Response to consultation on draft Joint ESMA and EBA Guidelines on the assessment of the suitability of members of the management body and key function holders

Go back

Question 1: Are subject matter, scope of application, definitions and date of application appropriate and sufficiently clear?

Respondents generally acknowledge and support the expansion of the Guidelines’ scope from “institutions” to the broader category of “entities”, covering credit institutions, investment firms and third‑country branches. However, they emphasise that the practical application of the revised scope and definitions requires further clarification, especially to ensure proportionality and avoid unnecessary complexity.

1. Overall support for the expanded scope

Most respondents agree that the extension of the Guidelines is:

  • aligned with CRD VI and MiFID II/MiFIR developments,
  • consistent with the objective of further harmonising suitability frameworks,
  • appropriate in including investment firms and third‑country branches,
  • compatible with different governance models (unitary/dual).

EFC’s experts note that the shift to “entities” is “functionally accurate” and improves alignment with EU law and that the scope is appropriate and sufficiently clear.

2. Need for clearer operationalisation and proportionality

A recurring theme is that the broadened scope, while conceptually sound, may be difficult to apply in practice due to:

  • high regulatory complexity,
  • numerous cross‑references,
  • extensive exclusions and differentiated applications,
  • broad and potentially ambiguous definitions.

Respondents request:

  • clearer distinctions between types of entities,
  • guidance on how to apply the Guidelines proportionately,
  • examples or explanatory notes for complex cases,
  • clarification of how “risks” (including ML/TF and ESG) should be operationalised.

EFC’s respondents remark that understanding the scope often requires comparing different regulations because of cross‑references what is not only time consumingDraft is highly technical and heavily cross-referenced, so it is clear for practitioners but less accessible for readers without a regulatory background. It would help to include a short plain-language overview of the main categories and which provisions apply to each of them, and such explanatory material could also be included in the accompanying documents to these Guidelines.

 

3. Concerns about overly broad definitions

Several respondents highlight that terms such as:

  • “entities”,
  • “key function holders”,
  • “persons with significant influence”,

may lead to overly expansive implementation, especially in large groups.

 

They stress that:

  • identification of key function holders must remain risk‑based and materiality‑based,
  • the Guidelines should not extend beyond CRD,
  • only individuals with genuine, material influence should fall within scope.

4. Requests for simplification and usability improvements

Respondents propose several tools to improve clarity and usability:

  • tables,
  • decision trees,
  • synthetic overviews of exclusions,
  • practical examples,
  • annexes illustrating specific governance situations (e.g., owner‑managed entities, third‑country branches).

5. Positive assessment of proportionality mechanisms

Some respondents welcome the differentiated application of the Guidelines, especially:

  • explicit exclusions for class 3 investment firms,
  • tailored requirements for third‑country branches,
  • recognition of different governance structures.

They view these elements as strengthening proportionality and reducing unnecessary burden for low‑risk entities.

6. Additional clarifications requested

Respondents ask for further guidance on:

  • the delineation of roles in one‑tier board systems,
  • how to apply the Guidelines in group structures,
  • how to interpret “significant influence” in the context of third‑country branches,
  • how to balance diversity expectations with the realities of small institutions,
  • how to implement balanced diversity in small entities.

Overall Synthesis of respondents' answers to question 1

Respondents broadly support the expanded scope and updated definitions, recognising their alignment with EU regulatory developments. However, they consistently call for greater clarity, simplification and practical guidance to ensure that the Guidelines remain proportionate, operational and usable across diverse entity types and governance models.

Question 2: Are the changes made in Title II appropriate and sufficiently clear?

EFC has not expressed a position in this area of the consultation

Do you have any views on the provisions regarding these independence criteria? Please explain any aspects that may influence the effectiveness, clarity, or implementation of these independence criteria across different business models/types of institutions.

 

Respondents generally support the strengthened and more granular approach to independence criteria, recognising their importance for effective governance. At the same time, they highlight practical challenges, interpretation issues, and divergent impacts across business models, calling for further clarification and proportionality.

