For countries that choose to be assessed against the “additional criteria,” 16 additional criteria articulate “best practices” to comply with selected CPs.
While raising expectations for banking supervision, the BCP were drafted with the recognition that they must be applicable to a wide range of jurisdictions. The new methodology reinforces the concept of “proportionality,” both in terms of adjusting the expectations on supervisors and in terms of adjusting the standards that supervisors impose on banks depending on the circumstances. The proportionate approach allows assessments of banking supervision that are commensurate with the risk profile and systemic importance of a wide range of banks and banking systems.
B. Institutional and Market Structure—Overview5
34. The Financial Services Act 2012 established a new framework for financial regulation in the United Kingdom. Responsibility for financial stability was given to the newly established FPC of the BoE: the BoE Act 1998, as amended by the Financial Services Act 2012, gives the FPC responsibility to identify, assess, monitor, and take action in relation to financial stability risk across the whole financial system. This includes addressing risks arising in the nonbank financial system (including institutions and markets). In support of this objective, the Act gives the FPC the power to make recommendations to Her Majesty’s Treasury (HMT) on regulated activities, as well as more general powers in respect of information gathering. Responsibility for the overall regulatory framework and the protection of the public finances rests with HMT and the Chancellor of the Exchequer.
35. Two new regulatory agencies have been established, replacing the FSA. The Financial Services Act 2012 transferred prudential regulation of deposit-takers,6 insurers and the largest investment firms to a new microprudential supervisor, the PRA, a subsidiary of the BoE. Responsibility for regulating conduct of business was given to the FCA, with the mandate and tools to protect consumers and market participants, including through the promotion of competition. The PRA and FCA started to operate in April 2013.
36. The BoE is the resolution authority responsible for preparing and responding to the failure of banks, building societies, certain investment firms and central counterparties in accordance with the U.K.’s special resolution regime. The BoE is also responsible for the regulation of systemically important firms supporting the clearing, payment and settlement infrastructure in the United Kingdom.
37. Most U.K. financial institutions are regulated in some form, although not all activities undertaken by these institutions are subject to regulation. Finance companies are subject to different regulation depending on whether they are owned by banks (PRA and FCA regulated), or nonbanks but provide residential mortgages or consumer credit (FCA regulated) or undertake business lending (for amounts exceeding GBP 25,000) or provide certain types of buy to let mortgages (unregulated). Securitization special purpose vehicles (SPVs) may be regulated depending on whether they are part of a banking group.
38. The FPC has a statutory power to make recommendations to HMT in relation to the boundaries between and within regulated and non-regulated sectors of the U.K. financial system (the ‘regulatory perimeter’). The FPC has committed to hold a discussion on the issue of the regulatory perimeter at least annually. In July 2015, the FPC considered channels through which stress in key parts of the nonbank financial system (including institutions and markets) could impact U.K. financial stability. Based on its current assessment, the FPC said that it did not see a case for recommending changes to the regulatory framework but would return to the issue on an annual basis, or sooner, if risks were identified.
39. The financial services Banking Reform Act (BRA) 2013 implemented the final ring-fencing recommendations of the independent commission on banking (ICB). The ICB recommended that retail banking should be separated from wholesale or investment banking, and that this should be achieved by ring-fencing, or separating, retail banking within a banking group in order to isolate banking activities where continuous provision of service is vital to the economy and to the customers of a bank. The BRA also implemented the recommendations made by the PCBS, appointed by parliament to consider how culture and standards in the banking sector could be improved. In particular the BRA put in place the legal framework for the “Senior Managers and Certification Regime” which strengthens the regulation of individuals who work in the U.K. banking sector. Finally, the BRA makes available to the BoE a stabilization option (the “bail-in option”) under part 1 of the BRA 2009.
40. Parliament passed a new BoE and Financial Service Act (though most of its provisions have not come into force yet). The Act sets out reforms to ensure that the BoE remains at the forefront of international best practice for transparency, accountability, and governance. The Act undertakes the following:
Maximize the synergies of having monetary policy, macroprudential policy and microprudential policy under the aegis of one institution by bringing the PRA within the BoE, ending its status as a subsidiary, and creating a new committee of the BoE to be known as the PRC. It will retain its independence in making rules, policies and supervisory decisions. The statutory objectives of the PRA, which underpin its forward-looking, judgment-based approach to supervision, will remain unchanged;
Reinforce the accountability of the PRC and the chief executive officer (CEO) for the BoE’s prudential regulation functions, and provide updated reporting requirements which will ensure supervision continues to operate with appropriate independence and resources;
Update resolution planning and crisis management arrangements between the Treasury and the BoE to reflect recent improvements to resolution planning for systemic financial institutions, and crisis management for institutions in distress. This includes a strengthened requirement for the BoE to provide the Treasury with information on risks to public funds, so that the system can better protect taxpayers and the wider economy from bank failures;
Improve the governance of the BoE by making its court of directors (‘the court’) a smaller, more focused unitary Board;
Place the new deputy governor for banking and markets in legislation, adding the position to the court of directors and the FPC;
Adjust the statutory basis of the FPC from a subcommittee of the court to a statutory committee of the BoE, in line with the MPC and the new PRC;
Bring the BoE within the purview of the National Audit Office (NAO), improving transparency and accountability for its use of resources;
Further strengthen coordination arrangements between the Treasury and the BoE in protecting taxpayers and the wider economy from bank failures; and
Extend the Senior Managers and Certification Regime to all financial services firms, and implement a fairer system by introducing a ‘duty of responsibility’ (superseding the previously proposed ‘reverse burden of proof’).
41. As a member of the EU, the United Kingdom adheres to the European ‘single Rulebook,’ whose backbone is represented by the 2013 CRD and Regulation (the ‘CRD IV package’). The CRD IV package was part of the response to the recent financial crisis and implements the Basel III capital and liquidity standards, as well as rules on corporate governance. The Regulation and Directive came into force from January 1, 2014, but gave member states (MS) time to transition to the final rules.
42. The CRD IV package is a ‘going concern’ framework. It aims to ensure that in normal times, banks are adequately capitalized to absorb losses, to pay their obligations in a stress and have adequate governance, systems and controls.
43. The 2014 Banking Recovery and Resolution Directive (BRRD) applies to non-viable banks. It introduced a harmonized set of resolution tools to ensure that when EU banks fail, that failure can be managed in a way which protects critical functions, limits contagion to other financial institutions and the wider economy, and avoids the need for taxpayer bail-out.
44. The 2014 Deposit Guarantee Scheme Directive (DGSD) is intended to harmonize deposit protection across the European Economic Area (EEA), and to ensure that robust, well-functioning schemes are in place. This will promote depositor confidence and support financial stability. It harmonizes deposit protection at EUR 100,000 per depositor per bank and also mandates protection for temporary high balances (e.g., during the sale or purchase of a house, or following a large insurance payment into a bank account). It requires MSs to ensure that ex ante funding equivalent to 0.8 percent of covered deposits is available. As it is intended to improve deposit protection and financial stability, and since a deposit guarantee scheme can be used in resolution, there is substantial interaction with the BRRD.
45. Total assets in the U.K. banking sector were almost 400 percent of nominal GDP in 2014, excluding derivative exposures and foreign assets and liabilities of foreign branches. There are over 900 banks, building societies and credit unions supervised by the PRA.7 Within the total of 900 there are 150 deposit-taking foreign branches and 98 deposit-taking foreign subsidiaries in the United Kingdom from 56 different countries. Foreign banks constitute around half of U.K. banking sector assets on a residency basis, with the combined assets of the largest ten foreign subsidiaries in the United Kingdom (including their non deposit-taking entities) totaling around GBP 2.75 trillion. Foreign branches account for around 30 percent of total U.K.-resident banking assets and around a third of U.K. interbank lending. Nearly a fifth of global banking activity is booked in the United Kingdom, and U.K.-resident banks’ foreign assets and liabilities account for over 350 percent of U.K. GDP.
46. Financial services is the United Kingdom’s most successful export industry, contributing a trade surplus of over GBP 59 billion in 2013 according to the Office for National Statistics (ONS). The United Kingdom is the most international banking centre in the world; foreign branches account for around 30 percent of total U.K.-resident banking assets.
47. The financial services industry employs over a million people across the length and breadth of the country. A million more are employed in complementary professional services. Two thirds of those two million jobs are outside London.
48. The U.K. financial sector has been hit, in the past years, by episodes of wrongdoing at major firms that gave rise to investigations, also under criminal laws, and that have seen several systemic banks subject to important fines.
49. Major U.K. banks have continued to improve capital and funding positions. They reported an average CET1 position above 12 percent and an aggregate leverage ratio over 4.7 percent at end–September 2015. In November 2012, the FPC recommended that the FSA “takes action to ensure that the capital of U.K. banks and building societies reflects a proper valuation of their assets, a realistic assessment of future conduct costs and prudent calculation of risk weights.” The FPC also recommended that “where such action reveals that capital buffers need to be strengthened to absorb losses and sustain credit availability in the event of stress, the FSA should ensure that firms either raise capital or take steps to restructure their business and balance sheets in ways that do not hinder lending to the real economy.” In March 2013, the FPC judged that the immediate objective should be to achieve a CET1 ratio, based on Basel III definitions and after the required adjustments, of at least 7 percent of risk-weighted assets (RWA) by end 2013. The improved capital position of banks also reflects, in part, the actions taken in response to the 2014 stress test of the major U.K. banks that captured some of the main risks judged by the FPC to be facing the system.
50. Stress tests are used primarily to assess the amount of capital that a bank might require in the event of an adverse shock. A critical precondition to make that assessment is that banks’ reported capital positions are stated accurately. AQRs help ensure this, both in terms of capital resources and capital requirements.
51. As a result of the interventions during the 2008–9 financial crisis, the government also has holdings in the Royal Bank of Scotland (RBS) and the Lloyds Banking Group. Disposals have begun, and at the end of August 2015 government holdings stood at just under 13 percent ownership in Lloyds, and 73 percent in RBS.
C. Preconditions for Effective Banking Supervision
Macroeconomic policies
52. The Government’s economic policy objective is to achieve strong, sustainable and balanced growth that is more evenly shared across the country and between industries. This objective recognizes that over a number of years preceding the financial crisis, economic growth in the U.K. was driven by unsustainable levels of private sector debt and rising public sector debt. This pattern of unbalanced growth and excessive debt helped to create exceptional economic challenges in the United Kingdom.
53. The BoE’s monetary policy objective is to deliver price stability—low inflation—and, subject to that, to support the government’s economic objectives including those for growth and employment. The BoE’s operations in the sterling money markets have two objectives, stemming from its monetary policy and financial stability responsibilities: to implement the MPC’s decisions in order to meet the inflation target (set by the government at 2 percent); and to reduce the cost of disruption to the liquidity and payment services supplied by banks to the U.K. economy.
The Government’s economic strategy consists of four key pillars:
a) monetary activism and credit easing, stimulating demand, maintaining price stability and supporting the flow of credit in the economy;
b) deficit reduction, returning the public finances to a sustainable position and ensuring that sound public finances and fiscal credibility underpin low long-term interest rates;
c) completing the reform of the financial system and improving the regulatory framework to reduce risks to the taxpayer and build the resilience of the system; and
d) a comprehensive package of structural reforms, rebalancing and strengthening the economy for the future, including a package of measures to support businesses to invest and export.
54. The Government’s comprehensive economic strategy is designed to protect the economy, to maintain market confidence in the United Kingdom and to lay the foundations for a stronger, more balanced economy in the future. Continuing to strengthen the financial system, so that it can support the wider economy, is a key element of this strategy.
Financial stability and macroprudential surveillance
55. The FPC was officially established on April 1, 2013.8 The committee is charged with a primary objective of identifying, monitoring and taking action to remove or reduce systemic risks with a view to protecting and enhancing the resilience of the U.K. financial system. The FPC has a secondary objective to support the economic policy of the government. The committee publishes a record of its formal policy meetings, and is responsible for the BoE’s bi-annual Financial Stability Report (FSR).
56. The FPC is a statutory subcommittee of the BoE’s Court. Its members are the governor; three of the deputy governors who are responsible for financial stability, prudential regulation, and monetary policy, respectively; the chief executive of the FCA; the BoE’s executive director for Financial Stability Strategy and Risk (FSSR); four external members appointed by the Chancellor; and a nonvoting member from HMT.
57. The FPC has responsibility for setting the countercyclical capital buffer (CCB) and powers of direction over sectoral capital requirements (SCRs), loan-to-value and debt-to-income limits in respect of owner-occupied lending, and in relation to leverage ratio tools. There is a statutory requirement for the FPC to prepare and maintain a general statement of policy for the powers of Direction it is given under legislation. These describe the tools, the likely impact of using them on financial stability and growth, and the circumstances in which the FPC might expect to use each tool. They also describe the core indicators the FPC will routinely review to help inform its judgments.
Public infrastructure
58. The United Kingdom has reputation for a robust and stable legal system, skilled workforce and fairly well-developed public infrastructure. It ranks high in the World Bank ‘Ease of Doing Business’ classification (6th at international level both in 2015 and 2016), with medium-high score for the strength of its insolvency framework, maximum score for depth of credit information and very high ranking (4th) for the protection of minority investors. Its payment, clearing and settlement systems are well regulated. Basic economic, financial and social statistics are publicly available.
Financial safety nets and crisis management
59. The Financial Services Compensation Scheme (FSCS) is the U.K.’s compensation fund of last resort for customers of authorized financial services firms. It covers business conducted by firms authorized by the PRA and FCA. European firms (authorized by their home state regulator) that operate in the United Kingdom may also be covered. It protects:
Deposits;
Insurance policies;
Insurance broking (for business on or after January 14, 2005), including connected travel insurance where the policy is sold alongside a holiday or other related travel (e.g., by travel firms and holiday providers) (for business on or after January 1, 2009);
Investment business; and
Home finance (for business on or after October 31, 2004).
60. The FSCS is independent of the government and the financial industry, and was set up under the Financial Services and Markets Act (FSMA) 2000, becoming operational on December 1, 2001 (although it still covers claims from before this date). It may pay compensation if a firm is unable, or likely to be unable, to pay claims against it. This is usually because it has stopped trading or has been declared in default. The FSCS does not charge individual consumers for using the service.
61. The key principle of financial crisis management is to make clear who is in charge of what, and when. The BoE and HMT have clear and separate responsibilities. The BoE has primary operational responsibility for financial crisis management. The Chancellor and HMT have sole responsibility for any decision involving public funds. When the BoE has formally notified the Treasury of a material risk to public funds, and either there is a serious threat to financial stability, or public funds are already committed by the Treasury to resolve or reduce such a serious threat and it would be in the public interest to do so, the Chancellor may use powers to direct the BoE.
62. The Financial Crisis Management Memorandum of Understanding (MoU) sets out who is in charge of what and when between HMT and the BoE (including the PRA) in a financial crisis. It has a particular focus on monitoring and managing potential risks to public funds.
63. A core aspect of the PRA’s approach is that it aims at ensuring preparedness for recovery or resolution of a failing firm. The PRA has the authority to set rules and supervisory requirements for financial holding companies (FHCs), mixed financial holding companies (MFHCs), mixed activity FHCs, banks, building societies, and PRA-designated investment firms.
The PRA’s rules require supervised entities to undertake the following:
To be better prepared for future financial stress through credible and robust recovery planning (identification of options to recover financial strength in stress situations);
To provide information (‘resolution packs’) to help the BoE in its role as the resolution authority; and
To ensure the feasibility of bailing-in creditors, in the case of cross-border firms, by adopting contractual recognition of bail-in.
Market discipline
64. In terms of market discipline, an extensive set of institutional investors are active in the United Kingdom, as are major rating agencies and analysts. Well-developed mechanisms support market discipline, including a system of regular disclosure by public companies. Required disclosures for banks have been materially enhanced through the additional annual disclosures based on Pillar 3 of the Basel III global regulatory framework.
65. Some banks make quarterly financial disclosures and some half-yearly. Regular financial statement disclosures related to market risk, liquidity risk and credit concentrations. The FPC of the BoE prepares and publishes a FSR twice per calendar year. The FSR sets out the FPC’s view of the outlook for U.K. financial stability, including its assessment of the resilience of the U.K. financial system and the current main risks to financial stability, and the action it is taking to remove or reduce those risks.
66. Since the financial crisis the United Kingdom has fundamentally reformed its financial sector and has pushed for international reforms to help end too-big-to fail and ensure effective market discipline. As outlined below, the United Kingdom has well established and mature markets which have effective mechanisms for ensuring market discipline.
67. The FRC sets governance guidelines for listed companies with premium listing through the U.K. Corporate Governance Code. High quality corporate governance helps to underpin long-term company performance. The U.K. Corporate Governance Code has been instrumental in spreading best Boardroom practice throughout the listed sector since it was first issued in 1992. It operates on the principle of ‘comply or explain.’ It sets out good practice covering issues such as Board composition and effectiveness, the role of Board committees, risk management, remuneration and relations with shareholders.9
68. In November 2012, the government published its response to the 17 specific recommendations of an independent review of U.K. equity markets.10 In particular, the report reviewed the mechanisms of control and accountability provided by the markets and the behavior of the agents in that process that affect the performance of U.K. businesses. It aimed to ensure that U.K. equity markets continue to benefit both companies and investors.
69. The Panel on Takeovers and Mergers (the “Panel”) is an independent body, established in 1968, whose main functions are to issue and administer the City Code on Takeovers and Mergers (the “Code”) and to supervise and regulate takeovers and other matters to which the Code applies in accordance with the rules set out in the Code. It has been designated as the supervisory authority to carry out certain regulatory functions in relation to takeovers pursuant to the Directive on Takeover Bids (2004/25/EC) (the “Directive”). Its statutory functions are set out in and under Chapter 1 of Part 28 of the Companies Act 2006. The Panel regulates takeover bids and other merger transactions (however effected) for companies which have their registered offices in the United Kingdom, the Channel Islands or the Isle of Man if any of their securities are admitted to trading on a regulated market or multilateral trading facility in the United Kingdom or on any stock exchange in the Channel Islands or the Isle of Man. Its remit also extends to other public companies and certain private companies which are resident in the United Kingdom, the Channel Islands or the Isle of Man. In certain circumstances the panel also shares responsibility for the regulation of an offer with the takeover regulator in another MS of the an EEA (a “MS”) (for example, where the offered company is registered in the United Kingdom and has its securities admitted to trading on a regulated market in another MS but not on a regulated market in the United Kingdom).
70. The Code is designed to ensure that shareholders are treated fairly and are not denied an opportunity to decide on the merits of a takeover and that shareholders of the same class are afforded equivalent treatment by an offeror. The Code also provides an orderly framework within which takeovers are conducted. In addition, it is designed to promote, in conjunction with other regulatory regimes, the integrity of the financial markets. The Code is not concerned with the financial or commercial advantages or disadvantages of a takeover. These are matters for the company and its shareholders.
71. The U.K. Financial Investments (UKFI) was created in November 2008 as part of the U.K.’s response to the financial crisis. It is a Companies Act Company, with HMT as its sole shareholder, and operates at arm’s-length from government. UKFI is responsible for managing the Government’s shareholdings in the RBS Group plc and the Lloyds Banking Group plc.
72. UKFI’s overarching objective is to manage these shareholdings commercially to create and protect value for the taxpayer as shareholder. Its aim is also to devise and execute a strategy for realizing value for the government’s investments in an orderly and active way over time within the context of protecting and creating value for the taxpayer as shareholder, paying due regard to the maintenance of financial stability and acting in a way that promotes competition. UKFI is also responsible for managing the Government’s 100 percent shareholding and loans in U.K. Asset Resolution Limited (“UKAR”) and its subsidiaries.
73. UKAR was formed during 2010 to integrate the activities of Northern Rock (asset management) plc and Bradford & Bingley Plc. UKFI managed the government’s 100 percent shareholding in Northern Rock plc from Northern Rock plc’s formation on January 1, 2010 up to its sale to Virgin Money on January 1, 2012.
Consumer protection
74. One of the FCA’s central responsibilities is to protect consumers from the firms and individuals in the financial industry that may cause them harm. The FCA expects firms to provide customers with appropriate products and services. To ensure consumers are protected and treated fairly, the FCA evaluates firms’ abilities to meet relevant supervisory requirements before they are authorized. The FCA then supervises their activities and prevents those that are not meeting standards from carrying out regulated activities. Where the FCA finds that firms are not following relevant rules, or where it finds that unauthorized firms are doing business in the United Kingdom, it intervenes where appropriate. This can take many forms, such as stepping in to impose penalties, stopping firms from carrying out certain types of business, requiring improvements in controls or management, or securing redress.
75. With respect to retail deposits, the relevant U.K. legislation and FCA rules sets down a conduct regime for banks and other account providers in relation to:
The provision of appropriate information, such as on terms and conditions, before an account is opened;
The ongoing provision or availability of information to customers about the activity on the account, such as through regular statements, as well as changes to terms and conditions such as notifications when the rate of interest applied to the balance on the account changes;
The making and receipt of payments on the account, and the related protections against issues such as unauthorized transactions;
Deposit protection; and
The provision of overdrafts.
76. In 2013, the government launched the ‘Current Account Switch Service.’ It lets consumers safely and reliably switches their accounts between banks in seven days, with a guarantee that they will be fully protected against any financial loss during the transfer.
Detailed Assessment
77. Compliance of each principle will be made based on the following four-grade scale: compliant, largely compliant, materially noncompliant, and noncompliant. A “not applicable” grading can be used under certain circumstances.
Compliant: a country will be considered compliant with a Principle when all essential criteria applicable for this country are met without any significant deficiencies.11 There may be instances, of course, where a country can demonstrate that the Principle has been achieved by other means. Conversely, due to the specific conditions in individual countries, the essential criteria may not always be sufficient to achieve the objective of the Principle, and therefore other measures may also be needed in order for the aspect of banking supervision addressed by the Principle to be considered effective.
Largely compliant: A country will be considered largely compliant with a Principle whenever only minor shortcomings are observed that do not raise any concerns about the authority’s ability and clear intent to achieve full compliance with the Principle within a prescribed period of time. The assessment “largely compliant” can be used when the system does not meet all essential criteria, but the overall effectiveness is sufficiently good, and no material risks are left unaddressed.
Materially noncompliant: A country will be considered materially non-compliant with a Principle whenever there are severe shortcomings, despite the existence of formal rules, regulations, and procedures, and there is evidence that supervision has clearly not been effective, that practical implementation is weak, or that the shortcomings are sufficient to raise doubts about the authority’s ability to achieve compliance. It is acknowledged that the “gap” between “largely compliant” and “materially non-compliant” is wide, and that the choice may be difficult. On the other hand, the intention has been to force the assessors to make a clear statement.
Noncompliant: A country will be considered non-compliant with a Principle whenever there has been no substantive implementation of the Principle, several essential criteria are not complied with, or supervision is manifestly ineffective.
A. Supervisory Powers, Responsibilities, and Functions
| Principle 1 | Responsibilities, objectives, and powers. An effective system of banking supervision has clear responsibilities and objectives for each authority involved in the supervision of banks and banking groups.12 A suitable legal framework for banking supervision is in place to provide each responsible authority with the necessary legal powers to authorize banks, conduct ongoing supervision, address compliance with laws and undertake timely corrective actions to address safety and soundness concerns.13 |
| Essential criteria | |
| EC 1 | The responsibilities and objectives of each of the authorities involved in banking supervision14 are clearly defined in legislation and publicly disclosed. Where more than one authority is responsible for supervising the banking system, a credible and publicly available framework is in place to avoid regulatory and supervisory gaps. |
| Description and findings re EC 1 | The CRD requires MSs to ensure that National Competent Authorities (NCAs) assess compliance with CRD and CRR (Arts. 4–7), and that such function is separate and independent from the functions relating to resolution (Art. 4). Art. 5 requires MSs to coordinate internally if there are more than one NCA, and Art. 6 requires MSs that NCAs cooperate within the European System of Financial Supervision (ESFS) and European Systemic Risk Board (ESRB). The PRA and FCA are the NCAs for the United Kingdom. They have responsibility for the supervision of banks, the PRA for prudential matters and the FCA for conduct matters. The PRA supervises around 1,700 firms and groups, including over 900 deposit-takers (banks, building societies and credit unions) and nearly 700 insurers of all sizes (general insurers, life insurers, friendly societies, and mutuals).15 The FCA is the conduct supervisor for approximately 56,000 firms across all industry sectors (including all deposit-takers) and the prudential supervisor for approximately 24,000 firms not regulated by the PRA, including a large number of investment firms subject to the CRD. The responsibilities and objectives of the PRA and FCA are set out in the FSMA 2000, which is public (http://www.legislation.gov.uk/ukpga/2000/8/contents). In discharging its general functions, the PRA is required to act so far as reasonably possible in a way which advances its general objective of promoting the safety and soundness of PRAauthorized persons (S2B FSMA).16 This general objective is to be advanced primarily by: (i) seeking to ensure that the business of PRA-authorized persons is carried on in a way which avoids any adverse effect on the stability of the U.K. financial system; and (ii) seeking to minimize the adverse effect that the failure of a PRA-authorized person could be expected to have on the stability of the U.K. financial system. The emphasis on bank failures in terms of their impact on financial stability supports the PRA’s ‘no zero-failure’ policy (i.e., that it is not the PRA’s role to ensure that no firm fails, which is also explicitly stated in S2G FSMA),17 and helps to understand the PRA’s apparent degree of risk appetite and consequent supervisory approach. In its public discourse the PRA often uses the term ‘risk appetite’ (e.g., in the programmatic document on its approach to banking supervision), even though there is not a defined and articulated process leading to a clear identification of the PRA’s risk appetite and of its implications at executive level. As announced in the 2015 annual report (p. 21), the PRA is reviewing its Target Operational Model, risk appetite, oversight and mitigation. PRA’s general safety and soundness objective is expressed also through the Fundamental Rules, contained in the PRA Rulebook. They set PRA’s general expectations with respect to banks’ conduct, adequacy of financial resources, risk strategy and risk management, organization and control, openness and cooperation with the PRA, preparedness to resolution. The PRA also has a secondary competition objective. This requires that when discharging its general functions in a way that advances its objectives, the PRA acts in a way that facilitates effective competition in the markets for services provided by PRA authorized persons. In discharging its general functions, the FCA is required to act in a way that is compatible with its strategic objective and advances one or more of its operational objectives (S1B FSMA). The FCA’s strategic objective is to ensure that the relevant markets function well. The FCA’s operational objectives are:
In discharging its general functions, the FCA and PRA are also required to have regard to the regulatory principles specified in FSMA S3B, which include:
Much of the detail involved in the PRA’s and FCA’s execution of their responsibilities is included in secondary legislation and regulators’ rules, including the PRA and FCA Handbooks of Rules and Guidance and the Regulated Activities Order (SI 20001/544). This Order sets out the specific activities which firms must receive PRA or FCA permission to carry on. The FSMA establishes a number of coordination mechanisms for the PRA and FCA (see EC 3). There are also specific requirements in FSMA as to how the PRA and FCA will coordinate regulatory processes where both authorities are involved, such as rulemaking and enforcement. This ensures that both authorities have appropriate input into the process. Examples of hard requirements for cooperation include the duty to consult on rules (S138I and S138J of FSMA), imposition of a requirement by either regulator (S55L and S55M of FSMA), and the definition of “appropriate regulator” for enforcement purposes (S204A of FSMA). On April 1, 2013, the FPC was established on a statutory basis as the United Kingdom’s macroprudential authority, following two years of operating on an interim basis. The FPC has a primary objective to contribute to the achievement of the BoE’s financial stability objective “to protect and enhance the stability of the financial system of the United Kingdom.” The law gives the FPC two main types of power: first, it can make Recommendations, on a comply or explain basis, to the microprudential regulators (the PRA and the FCA) to take measures to mitigate risks in relation to any aspect of their regulated entities (but not focused on a specified individual entity).19 The other set of powers that the FPC has is to give directions to the PRA and FCA to deploy specific macroprudential tools prescribed by HMT. The FPC can currently direct the PRA to use: the CCB, which allows the FPC to change capital requirements above normal microprudential standards in relation to all loans and exposures of banks to borrowers in the United Kingdom; the SCR, which are more targeted and allow the FPC to change capital requirements on exposures to three specific sectors judged to pose a risk to the system as a whole: residential property (including mortgages), commercial property and other parts of the financial sector; the limits on residential mortgage lending, both owner-occupied and buy-to-let, in terms of loan-to-value ratios and/or debt-to-income ratios (including interest coverage ratios in respect of buy-to-let lending). The BoE is the United Kingdom’s resolution authority for banks, building societies, central counterparties and certain investment firms. The BoE and the relevant prudential supervisor will make the decision to put a firm into the resolution regime, having consulted HMT. The Banking Act clearly sets out the roles and powers of the respective authorities. HMT (as part of the U.K. government) is responsible for proposing any amendments to FSMA, which must be passed by parliament before they can become law. The statutory framework recognizes the importance of there being a credible and publicly available framework in place to avoid regulatory and supervisory gaps. In the banking regulatory framework of the EU, the EBA is a competent authority for the purposes of functioning of colleges of supervisors, whilst not bearing any supervisory responsibilities. The European Commission is in charge of regulatory matters for the whole EU, but has no supervisory powers. |
| EC 2 | The primary objective of banking supervision is to promote the safety and soundness of banks and the banking system. If the banking supervisor is assigned broader responsibilities, these are subordinate to the primary objective and do not conflict with it. |
| Description and findings re EC 2 | In discharging its functions, the PRA, as the prudential supervisor for all deposit-takers, is assigned the primary objective of promoting the safety and soundness of PRA-authorized persons (S2B FSMA). The PRA also has a secondary competition objective, which does not conflict or override the primary objective. This requires that when discharging its general functions in a way that advances its objectives, the PRA acts so far as reasonably possible in a way that facilitates effective competition in the markets for services provided by PRA authorized persons. |
| EC 3 | Laws and regulations provide a framework for the supervisor to set and enforce minimum prudential standards for banks and banking groups. The supervisor has the power to increase the prudential requirements for individual banks and banking groups based on their risk profile 20 and systemic importance.21 |
| Description and findings re EC 3 | In the United Kingdom, banks are required to meet the Threshold Conditions set by FSMA (Schedule 6) and comply with rules made by the PRA and FCA, in order to be authorized and to continue to be authorized. The Threshold Conditions include, in particular, the obligation to have adequate financial resources. While they are not requirements directly applying to firms in the same way that rules do (i.e., a failure to meet Threshold Conditions cannot be used as a basis for fining a firm), the Threshold Conditions impose requirements on the regulator in relation to the authorization and on-going supervision of the firm, giving them power to act and forming the basis of the trigger for resolution of a bank. The PRA routinely sets Pillar 2A capital for credit, market, counterparty and operational risks where Pillar 1 capital requirements are found to underestimate risk. The PRA also sets Pillar 2A capital for IRRBB, credit concentration risk and pension obligation risk, which are not captured under the Pillar 1 regime. It may also set capital for other risks depending on their materiality to the firm.22 The sum of Pillar 1 and Pillar 2A requirements represent the individual capital guidance (ICG), i.e., the amount of capital a bank should hold at all times; the PRA expects banks to meet Pillar 2A with at least 56 percent of CET1 and no more than 25 percent of Tier 2 Capital, i.e., reflecting the composition of Pillar 1 capital. Firms may be expected to hold additional Pillar 2B capital (PRA buffer) to ensure that they continue to meet minimum capital requirements during a stressed period (as estimated under either the concurrent stress test (CST),23 for the largest banks, or own stress tests, for the remaining ones). Where the PRA assesses a firm’s risk-management and governance (RM&G) to be significantly weak, it may also set the PRA buffer to cover the risks posed by those weaknesses until they are addressed. Another component of the PRA buffer is meant to cover losses that may arise under a severe stress scenario and is informed by the results of stress test exercises (either the CST, for the largest banks, or own stress tests, for the remaining ones). In addition, the PRA can take into account other factors when carrying out the buffer assessment, including a bank’s systemic importance. Given the potential overlap between the risks covered by the PRA buffer and those addressed by the capital conservation and systemic buffers set forth by CRD, the PRA buffer is generally set as the excess—if any—over and above the CRD buffers. Both the PRA and FCA also have the power to alter or revoke rules, and to modify or waive rules in particular cases (FSMA S138A). Where the PRA or FCA proposes to make rules, it must publish a draft of the proposed rules in the way appearing to it to be best calculated to bring them to the attention of the public. The draft rules must be accompanied by a cost-benefit analysis; an explanation of the purpose of the rules; an explanation of the reasons why they believe that making the proposed rules is compatible with its general duties under FSMA; and a notice that representations may be made about the proposals within a specified time (S138I of FSMA). The PRA and FCA have strong enforcement powers, including the power to issue unlimited financial penalties and publicly censure firms and individuals. The regulators’ enforcement powers are set out in S66 FSMA (in relation to individuals) and in Part XIV FSMA (S205 and S206) (in relation to firms). If the PRA identifies any breach of the PRA’s rules, it could take steps to enforce against the firm which is in breach. There are a wide variety of enforcement powers available to the PRA and the fines that can be imposed are substantial (see EC 6 for further explanation). |
| EC 4 | Banking laws, regulations, and prudential standards are updated as necessary to ensure that they remain effective and relevant to changing industry and regulatory practices. These are subject to public consultation, as appropriate. |
| Description and findings re EC 4 | The current CRD/CRR framework, adopted in 2013, represents the third reincarnation of the CRD originally issued in 2006, then modified and issued as CRD II in 2009 and updated again in 2010 (CRD III) each time following a public consultation process. EBA technical standards and guidelines are also subject to formal public consultations. The PRA and FCA update their rules and their guidance on a regular basis to take account of market changes.24 Updates are also made as and when necessary to implement new EU rules in the form of Directives. However, significant portions of the prudential framework for U.K. banks is directly applied under EU Regulations (the CRR), which are made and amended by the European authorities and are not implemented through PRA rules. Where either regulator proposes to make rules, it must publish a draft of the proposed rules in the way appearing to it to be best calculated to bring them to the attention of the public. The draft rules must be accompanied by a cost-benefit analysis; an explanation of the purpose of the rules; an explanation of the reasons why making the proposed rules is compatible with the regulator’s general duties under FSMA; and a notice that representations may be made about the proposals within a specified time (S138I FSMA). This affords the industry and others an opportunity to comment on proposed rule changes before they are made. |
| EC 5 | The supervisor has the power to:
|
| Description and findings re EC 5 | CRD Art. 65 requires MSs to provide NCAs to have information gathering and investigatory powers for the exercise of their functions. Art. 97 expects NCAs to have the ability to conduct supervisory review and evaluation to comply with CRD and CRR. The PRA and FCA have full access to a bank’s Board, management, staff and records by virtue of their powers to gather information under S165 of FSMA and to appoint persons to conduct investigations under S167 and S170 of FSMA. PRA Fundamental Rule 7 requires a firm to deal with its regulators in an open and cooperative way and to disclose to the PRA appropriately anything relating to the firm of which the PRA would reasonably expect notice. Failure to provide information required by either regulator in an investigation without reasonable excuse can be punished by the court in the same way as being in contempt of court. Knowingly providing materially false or misleading information to the PRA constitutes a criminal offence. Furthermore, destroying, concealing, falsifying or otherwise disposing of a document which is or may be relevant for an investigation will constitute a criminal offence where a person was aware or suspected that the regulators were likely to conduct any such investigation (S177 and S398 FSMA). The PRA and FCA may apply for a warrant to enter into the premises of a bank and obtain documents or information of a specified kind, where they suspect that a requirement to provide information is not being complied with or the documents or information would be removed, tampered or destroyed if such a requirement were imposed (S176 of FSMA). Any person who intentionally obstructs the exercise of any rights conferred by a warrant will be guilty of an offence. These powers can be exercised by the PRA in relation to U.K. incorporated firms (including U.K. subsidiaries of overseas firms) as well as in relation to U.K. branches of overseas firms (in the case of an EEA firm, in line with the allocation of responsibilities between the home and host supervisor under European law). In principle, the investigatory powers can be used in other jurisdictions, although the ability to enforce them in other jurisdictions may be limited by overseas legal requirements. However, a failure to cooperate with such an inspection may involve a breach by a firm of PRA Fundamental Rule 7, which requires firms to deal with regulators in an open and cooperative manner and may call into question the firm’s compliance with the Threshold Conditions for authorization. |
| EC 6 | When, in a supervisor’s judgment, a bank is not complying with laws or regulations, or it is or is likely to be engaging in unsafe or unsound practices or actions that have the potential to jeopardize the bank or the banking system, the supervisor has the power to:
|
| Description and findings re EC 6 | CRD provides a common framework where NCAs are expected to have the power to withdraw the authorization granted to a credit institution (Art. 18), to impose penalties (Art. 64), to require an institution to take corrective actions (Art. 102), and for the NCAs to require corrective actions (Art. 104). The EU framework for resolution is established in the BRRD. The PRA and FCA have powers under FSMA to take action against banks that do not comply with the requirements set out in FSMA, the secondary legislation under FSMA, and in their rules. Corrective action and revocation of license: In cases where the bank is failing or likely to fail to satisfy Threshold Conditions (including the requirement to conduct business in a prudent manner, considering the effect that carrying on such a business or the bank failing can have on the stability of the U.K. financial system), the regulators may change the bank’s permission on their own initiative under S55J of FSMA (own initiative variation of permission (OIVOP)). They may also exercise this power to meet any of their regulatory objectives. An OIVOP may include withdrawing a bank’s authorization, and limiting its ability to accept deposits. In addition the FCA or the PRA may impose requirements on banks, including a requirement to do or not do a specified action (S55L and S55M of FSMA). Imposition of sanctions: Where a bank has contravened a requirement imposed on it by or under FSMA, the PRA or FCA may take disciplinary actions under Part XIV of FSMA which may include:
The BoE is the designated resolution authority for the United Kingdom. There are two key conditions that must be met before a firm can be put into resolution. The first condition is that the firm must be failing, or likely to fail. This assessment is made by the prudential supervisor (the PRA, or the FCA for those firms regulated solely by the FCA), having consulted the BoE as resolution authority. The second condition is that it must not be reasonably likely that action will be taken—outside resolution—that will result in the firm no longer failing or likely to fail. This assessment is made by the BoE as resolution authority, having consulted the PRA or FCA, and HMT. |
| EC 7 | The supervisor has the power to review the activities of parent companies and of companies affiliated with parent companies to determine their impact on the safety and soundness of the bank and the banking group. |
