1.The prudential supervision of an institution, including that of the activities it carries out in accordance with Articles 33 and 34, shall be the responsibility of the competent authorities of the home Member State, without prejudice to those provisions of this Directive which give responsibility to the competent authorities of the host Member State.
2.Paragraph 1 shall not prevent supervision on a consolidated basis.
3.Measures taken by the host Member State shall not allow discriminatory or restrictive treatment on the basis that an institution is authorised in another Member State.
1.The competent authorities of the Member States concerned shall collaborate closely in order to supervise the activities of institutions operating, in particular through a branch, in one or more Member States other than that in which their head offices are situated. They shall supply one another with all information concerning the management and ownership of such institutions that is likely to facilitate their supervision and the examination of the conditions for their authorisation, and all information likely to facilitate the monitoring of institutions, in particular with regard to liquidity, solvency, deposit guarantee, the limiting of large exposures, other factors that may influence the systemic risk posed by the institution, administrative and accounting procedures and internal control mechanisms.
2.The competent authorities of the home Member State shall provide the competent authorities of host Member States immediately with any information and findings pertaining to liquidity supervision in accordance with Part Six of Regulation (EU) No 575/2013 and Title VII, Chapter 3 of this Directive of the activities performed by the institution through its branches, to the extent that such information and findings are relevant to the protection of depositors or investors in the host Member State.
3.The competent authorities of the home Member State shall inform the competent authorities of all host Member States immediately where liquidity stress occurs or can reasonably be expected to occur. That information shall also include details about the planning and implementation of a recovery plan and about any prudential supervision measures taken in that context.
4.The competent authorities of the home Member State shall communicate and explain upon request to the competent authorities of the host Member State how information and findings provided by the latter have been taken into account. Where, following communication of information and findings, the competent authorities of the host Member State maintain that no appropriate measures have been taken by the competent authorities of the home Member State, the competent authorities of the host Member State may, after informing the competent authorities of the home Member State and EBA, take appropriate measures to prevent further breaches in order to protect the interests of depositors, investors and others to whom services are provided or to protect the stability of the financial system.
Where the competent authorities of the home Member State disagree with the measures to be taken by the competent authorities of the host Member State, they may refer the matter to EBA and request its assistance in accordance with Article 19 of Regulation (EU) No 1093/2010. Where EBA acts in accordance with that Article, it shall take any decision within one month.
5.The competent authorities may refer to EBA situations where a request for collaboration, in particular to exchange information, has been rejected or has not been acted upon within a reasonable time. Without prejudice to Article 258 TFEU, EBA may, in those situations, act in accordance with the powers conferred on it under Article 19 of Regulation (EU) No 1093/2010. EBA may also assist the competent authorities in reaching an agreement on the exchange of information under this Article on its own initiative in accordance with the second subparagraph of Article 19(1) of that Regulation.
6.EBA shall develop draft regulatory technical standards to specify the information referred to in this Article.
Power is delegated to the Commission to adopt the regulatory technical standards referred to in the first subparagraph in accordance with Articles 10 to 14 of Regulation (EU) No 1093/2010.
7.EBA shall develop draft implementing technical standards to establish standard forms, templates and procedures for the information sharing requirements which are likely to facilitate the monitoring of institutions.
Power is conferred on the Commission to adopt the implementing technical standards referred to in the first subparagraph in accordance with Article 15 of Regulation (EU) No 1093/2010.
8.EBA shall submit the draft technical standards referred to in paragraphs 6 and 7 to the Commission by 1 January 2014.
1.The competent authorities of a host Member State may make a request to the consolidating supervisor, where Article 112(1) applies, or to the competent authorities of the home Member State for a branch of an institution other than an investment firm subject to Article 95 of Regulation (EU) No 575/2013 to be considered as significant.
That request shall provide reasons for considering the branch to be significant with particular regard to the following:
(a)whether the market share of the branch in terms of deposits exceeds 2 % in the host Member State;
(b)the likely impact of a suspension or closure of the operations of the institution on systemic liquidity and the payment, clearing and settlement systems in the host Member State;
(c)the size and the importance of the branch in terms of number of clients within the context of the banking or financial system of the host Member State.
The competent authorities of the home and host Member States, and, where Article 112(1) applies, the consolidating supervisor, shall do everything within their power to reach a joint decision on the designation of a branch as being significant.
