The Banking Regulation Review: Netherlands
The Netherlands has a long history as an open trading nation with household-name institutions such as ING Bank, cooperatively owned Rabobank and ABN AMRO operating worldwide. The Dutch banking sector is highly concentrated, with this same small group of systemically important banks accounting for the bulk of domestic lending and the lion's share of Dutch deposits. Measured against the size of the Dutch economy, the banking sector is large. In 2020, the size of its assets relative to the gross domestic product of the Netherlands amounted to approximately 340 per cent.2
The regulatory regime applicable to banks
i Basic structure of banking regulation
The Netherlands has a twin peaks supervision model, which focuses on system and prudential supervision on the one hand, and conduct of business supervision on the other. The European Central Bank (ECB) and the Dutch Central Bank (DCB) are the system and prudential supervisors. The responsibility for conduct of business supervision lies with the Netherlands Authority for the Financial Markets (AFM).
The regulatory rules applicable to banks are largely laid down in the Dutch Financial Markets Supervision Act (FMSA), which has been in force since 2007, and in the various decrees and regulations deriving from it. In view of its increasing complexity and difficulties in its compatibility with the sectoral approach of European legislation, preparations had been made for a thorough review of the design of the FMSA. However, these plans have been shelved until further notice in view of the complexity of such an exercise, the costs involved and the expected developments in the area.
The regulatory rules applicable to banks mostly derive from EU legislation. Many of the rules contained in the FMSA concern the implementation of EU directives.3 However, with the aim of further integrating the single market, regulatory requirements are increasingly adopted in the form of EU regulations.4 Of particular importance for the banking sector are the Capital Requirements Directive (CRD IV), as implemented in the FMSA, and the Capital Requirements Regulation (CRR). Both CRD IV and CRR were significantly amended in 2019 by the EU's Banking Reform Package, resulting in CRD V and CRR II.5 The changes have largely taken effect in December 2020 or will do so in June 2021.
ii Regulation of banks with a registered office in the Netherlands
Banks established in the Netherlands are required to obtain a banking licence from the ECB. The DCB is responsible for the processing of licence applications. To obtain a banking licence, banks must, inter alia, comply with the following requirements:
- the day-to-day policymakers of a bank and its management team members must be suitable for the banking business;6 in addition, the members of the supervisory board (or comparable body) should also be suitable for the performance of their supervisory tasks;
- the integrity of the persons determining or co-determining the day-to-day policy, the members of the management board and supervisory board (or comparable body) of the bank, must be beyond doubt;
- the bank must have sound and prudent business operations, including procedures and measures for adequate risk management and client acceptance;
- at least two natural persons should determine the day-to-day policy of the bank and perform their activities from within the Netherlands;
- the supervisory board (or comparable body) should consist of at least three persons;
- the bank must have a transparent control structure safeguarding adequate supervision; and
- the bank must comply with minimum own funds, solvency and liquidity requirements.
Once a licence has been granted, a bank must continue to comply with these requirements. Dispensation may be granted from certain specific requirements for obtaining a banking licence provided the applicant demonstrates that he or she cannot reasonably comply with the requirements, and that the objectives the requirements seek to protect can be achieved through alternative means. To stimulate innovation in the financial sector, the DCB, since 2017, is also open, where appropriate, to more tailor-made solutions for innovative products, services or business models through its regulatory sandbox.7
The formal application period for a banking licence is 26 weeks. As part of the application process, applicants must, inter alia, prepare an exit plan, which should identify how the applicant could cease its banking operations in an orderly manner when so required. The ECB has also published two guides detailing the process and requirements for acquiring a banking licence in the eurozone.8
If a bank wishes to render investment services or perform investment activities in the Netherlands, it must apply for a wider banking licence. In this case, there are additional requirements that relate to the conduct of business requirements with which investment firms need to comply. A licensed bank does not need a separate licence for the provision of payment services or certain other financial services also regulated under the FMSA, such as the offering of (consumer) credit, providing advice about financial products (other than financial instruments) and acting as an intermediary with respect to such products. The services involved, however, need to be covered by the banking licence, and the bank involved is subject to additional conduct of business rules when offering such services (see Section IV).
The FMSA contains a separate regime for credit unions, defined as cooperatives of members sharing a certain profession or business that take repayable funds from their members and grant credits for their own account to their members for the purposes of their profession or business.
iii Regulation of foreign banks and activities
In general, branches of foreign banks established to carry out regulated banking activities in the Netherlands are subject to the same licence requirements and ongoing obligations as banks with a registered office in the Netherlands. However, foreign banks with their registered office in another EU or European Economic Area (EEA) Member State may conduct banking activities through a branch office or on a cross-border basis in the Netherlands using a European passport. On this basis, banks from other eurozone countries may conduct banking activities in the Netherlands under their ECB banking licence, provided the ECB has been notified thereof. Similarly, banks with their registered office in an EU or EEA Member State that is not a eurozone country may conduct banking activities in the Netherlands under their home Member State banking licence following a notification procedure in their home Member State. Those non-eurozone banks holding a European passport in the Netherlands are directly supervised by the ECB. The DCB remains responsible for the supervision of non-EEA banks that have established a branch or provide cross-border services in the Netherlands.
i Relationship with the prudential regulator
The ECB is the prudential supervisor of the most significant Dutch banks, while the DCB is the direct supervisor of less significant banks.9 The ECB has far-reaching investigatory and supervisory powers under the Single Supervisory Mechanism (SSM) Regulation.10 In addition, the ECB has at its disposal the supervisory powers granted to the DCB under the FMSA. To the extent necessary to carry out the tasks conferred on it by the SSM Regulation, the ECB may require the DCB to use these powers. The ECB is also exclusively responsible for the withdrawal of a banking licence of both significant and less significant Dutch banks.
