NEWS UPDATE FINANCIAL REGULATORY

In this News Update we discuss: the latest developments in crypto-asset regulations for banks; the EUR 3.7 million penalty imposed on Santander Consumer Finance for irresponsible lending; and the judgment of the General Court (Fourth Chamber) on the assessment of reputation and professional competence due to the acquisition of a qualifying holding in HKB Bank GmbH.

We further highlight some other financial regulatory publications issued since our last News Update. Subscribe here to the News Update Financial Regulatory via the button below.

Update on developments in crypto-asset regulations for banks

CRR3 transitional regime on crypto-assets

Revision of the Basel crypto standard

Santander Consumer Finance fined EUR 3.7 million for irresponsible lending

The Dutch Authority for the Financial Markets (AFM) published a news item (in Dutch) on a EUR 3.7 million penalty imposed on Santander Consumer Finance (SCF) for irresponsible lending. The AFM inspected ten SCF client files to assess whether SCF was complying with the credit rules. These rules prescribe that loan providers must collect information on clients' financial situation and that they are not permitted to extend any credit if that would be irresponsible. The lending standards method (leennormenmethodiek) can be used to determine whether lending would be responsible, based on the client's income and expenses. This method is laid down in codes of conduct of sector organisations. Loan providers that have committed themselves to this method must properly apply it. The AFM considers this method to be the minimum required to give effect to the open standard within the credit rules. On infringement, the AFM can impose penalties on the infringers, such as Santander Consumer Finance. 

The AFM considered SCF's infringement serious as excessive lending can cause consumers to run into difficulties and can disrupt the level playing field in the credit market. In 2019, the AFM had also imposed a penalty on SCF's legal predecessor for this reason, which is why the penalty amount was increased. SCF has adjusted its processes and has compensated some of the clients affected.

Judgment of the General Court (Fourth Chamber) on the assessment of reputation and professional competence due to the acquisition of a qualifying holding in HKB Bank GmbH, PH and Others v ECB, ECLI:EU:T:2024:460

ON 10 July 2024, the General Court of the European Union dismissed an action for annulment of a decision of the European Central Bank (ECB) that opposes the acquisition of a qualifying holding in HKB Bank GmbH by four applicants (PH, PI, PJ and Socrates Capital Ltd). The General Court dismissed the action as inadmissible insofar as it was brought by the holding's seller, as that party was not directly and individually concerned by the decision. The General Court also dismissed the action insofar it was brought by the proposed acquirers, as the ECB had not exceeded or infringed its discretion when assessing whether the applicants met the criteria of good repute, financial soundness and compliance with prudential requirements and anti-money laundering and counter-terrorist financing (AML/CTF) requirements. The General Court confirmed that the ECB was entitled to examine the professional competence of the proposed acquirers in relation to the criterion of good repute. The General Court dismissed all the applicants' arguments and ordered them to pay the costs.

Other financial regulatory publications

We have highlighted a selection of other publications by legislatures and regulators for the financial markets and financial supervision since our June 2024 News Update.

Banks and credit service providers

• The AFM published ten principles (in Dutch) to facilitate the change management process in lending. Their purpose is to support the sector in tightening IT change management and credit approval processes. 
• DNB published a news item (in Dutch) on the deposit guarantee scheme having crossed the EUR 5 billion mark. This means that it now meets the requirements of the EU Directive on Deposit Guarantee Schemes.
• The European Banking Authority (EBA) has extended the existing Joint Committee Guidelines on complaints handling to credit servicers under the Directive on Credit Servicers and Credit Purchasers (Directive (EU) 2021/2167). When handling complaints from borrowers, credit servicers (as defined in the Directive) are required to apply the same effective and transparent procedures as other firms in the banking, insurances and securities sectors. The Guidelines cover the complaints management policy, complaints management function, registration, reporting, follow-up, provision of information and procedures for responding to complaints. 
• A legislative proposal for the Act Implementing the Credit Servicers and Credit Purchasers Directive (Implementatiewet richtlijn kredietservicers en kredietkopers) was published, introducing a permit requirement and continuous supervision for servicers of non-performing credit agreements in the Financial Supervision Act (Wet op het financieel toezicht). Requirements are also imposed on credit purchasers, the parties that take over banks' non-performing credit agreements. Finally, the proposal contains a few amendments to Book 7 of the Dutch Civil Code and the Economic Offences Act (Wet op de economische delicten). The documents sent to the Council of State have been published, including the draft Explanatory Memorandum (in Dutch), the draft Implementing Act itself (in Dutch) and the AFM's implementation test (in Dutch). The next stage will be the debate in the Dutch House of Representatives. 
  
