I INTRODUCTION

The Netherlands has a long history as an open trading nation with household-name institutions such as ING Bank, cooperatively owned Rabobank and ABN AMRO operating worldwide. The Dutch banking sector is highly concentrated, with this same small group of systemically important banks accounting for the bulk of domestic lending to households and businesses. The lion's share of Dutch savings is held in accounts with these banks, which also handle most payment processing. Measured against the size of the Dutch economy, the banking sector is large. Although on a downward trend since pre-crisis years, in 2018, the size of its assets relative to the gross domestic product of the Netherlands still amounted to nearly 350 per cent.2

Dutch banks reported strong profits in 2018 as well as healthy risk-weighted and unweighted capital ratios. Banks profited from a still strongly performing Dutch economy, a booming housing market, and from the cost-cutting and digitalisation efforts of earlier years. In regulatory terms, banks continued to put considerable effort into the implementation of a number of important EU rules and regulations that entered into force in early 2018.3 A major money laundering scandal and public indignation at ING Bank's proposed CEO pay package underscored banks' continued exposure to compliance and reputational risks. Other risks to the business models and operations of Dutch banks include political uncertainty, technological disruption and cybercrime.

II THE REGULATORY REGIME APPLICABLE TO BANKS

i Basic structure of banking regulation

The Netherlands has a twin peaks supervision model, which focuses on system and prudential supervision on the one hand, and conduct of business supervision on the other. The European Central Bank (ECB) and the Dutch Central Bank (DCB) are the system and prudential supervisors. The responsibility for conduct of business supervision lies with the Netherlands Authority for the Financial Markets (AFM), the aim being to foster orderly and transparent market processes, maintain integrity in the relationship between market parties and overseeing due care in the provision of services to customers. This cross-sectoral functional approach is reflected in the Dutch Financial Markets Supervision Act (FMSA), which has been in force since 2007. The FMSA and the various decrees and regulations deriving from it include the majority of regulatory rules that apply to the financial markets. Many of the rules contained in the FMSA follow the implementation of European directives.4 However, with the aim of further integrating the single market, more and more regulatory requirements are adopted in the form of European regulations.5 In view of the increasing complexity of the FMSA and difficulties in its compatibility with the sectoral approach of European legislation, in 2016 the first tentative steps were taken towards a thorough review of the design of the FMSA, although this is not expected to affect the substantive rules. During 2018, the review remained a work in progress at the Ministry of Finance, and it is not clear when further papers or proposals can be expected.

ii Regulation of banks with a registered office in the Netherlands

Banks established in the Netherlands are required to obtain a banking licence from the ECB. The DCB is responsible for the processing of licence applications. To obtain a banking licence, banks must, inter alia, comply with the following requirements:

  1. the day-to-day policymakers of a bank and its management team members must be suitable for the banking business;6 in addition, the members of the supervisory board (or comparable body) should also be suitable for the performance of their supervisory tasks;
  2. the integrity of the persons determining or co-determining the day-to-day policy, the management team members and the members of the supervisory board (or comparable body) of the bank must be beyond doubt;
  3. the bank must have sound and prudent business operations, including procedures and measures for adequate risk management and client acceptance;
  4. at least two natural persons should determine the day-to-day policy of the bank and perform their activities from within the Netherlands;
  5. the supervisory board (or comparable body) should consist of at least three persons;
  6. the bank must have a transparent control structure safeguarding adequate supervision; and
  7. the bank must comply with certain financial safeguards, such as minimum own funds, solvency and liquidity requirements.

Once a licence has been granted, a bank must continue to comply with these requirements. Dispensation may be granted from certain specific requirements for obtaining a banking licence provided the applicant demonstrates that he or she cannot reasonably comply with the requirements, and that the objectives the requirements seek to protect can be achieved through alternative means. To stimulate innovation in the financial sector, the DCB, since 2017, is also open, where appropriate, to more tailor-made solutions for innovative products, services or business models through its regulatory sandbox.7

In January 2019, the formal application period for a banking licence was changed from 13 weeks to 26 weeks.8 This allows the DCB and the ECB to rely less on stop-the-clock information requests, and will give applicants a more realistic view of the required decision-making time. Other recent changes to the application process include the obligation to prepare an exit plan, which should identify how the applicant could cease its banking operations in an orderly manner when so required. In March 2018, the ECB published two guides detailing the process and requirements for acquiring a banking licence in the eurozone.9 In January 2019, these guides were supplemented with more specific expectations regarding capital requirements and the programme of operations.10

If a bank wishes to render investment services or perform investment activities in the Netherlands, it must apply for a wider banking and investment firm licence. In this case, there are additional requirements that relate to the conduct of business requirements with which investment firms need to comply. A licensed bank does not need a separate licence for the provision of payment services or certain other financial services also regulated under the FMSA, such as the offering of (consumer) credit, providing advice about financial products (other than financial instruments) and acting as an intermediary with respect to such products. The services involved, however, need to be covered by the banking licence, and the bank involved is subject to additional conduct of business rules when offering such services (see Section IV).

Since 2016, the FMSA contains a separate regime for credit unions, defined as cooperatives of members sharing a certain profession or business that take repayable funds from their members and grant credits for their own account to their members for the purposes of their profession or business. For this reason, Dutch credit unions will be formally exempted from the regular rules of banking regulation in the forthcoming amendment of CRD IV and the CRR.11

iii Regulation of foreign banks and activities

In general, branches of foreign banks established to carry out regulated banking activities in the Netherlands are subject to the same licence requirements and ongoing obligations as banks with a registered office in the Netherlands. This means that these branches usually require a banking licence. However, foreign banks with their registered office in another EU or EEA Member State may conduct banking activities through a branch office or on a cross-border basis in the Netherlands using a European passport. On this basis, banks from other eurozone countries may conduct banking activities in the Netherlands under their ECB banking licence, provided the ECB has been notified thereof. Similarly, banks with their registered office in an EU or EEA Member State that is not a eurozone country may conduct banking activities in the Netherlands under their home Member State banking licence following a notification procedure in their home Member State. Those non-eurozone banks holding a European passport in the Netherlands are directly supervised by the ECB. The DCB remains responsible for the supervision of non-EEA banks that have established a branch or provide cross-border services in the Netherlands.