| Description and findings re EC 7 | The CRD (Art. 4) requires MSs to empower their NCAs to monitor the activities and obtain the information needed from FHCs and MFHCs. It also provides a legal framework to conduct consolidated supervision (Arts. 111–127). The PRA supervises large complex groups on a consolidated basis, even where the holding company is technically not a regulated legal entity. Where parent companies and their affiliates are ‘credit institutions’ or ‘investment firms’ (as defined in Art. 4 of CRR), they are supervised under the CRD and required to comply with general prudential requirements specified in the CRD/CRR. Parent companies that are holding companies fall outside of the scope of the CRR. The Financial Services Act 2012 gave the PRA and the FCA two new powers over ‘qualifying parent undertakings,’ i.e., U.K.-based parent companies of U.K.-authorized entities, which are not themselves authorized entities (see FSMA S192B and S192C). These powers are: (i) a power to give directions to individual qualifying parent undertakings, requiring them to take specific actions or to refrain from taking specific actions; and (ii) a power to make rules requiring qualifying parent undertakings to provide to either regulator information or documents of a specified description. Both regulators have issued policy statements on use of the power to issue directions over qualifying parent undertakings. The PRA’s power of direction over qualifying parent undertakings can be used by the PRA to require qualifying parent undertakings to provide information/documents in respect of activities of companies affiliated with such parent undertaking. The PRA’s specific rule making power could be used to impose rules requiring all qualifying parent undertakings to provide specified information to the PRA on the request of the PRA. This could be for the purpose of obtaining information from the qualifying parent undertaking in respect of affiliated companies to determine the impact of such companies on the safety and soundness of the relevant PRA authorized bank or the banking group. However, to obtain information on companies affiliated with the banking group, the PRA may also choose to use its information gathering powers over the PRA authorized entity. These rules require the PRA authorized entity to permit the PRA to have access to any document that the PRA reasonably requests (Rule 4.1 of the Information Gathering Part of the PRA Rulebook). |
| Assessment of Principle 1 | Compliant |
| Comments | The new financial regulatory architecture introduced by the Financial Services Act 2012 has formally separated the prudential and conduct supervision functions on deposit-takers, assigning the former to the PRA and the latter to the FCA. This somehow addresses one of the main concerns raised by the previous FSAP mission, i.e., an unclear and ultimately unbalanced allocation of effort and resources between the two macro-objectives, with the prudential one eventually crowded out by an increasing emphasis on conduct issues. The Act provides greater clarity by dividing these mandates and assigning them to two separate agencies, each one subject to specific accountability requirements; it is less clear whether it also addresses in a substantial way the unbalanced allocation of resources (see CP 2). The 2012 law also reformulates the two agencies’ objectives, assigning to the PRA a primary objective and defining it more clearly than it was the case for the FSA: while the FSA was tasked with four statutory objectives (market confidence, consumer protection, reduction of financial crime, and—from 2010—financial stability), with no guidance on how to deal with the trade-offs among them and no explicit mention of the safety and soundness of banks, the PRA has, as its primary objective, that of promoting the safety and soundness of PRA-authorized persons. It also has to act in a way that facilitates effective competition in the markets for services provided by PRA authorized persons. This represents a secondary objective: while the PRA must consider the effect on competition when exercising its general functions in areas such as rule making, general policy, and Supervisory Statements (SS) and codes, in any circumstance in which there is a conflict between the promotion of competition and the PRA’s primary objective, the action that promotes the primary objective will have to take precedence. The FSA had also set for itself a number of principles related to good regulation that it had committed to ‘have regard to’ when discharging its functions. Among them: the international character of financial services and markets and the desirability of maintaining the competitive position of the United Kingdom; and the need to minimize the adverse effects on competition that may arise from anything done in the discharge of its functions. These were also rightly cited in the previous FSAP as elements likely to weaken the supervisor’s focus on prudential issues.25 The PRA objective function is formulated exclusively in terms of statutory objectives and is accompanied by a more narrative document (‘The PRA’s Approach to Banking Supervision,’ April 2014), which reconfirms the hierarchy of its primary and secondary objectives and describes how it has organized itself to achieve them. The law also states that the PRA’s general objective is to be advanced by seeking to minimize the adverse effect that the failure of a PRA-authorized person could be expected to have on the stability of the U.K. financial system and clarifies that the PRA is not expected to ensure that no PRA-authorized person fails: this helps to understand the PRA’s apparent degree of risk appetite and its supervisory approach (see CP 8), which entails a relevant allocation of resources to the supervision of the largest, systemic banks, at the price of a significantly less intense and intrusive approach on the medium and small banks. While the prioritization adopted by the PRA makes sense from a financial stability perspective, it may raise concerns regarding reputational risk for the supervisor: as the recent financial history in the U.K. has demonstrated, a failure doesn’t need to concern a systemic bank for the trust of general public in the banking system to be undermined. Nor a supervisor can necessarily afford the risk of being perceived, ex-post, as having not been sufficiently intrusive—and, ultimately, effective—in the case of failure by a less-than-systemically important bank, even absent any relevant consequence for financial stability. The disruption to financial services and the losses on non-insured deposits caused, for example, by the failure of a mid-size regional bank could affect enough customers to garner public scrutiny and potentially discredit the supervisor’s reputation and credibility, should the intensity of its previous supervisory action be perceived as insufficient. Further considerations on the PRA resourcing are presented in CP 2. The FCA has a strategic objective (good functioning of financial markets) and three operational objectives that do not appear to conflict with or override the main one: securing an appropriate degree of protection for consumers; protecting and enhancing the integrity of the financial system; and promoting effective competition in the interests of consumers. Since April 2013 the FPC operates as the United Kingdom’s macroprudential authority, with the primary objective of contributing to protect and enhance the stability of the U.K. financial system. The law gives the FPC the power to make recommendations to the PRA and the FCA to take measures to mitigate risks in relation to any aspect of their regulated entities (but not focused on a specified individual entity) and to give directions to the PRA and FCA to deploy specific macroprudential tools prescribed by HMT (like the CCB, the SCR, and the limits on residential mortgage lending in terms of loan-to-value ratios and debt-to-income ratios). The experience with the deployment of macroprudential tools by the PRA/FCA under the direction of FPC is still recent and immature: the countercyclical and sectoral buffers have not been activated yet, while limits on residential mortgages have been applied in a limited form (the PRA and the FCA were required to ensure that mortgage lenders limit the proportion of mortgages at loan to income multiples of 4.5 and above to no more than 15 percent of their new mortgages). There is then limited evidence, until now, about either the effectiveness of the tools in achieving their aim or the operational burden imposed on the microprudential regulators by the enactment of the macroprudential measures: at this stage it seems that cooperation, especially between the BoE and the PRA, is favoring the dialogue between specialists and, ultimately, the deployment of the potential synergies stemming from having both the macro and micro dimensions of prudential supervision under a single roof (‘one bank’). The ‘trade’ of resources between the two sides also appears as fairly balanced, so far: the financial stability experts of the BoE contribute with their view of the macroeconomic and macrofinancial situation, while the specialists and supervisors from the PRA provide their more on-the-ground expertise and active collaboration (e.g., in running the CSTs). The concern, expressed by the previous FSAP, that “the new macroprudential overlay [might] divert resources from effective core supervision” does not seem to have materialized, so far. But this statement needs to be reassessed dynamically: the CST is already absorbing a significant amount of time, energy, and resources, and its further evolution, if not accompanied by an accurate program in terms of recruiting, staff retention, and training, might end up exacting an excessive toll on the micro side of prudential supervision. The powers over parent undertakings, assigned to the PRA and the FCA in 2012, appear as broadly adequate to allow the two authorities to assess the impact of non-regulated parent and affiliated companies on banks, though they would not allow them to exercise on such entities the same powers they have on regulated entities: for example, the APR and, from March 2016, the SMR would not apply to the directors of a non-financial holding—unless, of course, they also have directive/managerial roles in the controlled regulated entity. However, the new powers look broad enough and, when coupled with the extensive powers of requesting information to regulated entities that the PRA and FCA already had, they should allow them to obtain the information needed to assess the impact that parent companies (and, through them, affiliated companies) can have on the safety and soundness of a bank or banking group. |
| Principle 2 | Independence, accountability, resourcing and legal protection for supervisors. The supervisor possesses operational independence, transparent processes, sound governance, budgetary processes that do not undermine autonomy and adequate resources, and is accountable for the discharge of its duties and use of its resources. The legal framework for banking supervision includes legal protection for the supervisor. |
| Essential criteria | |
| EC 1 | The operational independence, accountability and governance of the supervisor are prescribed in legislation and publicly disclosed. There is no government or industry interference that compromises the operational independence of the supervisor. The supervisor has full discretion to take any supervisory actions or decisions on banks and banking groups under its supervision. |
| Description and findings re EC 1 | The independence of the PRA and FCA, the supporting governance and accountability arrangements are set out in statute (the FSMA 2000), and in the articles of association of each body which are publicly disclosed (see also EC 3). The PRA is established as a company limited by shares with the BoE as the sole shareholder. The majority of its Board members are, by law, independent nonexecutives. The Court of the BoE (which is its governing body) approves the PRA’s budget. The FCA, established as a private company, has operational independence in conducting its activities, notwithstanding its ultimate accountability for performance of its statutory objectives to the government and parliament. Both the FCA and PRA are financed by fees they are directly empowered to levy on industry by statute, subject to consultation, and neither body is subject to budgetary control by central government. The PRA is required to publish this budget and any variation, and is responsible for annual reporting. The government has no involvement in the day to day operation of the regulators and has only very limited powers of direction in circumstances specified in legislation. Briefly, HMT may direct the regulators as follows:
The last point, in particular, refers to the new powers of investigation brought in through the Financial Services Act 2012. Under this Act, the FCA, and PRA are required to investigate and make a report to the Treasury, to be laid before parliament, where there has been a serious failure in the system of financial regulation, or in the operation of that system, and certain conditions as set out in legislation are met. The Act also provides the Treasury with the power to direct either the FCA or PRA that conditions for an investigation appear to have been met if, for example, it disagrees with the regulators assessment. It is also possible for the Treasury to direct either regulator to carry out an investigation solely on the grounds it believes it would be in the public interest, and there has been (and is) no investigation by the regulators into the event in question. The Treasury has announced the intention to use this power only once to date, in November 2013, by ordering an independent investigation into the events at the Co-op BoE and the circumstances surrounding them. However, as the FCA and PRA also announced the intention to launch formal enforcement investigations on the case, the Treasury clarified that “The independent investigation under the Financial Services Act will therefore not start until it is clear it will not prejudice any actions the relevant authorities may take, including the potential FCA and PRA enforcement investigations.” The PRA has concluded its enforcement action against two former senior Co-op BoE employees but, at the time of the assessment, the FCA made it clear that they were not at the stage where it was clear that there would be no such prejudice. Consequently, no HMT investigation had started yet. The nature of the legal provision and the evidence drawn from the only case when it was applied lead to interpret it as an instrument for ex-post accountability in cases of potential regulatory failure, rather than as a potential source of ex-ante interference in supervisory action. |
| EC 2 | The process for the appointment and removal of the head(s) of the supervisory authority and members of its governing body is transparent. The head(s) of the supervisory authority is (are) appointed for a minimum term and is removed from office during his/her term only for reasons specified in law or if (s)he is not physically or mentally capable of carrying out the role or has been found guilty of misconduct. The reason(s) for removal is publicly disclosed. |
| Description and findings re EC 2 | Schedule 1ZB of FSMA includes the requirement for the BoE’s Governor to be Chair of the PRA and the Deputy Governor for Prudential Regulation to be Chief Executive of the PRA. Both the governor and deputy governor for Prudential Regulation are appointed by the Queen under Section 1(2) of the BoE Act 1998, on the recommendation of the Prime Minister and Chancellor. The governor and deputy governors for Prudential Regulation and Financial Stability are members of the PRA Board ex officio. They can be removed from office by the BoE, with the consent of the Chancellor of the Exchequer, if considered unable or unfit to discharge their functions as members. All appointed members of the PRA Board must be appointed by the court of directors of the BoE with the approval of HMT para. 6 of Schedule 1ZB FSMA). The grounds for removal of an appointed member are set out in FSMA (para. 14 of Schedule 1ZB) and include the grounds of incapacity or serious misconduct and significant conflicts of interest. Schedule 1ZA of FSMA includes details of the FCA’s constitution; this includes a requirement (para. 2 of Schedule 1ZA) that the chairman and other members of the FCA’s governing body must be appointed, and be liable to removal from office, by the Treasury (two members are required to be jointly appointed by the Treasury and the Secretary of State). The requirements include provision detailing the circumstances in which the Treasury may remove the chairman or other members from office (para. 4 Schedule 1ZA). As for the PRA, these include the grounds of incapacity or serious misconduct, and significant conflicts of interest. From April 1, 2013, the Treasury appoints the Chairman of the FCA for a minimum term of five years and the CEO for a minimum term of three years. According to the BoE Act, the Chair of the PRA (BoE Governor) is appointed by the Queen for a term of eight years (though the current governor has indicated he intends to serve for five years). The CEO of the PRA is appointed by the Queen for a term of five years from April 1, 2013. There are no legal provisions requiring that the reason(s) for removal of the head(s) of the supervisory authorities be disclosed. Appointed members of the Boards of both organizations are generally appointed for a standard minimum term of three years. In some cases initial appointments have been for less than three years to stagger changes in the nonexecutive membership. |
| EC 3 | The supervisor publishes its objectives and is accountable through a transparent framework for the discharge of its duties in relation to those objectives.26 |
| Description and findings re EC 3 | The PRA and FCA objectives are set out in the legislation as summarized in EC 3 of Principle 1. The PRA’s approach to supervision is published. The PRA is accountable under FSMA for its performance against its statutory objectives through the power, assigned to HMT, to appoint an independent person to review the economy, efficiency and effectiveness with which the PRA has used its resources in discharging its functions (S2O). This power had never been used by the Treasury at the time of the assessment. HMT can also require the PRA to undertake an investigation into any “relevant events,” where HMT considers it to be in the public interest and the PRA has not undertaken, or is not undertaking, an investigation already (S77 of the Financial Services Act 2012). As said in EC 1, an investigation of this kind has been announced and immediately suspended to wait for the outcome of investigations to be conducted by the PRA and FCA. FSMA also requires that the PRA:
The FCA is accountable under FSMA for its performance against its statutory objectives through a separate but similar structure:
In addition, the Treasury Select Committee of the house of commons, from time-to-time considers the performance of the PRA and FCA in carrying out their functions under FSMA, and requires the senior executives of the PRA and FCA to appear before it. Lastly, the recipients of PRA and FCA decisions may challenge those decisions before the Upper Tribunal, where this is expressly stated by FSMA or, otherwise, via judicial review. |
| EC 4 | The supervisor has effective internal governance and communication processes that enable supervisory decisions to be taken at a level appropriate to the significance of the issue and timely decisions to be taken in the case of an emergency. The governing body is structured to avoid any real or perceived conflicts of interest. |
| Description and findings re EC 4 | The PRA’s supervisory internal governance is operated through the PRA Regulatory Decision Making Framework Guide. The guide provides all staff with information on all relevant processes and provides clear guidance on how to take decisions at a level appropriate to the significance of the issue. When the guide is updated this is communicated to all staff. The PRA has a dedicated Secretariat which supports and manages PRA’s internal governance and its associated committees. The Secretariat works with the entire business to schedule decisions in a timely manner within a centralized forward agenda and for pre-scheduled meetings. If there is a need for decisions to be taken in an emergency then the Secretariat have procedures in place to arrange ad-hoc meetings or, if appropriate, decisions can be made considered by written procedure. The PRA Board reserves to itself certain decisions, including supervisory decisions in relation to the largest and most systemically significant firms but delegates other decisions to the CEO of the PRA; in practice he is advised in relation to these decisions by the Supervision, Risk and Policy Committee. Details of these delegations are set out in “Delegations and Matters Reserved to the Board” which is published on the BoE website. The PRA policy on conflict of interest of the “appointed members” of the PRA Board is public. At the FCA there is a process for escalation of supervisory decisions in place and the criteria around decisions for escalation are set out and available to all Supervisors. There is a framework in place for business as usual (BAU) supervisory decisions such as sign-off of the Firm Evaluation (which sets out the supervisory approach for the coming regulatory period); Interim Review, Deep Dives findings letters, Risk Mitigation Programs, etc. Supervisory decisions outside of BAU are first escalated to the Divisional Supervisory Risk Committee (DSRC), a subcommittee of the Executive Regulatory Issues Committee (ERIC). Decisions may be escalated from DSRC to the FCA’s Executive Committee (ExCo) if appropriate. ExCo is the FCA’s final decision making body. The executive team is made up of the nine members of the ExCo, including the CEO, chief operating officer (COO), director of supervision and authorization, the director of enforcement and market oversight, and the director of strategy and competition. It discusses issues across all areas of the organization and is responsible for implementing the strategy set at Board level. The FCA’s Board sets ExCo’s strategy annually and gives ExCo its decision making powers. The Board is informed of certain ExCo decisions for further sign-off, e.g., significant spending decisions; changes to the FCA’s Handbook. Directors are required to declare any conflict of interest (S175 of the Financial Services Act 2012). The interested director absents him or herself from the discussion of matters relating to the conflict and is excused from review of papers prepared by, or for, the directors to the extent they relate to such matters. |
| EC 5 | The supervisor and its staff have credibility based on their professionalism and integrity. There are rules on how to avoid conflicts of interest and on the appropriate use of information obtained through work, with sanctions in place if these are not followed. |
| Description and findings re EC 5 | All staff in the PRA are covered by the BoE’s recently updated Code of Conduct. This document, which was rolled out in June 2015, brings together policies which previously existed in different places. The policies were also updated as a part of this process. The Code includes sections on records management and Information security as well as a broader range of policies around the management of potential sources of conflict of interest and impartiality (see http://www.bankofengland.co.uk/about/Documents/humanresources/ourcode.pdf). The FCA’s Code of Conduct is also public (see http://www.fca.org.uk/your-fca/documents/code-of-conduct). |
| EC 6 | The supervisor has adequate resources for the conduct of effective supervision and oversight. It is financed in a manner that does not undermine its autonomy or operational independence. This includes:
|
| Description and findings re EC 6 | The PRA and FCA have powers to require the payment of fees, with the cost of banking supervision being met by an annual fee (authorization being charged for separately). Their fee charging power is set out in FSMA (PRA in para. 31 of Schedule 1ZB and FCA in para. 23 of Schedule 1ZA). In making such rules, the PRA and FCA are required to follow the consultation procedures in S138I and M138J of FSMA. Budget and business planning takes place on an annual basis. The PRA budget includes provision of technology to equip staff with tools to carry out their roles. This is divided into ongoing support costs and investment in new technology. Much of the investment budget is targeted at adoption and implementation of European and national legislation. Travel budget to enable effective onsite work, cross-border cooperation and participation in relevant domestic and international meetings is also provided in the budget, and targeted at areas with a high requirement for travel such as Policy and International Banking areas. FSMA (S166) gives the PRA and the FCA power to require any regulated firm or member of its group, to provide it with a report by a skilled person.27 The PRA commissions the report and the firm concerned pays for a skilled person to produce it. This provides both the specialist resources and necessary expertise to review areas of concern identified within a firm and/or the effectiveness or remedial action a firm has taken. The PRA’s pay policy with regards to market position is that it aims to pay median against the private sector, and upper quartile against the public sector in order to attract, retain and motivate the key skills required within the BoE. The PRA’s salary scales are reviewed every two years. The identification of skills required and activity to rectify any skill gaps is conducted on an annual basis in the following ways:
In order to strengthen leadership across the organization, the PRA introduced developmental reviews for all senior leaders and reviewed its succession planning approach. The PRA also reviewed its leadership training and introduced 360 feedback for all managers. The PRA is doing work to articulate different technical and managerial career paths across the BoE—including when to think about building breadth versus depth. Applying for an internal job vacancy is the core promotion route for all staff. Additionally there is a promotion framework for experts, which can be applied to roles where there is a business requirement for longer than average tenure, and deep technical or professional experience. This process has typically been relevant for risk specialist roles, and involves a set of clearly defined promotion criteria. The most recent FCA fees consultation paper (CP 15/14) consulted on the proposed fees to raise the FCA’s Annual Funding Requirement (AFR) for 2015/16. CP 15/14 was published at the same time as the FCA’s 2015/16 Business Plan which set out how the AFR will be used to undertake the work program to achieve the FCA’s statutory objectives in 2015/16. The Business Plan includes the budget to:
S166 of FSMA gives the FCA and the PRA the power to obtain an independent view of aspects of a firm’s activities that cause them concern or where they require further analysis. The appointment of a skilled person can either be by the regulated firm or directly by the FCA. In each case, the FCA sets the scope of the review and the costs are borne by the regulated firm. The 2014/15 FCA Annual Report (Appendix 1) sets out details of the reviews undertaken, the skilled persons appointed and costs. The FCA budget and business planning process includes the determination of:
In the discussion with the supervisors and specialists and from the analysis of the documentation provided, the assessors perceived and found evidence of a situation of strain for staff, especially—but not only—as regards specialist resources. |
| EC 7 | As part of their annual resource planning exercise, supervisors regularly take stock of existing skills and projected requirements over the short- and medium-term, taking into account relevant emerging supervisory practices. Supervisors review and implement measures to bridge any gaps in numbers and/or skill-sets identified. |
| Description and findings re EC 7 | PRA supervisors bridge gaps in skill sets and knowledge through accessing training made available both through the central learning and development team and through local team-level training frameworks. The identification of skills required and activity to rectify is conducted on an annual basis. This includes a training needs analysis facilitated by the central team with input from across the supervision business areas; and a learning and development analysis conducted by individual supervisors and team managers through performance management. The FCA’s Annual Planning cycle includes people capability plans for each area looking at short and medium term capability needs. The supervisory function is represented on the ‘FCA Academy’ Advisory Group that directs investment in learning. |
| EC 8 | In determining supervisory programs and allocating resources, supervisors take into account the risk profile and systemic importance of individual banks and banking groups, and the different mitigation approaches available. |
| Description and findings re EC 8 | The frequency and intensity of the PRA’s supervisory activity varies across firms. The level of supervision principally reflects the PRA’s judgment of a firm’s potential impact on the stability of the financial system, and therefore its systemic importance; its proximity to failure and its resolvability. Those firms that are unlikely, individually, to create disruption to the wider financial system are subject to a baseline level of supervisory activity to ensure that they meet key prudential standards, whereas for higher-impact firms, the PRA makes use of a fuller selection of its supervisory tools. The PRA uses quantitative and qualitative analysis to allocate firms to five ‘categories’ of impact 1 to 5; 1 representing most significant firms with a capacity to cause major disruption to the U.K. financial system and 5 representing firms with a capacity to cause almost no disruption to the U.K. financial system. Supervisors also consider a firm’s proximity to failure when drawing up its supervisory plan. The PRA’s judgment about proximity to failure is captured in a firm’s position within the PIF; the framework aids supervisors in handling banks in times of stress. The supervisor assesses the firm against the PRA risk model to determine an overall assessment of the firm and a relative PIF rating. Additional work is performed, where necessary, to provide information on particular areas of concern, taking into account a firm’s resilience and resolvability, the prevailing market and economic conditions, and the business model of the firm. Supervisory concerns influence the PRA’s future supervisory program for a firm. For example, concerns about management, or systems and controls, influence the PRA’s attitude to the growth of a business, including via acquisition, or to new appointments to significant influence functions (SIF). The FCA considers risk to be the combination of impact and probability. It combines these impact and probability factors to obtain a measure of the overall risk posed to its statutory objectives. It then uses this measure to prioritize risks and make decisions on what its regulatory response should be. It also uses it to set its strategic aims and outcomes and to allocate resources based on its regulatory priorities. All firms are allocated a conduct categorization (C1 for the largest down to C4 for the smallest) on the basis of an impact score. Resources are then allocated on the basis of the conduct classification. For banks and building societies the impact scores are driven by total assets and liabilities and the number of depositors. The FCA then applies an additional weighting on the basis of sector. For example, retail banks’ impact score is higher than the score for investment banks as the FCA considers impact on retail consumers to be a significant additional factor in considering the risk posed by firms. C1 and C2 firms are allocated to a dedicated team of supervisors who undertake proactive supervision of these firms. The supervisory strategy is then set at a firm specific level by the Supervisory team on an annual or bi-annual basis. This includes deciding what proactive engagement meetings to undertake, what deep dives to do, etc. C3 and C4 firms do not have a named supervisor and are not subject to the same level of proactive supervision. Instead they are supervised on a cluster or thematic basis and when risks crystallize. Banking and insurance groups with the largest retail customer footprint (e.g., major U.K. retail bank and wholesale firms with the most significant market presence) are rated C1; there are normally between 10 and 12 C1 groups. In December 2014 the FCA announced a revised supervisory strategy to enable a more market-focused approach to identifying risks and supervising firms (see CP 8–EC 1). |
| EC 9 | Laws provide protection to the supervisor and its staff against lawsuits for actions taken and/or omissions made while discharging their duties in good faith. The supervisor and its staff are adequately protected against the costs of defending their actions and/or omissions made while discharging their duties in good faith. |
| Description and findings re EC 9 | FSMA provides that both the PRA, FCA and any person who is, or is acting as, a member, officer, or member of staff of either body is not liable in damages for anything done or omitted in the discharge, or purported discharge, of the PRA’s or FCA’s functions (para. 25 of Schedule 1ZA and para. 33 of Schedule 1ZB). There have been no examples where PRA staff have been liable for damages. However, this protection does not apply if the act of omission is shown to have been in bad faith, or unlawful as the result of S6(1) of the Human Rights Act (HRA) 1998.28 The regulators cover the legal costs of defending their staff in legal actions against them in relation to their work as PRA or FCA employees. They both have the power to require the payment of fees, to cover the costs of defending its actions. |
| Assessment of Principle 2 | Largely Compliant |
| Comments | The U.K. framework is compliant with the requirements of independence, accountability and legal protection for supervisors set in this principle. In particular, HMT powers of direction on the regulatory authorities do not appear to affect day to day supervision and there is no evidence that they have been used to constrain supervisory independence. While there are no legal provisions requiring that the motivation for removal of the head of the supervisory authorities be disclosed, there is no reason to think that such an extreme event would not attract intense public scrutiny in a system, like the British one, characterized by reasonably transparent and accountable public institutions. An element of limited compliance has been identified in the resourcing arrangements, especially for the PRA. In the discussion with the supervisors and specialists and from the analysis of the documentation provided, the assessors perceived and found evidence of a situation of strain on staff, especially—but not only—as regards specialist resources (e.g., see CP 16). This is certainly caused by the convergence of new and challenging projects, like the preparatory works for the structural reform (ring-fencing policy) and the SMR. It is a condition shared by many other supervisory authorities around the world, because of the intense effort to implement the vast post-crisis regulatory reform agenda. But in the case of the U.K. authorities, the strain on resources is intensified by the same nature of the U.K. financial sector and, in particular, by the status of London as global financial marketplace that attracts activities often at the frontier of financial innovation and demands an exceptional effort for the authorities to keep up with the evolution of risks in the firms they supervise. This strain is not expected to abate in the next future, as the authorities are likely to be increasingly absorbed by their ordinary supervisory schedule; by new promising—but demanding—activities (e.g., the CST, especially if it will extend to a wider range of firms); and by the challenges posed by the emergence of new risks (e.g., cyber risk). The dynamic nature of the London marketplace also entails a high degree of competition in the recruitment of particularly skilled resources (like the risk specialists). The PRA’s intent to pay median against the private sector is a reasonable policy, but does not ensure the level of staff retention that it would need: it is not uncommon for recent entry-level hires to consider a few years’ worth of experience at the supervisory authority as a springboard for a more profitable career in the private sector. The assessors found indirect confirmation of a potential difficulty by the supervisors (especially the PRA) in managing the consequences of their high churn rate in observations raised by a number of market participants: in particular, of a frequent rotation of their main counterparts (e.g., lead supervisors) and of the low relative seniority of the PRA personnel they sometimes find at meetings (e.g., senior managers interviewed by staff with five or less years of experience). It must be recognized that following the move to replace the single FSA with two focused regulators in the PRA and FCA, the cost of regulation and supervisory resources have increased. As reported in the recent NAO report into Regulating financial services, the “combined cost of their ongoing activities in 2013–14 is GBP 664 million–GBP 127 million (24 percent) higher than the 2012–13 cost of the FSA.” The combined budgets for 2015/16 of the PRA and FCA (based on AFR) is GBP 739.4 million. However, at least in the case of the PRA, the increase is in large part due to fees linked to the implementation of special projects, such as the structural (ring-fencing) reform. The PRA has committed itself to set its budget at a level “no higher than the flat real cost of operation” as it seeks to ensure that it is operating as efficiently as possible.29 While this is a commendable commitment by an authority accountable to the public and called to supervise a financial sector that is still dealing with the consequences of its past excesses, it entails a constant quest for resource optimization and the risk of potentially weakening the supervisory action. The question arises of whether a flat real cost of operation for the prudential supervisor of hundreds of firms (among which four global systemically important banks) is compatible with the perspective of a financial sector that, in the perception of the same authorities, is in the condition of growing further in real terms. The PRA also seems to be aware of these tensions and willing to address it through the ongoing revision of its Target Operation Model. Overall, the assessors realize that this is an extremely complex and almost intractable issue and do not think that they can recommend any easy solution (although some specific suggestions for measures partially addressing it are offered in some of the following CPs). Nonetheless, because of the size and complexity of the U.K. financial sector and of its centrality in the network of international financial connections, it represents an issue of globally systemic nature. As regards the technological equipment of the PRA, the assessors found—within their limited observation window—a generally satisfactory situation in terms of IT systems. But they also perceived a certain difficulty in flexibly aggregating data to respond to relatively simple requests; if confirmed, this would cast a shadow on the availability of flexible analytical capacity to appropriately feed the management information (MI) that supervisors and senior managers need. |
| Principle 3 | Cooperation and collaboration. Laws, regulations, or other arrangements provide a framework for cooperation and collaboration with relevant domestic authorities and foreign supervisors. These arrangements reflect the need to protect confidential information.30 |
| Essential criteria | |
| EC 1 | Arrangements, formal or informal, are in place for cooperation, including analysis and sharing of information, and undertaking collaborative work, with all domestic authorities with responsibility for the safety and soundness of banks, other financial institutions and/or the stability of the financial system. There is evidence that these arrangements work in practice, where necessary. |
| Description and findings re EC 1 | Art. 5 CRD establishes that MSs must have coordination measures with all domestic authorities responsible for supervision of “credit institutions, investment firms and financial institutions.” FSMA establishes a number of general coordination mechanisms between the PRA and FCA:
The PRA has never exercised, to date, its veto power over FCA action. There are also specific requirements in FSMA as to how the PRA and FCA will coordinate regulatory processes where both authorities are involved. This includes a duty to consult on relevant policy initiatives. In practice this collaboration often occurs at working level with oversight by directors through a policy coordination committee which meets quarterly. This ensures that both authorities have appropriate input into the process. In order to ensure a joined up and holistic approach to the supervision of firms, the FCA and the PRA have a series of MoUs in place. These are publicly available documents and include:31
The overarching MoU between the FCA and PRA sets out the requirement to establish domestic supervisory colleges for individual dual-regulated firms and groups to ensure that information is shared efficiently between the two regulators and that each has a complete overview of the firm. This approach is set out in Section 25 of the FCA/PRA MoU: http://www.bankofengland.co.uk/about/Documents/mous/prastatutory/moufcapra.pdf. In accordance with the MoU, FCA, and PRA directors meet quarterly to discuss policy coordination. This ensures that collaboration is thorough, constructive and at the appropriate level. Both the PRA and FCA report on performance against the MoU on a quarterly basis. This was most recently conducted in July 2015. This reporting identifies areas of risk in the PRA/FCA relationship, which can then be addressed at the policy coordination meeting or at working level if appropriate. The most recent policy coordination meeting, held in July 2015, included discussion of EU engagement, FSCS and the implementation of the SMR. Where the FCA and PRA firm classifications are not commensurate with each other, the minimum frequency of colleges is based on the higher of the firm’s FCA and PRA classifications unless the FCA and PRA Supervisors agree to base it on the lower classification. The PRA and FCA also work closely with the BoE and HMT to ensure the soundness of the U.K. financial system. The legislation provides for the co-operation of the PRA and the FCA with the BoE (S3Q), requiring both to take appropriate steps to cooperate with the BoE in the BoE’s pursuit of its financial stability objective. The BoE and PRA work closely with the FCA in the collection and management of regulatory data. Much regulatory data for PRA firms continues to be collected by the FCA. This includes reporting via the FCA’s GABRIEL system, the submission of firms’ controllers and close links reports and the reporting of changes to firms’ standing data.32 Coordination between the PRA and the FCA is assisted by the membership of their CEOs on each other’s Board. The FCA, PRA, and BoE are also members of the FPC. This is vital in supporting the flow of information across the different bodies and forging an understanding of approaches and likely reactions to events. At a working level, dedicated teams are responsible for co-coordinating analysis, and sharing information, across the FPC, FCA, and PRA. The CEO of the FCA is a voting member of the FPC and the FPC has the authority to make recommendations on a comply-or-explain basis to the FCA. There is also a MoU between HMT, the BoE, and the PRA on how they intend to coordinate the discharge of their functions in relation to financial stability or the public interest (S65 of the Financial Services Act 2012). Under the terms of the coordination MOU, the FCA, and PRA share data on firms, both dual regulated, and in some cases non-dual regulated, in order to maintain a complete view of the market. Performance against these requirements is reviewed quarterly at CEO level and proactive action taken to address issues as appropriate. Both organizations are required to publish a summary of coordination performance in their annual reports. An international coordination MoU sets out how HMT, the BoE, the PRA, and the FCA will ensure their engagement in international organizations is coordinated effectively (S66 of the Financial Service Act 2012). In their meetings with market participants the assessors recorded an overall positive opinion on the coordination and cooperation between domestic authorities: in the case of that between the PRA and FCA, it was perceived as better than initially expected. |
| EC 2 | Arrangements, formal or informal, are in place for cooperation, including analysis and sharing of information, and undertaking collaborative work, with relevant foreign supervisors of banks and banking groups. There is evidence that these arrangements work in practice, where necessary. |
| Description and findings re EC 2 | CRD Art. 6 establishes that NCAs should cooperate with the other authorities within the ESFS. CRD Art. 7 establishes that NCAs should consider the impact of their decisions on the financial stability of other EU members. CRD Art. 50 establishes that NCAs should cooperate with each other supplying information on management and ownership of institutions, and all information that can facilitate supervision and monitoring. CRD Art. 55 establishes that MSs and EBA can conclude Cooperation agreements with non-EU authorities to exchange information. CRD Arts. 56 and 57 establish the cases where exchange of information between authorities within the EU and outside the EU (see EC 3). CRD Art. 112, more specifically, describes the obligation of coordinating supervisory activities by the consolidating supervisor within the EU. CRD Art. 115 determines that cooperation arrangements need to be in place between the consolidating supervisor and the other NCAs. CRD Art. 116 establishes that the consolidating supervisor must establish colleges of supervisors. Including ensuring cooperation with relevant third country supervisors. The article describes the general tasks of a college. Level 2 regulation, directly applicable to all EU member countries: EBA drafted, and the EC issued, a regulatory standard (Regulation 524/2014) that specifies the information that NCAs must exchange with each other according to Art. 50. The EC issued an implementing regulation (Regulation 620/2014) that outlines operational procedures and sets out standard forms and templates for information sharing requirements, which are likely to facilitate the monitoring of institutions that operate through a branch or through the exercise of the freedom to provide services. EBA regulatory technical standards (RTS) and implementing technical standards (ITS) on operational functioning of colleges of supervisors (published in December 2014, not yet approved by the EC). In order for the PRA (and FCA) to carry out effectively their supervisory activities, it is necessary for them, at times, to share and receive confidential information with overseas authorities. Such information sharing must take place only where professional secrecy obligations are in place that is equivalent to those set out in certain EU Directives. The PRA (and FCA) are party to a number of Memoranda of Understanding (MoUs) with overseas authorities that facilitate such information sharing. There exist also the less formal agreements, known as ‘Exchange of Letters’ (EoLs). Neither MoUs nor EoLs are legally binding. Prior to April 1, 2013, the FSA was party to a series of MoUs (and EoLs) with overseas authorities; a number of these were jointly signed with the BoE. Under transitional provisions in the Financial Services Act 2012, the FSA’s MoUs continue in effect with the relevant successor U.K. authority/authorities (i.e., PRA, FCA, and/or BoE). Such MoUs underpin the supervisory relationship and cooperation that exists between the PRA (and the FCA) and its counterparts. They are instrumental in ensuring that supervisory colleges are able to function effectively, with the free flow of non-public / confidential information that facilitates effective supervision. The FCA maintains close contacts with most supervisory authorities, building even further on these relationships through its membership of various international committees, including International Organization of Securities Commissions (IOSCO), FSB, International Association of Insurance Supervisors (IAIS) and FATF. It is also a member of the European Securities and Markets Authority (ESMA) and actively engages with the EBA and EIOPA in coordination with the PRA. The FCA has MoUs in place with many supervisors around the world. These formalize the way the cooperating with each other. The FCA participates in supervisory colleges to ensure international co-ordination amongst supervisors of global groups. |
| EC 3 | The supervisor may provide confidential information to another domestic authority or foreign supervisor but must take reasonable steps to determine that any confidential information so released will be used only for bank-specific or system-wide supervisory purposes and will be treated as confidential by the receiving party. |
| Description and findings re EC 3 | CRD Arts. 53–62 address exchange of information and professional secrecy for prudential supervision. Art. 53 establishes that “confidential information which such persons, auditors or experts receive in the course of their duties may be disclosed only in summary or aggregate form, such that individual credit institutions cannot be identified, without prejudice to cases covered by criminal law; except in the case the bank has been declared bankrupt, confidential information which does not concern third parties involved in attempts to rescue that credit institution may be disclosed in civil or commercial proceedings, shall not prevent the competent authorities from exchanging information with each other or transmitting information.” Art. 55 of CRD, regarding cooperation with non-member countries, establishes that information can only be provided if it is subject to professional secrecy requirements equivalent to those of the EU. Arts. 56 and 57 establish that, provided secrecy requirements are maintained, exchange of information in the discharge of supervisory functions is allowed with(i) other supervisory authorities; (ii) macroprudential authorities; (iii) “reorganization bodies;” (iv) deposit protection schemes; (v) liquidation authorities; and (vi) auditors. Authorities must communicate to EBA the names of all authorities that may receive information. Confidential information (i.e., any information which relates to the business or affairs of the person or firm in question unless already public or anonymized) that the PRA or FCA may receive in the course of carrying out its functions is subject to the restrictions on disclosure out in S348 FSMA. However, S349 FSMA and the FSMA (disclosure of confidential information) Regulations (SI 2001/2188) provide particular “gateways” which allow the PRA and FCA to lawfully disclose confidential information to certain persons and bodies specified in these Regulations. The PRA and the FCA are able to disclose information to EEA and non-EEA regulatory authorities only for the purpose of the discharge of the functions of those authorities as regulatory authorities. So the PRA/FCA must take steps to ascertain that a possible recipient will only use the information for those purposes, in order to satisfy themselves that they have power to share the information. The confidential information restrictions in S348 FSMA then apply to any recipient of the information (they follow the information around, so to speak). Persons or bodies to whom the PRA or FCA discloses confidential information are subject to the restrictions set out in S348 FSMA. In the EEA, supervisors are also subject to the restrictions on the use and disclosure of confidential information received from another authority which are set out in the single market directives, such as the CRD IV or the EU BRRD. As regards non-EEA authorities, the terms of the MoUs typically stipulate that confidential information disclosed by the disclosing authority may only be used by the recipient authority for supervisory purposes, and contain terms relating to the confidential treatment of that information by the recipient authority. |