If no joint decision is reached within two months of receipt of a request under the first subparagraph, the competent authorities of the host Member State shall take their own decision within a further period of two months on whether the branch is significant. In taking their decision, the competent authorities of the host Member State shall take into account any views and reservations of the consolidating supervisor or the competent authorities of the home Member State.
The decisions referred to in the third and fourth subparagraphs shall be set out in a document containing full reasons, shall be transmitted to the competent authorities concerned and shall be recognised as determinative and applied by the competent authorities in the Member States concerned.
The designation of a branch as being significant shall not affect the rights and responsibilities of the competent authorities under this Directive.
2.The competent authorities of the home Member State shall communicate to the competent authorities of a host Member State where a significant branch is established the information referred to in Article 117(1)(c) and (d) and carry out the tasks referred to in Article 112(1)(c) in cooperation with the competent authorities of the host Member State.
If a competent authority of a home Member State becomes aware of an emergency situation as referred to in Article 114(1), it shall alert without delay the authorities referred to in Article 58(4) and Article 59(1).
The competent authorities of the home Member State shall communicate to the competent authorities of the host Member States where significant branches are established the results of the risk assessments of institutions with such branches referred to in Article 97 and, where applicable, Article 113(2). They shall also communicate decisions under Articles 104 and 105 in so far as those assessments and decisions are relevant to those branches.
The competent authorities of the home Member States shall consult the competent authorities of the host Member States where significant branches are established about operational steps required by Article 86(11), where relevant for liquidity risks in the host Member State's currency.
Where the competent authorities of the home Member State have not consulted the competent authorities of the host Member State, or where, following such consultation, the competent authorities of the host Member State maintain that operational steps required by Article 86(11) are not adequate, the competent authorities of the host Member State may refer the matter to EBA and request its assistance in accordance with Article 19 of Regulation (EU) No 1093/2010.
3.Where Article 116 does not apply, the competent authorities supervising an institution with significant branches in other Member States shall establish and chair a college of supervisors to facilitate the cooperation under paragraph 2 of this Article and under Article 50. The establishment and functioning of the college shall be based on written arrangements to be determined, after consulting the competent authorities concerned, by the competent authority of the home Member State. The competent authority of the home Member State shall decide which competent authorities participate in a meeting or in an activity of the college.
The decision of the competent authority of the home Member State shall take account of the relevance of the supervisory activity to be planned or coordinated for those authorities, in particular the potential impact on the stability of the financial system in the Member States concerned referred to in Article 7 and the obligations referred to in paragraph 2 of this Article.
The competent authority of the home Member State shall keep all members of the college fully informed, in advance, of the organisation of such meetings, the main issues to be discussed and the activities to be considered. The competent authority of the home Member State shall also keep all the members of the college fully informed, in a timely manner, of the actions taken in those meetings or the measures carried out.
4.EBA shall develop draft regulatory technical standards in order to specify general conditions for the functioning of colleges of supervisors.
Power is delegated to the Commission to adopt the regulatory technical standards referred to in the first subparagraph in accordance with Articles 10 to 14 of Regulation (EU) No 1093/2010.
5.EBA shall develop draft implementing technical standards in order to determine the operational functioning of colleges of supervisors.
Power is conferred on the Commission to adopt the implementing technical standards referred to in the first subparagraph in accordance with Article 15 of Regulation (EU) No 1093/2010.
6.EBA shall submit the draft technical standards referred to in paragraphs 4 and 5 to the Commission by 31 December 2014.
1.Host Member States shall provide that, where an institution authorised in another Member State carries out its activities through a branch, the competent authorities of the home Member State may, after having informed the competent authorities of the host Member State, carry out themselves or through the intermediary of persons they appoint for that purpose on-the-spot checks of the information referred to in Article 50 and inspections of such branches.
2.The competent authorities of the home Member State may also, for the purposes of the inspection of branches, have recourse to one of the other procedures set out in Article 118.
3.The competent authorities of the host Member State shall have the power to carry out, on a case-by-case basis, on-the-spot checks and inspections of the activities carried out by branches of institutions on their territory and require information from a branch about its activities and for supervisory purposes, where they consider it relevant for reasons of stability of the financial system in the host Member State. Before carrying out such checks and inspections, the competent authorities of the host Member State shall consult the competent authorities of the home Member State. After such checks and inspections, the competent authorities of the host Member State shall communicate to the competent authorities of the home Member State the information obtained and findings that are relevant for the risk assessment of the institution or the stability of the financial system in the host Member State. The competent authorities of the home Member State shall duly take into account that information and those findings in determining their supervisory examination programme referred to in Article 99, also having regard to the stability of the financial system in the host Member State.
