News Update Financial Regulatory

In this News Update we discuss: DNB's industry-wide analysis of reinsurance policies of small and medium-sized non-life insurers; and the AFM's imposition of EUR 1.6 million administrative fine on BUX B.V. for breach of inducement ban.

We further highlight some other financial regulatory publications issued since our last News Update. 

DNB identifies shortcomings in reinsurance policies of small and medium-sized non-life insurers

In 2024, De Nederlandsche Bank (DNB) conducted an industry-wide analysis (in Dutch) of the reinsurance practices at five small and medium-sized non-life insurers. The study aimed to gain greater insight into the appropriateness of reinsurance programmes at this diverse group of institutions, prompted in part by developments such as the hardening of the reinsurance market and emerging climate risks.

The project followed a structured approach consisting of six steps: data analysis, documentation review, establishment of a standards framework, selection of institutions, interviews, and final assessment and reporting. Central to the study were four positively formulated hypotheses focused on the following: the fit between reinsurance policy and risk appetite, Solvency II compliance, proper incorporation into solvency capital requirement (SCR) calculations and disclosure, and the role of the actuarial function holder (AFH).

Initial findings showed considerable variation in the depth and detail of policy documents. At three of the five insurers surveyed, it was found that the reinsurance programmes were not demonstrably in line with the stated risk appetite, which was often described in limited terms of solvency thresholds only. In addition, some insurers lacked a clear link between capital policies, 'own risk and solvency assessment' (ORSA) scenarios and reinsurance policies. Explicit documentation and governance were found to be weak points. 

Shortcomings also emerged in terms of reporting by the AFH, including inadequate recording of risk appetite, insufficient linkage to practice, and gaps in reinsurance policy coverage. 

Another area of focus concerned asset-intensive reinsurance. This construction, involving large reinsurance recoverables, is increasing internationally and carries significant risks. In this context, an amendment to the Financial Supervision Act (wet op het financiële toezicht, 'FSA') came into effect on 1 January 2025, requiring ex-ante assessment of the prudent person principle for certain contracts. In doing so, insurers themselves will remain responsible for demonstrating compliance.

In the future, DNB's supervision will continue to focus on the adequate embedding of risk management around reinsurance, requiring insurers to critically evaluate their policy and documentation.

AFM fines BUX B.V. EUR 1.6 Million for breach of inducement ban

On 18 November 2024, online broker BUX B.V. was penalised with an administrative fine (published in Dutch) of EUR 1.6 Million by the Dutch Authority for the Financial Markets (AFM). The fine was imposed for breaching the inducement ban outlined in Article 168a(1) of the Market Conduct Supervision (Financial Institutions) Decree (Besluit gedragstoezicht financiële ondernemingen Wft). The penalty covers the period between 1 January 2022 and 20 April 2023. 

BUX, which offers retail consumers execution-only investment services, was fined for using a 'Friends Programme' and an 'Affiliate Programme' to draw in new clients. Under the Friends Programme, an existing client referred a friend who was to become a new client. Both the new and the existing client received a free share upon account activation. The Affiliate Programme entailed collaborations with comparison websites and finfluencers who were compensated for providing leads subsequently onboarded by BUX. 

AFM claimed that these incentives were illegal inducements. Whereas European law limits inducements mainly for independent investment services advice and portfolio management, Dutch law enforces the prohibition more broadly, even for execution-only services. After all, the regulator argued, by influencing the product selection or service choice, incentives for these services can still jeopardise clients' interests.

BUX challenged the decision, arguing that their programmes did not contravene the purpose of the inducement regulations, which is to prevent misselling, and that the restrictions do not apply to execution-only services. Additionally, BUX said that the benefits were transparent, non-contingent, and occasionally non-monetary (such as the free share). Moreover, BUX claimed that previous correspondence from AFM implied that no official action would follow.

AFM rejected these arguments. It underlined that in order to avoid skewing client decision-making, Dutch law had intentionally expanded the inducement ban to cover execution-only services. Additionally, the regulator noted that both programmes continued well after BUX received a clear warning in 2021. Ultimately, AFM determined that the infractions were significant and sufficiently culpable to warrant an administrative fine. 

The initial base fine, under Article 1:81 FSA and Article 10 of the Administrative Fines (Financial Sector) Decree (Besluit bestuurlijke boetes financiële sector), was lowered from EUR 2.5 Million to EUR 1.6 Million, based on BUX's cooperation and the relatively minor market impact.

On 11 March 2025, the Dutch court denied BUX's request to postpone the fine's publication, reaffirming that the free share was a monetary incentive and that the inducement ban applies to execution-only services as well. The ruling emphasises the significance of compliance, especially in areas that appear to be grey, and upholds AFM's stringent position on inducements in retail investing services.

Other financial regulatory publications

We have highlighted a selection of other publications by legislatures and regulators for the financial markets and financial supervision since our February 2025 News Update.

AFM

• On 11 March 2025, AFM published news (in Dutch) on how they are enforcing CSRD requirements. The European Commission (EC) recently put forward the Omnibus Proposal, which aims to simplify CSRD reporting requirements. Despite this curtailment, AFM is maintaining the phase-in path, with large listed companies complying with CSRD requirements in stages starting in 2024. AFM urges companies and audit firms to continue to prepare for CSRD compliance.
  