| EC 4 | The supervisor receiving confidential information from other supervisors uses the confidential information for bank-specific or system-wide supervisory purposes only. The supervisor does not disclose confidential information received to third parties without the permission of the supervisor providing the information and is able to deny any demand (other than a court order or mandate from a legislative body) for confidential information in its possession. In the event that the supervisor is legally compelled to disclose confidential information it has received from another supervisor, the supervisor promptly notifies the originating supervisor, indicating what information it is compelled to release and the circumstances surrounding the release. Where consent to passing on confidential information is not given, the supervisor uses all reasonable means to resist such a demand or protect the confidentiality of the information. |
| Description and findings re EC 4 | CRD Arts. 53–62 address exchange of information and professional secrecy for prudential supervision. Art. 54 of CRD states that authorities receiving confidential information from NCA and auditors shall use it only in the course of their duties and only for any of the following purposes: (i) to check that the conditions governing access to the activity of credit institutions are met and to facilitate monitoring, on a non-consolidated or consolidated basis, of the conduct of such activity, especially with regard to the monitoring of liquidity, solvency, LE, and administrative and accounting procedures and internal control mechanisms; (ii) to impose penalties; (iii) in an appeal against a decision of the competent authority including court proceedings; and (iv) in court proceedings initiated pursuant to special provisions provided for in Union law adopted in the field of credit institutions. Art. 57 details the capacity of information exchange with members and non-member authorities responsible for liquidation, protection schemes, and auditors. Art. 59 details that information can be transmitted to parliamentary enquiry committees, courts of auditors, and other entities in charge of enquiries in the MS, under certain conditions (proper mandate, need to know, professional secrecy requirements, agreement of the originating NCA). Information obtained from onsite inspections cannot be disclosed without the express consent of the NCA who performed the inspection. The PRA and FCA (in common with other public bodies in the United Kingdom) make available to the public information relating to their regulatory functions. This is subject to two important exemptions. First, personal data is excluded; it continues to be subject to the Data Protection Act 1998 regime. Secondly, information subject to statutory restrictions on disclosure is excluded. This includes confidential regulatory information, as defined in S348 of FSMA, which is not publicly available (see also response to EC 3). FSMA and the FSMA (disclosure of confidential information) Regulations do not impose an obligation on the PRA or FCA to disclose particular information to other bodies (except when regulatory action or litigation is being taken under or for the purposes of FSMA). The PRA and FCA are however under a statutory duty to co-operate (including the sharing of information) with overseas regulators and with other persons in relation to the prevention and detection of financial crime. In these Regulations, Regulation 4 sets out the cases in which disclosure may be made for criminal proceedings and investigations, while Regulation 5 sets out the cases in which disclosure may be made in civil proceedings. Essentially, disclosure in the latter is permissible only in cases which relate to the statutory functions of the PRA and FCA. The PRA would strongly resist disclosure and as a matter of courtesy the PRA would, where appropriate, let a supervisory authority know where information had been disclosed and circumstances surrounding that disclosure. Where the information comes from an EEA competent authority, the PRA would regard notification of onward disclosure as falling within the obligation on competent authorities to cooperate closely with each other under Art. 117 CRD. In cases where the PRA is required to disclose such information, the PRA can request that the information be heard by the court in camera. |
| EC 5 | Processes are in place for the supervisor to support resolution authorities (e.g., central banks and finance ministries as appropriate) to undertake recovery and resolution planning and actions. |
| Description and findings re EC 5 | BRRD sets the framework for interaction between competent and resolution authorities in recovery planning (Arts. 6 and 8), resolution planning (Arts. 11 and 14), early intervention (Art. 27), assessment of conditions for resolution (Art. 32 and EBA guidelines on determination of failing or likely to fail), notifications obligations (Art. 81), and resolution colleges (Art. 88). For cooperation with nonmembers, Art. 88 says that the resolution authorities of third countries where a parent undertaking or an institution established in the Union has a subsidiary institution or a branch that would be considered to be significant “were it located in the EU” may, at their request, be invited to participate in the resolution college as observers, provided that they are subject to confidentiality requirements equivalent, in the opinion of the group-level resolution authority, to those that apply to EEA authorities. Art. 90 establishes that information provided by third-country resolution authority can only be transmitted onward with the consent of the third-country resolution authority. Arts. 93–98 establish cooperation with non-EU countries. Art. 97 establishes the cooperation with third-country authorities regarding resolution, which allows EBA to conclude non-binding arrangements with foreign authorities, based on which individual resolution authorities or NCAs may conclude non-binding cooperation arrangements with these countries. Member countries must notify EBA of arrangements with third-country authorities. The EU resolution authorities may refuse to recognize enforcement of non-EU member countries resolution proceedings if there are adverse effects on financial stability, adverse fiscal effects in the EU, or if depositors in the EU would not receive the same treatment as the depositors in the non-EU country. (Art. 95). The United Kingdom implemented the requirements of the BRRD from January 1, 2015. The BoE as the U.K. resolution authority has the responsibility for the resolution of a failing bank, building society and certain investment firms and their group companies, under the Banking Act 2009.33 The resolution regime covers PRA-regulated firms and certain FCA-regulated investment firms incorporated in the United Kingdom. The regime sets out the objectives that the BoE must pursue when it carries out a resolution, as well as the formal responsibilities under the Act to consult the other U.K. authorities—the PRA, the FCA, and HMT—when placing a firm into the resolution regime and when choosing which of the regime’s tools to use. The Act provides a clear framework for use of the regime, with defined roles for each authority. In practice, all of the authorities will co-operate closely both in the run up to, and during, a failure. The roles are:
A core aspect of the PRA’s approach is to ensure preparedness for either recovery or resolution of a failing firm.34 The PRA’s rules help the BoE in its role as the resolution authority by requiring firms to provide key data to be used in resolution plans which will set out how the firm will be resolved in an orderly manner without causing systemic disruption. The assessors reviewed an MoU meant to facilitate rapid info exchange and cooperation and liaison, to address info sharing in crisis/emergency situations between supervisory authorities for recovery and resolution planning purposes (bilaterally and/or through any Crisis Management Group (CMG) to which both parties are members and at least one party is the home authority); to offer mutual support in the supervision of branches (in particular, in relation to home state supervision of recovery and resolution plans). |
| Assessment of Principle 3 | Compliant |
| Comments | The U.K. authorities appear to have established fairly effective cooperation and collaboration arrangements between domestic authorities; this, in particular, has allowed to mitigate the feared coordination failures generated by the switch from a single supervisor (the FSA) to the twin-peak regulatory architecture (PRA and FCA). International cooperation has also progressed both at bilateral (MoUs) and multilateral level (colleges of supervisors, CMG, and resolution groups). |
| Principle 4 | Permissible activities. The permissible activities of institutions that are licensed and subject to supervision as banks are clearly defined and the use of the word “bank” in names is controlled. |
| Essential criteria | |
| EC 1 | The term “bank” is clearly defined in laws or regulations. |
| Description and findings re EC 1 | Although legislation does not define the term “bank,” the FSMA 2000 (Regulated Activities) Order 2001 (“FSMA 2000”) sets out definitions of activities subject to regulation under the Act, including the acceptance of deposits. So while the relevant legislation does not define the term “bank,” it does define activities that are subject to regulation. For more detail, the PRA Rulebook’s Glossary does define a bank as “(i) a firm with a part 4A permission to carry on the regulated activity of accepting deposits and is a credit institution, but is not a credit union, friendly society, or a building society; or (ii) an EEA bank.” |
| EC 2 | The permissible activities of institutions that are licensed and subject to supervision as banks are clearly defined either by supervisors, or in laws or regulations. |
| Description and findings re EC 2 | FSMA 2000 (Regulated Activities) Order 2001 defines activities subject to supervision, including the acceptance of deposits. The PRA supervises all banks and building societies under its authority using the same prudential regulatory regime, though some differences may exist in terms of what applies to each kind of institution. The PRA applies a special prudential regime to credit unions, which is outlined in the Credit Union Sourcebook. |
| EC 3 | The use of the word “bank” and any derivations such as “banking” in a name, including domain names, is limited to licensed and supervised institutions in all circumstances where the general public might otherwise be misled. |
| Description and findings re EC 3 | Under the Companies Act 2006 and “Company, Limited Liability Partnership and Business Names (Sensitive Words and Expressions) Regulation” 2014, any use of the word “bank” or a derivative thereof requires review by the FCA, which has the ability to reject the use of the name “bank” or a derivative in a firm’s name if it could create confusion for the public. |
| EC 4 | The taking of deposits from the public is reserved for institutions that are licensed and subject to supervision as banks.35 |
| Description and findings re EC 4 | All institutions with the ability to accept deposits are subject to supervision by the PRA. Any institution seeking to take deposits from the public must receive permission under Part IV of FSMA 2000 or be exempt from that requirement. As an example of the latter case, firms chartered in EEA jurisdictions as banks are permitted to establish a branch in the United Kingdom or to provide cross-border banking services under the “passporting” regime within EU law. |
| EC 5 | The supervisor or licensing authority publishes or otherwise makes available a current list of licensed banks, including branches of foreign banks, operating within its jurisdiction in a way that is easily accessible to the public. |
| Description and findings re EC 5 | The PRA and FCA maintain the Financial Services Register as a public record that shows details of firms, individuals and other bodies that are, or have been, regulated by the PRA and/or the FCA. Separately the PRA publishes lists of banks and building societies and branches of foreign banks on a monthly basis on its website. |
| Assessment of Principle 4 | Compliant |
| Comments | Although the name “bank” is not defined in U.K. laws, the use of this name and the related concept of “building society” are strictly controlled through legislation and the PRA’s and FCA’s rules. Accepting deposits is clearly identified as an activity requiring authorization, and only firms authorized to accept deposits may use the name “bank” or “building society.” Consequently, U.K. authorities are in compliance with this core principle. |
| Principle 5 | Licensing criteria. The licensing authority has the power to set criteria and reject applications for establishments that do not meet the criteria. At a minimum, the licensing process consists of an assessment of the ownership structure and governance (including the fitness and propriety of Board members and senior management) of the bank and its wider group, and its strategic and operating plan, internal controls, risk management and projected financial condition (including capital base).36 Where the proposed owner or parent organization is a foreign bank, the prior consent of its home supervisor is obtained. |
| Essential criteria | |
| EC 1 | The law identifies the authority responsible for granting and withdrawing a banking license. The licensing authority could be the banking supervisor or another competent authority. If the licensing authority and the supervisor are not the same, the supervisor has the right to have its views on each application considered, and its concerns addressed. In addition, the licensing authority provides the supervisor with any information that may be material to the supervision of the licensed bank. The supervisor imposes prudential conditions or limitations on the newly licensed bank, where appropriate. |
| Description and findings re EC 1 | The PRA is the authorizing agency and is the lead regulator in the U.K. Institutions seeking to engage in an activity regulated by the PRA and FCA must apply to the PRA for authority to do so under S55A (2) of FSMA 2000. The PRA can approve an applicant only with the consent of the FCA and the application is managed jointly by both agencies. Since the date of the transfer of authority from the legacy FSA to the PRA and FCA (April 1, 2013, also known as the “legal cutover date”), 13 banks have received either authorization to provide services as a new bank or variations of existing authorizations; of these successful applications, three were authorizations for non-U.K. banks to establish branches in the United Kingdom. An exception exists for EEA banks that operate in the United Kingdom through a local branch on a European “passport” and that have a home regulator from another EEA member jurisdiction. Such firms are automatically authorized to do business in the United Kingdom under Schedule 3 to FSMA 2000 once the firm has completed the necessary notification procedure. As part of the authorization process, either the PRA or the FCA may impose conditions or limitations that become binding at the point of authorization. After a firm receives authorization to conduct regulated activities in the United Kingdom, both the PRA and the FCA have the power to remove or amend the firm’s Part 4A permission to receive deposits. These conditions or limitations can be exercised by either supervisor after consulting with the other U.K. regulator. Part XIII of FSMA 2000 provides a separate regime for the imposition of requirements or restrictions on passported firms, though this power is generally limited by the allocation of responsibilities to the home state regulator. |
| EC 2 | Laws or regulations give the licensing authority the power to set criteria for licensing banks. If the criteria are not fulfilled or if the information provided is inadequate, the licensing authority has the power to reject an application. If the licensing authority or supervisor determines that the license was based on false information, the license can be revoked. |
| Description and findings re EC 2 | For an applicant to receive Part 4A permi ssion to accept deposits and therefore become a bank, the applicant must meet five “Threshold Conditions” set by the PRA and another four set by the FCA; together, these conditions and supporting requirements form the criteria for licensing banks. Each supervisor decides whether the applicant firm meets its individual set of Threshold Conditions; the PRA makes the final decision on the application after the FCA has given its consent to the PRA to authorize the applicant. The
The FCA’s Threshold Conditions for banks are comprised of the following:
Some overlap exists between the two agencies’ criteria, and the FCA has indicated that its approach will have due regard to its statutory objectives to protect consumers; protect and enhance the integrity of the U.K. financial system; and promote effective competition in the interest of consumers. If information on an application is deemed to be knowingly false, the PRA can cancel a firm’s Part 4A permission under S55J(1)(c)(ii) FSMA 2000. Assessors reviewed two examples of the FCA’s communications to the PRA providing its consent to approve applicants’ authorizations, including an example of the FCA’s consent to approve an application subject to specific conditions or limitations. Assessors reviewed as well an internal PRA document outlining a new bank authorization and summarizing the PRA’s and the FCA’s analysis, as well as examples of actual Approved Persons Assessments and Recommendations Memos for firms seeking authorization. These documents gave the assessors greater insight into the U.K.’s authorization process and suggested that the two supervisory agencies do rely on the criteria outlined above in evaluating applications. |
| EC 3 | The criteria for issuing licenses are consistent with those applied in ongoing supervision. |
| Description and findings re EC 3 | Under FSMA S513(3), firms must meet the Threshold Conditions when first seeking authorization and then on an ongoing basis. Assessors reviewed examples of New Bank and New Branch Authorization Assessments and Recommendation Papers detailing the PRA’s internal review, including assessing compliance with the PRA’s Threshold Conditions and noting FCA’s conclusions. |
| EC 4 | The licensing authority determines that the proposed legal, managerial, operational and ownership structures of the bank and its wider group will not hinder effective supervision on both a solo and a consolidated basis.37 The licensing authority also determines, where appropriate, that these structures will not hinder effective implementation of corrective measures in the future. |
| Description and findings re EC 4 | Both the PRA’s and the FCA’s Threshold Conditions include provisions that both regulators must be satisfied in respect of the controllers and “close links”38 to the applicant, and that those close links do not prevent effective supervision of the applicant on either a solo or consolidated basis. This forms the basis of the assessment of the ownership structure of the bank. Both regulators also assesses the close links the firm has with other entities. As noted above under EC 3, firms must meet these Threshold Conditions both upon authorization and then on an ongoing basis. The EBA is currently developing regulatory standards to specify what obstacles constitute a barrier to effective supervision, as required under Art. 8(2) of CRD IV. |
| EC 5 | The licensing authority identifies and determines the suitability of the bank’s major shareholders, including the ultimate beneficial owners, and others that may exert significant influence. It also assesses the transparency of the ownership structure, the sources of initial capital and the ability of shareholders to provide additional financial support, where needed. |
| Description and findings re EC 5 | The EBA’s guidelines address the suitability of major shareholders in paras. 1–2 of Art. 14 of CRD IV. Major shareholders are defined in the EBA’s guidelines as those who have qualifying holdings or, if no qualifying holdings exist, the twenty largest shareholders. In the United Kingdom, the “Threshold Conditions” for the PRA and FCA require the assessment of controllers and “close links” (defined in EC 4 above) to an applicant firm to evaluate the transparency of its ownership structure. Neither the EBA nor the U.K. supervisors have issued guidance specific to the suitability of ultimate beneficial owners. Instead, the EBA and U.K. supervisory agencies reference requirements (set out in the CRD and in future RTS) to evaluate the suitability of major shareholders of a company or any entity or individual who is to become a shareholder, which could include ultimate beneficial owners. In the United Kingdom, if a major shareholder, or a beneficial owner, does not meet the criteria, they may not maintain a controlling interest in the firm and ultimately the firm may fail to meet the threshold condition for suitability (Threshold Condition, para. 5E).39 The assessors reviewed licensing applications containing an analysis of controllers and close links (and of their other relevant holdings), intelligence information on the applicants and an analysis of the nature and source of capital resources. |
| EC 6 | A minimum initial capital amount is stipulated for all banks. |
| Description and findings re EC 6 | PRA applies the minimum required capital of GBP 5 million (Art. 12, CRD), with limited exceptions, as permitted under EU rules, for “small specialist banks.” |
| EC 7 | The licensing authority, at authorization, evaluates the bank’s proposed Board members and senior management as to expertise and integrity (fit and proper test), and any potential for conflicts of interest. The fit and proper criteria include: (i) skills and experience in relevant financial operations commensurate with the intended activities of the bank; and (ii) no record of criminal activities or adverse regulatory judgments that make a person unfit to uphold important positions in a bank.40 The licensing authority determines whether the bank’s Board has collective sound knowledge of the material activities the bank intends to pursue, and the associated risks. |
| Description and findings re EC 7 | Under the “Threshold Conditions,” the PRA and FCA must be satisfied that non-financial resources (e.g., Board members) possess the requisite skills, knowledge, and experience relative to the business model of the firm and the ExCo’s structure and composition. In addition, both regulators have the power under FSMA S59 to require individuals in identified roles with a significant influence on the affairs of a firm (SIF roles) to seek approval before taking up their position. Such individuals are known as ‘Approved Persons.’ Approval is granted only if the PRA as prudential regulator and the FCA as conduct regulator are both satisfied that an individual is fit and proper. PRA SIF roles include all members of a firm’s Board, and the heads of the finance, risk and internal audit functions. The PRA and FCA consider the collective skills, knowledge and experience of a prospective firm’s management body to determine whether the firm has adequate resources. A draft SS issued for consultation in May 2015 underscores the collective responsibilities shared by Board members; it’s been published in its final version in March 2016. FSMA also gives the regulators power to dictate which factors determine an individual’s fitness and propriety (S61), and to issue statements of principle and a Code of practice that will apply to individuals performing the functions specified under S59. The fit and proper test for approved persons (‘fit’ as defined in the PRA Rulebook) sets out the minimum standards for becoming and remaining an approved person at a regulated firm. Each individual that performs a “Controlled Function” is assessed and approved if they meet the following ‘fit and proper’ criteria:41
|
| EC 8 | The licensing authority reviews the proposed strategic and operating plans of the bank. This includes determining that an appropriate system of corporate governance, risk management and internal controls, including those related to the detection and prevention of criminal activities, as well as the oversight of proposed outsourced functions, will be in place. The operational structure is required to reflect the scope and degree of sophistication of the proposed activities of the bank.42 |
| Description and findings re EC 8 | The PRA and FCA require firms to submit a 5-year business plan. They also consider plans to outsource any functions and what controls the firms will place over those arrangements. FCA also considers controls and systems in place, competence of management, and adequacy of AML policies and procedures. |
| EC 9 | The licensing authority reviews pro forma financial statements and projections of the proposed bank. This includes an assessment of the adequacy of the financial strength to support the proposed strategic plan as well as financial information on the principal shareholders of the bank. |
| Description and findings re EC 9 | Supervisors require 5-year financial forecasts, own assessments of capital required (stress testing), source of funds to support business activities, liquidity needs, and financial information on principal shareholders. |
| EC 10 | In the case of foreign banks establishing a branch or subsidiary, before issuing a license, the host supervisor establishes that no objection (or a statement of no objection) from the home supervisor has been received. For cross-border banking operations in its country, the host supervisor determines whether the home supervisor practices global consolidated supervision. |
| Description and findings re EC 10 | PRA and FCA have full powers and responsibilities over subsidiaries of overseas firms (whether EEA or non-EEA), and those firms must meet all Threshold Conditions. For branches of EEA banks, those firms can “passport” deposit-taking activities into the United Kingdom without an authorization necessary from U.K. authorities. The authorized firm must inform its home country supervisor, and the home supervisor may object to a firm’s passporting into another EEA MS if it doubts the administrative structure or financial situation of the firm. The home country supervisor must inform the firm and the relevant host country authorities of its decision within three months. For U.K. branches of non-EEA banks, the PRA evaluates equivalence of home country regulator and, if not judged equivalent, will refuse authorization for a branch. Where judged equivalent, the PRA collaborates with the home country supervisor through supervisory colleges. Annual updates are required on applicant’s ability to meet prudential standards. |
| EC 11 | The licensing authority or supervisor has policies and processes to monitor the progress of new entrants in meeting their business and strategic goals, and to determine that supervisory requirements outlined in the license approval are being met. |
| Description and findings re EC 11 | Bank must continue to meet Threshold Conditions and other rules and requirements set out in the PRA Handbook and Rulebook. Supervision can be intensive and not risk-based for up to five years. FCA approach is judgment-based and pre-emptive, depending on three pillars:
|
| Assessment of Principle 5 | Compliant |
| Comments | Based on a review of the United Kingdom and the EBA’s self-assessments for these criteria, subsequent questions raised with U.K. supervisors, and a review of sample licensing evaluations and decisions, U.K. supervisors are found to be compliant with Principle 5 regarding licensing. While neither the European nor U.K. requirements specifically identify separate processes for evaluating the compliance of ultimate beneficial owners with European and U.K. rules, the licensing applications reviewed by the assessors revealed that the analysis of the applicants is adequately deep and thorough (see EC 5). |
| Principle 6 | Transfer of significant ownership. The supervisor43 has the power to review, reject and impose prudential conditions on any proposals to transfer significant ownership or controlling interests held directly or indirectly in existing banks to other parties. |
| Essential criteria | |
| EC 1 | Laws or regulations contain clear definitions of “significant ownership” and “controlling interest.” |
| Description and findings re EC 1 | Relevant laws and regulations promulgated by the EU have not offered a definition of “significant ownership.” The EBA notes that the EU has defined a “qualifying holding” as a direct or indirect holding in an undertaking that represents 10 percent or more of the capital or of the voting rights or that enables the holder to exercise a significant influence over the management of the undertaking (Art. 4(1)(36) of Regulation EU/575/2013 (CPR)). Art. 22B states further that a NCA may not set a notification or approval requirement that is more stringent than what is set out in the Directive. The U.K. regulations do define “significant ownership” and “controlling interest” in FSMA 2000, which sets out definitions for “control” based on the following guidelines:
|
| EC 2 | There are requirements to obtain supervisory approval or provide immediate notification of proposed changes that would result in a change in ownership, including beneficial ownership, or the exercise of voting rights over a particular threshold or change in controlling interest. |
| Description and findings re EC 2. | Under S178 of FSMA 2000, a person who decides to acquire or increase control over an authorized firm must give the PRA notice of its intention to acquire and obtain approval before it acquires or increases control. This notification concerns both changes in beneficial ownership (shareholding changes) and voting rights that could be held either directly or indirectly through parent and subsidiary undertakings. Failing to obtain approval prior to making an acquisition can constitute a criminal offense under U.K. law. Notification regarding increases in control requiring approval as ownership increases from one category to the next:
A person who decides to increase control over an authorized firm must give PRA notice of intention to increase control over that firm. Assessors reviewed examples of the PRA’s “Change in Control: Assessment and Recommendation Memos” that outlined the analysis conducted, including a review of how the authorization would alter ownership of the company, and found the examples indicative of the process described above. |
| EC 3 | The supervisor has the power to reject any proposal for a change in significant ownership, including beneficial ownership, or controlling interest, or prevent the exercise of voting rights in respect of such investments to ensure that any change in significant ownership meets criteria comparable to those used for licensing banks. If the supervisor determines that the change in significant ownership was based on false information, the supervisor has the power to reject, modify or reverse the change in significant ownership. |
| Description and findings re EC 3 | The PRA may object under S186 of FSMA 2000 to the acquisition or ongoing ownership (meaning holdings above 10 percent or via significant influence) by a “controller” on the following grounds:
The FCA evaluates the effect that a proposed transaction may have on customers to ensure that the acquiring bank maintains or develops appropriate customer contact at the outset and that interactions with customers are appropriate. If it was determined that the change in control/significant ownership was based on false information, the PRA may deem this as evidence that the person does not have the required reputation to be a controller of a U.K.-regulated bank. |
| EC 4 | The supervisor obtains from banks, through periodic reporting or onsite examinations, the names and holdings of all significant shareholders or those that exert controlling influence, including the identities of beneficial owners of shares being held by nominees, custodians and through vehicles that might be used to disguise ownership. |
| Description and findings re EC 4 | Annual reporting is required of all controllers and close links44 as well as regarding possible changes in controllers and close links. As noted under Principle 5, EC 5, neither the EBA nor the U.K. supervisors have issued guidance regarding ultimate beneficial owners. Instead, the EBA and U.K. supervisory agencies reference requirements (set out in the CRD and future RTS) regarding major shareholders of a company or any entity or individual who is to become a shareholder, which could include ultimate beneficial owners. Consequently, beneficial owners would be subject to scrutiny similar to other shareholders. In addition, banks are required to notify the PRA when they become aware of potential changes in their controllers or close links. The assessors found evidence of PRA analysis of change in control applications, with an appropriate drill-down into the legal structure of the acquiring entity up to the ultimate legal owners, and also of verifications (from open and closed sources) on the individuals and the families at the top of the controlling chain, all aimed at ensuring adequate information about all persons and entities in a position to exercise control over the target of the acquisition. |
| EC 5 | The supervisor has the power to take appropriate action to modify, reverse or otherwise address a change of control that has taken place without the necessary notification to or approval from the supervisor. |
| Description and findings re EC 5 | Under S191A of FSMA 2000, the PRA may object to a person’s control over a U.K. authorized firm and in some cases may launch criminal proceedings if the controller failed to seek approval in advance of a change; acquired control after receiving a “warning notice;” or breached an interim order. It is a criminal offense to acquire or increase control in an authorized firm without notifying the PRA first. Similarly, the PRA has the power under S191B to issue a “restriction notice” modifying the way in which control is exercised (e.g., prohibiting the voting, payment of dividends, or disposal of shares); this notice follows a warning notice objection to a controller. The PRA likewise can apply to the court for an order for the sale of shares following an objection to control under S191C. In addition, it is a criminal offence under S191F of FSMA 2000 to acquire or increase control without notifying the PRA first. |
| EC 6 | Laws or regulations or the supervisor require banks to notify the supervisor as soon as they become aware of any material information which may negatively affect the suitability of a major shareholder or a party that has a controlling interest. |
| Description and findings re EC 6 | Under “Fundamental Rule” 7, firms must deal with the supervisor in an open and cooperative way and must disclose anything to the PRA for which the PRA would “reasonably expect” notification. This could include, for example, a development related to a controller that would call into question the controller’s integrity. A similar rule applies to the FCA. |
| Assessment of Principle 6 | Compliant |
| Comments | Based on a review of the U.K. authorities’ self-assessment, discussions with representatives of the authorities, and a review of sample analyzes made available to assessors during the review, U.K. authorities are in compliance with the core principal regarding the transfer of significant ownership. As noted under Principle 5, neither the EBA nor the U.K. supervisors have issued guidance regarding ultimate beneficial owners. However the analysis of change in control applications revealed that the PRA requires adequate information about all persons and entities in a position to exercise control over the target of the acquisition. |
| Principle 7 | Major acquisitions. The supervisor has the power to approve or reject (or recommend to the responsible authority the approval or rejection of), and impose prudential conditions on, major acquisitions or investments by a bank, against prescribed criteria, including the establishment of cross-border operations, and to determine that corporate affiliations or structures do not expose the bank to undue risks or hinder effective supervision. |
| Essential criteria | |
| EC 1 | Laws or regulations clearly define:
|
| Description and findings re EC 1 | Chapter 2 of the Notifications Part of the PRA Rulebook requires that a firm give the PRA notice of: “(1) any proposed restructuring, reorganization or business expansion which could have a significant impact on the firm’s risk profile or resources, including, but not limited to: (a) setting up a new undertaking within a firm’s group, or a new branch (whether in the U.K. or not)…” While the detailed example refers to the establishment of a new undertaking, by analogy, failure to notify the PRA of any acquisition of another operating entity is likely to contravene the more general notification requirements. The same chapter also imposes an obligation of notification for “any action which a firm proposes to take which would result in a material change in its capital adequacy or solvency, including, but not limited to: (a) any action which would result in a material change in the firm’s financial resources or financial resources requirement.” Following the notification of an acquisition, the PRA can decide to prevent it, based on its statutory power to impose requirements on a bank, including a requirement to refrain from taking a specified action (S55M and 55N(1)(b) of FSMA. This power can be used to require a firm not to make a proposed acquisition or investment. Under S55M(7), the PRA must consult the FCA before imposing or varying a requirement. The PRA can therefore prevent an acquisition or investment if it judges that the acquisition or investment would be likely to lead to the failure of any Threshold Condition or if preventing the acquisition or investment would advance any of the PRA’s statutory objectives (including the safety and soundness of a PRA-authorized entity, which is the first of the PRA’s statutory objectives). U.K. supervisors have gone through this process once regarding a major acquisition in the past five years, namely in the case of Barclays seeking to acquire ING Direct. The assessor had access to the documentation regarding this operation and could verify that it was subject to intense scrutiny, in particular with respect to the adequacy of the acquirer’s financial resources. The supervisor’s judgment is backed up by prescribed criteria provided in explanations of what firms need to achieve in order to meet Threshold conditions and also a clear statement of the PRA’s objectives. Similar powers are given to the FCA under S55L. If the target entity is a bank, the acquirer must also obtain prior approval (see CP 6). |
| EC 2 | Laws or regulations provide criteria by which to judge individual proposals |
| Description and findings re EC 2 | The U.K. supervisors may impose requirements should a firm face a risk of failing to meet Threshold Conditions, especially regarding prudence; suitability; and the ability to supervise a new entity effectively (Threshold Conditions 3, 4, and 5, respectively). |
| EC 3 | Consistent with the licensing requirements, among the objective criteria that the supervisor uses is that any new acquisitions and investments do not expose the bank to undue risks or hinder effective supervision. The supervisor also determines, where appropriate, that these new acquisitions and investments will not hinder effective implementation of corrective measures in the future.45 The supervisor can prohibit banks from making major acquisitions/investments (including the establishment of cross-border banking operations) in countries with laws or regulations prohibiting information flows deemed necessary for adequate consolidated supervision. The supervisor takes into consideration the effectiveness of supervision in the host country and its own ability to exercise supervision on a consolidated basis. |
| Description and findings re EC 3 | PRA has statutory powers to intervene and prohibit an investment or acquisition if a firm might fail or be likely to fail to meet Threshold Conditions 3 (business must be conducted in a prudent manner), 4 (firm must be fit and proper) and 5 (firm is able to be supervised effectively). |
| EC 4 | The supervisor determines that the bank has, from the outset, adequate financial, managerial and organizational resources to handle the acquisition/investment. |
| Description and findings re EC 4 | The U.K. supervisors must determine the adequacy of financial and non-financial resources available to a firm to meet Threshold Condition 3 (prudence). |
| EC 5 | The supervisor is aware of the risks that nonbanking activities can pose to a banking group and has the means to take action to mitigate those risks. The supervisor considers the ability of the bank to manage these risks prior to permitting investment in non-banking activities. |
| Description and findings re EC 5 | Under Threshold Condition 3, a bank must have sufficient financial and non-financial resources to manage all risks to its safety and soundness. If resources are lacking, the supervisors may impose restrictions. If the supervisor considers that the bank does not have (or may not have in the future) the means to mitigate risks to its safety and soundness, the supervisor can mitigate these risks by imposing a requirement on the bank. Such a requirement would include preventing investment in a nonbanking activity (S55N(1)(b) of FSMA 2000). |
| AC 1 | The supervisor reviews major acquisitions or investments by other entities in the banking group to determine that these do not expose the bank to any undue risks or hinder effective supervision. The supervisor also determines, where appropriate, that these new acquisitions and investments will not hinder effective implementation of corrective measures in the future.46 Where necessary, the supervisor is able to effectively address the risks to the bank arising from such acquisitions or investments. |
| Description and findings re AC1 | Under Threshold Conditions 3 and 5, the supervisors must review other acquisitions to ensure that the banking group maintains compliance with those requirements. Threshold condition 3 (“business to be conducted in a prudent manner”) requires a supervisor to consider a bank’s “membership of a group and any effect that membership may have” when determining the risks to which a bank is exposed.47 Threshold Condition 5 (“effective supervision”) requires a supervisor to consider whether a bank’s membership of a group “is likely to prevent the PRA’s effective supervision” of the bank.48 The supervisor therefore must review major acquisitions or investments by other entities in a banking group to make sure that these do not expose the bank to any undue risks or hinder effective supervision. To date, U.K. authorities have not yet had a case in which a U.K.-authorized bank was reviewed because another entity in the group made a major acquisition or investment. The authorities report that enhanced capital and liquidity requirements are in place for some firms due to their inclusion in a group. Threshold Condition 3 also requires a bank to be able to comply with requirements imposed or likely to be imposed on the bank by the PRA in the exercise of its functions. This means that the supervisor has to determine that any new acquisition or investment by another entity in the group does not hinder effective implementation of corrective measures in the future. The powers over ‘qualifying parent undertakings’ (i.e., U.K.-based parent companies of U.K.-authorized entities that are not themselves authorized entities) granted to the PRA and the FCA by the Financial Services Act 2012, can also be used in case of major operations conducted by a bank’s parent, as they allow the regulators to give directions to such undertakings, requiring them to take specific actions or to refrain from taking specific actions. |
| Assessment of Principle 7 | Compliant |
| Comments | While the U.K. legislation does not define the term ‘major acquisition,’ it sets forth notification requirements that result in an expansive definition: all firms supervised by the PRA must give the PRA notice of any proposed business expansion which could have a “significant impact on the firm’s risk profile or resources,” as well as of any action which a firm proposes to take which would result in a “material change in its capital adequacy or solvency, including, but not limited to, in the firm’s financial resources or financial resources requirement.” These criteria apply to any operation of significant impact, be it the acquisition of a bank or nonbank, EU or non-EU. Once notified, U.K. authorities have (especially through the application of the “threshold conditions”) the necessary powers to approve or reject requests to undertake major acquisitions that raise concerns about the risk that may result or the authorities’ abilities to supervise the firms. The supervisor must review major acquisitions or investments also by other entities in a banking group, to make sure that these do not expose the bank to any undue risks or hinder effective supervision. |
| Principle 8 | Supervisory approach. An effective system of banking supervision requires the supervisor to develop and maintain a forward-looking assessment of the risk profile of individual banks and banking groups, proportionate to their systemic importance; identify, assess, and address risks emanating from banks and the banking system as a whole; have a framework in place for early intervention; and have plans in place, in partnership with other relevant authorities, to take action to resolve banks in an orderly manner if they become non-viable. |
| Essential criteria | |
| EC 1 | The supervisor uses a methodology for determining and assessing on an ongoing basis the nature, impact, and scope of the risks:
The methodology addresses, among other things, the business focus, group structure, risk profile, internal control environment and the resolvability of banks, and permits relevant comparisons between banks. The frequency and intensity of supervision of banks and banking groups reflect the outcome of this analysis. |
| Description and findings re EC 1 | No legislation sets out a specific methodology for determining and assessing a firm’s risks within the EU. NCAs are expected to develop their own approaches for assessing the risk profiles of individual firms. The legal basis for supervisors within the EU to review and evaluate firms is based on the CRD, which—in turn—the EBA has detailed through comprehensive procedures and methodologies for supervisory review and evaluation process (SREP) (EBA/Guideline (GL)/2014/13). SREP sets out four areas for analysis, namely (i) business model analysis; (ii) assessment of internal governance and institution-wide control arrangements; (iii) assessment of risks to capital and adequacy of capital to cover these risks; and (iv) assessment of risk to liquidity and adequacy of liquidity. The EBA SREP guidelines, which are based on a ‘comply or explain’ approach, take effect from January 2016; the PRA has committed to comply.49 The PRA’s approach to supervision depends on supervisors’ judgment, but prescribes a structure for evaluating relevant issues and forming judgments related to risks facing individual firms as well as risks that firms pose to the broader safety and soundness of the financial system. Three areas of focus comprise the PRA’s risk framework:
In terms of its methodology, applied to all banks, the PRA scores 8 elements (generally on a scale of 1 to 10) for each firm. The eight elements can be broken up into five groups of considerations, namely the “gross risk” associated with a particular firm; the “risk context” in which the firm operates; the “operational mitigation” a firm has in place to reduce the gross risks; the “financial mitigation” a firm achieves through its balance sheet resilience; and the “structural mitigation” against risks that a firm’s legal and operational organization may provide. Gross risk
Risk context
Operational mitigation
Financial mitigation
Structural mitigation
The PRA’s supervisory approach varies the frequency and intensity of supervisory activities based on a firm’s potential impact on financial stability; its proximity to failure (reflecting the PRA’s risk model and the PRA’s PIF); and its resolvability. For larger firms (Category 1 to 3), the PRA conducts this work through ongoing reviews, though the PRA does not necessarily evaluate each element each year. The supervisory cycle includes a “periodic summary meeting” (PSM) in which the scores for a firm are reviewed and capital and liquidity guidance is set; and a mid-point review for Category 1–4 firms. For Category 4 and 5 firms (the smallest), the PSM may encompass a group of firms simultaneously. Assessors had an opportunity to review documents prepared for past PSMs and mid-year reviews of firms in each Category from 1 to 5, and to meet with supervisors and others who participate. The FCA, in turn, operates a supervision approach that varies depending on a series of measures primarily related to the size of the firm. At the time that U.K. authorities submitted the BCP Self-Assessment, the FCA had assigned all firms to one of four impact categories, the first two of which required the FCA to undertake individual evaluations of the firms. Toward the end of 2015, the FCA changed its approach and now divides up all firms subject to its supervision into two categories rather than four. The new categories are based on the size, market presence, number of customers, and other characteristics. The first Category is called the “fixed portfolio,” which consists of firms for which the FCA appoints a named supervisor who oversees the FCA’s supervision of that firm. FCA staff confirmed that, at the time of the assessment, 26 banks, out of a total of approximately 110 firms, qualified for inclusion in the “fixed portfolio” Category. The remaining firms—which constitute the vast majority of firms supervised the FCA—form the “flexible portfolio” category, in which a specific supervisor is not assigned to oversee the FCA’s supervision. These firms are supervised in various ways, including through: thematic work; education and engagement; baseline monitoring; and through dealing with crystallized risk that exceeds the FCA’s risk appetite. For banking organizations that are subject to supervision on an individual basis by the FCA, the FCA’s approach includes a “firm evaluation,” which considers the nature and extent of risks that a firm poses to the FCA’s statutory objectives. The firm evaluation includes an analysis of 10 underlying risk groups, which include the external environment; the business model and strategy; the effectiveness of management and conduct culture; the effectiveness of front line functions; the client asset and financial crime framework; the effectiveness of governance and control functions; and prudential risk, among others. |