4.The on-the-spot checks and inspections of branches shall be conducted in accordance with the law of the Member State where the check or inspection is carried out.
1.Member States shall provide that all persons working for or who have worked for the competent authorities and auditors or experts acting on behalf of the competent authorities shall be bound by the obligation of professional secrecy.
Confidential information which such persons, auditors or experts receive in the course of their duties may be disclosed only in summary or aggregate form, such that individual credit institutions cannot be identified, without prejudice to cases covered by criminal law.
Nevertheless, where a credit institution has been declared bankrupt or is being compulsorily wound up, confidential information which does not concern third parties involved in attempts to rescue that credit institution may be disclosed in civil or commercial proceedings.
2.Paragraph 1 shall not prevent the competent authorities from exchanging information with each other or transmitting information to the ESRB, EBA, or the European Supervisory Authority (European Securities and Markets Authority) ("ESMA") established by Regulation (EU) No 1095/2010 of the European Parliament and of the Council(1) in accordance with this Directive, with Regulation (EU) No 575/2013, with other Directives applicable to credit institutions, with Article 15 of Regulation (EU) No 1092/2010, with Articles 31, 35 and 36 of Regulation (EU) No 1093/2010 and with Articles 31 and 36 of Regulation (EU) No 1095/2010. That information shall be subject to paragraph 1.
3.Paragraph 1 shall not prevent the competent authorities from publishing the outcome of stress tests carried out in accordance with Article 100 of this Directive or Article 32 of Regulation (EU) No 1093/2010 or from transmitting the outcome of stress tests to EBA for the purpose of the publication by EBA of the results of Union-wide stress tests.
Competent authorities receiving confidential information under Article 53 shall use it only in the course of their duties and only for any of the following purposes:
to check that the conditions governing access to the activity of credit institutions are met and to facilitate monitoring, on a non-consolidated or consolidated basis, of the conduct of such activity, especially with regard to the monitoring of liquidity, solvency, large exposures, and administrative and accounting procedures and internal control mechanisms;
to impose penalties;
in an appeal against a decision of the competent authority including court proceedings pursuant to Article 72;
in court proceedings initiated pursuant to special provisions provided for in Union law adopted in the field of credit institutions.
Member States and EBA, in accordance with Article 33 of Regulation (EU) No 1093/2010, may conclude cooperation agreements, providing for exchanges of information, with the supervisory authorities of third countries or with authorities or bodies of third countries in accordance with Article 56 and Article 57(1) of this Directive only if the information disclosed is subject to a guarantee that professional secrecy requirements at least equivalent to those referred to in Article 53(1) of this Directive are complied with. Such exchange of information shall be for the purpose of performing the supervisory tasks of those authorities or bodies.
Where the information originates in another Member State, it shall only be disclosed with the express agreement of the authorities which have disclosed it and, where appropriate, solely for the purposes for which those authorities gave their agreement.
Article 53(1) and Article 54 shall not preclude the exchange of information between competent authorities within a Member State, between competent authorities in different Member States or between competent authorities and the following, in the discharge of their supervisory functions:
authorities entrusted with the public duty of supervising other financial sector entities and the authorities responsible for the supervision of financial markets;
authorities or bodies charged with responsibility for maintaining the stability of the financial system in Member States through the use of macroprudential rules;
reorganisation bodies or authorities aiming at protecting the stability of the financial system;
contractual or institutional protection schemes as referred to in Article 113(7) of Regulation (EU) No 575/2013;
bodies involved in the liquidation and bankruptcy of institutions and in other similar procedures;
persons responsible for carrying out statutory audits of the accounts of institutions, insurance undertakings and financial institutions.
Article 53(1) and Article 54 shall not preclude the disclosure to bodies which administer deposit-guarantee schemes and investor compensation schemes of information necessary for the exercise of their functions.
The information received shall in any event be subject to professional secrecy requirements at least equivalent to those referred to in Article 53(1).
1.Notwithstanding Articles 53, 54 and 55, Member States may authorise exchange of information between the competent authorities and the authorities responsible for overseeing:
(a)the bodies involved in the liquidation and bankruptcy of institutions and in other similar procedures;
(b)contractual or institutional protection schemes as referred to in Article 113(7) of Regulation (EU) No 575/2013;
(c)persons charged with carrying out statutory audits of the accounts of institutions, insurance undertakings and financial institutions.
