The Banking Regulation Review: Netherlands


The Netherlands has a long history as an open trading nation with household-name institutions such as ING Bank, ABN AMRO and cooperatively owned Rabobank. The Dutch banking sector is highly concentrated, with this same small group of systemically important banks accounting for the bulk of domestic lending and the lion's share of Dutch deposits. Measured against the size of the Dutch economy, the banking sector is large. In 2021, the size of its assets relative to the gross domestic product of the Netherlands amounted to approximately 330 per cent.2

The regulatory regime applicable to banks

i Basic structure of banking regulation

The Netherlands has a twin peaks supervision model, which focuses on system and prudential supervision on the one hand, and conduct of business supervision on the other. The European Central Bank (ECB) and the Dutch Central Bank (DCB) are the system and prudential supervisors. The responsibility for conduct of business supervision lies with the Netherlands Authority for the Financial Markets (AFM).

The regulatory rules applicable to banks are largely laid down in the Dutch Financial Markets Supervision Act (FMSA), which has been in force since 2007, and in the various decrees and regulations deriving from it. In view of its increasing complexity and difficulties in its compatibility with the sectoral approach of European legislation, preparations had been made for a thorough review of the design of the FMSA. However, these plans have been shelved until further notice in view of the complexity of such an exercise, the costs involved and the expected developments in the area.

The regulatory rules applicable to banks mostly derive from EU legislation. Many of the rules contained in the FMSA concern the implementation of EU directives.3 However, with the aim of further integrating the single market, regulatory requirements are increasingly adopted in the form of EU regulations.4 Of particular importance for the banking sector are the Capital Requirements Directive (CRD IV), as implemented in the FMSA, and the Capital Requirements Regulation (CRR). Both CRD IV and the CRR were significantly amended in 2019 by the EU's Banking Reform Package, resulting in CRD V and CRR II.5 The changes took effect in December 2020 and June 2021.

ii Regulation of banks with a registered office in the Netherlands

Banks established in the Netherlands are required to obtain a banking licence from the ECB. The DCB is responsible for the processing of licence applications. To obtain a banking licence, banks must, inter alia, comply with the following requirements:

  1. the day-to-day policymakers of a bank and its management team members must be suitable for the banking business;6 in addition, the members of the supervisory board (or comparable body) should also be suitable for the performance of their supervisory tasks;
  2. the integrity of the persons determining or co-determining the day-to-day policy, the members of the management board and supervisory board (or comparable body) of the bank, must be beyond doubt;
  3. the bank must have sound and prudent business operations, including procedures and measures for adequate risk management and client acceptance;
  4. at least two natural persons should determine the day-to-day policy of the bank and perform their activities from within the Netherlands;
  5. the supervisory board (or comparable body) should consist of at least three persons;
  6. the bank must have a transparent control structure safeguarding adequate supervision; and
  7. the bank must comply with minimum own funds, solvency and liquidity requirements.

Once a licence has been granted, a bank must continue to comply with these requirements. Dispensation may be granted from certain specific requirements for obtaining a banking licence provided the applicant demonstrates that he or she cannot reasonably comply with the requirements, and that the objectives the requirements seek to protect can be achieved through alternative means. To stimulate innovation in the financial sector, the DCB, since 2017, is also open, where appropriate, to more tailor-made solutions for innovative products, services or business models through its regulatory sandbox.7

The formal application period for a banking licence is 26 weeks. As part of the application process, applicants must, inter alia, prepare an exit plan, which should identify how the applicant could cease its banking operations in an orderly manner when so required. The ECB has also published two guides detailing the process and requirements for acquiring a banking licence in the eurozone.8

If a bank wishes to render investment services or perform investment activities in the Netherlands, it must apply for a wider banking licence. In this case, there are additional requirements that relate to the conduct of business requirements with which investment firms need to comply. A licensed bank does not need a separate licence for the provision of payment services or certain other financial services also regulated under the FMSA, such as the offering of (consumer) credit, providing advice about financial products (other than financial instruments) and acting as an intermediary with respect to these products. The services involved, however, need to be covered by the banking licence, and the bank involved is subject to additional conduct of business rules when offering these services (see Section IV).

The FMSA contains a separate regime for credit unions, defined as cooperatives of members sharing a certain profession or business that take repayable funds from their members and grant credits for their own account to their members for the purposes of their profession or business.

iii Regulation of foreign banks and activities

In general, branches of foreign banks established to carry out regulated banking activities in the Netherlands are subject to the same licence requirements and ongoing obligations as banks with a registered office in the Netherlands. However, foreign banks with their registered office in another EU or European Economic Area (EEA) Member State may conduct banking activities through a branch office or on a cross-border basis in the Netherlands using a European passport. On this basis, banks from other eurozone countries may conduct banking activities in the Netherlands under their ECB banking licence, provided the ECB has been notified thereof. Similarly, banks with their registered office in an EU or EEA Member State that is not a eurozone country may conduct banking activities in the Netherlands under their home Member State banking licence following a notification procedure in their home Member State. Those non-eurozone banks holding a European passport in the Netherlands are directly supervised by the ECB. The DCB remains responsible for the supervision of non-EEA banks that have established a branch or provide cross-border services in the Netherlands.

Prudential regulation

i Relationship with the prudential regulator

The ECB is the prudential supervisor of the most significant Dutch banks, while the DCB is the direct supervisor of less significant banks.9 The ECB has far-reaching investigatory and supervisory powers under the Single Supervisory Mechanism (SSM) Regulation.10 In addition, the ECB has at its disposal the supervisory powers granted to the DCB under the FMSA. To the extent necessary to carry out the tasks conferred on it by the SSM Regulation, the ECB may require the DCB to use these powers. The ECB is also exclusively responsible for the withdrawal of a banking licence of both significant and less significant Dutch banks.