  

Crypto service providers

• The daily newspaper Het Financieele Dagblad (FD) published an article (in Dutch) on the limited financial resources that the Ministry of Finance is making available for the AFM's supervision of the crypto sector. FD obtained the documents for its research by invoking the Open Government Act (Wet open overheid). The AFM has repeatedly asked for more budget to enable proper supervision, especially in view of new EU crypto legislation (MiCAR). The AFM has warned that its current budget does not allow it to adequately respond to the risks in the crypto sector and will diminish its influence in a European context. The Ministry considered three supervision scenarios: 'basic, intensive and minimal', and opted for the minimal scenario. This is the 'lower limit for effective supervision', according to the AFM. Experts and lawyers have expressed concerns about this reticent approach, as the risks in the crypto sector are considerable and fraudsters are difficult to trace. In an FD op-ed piece (in Dutch) of 30 July 2024, legal experts and addiction experts voiced their surprise at and criticism of the Ministry's stance. They claim that the AFM actually needs more money to properly supervise the crypto sector, which is considered a 'product damaging to health'. They warn that the social damage of cryptos might be underestimated and that future regulation and supervision might need to be intensified. They find it regrettable that there is still no pan-European crypto supervision, despite the AFM's efforts.
• The European Securities and Markets Authority (ESMA) published the second Final Report under the Markets in Crypto-Assets Regulation, covering eight draft technical standards that aim to provide more transparency for retail investors, clarity for providers on certain technical aspects and certain data standards to facilitate supervision by National Competent Authorities (NCAs). 
• The European Supervisory Authorities (ESAs) published a consultation paper on Guidelines under the Markets in Crypto-assets Regulation, establishing templates for explanations and legal opinions regarding the classification of crypto-assets along with a standardised test to foster a common approach to classification.
  
  

DORA

• The AFM published a checklist for organisations that have to comply with the Digital Operational Resilience Act (DORA). 
• ESMA announced that the ESAs (EBA, EIOPA and ESMA) are to establish an EU systemic cyber incident coordination framework (the EU-SCICF), in the context of DORA. This will facilitate an effective financial sector response to a cyber incident that poses a risk to financial stability, by strengthening the coordination among financial authorities and other relevant bodies in the European Union. 
• The ESAs published a second batch of policy products under DORA: four final draft regulatory technical standards (RTS), one set of implementing technical standards (ITS) and two guidelines, all of which aim to enhance the digital operational resilience of the EU's financial sector. The package covers the following topics: the content, format, templates and timelines for reporting major ICT-related incidents and significant cyber threats (RTS and ITS), the harmonisation of conditions enabling the conduct of oversight activities (RTS), criteria for determining the composition of the joint examination teams (RTS), threat-led penetration testing (RTS), the estimation of aggregated costs/losses caused by major ICT-related incidents (guidelines) and oversight cooperation (guidelines).
• The ESAs subsequently published additional draft regulatory technical standards on the elements which a financial entity needs to determine and assess when subcontracting ICT services supporting critical or important functions. The RTS aim to establish a common framework for monitoring the ICT risks along the subcontracting chain for these services.
  
  

Sustainability

• The AFM published ten waypoints for a sound application of the Corporate Sustainability Reporting Directive (CSRD). The CSRD will come into effect for large listed companies from the 2024 financial year. The double materiality analysis plays a key role in this. 
• ESMA published a Final Report on the Guidelines on Enforcement of Sustainability Information and a Public Statement on the first application of the European Sustainability Reporting Standards (ESRS). These documents aim to facilitate consistent application and supervision of sustainability reporting rules.
• On 24 July 2024, ESMA published an opinion on sustainable investments, in which it sets out its vision of how the EU sustainable finance regulatory framework should function in the long term and provides some recommendations.
  