2.In the cases referred to in paragraph 1, Member States shall require fulfilment of at least the following conditions:
(a)that the information is exchanged for the purpose of performing the tasks referred to in paragraph 1;
(b)that the information received is subject to professional secrecy requirements at least equivalent to those referred to in Article 53(1);
(c)where the information originates in another Member State, that it is not disclosed without the express agreement of the competent authorities which have disclosed it and, where appropriate, solely for the purposes for which those authorities gave their agreement.
3.Notwithstanding Articles 53, 54 and 55, Member States may, with the aim of strengthening the stability and integrity of the financial system, authorise the exchange of information between competent authorities and the authorities or bodies responsible under law for the detection and investigation of breaches of company law.
In such cases Member States shall require fulfilment of at least the following conditions:
(a)that the information is exchanged for the purpose of detecting and investigating breaches of company law;
(b)that the information received is subject to professional secrecy requirements at least equivalent to those referred to in Article 53(1);
(c)where the information originates in another Member State, that it is not disclosed without the express agreement of the competent authorities which have disclosed it and, where appropriate, solely for the purposes for which those authorities gave their agreement.
4.Where the authorities or bodies referred to in paragraph 1 perform their task of detection or investigation with the aid, in view of their specific competence, of persons appointed for that purpose and not employed in the public sector, a Member State may extend the possibility of exchanging information provided for in the first subparagraph of paragraph 3 to such persons under the conditions specified in the second subparagraph of paragraph 3.
5.The competent authorities shall communicate to EBA the names of the authorities or bodies which may receive information pursuant to this Article.
6.In order to implement paragraph 4, the authorities or bodies referred to in paragraph 3 shall communicate to the competent authorities which have disclosed the information, the names and precise responsibilities of the persons to whom it is to be sent.
1.Nothing in this Chapter shall prevent a competent authority from transmitting information to the following for the purposes of their tasks:
(a)ESCB central banks and other bodies with a similar function in their capacity as monetary authorities when the information is relevant for the exercise of their respective statutory tasks, including the conduct of monetary policy and related liquidity provision, oversight of payments, clearing and settlement systems and the safeguarding of stability of the financial system;
(b)contractual or institutional protection schemes as referred to in Article 113(7) of Regulation (EU) No 575/2013;
(c)where appropriate, other public authorities responsible for overseeing payment systems;
(d)the ESRB, the European Supervisory Authority (European Insurance and Occupational Pensions Authority) ("EIOPA"), established by Regulation (EU) No 1094/2010 of the European Parliament and of the Council(2) and ESMA, where that information is relevant for the exercise of their tasks under Regulations (EU) No 1092/2010, (EU) No 1094/2010 or (EU) No 1095/2010.
Member States shall take the appropriate measures to remove obstacles preventing competent authorities from transmitting information in accordance with the first subparagraph.
2.Nothing in this Chapter shall prevent the authorities or bodies referred to in paragraph 1 from communicating to the competent authorities such information as the competent authorities may need for the purposes of Article 54.
3.Information received in accordance with paragraphs 1 and 2 shall be subject to professional secrecy requirements at least equivalent to those referred to in Article 53(1).
4.Member States shall take the necessary measures to ensure that, in an emergency situation as referred to in Article 114(1), the competent authorities communicate, without delay, information to the ESCB central banks where that information is relevant for the exercise of their statutory tasks, including the conduct of monetary policy and related liquidity provision, the oversight of payments, clearing and settlement systems, and the safeguarding of the stability of the financial system, and to the ESRB where such information is relevant for the exercise of its statutory tasks.
1.Notwithstanding Article 53(1) and Article 54, Member States may, by virtue of provisions laid down in national law, authorise the disclosure of certain information to other departments of their central government administrations responsible for law on the supervision of institutions, financial institutions and insurance undertakings and to inspectors acting on behalf of those departments.
However, such disclosures may be made only where necessary for reasons of prudential supervision, and prevention and resolution of failing institutions. Without prejudice to paragraph 2 of this Article, persons having access to the information shall be subject to professional secrecy requirements at least equivalent to those referred to in Article 53(1).
In an emergency situation as referred to in Article 114(1), Member States shall allow competent authorities to disclose information which is relevant to the departments referred to in the first subparagraph of this paragraph in all Member States concerned.