1. Overall support for the proposed independence framework

Most respondents view the proposed criteria positively, noting that:

  • the approach remains proportionate,
  • independence is a good governance practice,
  • requiring at least one independent member in non‑significant and non‑listed entities is reasonable,
  • the distinction between “independence of mind” and formal independence is conceptually sound, well-judged and systemically coherent.

2. Practical challenges across different business models

Respondents emphasise that the feasibility of meeting independence criteria varies significantly depending on:

  • ownership structure (e.g., concentrated ownership, state‑owned entities),
  • cooperative or mutual structures,
  • small or specialised institutions,
  • group structures with cross‑appointments.

In such contexts, the pool of candidates meeting strict formal independence criteria may be very limited in certain ownership models.

3. Need for clearer distinction between independence of mind and formal independence

Several respondents request further clarification on:

  • how to assess independence of mind in practice,
  • how to treat intra‑group relationships,
  • representation of shareholders,
  • previous employment within the group,
  • economic or business links.

They stress that independence assessments should focus on substance over form, and that additional practical examples would be helpful.

 

4. Concerns about increasing formalisation and regulatory burden

Respondents warn that:

  • independence requirements are already multi‑layered and demanding,
  • rising regulatory expectations (e.g., under DORA) increase workload and personal liability,
  • smaller institutions may struggle to attract qualified independent candidates,
  • excessive formalisation may prioritise compliance over effective supervisory challenge (an overemphasis on form over substance)

5. Divergences between regulatory regimes and national frameworks

Some respondents highlight challenges arising from:

  • differences between EU‑level and national independence requirements,
  • the need for KNF approval to amend Articles of Association in Poland,
  • potential inconsistencies across regulatory frameworks.

They note that independence criteria embedded in corporate documents may be difficult to adjust quickly.

6. Specific technical issues requiring clarification

Respondents raise several detailed points:

  • 12‑year tenure rule: Questions arise about whether a one‑year break resets the independence clock and whether 12 years is an appropriate threshold.
  • Financial independence: Respondents find the concept insufficiently defined and suggest requiring institutions to adopt clear internal definitions.
  • Cooling‑off periods: Some propose introducing explicit “periods to erase relationships” (e.g., after serving in executive roles).
  • Training obligations: Respondents support the requirement for training to ensure adequate knowledge, time commitment and conflict‑of‑interest management.
  • Group‑owned entities: Exemptions for wholly owned subsidiaries should be applied cautiously, ensuring equivalent group‑level oversight.

7. Effectiveness and enforcement in practice

Some respondents note that while criteria may be clear on paper, enforcement is challenging. illustrating the gap between formal independence and actual board dynamics (“it is me who makes sure that the main shareholder remembers about the others”). 

Overall synthesis of respondents' answers to question 3

Respondents broadly support the enhanced independence criteria and the conceptual clarity introduced by distinguishing independence of mind from formal independence. However, they consistently call for:

  • greater practical guidance,
  • clarification of ambiguous concepts,
  • proportionate application,
  • recognition of diverse business models,
  • avoidance of excessive formalisation,
  • clearer definitions of financial and tenure‑related independence.

The overarching message is that independence is essential, but its regulation must remain practical, risk‑based and sensitive to institutional realities.

Question 4: Are the changes made in Title III appropriate and sufficiently clear?

With regard to Question 4, EFC provided comments only on points III.6.69 (Adequate knowledge, skills and experience) and III.8.86–87 (Reputation, honesty and integrity).

According to point III.6.69 (Adequate knowledge, skills and experience):

General Overview

The respondents generally expressed support for the proposed amendments and additions concerning the assessment of the knowledge, skills, experience and behavioural competencies of members of management bodies and key function holders. Most respondents acknowledged that the revised framework appropriately reflects the increasing complexity of the regulatory and operational environment in the financial sector, including emerging risks related to ESG, ICT, cyber resilience, artificial intelligence, AML/CFT, crypto-assets and data protection.