| EC 2 | The supervisor has processes to understand the risk profile of banks and banking groups and employs a well-defined methodology to establish a forward-looking view of the profile. The nature of the supervisory work on each bank is based on the results of this analysis. |
| Description and findings re EC 2 | To understand the risk profiles of the firms subject to its supervision, the PRA seeks to conduct assessments on a continuous cycle that increases in frequency and intensity commensurate with a firm’s potential impact on financial stability. The process nonetheless appears to be most developed for the largest systemically important firms (Category 1) than for the majority of firms, as the intensity and frequency of reviews, as well as the availability of expert supervisory resources—is greatly constrained for Category 2–5 firms (the majority). Even for Category 1 firms, the frequency and depth of probes can be more limited that the “CA” supervisory model may suggest, and U.K. authorities acknowledged that all eight elements of the PRA risk model may not be assessed in detail every year for Category 1–3 firms. While all elements of the PRA risk model are reviewed at least twice per year (in line with the PSM and the subsequent mid-year review), PRA supervisors note that detailed field work covering a Category 1 firm’s management of operational risk can require up to three years to evaluate all major areas of focus. Likewise, as noted elsewhere under CP 18, reviews of asset quality at Category 1 firms involve testing of actual loans and exposures, but the number of files reviewed can vary significantly. The overall process for evaluating a firm’s risk profile includes, among other components, reviews of a firm’s business models as well as evaluations of its capital. To establish a forward-looking view on the viability of a firm’s business model, the PRA requires firms to submit business plans for the next three to five years. Supervisors then evaluate the risks associated with these plans, seeking to understand how the firms generate profits; what issues could threaten their viability; what the firms’ potential to fail is; and what areas require additional review. To ensure that a firm has sufficient capital relative to its risk profile, the PRA conducts a SREP and considers risks that are not mitigated or not fully mitigated under the CRR (“Pillar 2A”) and risks to which the firm may become exposed in the future (“Pillar 2B”). In the course of its deliberations, the PRA evaluates the size of the Pillar 2A and Pillar 2B capital that a firm may hold and considers whether additional capital should be required. Supervisors may also apply temporary increases in capital requirements—called “scalars”—to cover unexpected losses that could arise from weaknesses that the firm has not yet mitigated. The PRA considers analyzes of a firm’s risk profiles, its individual risk elements, and all supervisory concerns are discussed at a PSM. At the PSM, the PRA’s relevant senior managers agree on the scoring of the risk elements, the individual capital and liquidity guidance that will be required of a firm, and the supervisory strategy for the firm going forward. |
| EC 3 | The supervisor assesses banks’ and banking groups’ compliance with prudential regulations and other legal requirements. |
| Description and findings re EC 3 | To assess compliance with Prudential Regulations and other legal requirements, the PRA undertakes “baseline monitoring” for all firms. This monitoring program includes reviewing regulatory returns from firms as well as other data gathered by the PRA in its supervision. The PRA employs automated surveillance systems that generate alerts and require supervisors to evaluate the issue(s) triggering the alert(s) and document decisions arising from the issues within 10 days. Baseline monitoring of regulatory returns is the primary way in which smaller firms (Category 3–5) are supervised. The U.K. authorities note that a “responsive” supervisory approach is adopted for these firms, with greater dependence on automated monitoring tools. For larger firms, such as Categories 1–3 firms, but also for smaller firms as required, the PRA may request additional information such as audit, Board packs, Asset-Liability Committee (ALCO) and risk committee reports, plus planned meetings. For firms posing greater risks to U.K. financial stability, the PRA’s baseline monitoring includes a planned schedule of meetings with senior managers and control function heads. The FCA, in turn, does regulate prudentially certain entities within banking groups and requires those firms to provide regular information in the form of regulatory returns to gain insight into compliance with rules such as the “Threshold Conditions.” The FCA coordinates its work with the PRA, which is the consolidating supervisor for all U.K. banking groups. In addition to its baseline monitoring and requests for additional documents, the PRA and FCA expect firms to report relevant issues as part of the “Fundamental Rules” and “Principles for Business.” For example, the PRA’s Fundament Rule 7 prescribes that “a firm must deal with its regulators in an open and cooperative way, and must disclose to the PRA appropriately anything relating to the firm of which the PRA would reasonably expect notice.” |
| EC 4 | The supervisor takes the macroeconomic environment into account in its risk assessment of banks and banking groups. The supervisor also takes into account cross-sectoral developments, for example in non-bank financial institutions, through frequent contact with their regulators. |
| Description and findings re EC 4 | “External context” is scored as part of the annual PRA risk model, for which macroeconomic issues are taken into account. The PRA draws on work prepared by other areas of the BoE, including the views of the FPC; sectoral analyzes; or insight gathered by the market intelligence function, as examples. To take cross-sectoral issues into account, the PRA relies on its governing Board, whose membership is designed explicitly to ensure that the PRA’s strategy reflects the macroeconomic environment. The Governor of the BoE serves as chair of the PRA Board, as well as of the FPC and of the MPC, and the Deputy Governors for Markets and Banking and for Financial Stability likewise sit on all three groups. The Chief Executive of the FCA serves on the PRA Board as well. In terms of cross-sectoral developments, the chief executive of the PRA sits on the FPC and receives briefings on U.K. and international economies as well as insight into the nonbank sector. A reorganization of the BoE in 2014 furthermore sought to ensure that the three policy-setting committees benefit from the expertise of staff across the BoE. In addition, the annual stress testing that the PRA and FPC run jointly may help to capture macroeconomic risk. |
| EC 5 | The supervisor, in conjunction with other relevant authorities, identifies, monitors, and assesses the build-up of risks, trends and concentrations within and across the banking system as a whole. This includes, among other things, banks’ problem assets and sources of liquidity (such as domestic and foreign currency funding conditions, and costs). The supervisor incorporates this analysis into its assessment of banks and banking groups and addresses proactively any serious threat to the stability of the banking system. The supervisor communicates any significant trends or emerging risks identified to banks and to other relevant authorities with responsibilities for financial system stability. |
| Description and findings re EC 5 | Within the BoE, the FSSR Directorate provides support to the FPC and is responsible for identifying and evaluating risks arising from across the financial services sector. This includes: conducting a financial stability risk assessment and research across all sectors and markets; providing support to microprudential supervisors; identifying policy responses, including what macroprudential instruments the BoE may need and designing the strategy for their use; and delivering and developing the BoE’s stress testing framework. The FSSR produces a “quarterly risk pack” that focuses on trends and concentration of risks in the United Kingdom; quarterly capital and liquidity packs; a quarterly large exposure (LE) pack; and notes on special subjects. These notes are used more specifically for major U.K. banks. Supervisors review regularly capital and liquidity information for their firms; for smaller firms (Categories 4 and 5), these reviews may be done on a peer group basis. Overall, risks and trends within sectors and across the banking system are assessed by supervisors as part of the “External Context” element of the PRA risk framework, and key issues relevant to specific firms are identified in the annual PSMs and mid-year reviews. Significant risks and trends are communicated to relevant firms through a “Dear CEO” letter, and more broadly significant risks and trends are communicated via the bi annual FSR and speeches by the BoE and PRA staff. |
| EC 6 | Drawing on information provided by the bank and other national supervisors, the supervisor, in conjunction with the resolution authority, assesses the bank’s resolvability where appropriate, having regard to the bank’s risk profile and systemic importance. When bank-specific barriers to orderly resolution are identified, the supervisor requires, where necessary, banks to adopt appropriate measures, such as changes to business strategies, managerial, operational and ownership structures, and internal procedures. Any such measures take into account their effect on the soundness and stability of ongoing business. |
| Description and findings re EC 6 | The U.K. authorities are not seeking a “zero failure rate,” and they instead seek to avoid disorderly failures that might otherwise disrupt the supply of critical functions. To do so, the PRA collaborates with the BoE’s RD to ensure that a firm’s failure will not have a significant impact on the supply of financial services. Resolution is assessed as an element of the PRA risk model, and the PRA’s SS19/13 outlines what is required for a “resolution pack.” Both the PRA and the BoE have statutory objectives requiring action to ensure that institutions are resolvable, and can therefore be resolved in an orderly way, and an annual assessment of resolvability is required under law. The U.K. authorities consider an institution to be resolvable if the BoE finds that it is feasible and credible to take resolution action (using its stabilization powers) or it can pursue insolvency proceedings against an institution while avoiding any significant adverse effect on the financial system of any EEA sate or the continuity of the institution’s critical functions. The BoE determines the preferred resolution strategy, and the PRA contributes by helping to verify information submitted by the firm. The BoE coordinates resolution planning on a cross-border basis through CMGs. After the BoE has made a determination of a firm’s resolvability and—following formal consultation with the PRA and, where relevant, the resolution college—the BoE is required to share a summary of its resolution plan with the firm. The summary includes barriers to resolution and a request that the firm remove those barriers within four months. This process is not fully implemented yet given the time line for implementation of the BRRD. |
| EC 7 | The supervisor has a clear framework or process for handling banks in times of stress, such that any decisions to require or undertake recovery or resolution actions are made in a timely manner. |
| Description and findings re EC 7 | The PRA considers proximity to failure when establishing its usual supervisory plans and relies on its PIF to express its judgment about the firm’s viability. The PRA relies on the PIF to achieve its goal of identifying and responding to emerging risks at an early stage and sets out five PIF stages, each representing a different level of risk of failure. Firms in Stages 1 and 2 are viewed as having the lowest to moderate risks, respectively, to their viability. Those in Stage 3 are viewed as having risk to their viability in the absence of any action by the firm. Firms in Stage 4 are viewed as having imminent risk to their viability, while those firms that are in the resolution phase are in Stage 5. When a firm moves into a higher PIF stage, indicating that the PRA believes the firm’s viability has deteriorated, supervisors are required to review their supervisory actions accordingly and in line with a list of appropriate actions detailed in the PRA’s Approach to banking supervision document. Senior management at firms, in turn, are expected to take appropriate action to reduce the likelihood of failure, and U.K. authorities will ensure preparedness for resolution. For firms assessed as being in PIF Stages 3 or 4, the BoE’s RD will add them to a watch list and begin assessing barriers to resolution through analysis and information-gathering; in Stage 4, the RD begins generating solutions to mitigate the identified issues. Two key conditions must be met before a firm can be put into resolution. First, the firm must be failing or likely to fail; for example, supervisors may assess that the firm is failing or likely to fail to meet its Threshold Conditions for authorization in a manner that justifies the withdrawal of its authorization. Second, it must be reasonably likely that no action will be taken outside of the resolution regime that will result in the firm no longer failing or being unlikely to fail. The decision to place a firm in resolution does not, on its own, allow use of all of the resolution tools. To use the stabilization tools, it must be necessary to do so, having regard to the public interest in achieving the objectives of resolution. The BoE will consult with the PRA, FCA, and HMT and then determine whether the public interest test is met by assessing the probable impact of the firm’s failure. If the assessment indicates that the use of the insolvency procedure would not meet the resolution objectives, the stabilization tools may be used. It should be noted that the PRA is currently evaluating the PIF to ensure that it complies with the Early Intervention Measures under the BRRD. From the FCA’s perspective, when a bank is in difficulty, the FCA engages with the BoE RD, HMT, and the PRA to consider the resolution contingency plan for the firm. The FCA considers in particular depositor protection, continuity of access, possible changes to terms and conditions, and completion of ongoing redress and remediation programs. In addition, the FCA seeks to provide confidence in the adequate regulatory protection of client money and safe custody assets (client assets) and sets out requirements for firms to have readily information to facilitate the prompt return of client money and safe custody assets in a resolution event. |
| EC 8 | Where the supervisor becomes aware of bank-like activities being performed fully or partially outside the regulatory perimeter, the supervisor takes appropriate steps to draw the matter to the attention of the responsible authority. Where the supervisor becomes aware of banks restructuring their activities to avoid the regulatory perimeter, the supervisor takes appropriate steps to address this. |
| Description and findings re EC 8 | If bank-like activities are taking place outside the supervisors’ firewall, the PRA notifies the FPC for evaluation. Under the BoE Act 1998, the FPC has the power to make recommendations to HMT on regulated activities. The committee is able to provide advice or recommendations to the Treasury on what activity should be regulated; which activities should be designated for Prudential Regulation by the PRA; and which categories of firms outside the scope of its regulation from which the PRA may collect information specifically for the purpose of promoting financial stability. When firms are operating outside of the regulatory regime, the FCA’s Enforcement and Markets Oversight Division has a dedicated Unauthorized Business Division that investigates suspected breaches of the general prohibition and/or contravene restrictions on financial promotions. |
| Assessment of Principle 8 | Largely Compliant |
| Comments | The U.K. authorities have made important progress in adopting a more rigorous and hands-on approach to supervision since the prior FSAP. The current FSAP took place during a period of continued development and transition, and offers a good stock-take of the state of the supervisory approach today as well as the outlook for its development in the future. Overall, the goal of U.K. authorities’ current supervisory approach is consistent with the objective of promoting and preserving systemic resilience. To be both effective and efficient, U.K. authorities made two important decisions.
These two decisions have influenced the shape of the U.K.’ supervisory approach in several important ways. The concentration of supervisory attention and resources on capital and liquidity in systemically important firms may have reduced the availability of attention and resources for other risk-management work within those firms. This is not to say that supervisors are doing little or no work in monitoring and evaluating risk-management in firms; on the contrary, supervisors today may be undertaking more hands-on work in evaluating risk-management practices within systemically important firms than was true in the past. Still, U.K. supervisors seem to have tipped the balance of their work toward evaluating the adequacy of those two important forms of financial resources that promote balance sheet strength. This could increase the risk that the supervisor is less aware of problematic practices and how risk is evolving in the firm. Moreover, the focus on systemically important firms may have reduced the availability of attention and resources for smaller and less systemically important firms, requiring supervisors to rely to a greater degree on automatic triggers to notify them of significant changes in risk profiles. Supervisors are compensating for the limitations by relying more on monitoring regulatory returns, data, and key ratios and trends, including mortgage lending growth; their goal is to identify outliers among smaller firms that may be experiencing unusual growth or challenges relative to their peers. Still, U.K. supervisors acknowledge that they have adopted a more responsive approach to the supervision of smaller firms. Supervisors are aware of these challenges that the current approach introduces and seek to mitigate the risk through several ways.
Still, the current approach potentially leaves open gaps. As noted below, the reviews of risk-management in even the largest firms take place over a period of years, which could leave the system exposed to undetected issues that emerge in the short run given how dynamic and competitive the largest firms tend to be, risk profiles can evolve quickly; supervisors that are less engaged in evaluating internal developments and practices could face surprises. The approach likewise appears to focus more on the risk of failure and less on slowly emerging malaise in firms, which could cause a slow drag on the financial system or the economy, although the PIF does give the authorities a means for monitoring and addressing both rapid and slow burning risks. Discussions with industry observers and participants also noted an underlying theme of inconsistencies in how supervisory teams communicate messages and recommendations to firms. Some said that the teams communicated clearly their concerns and what they expected firms to do. Others said that some teams were less clear about next steps that are expected or that the tone of the communication in face-to-face meetings was more favorable than the subsequent written communication. Assessors had an opportunity to review PSMs and other communications with firms; they noted, in general, that supervisors tended to describe key risks and concerns clearly. In a few cases, however, what the firm was expected to do was less clear other than to respond to the supervisor’s letter. Finally, the more reactive approach adopted for smaller firms increases the likelihood that smaller institutions in a particular geographic region, or classes of institutions across the financial system, could develop similar exposures over time and face similar challenges simultaneously. Outlier analysis can fail to spot broad growth in risk within many firms at the same time: if all are building up risks in the same manner, the supervisor may be less able to identify the relative increase in risk across firms. Customers dependent on similar or smaller firms could face credit crunches and other challenges at the same time. While supervisors should expect firms to behave prudently and manage their businesses appropriately, U.K. supervisors continue to rely substantially on setting out supervisory expectations for firms to follow and on the firms to inform their supervisors when they find areas in which they do not meet expected standards. Overall, the foundation for U.K. supervisors’ expectations are articulated in the “Threshold Conditions” and in the PRA’s “Fundamental Rules” and FCA’s “Principles for Business.” The approach is based on holding firms and their senior management accountable for their compliance with rules and regulations and for conducting their business in a prudent, safe, and sound manner. While supervisors may well probe and test statements more than before, especially in the largest firms, in the IMF’s view, U.K. supervisors could undertake more independent probing to ensure firms’ prudence and propriety. Given recent concerns about weaknesses in conduct and culture, it is important that U.K. supervisors continue to probe firms’ compliance, safety, and soundness more carefully and intensely than before the crisis. The U.K. supervisors nonetheless appear cognizant of these risks and, as noted above, have adopted reasonable mitigants, though some have yet to be deployed (such as the SMR). Consequently, at this time, the gaps that may exist no longer appear to be severe, warranting an upgrade since the prior FSAP’s assessment to “largely compliant” for this component. |
| Principle 9 | Supervisory techniques and tools. The supervisor uses an appropriate range of techniques and tools to implement the supervisory approach and deploys supervisory resources on a proportionate basis, taking into account the risk profile and systemic importance of banks. |
| Essential criteria | |
| EC 1 | The supervisor employs an appropriate mix of on-site and off-site supervision to evaluate the condition of banks and banking groups, their risk profile, internal control environment and the corrective measures necessary to address supervisory concerns. The specific mix between onsite and off-site supervision may be determined by the particular conditions and circumstances of the country and the bank. The supervisor regularly assesses the quality, effectiveness and integration of its on-site and off-site functions, and amends its approach, as needed. |
| Description and findings re EC 1 | The PRA seeks to conduct its supervision through “CA,” aiming to update is overall evaluations of a firm’s condition, the risks it faces, and the risks it poses. For each firm, the PRA operates an annual review cycle. While the PRA seeks to evaluate each risk element annually, it may emphasize some over others such that all elements should be evaluated at least once every three years. The PRA takes stock of its assessments on annual basis through a PSM, followed six months later by a mid-point review. These check points are overseen by more senior managers, who evaluate decisions and recommendations that the supervisors make in order to ensure effectiveness and appropriateness of their supervision. In formulating its views, the PRA draws upon a broad set of information and data. Supervisors require firms to submit regulatory returns; it draws on information in public disclosures; and it may request additional, firm-specific information such as MI or forecasts. Because of the importance of the data in informing its views, the PRA may periodically validate the data, either through onsite inspections or through the employment of third parties. To support this information-gathering and analysis, the PRA requires firms to participate in meetings with supervisors. For the largest, most systemically important firms, the PRA employs a dedicated team of supervisors for each firm who conduct both onsite and offsite work, drawing on specialists from outside of the team when necessary. The team coordinates and conducts all on- and offsite supervision. Firms judged to pose lower levels of risks may be subject to less intensive supervision, drawing on supervisors who may oversee on- and offsite work for groups of institutions. The PRA’s work increases in frequency and intensity such that its engagement is higher with those firms with the most significant potential impact relative to those with less significant potential impact. At the firms with the greatest potential impact, the PRA conducts a mix of onsite testing or inspections as well as “baseline monitoring,” which includes offsite monitoring and analysis and discussions with managers and staff at the firms. PRA staff indicated that reviews of some risk elements, such as operational risk, can require up to three years to complete a cycle of reviews at one large firm. For exposures to credit risk, PRA staff indicated that they review credit risk measures and sometimes engage in testing by reviewing a variable number of loan files, etc. At firms with lower potential impact, more of the work centers on baseline monitoring and analysis, as fewer risk specialist resources are generally available. The FCA relies on a range of on- and offsite tools that it applies on a risk-based basis to firms depending on their size and risk profile. The FCA has decided to focus most of its firm-specific supervisory resources on the large and higher-risk banks in the United Kingdom. The FCA’s approach to supervision relies on three pillars, and the largest banks are subject to all three pillars, namely: proactive work, such as meetings with banks’ senior management (Pillar 1); reactive work to deal with emerging or “crystallized” risks (Pillar 2); and thematic or cross-firm work across arrange of banks (Pillar 3). In addition, the FCA prepares a periodic overall assessment (“firm evaluation”) for larger firms. Smaller banks are subject primarily to Pillars 2 and 3 work only. |
| EC 2 | The supervisor has a coherent process for planning and executing on-site and off-site activities. There are policies and processes to ensure that such activities are conducted on a thorough and consistent basis with clear responsibilities, objectives and outputs, and that there is effective coordination and information sharing between the on-site and off-site functions. |
| Description and findings re EC 2 | As part of the PRA’s annual supervisory cycle, supervisors take part in an internal PSM, which includes proposing a schedule of work and an overall supervisory strategy for the firms. The results of the PSM include activities that the supervisors expect to undertake and how these activities relate to the conduction of the firm. The seniority of members of the PSM varies depending on the potential impact of the firm, with the most significant firms being discussed at senior governance committees. For the largest Category 1 firms, Executive Directors and senior staff are typically involved in the PSM; for smaller firms, the PSM may consist of heads of supervisory departments or local supervisory line management. This stratification of firms and PSM members allows for greater consistency in decision making as PSMs for firms within a group of peers share PSM members, giving visibility across the population and allowing for the level of supervisory activity to be coordinated in a more consistent manner. As noted above in EC 1, once the supervisory plan is agreed at the PSM for the largest, most systemically important firms, the relevant team conducts all on- and offsite work. For firms judged to pose lower levels of risk, a team may coordinate and conduct the supervision of more than one firm. The FCA’s approach to key pieces of firm-specific work is set out in various “How To” guides, such as carrying out a firm evaluation; carrying out an interim view; carrying out a deep-dive assessment; and assessing whether an issue is outside supervisors’ risk appetite and therefore requires supervisory intervention. Established procedures exist for supervisors carrying out thematic work to discuss their findings with firm supervisors. |
| EC 3 | The supervisor uses a variety of information to regularly review and assess the safety and soundness of banks, the evaluation of material risks, and the identification of necessary corrective actions and supervisory actions. This includes information, such as prudential reports, statistical returns, information on a bank’s related entities, and publicly available information. The supervisor determines that information provided by banks is reliable and obtains, as necessary, additional information on the banks and their related entities. |
| Description and findings re EC 3 | The PRA draws upon a variety of information and data to form supervisory judgments, and requires firms to submit sufficient data—of appropriate quality—to inform their judgments about material risks. The PRA periodically seeks to validate firms’ data, either through onsite inspection by PRA staff or by third parties. Supervisors gather and analyze some information on a regular basis through regulatory returns; they consider as well as information in the public domain, such as firms’ annual reports and disclosures. Other information-gathering practices are described above (see, for example, EC 1). For regulated entities that are parts of international groups, the PRA will work with other regulators via supervisory colleges and other means of communication to achieve a more-collaborative approach to supervision, including sharing and reviewing supervisory information where appropriate. Across the financial services sector, the PRA works with the FCA and the FRC where appropriate to improve the quality and usefulness of information disclosed on firms’ safety and soundness. The FCA likewise receives information from a range of sources—including from firms directly, as well as from across the FCA, from other supervisors, from customer complaints, from letters from members of parliament, and from publicly available sources. While FCA supervisors do not routinely assess the reliability of information supplied by banks, they are empowered to investigate the accuracy of the information or to require a third-party to do so where they have reasonable grounds to question the reliability of the information. |
| EC 4 | The supervisor uses a variety of tools to regularly review and assess the safety and soundness of banks and the banking system, such as:
The supervisor communicates its findings to the bank as appropriate and requires the bank to take action to mitigate any particular vulnerabilities that have the potential to affect its safety and soundness. The supervisor uses its analysis to determine follow-up work required, if any. |
| Description and findings re EC 4 | The PRA reviews its judgment of the risk to firms’ safety and soundness, communicates these judgments to firms, and requires them to take action to address them. The PRA uses a variety to tools to do so, including all listed in the essential criterion. Assessors had an opportunity to review recent selected analyzes and reports similar to each of the examples cited above. In this regard, evaluating a firm against the PRA risk model includes analysis of financial statements, business model analysis, stress testing, and analyzes of corporate governance, among others. As described early under BCP 8 above (supervisory approach), the PRA relies on its PSM process to aggregate its views and consult internally and with the FCA to determine key messages. It then sends an annual letter to each firm’s Board, outlining key risks that are of greatest concern and on which it requires action, which it subsequently expects to verify for itself. The PRA sends individually tailored letters to all firms except those with the lowest potential impact (usually Category 4 and 5), where a standard letter outlines issues the supervisor has identified relative to all firms in that group, unless specific issues have been identified for a particular firm. For Category 1 firms, the deputy governor for the PRA and senior PRA staff attend major U.K. banks’ Board meetings to present the PSM messages. The PRA communicates other issues identified between annual letters and requires the firm to take action. The PRA undertakes horizontal peer reviews on a systematic basis for small firms. For larger firms, such as Category 1 firms, the PRA performs horizontal peer reviews on a particular risk issue. It considers Pillar 2 capital assessments concurrently across all Category 1 firms to ensure consistency in its assessments and judgment. The FCA is responsible for identifying risks to consumers at individual banks and across the banking system as whole that arise from banks’ conduct and risks to market integrity. Given the significant impact of the costs of redress exercises and conduct-related fines in recent years, the FCA has regular dialogue with the PRA to ensure that the PRA can take estimates of future cost into account in their assessment of bank and systemic stability. |
| EC 5 | The supervisor, in conjunction with other relevant authorities, seeks to identify, assess and mitigate any emerging risks across banks and to the banking system as a whole, potentially including conducting supervisory stress tests (on individual banks or system-wide). The supervisor communicates its findings as appropriate to either banks or the industry and requires banks to take action to mitigate any particular vulnerabilities that have the potential to affect the stability of the banking system, where appropriate. The supervisor uses its analysis to determine follow-up work required, if any. |
| Description and findings re EC 5 | FSSR within the BoE is responsible for identifying and assessing risks to financial stability from across the banking system as a whole and defining the BoE’s strategy for responding to them. For example, the PRA conducted a CST of eight major U.K. banks and building societies in 2014. Given that only one firm had fallen below that year’s threshold at the trough of the scenario, that capitalization of the financial system had strengthened further over 2014, and that the PRA had formed plans with the stress tested firms to build capital further, the FPC reached the view that the system’s resilience had improved since the capital shortfall exercise the prior year. The FPC judged that no system-wide, macroprudential actions were needed in response to the stress test. For 2015, the PRA expects all Category 1 to 4 firms to adopt the published scenario in their own stress testing. Beyond stress testing, AQRs form part of the PRA’s continuous assessment (CA) of business risk, enabling supervisors to form judgments about the quality of assets and to identify current and potential threats to a firm’s assets through concentrations, legacy risks, and market and evaluation issues. SRS may undertake sector reviews; assessments of appropriateness of valuation, provisioning, and forecasts; and assessment of risk measures, including of portfolio stress tests (see CP 17 and 18). In terms of communicating other emerging risks, the BoE publishes papers on financial stability themes; these publications are designed to offer new insight into risk management, to promote risk reduction policies, to improve financial crisis management planning, or more generally to report on particular aspects of the BoE’s systemic financial stability work. In addition, the FPC prepares and publishes a FSR twice a year. In this report, the FPC outlines its outlook for U.K. financial stability, the resilience of the U.K. financial system, the current risks to financial stability, and actions it is taking to remove or reduce those risks. The FCA communicates its views on conduct matters to individual banks or to the wider industry as appropriate, including the desired regulatory action. As an example, following a firm evaluation, the FCA sets out its views on the firm in a letter to the firm’s Board and it meets the Board to discuss its views and the required actions. |
| EC 6 | The supervisor evaluates the work of the bank’s internal audit function, and determines whether, and to what extent, it may rely on the internal auditors’ work to identify areas of potential risk. |
| Description and findings re EC 6 | As part of the PRA’s CA of a firm, the supervisor evaluates a bank’s internal audit function. PRA staff meet with the audit function periodically (for Category 1 firms, it can be monthly or more, as needed, though this may vary between supervisory teams), review audit reports, and seek to understand how audit findings have been addressed. The assessment of internal audit may influence the PRA’s overall assessment of the firm and can affect the assessment of the risk-management and controls element within the PRA risk model and the PIF stage of the firm. Where the PRA feels it can rely on an internal audit function’s work, it may use firms’ internal audit functions to identify and measure risks. The FCA, in turn, engages in periodic dialogue with the internal audit function in firms that it supervises on an individual basis. A primary goal is to understand the scope of the function’s work and the extent to which it will provide insight into the conduct risks within a firm. |
| EC 7 | The supervisor maintains sufficiently frequent contacts as appropriate with the bank’s Board, nonexecutive Board members and senior and middle management (including heads of individual business units and control functions) to develop an understanding of and assess matters such as strategy, group structure, corporate governance, performance, capital adequacy, liquidity, asset quality, risk management systems and internal controls. Where necessary, the supervisor challenges the bank’s Board and senior management on the assumptions made in setting strategies and business models. |
| Description and findings re EC 7 | The PRA’s supervision involves engagement with firms at all levels of seniority, and the Board as a whole should expect regular dialogue with the PRA, either in groups or on an individual basis. Supervisors assess the collective Board and senior management effectiveness in setting strategy as part of the management and governance element of the PRA risk model. The exact work that the PRA undertakes varies in frequency and intensity in line with a firm’s potential impact and other factors. For a U.K. bank with a high level of potential impact (Category 1), a supervisor may hold quarterly meetings with regular heads of individual business units and meetings with nonexecutive directors (NEDs) of the firm every six months. For smaller firms (Category 2–4), meetings may be less frequent. The precise timing and structure of meetings are discussed and agreed as part of the PRA’s annual supervisory review process (the PMS). For banks that the FCA supervises on an individual basis, the FCA has a program of regular “Proactive Engagement” meetings with key Board members (such as the senior independent director and chair of key Board committees) and with senior management. These meetings are intended to help FCA supervisors understand the bank’s strategy, the conduct risks that are emerging, and how the firm is addressing those risks. The minimum number and frequency of Proactive Engagement meetings is prescribed and is also informed by judgment about the risk inherent in the firm. |
| EC 8 | The supervisor communicates to the bank the findings of its on- and supervisory analyzes in a timely manner by means of written reports or through discussions or meetings with the bank’s management. The supervisor meets with the bank’s senior management and the Board to discuss the results of supervisory examinations and the external audits, as appropriate. The supervisor also meets separately with the bank’s independent Board members, as necessary. |
| Description and findings re EC 8 | For the PRA, on- and offsite analysis feeds into the annual PSM process, and the PRA sends an annual letter to each firm’s Board outlining the key risks that are of greatest concern and on which it requires action. The PRA expects to verify itself that the action is taken and communicates to the Board how it intends to do so. For supervisory reviews conducted throughout the year, such as specialized examinations of particular issues, the PRA communicates its findings through both verbal discussions with the firm and often with written communications such as letters to management. As noted above under EC 5, the FCA likewise sends a letter to a firm’s Board following its completion of a firm evaluation. |
| EC 9 | The supervisor undertakes appropriate and timely follow-up to check that banks have addressed supervisory concerns or implemented requirements communicated to them. This includes early escalation to the appropriate level of the supervisory authority and to the bank’s Board if action points are not addressed in an adequate or timely manner. |
| Description and findings re EC 9 | After sending its annual letter to each firm’s Board, the PRA records the issues it in its “Risk Management System” and includes details and an expected completion date for the firm’s mitigating action. Senior management within the PRA receive reports on open issues and actions, and supervisors may run reports for the firms they supervise to allow for timely follow-up. Corrective actions are reviewed at the PSM and subsequent mid-year review to ensure completion; if the actions have not been completed, supervisors may escalate the concern to the appropriate level within the PRA and include those concerns in a post-PSM letter sent to the firm’s Board. Supervisors may rely on firm attestations—which are written and signed statements indicating that the firm has corrected a matter—as a supervisory tool to ensure that a firm has remediated PRA-identified issues. Attestations may enable supervisors to implement a judgment-based approach to supervision and to place responsibility on the firm to comply. Supervisors at the FCA are empowered to determine which issues and risks require corrective action by a bank. Supervisors determine the extent of monitoring of a banks remediation, taking into account such factors as the significance of the issue and the bank’s track record in resolving past issues. Supervisors can furthermore escalate concerns about a firm’s response to senior managers at the FCA. |
| EC 10 | The supervisor requires banks to notify it in advance of any substantive changes in their activities, structure and overall condition, or as soon as they become aware of any material adverse developments, including breach of legal or prudential requirements. |
| Description and findings re EC 10 | Both the PRA and the FCA expect firms to keep their supervisors informed of relevant developments about which the supervisor would expect to be notified. As noted earlier, the PRA sets this expectation through Fundamental Rule 7, and the FCA relies on a similar expectation that firms deal with supervisors in an open and honest way. With regard to the PRA, the fundamental rules are supported by more detailed PRA rules and the directly applicable requirements in the CRR (Regulation 575/2013. A PRA-authorized firm must comply with these requirements and must know what they mean for its business. A failure to comply may be relevant to a firm’s ongoing compliance with the Threshold Conditions, and may result in enforcement or other actions. |
| EC 11 | The supervisor may make use of independent third parties, such as auditors, provided there is a clear and detailed mandate for the work. However, the supervisor cannot outsource its prudential responsibilities to third parties. When using third parties, the supervisor assesses whether the output can be relied upon to the degree intended and takes into consideration the biases that may influence third parties. |
| Description and findings re EC 11 | The U.K. authorities consult with external parties especially in two sets of circumstances. First, the PRA makes use of external auditors to inform supervisory assessments and has set out expectations in how such discussions should be managed in its SS entitled, “the relationship between the external auditor and the supervisor: a Code of Practice.” The statement notes that supervisors and auditors should seek an open, cooperative, and constructive relationship on topics of relevance to both parties. In the case of Category 1 firms, the PRA has explicit expectations for supervisors to meet bilaterally with the largest firms’ external auditors twice per year and “trilaterally” with the external auditors as well as the chair of the audit committee of the firm’s Board of Directors at least once per year. Second, both the PRA and the FCA have the ability to require the provision of a report on a firm by a “skilled person” under S166 of the FSMA 2000. These skilled persons may be engaged when the supervisor believes that a particular expertise may be necessary to evaluate an issue at a firm; when the supervisor wishes to gain an independent perspective on an issue; or when the supervisor believes that resource constraints or other supervisory priorities preclude the supervisor for conducting such work. The assessors had an opportunity to review such reports prepared by skilled persons and found the reports in general to be thorough and serious evaluations of specific issues in the target firms. |
| EC 12 | The supervisor has an adequate information system which facilitates the processing, monitoring and analysis of prudential information. The system aids the identification of areas requiring follow-up action. |
| Description and findings re EC 12 | A central function within the BoE, the regulatory data group (RDG), processes and monitors regulatory data using various information systems. The PRA and FCA jointly rely on GABRIEL, which is a portal through which supervised firms submit regulatory forms. The RDG relies on automated solutions such as the “Alert Manager System” to identify any areas of follow-up for supervision, such as unusual changes in financial measures. Assessors viewed demonstrations of several such systems and had an opportunity to speak with staff about how the systems are used to monitor firms’ condition, track supervisors’ evaluations of issues, and inform the supervisory process. |
| Additional criteria | |
| AC1 | The supervisor has a framework for periodic independent review, for example by an internal audit function or third party assessor, of the adequacy and effectiveness of the range of its available supervisory tools and their use, and makes changes as appropriate. |
| Description and findings re AC1 | Under the Financial Services Act of 2012, the NAO was made the statutory auditor of the FCA and the PRA as of April 2013. The NAO performs review the supervisors’ activities and performance and makes public its findings. Both the PRA and the FCA maintain internal audit functions within their respective organizations that may review each respective supervisor’s programs and performance periodically. Both supervisory agencies have also developed internal review functions. The PRA, for example, relies on an internal supervisory oversight function (SOF) that provides the PRA Board with assurance on the quality and effectiveness of supervision. It is not necessarily an audit or compliance function and instead supports the development of supervisory strategy within the PRA, as well as the exercise of sound supervisory judgment internally, by focusing on how the PRA engages with the firms it supervises. When necessary, the SOF can also supplement supervisory resources to address urgent priorities. The SOF is made up of about 26 staff, most of whom have prior supervisory experience. It reports directly to the PRA Board. Similarly, the FCA created a specialist review function in 2010 to assure the quality and effectiveness of its supervision of major banks and other firms. It serves as part of the FCA’s second line of defense, forming part of the FCA’s Risk and Oversight Division, and evaluates supervisory strategy, the use of supervisory tools, and supervisors’ understanding of risks. |
| Assessment of Principle 9 | Largely Compliant |