2.Member States may authorise the disclosure of certain information relating to the prudential supervision of institutions to parliamentary enquiry committees in their Member State, courts of auditors in their Member State and other entities in charge of enquiries in their Member State, under the following conditions:
(a)that the entities have a precise mandate under national law to investigate or scrutinise the actions of authorities responsible for the supervision of institutions or for laws on such supervision;
(b)that the information is strictly necessary for fulfilling the mandate referred to in point (a);
(c)the persons with access to the information are subject to professional secrecy requirements under national law at least equivalent to those referred to in Article 53(1);
(d)where the information originates in another Member State that it is not disclosed without the express agreement of the competent authorities which have disclosed it and, solely for the purposes for which those authorities gave their agreement.
To the extent that the disclosure of information relating to prudential supervision involves processing of personal data, any processing by the entities referred to in the first subparagraph shall comply with the applicable national laws transposing Directive 95/46/EC.
Member States shall ensure that information received under Article 52(3), Article 53(2) and Article 56 and information obtained by means of an on-the-spot check or inspection referred to in Article 52(1) and (2) shall not be disclosed under Article 59 save with the express consent of the competent authorities which disclosed the information or of the competent authorities of the Member State in which such an on-the-spot check or inspection was carried out.
1.Nothing in this Chapter shall prevent the competent authorities of a Member State from communicating the information referred to in Articles 53, 54 and 55 to a clearing house or other similar body recognised under national law for the provision of clearing or settlement services for one of their national markets if they consider that it is necessary to communicate the information in order to ensure the proper functioning of those bodies in relation to defaults or potential defaults by market participants. The information received shall be subject to professional secrecy requirements at least equivalent to those referred to in Article 53(1).
2.Member States shall, however, ensure that information received under Article 53(2) shall not be disclosed in the circumstances referred to in paragraph 1 without the express consent of the competent authorities, which have disclosed it.
The processing of personal data for the purposes of this Directive shall be carried out in accordance with Directive 95/46/EC and, where relevant, with Regulation (EC) No 45/2001.
1.Member States shall provide that any person authorised in accordance with Directive 2006/43/EC of the European Parliament and of the Council of 17 May 2006 on statutory audits of annual accounts and consolidated accounts(3) and performing in an institution the tasks described in Article 51 of Council Directive 78/660/EEC of 25 July 1978 on the annual accounts of certain types of companies(4), Article 37 of Council Directive 83/349/EEC of 13 June 1983 on consolidated accounts(5) Article 73 of Directive 2009/65/EC, or any other statutory task, shall at least have a duty to report promptly to the competent authorities any fact or decision concerning that institution of which that person has become aware while carrying out that task, which is liable to:
(a)constitute a material breach of the laws, regulations or administrative provisions which lay down the conditions governing authorisation or which specifically govern pursuit of the activities of institutions;
(b)affect the ongoing functioning of the institution;
(c)lead to refusal to certify the accounts or to the expression of reservations.
Member States shall provide at least that a person referred to in the first subparagraph shall also have a duty to report any fact or decision of which that person becomes aware in the course of carrying out a task as described in the first subparagraph in an undertaking having close links resulting from a control relationship with the institution within which he is carrying out that task.
2.The disclosure in good faith to the competent authorities, by persons authorised within the meaning of Directive 2006/43/EC, of any fact or decision referred to in paragraph 1 shall not constitute a breach of any restriction on disclosure of information imposed by contract or by any legislative, regulatory or administrative provision and shall not involve such persons in any liability. Such disclosure shall be made simultaneously to the management body of the institution unless there are compelling reasons not to do so.
1.Competent authorities shall be given all supervisory powers to intervene in the activity of institutions that are necessary for the exercise of their function, including in particular the right to withdraw an authorisation in accordance with Article 18, the powers required in accordance with Article 102 and the powers set out in Articles 104 and 105.
2.Competent authorities shall exercise their supervisory powers and their powers to impose penalties in accordance with this Directive and with national law, in any of the following ways:
(a)directly;
(b)in collaboration with other authorities;
(c)under their responsibility by delegation to such authorities;
(d)by application to the competent judicial authorities.
1.Without prejudice to the supervisory powers of competent authorities referred to in Article 64 and the right of Member States to provide for and impose criminal penalties, Member States shall lay down rules on administrative penalties and other administrative measures in respect of breaches of national provisions transposing this Directive and of Regulation (EU) No 575/2013 and shall take all measures necessary to ensure that they are implemented. Where Member States decide not to lay down rules for administrative penalties for breaches which are subject to national criminal law they shall communicate to the Commission the relevant criminal law provisions. The administrative penalties and other administrative measures shall be effective, proportionate and dissuasive.