The DCB will, in principle, exercise its enforcement powers under the FMSA regarding the banks that are identified as less significant. Under the FMSA, the DCB is entitled to enter any place for inspection and may request information from any party. The DCB is also entitled to request business data and documents for inspection and to make copies of these. Everyone is obliged to fully cooperate with the DCB.
If the DCB concludes that a bank has violated a rule under the FMSA or an EU regulation, it may take enforcement action. The DCB can choose from various enforcement measures and sanctions, including but not limited to:
- imposing a certain course of action to comply with the FMSA (instruction order);
- appointing one or more persons as trustee over all or certain bodies or representatives of a bank;
- imposing a particular duty, backed by a judicial penalty for non-compliance;
- imposing an administrative fine;
- publishing an imposed duty or fine on the DCB's website and by press release;
- imposing a suspension of voting rights of shareholders or partners responsible for a breach of a bank's licence or declaration of no objection requirement (see Section VI);
- imposing a temporary ban against a natural person from exercising his or her functions; and
- imposing higher solvency or liquidity requirements and the termination of banking business activities with a high risk to the solidity of the banks.
The liability of the DCB (and the AFM) under the FMSA is limited to wilful misconduct and gross negligence. The DCB (and the AFM) has had extensive powers to publish warnings and decisions in the event of infringements of the FMSA and to periodically publish overviews of key data of individual banks.11
ii Management of banks
Most Dutch banks are limited liability companies. Although a statutory basis exists for the creation of a one-tier board structure, limited liability companies in the Netherlands traditionally have a two-tier board structure composed of a managing board and a supervisory board. The managing board is responsible for carrying out the company's day-to-day affairs. As such, a bank's managing board is responsible for compliance with the FMSA. Rules on managing and supervisory boards and their members are set out in great detail in various EU, ECB and DCB guidelines.12 They contain guidance as regards, inter alia, integrity and suitability, sufficient time commitment, independence, supervisory board committees and their composition, and on the maximum number of executive and non-executive positions a board member may hold. The DCB also has a specific position in relation to the independence requirements of members of a bank's supervisory board.13
The managing and supervisory boards are jointly responsible for compliance (on a comply or explain basis) with the Dutch Corporate Governance Code (if applicable) and the Dutch Banking Code. Adherence to the former is mandatory for listed Dutch banks.14 It includes principles that are held to be generally accepted, as well as detailed best practice provisions relating to both managing and supervisory boards, general meetings, the auditing process and the external auditor.15 The Banking Code contains principles that are based on the Corporate Governance Code, but focuses on the managing and supervisory boards, risk management, auditing and remuneration policy of banks.16 The Banking Code applies to all banks with a banking licence under the FMSA, and compliance is monitored by a special monitoring commission. The Dutch Banking Association recommends that the Banking Code be applied by all entities that operate in the Netherlands (irrespective of their country of incorporation), including banks operating under a European passport.
Restrictions on remuneration
A far-reaching act on financial sector remuneration has been in force since 2015. One of the most important restrictions is the bonus cap, which holds that the variable remuneration of all persons working under the responsibility of banks with their registered office in the Netherlands, and Dutch branches of banks outside the EEA, may not exceed 20 per cent of the fixed component. Several exceptions apply, including for persons working predominantly in another country, for persons working for the EEA top holding of a group whose staff work predominantly in another country, for persons falling outside the scope of collective labour agreements and, subject to approval by the DCB or the ECB, for retention bonuses. In such cases, the maximum variable remuneration is as set out in CRD IV: 100 per cent of the fixed component or, depending on the exception, 200 per cent subject to shareholder approval.
Severance payments are also restricted. Moreover, the supervisory board may (and under certain circumstances must), inter alia, claw back bonuses where payment was based on incorrect information or the non-achievement of underlying objectives, and revise bonus payments if these were unacceptable according to standards of reasonableness and fairness. The rules also provide for a statutory ban on bonuses for management (and certain others) of state-aided banks. In 2017, the DCB introduced a tweak to the bonus cap in that the international holding exemption would be available not only to Dutch global top holdings of financial groups but also to EEA top holdings, thus making the Netherlands more attractive for EEA top holdings of non-EEA financial groups.
Following an evaluation of the remuneration rules in 2018, the Minister of Finance submitted a legislative proposal to parliament in July 2020 that would introduce a number of restrictions to fixed pay, in addition to the existing restrictions of variable pay discussed above.17 Directors and employees in the financial sector who receive part of their fixed pay in shares or similar instruments whose value depends on the performance of the company will have to retain these for at least five years. Furthermore, financial undertakings will have to describe in their remuneration policy how the remuneration of their directors and employees is proportional to the firm's role in the financial sector and its position in society. Finally, the exception from the bonus cap for persons falling outside the scope of collective labour agreements will be restricted. The next evaluation will be scheduled in 2023.
iii Regulatory capital and liquidity
Rules of prudential supervision are provided for in the CRR and its various regulatory and implementing technical standards on a European level, and in the FMSA, the Decree on Prudential Supervision FMSA and regulations issued by the DCB on a national level. These rules relate to, inter alia, regulatory capital, liquidity and additional supervision with respect to financial conglomerates.