The DCB will, in principle, exercise its enforcement powers under the FMSA regarding the banks that are identified as less significant. Under the FMSA, the DCB is entitled to enter any place for inspection and may request information from any party. The DCB is also entitled to request business data and documents for inspection and to make copies of these. Everyone is obliged to fully cooperate with the DCB.

If the DCB concludes that a bank has violated a rule under the FMSA or an EU regulation, it may take enforcement action. The DCB can choose from various enforcement measures and sanctions, including, but not limited to:

  1. imposing a certain course of action to comply with the FMSA (instruction order);
  2. appointing one or more persons as trustee over all or certain bodies or representatives of a bank;
  3. imposing a particular duty, backed by a judicial penalty for non-compliance;
  4. imposing an administrative fine;
  5. publishing an imposed duty or fine on the DCB's website and by press release;
  6. imposing a suspension of voting rights of shareholders or partners responsible for a breach of a bank's licence or declaration of no objection requirement (see Section VI);
  7. imposing a temporary ban against a natural person from exercising his or her functions; and
  8. imposing higher solvency or liquidity requirements and the termination of banking business activities with a high risk to the solidity of the banks.

The liability of the DCB (and the AFM) under the FMSA is limited to wilful misconduct and gross negligence. The DCB (and the AFM) has extensive powers to publish warnings and decisions in the event of infringements of the FMSA and to periodically publish overviews of key data of individual banks.11

ii Management of banks

Most Dutch banks are limited liability companies. Although, from a corporate perspective, a statutory basis exists for the creation of a one-tier board structure, limited liability companies in the Netherlands traditionally have a two-tier board structure composed of a managing board and a supervisory board. The managing board is the executive function responsible for carrying out the company's day-to-day affairs. As such, a bank's managing board is responsible for compliance with the FMSA. Rules on managing and supervisory boards and their members are set out in great detail in various EU, ECB and DCB guidelines.12 They contain guidance as regards, inter alia, integrity and suitability, sufficient time commitment, independence, supervisory board committees and their composition, and on the maximum number of executive and non-executive positions a board member may hold. The DCB also has a specific position in relation to the independence requirements of members of a bank's supervisory board.13 On suitability, the DCB increased its focus on sustainability and anti-money laundering (AML) knowledge of each board member.

The managing and supervisory boards are jointly responsible for compliance (on a comply or explain basis) with the Dutch Corporate Governance Code (if applicable) and the Dutch Banking Code. Adherence to the former is mandatory for listed Dutch banks.14 It includes principles that are held to be generally accepted, as well as detailed best practice provisions relating to both managing and supervisory boards, general meetings, the auditing process and the external auditor.15 The Banking Code contains principles that are based on the Corporate Governance Code, but focuses on the managing and supervisory boards, risk management, auditing and remuneration policy of banks.16 The Banking Code applies to all banks with a banking licence under the FMSA, and compliance is monitored by a special monitoring commission. The Dutch Banking Association recommends that the Banking Code be applied by all entities that operate in the Netherlands (irrespective of their country of incorporation), including banks operating under a European passport.

Restrictions on remuneration

A far-reaching act on financial sector remuneration has been in force since 2015. One of the most important restrictions is the bonus cap, which holds that the variable remuneration of all persons working under the responsibility of banks with their registered office in the Netherlands, and Dutch branches of banks outside the EEA, may not exceed 20 per cent of the fixed component. Several exceptions apply, including for persons working predominantly in another country, for persons working for the EEA top holding of a group whose staff work predominantly in another country, for persons falling outside the scope of collective labour agreements and, subject to approval by the DCB or the ECB, for retention bonuses. In these cases, the maximum variable remuneration is as set out in CRD IV: 100 per cent of the fixed component or, depending on the exception, 200 per cent subject to shareholder approval.

Severance payments are also restricted. Moreover, the supervisory board may (and under certain circumstances must), inter alia, claw back bonuses where payment was based on incorrect information or the non-achievement of underlying objectives, and revise bonus payments if these were unacceptable according to standards of reasonableness and fairness. The rules also provide for a statutory ban on bonuses for management (and certain others) of state-aided banks. In 2017, the DCB introduced a tweak to the bonus cap in that the international holding exemption would be available not only to Dutch global top holdings of financial groups but also to EEA top holdings, thus making the Netherlands more attractive for EEA top holdings of non-EEA financial groups.

Following an evaluation of the remuneration rules in 2018, the Minister of Finance submitted a legislative proposal to parliament in July 2020 that would introduce a number of restrictions to fixed pay, in addition to the existing restrictions of variable pay discussed above.17 Directors and employees in the financial sector who receive part of their fixed pay in shares or similar instruments whose value depends on the performance of the company will have to retain these for at least five years. Furthermore, financial undertakings will have to describe in their remuneration policy how the remuneration of their directors and employees is proportional to the firm's role in the financial sector and its position in society. Finally, the exception from the bonus cap for persons falling outside the scope of collective labour agreements will be restricted. The next evaluation will be scheduled in 2023.

iii Regulatory capital and liquidity

Rules of prudential supervision are provided for in the CRR and its various regulatory and implementing technical standards on a European level, and in the FMSA, the Decree on Prudential Supervision FMSA and regulations issued by the DCB on a national level. These rules relate to, inter alia, regulatory capital, liquidity and additional supervision with respect to financial conglomerates.

Regulatory capital

Licensed banks are required to be sufficiently capitalised. A bank's capital is sufficient if the bank complies with the requirements set out in Part 3 of the CRR. These requirements include both quantitative requirements (i.e., a Common Equity Tier 1 (CET1) capital ratio of 4.5 per cent of the bank's risk-weighted assets (RWA), a Tier 1 capital ratio of 6 per cent of a bank's RWA and a total capital ratio of 8 per cent of a bank's RWA) and qualitative requirements (conditions that own-fund items and subordinated liabilities must meet to qualify as CET1 capital, Additional Tier 1 capital or Tier 2 capital). The DCB or the ECB may also impose an additional bank-specific Pillar 2 buffer following the supervisory review and evaluation process when they identify risks not adequately covered by the standard capital requirements. In addition, the DCB and the ECB also communicate their expectations for banks to hold additional own funds in the form of capital guidance. In 2018, the ECB published guidance setting out its expectations of banks' internal capital adequacy assessment process.18

In view of the systemic risk in the Dutch housing market, in October 2019 the DCB also consulted on a measure introducing a capital floor to the risk weighting of mortgage loans.19 This measure entered into force on 1 January 2022.20 The DCB clarified that the measure will not come on top of the similar capital floor that will be introduced by the Basel III reform package.