| Comments | Overall, U.K. authorities appear to have taken a more active approach to using supervisory tools especially in the portfolio of the largest and most systemically important firms. Still, vestiges of concerns identified during the prior FSAP persist. Themes carrying over from the prior FSAP relate to the depth of onsite work, especially testing and the potential reliance on “skilled persons” in place of deploying supervisory resources onsite. Another theme remains the relatively low level of application of supervisory tools to smaller firms. While it does appear that prudential supervisors are engaging in more “hands-on” supervisory work at the largest firms, some reviews and periodic “deep dives” appear to be more cursory than might be expected in firms of such significance. For example, PRA staff indicated that AQRs are conducted several times per year at Category 1 firms; these reviews can be varyingly staffed and scheduled, but can entail visits lasting few days, with three or four risk specialists and relying on the review of a limited number of loan files. In addition, staff related to the assessors insight into a variety of “conversations” that take place onsite at the largest firms, often led by experts from the supervisory risk specialists (SRS) department. Such regular dialogue is indeed an important part of contemporary supervision of large firms; however, the PRA may be able to draw greater confidence about the information gathered through such conversations by validating the information described to the supervisors. It remained unclear to the assessors how much supplemental testing and validation supervisors undertake following these regular meetings with senior executives and business leaders at the largest firms; it is consequently an open question whether supervisors are simply trusting their counterparts at the firm. To gain supplementary insight into significant issues at firms, supervisors from both the FCA and the PRA repeatedly referred to the potential use of S166 “skilled persons” reviews as a powerful tool for supplementing ordinary supervision. These views should be evaluated in the context of the CP’s admonition against “outsourcing” prudential responsibilities to third parties (EC 11). The benefits that staff cited for employing such external resources are not unpersuasive. Staff cited their sense that skilled persons can bring special insight that can carry extra weight with firms given their expertise; that skilled persons can provide an independent view to bolster the supervisors’ views; and that skilled persons may be able to perform some reviews faster and with greater focus than supervisors could, or that these external parties may be able to allow supervisors to focus scarce resources and time on other priorities. It should also be noted that firms bear the costs of skilled-persons reviews, which may also be beneficial in managing the costs and resources associated with special reviews, and that supervisors remain engaged through regular dialogue with the skilled persons and the firms. Assessors at the prior FSAP noted that S166 reviews and “deep-dive” reviews “cannot be really seen as an onsite supervision system with transaction testing, even on a on a select basis.” Assessors at the current FSAP continue to share those concerns. Supervisors shared informal statistics indicating that S166 reviews are not employed frequently in the largest firms. Assessors understand that supervisors are not seeking to outsource supervisory responsibility to third parties, yet are concerned that relying on such tools can reduce the sense that such skills and expertise need to be developed and maintained within the supervisor staff so that the authorities can deploy expert judgment more frequently and more consistently across the broad population of firms they supervise. S166 reviews convey real benefits in situations requiring particular expertise or significant resources; supervisors should employ such resources with care, as U.K. authorities agree that the use of external consultants should not be viewed as a way to reduce the need for supervisors to develop appropriate skills and knowledge. Finally, while supervisors have developed a suite of tools that are important to evaluating safety and soundness and firms’ condition and performance, the use of these tools is highly concentrated in the largest and most systemically important firms. Some onsite reviews and testing does seem to take place in Category 2 firms, though the assessors could not confirm that this was more than sporadic. Supervisors acknowledged that a more reactive approach has been adopted for smaller firms, with automated “baseline” monitoring serving as the primary tool for conducting day-to-day supervision. |
| Principle 10 | Supervisory reporting. The supervisor collects, reviews and analyzes prudential reports and statistical returns50 from banks on both a solo and a consolidated basis, and independently verifies these reports through either on-site examinations or use of external experts. |
| Essential criteria | |
| EC 1 | The supervisor has the power51 to require banks to submit information, on both a solo and a consolidated basis, on their financial condition, performance, and risks, on demand and at regular intervals. These reports provide information such as on- and off-balance sheet assets and liabilities, profit and loss (P&L), capital adequacy, liquidity, LE, risk concentrations (including by economic sector, geography and currency), asset quality, loan loss provisioning, related party transactions, interest rate risk, and market risk. |
| Description and findings re EC 1 | Art. 65(3) of the CRD requires competent authorities—which are the PRA and the FCA in the United Kingdom—to have all information gathering and investigatory powers that are necessary for the exercise of their functions, including the specific powers set out in 65(3)(a). The EU harmonized supervisory reporting requirements—provided for in the CRD and EC regulations on reporting—encompass a comprehensive range of information for the supervisor to perform a risk assessment, including:
As per the CRR, reporting is due both on a consolidated (prudential) and solo level and it covers on- and off-balance sheet items. All banks are required to prepare and deliver common reporting (COREP). The reporting requirements are defined by EBA ITS on supervisory reporting, which were introduced in Q1 2014 and are being phased in over a number of years. Frequency varies between reporting from monthly (liquidity) to quarterly and semi annual or annual for some individual templates. COREP data must be reported on both a solo and consolidated basis by all firms covered by the CRR, while FINREP is mandatory only for international financial reporting standards (IFRS) institutions at consolidated level (though NCAs can extend to GAAP firms on consolidated level). Solo level reporting remains national discretion. NCAs can require regular reporting outside the scope of the ITS on supervisory reporting. COREP covers capital adequacy, liquidity, LE, risk concentrations (including by economic sector, geography and currency), asset quality, loan loss provisioning, related party transactions, and market risk; while FINREP covers, inter alia, on- and off-balance sheet assets and liabilities, and P&L. The PRA has power to require credit institutions that it regulates to submit any information or documents reasonably required in connection with the exercise of its functions under FSMA (S165) and also from those it does not directly regulate (such as third-party service providers or managers of investment funds) if relevant to the financial stability of the United Kingdom (S165A). The PRA also has the power under FSMA to make rules, and has made rules, requiring firms that it regulates to submit regular reporting (for example, the main regulatory reporting rules are known as Supervision (SUP) 16.12 in the PRA Handbook, soon to be moved over to the PRA Rulebook as the Regulatory Reporting Part). FINREP data for solo entities and for firms that do not report according to FINREP are collected on a regular basis using PRA-specific supervisory reporting templates. As well, under the PRA’s S55M FSMA powers, the PRA may impose a requirement on a regulated firm, which could include a regular reporting requirement, including, inter alia, on- and off-balance sheet assets and liabilities and P&L items for non-FINREP reporters and interest rate risk. |
| EC 2 | The supervisor provides reporting instructions that clearly describe the accounting standards to be used in preparing supervisory reports. Such standards are based on accounting principles and rules that are widely accepted internationally. |
| Description and findings re EC 2 | According to the CRR (Art. 99(2)), FINREP reporting templates for supervisory purposes are required to be based on the IFRS at the consolidated level (see EC 1). At the solo level, reporting can be based on local Generally Accepted Accounting Principles (GAAP) and national discretion can be exercised to require IFRS for solo reporting of FINREP. Reporting instructions are included in Commission Implementing Regulation (EU) No. 680/2014 that contains detailed instructions for the submission of supervisory reporting. FINREP reporting is based on IFRS and adapted also for national GAAPs. To ensure consistency and comparability of information, the ITS indicates that firms should use the same accounting framework for both own funds and FINREP. FINREP reporting templates for supervisory purposes are required to be based on the IFRS (see EC 1) for firms that meet that meet the criteria of CRR (Art. 99(2)). As the United Kingdom has not exercised the national discretion, under Art. 99(3) CRR, to require FINREP reporting, also to those firms that do not meet the criteria of CRR Art. 99(2), they report P&L and balance sheet data using U.K.-specific FINREP templates. The PRA asks firms to submit regulatory returns—including COREP and its own supervisory reporting returns–using their normal accounting practice or applicable accounting framework at that time. For most firms, the relevant framework is IFRS or U.K. GAAP (but some firms use other national GAAP frameworks, e.g., U.S. GAAP). Reporting instructions for U.K. regulatory returns, including information about the accounting standards to be used, are available on the BoE’s website. For example, Annex 25A of SUP 16 provides guidance on the completion of returns required SUP 16.12. On April 7, 2015 the PRA published a note setting out the basis under which it will accept regulatory returns during the transitional period for first-time adopters of FRS 102 that are currently applying old U.K. GAAP (meaning pre-FRS 102 U.K. GAAP). General Prudential Sourcebook (GENPRU) 1.3 sets out general rules and guidance as to how a firm should recognize and value assets, liabilities, exposures, equity, and income statement items. These are consistent with IFRS and U.K. GAAP accounting standards (whichever applicable) |
| EC 3 | The supervisor requires banks to have sound governance structures and control processes for methodologies that produce valuations. The measurement of fair values maximizes the use of relevant and reliable inputs and is consistently applied for risk management and reporting purposes. The valuation framework and control procedures are subject to adequate independent validation and verification, either internally or by an external expert. The supervisor assesses whether the valuation used for regulatory purposes is reliable and prudent. Where the supervisor determines that valuations are not sufficiently prudent, the supervisor requires the bank to make adjustments to its reporting for capital adequacy or regulatory reporting purposes. |
| Description and findings re EC 3 | Art. 24 of the CRR specifies that the valuation of assets and off-balance sheet items shall be effected in accordance with the applicable accounting framework. Art. 76 of the CRD requires that the management body will devote sufficient time to the consideration of risk issues as well as the valuation of assets, the use of external credit ratings and internal models relating to those risks (see para. 2). The RTS for prudential valuation (EBA/RTS/2014/06/rev1) establishes approaches for prudential valuation adjustments as required by the CRR for traded instruments (simplified and core approaches). The final draft has been published and is pending approval by the EC. The PRA requires banks to establish and maintain systems and controls sufficient to provide prudent and reliable valuation estimates under GENPRU 1.3.13 in the PRA Handbook. The onus to comply is on the banks themselves. For the largest firms, the PRA assesses compliance at a high level through desk-based reviews of firm’s MI (prepared offsite via extensive analysis of MI sent by the bank and supported by a two to three hour meeting with the firm). Risk specialists conduct assessments of major firms’ valuation frameworks in various forms, including via high level semiannual CA reviews, thematic reviews, and assessments of applications for internal models approaches (IMA) permissions. The aim of the review is to evaluate the effectiveness of banks’ governance frameworks, policies, and controls around accounting system valuations. Accounting experts review major firms’ disclosures in conjunction with front line supervision. The PRA can require banks to make adjustments to their reporting for capital adequacy/regulatory reporting purposes when it determines that valuations are not sufficiently prudent. Where any concerns are identified the PRA may undertake additional work. Supervisors can also use powers under FSMA (S166) to require external experts (“skilled persons”) to review aspects of the processes for determining valuations. Banks may be required to address any deficiencies. Where the supervisor does not consider banks’ governance structures and control processes suitable, then it applies add-ons/scalars to account for the uncertainty concern. The PRA can take enforcement action in response to poor reporting. The PRA adopts a risk-based approach and, hence, risk specialists focus on the more systemically important (Category 1) firms and on the positions that supervisors have identified as having material valuation risk. A systematic approach for reviewing all mark to market positions has not been established. As the smaller firms do not typically have assets that mark-to-model and do not have trading books, many of the more difficult problems in the area of valuations do not apply to them. However, where it is relevant to a small bank, the supervisor seeks specialist support and cover as part of their supervisory strategy if they consider it to be a material risk. For example, supervision and valuation specialists have conducted valuation reviews of material Category 2–4 firms that have trading books. Supervisors also discuss on a frequent basis with the firm and external auditors. Valuations are picked up as part of the meeting with the external auditors; however these meetings focus on accounting valuations rather than regulatory valuations. The United Kingdom has an established prudent valuation approach, which has led to developing, both reporting requirements and technical standards for prudent valuations. Starting December 2010, relevant U.K. firms have been required to report prudent valuation adjustments in quarterly reports. U.K. firms are required to deduct prudent valuation adjustments from capital. Other ongoing reforms include changes to U.K. GAAP, which will increase the emphasis on fair value accounting for those firms that use U.K. GAAP. Unrealized gains or losses currently concealed in assets that are valued at historic cost will be revealed. |
| EC 4 | The supervisor collects and analyzes information from banks at a frequency commensurate with the nature of the information requested, and the risk profile and systemic importance of the bank. |
| Description and findings re EC 4 | The EBA ITS on supervisory reporting sets out the frequency at which COREP and FINREP returns have to be collected. The required frequency depends on the nature of the information requested; for example, banks report liquidity data on a monthly basis; comprehensive capital adequacy and FINREP data on a quarterly basis; and some FINREP templates on a semiannual or annual basis. CRD Art. 104(1)(j) enables the PRA to impose additional or more frequent reporting on a firm or firms similar risk profiles, including reporting on capital and liquidity positions. Accordingly, the PRA requires the highest impact firms to report capital data (including projections) on a monthly basis (via the Capital+ return), and liquidity data both more frequently (weekly) and with greater detail (e.g., banks’ funding plans). COREP and FINREP also provide for proportionality—reducing reporting requirements for smaller firms, as do the reporting requirements set out in SUP 16.12 of the PRA Handbook. For example, materiality thresholds ensure that less detail is required to be reported for firms below a certain size and/or positions below a certain monetary value. PRA-specific returns are also required to be reported at a frequency appropriate to the nature of information and size of firm. The reporting frequencies for PRA handbook returns are set out in SUP 16.12.6. Detailed firm data are collected to support the annual stress testing cycle, which currently focuses on systemic U.K. firms. Most of these data are reporting annually, but some are collected on a more frequent basis. Where additional risk is identified (e.g., during a stress), then the supervisor may request information of increased detail/frequency as they consider appropriate. In April 2015, the PRA published policy statement PS8/15 setting out a rule requiring incoming firms and third country firms to submit a branch return on a six-month basis. The branch return will provide the PRA with information about the U.K. activities of these firms. The reporting burden imposed on firms by new nonmandatory data collections is reviewed by PRA/FCA governance structures to ensure that it is proportionate and that the data are collected at an appropriate frequency. Typically, returns are allocated to supervisors for review based on their area of focus and expertise, for example: capital and leverage; credit risk; market risk; operational risk; LE; and/or liquidity risk. The review process is currently focused on COREP data and the PRA handbook returns. FINREP data will be incorporated into the process as soon as practical. Reviews are carried out in line with the relevant reporting frequency and conducted at group level and/or solo level aligned with the PRA’s overall supervisory approach. For example, liquidity returns are reviewed based on liquidity subgroups, rather than on a solo level. The reviews are based on time series of key data judged to be reliable high-level indicators of a changing risk profile. This includes regulatory limits, such as LE limits and capital ratios. Any supervisory observations of material movements or actions taken with the firm are recorded as part of the process. Supervisors of the major U.K. deposit takers draw extensively on firms’ own MI as well as regulatory data. The PRA receives monthly MI from firms considered complex and of high impact. The PRA receives MI as and when it needs it from smaller and less complex firms. Building societies and credit unions that are rated as Category 2–4 firms are currently subject to the same frequency and level of review although the PRA is exploring alternative options in this area. For international banks, the requirements to review regulatory data are more detailed and more frequent for larger firms than for smaller firms, which reflect the PRA’s risk-based approach. Review processes are complemented by automated alerts against defined criteria (e.g., breach of LE rules), which are notified to supervisors in the e-mails announcing receipt of the data items. Supervisors acknowledge the alert within five days of it being generated, and within 10 days record a decision as to what action (if any) should be taken. Possible actions could include no action, following up with the firm via a phone call or other means (e.g., to sanitize the data), through to informing a decision to take a S166 action (when the data issues are deemed to be more serious and/or persistent). Alerts are closed off when the actions are complete. The internal capital adequacy assessment process (ICAAP), which is reviewed annually for larger firms and biennially for smaller firms, also contains firm data of a more detailed and granular nature than is obtained through the regular cycle of regulatory reporting. Regulatory data is also used to produce peer analysis e.g., capital, liquidity and LE of the largest eight U.K. banks—which is used by supervisors to supplement their individual analysis, identify outliers, and trends. As part of the PRA’s project for utilizing the broader data collection under CRD IV, the PRA is developing an IT project to expand the PRA’s analytical tools to support analysis of the regulatory data. |
| EC 5 | In order to make meaningful comparisons between banks and banking groups, the supervisor collects data from all banks and all relevant entities covered by consolidated supervision on a comparable basis and related to the same dates (stock data) and periods (flow data). |
| Description and findings re EC 5 | Standardized regulatory returns under the U.K. and EU regulatory framework COREP, FINREP, and SUP 16.12 define reporting dates and periods and reporting requirements for all firms meeting a verifiable set of criteria. Different balance sheet and P&L collections exist for solo and consolidated entities (for FINREP reporters) and between FINREP and non-FINREP reporting firms. This difference in the financial reporting regimes that apply to solo and consolidated entities, and between firms that use IFRS and local accounting standards is being addressed as part of the PRA data-stocktaking exercise, which is considering the feasibility of replacing existing financial reporting under U.K. GAAP (balance sheet and P&L returns with less granularity and no accounting, sectoral, or geographical breakdown) with reports that are consistent with the FINREP templates. COREP reporting is required to be on a calendar quarter. All other reporting requirements, including FINREP, allow firms to follow their own reporting cycle based on the firms’ year-end. |
| EC 6 | The supervisor has the power to request and receive any relevant information from banks, as well as any entities in the wider group, irrespective of their activities, where the supervisor believes that it is material to the condition of the bank or banking group, or to the assessment of the risks of the bank or banking group or is needed to support resolution planning. This includes internal MI. |
| Description and findings re EC 6 | Art. 4 of the CRD regarding designation of powers to the NCA provides the legal basis for supervisors to have access to all relevant information from banks as well as entities in the wider group. Para. 3 states that MS shall ensure that appropriate measures are in place to enable the NCA to obtain the information needed to assess the compliance of institutions, and of FHCs and MFHCs. Para. 5 states that MS shall also ensure that internal control mechanisms and administrative accounting procedures of the institution permit the checking of their compliance with such rules at all times. Art. 65(3) CRD requires competent authorities—which the PRA is for purposes of CRD IV in the U.K—to have all information gathering and investigatory powers that are necessary for the exercise of their functions. The PRA has power to require credit institutions that it regulates to submit any information or documents reasonably required in connection with the exercise by the PRA of its functions under FSMA (S165) and also from entities in the wider group, including those it does not directly regulate (such as third-party service providers or managers of investment funds) if relevant to the financial stability of the U.K. (S165A FSMA). Fundamental Rule 7 of the PRA Rulebook requires firms to be open with the PRA, and provide it with information that it can reasonably expect for the performance of its regulatory duties. SIG1 (Information Gathering) of the PRA Rulebook gives the PRA rights of access to relevant staff and information at firms which it supervises. The PRA requests firms to report the information it requires for supervisory and resolution purposes on a regular and/or ad hoc basis, as it deems appropriate. For example, the most systemically important U.K. headquartered firms provide detailed FINREP data via firm data submission framework (FDSF) templates that are used for stress-testing purposes. MI—including Board and Board committee papers—are regularly received and reviewed as well as other information required to enable supervisors to identify and assess risks. |
| EC 7 | The supervisor has the power to access52 all bank records for the furtherance of supervisory work. The supervisor also has similar access to the bank’s Board, management and staff, when required. |
| Description and findings re EC 7 | Art. 65 of the CRD provides the legal basis for the supervisor to have unfettered access to the managing body (Board), senior management, and staff as required to discharge the mandate of the NCAs (see para. 3). The PRA has power to require credit institutions that it regulates to submit any information or documents reasonably required in connection with the exercise by the PRA of its functions under FSMA (S165) and also from those it does not directly regulate (such as third-party service providers or managers of investment funds) if relevant to the financial stability of the U.K. (S165A FSMA). Fundamental Rule 7 of the PRA Rulebook requires firms to be open with the PRA and provide it with information which it can reasonably expect for the performance of its regulatory duties. SIG1 (Information Gathering) of the PRA Rulebook gives the PRA rights of access to relevant staff and information at firms which it supervises. Supervisors regularly meet with senior executives and Board members as part of their CA program and under the PRA powers to mandate meetings with holders of SIFs within a bank. For all Category 1–4 firms, there is a planned schedule of meetings with senior management and control function heads, with increased frequency for more systemically important firms. Supervisors attend firm Board meetings to present the findings of PSMs. For Category 2–4 U.K. banks, supervisors meet with the executive and some NEDs annually during the SREP and L-SREP process. Supervisors also meet the entire Board together or individually as part of a biennial review of Board-level governance. |
| EC 8 | The supervisor has a means of enforcing compliance with the requirement that the information be submitted on a timely and accurate basis. The supervisor determines the appropriate level of the bank’s senior management is responsible for the accuracy of supervisory returns, imposes sanctions for misreporting and persistent errors, and requires that inaccurate information be amended. |
| Description and findings re EC 8 | Art. 4 CRD requires that MS empower NCAs to obtain the needed information. Art. 67 paras. (e) to (m) establish the capacity for the NCA to enforce compliance with the requirement that information submitted for regulatory purposes is accurate and timely. Section SUP 16.3 of the PRA Rulebook sets out general requirements for firms to submit reports as required by the relevant parts of SUP 16 on a timely basis. The PRA Rulebook (Notification 6) states that a firm must take reasonable steps to ensure that all information it gives to the PRA in accordance with a rule is complete and accurate. If a firm is unable to obtain the information required, then it must inform the PRA that the scope of the information provided is, or may be, limited. If a firm becomes aware, or has information that reasonably suggests that it has or may have provided the PRA with information which was or may have been false, misleading, incomplete, or inaccurate, or has or may have changed in a material particular, it must notify the PRA immediately. The notification must include: details of the information which is or may be false, misleading, incomplete, or inaccurate, or has or may have changed; an explanation why such information was or may have been provided; and the correct information (if the correct information is not available, it must be provided as soon as possible afterwards). S398 of FSMA makes it an offence for a firm knowingly or recklessly to provide the appropriate regulator with information which is false or misleading in purported compliance with the appropriate regulator’s rules or any other requirement imposed by or under the Act. An administrative fee of GBP 250 used to be levied on firms for late or incomplete regulatory reporting (SUP 16.3.14R). The fee was an administrative charge levied in order to recover the costs of pursuing late returns and was not meant to be used as a penalty or a deterrent. Following a consultation, it has been deleted. Failure to submit a report in accordance with the SUP 16 or the provisions of relevant legislation may also lead to the imposition of a financial penalty and other disciplinary sanctions. Under FSMA, the PRA has powers to intervene where there is persistent late or incomplete reporting, for example, by commissioning a S166 report. There are instances where the PRA has used S166 powers in response to poor reporting over the past couple of years. The PRA holds senior management responsible for the accuracy of their firm’s regulatory reporting, just as the PRA holds them responsible for everything else that happens on their watch. The production and integrity of the firm’s financial information and its regulatory reporting under the regulatory system is one of the prescribed responsibilities set out in the PRA’s SMR, which came into force in March 2016. The PRA takes into account the quality and timeliness of firm’s CRD regulatory returns when assessing firm’s risk management & controls; and may require firms submitting poor-quality data to take mitigating actions or increase capital and liquidity add-ons. The assessors found evidence of the used of skilled person reports (S166 FSMA) to investigate serious and/or persistent quality issues in the supervisory reporting. The reports produced by the skilled persons appear thorough in the analysis and detailed in the recommendations, facilitating the PRA’s follow-up. As the cost of the investigation is borne by the regulated entity, a wise use of skilled persons could set the right incentives for banks’ management to devote the needed attention to data quality in general and to the quality of regulatory reporting in particular. As the SMR only came into force in March 2016, the mission could not assess its effectiveness in ensuring that the responsibility for the production and integrity of the firm’s financial information and of its regulatory reporting is assigned to the appropriate level of the bank’s senior management. |
| EC 9 | The supervisor utilizes policies and procedures to determine the validity and integrity of supervisory information. This includes a program for the periodic verification of supervisory returns by means either of the supervisor’s own staff or of external experts.53 |
| Description and findings re EC 9 | There are multiple lines of defense to determine the validity and integrity of data. Validation rules for COREP and FINREP reporting are set out in the EBA ITS, and are automatically applied on submission. Validation rules are also automatically applied to the existing PRA Handbook returns (i.e., those set out in SUP 16.12). Following receipt of the validated data, the PRA’s RDG carry out a program of plausibility checking (comparison to previous periods and using available information), focusing on data sets that supervisors indicate are of greatest importance, such as capital adequacy, liquidity, and FINREP returns. The RDG use their plausibility checking processes to motivate regular dialogue with firms with a view to getting clarification on and improving data quality. Firms are asked to resubmit their data at the relevant reporting level (i.e., consolidated or unconsolidated or solo levels) where the data are materially incorrect. In extremis, this dialogue can be formalized by using S166 powers to instigate a review of a firm’s supervisory reporting. The S166 powers are used to require external experts to review certain aspects of a bank’s operations and the PRA has powers over their selection. The s166 powers have occasionally been used to test the completeness and accuracy of regulatory returns in compliance with PRA rules. All queries arising from plausibility reviews are initially sent to supervisors for their input/feedback. Following feedback from supervisors, unresolved queries are sent onto firms for resolution. |
| EC 10 | The supervisor clearly defines and documents the roles and responsibilities of external experts,54 including the scope of the work, when they are appointed to conduct supervisory tasks. The supervisor assesses the suitability of experts for the designated task(s) and the quality of the work and takes into consideration conflicts of interest that could influence the output/recommendations by external experts. External experts may be utilized for routine validation or to examine specific aspects of banks’ operations. |
| Description and findings re EC 10 | Powers under S166 FSMA are used to require external experts to review certain aspects of a bank’s operations and PRA has powers over their selection. When contracting directly with a skilled person, the PRA uses a panel of suitable suppliers to tender the S166 review; equally, where the firm has been directed to contract with a skilled person, the PRA directs the firm to the skilled persons in the relevant lot(s) on the panel. Skilled-person firms are subject to a robust set of criteria to be included on the Panel, which helps ensure a consistent and high quality approach to conducting skilled person reviews. As part of the tender process, the PRA scrutinizes the existence of potential conflicts of interest and the skill set of the proposed team with reference to the curricula vitae (CVs) in the proposal and the total proposed days by grade of staff. The panel of suitable suppliers was established from April 1, 2013 by both the PRA and FCA; see http://www.bankofengland.co.uk/pra/Documents/supervision/activities/skilledpersonpanel.pdf. |
| EC 11 | The supervisor requires that external experts bring to its attention promptly any material shortcomings identified during the course of any work undertaken by them for supervisory purposes. |
| Description and findings re EC 11 | The PRA uses external experts when commissioning reviews under its S166 powers to require the provision of a report on a firm by a skilled person. When contracting directly, the PRA enters into a legal contract with the skilled person which requires the skilled person to communicate to the PRA information on or opinion on matters of which they have become aware in their capacity as a skilled person reporting on the firm, as set out in the section use of skilled persons 3.1(1)(b) of the PRA Rulebook. The skilled person is also expected to “maintain an open line of communication” with the PRA and to inform the PRA of “any significant developments as and when they occur.” Where a firm is directed to contract with a skilled person, the firm has an obligation to require the skilled person to communicate with the PRA in line with use of skilled persons. The PRA’s SS, reports by skilled persons (SS 7/14) lays out expectations of skilled persons, regard to communication. According to SS 7/14, the PRA expects the skilled person normally to give a periodic update on progress and issues during the engagement directly to the PRA. It may also be appropriate for the skilled person to communicate matters of material significance to the PRA set out in the rule on use of skilled persons 3.1(1)(b) without first informing the firm. |
| EC 12 | The supervisor has a process in place to periodically review the information collected to determine that it satisfies a supervisory need. |
| Description and findings re EC 12 | For CRR-mandated reporting, the EBA reviews the ITS through question and answer (Q&A) processes, which the PRA is engaged with. For nonharmonized reporting, all new data collections are subject to the PRA’s data governance processes. Ad-hoc data collections (those that are not enshrined in EU legislation and/or the PRA Handbook) approved by the PRA’s data governance body are subject to sunset clauses that mean that the need for those data collections has to be reexamined. Supervisors agree the information they want firms to provide on a periodic basis. This is normally undertaken during the PSM process. The PRA is currently undertaking its first iteration of internal data stock takes. The guiding principles for the review include rationalizing the number of data collections and in particular reducing duplication, imposing proportionality with greater rigor, and where possible standardizing definitions and also aligning them with those used in the CRD data collections. The approach the PRA is taking to the data stock take is to create an inventory of existing data collections—by 14 broad data/risk categories (for example, balance sheet and P&L, capital and leverage, etc.) and to compare these with data requirements identified across the PRA and the relevant areas of the BoE. The gaps and/or redundancy that are revealed by this comparison inform the proposals for any changes to data collected. The process should be completed by 2016. Implementation of any new data reporting will be phased, and will take account of other significant initiatives such as the introduction of the new International Accounting Standard (IAS) IFRS 9 in 2018 and, in the U.K., structural reform in 2019. It is likely that, in future, stock takes will take place via a rolling review across the risk categories, and be aligned with developments in international or internal data requirements. There is already a well-established precedent of reviewing statistical data in the BoE on this basis, where a rolling review of each reporting form takes place within a five-year cycle. |
| Assessment of Principle 10 | Compliant |
| Comments | The collection of data for supervisory reporting has generally improved since the previous FSAP, as recognized also by several industry representatives. This is, at least partly, the results of the U.K. adoption (like for all the other MSs) of the EU-harmonized reporting framework, which is more structured than the pre-existing U.K. approach, and may lead to greater consistency and an increased ability to assess exposures and risks across firms. The creation of a PRA data governance group is also improving the decisions supervisors make about what data to gather (and which ones to discontinue) and how to make use of it. Opportunities remain for U.K. supervisors to develop better data on credit exposures and performance (see CP 17): as noted in the assessment, this does not necessarily mean that supervisors should support the creation of a central credit register; nonetheless, supervisors should consider more ways to enhance their ability to monitor and interpret trends in credit and in credit markets across the industry. When the harmonized reporting is based on the FINREP scheme, which applies only to banks under the IFRS accounting regime, the U.K. authorities should set up similar (though proportionate) reporting schemes for non-FINREP banks, at least with respect to the most relevant risk categories (see CP 20). |
| Principle 11 | Corrective and sanctioning powers of supervisors. The supervisor acts at an early stage to address unsafe and unsound practices or activities that could pose risks to banks or to the banking system. The supervisor has at its disposal an adequate range of supervisory tools to bring about timely corrective actions. This includes the ability to revoke the banking license or to recommend its revocation. |
| Essential criteria | |
| EC 1 | The supervisor raises supervisory concerns with the bank’s management or, where appropriate, the bank’s Board, at an early stage, and requires that these concerns be addressed in a timely manner. Where the supervisor requires the bank to take significant corrective actions, these are addressed in a written document to the bank’s Board. The supervisor requires the bank to submit regular written progress reports and checks that corrective actions are completed satisfactorily. The supervisor follows through conclusively and in a timely manner on matters that are identified. |
| Description and findings re EC 1 | Supervisors maintain communications with the firm’s management and hold key meetings during the PSM process; the results of risk assessments are formally communicated to the firm in a letter, along with required actions to mitigate the risks identified. The firm is then subject to monitoring and further meeting or visits to evaluate progress on those items. To propose significant corrective actions, the PRA has published for staff and the public the “PRA Regulatory Decision-Making Framework” that sets out an overview of the process through which the agency makes decisions. This tool, for example, differentiates the decision-making process for addressing issues in firms that require statutory notice, such as decision to vary a firm’s permission to engage in regulated activities, versus decisions that may not require statutory notice. Given their implications for a firm’s business or for the PRA’s objectives, decisions to require corrective actions or sanctions that require statutory notices typically involve a more senior level of management in the PRA, up to the PRA Board. This framework appears to be helpful to ensure that decisions to sanction or to use corrective powers on firms are handled consistently and appropriately across the PRA, with a prescribed level of review and sensitivity. |
| EC 2 | The supervisor has available55 an appropriate range of supervisory tools for use when, in the supervisor’s judgment, a bank is not complying with laws, regulations, or supervisory actions, is engaged in unsafe or unsound practices or in activities that could pose risks to the bank or the banking system, or when the interests of depositors are otherwise threatened. |
| Description and findings re EC 2 | The FCA and PRA have the legal powers under FSMA 2000 to take an appropriate range of remedial actions against banks, including imposing penalties. In addition to using formal tools, informal tools, such as reaching voluntary agreement with a firm through negotiation or persuasion, are also available. The tools available to supervisors range from making recommendations for remedial action, imposing individual requirements under S55L and S55M of FSMA, to actions that involve restricting a firm’s activities, such as withdrawing or varying a firm’s permission to carry certain regulated activities. |
| EC 3 | The supervisor has the power to act where a bank falls below established regulatory threshold requirements, including prescribed regulatory ratios or measurements. The supervisor also has the power to intervene at an early stage to require a bank to take action to prevent it from reaching its regulatory threshold requirements. The supervisor has a range of options to address such scenarios. |
| Description and findings re EC 3 | The EU provides regulations to address breaches against threshold requirements and also to intervene at an early stage. The conditions for the use of the “early intervention” are “where an institution infringes or, due, inter alia, to a rapidly deteriorating financial condition, including deteriorating liquidity situation, increasing level of leverage, NPLs or concentration of exposures, as assessed on the basis of a set of triggers, which may include the institution’s own funds requirement plus 1.5 percentage points, is likely in the near future to infringe the requirements of the CRD and CRR. MS shall ensure that competent authorities have at their disposal, without prejudice to the measures referred to in Art. 104 of Directive 2013/36/EU where applicable, at least the following measures:”
In the U.K., HMT used its powers to amend Schedule 6 of the FSMA 2000 and issued the FSMA 2000 Order 2013 (the Threshold Conditions Order). Under this order, Threshold Conditions were set out for firms authorized and supervised by the FCA; FCA-specific conditions for firms authorized by the PRA and subject to dual regulation; and PRA-specific conditions for insurers and for other PRA-authorized persons. The PRA can use its power to impose requirements under S55M of FSMA 2000, to vary the bank’s permissions under S55J at an early stage based on whether a bank is or was likely to breach the Threshold Conditions set out in the Order. The FCA and PRA have powers under Part 4A of FSMA 2000 to intervene at an early stage to require a bank to take action to prevent it breaching regulatory threshold requirements or to limit activities appropriately. In addition to the above, the PRA’s PIF requires supervisors to assess at least annually (and in response to development) each firm’s proximity to failure and sets out expectations for the supervisor’s responses at each of five stages.56 |
| EC 4 | The supervisor has available a broad range of possible measures to address, at an early stage, such scenarios as described in essential criterion 2 above. These measures include the ability to require a bank to take timely corrective action or to impose sanctions expeditiously. In practice, the range of measures is applied in accordance with the gravity of a situation. The supervisor provides clear prudential objectives or sets out the actions to be taken, which may include restricting the current activities of the bank, imposing more stringent prudential limits and requirements, withholding approval of new activities or acquisitions, restricting or suspending payments to shareholders or share repurchases, restricting asset transfers, barring individuals from the banking sector, replacing or restricting the powers of managers, Board members or controlling owners, facilitating a takeover by or merger with a healthier institution, providing for the interim management of the bank, and revoking or recommending the revocation of the banking license. |
| Description and findings re EC 4 | The PRA’s power under S55M to impose requirement may be used to impose more stringent prudential limits upon banks. The FCA has a parallel power to impose requirements under S55L; however, in dual-authorized firms for which the PRA is the prudential supervisor, the FCA applies requirements related to conduct. The PRA or the FCA may require corrective action to be taken, impose requirements, withhold approval of new activities or acquisitions, or all other responses enumerated in EC 4. |
| EC 5 | The supervisor applies sanctions not only to the bank but, when and if necessary, also to management and/or the Board, or individuals therein. |
| Description and findings re EC 5 | The PRA and FCA may apply sanctions to individual approved persons, including those within a firm performing a SIF, where they breach FCA or PRA rules of conduct or are knowingly involved in a breach by the firm of the PRA or FCA’s rules or requirements. Sanctions may include making public statement of the misconduct; imposition of fines; and suspension from performing their approved functions. Where the PRA or the FCA considers that a person is not “fit and proper” to carry out functions in a regulated firm, it may withdraw the person’s approval to do so, or prohibit the individual from carrying out any functions in a firm for such period as it considers suitable. |
| EC 6 | The supervisor has the power to take corrective actions, including ring-fencing of the bank from the actions of parent companies, subsidiaries, parallel-owned banking structures and other related entities in matters that could impair the safety and soundness of the bank or the banking system. |
| Description and findings re EC 6 | The PRA may use its powers to impose requirements on authorized firms under S55M to ring-fence the authorized entity from parents, subsidiaries, parallel-owned banking structures, and other related entities. Use of this power would, of course, be subject to EU law. The FCA may impose requirements under S55L FSMA 2000. Both supervisors may also direct U.K. parent undertakings to take certain steps, under S192C. |
| EC 7 | The supervisor cooperates and collaborates with relevant authorities in deciding when and how to effect the orderly resolution of a problem bank situation (which could include closure, or assisting in restructuring, or merger with a stronger institution). |
| Description and findings re EC 7 | The PRA is responsible for determining that a banking institution is failing, or likely to fail, its Threshold Conditions. The BoE, following consultation with the PRA and others, is responsible for determining that it is not reasonably likely that action will be taken by or in respect of the institution that will enable the institution to meet those conditions. This situation opens up the possibility for the BoE to use the resolution process set out in the Banking Act 2009. See also the discussion of the resolution process under BCP 8, Supervisory Approach, for additional insight into the coordination that takes place between the PRA and the RD of the BoE. |
| Additional criteria | |
| AC1 | Laws or regulations guard against the supervisor unduly delaying appropriate corrective actions. |
| Description and findings re AC1 | S2B of FSMA 2000 sets out the PRA’s general objective to promote the safety and soundness of PRA authorized persons. S2B(3) of FSMA 2000 provides that this is to be achieved primarily by seeking to ensure that the business of PRA-authorized persons is carried on in a way that avoids any adverse impact on the stability of the U.K. financial system and by seeking to minimize the adverse effect that the failure of a PRA-authorized person could be expected to have on the stability of the U.K. financial system. These provisions have the cumulative effect of requiring supervisors to take corrective action in an appropriate and timely manner. The PRA’s PIF process sets out the key steps that should be taken to ensure a timely response. FSMA 2000 additionally provides for the possibility of independent inquiries into the PRA’s actions in certain circumstances, in particular, should it appear that events had occurred which had, or could have had, a significant adverse effect on the safety and soundness of one or more PRA-Authorized. Such inquiries may be triggered by HMT or by the PRA itself. |
| AC2 | When taking formal corrective action in relation to a bank, the supervisor informs the supervisor of non-bank related financial entities of its actions and, where appropriate, coordinates its actions with them. |
| Description and findings re AC2 | FSMA 2000 requires the PRA to consult the FCA (and in certain circumstances to obtain its consent) in a variety of regulatory contexts, including when authorizing a firm or approving an individual (FCA consent required); imposing a requirement or variation of permission (consultation required); making rules (consultation required); and taking disciplinary action against a firm or an individual (consultation required). |
| Assessment of Principle 11 | Compliant |
| Comments | The PRA and FCA have the tools necessary to require corrective actions of firms or to issue sanctions. If a firm appears to be in breach of a Threshold Condition, or is likely to breach a Threshold Condition, U.K. supervisors can impose requirements on the firm or vary its permissions. Generally the firm will be given an opportunity to take corrective action, but should the firm fail to do so, the PRA will consider (among other options) whether to trigger the first step toward beginning the resolution process articulated in the Banking Act 2009. In the prior (2013) FSAP, U.K. authorities received a recommendation that more proactive use of such tools would be aided by the development of a more formal early intervention framework. The creation of the PRA’s PIF, with five explicitly defined stages, provides U.K. supervisors with a more formal process and a supervisory tool that describe steps supervisors—and the RD of the BoE—must take as a firm’s condition deteriorates. |