Licensed banks are required to be sufficiently capitalised. A bank's capital is sufficient if the bank complies with the requirements set out in Part 3 of the CRR. These requirements include both quantitative requirements (i.e., a Common Equity Tier 1 (CET1) capital ratio of 4.5 per cent of the bank's risk-weighted assets (RWA), a Tier 1 capital ratio of 6 per cent of a bank's RWA and a total capital ratio of 8 per cent of a bank's RWA) and qualitative requirements (conditions that own-fund items and subordinated liabilities must meet to qualify as CET1 capital, Additional Tier 1 capital or Tier 2 capital). The DCB or the ECB also impose an additional bank-specific Pillar 2 buffer following the supervisory review and evaluation process when they identify risks not adequately covered by the standard capital requirements. In addition, the DCB and the ECB also communicate their expectations for banks to hold additional own funds in the form of capital guidance. In 2018, the ECB published guidance setting out its expectations of banks' internal capital adequacy assessment process.18
In view of the systemic risk in the Dutch housing market, in October 2019 the DCB also consulted on a measure introducing a capital floor to the risk weighting of mortgage loans.19 The measure was expected to enter into force in the course of 2020 but has been postponed in view of the coronavirus pandemic until at least the end of 2021. The DCB clarified that the measure will not come on top of the similar capital floor that will be introduced by the Basel III reform package.
CRD IV prescribes four capital buffers:
- a capital conservation buffer equal to 2.5 per cent CET1 capital;
- an institution-specific countercyclical capital buffer (CCyB) of, in principle, between zero and 2.5 per cent CET1 capital;
- a global systemically important institutions (G-SII) buffer of, in principle, between 1 per cent and 3.5 per cent CET1 capital; or an other systemically important institutions (O-SII) buffer of, in principle, between zero and 2 per cent CET1 capital; and
- as a Member State option, a systemic risk buffer (SRB) of, in principle, between 1 per cent and 3 per cent CET1 capital.
Previously, with regard to the G-SII, O-SII and SRB, in principle only the highest of the three applied. Since December 2020, however, under CRD V, the G-SII or O-SII buffer has become cumulative to the SRB. To keep capital requirements constant, the DCB has indicated that it will reduce the SRB to zero per cent and apply O-SII buffers of 2.5 per cent to ING, 2 per cent to Rabobank, 1.5 per cent to ABN AMRO and maintain an O-SII buffer of 1 per cent for de Volksbank and BNG Bank. In the Netherlands, the G-SII buffer only applies to ING (1 per cent). In addition, the DCB has indicated that it will gradually increase the CCyB, which has been at zero per cent since its introduction in 2016, to 2 per cent.
Banks can be subject to a combination of buffers, referred to as the combined buffer requirement. When banks fail to meet the combined buffer requirement, specific restrictions apply and certain measures may be imposed, such as a limitation to make distributions or payments in connection with their CET1 and Additional Tier 1 instruments, and the required production of a capital conservation plan.
In normal times, restrictions to distributions only apply if banks fail to meet the combined buffer requirement, as set out above. In March 2020, however, the ECB strongly recommended that banks do not pay out dividends for the financial year 2019 and 2020 and refrain from share buy-backs aimed at remunerating shareholders. Instead, banks were to conserve capital to retain their capacity to support the economy in an environment of heightened uncertainty caused by the covid-19 crisis.20 This recommendation was extended in October 2020. In December 2020, the ECB recommended that banks continue to refrain from paying out dividends until at least September 2021, although subject to conditions, dividends of up to 15 per cent of profits could be made. The recommendations are also applied by the DCB.
Banks must hold a sufficient amount of liquid assets.21 On the basis of the CRR, two liquidity requirements apply: the liquidity coverage ratio (LCR) and stable funding requirements. The LCR, as further specified in the LCR delegated regulation, has a binding minimum of 100 per cent.22
For the stable funding requirement, only a general rule currently exists, requiring institutions to ensure that their long-term obligations are adequately met with a diversity of stable funding instruments under normal and stress conditions. A binding minimum standard for a net stable funding ratio (NSFR) of 100 per cent is included in CRR II and will become applicable as of June 2021.
In addition to these requirements, the DCB normally also imposes bank-specific liquidity requirements as part of a bank's Pillar 2 requirement, such as regarding specific liquidity survival periods and diversification of sources of funding and liquidity, including through an NSFR proxy requirement. In November 2018, the ECB published a guide to the internal liquidity adequacy assessment process for significant banks.23
Banks are required to calculate their leverage ratios in accordance with the methodology set out in Part 7 of the CRR, report them to the relevant supervising authority and disclose them. CRR II introduces a binding minimum leverage ratio of 3 per cent, which will become applicable as of June 2021. In addition, CRR II introduces an additional leverage ratio buffer requirement for G-SIIs, applicable as of January 2022. The Dutch government has argued for the extension of this buffer to O-SIIs. However, CRR II only includes an instruction to the Commission to carry out an appropriateness study for such extension.
Consolidated application of regulatory capital and liquidity requirements
The above-mentioned capital, liquidity and leverage requirements apply to banks on both an individual and consolidated basis. The DCB or ECB may, when certain criteria are met, waive the requirement to comply on an individual basis. The capital and leverage requirements apply on the basis of the consolidated situation of a bank's highest holding entity in each Member State and in the EU as a whole. The liquidity requirements must be met on the basis of the consolidated situation of the highest holding entity in the EU. In addition, the application of the capital requirements on a sub-consolidated basis applies in the case of subsidiary banks, investment firms and financial institutions in a third country.
