In recent years, internal governance issues have received increasing attention from various international bodies. Their main effort has been to correct the institutions’ weak or superficial internal governance practices as these faulty practices, while not a trigger for the financial crisis, were closely associated with it and were questionable.

In this regard, in September 2011 the EBA published its Guidelines on internal governance (GL 44) with the objective of enhancing and consolidating supervisory expectations and improving the internal governance framework. Nonetheless, in order to address the potentially detrimental effects of poorly designed corporate governance arrangements on the sound management of risk, and to take into account the new requirements introduced in the CRD in this area, the EBA is updating its GL 44.

In this context, the EBA published in October 2016 a Consultation Paper on draft Guidelines on internal governance that intends to update the GL 44. These draft GL put more emphasis on the duties and responsibilities of the management body in its supervisory function in risk oversight. In particular, this document covers the following aspects:

  • The role of the management body regarding internal governance.
  • The internal governance policy, risk culture and business conduct.                               
  • The internal control framework.
  • The principles of proportionality and transparency that will be applied to the internal governance framework.

This technical note elaborated by the R&D area of Management Solutions includes an analysis of the requirements arising from the CP GL on internal governance and sets out the implications for institutions.


Executive summary


These GL on internal governance provide guidance on the following aspects: i) role of the management body; ii) internal governance policy, risk culture and business conduct; iii) internal control framework; and iv) principles applied to the internal governance framework.


Scope of application


These GL are addressed to institutions subject to the CRD IV and to competent authorities.


Main content
 

  • Role of the management body regarding internal governance: duties and responsibilities of the management body, supervisory and management function, chair of the management body, organisational framework and structure, and committees.
  • Internal governance policy, risk culture and business conduct: internal governance policy (including in a group context), risk culture, corporate values and code of conduct, conflicts of interest, internal alert procedures, reporting of breaches to CAs, and outsourcing policy.
  • Internal control framework: internal control functions (risk management function, compliance function and internal audit function), risk management framework, new products and significant changes, and business continuity management.
  • Principles of proportionality and transparency applied by institutions when defining their internal governance framework.


Download the technical note by clicking here.