| Principle 12 | Consolidated supervision. An essential element of banking supervision is that the supervisor supervises the banking group on a consolidated basis, adequately monitoring and, as appropriate, applying prudential standards to all aspects of the business conducted by the banking group worldwide.57 |
| Essential criteria | |
| EC 1 | The supervisor understands the overall structure of the banking group and is familiar with all the material activities (including non-banking activities) conducted by entities in the wider group, both domestic and cross-border. The supervisor understands and assesses how group-wide risks are managed and takes action when risks arising from the banking group and other entities in the wider group, in particular contagion and reputation risks may jeopardize the safety and soundness of the bank and the banking system. |
| Description and findings re EC 1 | Arts. 97–98 of CRD determines the SREP, and establish that supervisors need to understand the risks the institutions are exposed to and the risks the institution poses to the financial system. There are no specific requirements concerning the supervisory review of the structure of the group and risks brought by nonbanking activities and group-wide management. The 2014 EBA Guidelines on common procedures and methodologies for SREP recommends supervisors include in their SREP process an evaluation that the banks have established an effective group-wide MI and reporting system applicable to all material business lines and legal entities, that the management bank has established consistent group-wide strategies including a risk-appetite framework; and that group risk-management covers all material risks regardless of whether the risk arises from entities not subject to consolidation. PRA To understand the overall structure of banking groups, and to ensure its familiarity with all material activities conducted by entities within wider groups, the PRA relies on a combination of CA—meetings with key control functions and which oversees overseas regional and country heads supervisory colleges, and bilateral contact with overseas regulators—and onsite reviews of selected overseas operations (see EC 4 below). The PRA monitors the contribution of all business lines (including nonbanking activities) to the consolidated financial performance and risk profile of the bank. Supervisors conduct thematic reviews of nonbanking activities, e.g., custody services. U.K.-regulated insurance activities within banking groups are supervised by a separate supervisory team in the PRA’s Insurance Department. To understand and assess group-wide risks, each high-impact banking group has a dedicated PRA supervision team. These teams carries out a CA program to assesses and respond to the risks posed by the group to the PRA’s objectives. Supervisory activities are organized around the PRA risk model (see BCPs 8 and 9). The SREP takes place in accordance with the CRD and the 2014 EBA ‘Guidelines on Common Procedures and Methodologies for SREP.’ For U.K. banks with activities elsewhere in the EEA, this involves a joint risk assessment and decision (JRAD) process, as required by CRD. Matters on which the CRD encourages joint decision include ratings of risk management, agreement on Pillar 2 capital add-ons, liquidity and recovery plans. As consolidating supervisor, the PRA collates input from host regulators and coordinates discussions and approval processes. The PRA tests the resilience of major banks’ capital ratios through its annual CST exercise. The 2015 stress test scenario includes greater stress in the locations and market segments where major U.K. international banks are active, in order to test the risks of contagion from international operations and markets activities to the U.K.-based groups. PRA supervisors have regular dialogue with the FCA on conduct-related matters, as these could affect safety and soundness through direct financial impact of fines or redress, through business restrictions or through reputational risk. In addition, PRA and FCA regularly conduct joint thematic reviews; current examples include ‘CBEST’ (a cyber vulnerability testing framework) and ‘Dear Chairman 2’ (a critical infrastructure and technology resilience exercise). As discussed in EC 6 (below), the PRA has implemented on several occasions ‘supervisory ring-fences’ or ‘specific supervisory measures’ in order to mitigate risks to safety and soundness of U.K. subsidiaries arising from other entities within the group. Other actions taken by PRA supervisors where contagion and reputation risks jeopardize the safety and soundness of the bank or of the banking system include monitoring daily liquidity of the entity, requiring regular updates from the firm and asking for notification before external announcements are made. The PRA may establish internal crisis groups encompassing relevant stakeholders from across the BoE. For instance, crisis groups may include relevant supervision directorates, markets directorate, legal directorate, prudential policy directorate and the RD. Crisis groups may also include the FCA. PRA supervisors will liaise closely with relevant international regulators, usually via supervisory college arrangements. FCA The FCA seeks to understand the structure of a banking group and the entities within it where risks to consumers and to market integrity may arise. The FCA’s supervision is not confined to the main bank within a group but instead covers all material business units and legal entities where these risks arise. This includes understanding how these risks are identified and managed across the group. It also includes periodically quantifying and making the PRA aware of the financial impact of redress and remediation exercises across the group, and where possible likely fines. The FCA communicates with the PRA regarding financial redress and remediation exercises in a number of ways, including:
|
| EC 2 | The supervisor imposes prudential standards and collects and analyzes financial and other information on a consolidated basis for the banking group, covering areas such as capital adequacy, liquidity, LE, and exposures to related parties, lending limits and group structure. |
| Description and findings re EC 2 | Art. 436 of CRR states that banks must disclose “an outline of the differences in the basis of consolidation for accounting and prudential purposes, with a brief description of the entities therein, explaining whether they are:
Prudential standards established by the CRD are imposed at different levels of consolidation:
CRR Art. 6 (1) states that: Parts 2 (Own Funds), 3 (Capital Requirements), 4 (LE), 5 ((Exposures to Transferred Risk); and 8 (Disclosure) are to be complied with on individual basis. CRR 6(4) applies Part 6 (Liquidity) on an individual basis and CRR 6(5) applies Part 7 (Leverage) on an individual basis. CRR 6(3) alters individual disclosure requirements for institutions that are part of consolidation groups. In addition, “parent institutions”58 must comply, on a consolidated basis, with Part 2 (Own Funds), 3 (Capital Requirements), 4 (LE), and 7 (Leverage) under CRR Art. 11(1) and with Part 6 (Liquidity) under CRR 11(3). Institutions controlled by a parent FHC or parent MFHC must comply, on a consolidated basis of the parent FHC or MFHC in a MS, with requirements on Part 2 (own funds), Part 3 (capital requirements), and Part 4 (LE) and Part 7 (leverage) under CRR 11(2) and with Part 6 (liquidity) under CRR 11(3). Consolidated financial statements are defined by the accounting standards. A NCA may require an institution to provide information on a consolidated basis if it its “necessary to obtain a comprehensive view of the risk profile of the activities of, and a view of the systemic risks to the financial sector or the real economy posed by” the institution, after consultation with EBA (CRR Art. 99), institutions other than those referred to in paras. 2 and 3 that are subject to an accounting framework based on Directive 86/635/EEC, the competent authority shall consult EBA on the extension of the reporting requirements of financial information on a consolidated basis to those institutions, provided that they are not already reporting on such a basis The PRA imposes prudential requirements on a consolidated basis for all U.K. consolidated banking groups, including U.K. subgroups that are parts of wider non-U.K. banking groups, in accordance with Art. 11 of the CRR. In addition, the PRA also imposes prudential requirements for all PRA-authorized entities on an individual (solo) basis in accordance with CRR Art. 6. Under CRR Art. 11(2), credit institutions and investment firms that are controlled by a parent holding company are required to comply with regulations on own funds, capital requirements, LE (which encompass lending limits) and Leverage on the basis of the consolidated situation of their parent holding company. The PRA has specific national rules on related parties transactions risks (PRA Rulebook RPS) (see BCP 20). These rules apply to U.K. banks, building societies and certain overseas firms. It is a function of the rules that all of a bank’s affiliates and their related parties, and therefore all members of its group, are covered by them. On-going reforms to implement the proposals of the independent commission on banking will affect group structure. In May 2015, the PRA issued Policy Statement (PS10/15), which covered legal structure arrangements of banking groups subject to ring-fencing; governance arrangements of ring-fenced bodies; and arrangements to ensure continuity of services and facilities to ring-fenced bodies. The U.K. government has stated its intention for ring-fencing to take effect from January 1, 2019. The PRA collects information on both a consolidated and solo basis for most of the areas discussed in this EC in accordance with the CRR and the EBA ITS on reporting (Commission Implementing Regulation (EU) No 680/2014). The CRR establishes reporting requirements for own funds (Arts. 99–101), for LE (Arts. 394), for liquid assets (Arts. 415–416), for stable funding (Arts. 427–428) and for leverage in (Art. 430). The PRA collects information on capital through COREP template COR001. This template also contains information on group structure, including the entities within banking groups. The PRA collects information on LE through COR002; on the net stable funding ratio through COR003 and on the LCR through COR004. The PRA also collects information via reporting systems developed at the U.K. level. It receives additional capital adequacy information via its “Capital+” reporting template, containing information on groups’ capital resources and capital requirements. This includes quarterly forecasts for three years ahead as well as well as data pertaining to the actual financial situation of the reporting group. For Category 1 groups, this data is received monthly after 10 working days, generally on a U.K. consolidation group basis. Less significant groups report this information less frequently, also on a U.K. consolidation group basis. The rules on related parties transaction risk (PRA Rulebook RPS) require firms to provide the PRA with details on aggregate exposures to related parties, if requested by the PRA (see BCP 20). Information on group structure is provided in accordance with PRA Handbook (SUP 16.4–6). This sets out requirements for reporting in relation to annual controllers reports, close links reports and organograms. CRR Arts. 7 and 8 allow derogations on the provision of information on an individual basis. The PRA does not ‘switch off’ regulatory requirements for individual banks as provided for in CRR Art. 7. Thus it does not allow derogations from individual entity reporting requirements under CRR Art. 7. CRR Art. 8 refers to derogation to the application of liquidity requirements on an individual basis. Supervisors routinely analyze the data mentioned above in order to inform their assessment of the risks posed to the safety and soundness of the bank. Supervisors review a firm’s regulatory returns and MI as regularly as it is received. For example, capital returns are received and reviewed monthly. Supervisors review banks’ regulatory returns to ensure that the firm is continuing to meet regulatory requirements. Supervisors look to identify any material deviations from the firm’s annual operating plan and any large variances versus the prior period. MI includes Board packs (e.g., group Board, regional Boards, risk committee, audit committee, asset & liability committee), financial information (performance versus plan, annual operating plan, ICAAP) and risk data (e.g., credit risk and market risk). Supervisors use this data to inform their view of the firm and to support meetings with senior management. Supervisors will ask for more granular MI in areas deemed to be higher risk. |
| EC 3 | The supervisor reviews whether the oversight of a bank’s foreign operations by management (of the parent bank or head office and, where relevant, the holding company) is adequate having regard to their risk profile and systemic importance and there is no hindrance in host countries for the parent bank to have access to all the material information from their foreign branches and subsidiaries. The supervisor also determines that banks’ policies and processes require the local management of any cross-border operations to have the necessary expertise to manage those operations in a safe and sound manner, and in compliance with supervisory and regulatory requirements. The home supervisor takes into account the effectiveness of supervision conducted in the host countries in which its banks have material operations. |
| Description and findings re EC 3 | To ensure that the management body of a U.K. bank is monitoring activities of overseas businesses, PRA supervisors rely on a combination of CA meetings (both with senior management at the parent bank and with overseas regional and country heads); supervisory colleges and bilateral contact with overseas regulators; and onsite reviews of selected overseas operations (see EC 4 below). This allows supervisors to determine whether there are any hindrances in host countries for the parent bank to have access to all the material information from their foreign branches and subsidiaries, and whether local management has the appropriate expertise to manage its respective business in a safe and sound manner. When a bank operates in foreign markets as a branch of a U.K. bank, ultimate responsibility for cross-border operations and the strategic direction of the branch lies with the management body of the U.K. bank. The PRA expects overseas branches of U.K. banks to have in place governance and risk-management processes and policies on a par with those established by the management body of the U.K. bank (see BCPs 14 and 15, below, for more detail). When supervisors review a bank’s overseas entities, they will often consider the governance of the entity as part of their overall review. For instance, a review of the risk-management and controls of an overseas entity may include a review of whether the governance is appropriate and whether the escalation chain up to the group is effective. In cases where an overseas branch constitutes a ‘significant business unit,’ as expressed in the PRA Handbook (SUP 10A.9.5 G), responsibility for managing this unit can be allocated to a senior manager within the branch. Under the APR, the senior manager would have to be pre-approved by the FCA for performing Controlled Function (CF) 29: Significant Management Function. In order to be granted approval, the candidate must fulfill the fitness and propriety criteria of the FCA, as expressed in FIT 1.3. An important consideration in assessing the fitness and propriety of an individual is their competence and capability, as demonstrated by their professional experience and training. In July 2015, the PRA published final rules on a SMR that replaced the current APR (see BCP 14). Under the SMR, senior managers directly responsible for a ‘key business area’ would have to be pre-approved to perform senior management function (SMF) 6: head of key business area. A large branch may meet the conditions for key business area (although the PRA expects this would be quite rare). For an individual to become a head of key business area, the firm must ensure that the individual is fit and proper and capable of carrying out this SMF. The preapproval process can also involve an interview with the supervisor. Since its establishment, the PRA has embarked on a new work program (with reference to the assessments that were carried out by its predecessor organization, the FSA) of carrying out Home Country Equivalence Assessments that are submitted to the PRA’s Equivalence Committee for consideration. The Committee has identified a list of priority jurisdictions to be assessed. Assessments consider a jurisdiction’s compliance/observance with the Basel, IAIS, and IOSCO CP, as set out mainly in the IMF’s detailed assessment reports. Due, however, to the fact that the PRA’s own program of equivalence assessments does not always coincide with those of the publication of the FSAP (and other, e.g., RCAP) reports, especially when these are more than 2 years old since publication, this can result in the PRA reaching a ‘not equivalent’ or ‘partially equivalent’ equivalence determination. When the PRA cannot reach an equivalence determination due to the lack of recent reports (such as FSAP, RCAP, FSB peer review, etc.) it seeks to review the determination decision as quickly as possible, once more up-to-date information has been published. |
| EC 4 | The home supervisor visits the foreign offices periodically, the location and frequency being determined by the risk profile and systemic importance of the foreign operation. The supervisor meets the host supervisors during these visits. The supervisor has a policy for assessing whether it needs to conduct on-site examinations of a bank’s foreign operations, or require additional reporting, and has the power and resources to take those steps as and when appropriate. |
| Description and findings re EC 4 | CRD Title VII, Chapter 3, establishes the principles of coordination between home and host supervisors within the EU. EBA issued in 2013 (ITS) on joint decisions on institution-specific prudential requirements, which need to be reached by the consolidating supervisor and NCAs responsible for the subsidiaries, setting common procedures and templates. In addition, there are EBA guidelines on “joint Assessment of the elements covered by the SREP.” Art. 104 of CRD states that supervisors must have the power to require additional reporting and disclosures. The PRA conducts onsite visits of the foreign operations of U.K. consolidated banking groups. The choice of country visits is based on the business model analysis’ of banks’ annual operating plans, identification of operations with identified risks, and operations targeted for strategic investment and growth. In the past two years, the PRA supervision team for a large U.K. consolidated international banking group conducted onsite reviews in eight countries. When the PRA conducts onsite visits overseas, it first contacts the host regulators and invites them to join the onsite visits and to have meetings with PRA supervisors. The PRA also participates in joint reviews with other supervisors. This can involve PRA staff participating in host authorities’ reviews of U.K. banking groups’ foreign operations. The PRA does not have an explicit policy for assessing whether it needs to conduct onsite exams of a bank’s foreign operations. However, such guidance is implicit in the PSM guidance (see EC 8). PRA supervisors regularly issue ad-hoc reporting requests in response to new identified risks, including risks in foreign operations. For example, in recent years supervisors have started to collect quarterly information on large banks’ exposures (in-country and cross-border) to vulnerable euro area peripheral economies. The PRA has also regularly asked firms to conduct bespoke risk assessments, including exposures data, in respect of emerging geo-political risks. The scope of the FCA’s responsibilities for foreign operations is more limited than the PRA’s but the FCA has visited banks’ overseas operations where appropriate, including in relation to financial crime. |
| EC 5 | The supervisor reviews the main activities of parent companies, and of companies affiliated with the parent companies, that have a material impact on the safety and soundness of the bank and the banking group, and takes appropriate supervisory action. |
| Description and findings re EC 5 | The PRA supervises large complex groups on a consolidated basis, even where the holding company is technically not a regulated legal entity. The PRA interprets its APR (and the SMR) to include directors of holding companies that have significant influence over the U.K. regulated entity, and subjects them to regulatory approval requirements. As part of the consolidated supervision of banks, the PRA is aware and has thorough knowledge of the activities carried out by parent companies and companies affiliated with parent companies. Where parent companies and their affiliates are ‘credit institutions’ or ‘investment firms’ (as defined Art. 4 of CRR), they are supervised under the CRD IV and required to comply with general prudential requirements specified in the CRD IV/CRR. CRR does not apply directly to parent companies that are holding companies, although they are included in CRR consolidation groups. The Financial Services Act 2012 gave the PRA and the FCA two new powers over ‘qualifying parent undertakings,’ i.e., U.K.-based parent companies of U.K.-authorized entities, which are not themselves authorized entities (see FSMA S192C and S192J). These powers are: (i) a power to give directions to individual qualifying parent undertakings, requiring them to take specific actions or to refrain from taking specific actions; and (ii) a power to make rules requiring qualifying parent undertakings to provide to either regulator information and documents of a specified description. The latter rule making power was extended by the Financial Services (Banking Reform) Act 2013 to include the ability to make rules applying to parent undertakings or ring-fenced bodies that are necessary or expedient for ring-fencing and the ability to make rules requiring parent undertakings to facilitate resolution, which may include (but is not limited to) requiring a parent institution to issue debt instruments and to provide services and facilities as necessary to enable a subsidiary or transferee to operate the business in a resolution scenario. EC 6 (below) discusses the supervisory actions the PRA takes when activities of parent companies or subsidiaries of parent companies have a material impact on the safety and soundness of a bank. |
| EC 6 | The supervisor limits the range of activities the consolidated group may conduct and the locations in which activities can be conducted (including the closing of foreign offices) if it determines that:
|
| Description and findings re EC 6 | Under the FSMA 2000, as amended by the Financial Services Act 2012, the PRA has the power to require regulated entities to take action as appropriate in certain conditions. This includes powers to disallow unsuitable persons to control the regulated entity, ring-fencing of assets, imposing requirements on a regulated entity to refrain from acting in a particular way or to take specific actions as may be appropriate in the circumstances. Specifically, S55J FSMA enables the PRA to vary or cancel the permissions of PRA authorized entities to carry on regulated activities (‘Part 4A permissions’) if:
S55M FSMA further enables the PRA to impose requirements on entities that have applied to be granted or to change their permissions. Under S55N FSMA, requirements may be imposed by reference to the entities’ relationship with their group or other members of the person’s group. The PRA’s powers therefore enable it to limit the range of activities of consolidated groups, and the location where those activities are conducted, albeit indirectly via restrictions on the individual entities within those groups. As discussed in relation to EC 5 above, the PRA also has specific powers to intervene directly at the holding company level so as to have influence over the activities of unregulated entities which may be adversely affecting the firm. Regarding EC 6 (b), before a non-EEA branch or subsidiary is allowed to operate in the U.K., the PRA will consider the degree of equivalence that the entity’s home state’s supervisory regime has with the U.K. (and including with the EU Single Market Directives), to determine the reliance that the PRA can place on it. From this, the PRA will decide the type of entity (branch or subsidiary) that is permitted to operate in the U.K., the activities that it can participate in and the PRA’s own supervisory approach to the firm in question (see EC 3 above). Equivalence assessments will also determine the extent to which the PRA relies on ‘host’ supervisors in non-EEA jurisdictions where U.K.-authorized firms have established branches or subsidiaries. The PRA has implemented on several occasions ‘supervisory ring-fences’ or ‘specific supervisory measures’ in order to mitigate risks to safety and soundness of U.K. subsidiaries arising from risks created at their parents’ level. Such restrictions have been imposed in various cases including: cases of overseas parent becoming insolvent while group and U.K. banking subsidiary remains solvent on a consolidated basis; cases of foreign parent under threat of bank run or severe financial stress while U.K. subsidiary remains stable; cases of foreign parent facing risks of severe downgrade in capital quality while subsidiary remains financially healthy. These supervisory measures usually include restrictions on upstreaming of liquidity and capital from the subsidiary to the parent or other parts of the group and sometimes restrictions on intragroup LE limits below the usual limit (25 percent of eligible capital). These measures are normally agreed with the subsidiary which submits an application to implement the requirement on a voluntary basis. |
| EC 7 | In addition to supervising on a consolidated basis, the responsible supervisor supervises individual banks in the group. The responsible supervisor supervises each bank on a stand-alone basis and understands its relationship with other members of the group.59 |
| Description and findings re EC 7 | All institutions are to be supervised and comply with all requirements both on solo and consolidated basis, unless there are waivers applied based on CRR Arts. 7–10. In case of cross-border groups, all entities subject to minimum capital requirements and supervision are covered in the Group risk assessment report and joint decision under Art. 113 of CRD and pursuant to the requirements of the EBA ITS on joint decision. In addition to supervising on a consolidated basis, the PRA carries out individual (‘solo’) supervision of all institutions in accordance with CRR Art. 6. Banks must comply with CRR regulations on own funds, capital requirements, LE, exposures to transferred credit risk, liquidity, leverage, and disclosure (where not part of a consolidation group) on an individual basis. The PRA has not exercised the discretion available to it under Art. 7 of the CRR to switch off solo prudential requirements. Where entities are subject to individual supervision, they are required to deduct from their capital their ownership shares in other financial sector entities. Art. 43 of the CRR requires institutions to deduct from their CET1 ‘significant’ investments in the CET1 of financial sector entities. Significant investments, defined in accordance with that article are ownership shares in excess of 10 percent of the CET1 of the entity in question; ownership shares in entities that have ‘close links’ to the entity owning shares; or investments in the CET1 of entities that are not included in the regulatory scope of consolidation but are included in the accounting scope of consolidation. Experience has shown that capital located elsewhere in a group cannot always be relied upon to be available to a bank facing stress. To address this issue (among other things), and so improve the resolvability of the individual firms, the PRA has exercised discretion under CRR Art. 49(2) to deduct from their own capital holdings of capital instruments issued by financial sector entities that are included in the scope of that institutions’ regulatory consolidation group. This is to ensure that capital is located in the regulated entities where it is needed. Supervising U.K. banking groups at both consolidated and solo levels enables supervision teams to understand the relationship between the bank and other members of the group, for instance, in terms of capital, liquidity, strategy, governance, and recovery and resolution planning. Supervision teams for U.K. banking groups are structured so that they cover both the consolidated group and the main U.K. regulated entity within the group (including the domestic and European branches and subsidiaries of that entity). |
| Additional criteria | |
| AC1 | For countries which allow corporate ownership of banks, the supervisor has the power to establish and enforce fit and proper standards for owners and senior management of parent companies. |
| Description and findings re AC1 | Under S178 FSMA 2000 the PRA and the FCA have the power to prevent the acquisition of a U.K. bank if they are not satisfied with the fitness and propriety of the owner of the parent company. In considering the suitability of an acquirer, the PRA and FCA will consider the criteria specified in S186 FSMA 2000, which includes among other things: reputation, experience, and financial soundness. If the composition of the Board of the parent undertaking changes subsequent to approval being granted, the PRA or FCA may determine that the parent undertaking no longer fulfils the assessment criteria of S186 FSMA 2000. In such a case, then the PRA or FCA can object to the acquisition and require the parent entity to sell shares of the U.K. bank. These powers are complemented by a separate regime focused on individuals from parent entities that are actually involved in the running of the bank. As explained in the Handbook SUP 10B.6.1. R, a person who is a director, partner, officer or member of a parent undertaking or holding company of a U.K. bank and whose decisions or actions are regularly taken into account by the governing body of the bank can be brought into the scope of the APR as performing a ‘CF1: Director function.’ Nonexecutive members of a parent undertaking or holding company whose decisions or actions are regularly taken into account by the governing body of the bank, as per SUP 10B.6.3, may be brought into the scope of the regime as performing a ‘CF2: NED function.’ Individuals performing either CF1 or CF2 need to apply for pre-approval by the PRA, and, hence, fulfill the fitness and propriety criteria. Moreover, individual sanctioning powers and fines can apply in the case where individuals are approved by the PRA. As discussed in EC 2, the PRA issued final rules on a new SMR in July 2015. Under the SMR, individuals that qualify as performing CF1 and CF2 functions need to apply for approval for SMF7: Group Entity Senior Manager. |
| Assessment of Principle 12 | Compliant |
| Comments | The U.K. authorities supervise banking groups on a consolidated basis, covering all entities within the consolidated group for U.K. firms and at subconsolidated level for U.K. subgroups of wider global groups. Prudential standards established by the CRD are imposed at different levels of consolidation. Supervisors routinely analyze information collected on both a consolidated and solo basis in order to inform their assessment of the risks posed to the safety and soundness of the banking groups. |
| Principle 13 | Home-host relationships. Home and host supervisors of cross-border banking groups share information and cooperate for effective supervision of the group and group entities, and effective handling of crisis situations. Supervisors require the local operations of foreign banks to be conducted to the same standards as those required of domestic banks. |
| Essential criteria | |
| EC 1 | The home supervisor establishes bank-specific supervisory colleges for banking groups with material cross-border operations to enhance its effective oversight, taking into account the risk profile and systemic importance of the banking group and the corresponding needs of its supervisors. In its broadest sense, the host supervisor who has a relevant subsidiary or a significant branch in its jurisdiction and who, therefore, has a shared interest in the effective supervisory oversight of the banking group, is included in the college. The structure of the college reflects the nature of the banking group and the needs of its supervisors. |
| Description and findings re EC 1 | EU-wide legislation and guidance on home-host relationships:
The CRR and CRD provide for different scopes of consolidated supervision:
RTS and ITS on operational functioning of colleges (finalized by EBA and submitted to the EC) set the rules for the establishment and functioning of colleges, including (Art. 4(1) of the RTS) the requirement that the consolidating supervisor proposes college membership to “the competent authorities responsible for the supervision of subsidiaries of an EU parent institution or of an EU parent FHC or of an EU parent MFHC and the competent authorities of host MSs where significant branches as [..] are established.” Art. 48 of CRD entitles the EC to draft proposal (to be then submitted to the European Council) for the negotiation of agreements with one or more third (i.e., non-EU) countries regarding the means of exercising supervision on a consolidated basis, in particular to ensure adequate exchange of information. PRA home perspective The PRA has well-established bank-specific supervisory colleges for the four U.K. banking groups with material cross-border operations (HSBC, SCB, Barclays, and RBS). For one of these, the host authorities of two countries where the group has significant branches participate in the college. For U.K. banking groups with international operations that are not material, the PRA has conferred with EBA and potential college members to agree that college arrangements are not needed; however, it relies on MoUs or EoLs as a support for information sharing and cooperation with relevant host supervisors. The PRA reviews the membership of colleges annually, based on the firm data on the size of business activities in different jurisdictions, and taking into account the risk profile and systemic importance of the banking group and the corresponding needs of its supervisors. For the largest banks there are multiple colleges:
PRA host perspective For U.K. subsidiaries of EEA groups, European law requires that the PRA be invited by the consolidating European supervisor to participate in college activities and it is involved in joint decisions on prudential and recovery and resolution decisions concerning the subsidiary and the group (Arts. 113 and 116(6) of CRD4; see also the draft Art. 4 of EBA/RTS/2014/16). For significant U.K. branches of EEA banks, the PRA uses criteria set out in the PRA SS 10/14 as a basis for judging whether a branch has a critical economic function (CEF). Where a branch carries out a CEF, the PRA contacts the consolidating supervisor to inform him/her that it considers the branch as ‘significant’ under European law (CRD IV) provisions. Once agreed by the consolidating supervisor—or, in the case of nonagreement, once the branch is designated ‘significant’ on a unilateral basis by the PRA (as allowed provided for under Art. 51 and 116(6) of CRD IV—the consolidating supervisor is required to invite the PRA to become a member of the college to participate in entity and group risk discussions (and recovery and resolution planning to the extent it is relevant to the branch/host). At the time of the assessment, the U.K. authorities participated in 10 supervisory colleges of banks with significant branches in the U.K. For U.K. branches on non-EEA banks, the PRA follows SS 10/14 to determine whether the branch is outside risk appetite and would not be allowed to operate as a branch in the U.K. The risk appetite is formalized in a decision tree, in which the first check is whether the home state’s supervision is deemed sufficiently equivalent: if not, the branch is considered outside risk appetite, otherwise the PRA verifies whether the home state supervisor accepts responsibility for the branch. In case it does, if the branch of a non-EEA bank contains a CEF, then in addition to the equivalence and responsibility conditions, the PRA requires a high level of assurance over resolution for the branch to remain inside risk appetite and to follow the agreed split of responsibilities between home and host states. The PRA is currently undertaking these assessments on U.S. branches on a case-by-case basis. For non-EEA banks more generally, where the PRA is deemed a significant regulator by the home state regulator, or make requests to be invited, the PRA attends an annual supervisory college and a crisis-management college. The PRA is responsible for establishing and coordinating supervisory colleges for banking groups but the FCA is invited to participate where conduct issues, including financial crime, are relevant. The FCA has attended colleges for the major internationally active U.K. banks, including where appropriate attending colleges held overseas. |
| EC 2 | Home and host supervisors share appropriate information on a timely basis in line with their respective roles and responsibilities, both bilaterally and through colleges. This includes information both on the material risks and risk management practices of the banking group60 and on the supervisors’ assessments of the safety and soundness of the relevant entity under their jurisdiction. Informal or formal arrangements (such as memoranda of understanding) are in place to enable the exchange of confidential information. |
| Description and findings re EC 2 | Art. 50 of CRD requires competent authorities of the members states to supply one another with all information on management and ownership of the institutions they supervise and all information useful to facilitate their monitoring, particularly with regard to liquidity, solvency, deposit guarantee, LE, administrative and accounting procedures, internal control mechanisms, and other factors that may influence the systemic risk posed by such institutions. Art. 51 of CRD states the conditions and procedures for the identification of a branch in a MS of a EU bank or banking group as ‘significant,’ the obligations on the home or consolidated supervisor to communicate to or consult with the host supervisor and to establish a college of supervisors. Art. 116 of CRD requires the consolidating supervisor, EBA, and the other competent authorities to exchange information (also of confidential nature, when needed) between each other and with EBA, within appropriate frameworks established by the colleges of supervisors. EBA RTS and ITS on information exchange between home and host competent authorities specify the kind of information that supervisory authorities are required to share, including:
Art. 48 of CRD entitles the EC to draft proposal (to be then submitted to the European Council) for the negotiation of agreements with one or more third (i.e., non-EU) countries regarding the means of exercising supervision on a consolidated basis, in particular, to ensure adequate exchange of information. PRA home perspective In order to facilitate timely sharing of information, the PRA schedules regular college teleconferences between college meetings, both with the core and general college. Such teleconferences are also scheduled prior to the disclosures of market-sensitive supervisory outcomes, such as the EBA and PRA stress test results. Both the banks, the PRA and host regulators share information openly in the college setting. When setting the agenda for college meetings and teleconferences, the PRA consults with host regulators to identify their areas of interest and concern, and prepares (and asks the firm to prepare) presentations to address these concerns. College updates from PRA and host supervisors include information on the material risks and risk-management practices of the banking group, and each supervisor’s assessment of the safety and soundness of the entity/entities that they supervise. In recent years, the JRAD process, guided by the EBA, has provided an increasingly structured framework and process for home and host authorities to share confidential supervisory information about risks, the quality of risk management, capital, and liquidity and in 2015 also recovery plans. The PRA as home regulator compiles input of detailed SREP scores, Pillar 2 add-ons and risk assessment narratives from all EEA-competent authorities and from non-EEA regulators of significant entities, and then drafts a JRAD risk assessment document and individual capital/liquidity guidance letter for discussion, amendment, and approval by the EEA-competent authorities in the college. MOUs are in place with most of the host regulators in the core colleges where the United Kingdom is consolidating supervisor. EA regulators within the General Colleges are covered by EU confidentiality rules and information-sharing gateways. In those instances where MoUs have not yet been completed with all regulators, the PRA either obtains written consent from the firm and other regulators to allow information sharing at that college meeting, or (for global colleges) avoids sharing supervisory confidential information and leave it for the bank to present on its risk profile. PRA host perspective The PRA follows in full all European legislative requirements establishing information to be exchanged with home authorities and other host authorities within the college. This includes details on material risks and risk-management practices through EBA JRAD templates covering all material risk elements. This information is provided to all members of the college, including host supervisors of branches where the branch has been designated as ‘significant’ or where the host supervisor of the branch has been invited as an observer. Where the PRA is host to an EEA branch and it is not part of the college, it will receive information through a specific EBA template (the forthcoming branch information pack—EBA/RTS/2013/10 to be rolled out from April 2016) that outlines basic prudential solvency and liquidity information at a group level, but does not provide detail on the supervisory assessment of material risks or risk-management practices. Prior to this, the PRA received a branch report and relevant information from the home authority, if requested. The PRA supplements this with information provided by the home supervisor in bi-annual calls, when the home supervisor is willing to provide this. The PRA’s ability to exchange confidential information with non-EEA regulators is restricted primarily by S348 and S349 of FSMA 2000 and regulations made by HMT under that section. The regime implements EU Directive requirements. The PRA is required to satisfy itself that there is a legal gateway to share confidential information. This involves assessing whether the professional secrecy laws applicable to the relevant non-EEA supervisor are at least equivalent to those imposed on the PRA by European Directives. In addition to this ‘equivalence’ assessment, the PRA also applies two additional criteria to determine whether to establish a formal MoU:
When the PRA is satisfied that the three criteria are met, it is in a position to enter into a formal MoU with the relevant non-EEA supervisor. The PRA’s policy is to publish its MoUs. They can be found on http://www.bankofengland.co.uk/about/Pages/mous/default.aspx. For other countries, the PRA’s policy is to engage with the relevant supervisor under the home-host framework. The PRA establishes informal supervisory arrangements to share nonconfidential information and agree the key issues and responsibilities for each supervisor. In either case, the confidentiality safeguards provided under FSMA incorporate the requirements of professional secrecy contained in the EU Directives. In addition, under S169(7), the PRA can permit a representative of an overseas regulator to attend and participate in an interview conducted, using the PRA’s investigative powers, on behalf of the overseas regulator. S169(8) requires the PRA to be satisfied that confidential information disclosed in the course of the interview be subject to confidentiality safeguards equivalent to those provided under FSMA 2000. Where the framework is in place to allow the sharing of confidential information, the PRA will share details on their assessment of the safety and soundness of the relevant entity, as well as the material risks and risk-management practices. The PRA also utilizes frequent formal calls with the home state supervisors to share knowledge and views. The assessors reviewed some JRADs and a presentation by the PRA—in its capacity as host supervisor—at both a EU and non-EU supervisory college. |
| EC 3 | Home and host supervisors coordinate and plan supervisory activities or undertake collaborative work if common areas of interest are identified in order to improve the effectiveness and efficiency of supervision of cross-border banking groups. |
| Description and findings re EC 3 | EU-wide legislation on home-host relationships:
EBA RTS and ITS on operational functioning of colleges contain provisions on information exchange and coordination between the consolidating supervisor and college members for a number of tasks: for performing group risk assessments and reaching joint decisions; with regard to the ongoing review of the permission to use internal approaches and non-material extensions or changes in internal models; on early warning signs, potential risks and vulnerabilities; with regard to non-compliance and sanctions; for the assessment of the group recovery plan; for the assessment of the group recovery plan; and with regard to group financial support agreements. PRA home perspective Core college meetings include as a standing item an update from each supervisory agency on its supervisory work program. This provides visibility between home and host supervisors and allows for identification of areas of shared focus/concern (and potential duplication), opportunities for information sharing, coordination and even joint supervisory activities, and for adjusting planned JRAD timetables and supervisory work plans to be able to incorporate more timely supervisory insights. Within the EU colleges, the JRAD process has resulted in greater collaboration and information sharing. PRA has participated in onsite supervisory reviews led by overseas host regulators, joint reviews of off-shored service centres and collaborated with local regulators on AQRs. PRA host perspective Arts. 112 and 117 of CRDIV require that home and host supervisors coordinate and plan supervisory activities. For non-EEA subs and branches, the PRA consistently undertakes joint working with the home state supervisors where either U.K. activities have a meaningful impact on the group (financial or people resources), or alternatively, the activities in the U.K. constitute a CEF. The PRA sets out in SS 10/14 the split of prudential supervisory activities with the Home State Supervisor in the case of the U.K. branch of a non-EEA bank. The PRA’s focus is specifically on any CEFs carried out by the branch, and its interconnectivity to U.K. financial stability. The assessors reviewed recent example of collaborative work with supervisors within and outside of the EU. FCA Where appropriate, the FCA co-ordinates supervisory activity and works collaboratively with other supervisors. For example, the Federal Reserve Bank has an interest in a major U.K. bank’s efforts to strengthen its AML controls both in the U.S. and globally. The FCA has therefore in the interests of efficiency co-ordinated with them to join some of the meetings which they have held with the bank and, to the extent permissible by law; both supervisors have exchanged information regarding the findings of supervisory reviews. |
| EC 4 | The home supervisor develops an agreed communication strategy with the relevant host supervisors. The scope and nature of the strategy reflects the risk profile and systemic importance of the cross-border operations of the bank or banking group. Home and host supervisors also agree on the communication of views and outcomes of joint activities and college meetings to banks, where appropriate, to ensure consistency of messages on group-wide issues. |
| Description and findings re EC 4 | EU-wide legislation on home-host relationships:
Art. 48 of CRD entitles the EC to draft proposal (to be then submitted to the European Council) for the negotiation of agreements with one or more third (i.e., non-EU) countries regarding the means of exercising supervision on a consolidated basis, in particular, to ensure adequate exchange of information. PRA home perspective The PRA as home supervisor coordinates communication on behalf of the college to the U.K.-regulated banking group. This includes sending information requests for bank inputs into JRAD (where applicable), commissioning bank presentations to the supervisory colleges (to address agreed key risks and concerns raised by host regulators), communicating feedback from the college members (on supervisory views, areas of concern, and quality of firm presentations) to the bank, and formally communicating JRAD outcomes to the bank. While individual bank colleges may not formally have an agreed a communication strategy, the JRAD processes have provided an increasingly structured framework for colleges to reach a share view about an widening range of supervisory issues and for agreeing a coordinated communication to the banking group and its regulated entities. While non-EEA regulators are formally only observers for the JRAD, and can only be asked to provide inputs on a voluntary basis, the PRA seeks to fully reflect their views for banks with material operations outside the EEA. For U.K. banks with non-EEA colleges, the PRA summarized the views of the college, agrees this with college members, and provides feedback to the bank. In case of joint reviews the PRA participates in the writing of the final report and input into the letter or final communication to the firm. Given the absence of a formal framework for specific joint supervisory reviews (outside of the prescribed JRADs) input into bilateral joint work is typically provided on an informal basis with either the PRA or the host regulator formally leading the review and validating findings through their internal governance process. FCA The formal communication of issues arising from international colleges is led by the PRA, with input from the FCA; but the FCA has developed channels of communication with overseas regulators on matters relating to conduct where there is a shared interest, where appropriate. |