Since December 2020, CRD V has brought financial holding companies and mixed financial holding companies directly within the scope of the EU prudential framework by introducing an approval requirement along with direct supervisory powers. These holdings will become directly responsible for ensuring compliance with regulatory requirements on a consolidated level. An exemption from the approval requirement is available under conditions, including that the holding company's activities are limited to acquiring holdings and that it does not engage in management, operational or financial decisions affecting the group.
Supplementary supervision of banks in a financial conglomerate
The Financial Conglomerates (FICO) Directive was implemented in the FMSA and the Decree on Prudential Supervision of Financial Groups FMSA.24 The FICO Directive introduced the supplementary supervision of banking (insurance and investment) activities carried out in a financial conglomerate. The rules relate, inter alia, to supplementary capital adequacy requirements, risk concentration, intra-group transactions, internal control mechanisms and risk management processes. The holding company of a financial conglomerate must calculate the supplementary capital adequacy in accordance with certain methods described under the FMSA.
iv Recovery and resolution
Bank Recovery and Resolution Directive and Single Resolution Mechanism Regulation
The Dutch Act implementing the Bank Recovery and Resolution Directive (BRRD) entered into force in 2015, and the Single Resolution Mechanism Regulation (SRMR) became fully applicable in 2016.25 These two legal acts, with the international agreement on the transfer and mutualisation of contributions to the Single Resolution Fund, provide a comprehensive European framework for the recovery and resolution of banks. Both the BRRD and the SRMR were amended in 2019 by the Banking Reform Package, resulting in BRRD II and SRMR II.26 The amendments, in particular, included a substantial revision of the minimum requirement for own funds and eligible liabilities (MREL) requirements, so as to align them with the international standard for total loss-absorbing capacity (TLAC) set by the Financial Stability Board. The changes took effect for G-SIIs in June 2019 and for other banks in December 2020.
The rules aim to ensure that:
- banks and authorities make adequate preparation for crises;
- supervisory authorities are equipped with the necessary tools to intervene at an early stage when a bank is in trouble;
- resolution authorities have the necessary tools to take effective action when bank failure cannot be avoided, including the power to bail-in creditors; and
- banks contribute to an ex ante funded resolution fund.
The DCB has been designated as the national resolution authority for the Netherlands. However, on the basis of the Single Resolution Mechanism, for significant banks and other cross-border groups in the eurozone, the Single Resolution Board (SRB) is the competent resolution authority in cooperation with the national resolution authorities. In a 2017 communication, the DCB set out a number of technical details on how it intends to use the bail-in tool.27 For example, conversion of liabilities by bail-in will result in the creation of claim rights, which are transferable and entitles holders to new shares once issued.
During the course of 2020, the SRB and the DCB continued the process of drafting resolution plans for the major Dutch banks and of setting each bank's MREL requirements. The SRB also continued to further develop its MREL policies in line with the requirements of BRRD II and SRMR II. In December 2020, the Eurogroup agreed to introduce a 'common backstop' to the Single Resolution Fund in the form of a revolving credit line from the European Stability Mechanism.
The Dutch deposit insurance framework is based on the (third) Deposit Guarantee Scheme (DGS) Directive, which has been in force since 2015.28 The framework comprises an ex ante funded guarantee scheme to which banks must contribute on a quarterly basis. The fund should reach a target level of 0.8 per cent of insured deposits. The guarantee covers natural persons and businesses, with the exception of financial undertakings and governments, for an amount up to €100,000. The DCB adopted a number of more detailed rules in relation to the Dutch DGS. Most importantly, the DCB introduced a new payout system in which banks must compile and deliver a uniform single customer view, containing an overview of customers' deposits and other relevant data. The new system will enable the DCB to meet the requirement of the DGS Directive that, by 2024, the payout of insured deposits must be made within seven business days of a bank's failure.29 In August 2019, an act supported by the Dutch banking sector entered into force clarifying that banks can use customers' personal identification numbers in implementing their DGS obligations.30
Progress on the European Commission's proposal for a European Deposit Insurance Scheme, first circulated in 2015 to reinforce deposit protection by mutualising national deposit guarantee funds in the eurozone, remained slow in 2020, as it had been in previous years. A number of Member States, including the Netherlands, insist that further risk reduction must precede further risk sharing.
Dutch Intervention Act
The Dutch Intervention Act grants powers to the Minister of Finance to take emergency measures in times of serious and immediate danger to the stability of the financial system. These include the temporary suspension of shareholder voting rights, the suspension of management or supervisory board members, and the expropriation of assets or liabilities of a bank or its parent companies with a corporate seat in the Netherlands.
Conduct of business
i Conduct of business rules
Conduct of business rules for banks are, for the most part, set forth in the FMSA. Compliance with most conduct of business rules is supervised by the AFM. These rules mostly relate to the activities of a bank as a provider of lending and deposit services, payment services, investment services and other financial services. These rules concern, inter alia, client classification requirements, the provision of information, know-your-customer requirements, conflicts of interest, best execution, inducement order handling and complaints handling.
ii Consumer and mortgage credit
Under the FMSA, banks must comply with certain conduct of business rules when offering credit to consumers. Irrespective of the credit amount, additional requirements may apply to banks (and other entities) pursuant to both the Dutch Civil Code and the Act on Consumer Credit.31 The additional rules stem mainly from the implementation of the Consumer Credit Directive.32 These rules relate to the civil law relationship between the bank and the consumer or borrower, and include requirements with respect to pre-contractual information, the form and contents of the credit agreement, and the consumer's right to rescind a credit agreement up to 14 calendar days after entering the agreement. Violation of the rules may lead to civil liability. When offering consumer credit, banks must also take into account the 2012 Code of Conduct for Consumer Credit as drawn up by the Dutch Banking Association.