III PRUDENTIAL REGULATION

i Relationship with the prudential regulator

As the prudential supervisor of the most significant Dutch banks,12 the ECB has far-reaching investigatory and supervisory powers under the Single Supervisory Mechanism (SSM) Regulation.13 In addition, the ECB has at its disposal the supervisory powers granted to the DCB under the FMSA. To the extent necessary to carry out the tasks conferred on it by the SSM Regulation, the ECB may require the DCB to use these powers.14 The ECB is also exclusively responsible for the withdrawal of a banking licence of both significant and less significant Dutch banks. The DCB will in principle exercise its enforcement powers under the FMSA regarding the banks that are identified as less significant. Under the FMSA, the DCB is entitled to enter any place for inspection and may request information from any party. The DCB is also entitled to request business data and documents for inspection and to make copies of these. Everyone is obliged to fully cooperate with the DCB.

If the DCB concludes that a bank has violated a rule under the FMSA or, if applicable, a European regulation, it may take enforcement action. The DCB can choose from various enforcement measures and sanctions, including but not limited to:

  1. imposing a certain course of action to comply with the FMSA (instruction order);
  2. appointing one or more persons as trustee over all or certain bodies or representatives of a bank;
  3. imposing a particular duty, backed by a judicial penalty for non-compliance;
  4. imposing an administrative fine;
  5. publishing an imposed duty or fine on the DCB's website and by press release;
  6. imposing a suspension of voting rights of shareholders or partners responsible for a breach of a bank's licence or declaration of no objection requirement (see Section VI);
  7. imposing a temporary ban against a natural person who is held responsible for non-compliance with the CRR provisions from exercising his or her functions; and
  8. imposing certain measures including, but not limited to, higher solvency or liquidity requirements and the termination of banking business activities with a high risk to the solidity of the banks.

The liability of the DCB (and the AFM) under the FMSA is limited to wilful misconduct and gross negligence. In July 2018, rules entered into force to make financial sector supervision by the DCB (and the AFM) more transparent. The regulators were given greater powers to publish warnings and decisions in the event of infringements of the FMSA and to periodically publish overviews of key data of individual banks.15

ii Management of banks

Most Dutch banks are limited liability companies. Although a statutory basis exists for the creation of a one-tier board structure, limited liability companies in the Netherlands traditionally have a two-tier board structure composed of a managing board and a supervisory board. The managing board is responsible for carrying out the company's day-to-day affairs. As such, a bank's managing board is responsible for compliance with the FMSA. Rules on managing and supervisory boards and their members are set out in great detail in various EU, ECB and DCB guidelines, a number of which have recently been revised.16 They contain guidance as regards, inter alia, integrity and suitability, sufficient time commitment, independence, supervisory board committees and their composition, and on the maximum number of executive and non-executive positions a board member may hold.

The managing and supervisory boards are jointly responsible for compliance (on a comply or explain basis) with the Dutch Corporate Governance Code (if applicable) and the Dutch Banking Code. Adherence to the former is mandatory for listed Dutch banks.17 It includes principles that are held to be generally accepted, as well as detailed best practice provisions relating to both managing and supervisory boards, general meetings, the auditing process and the external auditor.18 The Banking Code contains principles that are based on the Corporate Governance Code, but focuses on the managing and supervisory boards, risk management, auditing and remuneration policy of banks.19 The Banking Code applies to all banks with a banking licence under the FMSA, and compliance is monitored by a special monitoring commission. The Dutch Banking Association recommends that the Banking Code be applied by all entities that operate in the Netherlands (irrespective of their country of incorporation), including banks operating under a European passport.

Restrictions on remuneration

A far-reaching Act on financial sector remuneration has been in force since 2015. One of the most important restrictions is the bonus cap, which holds that the variable remuneration of all persons working under the responsibility of banks with their registered office in the Netherlands, and Dutch branches of banks outside the EEA, may not exceed 20 per cent of the fixed component. Several exceptions apply, including for persons working predominantly in another country, or persons working for the EEA top holding of a group whose staff work predominantly in another country, and, subject to approval by the DCB or the ECB, for retention bonuses. In such cases, the maximum variable remuneration is as set out in CRD IV: 100 per cent of the fixed component or, depending on the exception, 200 per cent subject to shareholder approval.

The Act also restricts severance payments. Moreover, the supervisory board may (and under certain circumstances must), inter alia, claw back bonuses where payment was based on incorrect information or the non-achievement of underlying objectives, and revise bonus payments if these were unacceptable according to standards of reasonableness and fairness. The rules also provide for a statutory ban on bonuses for management (and certain others) of state-aided banks. In March 2017, the DCB introduced a tweak to the bonus cap in that the international holding exemption would be available not only to Dutch global top holdings of financial groups but also to EEA top holdings, thus making the Netherlands more attractive for EEA top holdings of non-EEA financial groups.

An evaluation of the remuneration rules was completed in 2018. Following this evaluation, the Minister of Finance announced he would, in addition to the existing restrictions of variable pay discussed above, introduce a number of restrictions to fixed pay. Directors and employees in the financial sector who receive part of their fixed pay in shares or similar instruments whose value depends on the performance of the company will have to retain these for at least five years. Furthermore, financial undertakings will have to describe in their remuneration policy how the remuneration of its directors and employees is proportional to the firm's role in the financial sector and its position in society. Subject to advice from the Council of State, expected at the end of Q1 2019, the Minister of Finance is also considering the introduction of a claw back of fixed pay for directors of systemically relevant banks in cases of state aid. Finally, the exception from the bonus cap for persons falling outside the scope of collective labour agreements will be restricted. Another evaluation will be scheduled in five years.