2.Member States shall ensure that where the obligations referred to in paragraph 1 apply to institutions, financial holding companies and mixed financial holding companies in the event of a breach of national provisions transposing this Directive or of Regulation (EU) No 575/2013, penalties may be applied, subject to the conditions laid down in national law, to the members of the management body and to other natural persons who under national law are responsible for the breach.
3.Competent authorities shall have all information gathering and investigatory powers that are necessary for the exercise of their functions. Without prejudice to other relevant provisions laid down in this Directive and in Regulation (EU) No 575/2013 those powers shall include:
(a)the power to require the following natural or legal persons to provide all information that is necessary in order to carry out the tasks of the competent authorities, including information to be provided at recurring intervals and in specified formats for supervisory and related statistical purposes:
institutions established in the Member State concerned;
financial holding companies established in the Member State concerned;
mixed financial holding companies established in the Member State concerned;
mixed-activity holding companies established in the Member State concerned;
persons belonging to the entities referred to in points (i) to (iv);
third parties to whom the entities referred to in points (i) to (iv) have outsourced operational functions or activities;
(b)the power to conduct all necessary investigations of any person referred to in points (a)(i) to (vi) established or located in the Member State concerned where necessary to carry out the tasks of the competent authorities, including:
the right to require the submission of documents;
to examine the books and records of the persons referred to in points(a)(i) to (vi) and take copies or extracts from such books and records;
to obtain written or oral explanations from any person referred to in points (a) (i) to (vi) or their representatives or staff; and
to interview any other person who consents to be interviewed for the purpose of collecting information relating to the subject matter of an investigation;
(c)the power, subject to other conditions set out in Union law, to conduct all necessary inspections at the business premises of the legal persons referred to in points (a)(i) to (vi) and any other undertaking included in consolidated supervision where a competent authority is the consolidating supervisor, subject to the prior notification of the competent authorities concerned. If an inspection requires authorisation by a judicial authority under national law, such authorisation shall be applied for.
1.Member States shall ensure that their laws, regulations and administrative provisions provide for administrative penalties and other administrative measures at least in respect of:
(a)carrying out the business of taking deposits or other repayable funds from the public without being a credit institution in breach of Article 9;
(b)commencing activities as a credit institution without obtaining authorisation in breach of Article 9;
(c)acquiring, directly or indirectly, a qualifying holding in a credit institution or further increasing, directly or indirectly, such a qualifying holding in a credit institution as a result of which the proportion of the voting rights or of the capital held would reach or exceed the thresholds referred to in Article 22(1) or so that the credit institution would become its subsidiary, without notifying in writing the competent authorities of the credit institution in which they are seeking to acquire or increase a qualifying holding, during the assessment period, or against the opposition of the competent authorities, in breach of Article 22(1);
(d)disposing, directly or indirectly, of a qualifying holding in a credit institution or reducing a qualifying holding so that the proportion of the voting rights or of the capital held would fall below the thresholds referred to in Article 25 or so that the credit institution would cease to be a subsidiary, without notifying in writing the competent authorities.
2.Member States shall ensure that in the cases referred to in paragraph 1, the administrative penalties and other administrative measures that can be applied include at least the following:
(a)a public statement which identifies the natural person, institution, financial holding company or mixed financial holding company responsible and the nature of the breach;
(b)an order requiring the natural or legal person responsible to cease the conduct and to desist from a repetition of that conduct;
(c)in the case of a legal person, administrative pecuniary penalties of up to 10 % of the total annual net turnover including the gross income consisting of interest receivable and similar income, income from shares and other variable or fixed-yield securities, and commissions or fees receivable in accordance with Article 316 of Regulation (EU) No 575/2013 of the undertaking in the preceding business year;
(d)in the case of a natural person, administrative pecuniary penalties of up to EUR 5 000 000, or in the Member States whose currency is not the euro, the corresponding value in the national currency on 17 July 2013;
(e)administrative pecuniary penalties of up to twice the amount of the benefit derived from the breach where that benefit can be determined;
(f)suspension of the voting rights of the shareholder or shareholders held responsible for the breaches referred to in paragraph 1.
Where the undertaking referred to in point (c) of the first subparagraph is a subsidiary of a parent undertaking, the relevant gross income shall be the gross income resulting from the consolidated account of the ultimate parent undertaking in the preceding business year.