The FMSA and the Civil Code contain specific rules in relation to retail mortgage loans, stemming mainly from the implementation of the Mortgage Credit Directive.33 The rules concern, inter alia, creditworthiness assessments, information obligations and consumer rights in cases of early repayment and arrears and foreclosures. The AFM has provided further guidance on costs that may be imposed in the case of early repayment, requiring banks to also revisit calculations of mortgages provided since 2016.34 In 2019, limitations were also introduced to the costs banks can charge customers when they change their interest rate during a fixed-interest period.35
iii Payment services
The DCB supervises payment institutions as well as the provision of payment services by banks. As a result of the implementation of the first Payment Services Directive,36 payment service providers are subject to certain conduct of business requirements under both the FMSA and the Civil Code. The rules in the Civil Code relate to the civil law relationship between a payment service provider and client, including:
- the payment service contract governing the execution of payment transactions;
- the amendment and termination of such a contract;
- the required consent of the payer regarding the execution of a payment transaction;
- the right of withdrawal;
- the maximum period to execute payment transactions; and
- costs and liability.
The AFM supervises compliance with all conduct of business rules, including those under the Civil Code. The Dutch Authority for Consumers and Markets supervises competition issues relating to access to payment systems.
The act implementing the second Payment Services Directive (PSD2) belatedly entered into force in 2019. PSD2 modernised the rules on payment services by opening the EU payment market to payment initiation service providers, introducing new security requirements and enhancing consumer rights.37 In the course of 2019, the European Banking Authority published various clarifications to issues relating to application programming interfaces under PSD2 raised by the working group established for that purpose.38
The rules implementing the Payment Accounts Directive, in force since 2016, contain requirements for banks and payment service providers on transparency and comparability of fees, and on the facilitation of access to, and switching between, payment accounts.39
iv Anti-money laundering and terrorist financing
Pursuant to the Dutch Prevention of Money Laundering and Terrorist Financing Act, licensed banks (and other financial institutions) are subject to a number of obligations so as to prevent money laundering and terrorist funding. Adequate client identification forms an important part of these obligations. Banks must identify clients with whom they intend to establish a continuing business relationship in the Netherlands, or with whom they enter into an incidental transaction, or a series of related transactions, worth €15,000 or more. If a bank suspects that a transaction is related to money laundering or terrorist financing, the Financial Intelligence Unit (FIU) of the Netherlands must be notified. The FIU is designated to receive information relating to suspicious transactions, to investigate and, if necessary, to report the transactions to the Public Prosecutor to initiate criminal proceedings. In 2018, anti-money laundering (AML) rules implementing the fourth Anti-Money Laundering Directive entered into force. These rules facilitate the work of FIUs in identifying and following suspicious transfers and in the exchange of information between FIUs, and established a harmonised policy towards non-EU countries with deficient AML regimes. An ultimate beneficiary owners (UBOs) register, a mandatory centralised register with information on all UBOs, was established in the Netherlands in July 2020.
In 2018, the fifth Anti-Money Laundering Directive was adopted.40 The Directive extended the scope of the rules to virtual currencies and prepaid cards, further enhanced the role and powers of the national FIUs, and provided clearer rules on the nature of and access to UBO information. The Directive also introduced a requirement to establish a centralised data retrieval portal through which authorities can get timely and automatic access to information on bank accounts. The Act for the implementation of most aspects of the fifth Anti-Money Laundering Directive entered into force in May 2020. The centralised data retrieval portal was implemented through a separate act that entered into force in September 2020.41
Meanwhile, following a number of money laundering scandals across Europe in recent years, AML remains high on the agenda of both legislators and regulators. On a national level, in June 2019 the Ministers of Finance and Justice published an AML action plan. It is expected that in early 2021 a proposal for an act will be submitted to Parliament with various new measures to fight money laundering, including limiting the use of cash transactions to €3,000 and allowing banks to engage in the joint monitoring of transactions. Other measures proposed as part of the AML action plan include bolstering of enforcement through the creation of multidisciplinary intervention teams and the sharing of police information with banks. In addition, in 2019 the DCB published good practices for banks on customer tax integrity risk management.42 On a European level, in May 2020 the Commission adopted an EU AML action plan built on six pillars, including a single EU rule book, EU level supervision and an improved cooperation mechanism for financial intelligence units.
v Bankers' oath, code of conduct and disciplinary measures
Dutch banks must ensure that all persons with an employment contract with them, or who otherwise carry out activities that are part of the operation of a banking business or its essential supporting business processes, take the bankers' oath. The bankers' oath is linked to the bankers' code of conduct and a set of disciplinary measures. A foundation established by the Dutch Banking Association supervises compliance with the code of conduct, and can impose disciplinary measures, including reprimands, fines and a temporary ban from carrying out a function in the banking sector. The foundation's disciplinary commission deals with an increasing number of cases and frequently hands out disciplinary measures, in many cases a reprimand or a temporary ban from working in the banking sector.
vi Banking secrecy
There is no specific legal provision on banking secrecy in the Netherlands. As a general principle, Dutch law requires banks to keep all client data confidential. This requirement has various sources of origin, including custom, general principles of contract law (i.e., reasonableness and fairness) and the obligation of due care, which stems in turn from the general banking conditions used by most banks in the Netherlands. Several exceptions to the banking secrecy requirement apply. The more general exception provides that a bank is authorised to disclose client data to third parties, including regulatory authorities or supervisors, if it is under a statutory obligation to do so (see Section III.i). Violation of banking secrecy may result in civil liability as a result of a breach of contract or, as the case may be, tort law. Obviously, and perhaps more importantly, violating bank secrecy may also lead to reputational damage.