In March 2018, opposition parties in Parliament proposed an act that would require the award of all fixed remuneration to directors of systemically relevant Dutch banks to be subject to ex ante approval by the Minister of Finance, who would have to assess whether it fits a sound, proper and sustainable remuneration policy, taking into account public support. The ECB has indicated that the act does not conflict with its own powers. However, the proposal was heavily criticised by the Council of State, and it is very uncertain that it will gather enough support be adopted.

iii Regulatory capital and liquidity

Rules of prudential supervision are provided for in the CRR and its various regulatory and implementing technical standards on a European level, and in the FMSA, the Decree on Prudential Supervision FMSA and regulations issued by the DCB on a national level. These rules relate to, inter alia, solvency (regulatory capital), liquidity and additional supervision with respect to financial conglomerates.

Solvency

Licensed banks are required to be sufficiently solvent. The Decree on Prudential Rules FMSA provides that a bank's solvency is sufficient if the bank complies with the requirements set out in Part 3 of the CRR. These requirements include both quantitative requirements (i.e., a Common Equity Tier 1 (CET1) capital ratio of 4.5 per cent of the bank's risk-weighted assets (RWA), a Tier 1 capital ratio of 6 per cent of a bank's RWA and a total capital ratio of 8 per cent of a bank's RWA) and qualitative requirements (conditions that own-fund items and subordinated liabilities must meet to qualify as CET1 capital, Additional Tier 1 capital or Tier 2 capital). The DCB or the ECB also impose an additional bank-specific Pillar 2 buffer following the supervisory review and evaluation process (SREP) when they identify risks not adequately covered by the standard capital requirements. In addition, since 2016 the DCB and the ECB also communicate their expectations for banks to hold additional own funds in the form of capital guidance. This practice has been included in the latest EBA SREP guidelines, and will be given a formal basis in the forthcoming amendments to CRD IV and the CRR. In November 2018, the ECB published guidance setting out its expectations of banks' internal capital adequacy assessment process.20

The DCB has issued a regulation on the specific provisions set out in CRD IV and the CRR (DCB CRD IV and CRR regulation). The DCB CRD IV and CRR regulation sets out how the DCB uses certain options and discretions that the CRR grants to competent national authorities, including a number of (transitional) provisions set out in the CRR, and implements the method for calculating the maximum distributable amount. In 2016, the ECB set out how it will use these options and discretions in relation to significant banks, and issued guidance on the exercise of those options and discretions by competent national authorities in relation to less significant banks.21 The ECB also annually publishes a recommendation on dividend distribution policies, which should take into account capital demand due to future changes in the EU's legal, regulatory and accounting frameworks.22

Capital buffers

CRD IV prescribes four capital buffers:

  1. a capital conservation buffer equal to 2.5 per cent CET1 capital;
  2. an institution-specific countercyclical capital buffer of, in principle, between zero and 2.5 per cent CET1 capital;
  3. a global systemically important institutions (G-SII) buffer of, in principle, between 1 and 3.5 per cent CET1 capital; or another systemically important institutions (O-SII) buffer of a percentage, in principle, of between zero and 2 per cent CET1 capital; and
  4. as a Member State option, a systemic risk buffer of, in principle, between 1 and 3 per cent CET1 capital.

With regard to the G-SII, O-SII and systemic risk buffers, in principle only the highest of the three applies. In the Netherlands, the G-SII buffer only applies to ING Bank (1 per cent), and the O-SII buffer applies to ING Bank, Rabobank, ABN AMRO (each 2 per cent) and de Volksbank and BNG Bank (both 1 per cent). The government has chosen to apply a systemic risk buffer of 3 per cent to ING Bank, Rabobank and ABN AMRO. The DCB has kept the countercyclical capital buffer at zero per cent since its introduction in 2016. It continues to review the necessity of increasing this percentage on a quarterly basis. In 2019, the phase-in period of the capital buffers ended; they are now applicable in full.

Banks can be subject to a combination of buffers, referred to as the combined buffer requirement. When banks fail to meet the combined buffer requirement, specific restrictions apply and certain measures may be imposed, such as a limitation to make distributions or payments in connection with their CET1 and Additional Tier 1 instruments, and the required production of a capital conservation plan, including at least an estimate of income and expenditure and a forecast balance sheet, measures to increase the capital ratios, and a plan and time frame for increasing own funds with the objective of meeting the combined buffer requirement.

Liquidity

Banks must hold a sufficient amount of liquid assets.23 Since 2018, the previous Dutch liquidity requirements and reporting rules have been fully replaced by the two liquidity requirements of the CRR: the liquidity coverage ratio (LCR) and stable funding requirements. The LCR, as further specified in the LCR delegated regulation, has a binding minimum of 100 per cent.24

For the stable funding requirement, only a general rule currently exists, requiring institutions to ensure that their long-term obligations are adequately met with a diversity of stable funding instruments under normal and stress conditions. A binding minimum standard for a net stable funding ratio (NSFR), as agreed upon by the Basel Committee, will be introduced in 2021, following the amendment of CRD IV and the CRR.

In addition to these requirements, the DCB normally also imposes bank-specific liquidity requirements as part of a bank's Pillar 2 requirement, such as regarding specific liquidity survival periods and diversification of sources of funding and liquidity, including through an NSFR proxy requirement. In November 2018, the ECB published a guide to the internal liquidity adequacy assessment process for significant banks.25

Leverage ratio

Banks are required to calculate their leverage ratios in accordance with the methodology set out in Part 7 of the CRR, report them to the relevant supervising authority and disclose them. In January 2016, the Basel Committee agreed upon a binding minimum leverage ratio of 3 per cent. This requirement is expected to be introduced in the EU in the second half of 2019 at the earliest, following the amendment of CRD IV and the CRR. The Basel Committee also agreed on an additional leverage ratio buffer requirement for G-SIIs. This buffer will also be included in the forthcoming amendment of CRD IV and the CRR. The Dutch government has argued for the extension of this buffer to O-SIIs. However, the current amendment of CRD IV and the CRR will only include an instruction to the Commission to carry out an appropriateness study for such extension.