Capital buffers

CRD IV prescribes four capital buffers:

  1. a capital conservation buffer equal to 2.5 per cent CET1 capital;
  2. an institution-specific countercyclical capital buffer (CCyB) of, in principle, between zero and 2.5 per cent CET1 capital;
  3. a global systemically important institutions (G-SII) buffer of, in principle, between 1 per cent and 3.5 per cent CET1 capital; or another systemically important institutions (O-SII) buffer of, in principle, between zero and 2 per cent CET1 capital; and
  4. as a Member State option, a systemic risk buffer (SRB) of, in principle, between 1 per cent and 3 per cent CET1 capital.

Previously, with regard to the G-SII, O-SII and SRB, in principle only the highest of the three applied. Since December 2020, however, under CRD V, the G-SII or O-SII buffer has become cumulative to the SRB. To keep capital requirements constant, the DCB has abolished the SRB and, for 2022, applies O-SII buffers of 2.5 per cent to ING, 2 per cent to Rabobank and 1.5 per cent to ABN AMRO, and maintains an O-SII buffer of 1 per cent for de Volksbank and BNG Bank. In the Netherlands, the G-SII buffer only applies to ING (1 per cent).21 In addition, the DCB has indicated that it will gradually increase the CCyB, which has been at zero per cent since its introduction in 2016, to 2 per cent in the foreseeable future. Banks are required to apply the CCyB to their exposures to Dutch counterparties.

Banks can be subject to a combination of buffers, referred to as the combined buffer requirement. When banks fail to meet the combined buffer requirement, specific restrictions apply and certain measures may be imposed, such as a limitation to make distributions or payments in connection with their CET1 and Additional Tier 1 instruments, and the required production of a capital conservation plan.


In normal times, restrictions to distributions only apply if banks fail to meet the combined buffer requirement, as set out above. In March 2020, however, the ECB strongly recommended that no dividends should be paid by banks for the financial years 2019 and 2020 and that banks should refrain from share buy-backs aimed at remunerating shareholders. Instead, banks were to conserve capital to retain their capacity to support the economy in an environment of heightened uncertainty caused by the covid-19 crisis.22 In December 2020, the ECB recommended that banks continue to refrain from paying out dividends until at least September 2021, although subject to conditions dividends of up to 15 per cent of profits could be made. In July 2021, the ECB decided not to extend its recommendation that all banks limit dividends beyond September 2021. The recommendations were also applied by the DCB. During this ECB recommendation period, the DCB did, however, approve a request by Rabobank to distribute additional CET1 instruments as an in-kind distribution to its investors in December 2020.


Banks must hold a sufficient amount of liquid assets.23 On the basis of the CRR, two liquidity requirements apply: the liquidity coverage ratio (LCR) and stable funding requirements. The LCR, as further specified in the LCR delegated regulation, has a binding minimum of 100 per cent.24

The stable funding requirement requires all institutions, as of June 2021, to ensure that their long-term obligations are adequately met with a diversity of stable funding instruments under normal and stress conditions, and to this end maintain a minimum standard for a net stable funding ratio (NSFR) of 100 per cent. Anticipating the implementation of the NSFR, the DCB introduced this requirement in 2017 under Pillar 2. From 2021, this NSFR requirement is no longer part of the Pillar 2 requirements as it is part of the CRR Pillar 1 requirements.

In addition to these requirements, the DCB normally also imposes bank-specific liquidity requirements as part of a bank's Pillar 2 requirement, such as regarding specific liquidity survival periods and diversification of sources of funding and liquidity, including through an NSFR proxy requirement. In November 2018, the ECB published a guide to the internal liquidity adequacy assessment process for significant banks.25

Leverage ratio

Banks are required to calculate their leverage ratios in accordance with the methodology set out in Part 7 of the CRR, report them to the relevant supervising authority and disclose them. CRR II introduces a binding minimum leverage ratio of 3 per cent, which became applicable as of June 2021. However, due to the effects of the covid-19 crisis, the ECB decided that banks may elect to make use of an extended introduction period until March 2022. In addition, CRR II introduces an additional leverage ratio buffer requirement for G-SIIs, applicable as of January 2022. The Dutch government has argued for the extension of this buffer to O-SIIs. However, CRR II only includes an instruction to the Commission to carry out an appropriateness study for this extension.

Consolidated application of regulatory capital and liquidity requirements

The above-mentioned capital, liquidity and leverage requirements apply to banks on both an individual and consolidated basis. The DCB or ECB may, when certain criteria are met, waive the requirement to comply on an individual basis. The capital and leverage requirements apply on the basis of the consolidated situation of a bank's highest holding entity in each Member State and in the EU as a whole. The liquidity requirements must be met on the basis of the consolidated situation of the highest holding entity in the EU. In addition, the application of the capital requirements on a sub-consolidated basis applies in the case of subsidiary banks, investment firms and financial institutions in a third country.

Since December 2020, CRD V has brought financial holding companies and mixed financial holding companies directly within the scope of the EU prudential framework by introducing an approval requirement along with direct supervisory powers. These holdings will become directly responsible for ensuring compliance with regulatory requirements on a consolidated level. An exemption from the approval requirement is available under conditions, including that the holding company's activities are limited to acquiring holdings and that it does not engage in management, operational or financial decisions affecting the group.