  

DNB

• DNB published a news item (in Dutch) saying it would refrain from implementing environmental, social and governance (ESG) report statements for pension funds. The market consultation showed that the added value of supplementary carbon dioxide data is currently insufficient and that the sector is already heavily burdened by the Future Pensions Act (Wet Toekomst Pensioenen).
• DNB published a news item about a new obligation for Dutch insurers planning an initial public offering (IPO). Since 1 January 2025, they must first apply to DNB for a declaration of no objection (DNO). This obligation stems from an amendment to Article 3:97 FSA. The DNO is required when an insurer changes its capital structure by, for example, applying for a stock exchange listing for shares or other controlling securities. DNB assesses the application based on criteria from Article 3:101 FSA. This includes an assessment of solvency, the sound and prudent management of the insurer, and whether the IPO could possibly lead to an undesirable development within the financial sector.
• On 1 April 2025, DNB will start requesting DORA information registers, which financial institutions must submit no later than 23 April 2025. This obligation stems from the Digital Operational Resilience Act (DORA), which requires institutions to keep an up-to-date register of all contractual agreements with third parties providing ICT services. The registration triggers the European process of designating 'critical ICT providers'. In principle, reporting must be provided in the xBRL-CSV format, with a table-oriented structure. To accommodate institutions that cannot yet implement this format in time, DNB published a news item providing a standardised Excel template for this round. The financial institution itself remains responsible for the completeness and accuracy of the data. 
• DNB investigated the use of artificial intelligence (AI) at insurance providers and concluded in a news item (in Dutch) that AI is being used more frequently for risk assessment, fraud detection, client-related services and more. Although insurers see possibilities in the areas of efficiency and customer experience, applications for capital optimisation are still underutilised. Key bottlenecks include poor data quality, outdated infrastructure and lack of internal expertise. DNB calls on insurers to take risks seriously, including the risk of reputational damage, and notes that the European Insurance and Occupational Pensions Authority (EIOPA) will probably publish guidelines concerning the topic later in 2025.

ESAs

• The European Supervisory Authorities (ESAs) issued an opinion on changes made by the European Commission (EC) to the Regulatory Technical Standard (RTS) on outsourcing of ICT services under DORA. The EC deleted Article 5 and related items because these rules on outsourcing chain monitoring were outside the DORA mandate. The ESAs agree with the modifications, recommend no further changes, and urge early adoption of the modified RTS.
• The ESAs published guidelines for estimating annual costs and losses from major ICT-related incidents under DORA. The guidelines provide that financial institutions should report the total financial impact of major ICT failures, including direct and indirect costs, and add that reporting must be based on financial data from the annual financial statements, including any corrections from previous years. Coming into effect on 19 May 2025, the guidelines are binding on all financial institutions within the EU. 
• The ESAs published guidelines for the classification of crypto-assets under the Markets in Crypto-Assets Regulation (MiCAR). The guidelines provide a standardised approach for determining whether a crypto-asset is considered a utility token, asset-referenced token (ART) or electronic money token (EMT). The key points relate to a standardised test, under which investors and regulators are provided with a flow chart and templates to assess which MiCAR category a crypto-asset falls within, and the requirement for a legal opinion to be provided to determine whether certain crypto-asset products fall under MiCAR. The guidelines come into effect on 12 May 2025. 
• EIOPA recommended in a news article that the EC apply a uniform 100% capital requirement to all crypto-assets of EU insurers and reinsurers, regardless of balance sheet treatment or nature of exposure. This measure should ensure a prudent and harmonised approach to crypto-assets, given their high volatility and risks. Currently, crypto-assets lack specific regulation under Solvency II, leading to inconsistent classifications and risk assessments. According to EIOPA, existing capital treatments underestimate risk. Although insurers' current exposure is limited, EIOPA stresses that a future, more differentiated, framework may be needed as crypto-assets become more widely adopted and markets evolve. 
  
  

The Dutch Government

• The Dutch House of Representatives is now considering the bill (in Dutch) to implement Regulation (EU) 2024/886. This law will amend the Bankruptcy Act (Faillisementswet) and the FSA and aims to integrate instant payments in euros into the supervisory framework. Payment service providers will be required to offer instant transfers at the same cost as regular transfers, and a name verification obligation is introduced. In addition, the law modifies the screening procedure of sanction lists and enables direct participation of payment and electronic money institutions in payment systems.
• Finance Minister Heinen sent the Dutch House of Representatives the research report “Warnings on investing” (Waarschuwen bij beleggen), concerning warnings regarding low-risk investment products (in Dutch). The research shows that an adapted warning can have slightly positive effects by having a stronger deterrent effect on investors without a sufficient financial buffer than on investors with sufficient savings. The Minister calls on investment firms to conduct further practical research and to remain in dialogue with AFM. Market participants are encouraged to translate new insights into clearer, more effective warnings within the legal frameworks.
  
  

If you have any further questions, please do not hesitate to contact Berry van Wijk, Juan Vervuurt, Lisanne Haarman or Gijs Hamelijnck.