Consolidated application of regulatory capital and liquidity requirements

The above-mentioned capital, liquidity and leverage requirements apply to banks on both an individual and consolidated basis. The DCB or ECB may, when certain criteria are met, waive the requirement to comply on an individual basis. The capital and leverage requirements apply on the basis of the consolidated situation of a bank's highest holding entity in each Member State and in the EU as a whole. The liquidity requirements must be met on the basis of the consolidated situation of the highest holding entity in the EU. In addition, the application of the capital requirements on a sub-consolidated basis applies in the case of subsidiary banks, investment firms and financial institutions in a third country.

Supplementary supervision of banks in a financial conglomerate

The Financial Conglomerates (FICO) Directive was implemented in the FMSA and the Decree on Prudential Supervision of Financial Groups FMSA.26 The FICO Directive introduced the supplementary supervision of banking (insurance and investment) activities carried out in a financial conglomerate. The rules relate, inter alia, to supplementary capital adequacy requirements, risk concentration, intragroup transactions, internal control mechanisms and risk management processes. The holding company of a financial conglomerate must calculate the supplementary capital adequacy in accordance with certain methods described under the FMSA.

DCB policy rule in respect of EBA guidelines

In December 2017, the DCB issued an updated policy rule that lists which of the European supervisory authorities' guidelines it applies. This includes practically all guidelines issued by the EBA, including the Guidelines on internal governance, the Guidelines for the joint assessment of the elements covered by the SREP, and the Guidelines on sound remuneration policies.27

iv Recovery and resolution

Bank Recovery and Resolution Directive and Single Resolution Mechanism Regulation

The Dutch Act implementing the Bank Recovery and Resolution Directive (BRRD) entered into force in 2015, and the Single Resolution Mechanism Regulation became fully applicable in 2016.28 These two legal acts, with the international agreement on the transfer and mutualisation of contributions to the Single Resolution Fund, provide a comprehensive European framework for the recovery and resolution of banks. The rules aim to ensure that:

  1. banks and authorities make adequate preparation for crises;
  2. supervisory authorities are equipped with the necessary tools to intervene at an early stage when a bank is in trouble;
  3. resolution authorities have the necessary tools to take effective action when bank failure cannot be avoided, including the power to bail-in creditors; and
  4. banks contribute to an ex ante funded resolution fund.

The DCB has been designated as the national resolution authority for the Netherlands. However, on the basis of the Single Resolution Mechanism (SRM), for significant banks and other cross-border groups in the eurozone, the Single Resolution Board (SRB) is the competent resolution authority in cooperation with the national resolution authorities. In a 2017 communication, the DCB has set out a number of technical details on how it intends to use the bail-in tool.29 For example, conversion of liabilities by bail-in will result in the creation of claim rights, which are transferable and entitles holders to new shares once issued.

During the course of 2018, the SRB and the DCB continued the process of drafting resolution plans for the major Dutch banks and of setting each bank's minimum requirement for own funds and eligible liabilities (MREL). In 2018, the SRB split its cycle in two waves: less complex banks will receive their first binding MREL target in Q1 2019, while for the most complex banks, new binding MREL targets will be set in Q3–Q4 2019 on both consolidated and individual levels, following the decision-making process in the resolution colleges. The SRB plans to set binding targets for all banking groups under its remit by 2020. MREL targets for complex banks are expected to average around 25 per cent of RWA.30

Meanwhile, the rules for the calibration and method of calculation of the MREL have already been subject to review. The EU Banking Reform Package, on which the EU institutions reached agreement in February 2019, will see a sweeping revision of the MREL requirements, in particular by aligning them with the international standard for total loss-absorbing capacity (TLAC), which was finalised by the Financial Stability Board in 2015.31 Once these new rules are in force, the SRB and the DCB will adapt their policy accordingly.

Deposit insurance

The Dutch deposit insurance framework is based on the (third) Deposit Guarantee Scheme (DGS) Directive, which has been in force since 2015.32 The framework comprises an ex ante funded guarantee scheme to which banks must contribute on a quarterly basis. The fund should reach a target level of 0.8 per cent of insured deposits. The guarantee covers natural persons and businesses, with the exception of financial undertakings and governments, for an amount up to €100,000. In July 2017, the DCB adopted a number of more detailed rules in relation to the Dutch DGS. Most importantly, the DCB introduced a new pay-out system in which banks must compile and deliver a uniform single customer view, containing an overview of customers' deposits and other relevant data. The new system will enable the DCB to meet the requirement of the DGS Directive that, by 2024, the payout of insured deposits must be made within seven business days of a bank's failure.33 In August 2018, the Minister of Finance submitted a proposal to Parliament, supported by the Dutch banking sector, clarifying how banks can use customers' personal identification numbers in implementing their DGS obligations.34 In February 2019, the DCB also implemented a number of tweaks to the detailed rules to further clarify the DGS framework.35

Progress on the European Commission's proposal for a European Deposit Insurance Scheme (EDIS), first circulated in 2015 to reinforce deposit protection by mutualising national deposit guarantee funds in the eurozone, continued to be slow in 2018. A number of Member States, including the Netherlands, insist that further risk reduction must precede further risk sharing. In January 2019, the Eurogroup decided that EDIS discussions would move from a technical to a more political level by establishing a high-level working group that is due to report in June 2019.

Dutch Intervention Act

Ahead of the BRRD and the SRM Regulation, Dutch rules for bank recovery and resolution were introduced by the Dutch Intervention Act in 2012. Pursuant to this Act, the DCB had the power to take various measures in respect of banks if it perceived signs of dangerous developments regarding a bank's solvency or liquidity. These powers have largely been replaced by those following the implementation of the BRRD. The powers granted by the Act to the Minister of Finance to take immediate measures if he or she is of the view that the situation of a bank causes a serious and immediate danger to the stability of the financial system continue to apply. These include the temporary suspension of shareholder voting rights, the suspension of management or supervisory board members, and the expropriation of assets or liabilities of a bank or its parent companies with a corporate seat in the Netherlands.