Supplementary supervision of banks in a financial conglomerate

The Financial Conglomerates (FICO) Directive was implemented in the FMSA and the Decree on Prudential Supervision of Financial Groups FMSA.26 The FICO Directive introduced the supplementary supervision of banking (insurance and investment) activities carried out in a financial conglomerate. The rules relate, inter alia, to supplementary capital adequacy requirements, risk concentration, intra-group transactions, internal control mechanisms and risk management processes. The holding company of a financial conglomerate must calculate the supplementary capital adequacy in accordance with certain methods described under the FMSA.

iv Recovery and resolution

Bank Recovery and Resolution Directive and Single Resolution Mechanism Regulation

The Dutch Act implementing the Bank Recovery and Resolution Directive (BRRD) entered into force in 2015, and the Single Resolution Mechanism Regulation (SRMR) became fully applicable in 2016.27 Both the BRRD and the SRMR were amended in 2019 by the Banking Reform Package, resulting in BRRD II and SRMR II.28 The amendments, in particular, included a substantial revision of the minimum requirement for own funds and eligible liabilities (MREL) requirements, so as to align them with the international standard for total loss-absorbing capacity (TLAC) set by the Financial Stability Board. The changes took effect for G-SIIs in June 2019 and for other banks in December 2020.

The rules aim to ensure that:

  1. banks and authorities make adequate preparation for crises;
  2. supervisory authorities are equipped with the necessary tools to intervene at an early stage when a bank is in trouble;
  3. resolution authorities have the necessary tools to take effective action when bank failure cannot be avoided, including the power to bail-in creditors; and
  4. banks contribute to an ex ante funded resolution fund.

The DCB has been designated as the national resolution authority for the Netherlands. However, on the basis of the Single Resolution Mechanism, for significant banks and other cross-border groups in the eurozone, the Single Resolution Board is the competent resolution authority in cooperation with the national resolution authorities. In a 2017 communication, the DCB set out a number of technical details on how it intends to use the bail-in tool.29 For example, conversion of liabilities by bail-in will result in the creation of claim rights, which are transferable and entitles holders to new shares once issued.

During the course of 2021, the Single Resolution Board and the DCB continued the process of drafting resolution plans for the major Dutch banks and of setting each bank's MREL requirements. The Single Resolution Board published an updated MREL policy in May 2021 in line with the requirements of BRRD II and SRMR II. In December 2020, the Eurogroup agreed to introduce a 'common backstop' to the Single Resolution Fund in the form of a revolving credit line from the European Stability Mechanism, from January 2022.

Deposit insurance

The Dutch deposit insurance framework is based on the (third) Deposit Guarantee Scheme (DGS) Directive, which has been in force since 2015.30 The framework comprises an ex ante funded guarantee scheme to which banks must contribute on a quarterly basis. The fund should reach a target level of 0.8 per cent of insured deposits. The guarantee covers natural persons and businesses, with the exception of financial undertakings and governments, for an amount up to €100,000. The DCB adopted a number of more detailed rules in relation to the Dutch DGS. Most importantly, the DCB introduced a new payout system in which banks must compile and deliver a uniform single customer view, containing an overview of customers' deposits and other relevant data. The new system will enable the DCB to meet the requirement of the DGS Directive that, by 2024, the payout of insured deposits must be made within seven business days of a bank's failure.31 In August 2019, an act supported by the Dutch banking sector entered into force clarifying that banks can use customers' personal identification numbers in implementing their DGS obligations.32

Progress on the European Commission's proposal for a European Deposit Insurance Scheme, first circulated in 2015 to reinforce deposit protection by mutualising national deposit guarantee funds in the eurozone, remained slow in 2021, as it had been in previous years. A number of Member States, including the Netherlands, insist that further risk reduction must precede further risk sharing.

Dutch Intervention Act

The Dutch Intervention Act grants powers to the Minister of Finance to take emergency measures in times of serious and immediate danger to the stability of the financial system. These include the temporary suspension of shareholder voting rights, the suspension of management or supervisory board members, and the expropriation of assets or liabilities of a bank or its parent companies with a corporate seat in the Netherlands.

Conduct of business

i Conduct of business rules

Conduct of business rules for banks are, for the most part, set forth in the FMSA. Compliance with most conduct of business rules is supervised by the AFM. These rules mostly relate to the activities of a bank as a provider of lending and deposit services, payment services, investment services and other financial services. These rules concern, inter alia, client classification requirements, the provision of information, know-your-customer requirements, conflicts of interest, best execution, inducement order handling and complaints handling.

ii Consumer and mortgage credit

Under the FMSA, banks must comply with certain conduct of business rules when offering credit to consumers. Irrespective of the credit amount, additional requirements may apply to banks (and other entities) pursuant to both the Dutch Civil Code and the Act on Consumer Credit.33 The additional rules stem mainly from the implementation of the Consumer Credit Directive.34 These rules relate to the civil law relationship between the bank and the consumer or borrower, and include requirements with respect to pre-contractual information, the form and contents of the credit agreement, and the consumer's right to rescind a credit agreement up to 14 calendar days after entering the agreement. Violation of the rules may lead to civil liability. When offering consumer credit, banks must also take into account the 2012 Code of Conduct for Consumer Credit as drawn up by the Dutch Banking Association.

The FMSA and the Civil Code contain specific rules in relation to retail mortgage loans, stemming mainly from the implementation of the Mortgage Credit Directive.35 The rules concern, inter alia, creditworthiness assessments, information obligations and consumer rights in cases of early repayment and arrears and foreclosures. The AFM has provided further guidance on costs that may be imposed in the case of early repayment, requiring banks to also revisit calculations of mortgages provided since 2016.36 In 2019, limitations were also introduced to the costs banks can charge customers when they change their interest rate during a fixed-interest period.37

iii Payment services

The DCB supervises payment institutions as well as the provision of payment services by banks. As a result of the implementation of the first Payment Services Directive,38 payment service providers are subject to certain conduct of business requirements under both the FMSA and the Civil Code. The rules in the Civil Code relate to the civil law relationship between a payment service provider and client, including:

  1. the payment service contract governing the execution of payment transactions;
  2. the amendment and termination of such a contract;
  3. the required consent of the payer regarding the execution of a payment transaction;
  4. the right of withdrawal;
  5. the maximum period to execute payment transactions; and
  6. costs and liability.