At the same time, respondents identified several areas where further clarification, simplification or stronger emphasis on proportionality would be beneficial. A recurring theme across the responses was the need to avoid transforming the assessment framework into an excessively formalistic or overly technical exercise, particularly for smaller or less complex institutions.

Positive Assessment of the Expanded Competency Framework

Many respondents considered the expanded list of competencies and knowledge areas to be justified and broadly appropriate. In particular, respondents supported the inclusion of:

  • ESG and climate-related risks;
  • ICT and cyber risks, including DORA-related requirements;
  • AML/CFT obligations;
  • data protection;
  • crypto-assets and digital finance;
  • behavioural competencies, including the ability to articulate views, challenge proposals and participate actively in strategic discussions.

Respondents noted that these additions better reflect the current regulatory landscape and the practical expectations placed on members of management bodies. Several responses emphasised that the revised text appropriately integrates prudential, technological and compliance-related dimensions of governance.

A number of respondents also positively assessed the explicit recognition of behavioural competencies. They observed that the revised wording more accurately captures the practical role of management body members than the 2021 Guidelines, where such expectations were addressed only indirectly.

Concerns Regarding Excessive Breadth and Over-Formalisation

Despite the generally positive assessment, several respondents warned that the revised catalogue of competencies may become excessively broad and cumulative. Concerns were raised that the framework could be interpreted as requiring each individual member of the management body to possess specialist expertise across multiple highly technical domains.

Respondents stressed that such an interpretation would risk:

  • creating an unrealistic expert-level competence framework;
  • duplicating requirements already embedded in sectoral regimes such as DORA, the AI Act, AML/CFT, ESG frameworks and MiCA;
  • increasing regulatory burden without necessarily improving governance quality;
  • encouraging a formalistic “checklist” approach to individual suitability assessments.

Some respondents further noted that elements such as the ability to articulate views or actively engage in strategic discussions may be difficult to assess objectively.

Strong Emphasis on Proportionality

One of the most consistent themes across the responses was the importance of proportionality.

Respondents repeatedly requested clarification that:

  • the assessment should be tailored to the institution’s size, business model and risk profile;
  • not all competencies are expected at the same depth for every individual;
  • the assessment should focus primarily on collective suitability at the level of the management body as a whole;
  • individual assessments should reflect the person’s actual role, responsibilities and committee membership.

This concern was particularly emphasised in relation to smaller and specialised institutions, including mortgage banks with simpler business models and limited risk profiles. Respondents argued that, without a clearer proportionality framework, the revised Guidelines could impose disproportionate compliance burdens.

Several respondents also called for clearer guidance on the expected level and granularity of knowledge in newly introduced areas, especially for non-executive members.

Suggestions for Clarification and Structural Improvements

Respondents proposed several drafting and structural improvements to increase clarity and consistency.

Key suggestions included:

  • clarifying the distinction between competencies expected collectively and those expected individually;
  • simplifying or avoiding duplication between individual and collective assessment criteria;
  • providing clearer explanations regarding data protection competencies and their relationship with ICT risk management;
  • clarifying whether AI-related requirements refer primarily to conceptual understanding or to operational expertise;
  • restructuring provisions relating to crypto-asset entities so that they are addressed separately and more clearly;
  • explicitly recognising relevant experience gained outside traditional professional careers, including academic work or NGO/voluntary activities, particularly in ESG-related areas
  • professional experience and qualifications should not only be declared but also properly documented and independently verified..

Overall conclusion of respondents' answers to question 4- III.6.69 (Adequate knowledge, skills and experience):

Overall, the responses indicate broad support for the direction of the proposed amendments. Respondents generally agreed that the revised Guidelines appropriately reflect the evolving governance, technological and regulatory challenges faced by financial institutions.