Dutch banks raise funds from different sources, including deposits (corporate and non-corporate), interbank transactions (including ECB transactions) and capital markets funding. In general, Dutch banks are more dependent on financing through the financial markets than other European banks. This is because they lend more than banks in other countries, which is due, inter alia, to above-average high mortgage loans. In combination with a relatively large financial sector in the Netherlands, the relatively high loan-to-deposit ratio caused Dutch banks to be vulnerable to problems in the capital markets. In recent years, however, the loan-to-deposit ratio has gradually decreased.43
Over recent years, Dutch banks have increased their capital ratios up to the new requirements, largely by de-leveraging and de-risking their balance sheets and by retention of profits. However, in recent years many Dutch banks have also launched successful issues of Additional Tier 1 instruments to meet the new leverage ratio and MREL requirements (see Section III.iv).
Since 2018, as a result of the Directive regarding the ranking of unsecured debt instruments in the insolvency hierarchy,44 banks can issue senior non-preferred (SNP) or Tier 3 debt, to fulfil their MREL or TLAC requirement. This SNP debt ranks junior to senior debt, but senior to subordinated debt and capital instruments. A number of Dutch banks, including Rabobank and ABN AMRO, have included the possibility of issuing SNP notes in their funding programmes.
Control of banks and transfers of banking business
i Control regime
Supervision of participations in banks
Each person who holds, acquires or increases a qualifying holding in a bank with a corporate seat in the Netherlands requires a declaration of no objection (DNO) from the ECB.45 The DCB is responsible for processing the DNO application. A qualifying holding is a direct or indirect holding of 10 per cent or more of the issued share capital of the bank, direct or indirect voting power, or a right to exercise equivalent control. This definition is subject to certain aggregation principles: for instance, voting rights held through subsidiary companies or voting agreements are to be included.46 A DNO will be refused if:
- the integrity of the proposed acquirer or the persons who, as a result of their qualifying holding, can determine the day-to-day policy of the bank is not beyond doubt;
- the proposed acquirer, taking into account his, her or its reputation, or the persons who, as a result of their qualifying holding, will determine the day-to-day policy of the bank, are not fit;
- the financial soundness of the proposed acquirer, in particular in relation to the business activities of the bank, is not beyond doubt;
- the qualifying holding would constitute an impediment for the bank to comply with the prudential requirements to which it is subject;
- there are reasonable grounds to suspect that, in connection with the acquisition of the qualifying holding, money laundering or terrorist financing is being or has been committed or attempted, or that the proposed acquisition could increase the risk thereof; or
- the information provided by the proposed acquirer is incorrect or incomplete (e.g., in the event of a proposed participation of more than 50 per cent, the applicant must submit a detailed business plan with its application for a DNO).
Where the applicant for a DNO is a legal entity, the integrity of all its directors and other persons, if any, who can determine or co-determine the day-to-day policy of the applicant is tested. An additional DNO must be obtained for every subsequent increase as a result of which a threshold of 20 per cent, 33 per cent, 50 per cent or 100 per cent is reached or passed. In 2016, the European supervisory authorities jointly issued guidelines with detailed further rules for assessing qualifying holdings in banks, including as regards the concepts of acting in concert and indirect acquisitions.
On the basis of Dutch law, the applicant can request a bandwidth DNO. As long as the qualifying holding remains within the range granted, no additional DNO needs to be obtained for any subsequent increase as a result of which a threshold is reached or passed; only a notification needs to be made.
Applicants can also request a group DNO, which extends to all companies within a group collectively, and means no additional DNOs are required for transfers of qualifying holdings within a group. In this case, the DCB also assesses the financial soundness of the acquirer's group entities. In 2019, the Minister of Finance published for consultation a draft act clarifying the notification obligation that is applicable in the case of changes to the holding within a group with a group DNO.47 If any control relating to a qualifying holding is exercised without having been granted a DNO or in violation of any conditions attached to a DNO, the resolution adopted will be liable for nullification.
In December 2020, the SRB published a paper outlining its expectations for ensuring the resolvability of banks engaging in mergers and acquisitions and other corporate transactions. While this does not amount to a formal approval requirement, the SRB intends to play an active role in such transactions and expects strong engagement from the relevant banks when preparing such transactions.
Supervision of holdings by and restructuring of banks
In addition to the rules regarding holdings in banks, a bank with a corporate seat in the Netherlands must also obtain a DNO for:
- acquiring or increasing a qualifying holding in another bank, investment firm, insurance company or financial institution with a corporate seat outside the EU or the EEA, unless the balance sheet total of the bank or insurance company involved does not exceed 1 per cent of the consolidated balance sheet total of the acquiring or increasing bank;
- acquiring or increasing a qualifying holding where the target is not a bank, investment firm, insurance company or financial institution, if the total price paid for the holding amounts to 1 per cent or more of the consolidated balance sheet total of the bank;
- acquiring the whole, or a substantial part, of the assets and liabilities of another enterprise or institution, unless the total amount of the assets or liabilities to be taken over does not exceed 1 per cent of the existing consolidated own funds of the bank; or
- undertaking a financial or corporate restructuring of its own business.