The AFM supervises compliance with all conduct of business rules, including those under the Civil Code. The Dutch Authority for Consumers and Markets supervises competition issues relating to access to payment systems.

The act implementing the second Payment Services Directive (PSD II)39 modernised the rules on payment services by opening the EU payment market to payment initiation service providers, introducing new security requirements and enhancing consumer rights. In the course of 2019, the European Banking Authority published various clarifications to issues relating to application programming interfaces under PSD II raised by the working group established for that purpose.40

The rules implementing the Payment Accounts Directive, in force since 2016, contain requirements for banks and payment service providers on transparency and comparability of fees, and on the facilitation of access to, and switching between, payment accounts.41

In May 2021, the 2022 Act amending the Financial Markets Act was published and is expected to enter into force by mid-2022. This Act will, among other things, allow payment institutions and electronic money institutions to open a segregated assets account so as to segregate the funds of customers and the institutions' own funds. This will offer them an alternative to having to secure third-party funds through a customer accounts foundation, which is currently the only way to secure third-party funds in the Netherlands.

iv Anti-money laundering and terrorist financing

Pursuant to the Dutch Prevention of Money Laundering and Terrorist Financing Act (WWFT), licensed banks (and other financial institutions) are subject to a number of obligations to prevent money laundering and terrorist funding. Adequate client identification forms an important part of these obligations. Banks must identify clients with whom they intend to establish a continuing business relationship in the Netherlands, or with whom they enter into an incidental transaction, or a series of related transactions, worth €10,000 or more. If a bank suspects that a transaction is related to money laundering or terrorist financing, the Financial Intelligence Unit (FIU) of the Netherlands must be notified. The FIU is designated to receive information relating to suspicious transactions, to investigate and, if necessary, to report the transactions to the Public Prosecutor to initiate criminal proceedings. In 2018, AML rules implementing the fourth Anti-Money Laundering Directive entered into force. These rules facilitate the work of FIUs in identifying and following suspicious transfers and in the exchange of information between FIUs, and established a harmonised policy towards non-EU countries with deficient AML regimes. An ultimate beneficiary owners (UBOs) register, a mandatory centralised register with information on all UBOs, was established in the Netherlands in July 2020.

In 2018, the fifth Anti-Money Laundering Directive was adopted.42 The Directive extended the scope of the rules to virtual currencies and prepaid cards, further enhanced the role and powers of the national FIUs, and provided clearer rules on the nature of and access to UBO information. The Directive also introduced a requirement to establish a centralised data retrieval portal through which authorities can get timely and automatic access to information on bank accounts. The Act for the implementation of most aspects of the fifth Anti-Money Laundering Directive entered into force in May 2020. The centralised data retrieval portal was implemented through a separate act that entered into force in September 2020.43

Meanwhile, following a number of money laundering scandals across Europe in recent years, including in the Netherlands, AML remains high on the agenda of both legislators and regulators. On a national level, in June 2019 the Ministers of Finance and Justice published an AML action plan. This plan contains various new measures to fight money laundering, including limiting the use of cash transactions to €3,000 and allowing banks to engage in the joint monitoring of transactions. Other measures include bolstering of enforcement through the creation of multidisciplinary intervention teams and the sharing of police information with banks. In addition, in 2019 the DCB published good practices for banks on customer tax integrity risk management.44 On a European level, in May 2020 the Commission adopted an EU AML action plan built on six pillars, including a single EU rule book, EU level supervision and an improved cooperation mechanism for financial intelligence units. In addition, banks will need to meet new fit and proper AML knowledge requirements as of 31 December 2021, underlining that every bank must identify a member of its management body who is responsible for the implementation of rules to comply with the Anti-Money Laundering Directive. The implementation of the second Markets in Financial Instruments Directive in the Netherlands has made it compulsory for financial institutions to designate and charge one of the policymakers with overseeing compliance with Dutch AML legislation.

v Climate change

The DCB, like the ECB, is a forerunner in putting risks related to climate change high on its agenda and that of the financial sector. Recently, the DCB announced that it will follow the ECB's expectations of banks' climate risk management that were published in November 2020. As a result, among other things, banks will become subject to supervisory stress tests on climate-related risks, and the DCB expects senior management of financial institutions to have knowledge of the risks inherent in climate change and the transition to a climate-neutral economy as part of their fit and proper assessments.

vi Bankers' oath, code of conduct and disciplinary measures

Dutch banks must ensure that all persons with an employment contract with them, or who otherwise carry out activities that are part of the operation of a banking business or its essential supporting business processes, take the bankers' oath. The bankers' oath is linked to the bankers' code of conduct and a set of disciplinary measures. A foundation established by the Dutch Banking Association supervises compliance with the code of conduct, and can impose disciplinary measures, including reprimands, fines and a temporary ban from carrying out a function in the banking sector. The foundation's disciplinary commission deals with an increasing number of cases and frequently hands out disciplinary measures, in many cases a reprimand or a temporary ban from working in the banking sector.

vii Banking secrecy

There is no specific legal provision on banking secrecy in the Netherlands. As a general principle, Dutch law requires banks to keep all client data confidential. This requirement has various sources of origin, including custom, general principles of contract law (i.e., reasonableness and fairness) and the obligation of due care, which stems in turn from the general banking conditions used by most banks in the Netherlands. Several exceptions to the banking secrecy requirement apply. The more general exception provides that a bank is authorised to disclose client data to third parties, including regulatory authorities or supervisors, if it is under a statutory obligation to do so (see Section III.i). Violation of banking secrecy may result in civil liability as a result of a breach of contract or, as the case may be, tort law. Obviously, and perhaps more importantly, violating bank secrecy may also lead to reputational damage.


