Navigating the ECB's expectations: Strengthening governance in European banks

July 2023

In a recent blog post, Frank Elderson, Vice Chair of the European Central Bank (ECB), once again underscored the continued importance of the role of governance, particularly the effectiveness of management bodies within banks. In the blog, he highlights a key-takeaway of the recent Federal Reserve’s report on the failure of Silicon Valley Bank in the United States, namely “Silicon Valley Bank’s board of directors and management failed to manage their risks”. This is another reminder to European banks about the importance of risk management and robust governance structures, or as he says, all too often “the root cause of various vulnerabilities in banks lies in ineffective management bodies”.

Indeed, governance and the effectiveness of banks’ management bodies have been a major focus for the ECB for years, and formed part of their 2023-2025 supervisory priorities. Despite this focus, as Elderson states in his blog post, 73 percent of banks scored a 3 (medium-high risk) out of 4 for internal governance in the Supervisory Review Evaluation Process (SREP) 2022, indicating that the majority of banks still have work to do. As part of its ongoing commitment to addressing these deficiencies, the ECB ramped up their activities in 2023 by conducting a targeted review of management bodes in a sample of 20 banks across Europe. The review findings were revealing — and it is clear that banks still need to do more to meet ECB's expectations.

For example, Elderson reveals that one-third of supervised banks have less than half of their board made up of independent non-executive directors, which for him indicates a lack of constructive challenge. In this context, non-executive directors play a critical role in providing independent perspectives and critique to executive decisions, making this finding a point of concern. Notably, the ECB highlighted the importance of non-executive directors as partners and challengers to management. Furthermore, while policies outlining roles and responsibilities exist, there's a clear gap in their practical application.

The ECB’s review also uncovered a mix of good and bad practices. A prevalent bad practice is the dominant role of the CEO or Chair, hindering independent debate. A good practice, conversely, is the use of closed committee sessions for non-executive directors to independently challenge executives.

The nomination process also illustrated bad practices with some banks simply relying on the CEO’s decision to appoint managers. Good practices, however, include the use of succession planning tools and scrutinising potential appointees for suitability and commitment, as well as a challenge on the collective suitability of the board, something which the ECB has commented on before in its update to the Fit and Proper Guide

Overall, the ECB's review on management body effectiveness has highlighted deficiencies. Echoing Andrea Enria’s recent statements on other aspects of governance, namely risk data aggregation and reporting, Elderson reiterates that the ECB stands ready to “use all measures in our supervisory toolkit to ensure compliance”. This underscores the seriousness with which the supervisor views these issues.

For banks under the Single Supervisory Mechanism (SSM), these insights can serve as an actionable roadmap. Firstly, banks should review the operations of their management bodies, ensuring the inclusion of more independent non-executive directors. These directors can provide the much-needed external viewpoint and constructive challenge to executive decisions, and implementing closed committee sessions could help banks to evidence their effectiveness.

Banks must also look to operationalise their existing policies effectively — if a policy outlining roles and responsibilities of committees and boards exist, it should be effectively applied to daily operations.

Finally, when considering the nomination and succession planning process, banks should strive to implement a robust, transparent, and driven by merit process rather than one based upon personal preference. As highlighted by Elderson, the suitability matrix that is implemented in the ECB’s Fit and Proper matrix can be instrumental in this regard.

To add to all of this, banks should also take note of the fact that the ECB launched on 24 July 2023 a public consultation on its Guide on effective risk data aggregation and risk reporting. Risk data is absolutely critical for the correct functioning of the management board, and it should be accurate, timely and produced in a manner that allows boards to make effective decisions . As discussed in a recent article how the ECB is throwing down the gauntlet on BCBS 239 — and now there are further tangible steps of their continued actions. The guide singles out seven key areas, namely: the responsibility of a bank’s management body; the scope of application of the data governance framework; key roles and responsibilities for data governance; the implementation of a group-wide integrated data architecture; the effectiveness of data quality controls; the timeliness of internal risk reporting; and implementation programs. With this in mind, banks should take the time during the consultation period to analyse the guide, review closely to identify any gaps, and amend their roadmaps to compliance where relevant. Banks should also take care for national transpositions of the relevant Capital Requirements Directive IV (CRD IV) provisions when performing their analysis, as per Annex 2 of the guide.

The bottom line is clear: better governance leads to better banks, which in turn leads to a stronger and safer banking system. Banks should act on the ECB's continued pressure on their topic, and review the recommendations to improve their governance structures. After all, a well-run bank is the bedrock of a stable banking system.