IV CONDUCT OF BUSINESS

i Conduct of business rules

Conduct of business rules for banks are for the most part set forth in the FMSA. Compliance with many of these rules is supervised primarily by the DCB or the ECB when relating to governance, risk management, solvency and liquidity. Compliance with the remaining conduct of business rules, including those set out in the Decree on conduct of business supervision FMSA, is supervised by the AFM. These rules mostly relate to the activities of a bank as a financial services provider, a payment services provider or an investment firm (providing investment services or investment activities). This means that, in practice, a bank will be subject to conduct of business rules that are supervised by the AFM if it:

  1. provides investment services or performs investment activities (rules relating to, inter alia, client classification, the provision of information, know your customer requirements, conflicts of interest, best execution, inducements and customer order handling rules);
  2. offers or advises on mortgage or consumer credit or offers electronic money to consumers (requirements as to, inter alia, adequate measures to protect clients' rights, outsourcing and the availability of an internal complaints regulation); or
  3. provides payment services (requirements as to, inter alia, information obligations of the payment service provider towards its (potential) clients and the availability of an internal complaints regulation).

ii Consumer and mortgage credit

Under the FMSA, banks must comply with certain conduct of business rules when offering credit to consumers. Irrespective of the credit amount, additional requirements may apply to banks (and other entities) pursuant to both the Dutch Civil Code and the Act on Consumer Credit.36 The additional rules stem mainly from the implementation of the Consumer Credit Directive.37 These rules relate to the civil law relationship between the bank and the consumer or borrower, and include requirements with respect to pre-contractual information, the form and contents of the credit agreement, and the consumer's right to rescind a credit agreement up to 14 calendar days after entering the agreement. Violation of the rules may lead to civil liability. When offering consumer credit, banks must also take into account the 2012 Code of Conduct for Consumer Credit as drawn up by the Dutch Banking Association.

The FMSA and the Civil Code contain specific rules in relation to retail mortgage loans, stemming mainly from the implementation of the Mortgage Credit Directive.38 The rules concern, inter alia, creditworthiness assessments, information obligations and consumer rights in cases of early repayment and arrears and foreclosures. In 2017, the AFM provided further guidance on costs that may be imposed in the case of early repayment, requiring banks also to revisit calculations of mortgages provided since 2016.39 In November 2018, the Minister of Finance also proposed to limit the costs banks can charge when customers want to change their interest rate during the fixed-interest period.40

iii Payment services

As a result of the implementation of the first Payment Services Directive (PSD1), payment service providers are subject to certain conduct of business requirements under both the FMSA and the Civil Code.41 The rules in the Civil Code relate to the civil law relationship between a payment service provider and client, including:

  1. the payment service contract governing the execution of payment transactions;
  2. the amendment and termination of such a contract;
  3. the required consent of the payer regarding the execution of a payment transaction;
  4. the right of withdrawal;
  5. the maximum period to execute payment transactions; and
  6. costs and liability.

The AFM supervises compliance with all conduct of business rules, including those under the Civil Code. The Dutch Authority for Consumers and Markets (ACM) supervises competition issues relating to access to payment systems.

In December 2018, the act implementing the Payment Services Directive 2 (PSD2) was belatedly adopted by Parliament. PSD2 modernises the current rules on payment services by opening the EU payment market to payment initiation service providers, introducing new security requirements and enhancing consumer rights.42 The act finally entered into force on 19 February 2019. In October 2018, the European Court of Justice clarified that a savings account from which payment and withdrawal transactions could only be made through a current account does not qualify as a payment account within the meaning of PSD1.43 Meanwhile, the EBA has set up a working group to identify and resolve issues that have been raised with the use of application programming interfaces under PSD2.44

The rules implementing the Payment Accounts Directive, in force since 2016, contain requirements for banks and payment service providers on transparency and comparability of fees, and on the facilitation of access to, and switching between, payment accounts.45

iv Anti-money laundering and terrorist financing

Pursuant to the Dutch Prevention of Money Laundering and Terrorist Financing Act, licensed banks (and other financial institutions) are subject to a number of obligations so as to prevent money laundering and terrorist funding. Adequate client identification forms an important part of these obligations. Banks must identify clients with whom they intend to establish a continuing business relationship in the Netherlands, or with whom they enter into an incidental transaction, or a series of related transactions, worth €15,000 or more. If a bank suspects that a transaction is related to money laundering or terrorist financing, the Financial Intelligence Unit (FIU) of the Netherlands must be notified. The FIU is designated to receive information relating to suspicious transactions, to investigate and, if necessary, to report the transactions to the Public Prosecutor to initiate criminal proceedings. In July 2018, new anti-money laundering (AML) rules entered into force, belatedly implementing the Fourth Anti-Money Laundering Directive, which, with its accompanying regulation, had been adopted in 2015.46 The new rules facilitate the work of FIUs in identifying and following suspicious transfers and in the exchange of information between FIUs, and establishes a coherent policy towards non-EU countries with deficient AML regimes. It also introduces a centralised register with information on all ultimate beneficiary owners (UBOs). This UBO register has not yet been established in the Netherlands, and a separate draft act was submitted to Parliament in April 2019.

Meanwhile, following a number of money laundering scandals across Europe in 2018, AML remains high on the agenda of both legislators and regulators. in May 2018, the Fifth Anti-Money Laundering Directive was adopted.47 The Directive will extend the scope of the rules to virtual currencies and pre-paid cards, further enhance the role and powers of the national FIUs, and provide clearer rules on the nature of and access to UBO information. The Directive will also introduce a requirement to establish a centralised data retrieval portal through which authorities can get timely and automatic access to information on bank accounts. The Minister of Finance has already consulted on a draft act to establish such portal in June 2018.48 A draft act for the implementation of the remainder of the Fifth Anti-Money Laundering Directive was published in December 2018.49 In March 2019, the Council and the European Parliament agreed on a proposal to strengthen the powers of the EBA in enforcing AML rules.50 Dutch banks are currently also exploring possibilities to cooperate in meeting their AML requirements.

v Bankers' oath, code of conduct and disciplinary measures

Dutch banks must ensure that all persons with an employment contract with them, or who otherwise carry out activities that are part of the operation of a banking business or its essential supporting business processes, take the bankers' oath. The bankers' oath is linked to the bankers' code of conduct and a set of disciplinary measures. A foundation established by the Dutch Banking Association supervises compliance with the code of conduct, and can impose disciplinary measures, including reprimands, fines and a temporary ban from carrying out a function in the banking sector. The foundation's disciplinary commission deals with an increasing number of cases and frequently hands out disciplinary measures, in many cases a reprimand or a temporary ban from working in the banking sector.