For significant banks, the ECB is the competent authority in relation to the above-mentioned DNOs. For non-significant banks, the DCB remains competent.48
ii Transfers of banking business
Apart from the rules as set out under the FMSA and the competition rules,49 there are currently no legal provisions in the Netherlands specifically aimed at prohibiting or limiting the transfer of a banking business by either Dutch or foreign entities. In September 2020, however, the government published for consultation a proposal for an act on screening of foreign investments. The aim of the proposal is to protect national security by introducing an assessment of activities that lead to changes in control of, or influence on, companies that operate in critical processes or have sensitive technology. It is not yet known whether (and if so under which criteria) banks will be designated as operating in critical processes.
The transfer of a banking business is subject to the general rules of Dutch civil and corporate law, including rules on legal mergers and divisions and on transfers of assets and liabilities. Although cooperation and cross-participation are permitted in the Netherlands, a merger into a single legal entity of a bank and an insurance company is prohibited.50
The year in review
2020 was dominated by the covid-19 crisis, including in regulatory terms. In response to the crisis, various regulatory relief measures were taken by legislators and supervisors alike to help banks ensure that they could continue lending to the real economy. This included, in particular, the relief package of the ECB of March 2020, which allowed banks to temporarily operate below their required level of capital and liquidity buffers and granted some relief in the composition of the Pillar 2 capital requirement. Banks were also encouraged to extend payment moratoria to their customers, and the CRR II was amended by a 'quick fix regulation' to alleviate the impact from expected credit-loss provisioning under IFRS 9 and the granting of preferential treatment to non-performing exposures guaranteed by the public sector. In addition to dealing with covid-19, banks had to implement the requirements of CRR II and CRD V, as well as continue their efforts to meet the ever-increasing expectations of legislators and supervisors in relation to integrity risk and, in particular, anti-money laundering.
The performance of Dutch banks was also severely affected by the covid-19 crisis, although its impact differed for each bank. All banks took higher credit provisions, but while ING did reasonably well with a mere 17 per cent decrease in profits, Rabobank's profits were halved, while ABN AMRO made its first loss since the financial crisis, partly due to exposure to several large foreign fraud and bankruptcy cases in the corporate banking division. The impact of the crisis in 2020 was mitigated by effective government measures supporting the real economy and by a housing market that continued to boom. All banks announced further lay-offs and the closure of branches due to further digitisation of banking services, which the pandemic only accelerated. The continued low interest rate environment and increasing competition from non-bank parties put further pressure on Dutch banks' business models.
2020 was another uneventful year in terms of transactions. The Dutch state did not sell its stakes in ABN AMRO or de Volksbank, in which it continues to hold 56 per cent and 100 per cent, respectively. Both banks also announced new strategies. ABN AMRO has shed its global ambitions and will focus on attractive segments in the Netherlands and north-west Europe, as well as increasing its focus on sustainability and simplifying its operating model. ABN AMRO also terminated its MoneYou activities, selling the platform to fintech TM-Pro. De Volksbank stated that it will aim for growth by 'strengthening the customer relationship and further increasing social impact'. Van Lanschot Kempen acquired Hof Hoorneman, further consolidating the market for wealth management. NIBC Bank was acquired by Blackstone, in a deal that had to be renegotiated following the outbreak of covid-19.
Outlook and conclusions
2021 remains a very uncertain year for banks. While during 2020 the impact of the covid-19 crisis on banks' balance sheets was significantly mitigated by government measures, these measures are expected to end in 2021, potentially resulting in a significant deterioration of banks' asset quality. At the same time, banks now have a good understanding of the sectors that are most affected by covid-19 and may be increasingly capable of containing the fallout. Much will also depend on the recovery of the economy once society opens up following the roll-out of vaccines later in the year. Apart from covid-19, the main challenges come from low interest rates and competition in some markets from non-bank players. For ABN AMRO, a large fine for infringements of money laundering legislation is expected, similar to the one imposed on ING in 2018.
Similar to previous years, the DCB has indicated supervision focus in 2021 will be on responding to technological innovation, commitment to sustainability and future orientation, and combating financial and economic crime.51 The focus of the AFM will be largely on the same themes.52 The ECB will focus on four priority areas materially affected by the covid-19 crisis: credit risk management, capital strength, business model sustainability and governance.53
In terms of new regulatory requirements, banks will continue to work on the implementation of the EU Banking Reform Package, a major part of which will enter into force in June 2021. This is due to be followed in the coming years by the implementation of the Basel standards agreed in December 2017. This will include the new capital floor based on standardised approaches, which will have a big impact on Dutch banks' capital requirements due to its treatment of mortgage-backed exposures. However, the long phase-in agreed by the Basel Committee will ease its impact.
Finally, another continuing effort in 2021 will be the transition of financial contracts to risk-free rates. Banks will also need to start implementing various new sustainability risk management and reporting requirements, including those of the Sustainable Finance Disclosure Regulation and the EU Taxonomy Regulation. In parallel to the implementation of these last outstanding elements of regulatory reform, attention is also increasingly being given to the review and recalibration of existing rules, as legislators and regulators take stock of the effects of the rules that have fully overhauled banking regulation since the financial crisis.
1 Mariken van Loopik is a partner and Maurits ter Haar is a senior associate at De Brauw Blackstone Westbroek.
2 Dutch Central Bank (DCB), Financial Stability Report Autumn 2020, October 2020.
3 Including the Capital Requirements Directive IV (Directive 2013/36/EU (CRD IV)), the Markets in Financial Instruments Directive II (Directive 2014/65/EU (MiFID II)), the Payment Services Directive 2 (Directive (EU) 2015/2366 (PSD2)), the Consumer Credit Directive (Directive 2008/48/EC), the Electronic Money Directive (Directive 2009/110/EC) and the Mortgage Credit Directive (Directive 2014/17/EU).