| EC 5 | Where appropriate, due to the bank’s risk profile and systemic importance, the home supervisor, working with its national resolution authorities, develops a framework for cross-border crisis cooperation and coordination among the relevant home and host authorities. The relevant authorities share information on crisis preparations from an early stage in a way that does not materially compromise the prospect of a successful resolution and subject to the application of rules on confidentiality. |
| Description and findings re EC 5 | EU-wide legislation on home-host relationships:
PRA home perspective As a home regulator, the PRA and the RD of the BoE establish cross-border CMGs for U.K.-based internationally active banks. These CMGs are used to review the resolvability of individual U.K. banking groups within the FSB resolvability assessment process (RAP) Framework, including identifying and addressing potential obstacles to resolution. Resolution plans and RAPs for major U.K. banking groups are at different stages of developments, with CMGs for some banks having agreed resolution cooperation agreements (CoAgs). The CMGs typically include core college members plus resolution authorities for the same jurisdictions. PRA also engages bilaterally with key host regulators on crisis preparation contingency planning to safeguard business continuity and financial stability in the face of specific risks. PRA host perspective As a host supervisor for EEA branches and subsidiaries, the PRA shares information in every case with the home supervisor and other hosts on crisis preparation and actions following EU legislative requirements on crisis management as set out in Arts. 87–92 of the BBRD. Recent examples of this were provided to the assessors during their visit. As a host supervisor for non-EEA branches and subsidiaries the PRA provides all relevant crisis preparation information when requested by the home authorities, and where the branch or subsidiary is material and/or the PRA considers a crisis situation is likely to occur, it contacts the home supervisor to look to ensure that this occurs at an early stage. The framework for sharing confidential information with non-EEA regulators is set out in the response to EC 2 above. |
| EC 6 | Where appropriate, due to the bank’s risk profile and systemic importance, the home supervisor, working with its national resolution authorities and relevant host authorities, develops a group resolution plan. The relevant authorities share any information necessary for the development and maintenance of a credible resolution plan. Supervisors also alert and consult relevant authorities and supervisors (both home and host) promptly when taking any recovery and resolution measures. |
| Description and findings re EC 6 | EU-wide legislation on home-host relationships:
The PRA requires banks to draw up group recovery plans and to submit group resolution packs. The PRA reviews the group recovery plan(s) for completeness, credibility, and compliance with BRRD and EBA guidelines, before sending a draft JRAD template to the relevant competent authorities for discussion, amendment, and agreement in the new resolution colleges. PRA supervisors support the resolution planning work of the BoE’s RD (which leads on the discharge of the BoE’s functions as resolution authority) with provision of supervisory data, risk assessment, and supervisory insights. More formally, the PRA shares the recovery plan with the resolution authority for its view on any actions that may impact resolution. The supervisory authority is also consulted on its view as to the resolvability of the firm (this is a formal and legal requirement), and on the use of any powers which require the firm to remove any impediments to resolvability. The PRA must also be consulted on the resolution plan being drawn up by the resolution authority. The PRA is also obliged to inform the resolution authority when a firm meets the conditions for early intervention (as defined in the BRRD) and of its decision of whether or not to take any supervisory action as a result. This occurs when there are risks to viability absent action by the firm or significant threats to a firm’s safety and soundness. The PRA also must notify the resolution authority if a firm is considered failing or likely to fail. The BRRD does not set a requirement on NCAs to notify a non-EEA resolution authority that a firm is failing or likely to fail. |
| EC 7 | The host supervisor’s national laws or regulations require that the cross-border operations of foreign banks are subject to prudential, inspection and regulatory reporting requirements similar to those for domestic banks. |
| Description and findings re EC 7 | EU-wide legislation on home-host relationships:
For the subsidiary of a foreign bank or FHC incorporated in third countries, Art. 127 CRD requires that the EU competent authority at the highest level of potential consolidation assesses whether the subsidiary is subject to consolidated supervision by a third country supervisory authority equivalent to the regime for consolidated supervision in the EU (including prudential and reporting requirements and the power to conduct onsite inspections). If the assessment leads to the conclusion that equivalence is not guaranteed, the subsidiary has to be subject to CRR and CRD or to other appropriate supervisory technique(s) apt to achieve the objective of consolidated supervision, including by requiring the establishment of a financial (or mixed financial) holding company with head office in the EU. All banks (both U.K. incorporated and overseas banks operating in the United Kingdom) are assessed by the PRA to the same prudential standards. This is set out in “The PRA’s approach to banking supervision.”61 The PRA has the same statutory objectives, whether it is regulating domestic or overseas banks. However, the PRA’s powers and requirements differ between U.K. incorporated firms and U.K. branches of EEA and third-country firms. As set out by the EBA above, for the cross-border operations of EEA banking groups, the United Kingdom’s powers and responsibilities are set by EU law, specifically CRR/CRD and BRRD, and standards and guidelines adopted by the EBA. These ensure that prudential, inspection, and regulatory reporting requirements are similar for all banks across the EEA. Banks from non-EEA jurisdictions may operate within the United Kingdom as branches or subsidiaries. The PRA has set out its risk appetite for when it will allow firms to operate as branches in PRA SS 10/14. This depends upon the nature and scale of the activities in the United Kingdom, whether the PRA has assessed the Home State Supervisor as sufficiently equivalent, and whether the home state supervisor accepts responsibility for the branch and the level of assurances on resolution provided to the PRA by the home state supervisor. Where the operation of a branch is within risk appetite, the PRA seeks to agree a formal split of supervisory responsibilities so as to be able to place reliance on the home state regulator for key aspects of the branch’s supervision. Where the operation of a branch is outside the stated risk appetite, the firm is required to operate within the United Kingdom as a subsidiary (where it is subject to the same prudential requirements as a subsidiary of a U.K. banking group). In placing reliance upon the home state supervisor, the PRA carries out a third-country assessment as set out in Principle 12 EC 6. Where a home state supervisor is considered to be equivalent and a branch is authorized the PRA’s objective is to ensure that it does not impact on the safety and soundness of the U.K. financial system in the same manner as if it were a U.K. banking group. Thus if the branch contained a CEF the level of scrutiny of those operations would be considerably more than for other branch operations where greater reliance would be placed on the home state supervisor. The PRA will require that the home state supervisor accepts its Prudential Regulations responsibilities for the branch and that there is a firm-specific split of Prudential Regulation responsibilities. The PRA’s policy is that all banks are subject to similar inspection and regulatory reporting requirements. As part of the implementation of the LCR, the PRA now requires liquidity information on a whole firm basis and has discontinued the ‘Whole Firm Liquidity Modification’ regime, which allowed overseas banks with U.K. branches to apply for a waiver of most of prudential sourcebook for banks, building societies, and investment firms (BIPRU) 12 rules, subject to certain conditions (including an equivalence assessment of the liquidity regime of the home state regulator of the applicant bank). |
| EC 8 | The home supervisor is given on-site access to local offices and subsidiaries of a banking group in order to facilitate their assessment of the group’s safety and soundness and compliance with customer due diligence requirements. The home supervisor informs host supervisors of intended visits to local offices and subsidiaries of banking groups. |
| Description and findings re EC 8 | EU-wide legislation on home-host relationships:
Art. 47 CRD means that an EU-MS cannot treat a third-country branch any better than an EU entity. It is expected therefore that the third-country’s home state supervisor’s access cannot be better than any EU MS’s access to its branch. It does not necessarily mean that non-EU home supervisor is given onsite access to local offices (i.e., branches) of a banking group—nor does it mean that the 3rd country supervisor would be given parity of treatment with an EU-home country supervisor of an EU branch. In theory, if not in practice, the EU home authority would be allowed to explicitly restrict or prevent such access. PRA Rules require firms to provide it with access to their business premises.62 The PRA regularly conducts onsite supervisory reviews of U.K. banks’ operations in other countries. Where the PRA is the home supervisor it arranges these onsite reviews through the head office of the bank under review. The PRA follows a protocol to notify host supervisors of intended visits, and also inviting them to join in the meetings, if they wish. FCA The FCA has where necessary visited the overseas operations of certain major U.K. banks in order to assess the quality of customer due diligence AML controls in relation to U.K. requirements. The FCA notifies the relevant home supervisor in advance of such visits and typically shares the findings. For example, The FCA has within the past two years visited several overseas operations of a major U.K. bank for these purposes, including Brazil, Turkey, the U.A.E., Hong Kong SAR, Macau, and Switzerland. |
| EC 9 | The host supervisor supervises booking offices in a manner consistent with internationally agreed standards. The supervisor does not permit shell banks or the continued operation of shell banks. |
| Description and findings re EC 9 | EU-wide legislation on home-host relationships:
NCAs should demonstrate that they actually ban shell banks and supervise booking offices in a manner consistent with internationally agreed standards. One of the Threshold Conditions is that “the firm must be capable of being effectively supervised by the PRA.” Furthermore firms are required to have a sustainable and viable business model and be capable of accreting capital through the business cycle. All these would preclude a bank that was a ‘shell bank’ or ‘booking office.’ There are no shell banks in the United Kingdom. On the supervision of booking offices reviewers were given access to confidential papers that set out PRA expectations. Shell banks are effectively prevented from operating in the U.K. through S16 Money Laundering Regulations (MLR) 2007 whereby, they are not able to obtain banking relationships with credit institutions. The approach taken by the PRA’s predecessor organization, the FSA, was recognized by the financial action task force (FATF) in the mutual evaluation follow-up report (December 2009) and the position has not changed in the new regulatory structure now in place. |
| EC 10 | A supervisor that takes consequential action on the basis of information received from another supervisor consults with that supervisor, to the extent possible, before taking such action. |
| Description and findings re EC 10 | EU-wide legislation on home-host relationships:
For the information received by a non-EU authority, provisions on ex-ante consultation or expost information on supervisory actions taken on the basis of such information are contained in some of the MoUs signed with non-EU authorities and, more generally, represent an established working modality for the U.K. authorities in their interaction with their non-EU counterparts. |
| Assessment of Principle 13 | Compliant |
| Comments | The U.K. authorities, in their capacity as both home and host supervisors of cross-border banking groups, regularly share information and cooperate with foreign authorities for effective supervision of groups and group entities. Foreign banks operating in the United Kingdom are subject to the same standards as those required of domestic banks. |
| Principle 1 | Responsibilities, objectives, and powers. An effective system of banking supervision has clear responsibilities and objectives for each authority involved in the supervision of banks and banking groups.12 A suitable legal framework for banking supervision is in place to provide each responsible authority with the necessary legal powers to authorize banks, conduct ongoing supervision, address compliance with laws and undertake timely corrective actions to address safety and soundness concerns.13 |
| Essential criteria | |
| EC 1 | The responsibilities and objectives of each of the authorities involved in banking supervision14 are clearly defined in legislation and publicly disclosed. Where more than one authority is responsible for supervising the banking system, a credible and publicly available framework is in place to avoid regulatory and supervisory gaps. |
| Description and findings re EC 1 | The CRD requires MSs to ensure that National Competent Authorities (NCAs) assess compliance with CRD and CRR (Arts. 4–7), and that such function is separate and independent from the functions relating to resolution (Art. 4). Art. 5 requires MSs to coordinate internally if there are more than one NCA, and Art. 6 requires MSs that NCAs cooperate within the European System of Financial Supervision (ESFS) and European Systemic Risk Board (ESRB). The PRA and FCA are the NCAs for the United Kingdom. They have responsibility for the supervision of banks, the PRA for prudential matters and the FCA for conduct matters. The PRA supervises around 1,700 firms and groups, including over 900 deposit-takers (banks, building societies and credit unions) and nearly 700 insurers of all sizes (general insurers, life insurers, friendly societies, and mutuals).15 The FCA is the conduct supervisor for approximately 56,000 firms across all industry sectors (including all deposit-takers) and the prudential supervisor for approximately 24,000 firms not regulated by the PRA, including a large number of investment firms subject to the CRD. The responsibilities and objectives of the PRA and FCA are set out in the FSMA 2000, which is public (http://www.legislation.gov.uk/ukpga/2000/8/contents). In discharging its general functions, the PRA is required to act so far as reasonably possible in a way which advances its general objective of promoting the safety and soundness of PRAauthorized persons (S2B FSMA).16 This general objective is to be advanced primarily by: (i) seeking to ensure that the business of PRA-authorized persons is carried on in a way which avoids any adverse effect on the stability of the U.K. financial system; and (ii) seeking to minimize the adverse effect that the failure of a PRA-authorized person could be expected to have on the stability of the U.K. financial system. The emphasis on bank failures in terms of their impact on financial stability supports the PRA’s ‘no zero-failure’ policy (i.e., that it is not the PRA’s role to ensure that no firm fails, which is also explicitly stated in S2G FSMA),17 and helps to understand the PRA’s apparent degree of risk appetite and consequent supervisory approach. In its public discourse the PRA often uses the term ‘risk appetite’ (e.g., in the programmatic document on its approach to banking supervision), even though there is not a defined and articulated process leading to a clear identification of the PRA’s risk appetite and of its implications at executive level. As announced in the 2015 annual report (p. 21), the PRA is reviewing its Target Operational Model, risk appetite, oversight and mitigation. PRA’s general safety and soundness objective is expressed also through the Fundamental Rules, contained in the PRA Rulebook. They set PRA’s general expectations with respect to banks’ conduct, adequacy of financial resources, risk strategy and risk management, organization and control, openness and cooperation with the PRA, preparedness to resolution. The PRA also has a secondary competition objective. This requires that when discharging its general functions in a way that advances its objectives, the PRA acts in a way that facilitates effective competition in the markets for services provided by PRA authorized persons. In discharging its general functions, the FCA is required to act in a way that is compatible with its strategic objective and advances one or more of its operational objectives (S1B FSMA). The FCA’s strategic objective is to ensure that the relevant markets function well. The FCA’s operational objectives are:
In discharging its general functions, the FCA and PRA are also required to have regard to the regulatory principles specified in FSMA S3B, which include:
Much of the detail involved in the PRA’s and FCA’s execution of their responsibilities is included in secondary legislation and regulators’ rules, including the PRA and FCA Handbooks of Rules and Guidance and the Regulated Activities Order (SI 20001/544). This Order sets out the specific activities which firms must receive PRA or FCA permission to carry on. The FSMA establishes a number of coordination mechanisms for the PRA and FCA (see EC 3). There are also specific requirements in FSMA as to how the PRA and FCA will coordinate regulatory processes where both authorities are involved, such as rulemaking and enforcement. This ensures that both authorities have appropriate input into the process. Examples of hard requirements for cooperation include the duty to consult on rules (S138I and S138J of FSMA), imposition of a requirement by either regulator (S55L and S55M of FSMA), and the definition of “appropriate regulator” for enforcement purposes (S204A of FSMA). On April 1, 2013, the FPC was established on a statutory basis as the United Kingdom’s macroprudential authority, following two years of operating on an interim basis. The FPC has a primary objective to contribute to the achievement of the BoE’s financial stability objective “to protect and enhance the stability of the financial system of the United Kingdom.” The law gives the FPC two main types of power: first, it can make Recommendations, on a comply or explain basis, to the microprudential regulators (the PRA and the FCA) to take measures to mitigate risks in relation to any aspect of their regulated entities (but not focused on a specified individual entity).19 The other set of powers that the FPC has is to give directions to the PRA and FCA to deploy specific macroprudential tools prescribed by HMT. The FPC can currently direct the PRA to use: the CCB, which allows the FPC to change capital requirements above normal microprudential standards in relation to all loans and exposures of banks to borrowers in the United Kingdom; the SCR, which are more targeted and allow the FPC to change capital requirements on exposures to three specific sectors judged to pose a risk to the system as a whole: residential property (including mortgages), commercial property and other parts of the financial sector; the limits on residential mortgage lending, both owner-occupied and buy-to-let, in terms of loan-to-value ratios and/or debt-to-income ratios (including interest coverage ratios in respect of buy-to-let lending). The BoE is the United Kingdom’s resolution authority for banks, building societies, central counterparties and certain investment firms. The BoE and the relevant prudential supervisor will make the decision to put a firm into the resolution regime, having consulted HMT. The Banking Act clearly sets out the roles and powers of the respective authorities. HMT (as part of the U.K. government) is responsible for proposing any amendments to FSMA, which must be passed by parliament before they can become law. The statutory framework recognizes the importance of there being a credible and publicly available framework in place to avoid regulatory and supervisory gaps. In the banking regulatory framework of the EU, the EBA is a competent authority for the purposes of functioning of colleges of supervisors, whilst not bearing any supervisory responsibilities. The European Commission is in charge of regulatory matters for the whole EU, but has no supervisory powers. |
| EC 2 | The primary objective of banking supervision is to promote the safety and soundness of banks and the banking system. If the banking supervisor is assigned broader responsibilities, these are subordinate to the primary objective and do not conflict with it. |
| Description and findings re EC 2 | In discharging its functions, the PRA, as the prudential supervisor for all deposit-takers, is assigned the primary objective of promoting the safety and soundness of PRA-authorized persons (S2B FSMA). The PRA also has a secondary competition objective, which does not conflict or override the primary objective. This requires that when discharging its general functions in a way that advances its objectives, the PRA acts so far as reasonably possible in a way that facilitates effective competition in the markets for services provided by PRA authorized persons. |
| EC 3 | Laws and regulations provide a framework for the supervisor to set and enforce minimum prudential standards for banks and banking groups. The supervisor has the power to increase the prudential requirements for individual banks and banking groups based on their risk profile 20 and systemic importance.21 |
| Description and findings re EC 3 | In the United Kingdom, banks are required to meet the Threshold Conditions set by FSMA (Schedule 6) and comply with rules made by the PRA and FCA, in order to be authorized and to continue to be authorized. The Threshold Conditions include, in particular, the obligation to have adequate financial resources. While they are not requirements directly applying to firms in the same way that rules do (i.e., a failure to meet Threshold Conditions cannot be used as a basis for fining a firm), the Threshold Conditions impose requirements on the regulator in relation to the authorization and on-going supervision of the firm, giving them power to act and forming the basis of the trigger for resolution of a bank. The PRA routinely sets Pillar 2A capital for credit, market, counterparty and operational risks where Pillar 1 capital requirements are found to underestimate risk. The PRA also sets Pillar 2A capital for IRRBB, credit concentration risk and pension obligation risk, which are not captured under the Pillar 1 regime. It may also set capital for other risks depending on their materiality to the firm.22 The sum of Pillar 1 and Pillar 2A requirements represent the individual capital guidance (ICG), i.e., the amount of capital a bank should hold at all times; the PRA expects banks to meet Pillar 2A with at least 56 percent of CET1 and no more than 25 percent of Tier 2 Capital, i.e., reflecting the composition of Pillar 1 capital. Firms may be expected to hold additional Pillar 2B capital (PRA buffer) to ensure that they continue to meet minimum capital requirements during a stressed period (as estimated under either the concurrent stress test (CST),23 for the largest banks, or own stress tests, for the remaining ones). Where the PRA assesses a firm’s risk-management and governance (RM&G) to be significantly weak, it may also set the PRA buffer to cover the risks posed by those weaknesses until they are addressed. Another component of the PRA buffer is meant to cover losses that may arise under a severe stress scenario and is informed by the results of stress test exercises (either the CST, for the largest banks, or own stress tests, for the remaining ones). In addition, the PRA can take into account other factors when carrying out the buffer assessment, including a bank’s systemic importance. Given the potential overlap between the risks covered by the PRA buffer and those addressed by the capital conservation and systemic buffers set forth by CRD, the PRA buffer is generally set as the excess—if any—over and above the CRD buffers. Both the PRA and FCA also have the power to alter or revoke rules, and to modify or waive rules in particular cases (FSMA S138A). Where the PRA or FCA proposes to make rules, it must publish a draft of the proposed rules in the way appearing to it to be best calculated to bring them to the attention of the public. The draft rules must be accompanied by a cost-benefit analysis; an explanation of the purpose of the rules; an explanation of the reasons why they believe that making the proposed rules is compatible with its general duties under FSMA; and a notice that representations may be made about the proposals within a specified time (S138I of FSMA). The PRA and FCA have strong enforcement powers, including the power to issue unlimited financial penalties and publicly censure firms and individuals. The regulators’ enforcement powers are set out in S66 FSMA (in relation to individuals) and in Part XIV FSMA (S205 and S206) (in relation to firms). If the PRA identifies any breach of the PRA’s rules, it could take steps to enforce against the firm which is in breach. There are a wide variety of enforcement powers available to the PRA and the fines that can be imposed are substantial (see EC 6 for further explanation). |
| EC 4 | Banking laws, regulations, and prudential standards are updated as necessary to ensure that they remain effective and relevant to changing industry and regulatory practices. These are subject to public consultation, as appropriate. |
| Description and findings re EC 4 | The current CRD/CRR framework, adopted in 2013, represents the third reincarnation of the CRD originally issued in 2006, then modified and issued as CRD II in 2009 and updated again in 2010 (CRD III) each time following a public consultation process. EBA technical standards and guidelines are also subject to formal public consultations. The PRA and FCA update their rules and their guidance on a regular basis to take account of market changes.24 Updates are also made as and when necessary to implement new EU rules in the form of Directives. However, significant portions of the prudential framework for U.K. banks is directly applied under EU Regulations (the CRR), which are made and amended by the European authorities and are not implemented through PRA rules. Where either regulator proposes to make rules, it must publish a draft of the proposed rules in the way appearing to it to be best calculated to bring them to the attention of the public. The draft rules must be accompanied by a cost-benefit analysis; an explanation of the purpose of the rules; an explanation of the reasons why making the proposed rules is compatible with the regulator’s general duties under FSMA; and a notice that representations may be made about the proposals within a specified time (S138I FSMA). This affords the industry and others an opportunity to comment on proposed rule changes before they are made. |
| EC 5 | The supervisor has the power to:
|
| Description and findings re EC 5 | CRD Art. 65 requires MSs to provide NCAs to have information gathering and investigatory powers for the exercise of their functions. Art. 97 expects NCAs to have the ability to conduct supervisory review and evaluation to comply with CRD and CRR. The PRA and FCA have full access to a bank’s Board, management, staff and records by virtue of their powers to gather information under S165 of FSMA and to appoint persons to conduct investigations under S167 and S170 of FSMA. PRA Fundamental Rule 7 requires a firm to deal with its regulators in an open and cooperative way and to disclose to the PRA appropriately anything relating to the firm of which the PRA would reasonably expect notice. Failure to provide information required by either regulator in an investigation without reasonable excuse can be punished by the court in the same way as being in contempt of court. Knowingly providing materially false or misleading information to the PRA constitutes a criminal offence. Furthermore, destroying, concealing, falsifying or otherwise disposing of a document which is or may be relevant for an investigation will constitute a criminal offence where a person was aware or suspected that the regulators were likely to conduct any such investigation (S177 and S398 FSMA). The PRA and FCA may apply for a warrant to enter into the premises of a bank and obtain documents or information of a specified kind, where they suspect that a requirement to provide information is not being complied with or the documents or information would be removed, tampered or destroyed if such a requirement were imposed (S176 of FSMA). Any person who intentionally obstructs the exercise of any rights conferred by a warrant will be guilty of an offence. These powers can be exercised by the PRA in relation to U.K. incorporated firms (including U.K. subsidiaries of overseas firms) as well as in relation to U.K. branches of overseas firms (in the case of an EEA firm, in line with the allocation of responsibilities between the home and host supervisor under European law). In principle, the investigatory powers can be used in other jurisdictions, although the ability to enforce them in other jurisdictions may be limited by overseas legal requirements. However, a failure to cooperate with such an inspection may involve a breach by a firm of PRA Fundamental Rule 7, which requires firms to deal with regulators in an open and cooperative manner and may call into question the firm’s compliance with the Threshold Conditions for authorization. |
| EC 6 | When, in a supervisor’s judgment, a bank is not complying with laws or regulations, or it is or is likely to be engaging in unsafe or unsound practices or actions that have the potential to jeopardize the bank or the banking system, the supervisor has the power to:
|
| Description and findings re EC 6 | CRD provides a common framework where NCAs are expected to have the power to withdraw the authorization granted to a credit institution (Art. 18), to impose penalties (Art. 64), to require an institution to take corrective actions (Art. 102), and for the NCAs to require corrective actions (Art. 104). The EU framework for resolution is established in the BRRD. The PRA and FCA have powers under FSMA to take action against banks that do not comply with the requirements set out in FSMA, the secondary legislation under FSMA, and in their rules. Corrective action and revocation of license: In cases where the bank is failing or likely to fail to satisfy Threshold Conditions (including the requirement to conduct business in a prudent manner, considering the effect that carrying on such a business or the bank failing can have on the stability of the U.K. financial system), the regulators may change the bank’s permission on their own initiative under S55J of FSMA (own initiative variation of permission (OIVOP)). They may also exercise this power to meet any of their regulatory objectives. An OIVOP may include withdrawing a bank’s authorization, and limiting its ability to accept deposits. In addition the FCA or the PRA may impose requirements on banks, including a requirement to do or not do a specified action (S55L and S55M of FSMA). Imposition of sanctions: Where a bank has contravened a requirement imposed on it by or under FSMA, the PRA or FCA may take disciplinary actions under Part XIV of FSMA which may include:
The BoE is the designated resolution authority for the United Kingdom. There are two key conditions that must be met before a firm can be put into resolution. The first condition is that the firm must be failing, or likely to fail. This assessment is made by the prudential supervisor (the PRA, or the FCA for those firms regulated solely by the FCA), having consulted the BoE as resolution authority. The second condition is that it must not be reasonably likely that action will be taken—outside resolution—that will result in the firm no longer failing or likely to fail. This assessment is made by the BoE as resolution authority, having consulted the PRA or FCA, and HMT. |
| EC 7 | The supervisor has the power to review the activities of parent companies and of companies affiliated with parent companies to determine their impact on the safety and soundness of the bank and the banking group. |
| Description and findings re EC 7 | The CRD (Art. 4) requires MSs to empower their NCAs to monitor the activities and obtain the information needed from FHCs and MFHCs. It also provides a legal framework to conduct consolidated supervision (Arts. 111–127). The PRA supervises large complex groups on a consolidated basis, even where the holding company is technically not a regulated legal entity. Where parent companies and their affiliates are ‘credit institutions’ or ‘investment firms’ (as defined in Art. 4 of CRR), they are supervised under the CRD and required to comply with general prudential requirements specified in the CRD/CRR. Parent companies that are holding companies fall outside of the scope of the CRR. The Financial Services Act 2012 gave the PRA and the FCA two new powers over ‘qualifying parent undertakings,’ i.e., U.K.-based parent companies of U.K.-authorized entities, which are not themselves authorized entities (see FSMA S192B and S192C). These powers are: (i) a power to give directions to individual qualifying parent undertakings, requiring them to take specific actions or to refrain from taking specific actions; and (ii) a power to make rules requiring qualifying parent undertakings to provide to either regulator information or documents of a specified description. Both regulators have issued policy statements on use of the power to issue directions over qualifying parent undertakings. The PRA’s power of direction over qualifying parent undertakings can be used by the PRA to require qualifying parent undertakings to provide information/documents in respect of activities of companies affiliated with such parent undertaking. The PRA’s specific rule making power could be used to impose rules requiring all qualifying parent undertakings to provide specified information to the PRA on the request of the PRA. This could be for the purpose of obtaining information from the qualifying parent undertaking in respect of affiliated companies to determine the impact of such companies on the safety and soundness of the relevant PRA authorized bank or the banking group. However, to obtain information on companies affiliated with the banking group, the PRA may also choose to use its information gathering powers over the PRA authorized entity. These rules require the PRA authorized entity to permit the PRA to have access to any document that the PRA reasonably requests (Rule 4.1 of the Information Gathering Part of the PRA Rulebook). |
| Assessment of Principle 1 | Compliant |
| Comments | The new financial regulatory architecture introduced by the Financial Services Act 2012 has formally separated the prudential and conduct supervision functions on deposit-takers, assigning the former to the PRA and the latter to the FCA. This somehow addresses one of the main concerns raised by the previous FSAP mission, i.e., an unclear and ultimately unbalanced allocation of effort and resources between the two macro-objectives, with the prudential one eventually crowded out by an increasing emphasis on conduct issues. The Act provides greater clarity by dividing these mandates and assigning them to two separate agencies, each one subject to specific accountability requirements; it is less clear whether it also addresses in a substantial way the unbalanced allocation of resources (see CP 2). The 2012 law also reformulates the two agencies’ objectives, assigning to the PRA a primary objective and defining it more clearly than it was the case for the FSA: while the FSA was tasked with four statutory objectives (market confidence, consumer protection, reduction of financial crime, and—from 2010—financial stability), with no guidance on how to deal with the trade-offs among them and no explicit mention of the safety and soundness of banks, the PRA has, as its primary objective, that of promoting the safety and soundness of PRA-authorized persons. It also has to act in a way that facilitates effective competition in the markets for services provided by PRA authorized persons. This represents a secondary objective: while the PRA must consider the effect on competition when exercising its general functions in areas such as rule making, general policy, and Supervisory Statements (SS) and codes, in any circumstance in which there is a conflict between the promotion of competition and the PRA’s primary objective, the action that promotes the primary objective will have to take precedence. The FSA had also set for itself a number of principles related to good regulation that it had committed to ‘have regard to’ when discharging its functions. Among them: the international character of financial services and markets and the desirability of maintaining the competitive position of the United Kingdom; and the need to minimize the adverse effects on competition that may arise from anything done in the discharge of its functions. These were also rightly cited in the previous FSAP as elements likely to weaken the supervisor’s focus on prudential issues.25 The PRA objective function is formulated exclusively in terms of statutory objectives and is accompanied by a more narrative document (‘The PRA’s Approach to Banking Supervision,’ April 2014), which reconfirms the hierarchy of its primary and secondary objectives and describes how it has organized itself to achieve them. The law also states that the PRA’s general objective is to be advanced by seeking to minimize the adverse effect that the failure of a PRA-authorized person could be expected to have on the stability of the U.K. financial system and clarifies that the PRA is not expected to ensure that no PRA-authorized person fails: this helps to understand the PRA’s apparent degree of risk appetite and its supervisory approach (see CP 8), which entails a relevant allocation of resources to the supervision of the largest, systemic banks, at the price of a significantly less intense and intrusive approach on the medium and small banks. While the prioritization adopted by the PRA makes sense from a financial stability perspective, it may raise concerns regarding reputational risk for the supervisor: as the recent financial history in the U.K. has demonstrated, a failure doesn’t need to concern a systemic bank for the trust of general public in the banking system to be undermined. Nor a supervisor can necessarily afford the risk of being perceived, ex-post, as having not been sufficiently intrusive—and, ultimately, effective—in the case of failure by a less-than-systemically important bank, even absent any relevant consequence for financial stability. The disruption to financial services and the losses on non-insured deposits caused, for example, by the failure of a mid-size regional bank could affect enough customers to garner public scrutiny and potentially discredit the supervisor’s reputation and credibility, should the intensity of its previous supervisory action be perceived as insufficient. Further considerations on the PRA resourcing are presented in CP 2. The FCA has a strategic objective (good functioning of financial markets) and three operational objectives that do not appear to conflict with or override the main one: securing an appropriate degree of protection for consumers; protecting and enhancing the integrity of the financial system; and promoting effective competition in the interests of consumers. Since April 2013 the FPC operates as the United Kingdom’s macroprudential authority, with the primary objective of contributing to protect and enhance the stability of the U.K. financial system. The law gives the FPC the power to make recommendations to the PRA and the FCA to take measures to mitigate risks in relation to any aspect of their regulated entities (but not focused on a specified individual entity) and to give directions to the PRA and FCA to deploy specific macroprudential tools prescribed by HMT (like the CCB, the SCR, and the limits on residential mortgage lending in terms of loan-to-value ratios and debt-to-income ratios). The experience with the deployment of macroprudential tools by the PRA/FCA under the direction of FPC is still recent and immature: the countercyclical and sectoral buffers have not been activated yet, while limits on residential mortgages have been applied in a limited form (the PRA and the FCA were required to ensure that mortgage lenders limit the proportion of mortgages at loan to income multiples of 4.5 and above to no more than 15 percent of their new mortgages). There is then limited evidence, until now, about either the effectiveness of the tools in achieving their aim or the operational burden imposed on the microprudential regulators by the enactment of the macroprudential measures: at this stage it seems that cooperation, especially between the BoE and the PRA, is favoring the dialogue between specialists and, ultimately, the deployment of the potential synergies stemming from having both the macro and micro dimensions of prudential supervision under a single roof (‘one bank’). The ‘trade’ of resources between the two sides also appears as fairly balanced, so far: the financial stability experts of the BoE contribute with their view of the macroeconomic and macrofinancial situation, while the specialists and supervisors from the PRA provide their more on-the-ground expertise and active collaboration (e.g., in running the CSTs). The concern, expressed by the previous FSAP, that “the new macroprudential overlay [might] divert resources from effective core supervision” does not seem to have materialized, so far. But this statement needs to be reassessed dynamically: the CST is already absorbing a significant amount of time, energy, and resources, and its further evolution, if not accompanied by an accurate program in terms of recruiting, staff retention, and training, might end up exacting an excessive toll on the micro side of prudential supervision. The powers over parent undertakings, assigned to the PRA and the FCA in 2012, appear as broadly adequate to allow the two authorities to assess the impact of non-regulated parent and affiliated companies on banks, though they would not allow them to exercise on such entities the same powers they have on regulated entities: for example, the APR and, from March 2016, the SMR would not apply to the directors of a non-financial holding—unless, of course, they also have directive/managerial roles in the controlled regulated entity. However, the new powers look broad enough and, when coupled with the extensive powers of requesting information to regulated entities that the PRA and FCA already had, they should allow them to obtain the information needed to assess the impact that parent companies (and, through them, affiliated companies) can have on the safety and soundness of a bank or banking group. |
| Principle 2 | Independence, accountability, resourcing and legal protection for supervisors. The supervisor possesses operational independence, transparent processes, sound governance, budgetary processes that do not undermine autonomy and adequate resources, and is accountable for the discharge of its duties and use of its resources. The legal framework for banking supervision includes legal protection for the supervisor. |
| Essential criteria | |
| EC 1 | The operational independence, accountability and governance of the supervisor are prescribed in legislation and publicly disclosed. There is no government or industry interference that compromises the operational independence of the supervisor. The supervisor has full discretion to take any supervisory actions or decisions on banks and banking groups under its supervision. |
| Description and findings re EC 1 | The independence of the PRA and FCA, the supporting governance and accountability arrangements are set out in statute (the FSMA 2000), and in the articles of association of each body which are publicly disclosed (see also EC 3). The PRA is established as a company limited by shares with the BoE as the sole shareholder. The majority of its Board members are, by law, independent nonexecutives. The Court of the BoE (which is its governing body) approves the PRA’s budget. The FCA, established as a private company, has operational independence in conducting its activities, notwithstanding its ultimate accountability for performance of its statutory objectives to the government and parliament. Both the FCA and PRA are financed by fees they are directly empowered to levy on industry by statute, subject to consultation, and neither body is subject to budgetary control by central government. The PRA is required to publish this budget and any variation, and is responsible for annual reporting. The government has no involvement in the day to day operation of the regulators and has only very limited powers of direction in circumstances specified in legislation. Briefly, HMT may direct the regulators as follows:
The last point, in particular, refers to the new powers of investigation brought in through the Financial Services Act 2012. Under this Act, the FCA, and PRA are required to investigate and make a report to the Treasury, to be laid before parliament, where there has been a serious failure in the system of financial regulation, or in the operation of that system, and certain conditions as set out in legislation are met. The Act also provides the Treasury with the power to direct either the FCA or PRA that conditions for an investigation appear to have been met if, for example, it disagrees with the regulators assessment. It is also possible for the Treasury to direct either regulator to carry out an investigation solely on the grounds it believes it would be in the public interest, and there has been (and is) no investigation by the regulators into the event in question. The Treasury has announced the intention to use this power only once to date, in November 2013, by ordering an independent investigation into the events at the Co-op BoE and the circumstances surrounding them. However, as the FCA and PRA also announced the intention to launch formal enforcement investigations on the case, the Treasury clarified that “The independent investigation under the Financial Services Act will therefore not start until it is clear it will not prejudice any actions the relevant authorities may take, including the potential FCA and PRA enforcement investigations.” The PRA has concluded its enforcement action against two former senior Co-op BoE employees but, at the time of the assessment, the FCA made it clear that they were not at the stage where it was clear that there would be no such prejudice. Consequently, no HMT investigation had started yet. The nature of the legal provision and the evidence drawn from the only case when it was applied lead to interpret it as an instrument for ex-post accountability in cases of potential regulatory failure, rather than as a potential source of ex-ante interference in supervisory action. |
| EC 2 | The process for the appointment and removal of the head(s) of the supervisory authority and members of its governing body is transparent. The head(s) of the supervisory authority is (are) appointed for a minimum term and is removed from office during his/her term only for reasons specified in law or if (s)he is not physically or mentally capable of carrying out the role or has been found guilty of misconduct. The reason(s) for removal is publicly disclosed. |
| Description and findings re EC 2 | Schedule 1ZB of FSMA includes the requirement for the BoE’s Governor to be Chair of the PRA and the Deputy Governor for Prudential Regulation to be Chief Executive of the PRA. Both the governor and deputy governor for Prudential Regulation are appointed by the Queen under Section 1(2) of the BoE Act 1998, on the recommendation of the Prime Minister and Chancellor. The governor and deputy governors for Prudential Regulation and Financial Stability are members of the PRA Board ex officio. They can be removed from office by the BoE, with the consent of the Chancellor of the Exchequer, if considered unable or unfit to discharge their functions as members. All appointed members of the PRA Board must be appointed by the court of directors of the BoE with the approval of HMT para. 6 of Schedule 1ZB FSMA). The grounds for removal of an appointed member are set out in FSMA (para. 14 of Schedule 1ZB) and include the grounds of incapacity or serious misconduct and significant conflicts of interest. Schedule 1ZA of FSMA includes details of the FCA’s constitution; this includes a requirement (para. 2 of Schedule 1ZA) that the chairman and other members of the FCA’s governing body must be appointed, and be liable to removal from office, by the Treasury (two members are required to be jointly appointed by the Treasury and the Secretary of State). The requirements include provision detailing the circumstances in which the Treasury may remove the chairman or other members from office (para. 4 Schedule 1ZA). As for the PRA, these include the grounds of incapacity or serious misconduct, and significant conflicts of interest. From April 1, 2013, the Treasury appoints the Chairman of the FCA for a minimum term of five years and the CEO for a minimum term of three years. According to the BoE Act, the Chair of the PRA (BoE Governor) is appointed by the Queen for a term of eight years (though the current governor has indicated he intends to serve for five years). The CEO of the PRA is appointed by the Queen for a term of five years from April 1, 2013. There are no legal provisions requiring that the reason(s) for removal of the head(s) of the supervisory authorities be disclosed. Appointed members of the Boards of both organizations are generally appointed for a standard minimum term of three years. In some cases initial appointments have been for less than three years to stagger changes in the nonexecutive membership. |