Dutch banks raise funds from different sources, including deposits (corporate and non-corporate), interbank transactions (including ECB transactions) and capital markets funding. In general, Dutch banks are more dependent on financing through the financial markets than other European banks. This is because they lend more than banks in other countries, which is due, inter alia, to above-average high mortgage loans. In combination with a relatively large financial sector in the Netherlands, the relatively high loan-to-deposit ratio caused Dutch banks to be vulnerable to problems in the capital markets. In recent years, however, the loan-to-deposit ratio has gradually decreased, and during the covid-19 crisis, various banks saw their loan-to-deposit ratio decrease to below 100 per cent.45

Over recent years, Dutch banks have increased their capital ratios up to the new requirements, largely by de-leveraging and de-risking their balance sheets and by retention of profits. However, in recent years many Dutch banks have also launched successful issues of Additional Tier 1 instruments to meet the new leverage ratio and MREL requirements (see Section III.iv).

Since 2018, as a result of the Directive regarding the ranking of unsecured debt instruments in the insolvency hierarchy,46 banks can issue senior non-preferred (SNP) or Tier 3 debt, to fulfil their MREL or TLAC requirement. This SNP debt ranks junior to senior debt, but senior to subordinated debt and capital instruments. A number of Dutch banks, including Rabobank and ABN AMRO, have included the possibility of issuing SNP notes in their funding programmes.

Control of banks and transfers of banking business

i Control regime

Supervision of participations in banks

Each person who holds, acquires or increases a qualifying holding in a bank with a corporate seat in the Netherlands requires a declaration of no objection (DNO) from the ECB.47 The DCB is responsible for processing the DNO application. A qualifying holding is a direct or indirect holding of 10 per cent or more of the issued share capital of the bank, direct or indirect voting power, or a right to exercise equivalent control. This definition is subject to certain aggregation principles: for instance, voting rights held through subsidiary companies or voting agreements are to be included.48

A DNO will be refused if:

  1. the integrity and the professional competence (which is not a suitability test comparable to the one applicable to bank managers) of the proposed acquirer or the persons who, as a result of their qualifying holding, can determine the day-to-day policy of the bank are not beyond doubt;
  2. the proposed acquirer, taking into account his, her or its reputation, or the persons who, as a result of their qualifying holding, will determine the day-to-day policy of the bank, are not fit;
  3. the financial soundness of the proposed acquirer, in particular in relation to the business activities of the bank, is not beyond doubt;
  4. the qualifying holding would constitute an impediment for the bank to comply with the prudential requirements to which it is subject;
  5. there are reasonable grounds to suspect that, in connection with the acquisition of the qualifying holding, money laundering or terrorist financing is being or has been committed or attempted, or that the proposed acquisition could increase the risk thereof; or
  6. the information provided by the proposed acquirer is incorrect or incomplete (e.g., in the event of a proposed participation of more than 50 per cent, the applicant must submit a detailed business plan with its application for a DNO).

Where the applicant for a DNO is a legal entity, the integrity and professional competence of all its directors and other persons, if any, who can determine or co-determine the day-to-day policy of the applicant, is tested. An additional DNO must be obtained for every subsequent increase as a result of which a threshold of 20 per cent, 33 per cent, 50 per cent or 100 per cent is reached or passed. In 2016, the European supervisory authorities jointly issued guidelines with detailed further rules for assessing qualifying holdings in banks, including as regards the concepts of acting in concert and indirect acquisitions.

On the basis of Dutch law, the applicant can request a bandwidth DNO. As long as the qualifying holding remains within the range granted, no additional DNO needs to be obtained for any subsequent increase as a result of which a threshold is reached or passed; only a notification needs to be made.

Applicants can also request a group DNO, which extends to all companies within a group collectively, and means no additional DNOs are required for transfers of qualifying holdings within a group. In this case, the DCB also assesses the financial soundness of the acquirer's group entities. In 2019, the Minister of Finance published for consultation a draft act clarifying the notification obligation that is applicable in the case of changes to the holding within a group with a group DNO.49 If any control relating to a qualifying holding is exercised without having been granted a DNO or in violation of any conditions attached to a DNO, the resolution adopted will be liable for nullification.

In December 2020, the Single Resolution Board published a paper outlining its expectations for ensuring the resolvability of banks engaging in mergers and acquisitions and other corporate transactions. While this does not amount to a formal approval requirement, the Single Resolution Board intends to play an active role in these transactions and expects strong engagement from the relevant banks when preparing the transactions.

Supervision of holdings by and restructuring of banks

In addition to the rules regarding holdings in banks, a bank with a corporate seat in the Netherlands must also obtain a DNO for:

  1. acquiring or increasing a qualifying holding in another bank, investment firm, insurance company or financial institution with a corporate seat outside the EU or the EEA, unless the balance sheet total of the bank or insurance company involved does not exceed 1 per cent of the consolidated balance sheet total of the acquiring or increasing bank;
  2. acquiring or increasing a qualifying holding where the target is not a bank, investment firm, insurance company or financial institution, if the total price paid for the holding amounts to 1 per cent or more of the consolidated balance sheet total of the bank;
  3. acquiring the whole, or a substantial part, of the assets and liabilities of another enterprise or institution, unless the total amount of the assets or liabilities to be taken over does not exceed 1 per cent of the existing consolidated own funds of the bank; or
  4. undertaking a financial or corporate restructuring of its own business.

For significant banks, the ECB is the competent authority in relation to the above-mentioned DNOs. For non-significant banks, the DCB remains competent.50

ii Transfers of banking business

Apart from the rules as set out under the FMSA and the competition rules,51 there are currently no legal provisions in the Netherlands specifically aimed at prohibiting or limiting the transfer of a banking business by either Dutch or foreign entities. In 2021, however, a bill was submitted establishing a national security screening regime where target undertakings active in the Netherlands in vital processes or sensitive technology, are being acquired.52 The bill lists three sectors it considers vital: energy, banking and certain activities at Amsterdam airport and the port of Rotterdam. These sectors are not covered in their entirety by the bill – it would apply to specific functions that are considered vital to a sector, such as the financial market infrastructure. The aim of the proposal is to protect national security by introducing an assessment of activities that lead to changes in control of, or influence on, companies that operate in critical processes or have sensitive technology.

