A. Corporate structure and organisation
B. Management body
C. Risk management
D. Internal control
E. Information systems and business continuity
Two examples: Section A, Corporate Structure and Organisation, contains guidelines for banks' internal checks and balances. It also specifies that a bank must have independent audit, compliance and risk management departments (see Article 17 paragraph 4, Article 21 paragraph 1 and Article 23 paragraph 6 of the Decree on Prudential Rules). And Section E, Information systems and business continuity, specifies that a bank must have an information system that facilitates the effective management of business processes and risks and provides for internal and external information requirements (see Article 20 of the Decree on Prudential Rules).
By establishing a series of guidelines, the European Banking Authority (EBA) seeks to promote the uniform application of EU regulations in the prudential supervision of banks. The Policy Rule on the Application of EBA Guidelines links the EBA guidelines with the Dutch Financial Supervision Act, anchoring them both more deeply into the supervision process. At the same time, DNB can use this policy rule to clarify, through active supervision, how it intends to apply the relevant prudential standard.
GL44 in the policy rule
Article 13 – Controlling relevant risks and governance (Article 22 and annex V CRD / Articles 3:10 and 3:17 of the Financial Supervision Act): DNB bases its compliance supervision on the provisions contained in or pursuant to Articles 3:10 and 3:17 of the Financial Supervision Act regarding controlled and sound operations (governance) of banks and investment firms and their business processes for managing relevant risks, and on the EBA guidelines for adequate corporate governance outlined in the EBA Guidelines on Internal Governance of 26 September 2011.
More information? See the publication in the Bulletin of Acts, Orders and Decrees of 6 Augusts 2012.