1.This Article shall apply at least in any of the following circumstances:
(a)an institution has obtained an authorisation through false statements or any other irregular means;
(b)an institution, on becoming aware of any acquisitions or disposals of holdings in their capital that cause holdings to exceed or fall below one of the thresholds referred to in Article 22(1) or Article 25, fails to inform the competent authorities of those acquisitions or disposals in breach of the first subparagraph of Article 26(1);
(c)an institution listed on a regulated market as referred to in the list to be published by ESMA in accordance with Article 47 of Directive 2004/39/EC does not, at least annually, inform the competent authorities of the names of shareholders and members possessing qualifying holdings and the sizes of such holdings in breach of the second subparagraph of Article 26(1) of this Directive;
(d)an institution fails to have in place governance arrangements required by the competent authorities in accordance with the national provisions transposing Article 74;
(e)an institution fails to report information or provides incomplete or inaccurate information on compliance with the obligation to meet own funds requirements set out in Article 92 of Regulation (EU) No 575/2013 to the competent authorities in breach of Article 99(1) of that Regulation;
(f)an institution fails to report or provides incomplete or inaccurate information to the competent authorities in relation to the data referred to in Article 101 of Regulation (EU) No 575/2013;
(g)an institution fails to report information or provides incomplete or inaccurate information about a large exposure to the competent authorities in breach of Article 394(1) of Regulation (EU) No 575/2013;
(h)an institution fails to report information or provides incomplete or inaccurate information on liquidity to the competent authorities in breach of Article 415(1) and (2) of Regulation (EU) No 575/2013;
(i)an institution fails to report information or provides incomplete or inaccurate information on the leverage ratio to the competent authorities in breach of Article 430(1) of Regulation (EU) No 575/2013;
(j)an institution repeatedly or persistently fails to hold liquid assets in breach of Article 412 of Regulation (EU) No 575/2013;
(k)an institution incurs an exposure in excess of the limits set out in Article 395 of Regulation (EU) No 575/2013;
(l)an institution is exposed to the credit risk of a securitisation position without satisfying the conditions set out in Article 405 of Regulation (EU) No 575/2013;
(m)an institution fails to disclose information or provides incomplete or inaccurate information in breach of Article 431(1), (2) and (3) or Article 451(1) of Regulation (EU) No 575/2013;
(n)an institution makes payments to holders of instruments included in the own funds of the institution in breach of Article 141 of this Directive or in cases where Articles 28, 51 or 63 of Regulation (EU) No 575/2013 prohibit such payments to holders of instruments included in own funds;
(o)an institution is found liable for a serious breach of the national provisions adopted pursuant to Directive 2005/60/EC;
(p)an institution allows one or more persons not complying with Article 91 to become or remain a member of the management body.
2.Member States shall ensure that in the cases referred to in paragraph 1, the administrative penalties and other administrative measures that can be applied include at least the following:
(a)a public statement which identifies the natural person, institution, financial holding company or mixed financial holding company responsible and the nature of the breach;
(b)an order requiring the natural or legal person responsible to cease the conduct and to desist from a repetition of that conduct;
(c)in the case of an institution, withdrawal of the authorisation of the institution in accordance with Article 18;
(d)subject to Article 65(2), a temporary ban against a member of the institution's management body or any other natural person, who is held responsible, from exercising functions in institutions;
(e)in the case of a legal person, administrative pecuniary penalties of up to 10 % of the total annual net turnover including the gross income consisting of interest receivable and similar income, income from shares and other variable or fixed-yield securities, and commissions or fees receivable in accordance with Article 316 of Regulation (EU) No 575/2013 of the undertaking in the preceding business year;
(f)in the case of a natural person, administrative pecuniary penalties of up to EUR 5 000 000, or in the Member States whose currency is not the euro, the corresponding value in the national currency on 17 July 2013;
(g)administrative pecuniary penalties of up to twice the amount of the profits gained or losses avoided because of the breach where those can be determined.
Where an undertaking referred to in point (e) of the first subparagraph is a subsidiary of a parent undertaking, the relevant gross income shall be the gross income resulting from the consolidated account of the ultimate parent undertaking in the preceding business year.
1.Member States shall ensure that the competent authorities publish on their official website at least any administrative penalties against which there is no appeal and which are imposed for breach of the national provisions transposing this Directive or of Regulation (EU) No 575/2013, including information on the type and nature of the breach and the identity of the natural or legal person on whom the penalty is imposed, without undue delay after that person is informed of those penalties.
Where Member States permit publication of penalties against which there is an appeal, competent authorities shall, without undue delay, also publish on their official website information on the appeal status and outcome thereof.