The transfer of a banking business is subject to the general rules of Dutch civil and corporate law, including rules on legal mergers and divisions and on transfers of assets and liabilities. Although cooperation and cross-participation are permitted in the Netherlands, a merger into a single legal entity of a bank and an insurance company is prohibited.53

The year in review

2021 was again dominated by the covid-19 crisis, including in regulatory terms, but the economy has showed a strong recovery from the crisis. Dutch banks' capital positions remained solid and have not deteriorated, partly because the proportion of non-performing loans has shown only a limited rise. Various fiscal, prudential and monetary support measures in 2020 and 2021 have played an important role in mitigating the economic damage. Rabobank more than doubled its 2021 profits compared to 2020, ING almost doubled its 2021 profits compared to 2020, and ABN AMRO made more than €1 billion of profits in 2021 after making losses in 2020.

Some Dutch banks experienced shareholder pressure to distribute dividends due to their solid performances, but were restricted by the ECB recommendation that all banks limit dividends until 30 September 2021. The DCB agreed that Rabobank could make a distribution by paying its investors an in-kind distribution of CET1 instruments in December 2020. After the ECB lifted its recommendation, Dutch banks made exceptionally high distributions (e.g., Rabobank) or additional distributions (e.g., ING) in quarter four of 2021, reflecting their solid performances. In addition, banks had to continue to implement the requirements of CRR II and CRD V, as well as continue their efforts to meet the ever-increasing expectations of legislators and supervisors in relation to integrity risk and, in particular, AML. In April 2021, ABN AMRO settled with the Dutch Public Prosecution Service (DPPS) in connection with its investigation into ABN AMRO's compliance with its obligations under the WWFT between 2014 and 2020. As part of this settlement, ABN AMRO has paid a €480 million fine. This is similar to the €775 million fine imposed by the DPPS on ING in 2018.

Banks have also started implementing various new sustainability risk management and reporting requirements, including those of the Sustainable Finance Disclosure Regulation and the EU Taxonomy Regulation. 2021 was another uneventful year in terms of transactions. The Dutch state did not sell its stakes in ABN AMRO or De Volksbank, in which it continues to hold 56 per cent and 100 per cent, respectively. Both banks continued to pursue their recently announced new strategies. ABN AMRO has shed its global ambitions and will focus on attractive segments in the Netherlands and north-west Europe, as well as increasing its focus on sustainability and simplifying its operating model. In line with its new strategy, ABN AMRO sold its interests in Maas Capital, a subsidiary participating in global shipping, intermodal and offshore assets, to EnTrust Global. De Volksbank restated that it will aim for growth by 'strengthening the customer relationship and further increasing social impact'. Van Lanschot Kempen simplified its legal structure in July 2021, by merging its holding company into its operating entity.

Finally, in 2021, banks finalised the transition of financial contracts to risk-free rates.

Outlook and conclusions

During 2021, banks have been able to withstand the adverse economic shock induced by the outbreak of the pandemic. They have remained, overall, well capitalised and capable of helping households, small and medium-sized enterprises and corporates to cope with the challenges posed by the covid-19 crisis. Now that the ECB has lifted the recommendation to restrict dividends, Dutch banks are expected to continue to distribute dividends in 2022. However, uncertainty about the evolution of the pandemic, and hence the economy, remains high in 2022. While the impact of the covid-19 crisis on banks' balance sheets was significantly mitigated by government measures, these measures have mostly ended or are expected to end in 2022, potentially resulting in a significant deterioration of banks' asset quality. At the same time, banks now have a good understanding of the sectors that are most affected by covid-19 and may be increasingly capable of containing the fallout. Apart from covid-19, the main challenges come from inflation rates (which are expected to remain high in 2022 and beyond), current low interest rates and competition in some markets from non-bank players.

Similar to previous years, the DCB has indicated that supervision focus in 2021–2024 will be on responding to technological innovation, commitment to sustainability and future orientation, and combating financial and economic crime.54 The focus of the AFM will be largely on the same themes.55 The ECB will focus on three priorities for 2022–2024: emerge from the pandemic healthy; seize the opportunity to address structural weaknesses via effective digitalisation strategies and enhanced governance; and tackle emerging risks, including climate-related and environmental risks, and IT and cyber risks.56

In terms of new regulatory requirements, banks will continue to work on the implementation of the EU Banking Reform Package, a major part of which entered into force in June 2021. This is due to be followed in the coming years by the implementation of the Basel Standards agreed in December 2017. This will include the new capital floor based on standardised approaches, which will have a big impact on Dutch banks' capital requirements due to its treatment of mortgage-backed exposures. However, the long phase-in agreed by the Basel Committee will ease its impact. To increase banks' resilience, the DCB has introduced a minimum floor for the risk weighting of bank mortgages, which applies to Dutch banks from 1 January 2022.57 Banks will also need to continue implementing various new sustainability risk management and reporting requirements, including those of the Sustainable Finance Disclosure Regulation and the EU Taxonomy Regulation.


1 Mariken van Loopik is a partner at De Brauw Blackstone Westbroek.

2 Dutch Central Bank (DCB), Financial Stability Report Autumn 2021, October 2021.

3 Including the fourth Capital Requirements Directive (Directive 2013/36/EU (CRD IV)), the second Markets in Financial Instruments Directive (Directive 2014/65/EU (MiFID II)), the second Payment Services Directive (Directive (EU) 2015/2366 (PSD II)), the Consumer Credit Directive (Directive 2008/48/EC), the Electronic Money Directive (Directive 2009/110/EC) and the Mortgage Credit Directive (Directive 2014/17/EU).