vi Banking secrecy

There is no specific legal provision on banking secrecy in the Netherlands. As a general principle, Dutch law requires banks to keep all client data confidential. This requirement has various sources of origin, including custom, general principles of contract law (i.e., reasonableness and fairness) and the obligation of due care, which stems in turn from the general banking conditions used by most banks in the Netherlands. Several exceptions to the banking secrecy requirement apply. The more general exception provides that a bank is authorised to disclose client data to third parties, including regulatory authorities or supervisors, if it is under a statutory obligation to do so (see Section III.i). Violation of banking secrecy may result in civil liability as a result of a breach of contract or, as the case may be, tort law. Obviously, and perhaps more importantly, violating bank secrecy may also lead to reputational damage.

V FUNDING

Dutch banks raise funds from different sources, including deposits (corporate and non-corporate), interbank transactions (including ECB transactions) and capital markets funding. In general, Dutch banks are more dependent on financing through the financial markets than other European banks. This is because they lend more than banks in other countries, which is due, inter alia, to above-average high mortgage loans. The relatively large financing deficit, in combination with a relatively large financial sector in the Netherlands, causes Dutch banks to be vulnerable to problems in the capital markets.51 The gradual reduction of the loan-to-value limit and increasing competition on the mortgage market from non-banks is expected to reduce this vulnerability.52

Over the past few years, Dutch banks have increased their capital ratios up to the new requirements, largely by de-leveraging and de-risking their balance sheets and by retention of profits. However, in recent years many Dutch banks have also launched successful issues of Additional Tier 1 instruments to meet the new leverage ratio and MREL requirements (see Section III.iv).

In December 2018, an amendment to the Dutch Bankruptcy Act entered into force, implementing the Directive regarding the ranking of unsecured debt instruments in the insolvency hierarchy.53 This change, welcomed by many banks, allows banks to issue senior non-preferred or Tier 3 debt, ranking junior to senior debt, but senior to subordinate debt and capital instruments, to fulfil their MREL or TLAC requirement. A number of Dutch banks, including Rabobank and ABN AMRO, had already included the possibility of issuing senior non-preferred notes in their funding programmes.

VI CONTROL OF BANKS AND TRANSFERS OF BANKING BUSINESS

i Control regime

Supervision of participations in banks

The Acquisitions Directive has been implemented in the FMSA.54 Each person who holds, acquires or increases a qualifying holding in a bank with a corporate seat in the Netherlands requires a declaration of no objection (DNO) from the ECB.55 The DCB is responsible for processing the DNO application. A qualifying holding is a direct or indirect holding of 10 per cent or more of the issued share capital of the bank, direct or indirect voting power, or a right to exercise equivalent control of 10 per cent or more within the bank. This definition is subject to certain aggregation principles: for instance, voting rights held through subsidiary companies or voting agreements are to be included.56 Provided the integrity of the person holding the qualifying holding is beyond doubt, the DNO will be granted unless another ground for refusal applies. A DNO will be refused if:

    1. the integrity of the proposed acquirer or the persons who as a result of their qualifying holding can determine the day-to-day policy of the bank is not beyond doubt;
    2. the persons who, as a result of their qualifying holding will determine the day-to-day policy of the bank, are not fit;

c the financial soundness of the proposed acquirer, in particular in relation to the business activities of the bank, is not beyond doubt;

  1. the qualifying holding would constitute an impediment for the bank to comply with the prudential requirements to which it is subject;
  2. there are reasonable grounds to suspect that, in connection with the acquisition of the qualifying holding, money laundering or terrorist financing is being or has been committed or attempted, or that the proposed acquisition could increase the risk thereof; or
  3. the information provided by the proposed acquirer is incorrect or incomplete (e.g., in the event of a proposed participation of more than 50 per cent, the applicant must submit a detailed business plan with its application for a DNO).

Where the applicant for a DNO is a legal entity, the integrity of all its directors and other persons, if any, who can determine or co-determine the day-to-day policy of the applicant is tested. An additional DNO must be obtained for every subsequent increase as a result of which a threshold of 20, 33, 50 or 100 per cent is reached or passed. In 2016, the European supervisory authorities jointly issued guidelines with detailed further rules for assessing qualifying holdings in banks, including as regards the concepts of acting in concert and indirect acquisitions.

On the basis of Dutch law, the applicant can request a bandwidth DNO. As long as the qualifying holding remains within the range granted, no additional DNO needs to be obtained for any subsequent increase as a result of which a threshold is reached or passed; only a notification needs to be made. Until recently, the applicant could also request a group DNO, which extended to all companies within a group collectively, and meant no additional DNOs were required for transfers of qualifying holdings within a group. The ECB, however, does not apply the Dutch regime for a group DNO. If any control relating to a qualifying holding is exercised without having been granted a DNO or in violation of any conditions attached to a DNO, the resolution adopted will be liable for nullification.

Supervision of holdings by and restructuring of banks

In addition to the rules regarding holdings in banks, a bank with a corporate seat in the Netherlands must also obtain a DNO for:

  1. acquiring or increasing a qualifying holding in another bank, investment firm, insurance company or financial institution with a corporate seat outside the EU or the EEA, unless the balance sheet total of the bank or insurance company involved does not exceed 1 per cent of the consolidated balance sheet total of the acquiring or increasing bank;
  2. acquiring or increasing a qualifying holding where the target is not a bank, investment firm, insurance company or financial institution, if the total price paid for the holding amounts to 1 per cent or more of the consolidated balance sheet total of the bank;
  3. acquiring the whole, or a substantial part, of the assets and liabilities of another enterprise or institution, unless the total amount of the assets or liabilities to be taken over does not exceed 1 per cent of the existing consolidated own funds of the bank; or
  4. undertaking a financial or corporate restructuring of its own business.