  

Trusts

• DNB issued an instruction to trust office CIS Management BV (CIS) for serious deficiencies in its systematic integrity risk analysis (SIRA). DNB found that CIS's SIRA, which should form the basis for its client due diligence, had been deficient for a number of years. The instruction involved amending and updating the SIRA. CIS has in the meantime complied with the instruction, but also received an administrative penalty of EUR 156,250 for inadequate client due diligence in accordance with the requirements of the Act on the Supervision of Trust Offices 2018 (Wet toezicht trustkantoren 2018). 
  
  

Insurers

• The European Insurance and Occupational Pensions Authority (EIOPA) published an opinion on the supervision of captive insurance and reinsurance undertakings, with a particular focus on intra-group transactions, the prudent person principle and governance. The opinion is addressed to NCAs and outlines the supervisory expectations while taking into account the specificities of captive insurers' and reinsurers' business models.
  
   

AML/CTF legislation, sanctions regulations and CDD

• DNB published a news item (in Dutch) with a further explanation of the section on sanctions regulations in the DNB Guideline on the Anti-Money Laundering and Anti-Terrorist Financing Act and the Sanctions Act (Leidraad Wwft en Sw). The Dutch Association of Insurers (Vereniging van Verzekeraars) had pointed out to DNB that this section could cause confusion. The provisions concerned stipulate when an entity is to be considered the property of a sanctioned person and how this ownership is to be established.
• DNB published a news item on the fine imposed on trust office Pan-Invest BV for its inadequate client due diligence. The EUR 467,180 fine was imposed because Pan-Invest had provided trust services without carrying out sufficient client due diligence. Trust offices must not enter into a business relationship or provide a trust service until client due diligence has been carried out that meets the legal requirements as set out in the Trust Offices (Supervision) Act 2018.
• It is possible to respond to a consultation (in Dutch) on a new International Sanction Measures Act (Wet internationale sanctiemaatregelen), following a preconsultation in 2023. This proposed Act aims to modernise the Sanctions Act 1977 (Sanctiewet 1977), as the scope and complexity of international sanction measures have strongly increased and continue to evolve.
  
  

Case law

• On 18 July 2024, the Arnhem-Leeuwarden Court of Appeal gave a judgment in a case on a financing agreement with an interest rate review clause and exit fee for early termination. The borrower demanded repayment of the exit fee, asserting that the lender had made an unreasonable interest rate review offer that compelled the borrower to pay back the loan to limit the damage. The Court of Appeal decided that the lender had not yet made a concrete offer and there was no actual or imminent non-performance. The Court therefore denied the claim for repayment of the exit fee.
• On 12 July 2024, the Rotterdam District Court issued a ruling imposing a EUR 750,000 penalty on flatexDEGIRO Bank AG as DeGiro BV's legal successor for violations of AML legislation. The Court also reduced the original penalty imposed by the AFM and the District Court because of measures taken and because the term had been exceeded.
• On 11 July 2024, the Court of Justice ruled in a preliminary ruling (Case C-409/22) that a power of attorney bearing an 'apostille' certificate does not, in itself, constitute a payment instrument under Payment Services Directive 2, but the procedures agreed between the account holder and the payment service provider can indeed be classified as such. The Court stated that the payment service provider had to demonstrate that the account holder had authorised the payment transaction and that the fact that the power of attorney was formally regular was not sufficient to that end.
• On 18 June 2024, the Commission of the Dutch Institute for Financial Disputes (Kifid) issued a decision on the duty of care of an intermediary and an insurer. After a burglary in a vacant home in which copper wiring had been stolen, the intermediary denied the claim due to limited cover. The consumers accused the intermediary and insurer of having violated their duty of care, but the Commission ruled that only the intermediary had been negligent in its provision of information on cover in the case of vacancy. The Commission held that the insurer could not be blamed, as it did not have an advisory role. Nevertheless, the consumers' claim was denied.