4 Including the Capital Requirements Regulation (Regulation (EU) No. 575/2013), the Markets in Financial Instruments Regulation (Regulation (EU) No. 600/2014), the Single Supervisory Mechanism Regulation (Regulation (EU) No. 1024/2013), the Single Resolution Mechanism Regulation (Regulation (EU) No. 806/2014), the Benchmarks Regulation (Regulation (EU) 2016/1011), the Packaged Retail and Insurance-based Investment Products Regulation (Regulation (EU) No. 1286/2014), the European Market Infrastructure Regulation (Regulation (EU) No. 648/2012), the Securities Financing Transactions Regulation (Regulation (EU) 2015/2365) and various delegated acts and regulatory and implementing technical standards.
5 Regulation (EU) 2019/876 and Directive (EU) 2019/878.
6 Since 2015, a bank's management team members (i.e., the bank's senior officers who work directly below the level of the day-to-day policymakers and who are responsible for those persons whose activities may have a material impact on the bank's risk profile) also need to be tested on their suitability and integrity. These tests are performed by the bank itself, with supplementary testing or checks, or both, by the DCB.
7 DCB and Netherlands Authority for the Financial Markets (AFM), 'More room for innovation in the financial sector, market access, authorisations and supervision', December 2016.
8 European Central Bank (ECB) guide to the assessment of licence applications, second revised edition, January 2019 and ECB guide to the assessment of fintech credit institution licence applications, March 2018.
9 ING Bank, ABN AMRO, Rabobank, de Volksbank, Nederlandse Waterschapsbank (NWB Bank), BNG Bank and LeasePlan are currently identified as significant banks.
10 The ECB may request information, conduct general investigations and carry out on-site inspections; it has substantial powers of early intervention and the right to impose fines and other administrative sanctions.
11 Act on Transparent Supervision Financial Markets.
12 This includes the DCB Suitability Policy Rule 2012, the ECB Guide to fit and proper assessments, the Joint European Securities and Markets Authority and European Banking Authority (EBA) Guidelines on the assessment of the suitability of members of the management body and key function holders under CRD IV and MiFID II, and the EBA Guidelines on internal governance.
13 DCB Q&A, position on the independent functioning of the supervisory board, June 2019.
14 Non-listed banks often voluntarily apply the Corporate Governance Code.
15 The previous Corporate Governance Code was applicable as of 1 January 2008. A revised Corporate Governance Code entered into force on 1 January 2017.
16 The original Banking Code was applicable as of 1 January 2010. A revised Banking Code entered into force on 1 January 2015.
17 Proposal for an act on further remuneration measures, July 2020.
18 ECB, Guide to the internal capital adequacy assessment process (ICAAP), November 2018.
19 DCB, Consultation Regulation on risk weighting for mortgage loans, October 2019.
20 ECB, recommendations on distribution policies of March, October and December 2020.
21 Section 3:63 et seq. of the Dutch Financial Markets Supervision Act (FMSA).
22 Regulation (EU) 2015/61.
23 ECB, Guide to the internal liquidity adequacy assessment process (ILAAP), November 2018.
24 Directive 2002/87/EC as amended by Directive 2011/89/EU.
25 Directive 2014/59/EU and Regulation (EU) 806/2014.
26 Directive (EU) 2019/879 and Regulation (EU) 2019/877.
27 DCB, Operation of the bail-in tool, December 2017.
28 Directive 2014/49/EU.
29 DCB Policy Rule on the Single Customer View, July 2017, and DCB first round of changes to Deposit Guarantee Scheme (DGS) rules, February 2019.
30 Act on the use of personal identification numbers in the DGS.
31 The Netherlands has chosen to apply the provisions implementing the Consumer Credit Directive to all credit agreements, including those with a value below €200 and above €75,000.
32 Directive 2008/48/EC.
33 Directive 2014/17/EU.
34 AFM, Guidance for the calculation of costs in case of early mortgage repayment, March 2017.
35 Decree concerning the costs of changing interest rates of mortgage credit.
36 Directive 2007/64/EC.
37 Directive (EU) 2015/2366.
38 The working group on application programming interfaces under PSD2.
39 Directive 2014/92/EU.
40 Directive (EU) 2018/843.
41 Act Implementing Changes to the Fourth Anti-Money Laundering Directive and the Bank Data Retrieval Portal Act.
42 DCB, Good practices – Customer tax integrity risk management, July 2019.
43 DCB, Financial Stability Report Autumn 2020, October 2020.
44 Directive (EU) 2017/2399.
45 Section 3:95 et seq. of the FMSA.
46 Section 1:1 juncto, Section 5:45 of the FMSA, pursuant to which the Dutch rules implementing the Transparency Directive (Directive 2004/109/EC) apply.
47 Draft Financial Markets Amendment Act 2021.
48 ECB letter SSM/2017/0140 of 31 March 2017.
49 These rules include that a proposed acquisition or merger of a bank that qualifies as a concentration under the Dutch or EU competition rules should be notified to and approved by the Dutch Authority for Consumers and Markets or the European Commission prior to completion.
50 Section 3:36 of the FMSA.
51 DCB, Supervision Outlook 2021, January 2021.
52 AFM, Agenda 2021, January 2021.
53 ECB, SSM Supervisory Priorities 2021, January 2021.