For significant banks, the ECB is the competent authority in relation to the above-mentioned DNOs. For non-significant banks, the DCB remains competent.57

ii Transfers of banking business

Apart from the rules as set out under the FMSA (see Section VI.i and ii) and the competition rules,58 there are no legal provisions in the Netherlands specifically aimed at prohibiting or limiting the transfer of a banking business either by Dutch or by foreign entities. The transfer of a banking business is subject to the general rules of Dutch civil and corporate law, including rules on legal mergers and divisions and on transfers of assets and liabilities. Although cooperation and cross-participation are permitted in the Netherlands, a merger into a single legal entity of a bank and an insurance company is prohibited.59

VII THE YEAR IN REVIEW

In quantitative terms, 2018 was a good year for Dutch banks, which reported solid profits and healthy balance sheets. However, a number of issues underscored a continuing lack of public trust in the financial sector. Public criticism and indignation at ING Bank's proposed CEO pay increase, which in response ING Bank had to withdraw, demonstrated that such trust – greatly damaged by the financial crisis – still needs time to be restored. It was further damaged by a scandal about the lax AML controls at ING Bank, which resulted in the departure of its CFO. There was also unrest in the top management layers of ABN AMRO, where the chair departed following criticism of her leadership style. Later in the year, managers issued public warnings of distrust and the lack of vision and strategic direction of the bank.

In terms of transactions, 2018 was another uneventful year. The Dutch state did not further sell down its stake in ABN AMRO, which was nationalised in 2008, and in which it continues to hold 56 per cent. It is speculated that the state will only sell down further after the finalisation of the new remuneration rules. The state also again decided that de Volksbank, nationalised in 2013, was not yet ready to be privatised. It will in particular require more time to further develop and implement its new shared value strategy, focusing on the interests of customers, shareholders and employees as well as taking responsibility for society. Danish Saxo Bank made a recommended offer for online broker BinckBank in December 2018, which is expected to close in Q3 2019. During 2018, two Dutch banks were listed on Euronext Amsterdam. Mid-size merchant bank NIBC listed in March 2018, which meant an exit, after more than 12 years, for investment fund JC Flowers. Much-hyped payment service provider Adyen, which had obtained a banking licence in 2017, listed in June 2018. The consortium of shareholders of care lease company and savings bank LeasePlan, led by private equity firm TDR Capital, called off its intended listing of LeasePlan for the foreseeable future.

Brexit planning led the Royal Bank of Scotland to hold on to the banking licence of its much-reduced Dutch operations. In December 2018, it applied at the Scottish court for approval to transfer European clients of its NatWest Markets business, one-third of the total, to its Dutch subsidiary. Owing to the stringent Dutch bonus cap, few other banks include the Netherlands in their Brexit strategies. However, a number of banks from the Asia-Pacific region have opted to move to the Netherlands: following an earlier move by Mitsubishi UFJ, the Commonwealth Bank of Australia and Japanese Norinchukin Bank announced the opening of licensed Dutch subsidiaries in late 2018. Amsterdam also attracted a large number of prominent trading venues and other trading specialists, including Tradeweb and Bloomberg, which both obtained a Dutch multilateral trading facility licence in January 2019. Due to Brexit, the ECB also required ING Bank to reverse an earlier decision to consolidate its trading activities in London.

As regards regulatory change, 2018 was marked by the final stages of the implementation efforts of major new EU rules, most importantly MiFID II but also the PRIIPS, the BMR and PSD2. The further implementation and elaboration of regulatory frameworks introduced in earlier years, in particular the BRRD and the DGS, also continued. On a national level, no noteworthy rules were introduced, but the Minister of Finance continued to fine-tune and 'repair' existing provisions of the FMSA. With the ECB focusing heavily on risk management, the supervision of the DCB emphasised technological change, sustainability, and financial and economic crime. The DCB has in particular increased its focus on the risks of climate change, and in 2018 carried out its first climate change stress test.

VIII OUTLOOK and CONCLUSIONS

Although forecasts indicate that economic growth has peaked and will slow down again, Dutch banks are in good shape and are still expected to do well in 2019. Banks' business models and operations will continue, however, to be vulnerable to a number of risks, including compliance risks, political uncertainty, technological disruption and cybercrime. The DCB has indicated supervision focus will again be on technological change, the transition towards sustainability, and financial and economic crime.60 It will, inter alia, look to further embed climate change-related risks in its supervision. The focus of the AFM will be largely on the same themes.61 The ECB will continue to focus on Brexit, as well as on a number of technical themes in the sphere of credit risk, risk management and readiness for market risk reforms.62 Combating money laundering in particular will continue to feature high on the agenda of legislators and regulators alike, and banks will be expected to significantly step up their efforts to meet their requirements.

In terms of new regulatory requirements, banks' implementation efforts in 2019 and beyond will focus on the implementation of the EU Banking Reform Package, on which political agreement was reached by the EU institutions in February 2019. This is due to be followed by the implementation of the Basel standards agreed in December 2017, which is still a few years away. This will include the new capital floor based on standardised approaches, which will have a big impact on Dutch banks' capital requirements due to its treatment of mortgage-backed exposures. However, the long phase-in agreed by the Basel Committee will ease its impact. Finally, another significant effort in 2019 and thereafter will be the transition of financial contracts to risk-free rates. In the eurozone, a working group led by ING Bank is exploring possibilities for a smooth transition from the EONIA reference rate to the new European risk-free rate, ESTER. In parallel to the implementation of these last outstanding elements of regulatory reform, attention is also increasingly being given to the review and recalibration of existing rules, as legislators and regulators take stock of the effects of the rules that have fully overhauled banking regulation over the past decade.


Footnotes

1 Mariken van Loopik is a partner and Maurits ter Haar is a senior associate at De Brauw Blackstone Westbroek.

2 DCB, Financial Stability Report Autumn 2018, October 2018.

3 Most importantly, the Markets in Financial Instruments Directive II (2014/65/EU) (MiFID II), the Regulation on Markets in Financial Instruments (600/2014) (MiFIR), the second Payment Services Directive (2015/2366) (PSD2), the Benchmarks Regulation (2016/1011) (BMR) and the Regulation on Packaged Retail Investment and Insurance-based Products (1286/2014) (PRIIPs).