| EC 3 | The supervisor publishes its objectives and is accountable through a transparent framework for the discharge of its duties in relation to those objectives.26 |
| Description and findings re EC 3 | The PRA and FCA objectives are set out in the legislation as summarized in EC 3 of Principle 1. The PRA’s approach to supervision is published. The PRA is accountable under FSMA for its performance against its statutory objectives through the power, assigned to HMT, to appoint an independent person to review the economy, efficiency and effectiveness with which the PRA has used its resources in discharging its functions (S2O). This power had never been used by the Treasury at the time of the assessment. HMT can also require the PRA to undertake an investigation into any “relevant events,” where HMT considers it to be in the public interest and the PRA has not undertaken, or is not undertaking, an investigation already (S77 of the Financial Services Act 2012). As said in EC 1, an investigation of this kind has been announced and immediately suspended to wait for the outcome of investigations to be conducted by the PRA and FCA. FSMA also requires that the PRA:
The FCA is accountable under FSMA for its performance against its statutory objectives through a separate but similar structure:
In addition, the Treasury Select Committee of the house of commons, from time-to-time considers the performance of the PRA and FCA in carrying out their functions under FSMA, and requires the senior executives of the PRA and FCA to appear before it. Lastly, the recipients of PRA and FCA decisions may challenge those decisions before the Upper Tribunal, where this is expressly stated by FSMA or, otherwise, via judicial review. |
| EC 4 | The supervisor has effective internal governance and communication processes that enable supervisory decisions to be taken at a level appropriate to the significance of the issue and timely decisions to be taken in the case of an emergency. The governing body is structured to avoid any real or perceived conflicts of interest. |
| Description and findings re EC 4 | The PRA’s supervisory internal governance is operated through the PRA Regulatory Decision Making Framework Guide. The guide provides all staff with information on all relevant processes and provides clear guidance on how to take decisions at a level appropriate to the significance of the issue. When the guide is updated this is communicated to all staff. The PRA has a dedicated Secretariat which supports and manages PRA’s internal governance and its associated committees. The Secretariat works with the entire business to schedule decisions in a timely manner within a centralized forward agenda and for pre-scheduled meetings. If there is a need for decisions to be taken in an emergency then the Secretariat have procedures in place to arrange ad-hoc meetings or, if appropriate, decisions can be made considered by written procedure. The PRA Board reserves to itself certain decisions, including supervisory decisions in relation to the largest and most systemically significant firms but delegates other decisions to the CEO of the PRA; in practice he is advised in relation to these decisions by the Supervision, Risk and Policy Committee. Details of these delegations are set out in “Delegations and Matters Reserved to the Board” which is published on the BoE website. The PRA policy on conflict of interest of the “appointed members” of the PRA Board is public. At the FCA there is a process for escalation of supervisory decisions in place and the criteria around decisions for escalation are set out and available to all Supervisors. There is a framework in place for business as usual (BAU) supervisory decisions such as sign-off of the Firm Evaluation (which sets out the supervisory approach for the coming regulatory period); Interim Review, Deep Dives findings letters, Risk Mitigation Programs, etc. Supervisory decisions outside of BAU are first escalated to the Divisional Supervisory Risk Committee (DSRC), a subcommittee of the Executive Regulatory Issues Committee (ERIC). Decisions may be escalated from DSRC to the FCA’s Executive Committee (ExCo) if appropriate. ExCo is the FCA’s final decision making body. The executive team is made up of the nine members of the ExCo, including the CEO, chief operating officer (COO), director of supervision and authorization, the director of enforcement and market oversight, and the director of strategy and competition. It discusses issues across all areas of the organization and is responsible for implementing the strategy set at Board level. The FCA’s Board sets ExCo’s strategy annually and gives ExCo its decision making powers. The Board is informed of certain ExCo decisions for further sign-off, e.g., significant spending decisions; changes to the FCA’s Handbook. Directors are required to declare any conflict of interest (S175 of the Financial Services Act 2012). The interested director absents him or herself from the discussion of matters relating to the conflict and is excused from review of papers prepared by, or for, the directors to the extent they relate to such matters. |
| EC 5 | The supervisor and its staff have credibility based on their professionalism and integrity. There are rules on how to avoid conflicts of interest and on the appropriate use of information obtained through work, with sanctions in place if these are not followed. |
| Description and findings re EC 5 | All staff in the PRA are covered by the BoE’s recently updated Code of Conduct. This document, which was rolled out in June 2015, brings together policies which previously existed in different places. The policies were also updated as a part of this process. The Code includes sections on records management and Information security as well as a broader range of policies around the management of potential sources of conflict of interest and impartiality (see http://www.bankofengland.co.uk/about/Documents/humanresources/ourcode.pdf). The FCA’s Code of Conduct is also public (see http://www.fca.org.uk/your-fca/documents/code-of-conduct). |
| EC 6 | The supervisor has adequate resources for the conduct of effective supervision and oversight. It is financed in a manner that does not undermine its autonomy or operational independence. This includes:
|
| Description and findings re EC 6 | The PRA and FCA have powers to require the payment of fees, with the cost of banking supervision being met by an annual fee (authorization being charged for separately). Their fee charging power is set out in FSMA (PRA in para. 31 of Schedule 1ZB and FCA in para. 23 of Schedule 1ZA). In making such rules, the PRA and FCA are required to follow the consultation procedures in S138I and M138J of FSMA. Budget and business planning takes place on an annual basis. The PRA budget includes provision of technology to equip staff with tools to carry out their roles. This is divided into ongoing support costs and investment in new technology. Much of the investment budget is targeted at adoption and implementation of European and national legislation. Travel budget to enable effective onsite work, cross-border cooperation and participation in relevant domestic and international meetings is also provided in the budget, and targeted at areas with a high requirement for travel such as Policy and International Banking areas. FSMA (S166) gives the PRA and the FCA power to require any regulated firm or member of its group, to provide it with a report by a skilled person.27 The PRA commissions the report and the firm concerned pays for a skilled person to produce it. This provides both the specialist resources and necessary expertise to review areas of concern identified within a firm and/or the effectiveness or remedial action a firm has taken. The PRA’s pay policy with regards to market position is that it aims to pay median against the private sector, and upper quartile against the public sector in order to attract, retain and motivate the key skills required within the BoE. The PRA’s salary scales are reviewed every two years. The identification of skills required and activity to rectify any skill gaps is conducted on an annual basis in the following ways:
In order to strengthen leadership across the organization, the PRA introduced developmental reviews for all senior leaders and reviewed its succession planning approach. The PRA also reviewed its leadership training and introduced 360 feedback for all managers. The PRA is doing work to articulate different technical and managerial career paths across the BoE—including when to think about building breadth versus depth. Applying for an internal job vacancy is the core promotion route for all staff. Additionally there is a promotion framework for experts, which can be applied to roles where there is a business requirement for longer than average tenure, and deep technical or professional experience. This process has typically been relevant for risk specialist roles, and involves a set of clearly defined promotion criteria. The most recent FCA fees consultation paper (CP 15/14) consulted on the proposed fees to raise the FCA’s Annual Funding Requirement (AFR) for 2015/16. CP 15/14 was published at the same time as the FCA’s 2015/16 Business Plan which set out how the AFR will be used to undertake the work program to achieve the FCA’s statutory objectives in 2015/16. The Business Plan includes the budget to:
S166 of FSMA gives the FCA and the PRA the power to obtain an independent view of aspects of a firm’s activities that cause them concern or where they require further analysis. The appointment of a skilled person can either be by the regulated firm or directly by the FCA. In each case, the FCA sets the scope of the review and the costs are borne by the regulated firm. The 2014/15 FCA Annual Report (Appendix 1) sets out details of the reviews undertaken, the skilled persons appointed and costs. The FCA budget and business planning process includes the determination of:
In the discussion with the supervisors and specialists and from the analysis of the documentation provided, the assessors perceived and found evidence of a situation of strain for staff, especially—but not only—as regards specialist resources. |
| EC 7 | As part of their annual resource planning exercise, supervisors regularly take stock of existing skills and projected requirements over the short- and medium-term, taking into account relevant emerging supervisory practices. Supervisors review and implement measures to bridge any gaps in numbers and/or skill-sets identified. |
| Description and findings re EC 7 | PRA supervisors bridge gaps in skill sets and knowledge through accessing training made available both through the central learning and development team and through local team-level training frameworks. The identification of skills required and activity to rectify is conducted on an annual basis. This includes a training needs analysis facilitated by the central team with input from across the supervision business areas; and a learning and development analysis conducted by individual supervisors and team managers through performance management. The FCA’s Annual Planning cycle includes people capability plans for each area looking at short and medium term capability needs. The supervisory function is represented on the ‘FCA Academy’ Advisory Group that directs investment in learning. |
| EC 8 | In determining supervisory programs and allocating resources, supervisors take into account the risk profile and systemic importance of individual banks and banking groups, and the different mitigation approaches available. |
| Description and findings re EC 8 | The frequency and intensity of the PRA’s supervisory activity varies across firms. The level of supervision principally reflects the PRA’s judgment of a firm’s potential impact on the stability of the financial system, and therefore its systemic importance; its proximity to failure and its resolvability. Those firms that are unlikely, individually, to create disruption to the wider financial system are subject to a baseline level of supervisory activity to ensure that they meet key prudential standards, whereas for higher-impact firms, the PRA makes use of a fuller selection of its supervisory tools. The PRA uses quantitative and qualitative analysis to allocate firms to five ‘categories’ of impact 1 to 5; 1 representing most significant firms with a capacity to cause major disruption to the U.K. financial system and 5 representing firms with a capacity to cause almost no disruption to the U.K. financial system. Supervisors also consider a firm’s proximity to failure when drawing up its supervisory plan. The PRA’s judgment about proximity to failure is captured in a firm’s position within the PIF; the framework aids supervisors in handling banks in times of stress. The supervisor assesses the firm against the PRA risk model to determine an overall assessment of the firm and a relative PIF rating. Additional work is performed, where necessary, to provide information on particular areas of concern, taking into account a firm’s resilience and resolvability, the prevailing market and economic conditions, and the business model of the firm. Supervisory concerns influence the PRA’s future supervisory program for a firm. For example, concerns about management, or systems and controls, influence the PRA’s attitude to the growth of a business, including via acquisition, or to new appointments to significant influence functions (SIF). The FCA considers risk to be the combination of impact and probability. It combines these impact and probability factors to obtain a measure of the overall risk posed to its statutory objectives. It then uses this measure to prioritize risks and make decisions on what its regulatory response should be. It also uses it to set its strategic aims and outcomes and to allocate resources based on its regulatory priorities. All firms are allocated a conduct categorization (C1 for the largest down to C4 for the smallest) on the basis of an impact score. Resources are then allocated on the basis of the conduct classification. For banks and building societies the impact scores are driven by total assets and liabilities and the number of depositors. The FCA then applies an additional weighting on the basis of sector. For example, retail banks’ impact score is higher than the score for investment banks as the FCA considers impact on retail consumers to be a significant additional factor in considering the risk posed by firms. C1 and C2 firms are allocated to a dedicated team of supervisors who undertake proactive supervision of these firms. The supervisory strategy is then set at a firm specific level by the Supervisory team on an annual or bi-annual basis. This includes deciding what proactive engagement meetings to undertake, what deep dives to do, etc. C3 and C4 firms do not have a named supervisor and are not subject to the same level of proactive supervision. Instead they are supervised on a cluster or thematic basis and when risks crystallize. Banking and insurance groups with the largest retail customer footprint (e.g., major U.K. retail bank and wholesale firms with the most significant market presence) are rated C1; there are normally between 10 and 12 C1 groups. In December 2014 the FCA announced a revised supervisory strategy to enable a more market-focused approach to identifying risks and supervising firms (see CP 8–EC 1). |
| EC 9 | Laws provide protection to the supervisor and its staff against lawsuits for actions taken and/or omissions made while discharging their duties in good faith. The supervisor and its staff are adequately protected against the costs of defending their actions and/or omissions made while discharging their duties in good faith. |
| Description and findings re EC 9 | FSMA provides that both the PRA, FCA and any person who is, or is acting as, a member, officer, or member of staff of either body is not liable in damages for anything done or omitted in the discharge, or purported discharge, of the PRA’s or FCA’s functions (para. 25 of Schedule 1ZA and para. 33 of Schedule 1ZB). There have been no examples where PRA staff have been liable for damages. However, this protection does not apply if the act of omission is shown to have been in bad faith, or unlawful as the result of S6(1) of the Human Rights Act (HRA) 1998.28 The regulators cover the legal costs of defending their staff in legal actions against them in relation to their work as PRA or FCA employees. They both have the power to require the payment of fees, to cover the costs of defending its actions. |
| Assessment of Principle 2 | Largely Compliant |
| Comments | The U.K. framework is compliant with the requirements of independence, accountability and legal protection for supervisors set in this principle. In particular, HMT powers of direction on the regulatory authorities do not appear to affect day to day supervision and there is no evidence that they have been used to constrain supervisory independence. While there are no legal provisions requiring that the motivation for removal of the head of the supervisory authorities be disclosed, there is no reason to think that such an extreme event would not attract intense public scrutiny in a system, like the British one, characterized by reasonably transparent and accountable public institutions. An element of limited compliance has been identified in the resourcing arrangements, especially for the PRA. In the discussion with the supervisors and specialists and from the analysis of the documentation provided, the assessors perceived and found evidence of a situation of strain on staff, especially—but not only—as regards specialist resources (e.g., see CP 16). This is certainly caused by the convergence of new and challenging projects, like the preparatory works for the structural reform (ring-fencing policy) and the SMR. It is a condition shared by many other supervisory authorities around the world, because of the intense effort to implement the vast post-crisis regulatory reform agenda. But in the case of the U.K. authorities, the strain on resources is intensified by the same nature of the U.K. financial sector and, in particular, by the status of London as global financial marketplace that attracts activities often at the frontier of financial innovation and demands an exceptional effort for the authorities to keep up with the evolution of risks in the firms they supervise. This strain is not expected to abate in the next future, as the authorities are likely to be increasingly absorbed by their ordinary supervisory schedule; by new promising—but demanding—activities (e.g., the CST, especially if it will extend to a wider range of firms); and by the challenges posed by the emergence of new risks (e.g., cyber risk). The dynamic nature of the London marketplace also entails a high degree of competition in the recruitment of particularly skilled resources (like the risk specialists). The PRA’s intent to pay median against the private sector is a reasonable policy, but does not ensure the level of staff retention that it would need: it is not uncommon for recent entry-level hires to consider a few years’ worth of experience at the supervisory authority as a springboard for a more profitable career in the private sector. The assessors found indirect confirmation of a potential difficulty by the supervisors (especially the PRA) in managing the consequences of their high churn rate in observations raised by a number of market participants: in particular, of a frequent rotation of their main counterparts (e.g., lead supervisors) and of the low relative seniority of the PRA personnel they sometimes find at meetings (e.g., senior managers interviewed by staff with five or less years of experience). It must be recognized that following the move to replace the single FSA with two focused regulators in the PRA and FCA, the cost of regulation and supervisory resources have increased. As reported in the recent NAO report into Regulating financial services, the “combined cost of their ongoing activities in 2013–14 is GBP 664 million–GBP 127 million (24 percent) higher than the 2012–13 cost of the FSA.” The combined budgets for 2015/16 of the PRA and FCA (based on AFR) is GBP 739.4 million. However, at least in the case of the PRA, the increase is in large part due to fees linked to the implementation of special projects, such as the structural (ring-fencing) reform. The PRA has committed itself to set its budget at a level “no higher than the flat real cost of operation” as it seeks to ensure that it is operating as efficiently as possible.29 While this is a commendable commitment by an authority accountable to the public and called to supervise a financial sector that is still dealing with the consequences of its past excesses, it entails a constant quest for resource optimization and the risk of potentially weakening the supervisory action. The question arises of whether a flat real cost of operation for the prudential supervisor of hundreds of firms (among which four global systemically important banks) is compatible with the perspective of a financial sector that, in the perception of the same authorities, is in the condition of growing further in real terms. The PRA also seems to be aware of these tensions and willing to address it through the ongoing revision of its Target Operation Model. Overall, the assessors realize that this is an extremely complex and almost intractable issue and do not think that they can recommend any easy solution (although some specific suggestions for measures partially addressing it are offered in some of the following CPs). Nonetheless, because of the size and complexity of the U.K. financial sector and of its centrality in the network of international financial connections, it represents an issue of globally systemic nature. As regards the technological equipment of the PRA, the assessors found—within their limited observation window—a generally satisfactory situation in terms of IT systems. But they also perceived a certain difficulty in flexibly aggregating data to respond to relatively simple requests; if confirmed, this would cast a shadow on the availability of flexible analytical capacity to appropriately feed the management information (MI) that supervisors and senior managers need. |
| Principle 3 | Cooperation and collaboration. Laws, regulations, or other arrangements provide a framework for cooperation and collaboration with relevant domestic authorities and foreign supervisors. These arrangements reflect the need to protect confidential information.30 |
| Essential criteria | |
| EC 1 | Arrangements, formal or informal, are in place for cooperation, including analysis and sharing of information, and undertaking collaborative work, with all domestic authorities with responsibility for the safety and soundness of banks, other financial institutions and/or the stability of the financial system. There is evidence that these arrangements work in practice, where necessary. |
| Description and findings re EC 1 | Art. 5 CRD establishes that MSs must have coordination measures with all domestic authorities responsible for supervision of “credit institutions, investment firms and financial institutions.” FSMA establishes a number of general coordination mechanisms between the PRA and FCA:
The PRA has never exercised, to date, its veto power over FCA action. There are also specific requirements in FSMA as to how the PRA and FCA will coordinate regulatory processes where both authorities are involved. This includes a duty to consult on relevant policy initiatives. In practice this collaboration often occurs at working level with oversight by directors through a policy coordination committee which meets quarterly. This ensures that both authorities have appropriate input into the process. In order to ensure a joined up and holistic approach to the supervision of firms, the FCA and the PRA have a series of MoUs in place. These are publicly available documents and include:31
The overarching MoU between the FCA and PRA sets out the requirement to establish domestic supervisory colleges for individual dual-regulated firms and groups to ensure that information is shared efficiently between the two regulators and that each has a complete overview of the firm. This approach is set out in Section 25 of the FCA/PRA MoU: http://www.bankofengland.co.uk/about/Documents/mous/prastatutory/moufcapra.pdf. In accordance with the MoU, FCA, and PRA directors meet quarterly to discuss policy coordination. This ensures that collaboration is thorough, constructive and at the appropriate level. Both the PRA and FCA report on performance against the MoU on a quarterly basis. This was most recently conducted in July 2015. This reporting identifies areas of risk in the PRA/FCA relationship, which can then be addressed at the policy coordination meeting or at working level if appropriate. The most recent policy coordination meeting, held in July 2015, included discussion of EU engagement, FSCS and the implementation of the SMR. Where the FCA and PRA firm classifications are not commensurate with each other, the minimum frequency of colleges is based on the higher of the firm’s FCA and PRA classifications unless the FCA and PRA Supervisors agree to base it on the lower classification. The PRA and FCA also work closely with the BoE and HMT to ensure the soundness of the U.K. financial system. The legislation provides for the co-operation of the PRA and the FCA with the BoE (S3Q), requiring both to take appropriate steps to cooperate with the BoE in the BoE’s pursuit of its financial stability objective. The BoE and PRA work closely with the FCA in the collection and management of regulatory data. Much regulatory data for PRA firms continues to be collected by the FCA. This includes reporting via the FCA’s GABRIEL system, the submission of firms’ controllers and close links reports and the reporting of changes to firms’ standing data.32 Coordination between the PRA and the FCA is assisted by the membership of their CEOs on each other’s Board. The FCA, PRA, and BoE are also members of the FPC. This is vital in supporting the flow of information across the different bodies and forging an understanding of approaches and likely reactions to events. At a working level, dedicated teams are responsible for co-coordinating analysis, and sharing information, across the FPC, FCA, and PRA. The CEO of the FCA is a voting member of the FPC and the FPC has the authority to make recommendations on a comply-or-explain basis to the FCA. There is also a MoU between HMT, the BoE, and the PRA on how they intend to coordinate the discharge of their functions in relation to financial stability or the public interest (S65 of the Financial Services Act 2012). Under the terms of the coordination MOU, the FCA, and PRA share data on firms, both dual regulated, and in some cases non-dual regulated, in order to maintain a complete view of the market. Performance against these requirements is reviewed quarterly at CEO level and proactive action taken to address issues as appropriate. Both organizations are required to publish a summary of coordination performance in their annual reports. An international coordination MoU sets out how HMT, the BoE, the PRA, and the FCA will ensure their engagement in international organizations is coordinated effectively (S66 of the Financial Service Act 2012). In their meetings with market participants the assessors recorded an overall positive opinion on the coordination and cooperation between domestic authorities: in the case of that between the PRA and FCA, it was perceived as better than initially expected. |
| EC 2 | Arrangements, formal or informal, are in place for cooperation, including analysis and sharing of information, and undertaking collaborative work, with relevant foreign supervisors of banks and banking groups. There is evidence that these arrangements work in practice, where necessary. |
| Description and findings re EC 2 | CRD Art. 6 establishes that NCAs should cooperate with the other authorities within the ESFS. CRD Art. 7 establishes that NCAs should consider the impact of their decisions on the financial stability of other EU members. CRD Art. 50 establishes that NCAs should cooperate with each other supplying information on management and ownership of institutions, and all information that can facilitate supervision and monitoring. CRD Art. 55 establishes that MSs and EBA can conclude Cooperation agreements with non-EU authorities to exchange information. CRD Arts. 56 and 57 establish the cases where exchange of information between authorities within the EU and outside the EU (see EC 3). CRD Art. 112, more specifically, describes the obligation of coordinating supervisory activities by the consolidating supervisor within the EU. CRD Art. 115 determines that cooperation arrangements need to be in place between the consolidating supervisor and the other NCAs. CRD Art. 116 establishes that the consolidating supervisor must establish colleges of supervisors. Including ensuring cooperation with relevant third country supervisors. The article describes the general tasks of a college. Level 2 regulation, directly applicable to all EU member countries: EBA drafted, and the EC issued, a regulatory standard (Regulation 524/2014) that specifies the information that NCAs must exchange with each other according to Art. 50. The EC issued an implementing regulation (Regulation 620/2014) that outlines operational procedures and sets out standard forms and templates for information sharing requirements, which are likely to facilitate the monitoring of institutions that operate through a branch or through the exercise of the freedom to provide services. EBA regulatory technical standards (RTS) and implementing technical standards (ITS) on operational functioning of colleges of supervisors (published in December 2014, not yet approved by the EC). In order for the PRA (and FCA) to carry out effectively their supervisory activities, it is necessary for them, at times, to share and receive confidential information with overseas authorities. Such information sharing must take place only where professional secrecy obligations are in place that is equivalent to those set out in certain EU Directives. The PRA (and FCA) are party to a number of Memoranda of Understanding (MoUs) with overseas authorities that facilitate such information sharing. There exist also the less formal agreements, known as ‘Exchange of Letters’ (EoLs). Neither MoUs nor EoLs are legally binding. Prior to April 1, 2013, the FSA was party to a series of MoUs (and EoLs) with overseas authorities; a number of these were jointly signed with the BoE. Under transitional provisions in the Financial Services Act 2012, the FSA’s MoUs continue in effect with the relevant successor U.K. authority/authorities (i.e., PRA, FCA, and/or BoE). Such MoUs underpin the supervisory relationship and cooperation that exists between the PRA (and the FCA) and its counterparts. They are instrumental in ensuring that supervisory colleges are able to function effectively, with the free flow of non-public / confidential information that facilitates effective supervision. The FCA maintains close contacts with most supervisory authorities, building even further on these relationships through its membership of various international committees, including International Organization of Securities Commissions (IOSCO), FSB, International Association of Insurance Supervisors (IAIS) and FATF. It is also a member of the European Securities and Markets Authority (ESMA) and actively engages with the EBA and EIOPA in coordination with the PRA. The FCA has MoUs in place with many supervisors around the world. These formalize the way the cooperating with each other. The FCA participates in supervisory colleges to ensure international co-ordination amongst supervisors of global groups. |
| EC 3 | The supervisor may provide confidential information to another domestic authority or foreign supervisor but must take reasonable steps to determine that any confidential information so released will be used only for bank-specific or system-wide supervisory purposes and will be treated as confidential by the receiving party. |
| Description and findings re EC 3 | CRD Arts. 53–62 address exchange of information and professional secrecy for prudential supervision. Art. 53 establishes that “confidential information which such persons, auditors or experts receive in the course of their duties may be disclosed only in summary or aggregate form, such that individual credit institutions cannot be identified, without prejudice to cases covered by criminal law; except in the case the bank has been declared bankrupt, confidential information which does not concern third parties involved in attempts to rescue that credit institution may be disclosed in civil or commercial proceedings, shall not prevent the competent authorities from exchanging information with each other or transmitting information.” Art. 55 of CRD, regarding cooperation with non-member countries, establishes that information can only be provided if it is subject to professional secrecy requirements equivalent to those of the EU. Arts. 56 and 57 establish that, provided secrecy requirements are maintained, exchange of information in the discharge of supervisory functions is allowed with(i) other supervisory authorities; (ii) macroprudential authorities; (iii) “reorganization bodies;” (iv) deposit protection schemes; (v) liquidation authorities; and (vi) auditors. Authorities must communicate to EBA the names of all authorities that may receive information. Confidential information (i.e., any information which relates to the business or affairs of the person or firm in question unless already public or anonymized) that the PRA or FCA may receive in the course of carrying out its functions is subject to the restrictions on disclosure out in S348 FSMA. However, S349 FSMA and the FSMA (disclosure of confidential information) Regulations (SI 2001/2188) provide particular “gateways” which allow the PRA and FCA to lawfully disclose confidential information to certain persons and bodies specified in these Regulations. The PRA and the FCA are able to disclose information to EEA and non-EEA regulatory authorities only for the purpose of the discharge of the functions of those authorities as regulatory authorities. So the PRA/FCA must take steps to ascertain that a possible recipient will only use the information for those purposes, in order to satisfy themselves that they have power to share the information. The confidential information restrictions in S348 FSMA then apply to any recipient of the information (they follow the information around, so to speak). Persons or bodies to whom the PRA or FCA discloses confidential information are subject to the restrictions set out in S348 FSMA. In the EEA, supervisors are also subject to the restrictions on the use and disclosure of confidential information received from another authority which are set out in the single market directives, such as the CRD IV or the EU BRRD. As regards non-EEA authorities, the terms of the MoUs typically stipulate that confidential information disclosed by the disclosing authority may only be used by the recipient authority for supervisory purposes, and contain terms relating to the confidential treatment of that information by the recipient authority. |
| EC 4 | The supervisor receiving confidential information from other supervisors uses the confidential information for bank-specific or system-wide supervisory purposes only. The supervisor does not disclose confidential information received to third parties without the permission of the supervisor providing the information and is able to deny any demand (other than a court order or mandate from a legislative body) for confidential information in its possession. In the event that the supervisor is legally compelled to disclose confidential information it has received from another supervisor, the supervisor promptly notifies the originating supervisor, indicating what information it is compelled to release and the circumstances surrounding the release. Where consent to passing on confidential information is not given, the supervisor uses all reasonable means to resist such a demand or protect the confidentiality of the information. |
| Description and findings re EC 4 | CRD Arts. 53–62 address exchange of information and professional secrecy for prudential supervision. Art. 54 of CRD states that authorities receiving confidential information from NCA and auditors shall use it only in the course of their duties and only for any of the following purposes: (i) to check that the conditions governing access to the activity of credit institutions are met and to facilitate monitoring, on a non-consolidated or consolidated basis, of the conduct of such activity, especially with regard to the monitoring of liquidity, solvency, LE, and administrative and accounting procedures and internal control mechanisms; (ii) to impose penalties; (iii) in an appeal against a decision of the competent authority including court proceedings; and (iv) in court proceedings initiated pursuant to special provisions provided for in Union law adopted in the field of credit institutions. Art. 57 details the capacity of information exchange with members and non-member authorities responsible for liquidation, protection schemes, and auditors. Art. 59 details that information can be transmitted to parliamentary enquiry committees, courts of auditors, and other entities in charge of enquiries in the MS, under certain conditions (proper mandate, need to know, professional secrecy requirements, agreement of the originating NCA). Information obtained from onsite inspections cannot be disclosed without the express consent of the NCA who performed the inspection. The PRA and FCA (in common with other public bodies in the United Kingdom) make available to the public information relating to their regulatory functions. This is subject to two important exemptions. First, personal data is excluded; it continues to be subject to the Data Protection Act 1998 regime. Secondly, information subject to statutory restrictions on disclosure is excluded. This includes confidential regulatory information, as defined in S348 of FSMA, which is not publicly available (see also response to EC 3). FSMA and the FSMA (disclosure of confidential information) Regulations do not impose an obligation on the PRA or FCA to disclose particular information to other bodies (except when regulatory action or litigation is being taken under or for the purposes of FSMA). The PRA and FCA are however under a statutory duty to co-operate (including the sharing of information) with overseas regulators and with other persons in relation to the prevention and detection of financial crime. In these Regulations, Regulation 4 sets out the cases in which disclosure may be made for criminal proceedings and investigations, while Regulation 5 sets out the cases in which disclosure may be made in civil proceedings. Essentially, disclosure in the latter is permissible only in cases which relate to the statutory functions of the PRA and FCA. The PRA would strongly resist disclosure and as a matter of courtesy the PRA would, where appropriate, let a supervisory authority know where information had been disclosed and circumstances surrounding that disclosure. Where the information comes from an EEA competent authority, the PRA would regard notification of onward disclosure as falling within the obligation on competent authorities to cooperate closely with each other under Art. 117 CRD. In cases where the PRA is required to disclose such information, the PRA can request that the information be heard by the court in camera. |
| EC 5 | Processes are in place for the supervisor to support resolution authorities (e.g., central banks and finance ministries as appropriate) to undertake recovery and resolution planning and actions. |
| Description and findings re EC 5 | BRRD sets the framework for interaction between competent and resolution authorities in recovery planning (Arts. 6 and 8), resolution planning (Arts. 11 and 14), early intervention (Art. 27), assessment of conditions for resolution (Art. 32 and EBA guidelines on determination of failing or likely to fail), notifications obligations (Art. 81), and resolution colleges (Art. 88). For cooperation with nonmembers, Art. 88 says that the resolution authorities of third countries where a parent undertaking or an institution established in the Union has a subsidiary institution or a branch that would be considered to be significant “were it located in the EU” may, at their request, be invited to participate in the resolution college as observers, provided that they are subject to confidentiality requirements equivalent, in the opinion of the group-level resolution authority, to those that apply to EEA authorities. Art. 90 establishes that information provided by third-country resolution authority can only be transmitted onward with the consent of the third-country resolution authority. Arts. 93–98 establish cooperation with non-EU countries. Art. 97 establishes the cooperation with third-country authorities regarding resolution, which allows EBA to conclude non-binding arrangements with foreign authorities, based on which individual resolution authorities or NCAs may conclude non-binding cooperation arrangements with these countries. Member countries must notify EBA of arrangements with third-country authorities. The EU resolution authorities may refuse to recognize enforcement of non-EU member countries resolution proceedings if there are adverse effects on financial stability, adverse fiscal effects in the EU, or if depositors in the EU would not receive the same treatment as the depositors in the non-EU country. (Art. 95). The United Kingdom implemented the requirements of the BRRD from January 1, 2015. The BoE as the U.K. resolution authority has the responsibility for the resolution of a failing bank, building society and certain investment firms and their group companies, under the Banking Act 2009.33 The resolution regime covers PRA-regulated firms and certain FCA-regulated investment firms incorporated in the United Kingdom. The regime sets out the objectives that the BoE must pursue when it carries out a resolution, as well as the formal responsibilities under the Act to consult the other U.K. authorities—the PRA, the FCA, and HMT—when placing a firm into the resolution regime and when choosing which of the regime’s tools to use. The Act provides a clear framework for use of the regime, with defined roles for each authority. In practice, all of the authorities will co-operate closely both in the run up to, and during, a failure. The roles are:
A core aspect of the PRA’s approach is to ensure preparedness for either recovery or resolution of a failing firm.34 The PRA’s rules help the BoE in its role as the resolution authority by requiring firms to provide key data to be used in resolution plans which will set out how the firm will be resolved in an orderly manner without causing systemic disruption. The assessors reviewed an MoU meant to facilitate rapid info exchange and cooperation and liaison, to address info sharing in crisis/emergency situations between supervisory authorities for recovery and resolution planning purposes (bilaterally and/or through any Crisis Management Group (CMG) to which both parties are members and at least one party is the home authority); to offer mutual support in the supervision of branches (in particular, in relation to home state supervision of recovery and resolution plans). |
| Assessment of Principle 3 | Compliant |
| Comments | The U.K. authorities appear to have established fairly effective cooperation and collaboration arrangements between domestic authorities; this, in particular, has allowed to mitigate the feared coordination failures generated by the switch from a single supervisor (the FSA) to the twin-peak regulatory architecture (PRA and FCA). International cooperation has also progressed both at bilateral (MoUs) and multilateral level (colleges of supervisors, CMG, and resolution groups). |
| Principle 4 | Permissible activities. The permissible activities of institutions that are licensed and subject to supervision as banks are clearly defined and the use of the word “bank” in names is controlled. |
| Essential criteria | |
| EC 1 | The term “bank” is clearly defined in laws or regulations. |
| Description and findings re EC 1 | Although legislation does not define the term “bank,” the FSMA 2000 (Regulated Activities) Order 2001 (“FSMA 2000”) sets out definitions of activities subject to regulation under the Act, including the acceptance of deposits. So while the relevant legislation does not define the term “bank,” it does define activities that are subject to regulation. For more detail, the PRA Rulebook’s Glossary does define a bank as “(i) a firm with a part 4A permission to carry on the regulated activity of accepting deposits and is a credit institution, but is not a credit union, friendly society, or a building society; or (ii) an EEA bank.” |
| EC 2 | The permissible activities of institutions that are licensed and subject to supervision as banks are clearly defined either by supervisors, or in laws or regulations. |
| Description and findings re EC 2 | FSMA 2000 (Regulated Activities) Order 2001 defines activities subject to supervision, including the acceptance of deposits. The PRA supervises all banks and building societies under its authority using the same prudential regulatory regime, though some differences may exist in terms of what applies to each kind of institution. The PRA applies a special prudential regime to credit unions, which is outlined in the Credit Union Sourcebook. |
| EC 3 | The use of the word “bank” and any derivations such as “banking” in a name, including domain names, is limited to licensed and supervised institutions in all circumstances where the general public might otherwise be misled. |
| Description and findings re EC 3 | Under the Companies Act 2006 and “Company, Limited Liability Partnership and Business Names (Sensitive Words and Expressions) Regulation” 2014, any use of the word “bank” or a derivative thereof requires review by the FCA, which has the ability to reject the use of the name “bank” or a derivative in a firm’s name if it could create confusion for the public. |
| EC 4 | The taking of deposits from the public is reserved for institutions that are licensed and subject to supervision as banks.35 |
| Description and findings re EC 4 | All institutions with the ability to accept deposits are subject to supervision by the PRA. Any institution seeking to take deposits from the public must receive permission under Part IV of FSMA 2000 or be exempt from that requirement. As an example of the latter case, firms chartered in EEA jurisdictions as banks are permitted to establish a branch in the United Kingdom or to provide cross-border banking services under the “passporting” regime within EU law. |
| EC 5 | The supervisor or licensing authority publishes or otherwise makes available a current list of licensed banks, including branches of foreign banks, operating within its jurisdiction in a way that is easily accessible to the public. |
| Description and findings re EC 5 | The PRA and FCA maintain the Financial Services Register as a public record that shows details of firms, individuals and other bodies that are, or have been, regulated by the PRA and/or the FCA. Separately the PRA publishes lists of banks and building societies and branches of foreign banks on a monthly basis on its website. |
| Assessment of Principle 4 | Compliant |
| Comments | Although the name “bank” is not defined in U.K. laws, the use of this name and the related concept of “building society” are strictly controlled through legislation and the PRA’s and FCA’s rules. Accepting deposits is clearly identified as an activity requiring authorization, and only firms authorized to accept deposits may use the name “bank” or “building society.” Consequently, U.K. authorities are in compliance with this core principle. |
| Principle 5 | Licensing criteria. The licensing authority has the power to set criteria and reject applications for establishments that do not meet the criteria. At a minimum, the licensing process consists of an assessment of the ownership structure and governance (including the fitness and propriety of Board members and senior management) of the bank and its wider group, and its strategic and operating plan, internal controls, risk management and projected financial condition (including capital base).36 Where the proposed owner or parent organization is a foreign bank, the prior consent of its home supervisor is obtained. |
| Essential criteria | |
| EC 1 | The law identifies the authority responsible for granting and withdrawing a banking license. The licensing authority could be the banking supervisor or another competent authority. If the licensing authority and the supervisor are not the same, the supervisor has the right to have its views on each application considered, and its concerns addressed. In addition, the licensing authority provides the supervisor with any information that may be material to the supervision of the licensed bank. The supervisor imposes prudential conditions or limitations on the newly licensed bank, where appropriate. |
| Description and findings re EC 1 | The PRA is the authorizing agency and is the lead regulator in the U.K. Institutions seeking to engage in an activity regulated by the PRA and FCA must apply to the PRA for authority to do so under S55A (2) of FSMA 2000. The PRA can approve an applicant only with the consent of the FCA and the application is managed jointly by both agencies. Since the date of the transfer of authority from the legacy FSA to the PRA and FCA (April 1, 2013, also known as the “legal cutover date”), 13 banks have received either authorization to provide services as a new bank or variations of existing authorizations; of these successful applications, three were authorizations for non-U.K. banks to establish branches in the United Kingdom. An exception exists for EEA banks that operate in the United Kingdom through a local branch on a European “passport” and that have a home regulator from another EEA member jurisdiction. Such firms are automatically authorized to do business in the United Kingdom under Schedule 3 to FSMA 2000 once the firm has completed the necessary notification procedure. As part of the authorization process, either the PRA or the FCA may impose conditions or limitations that become binding at the point of authorization. After a firm receives authorization to conduct regulated activities in the United Kingdom, both the PRA and the FCA have the power to remove or amend the firm’s Part 4A permission to receive deposits. These conditions or limit |