2.Competent authorities shall publish the penalties on an anonymous basis, in a manner in accordance with national law, in any of the following circumstances:
(a)where the penalty is imposed on a natural person and, following an obligatory prior assessment, publication of personal data is found to be disproportionate;
(b)where publication would jeopardise the stability of financial markets or an ongoing criminal investigation;
(c)where publication would cause, insofar as it can be determined, disproportionate damage to the institutions or natural persons involved.
Alternatively, where the circumstances referred to in the first subparagraph are likely to cease within a reasonable period of time, publication under paragraph 1 may be postponed for such a period of time.
3.Competent authorities shall ensure that information published under paragraphs 1 or 2 remains on their official website at least five years. Personal data shall be retained on the official website of the competent authority only for the period necessary, in accordance with the applicable data protection rules.
4.By 18 July 2015 EBA shall submit a report to the Commission on the publication of penalties by Member States on an anonymous basis as provided for under paragraph 2, in particular where there have been significant divergences between Member States in this respect. In addition, EBA shall submit a report to the Commission on any significant divergences in the duration of publication of penalties under national law.
1.Subject to the professional secrecy requirements referred to in Article 53(1), the competent authorities shall inform EBA of all administrative penalties, including all permanent prohibitions, imposed under Articles 65, 66 and 67 including any appeal in relation thereto and the outcome thereof. EBA shall maintain a central database of administrative penalties communicated to it solely for the purposes of exchanging information between competent authorities. That database shall be accessible to competent authorities only and it shall be updated on the basis of the information provided by competent authorities.
2.Where a competent authority assesses good repute for the purposes of Article 13(1), Article 16(3), Article 91(1) and Article 121, it shall consult the EBA database of administrative penalties. In the event of a change of status or a successful appeal, EBA shall delete or update relevant entries in the database on request by the competent authorities.
3.The competent authorities shall check, in accordance with national law, the existence of a relevant conviction in the criminal record of the person concerned. For those purposes, information shall be exchanged in accordance with Decision 2009/316/JHA and Framework Decision 2009/315/JHA as implemented in national law.
4.EBA shall maintain a website with links to each competent authority's publication of administrative penalties under Article 68 and shall show the time period for which each Member State publishes administrative penalties.
Member States shall ensure that when determining the type of administrative penalties or other administrative measures and the level of administrative pecuniary penalties, the competent authorities shall take into account all relevant circumstances, including, where appropriate:
the gravity and the duration of the breach;
the degree of responsibility of the natural or legal person responsible for the breach;
the financial strength of the natural or legal person responsible for the breach, as indicated, for example, by the total turnover of a legal person or the annual income of a natural person;
the importance of profits gained or losses avoided by the natural or legal person responsible for the breach, insofar as they can be determined;
the losses for third parties caused by the breach, insofar as they can be determined;
the level of cooperation of the natural or legal person responsible for the breach with the competent authority;
previous breaches by the natural or legal person responsible for the breach;
any potential systemic consequences of the breach.
1.Member States shall ensure that competent authorities establish effective and reliable mechanisms to encourage reporting of potential or actual breaches of national provisions transposing this Directive and of Regulation (EU) No 575/2013 to competent authorities.
2.The mechanisms referred to in paragraph 1 shall include at least:
(a)specific procedures for the receipt of reports on breaches and their follow-up;
(b)appropriate protection for employees of institutions who report breaches committed within the institution against retaliation, discrimination or other types of unfair treatment at a minimum;
(c)protection of personal data concerning both the person who reports the breaches and the natural person who is allegedly responsible for a breach, in accordance with Directive 95/46/EC;
(d)clear rules that ensure that confidentiality is guaranteed in all cases in relation to the person who reports the breaches committed within the institution, unless disclosure is required by national law in the context of further investigations or subsequent judicial proceedings.
3.Member States shall require institutions to have in place appropriate procedures for their employees to report breaches internally through a specific, independent and autonomous channel.
Such a channel may also be provided through arrangements provided for by social partners. The same protection as referred to in points (b), (c) and (d) of paragraph 2 shall apply.
Member States shall ensure that decisions and measures taken pursuant to laws, regulations and administrative provisions adopted in accordance with this Directive or to Regulation (EU) No 575/2013 are subject to a right of appeal. Member States shall also ensure that failure to take a decision within six months of submission of an application for authorisation which contains all the information required under the national provisions transposing this Directive, is subject to a right of appeal.