4 Including CRD IV, MiFID II, PSD2, the Acquisitions Directive (2007/44/EC), the Consumer Credit Directive (2008/48/EC), the Electronic Money Directive (2009/110/EC) and the Mortgage Credit Directive (2014/17/EU) (MCD).

5 Including the CRR, MiFIR, the SSM Regulation, the SRM Regulation, the BMR, the PRIIPs, the European Market Infrastructure Regulation (648/2012), the Securities Financing Transactions Regulation (2015/2365), and various delegated acts and regulatory and implementing technical standards.

6 Since 2015, a bank's management team members (i.e., the bank's senior officers who work directly below the level of the day-to-day policymakers and who are responsible for those persons whose activities may have a material impact on the bank's risk profile) also need to be tested on their suitability and integrity. These tests are performed by the bank itself, with supplementary testing or checks, or both, by the DCB.

7 DCB and AFM, 'More room for innovation in the financial sector, market access, authorisations and supervision', December 2016.

8 Financial Markets Amendment Act 2018.

9 ECB guide to the assessment of licence applications, March 2018; and ECB guide to the assessment of fintech credit institution licence applications, March 2018.

10 ECB guide to the assessment of licence applications, second revised edition, January 2019.

11 Directive 2013/36/EU and Regulation (EU) No. 575/2013, together also referred to as CRD IV.

12 ING Bank, ABN AMRO, Rabobank, de Volksbank, Nederlandse Waterschapsbank (NWB Bank) and BNG Bank are currently identified as significant banks.

13 The ECB may request information, conduct general investigations and carry out on-site inspections (see Articles 10 to 13 SSM Regulation); specific supervisory powers include substantial powers of early intervention, and the right to impose fines and other administrative sanctions (see Articles 14 to 16 SSM Regulation).

14 Article 22 SSM Framework Regulation (ECB Regulation (EU) 468/2014).

15 Act on Transparent Supervision Financial Markets.

16 This includes the DCB's 'policy rule suitability 2012', the ECB Guide to fit and proper assessments, the Joint ESMA and EBA Guidelines on the assessment of the suitability of members of the management body and key function holders under CRD IV and MiFID II, and the EBA Guidelines on internal governance.

17 Non-listed banks often voluntarily apply the Corporate Governance Code.

18 The previous Corporate Governance Code was applicable as of 1 January 2008. A revised Corporate Governance Code entered into force on 1 January 2017.

19 The original Banking Code was applicable as of 1 January 2010. A revised Banking Code entered into force on 1 January 2015.

20 ECB, Guide to the internal capital adequacy assessment process (ICAAP), November 2018.

21 ECB Regulation (EU) 2016/445 on the exercise of options and discretions available in Union law, November 2016, ECB recommendation on common specifications for the exercise of some options and discretions available in Union law by NCAs in relation to LSIs, and ECB guideline on the exercise of options and discretions in Union law by NCAs in relation to LSIs, November 2016.

22 ECB, 2019 recommendation on distribution policies, January 2019.

23 Section 3:63 et seq. of the FMSA.

24 Regulation (EU) 2015/61.

25 ECB, Guide to the internal liquidity adequacy assessment process (ILAAP), November 2018.

26 Directive 2002/87/EC as amended by Directive 2011/89/EU.

27 DCB policy rule application guidelines, European supervisory authorities FMSA 2017.

28 Directive 2014/59EU and Regulation (EU) 806/2014.

29 DCB, Operation of the bail-in tool, December 2017.

30 SRB, 2018 SRB policy for the first wave of resolution, November 2018, and SRB, 2018 SRB policy for the second wave of resolution, January 2019.

31 See e.g., Council Presidency progress report of 29 November 2017.

32 Directive 2014/49/EU.

33 DCB Policy Rule on the Single Customer View, July 2017.

34 Draft Act on the use of personal identification numbers in the DGS.

35 DCB first round of changes to DGS rules, February 2019.

36 The Netherlands has chosen to apply the provisions implementing the Consumer Credit Directive (2008/48/EC) to all credit agreements, including those with a value below €200 and above €75,000.

37 Directive 2008/48/EC.

38 Directive 2014/17/EU.

39 AFM, Guidance for the calculation of costs in case of early mortgage repayment, March 2017.

40 Draft Amendment Decree concerning the costs of changing interest rates of mortgage credit.

41 Directive 2007/64/EC.

42 Directive (EU) 2015/2366.

43 Case C-191/17, ING-DiBa Direktbank Austria, 4 October 2018.

44 The working group on application programming interfaces under PSD2 (WG-API).

45 Directive 2014/92/EU.

46 Directive (EU) 2015/849 and Regulation (EU) 2015/847.

47 Directive (EU) 2018/843.

48 Draft Act data retrieval portal bank account information.

49 Draft Act implementing changes to the Fourth Anti-Money Laundering Directive.

50 COM(2018) 646 final.

51 The financing deficit or deposit funding gap is the gap between loans and deposits.

52 DCB, Financial Stability Report Autumn 2016, October 2016, and IMF, Netherlands Financial Sector Assessment Program, April 2017.

53 Directive (EU) 2017/2399.

54 Directive 2007/44/EC.

55 Section 3:95 et seq. of the FMSA.

56 Section 1:1 juncto, Section 5:45 of the FMSA, pursuant to which the Dutch rules implementing the Transparency Directive (2004/109/EC) apply.

57 ECB letter SSM/2017/0140 of 31 March 2017.

58 These rules include that a proposed acquisition or merger of a bank that qualifies as a concentration under the Dutch or EU competition rules should be notified to and approved by the Dutch Authority for Consumers and Markets (ACM) or the European Commission prior to completion.

59 Section 3:36 of the FMSA.

60 DCB, Supervision Outlook 2019, November 2018.

61 AFM, Trend Monitor 2019, October 2018 and AFM, Agenda 2019, January 2019.

62 ECB, SSM Supervisory Priorities 2019, October 2018.