4 Including the Capital Requirements Regulation (Regulation (EU) No. 575/2013 (CRR)), the Markets in Financial Instruments Regulation (Regulation (EU) No. 600/2014), the Single Supervisory Mechanism Regulation (Regulation (EU) No. 1024/2013), the Single Resolution Mechanism Regulation (Regulation (EU) No. 806/2014), the Benchmarks Regulation (Regulation (EU) 2016/1011), the Packaged Retail and Insurance-based Investment Products Regulation (Regulation (EU) No. 1286/2014), the European Market Infrastructure Regulation (Regulation (EU) No. 648/2012) and the Securities Financing Transactions Regulation (Regulation (EU) 2015/2365) and various delegated acts and regulatory and implementing technical standards.

5 Regulation (EU) 2019/876 and Directive (EU) 2019/878. Any reference to CRD IV or CRR throughout this chapter also refers to the updated versions of the CRD and CRR.

6 Since 2015, a bank's management team members (i.e., the bank's senior officers who work directly below the level of the day-to-day policymakers and who are responsible for those persons whose activities may have a material impact on the bank's risk profile) also need to be tested on their suitability and integrity. These tests are performed by the bank itself, with supplementary testing or checks, or both, by the DCB.

7 DCB and Netherlands Authority for the Financial Markets (AFM), 'More room for innovation in the financial sector, market access, authorisations and supervision', December 2016.

8 European Central Bank (ECB) guide to the assessment of licence applications, second revised edition, January 2019 and ECB guide to the assessment of fintech credit institution licence applications, March 2018.

9 ING Bank, ABN AMRO, Rabobank, de Volksbank, Nederlandse Waterschapsbank (NWB Bank), BNG Bank and LeasePlan are currently identified as significant banks.

10 The ECB may request information, conduct general investigations and carry out on-site inspections; it has substantial powers of early intervention and the right to impose fines and other administrative sanctions.

11 Act on Transparent Supervision Financial Markets.

12 This includes the DCB Suitability Policy Rule 2012, the ECB Guide to fit and proper assessments, the Joint European Securities and Markets Authority and European Banking Authority (EBA) Guidelines on the assessment of the suitability of members of the management body and key function holders under CRD IV and MiFID II, and the EBA Guidelines on internal governance.

13 DCB Q&A, position on the independent functioning of the supervisory board, June 2019.

14 Non-listed banks often voluntarily apply the Corporate Governance Code.

15 The previous Corporate Governance Code was applicable as of 1 January 2008. A revised Corporate Governance Code entered into force on 1 January 2017.

16 The original Banking Code was applicable as of 1 January 2010. A revised Banking Code entered into force on 1 January 2015.

17 Proposal for an act on further remuneration measures, July 2020.

18 ECB, Guide to the internal capital adequacy assessment process (ICAAP), November 2018.

19 DCB, Consultation Regulation on risk weighting for mortgage loans, October 2019.

20 DCB, Financial Stability Report Autumn 2021, October 2021.

21 DCB, 'DNB modifies the systemic buffer composition in line with the reviewed Capital Requirement Directive (CRD V)', November 2021.

22 ECB, recommendations on distribution policies of March, October and December 2020.

23 Section 3:63 et seq. of the Dutch Financial Markets Supervision Act (FMSA).

24 Regulation (EU) 2015/61.

25 ECB, Guide to the internal liquidity adequacy assessment process (ILAAP), November 2018.

26 Directive 2002/87/EC as amended by Directive 2011/89/EU.

27 Directive 2014/59/EU and Regulation (EU) 806/2014.

28 Directive (EU) 2019/879 and Regulation (EU) 2019/877.

29 DCB, Operation of the bail-in tool, December 2017.

30 Directive 2014/49/EU.

31 DCB Policy Rule on the Single Customer View, July 2017, and DCB first round of changes to Deposit Guarantee Scheme (DGS) rules, February 2019.

32 Act on the use of personal identification numbers in the DGS.

33 The Netherlands has chosen to apply the provisions implementing the Consumer Credit Directive to all credit agreements, including those with a value below €200 and above €75,000.

34 Directive 2008/48/EC.

35 Directive 2014/17/EU.

36 AFM, Guidance for the calculation of costs in case of early mortgage repayment, March 2017.

37 Decree concerning the costs of changing interest rates of mortgage credit.

38 Directive 2007/64/EC.

39 Directive (EU) 2015/2366.

40 The working group on application programming interfaces under PSD II.

41 Directive 2014/92/EU.

42 Directive (EU) 2018/843.

43 Act Implementing Changes to the Fourth Anti-Money Laundering Directive and the Bank Data Retrieval Portal Act.

44 DCB, Good practices – Customer tax integrity risk management, July 2019.

45 DCB, Financial Stability Report Autumn 2021, October 2021.

46 Directive (EU) 2017/2399.

47 Section 3:95 et seq. of the FMSA.

48 Section 1:1 juncto, Section 5:45 of the FMSA, pursuant to which the Dutch rules implementing the Transparency Directive (Directive 2004/109/EC) apply.

49 Draft Financial Markets Amendment Act 2021.

50 ECB letter SSM/2017/0140 of 31 March 2017.

51 These rules include that a proposed acquisition or merger of a bank that qualifies as a concentration under the Dutch or EU competition rules should be notified to and approved by the Dutch Authority for Consumers and Markets or the European Commission prior to completion.

52 On 30 June 2021, the proposal for the 'Investments, Mergers and Acquisitions Security Screening Bill' was sent to the House of Representatives for the next steps in the legislative process.

53 Section 3:36 of the FMSA.

54 DCB, Supervision Strategy 2021, May 2021.

55 AFM, Agenda 2022, January 2022.

56 ECB, SSM Supervisory Priorities for 2022–2024, January 2022.

57 DCB, Financial Stability Report Autumn 2021, October 2021.

The Law Reviews content