However, respondents also consistently called for:

  • stronger and more explicit application of the proportionality principle;
  • clearer differentiation between individual and collective suitability requirements;
  • additional clarification regarding the expected depth of expertise in specialised areas;
  • avoidance of excessive formalism and unnecessary duplication of regulatory requirements.

The consultation responses therefore suggest that, while the proposed changes are viewed as substantively justified and largely clear, further refinement could improve their practical applicability, consistency and proportional implementation across different types of institutions.

According to point III.8.86–87 (Reputation, honesty and integrity):

Respondents generally welcome the intention behind the amendments to the reputation, honesty and integrity criteria, especially the stronger alignment with AML/CFT risk considerations. At the same time, they consistently highlight the need for greater clarity, proportionality and legal certainty.

1. Overall assessment of the amendments

Across responses, there is broad agreement that the proposed changes are appropriate in principle and move in the right direction. Several respondents emphasise that the additions:

  • Increase transparency of the assessment criteria
  • Strengthen supervisory expectations in high‑risk ML/TF contexts
  • Expand the scope of relevant circumstances, including sanctions, high‑risk jurisdictions, opaque ownership structures, and relationships with sanctioned persons

2. Need for further clarification and precision

A dominant theme is that many of the new criteria remain too broad, qualitative or open‑ended, which may lead to inconsistent application. Respondents call for:

  • Clearer definitions of risk factors, especially historical or indirect relationships
  • Distinguishing between triggers for enhanced scrutiny and factors that should directly lead to a negative assessment
  • Clarifying the weight of various indicators (e.g., family ties, past associations, sectoral exposure)
  • Specifying the time horizon for backward‑looking checks
  • Clarifying minimum documentation standards, especially where access to foreign registers is limited

3. Proportionality and evidence‑based assessment

Respondents stress that assessments must remain:

  • Proportionate, especially for smaller institutions
  • Grounded in verifiable information, not assumptions
  • Linked to the individual’s own actions or omissions

Several note that institutions cannot realistically verify certain types of information (e.g., activities of family members or associates), and therefore assessments must rely on candidate declarations unless reliable external sources exist.

4. Scope of supervisory vs. institutional obligations

Multiple respondents request clarification on who is responsible for applying the new requirements:

  • Some provisions appear directed at supervisory authorities, not institutions
  • Respondents ask for explicit differentiation between obligations of institutions and obligations of supervisors

This is seen as essential to avoid misinterpretation and undue compliance burdens.

5. Additional areas suggested for inclusion

Respondents propose expanding the scope of relevant considerations to include:

  • Audit‑related infringements and breaches of professional ethics
  • Professional disciplinary proceedings, not only criminal or administrative ones
  • All supervisory actions, including warnings and penalties

6. Treatment of sanctions‑related cases

While respondents support the inclusion of EU and national sanctions as relevant factors, they request clarification on:

  • How to treat cases where sanctions have been lifted
  • How to assess situations where sanctions are formally contested by the individual

7. Relationship with fundamental legal principles

Several respondents highlight the need to reconcile the new criteria with:

  • The presumption of innocence
  • Fairness and predictability in suitability assessments

They caution against allowing unverified suspicions or indirect associations to become de facto grounds for negative assessments.

Overall synthesis of respondents' answers to question 4 - III.8.86–87 (Reputation, honesty and integrity):

Respondents support the strengthened, risk‑sensitive approach to assessing reputation, honesty and integrity, particularly in the AML/CFT context. However, they unanimously call for greater precision, clearer boundaries, and more explicit procedural guidance to ensure consistent, proportionate and fair implementation across institutions and jurisdictions.

Question 5: Are the changes made in Title IV appropriate and sufficiently clear?

With regard to Question 5, EFC provided comments only on point IV.10.106

Below is a comprehensive, consolidated synthesis of all respondent views for Question 5 –The synthesis reflects the full spectrum of positions and integrates the nuances across institutions and business models.

Respondents broadly welcome the expansion of induction and ongoing training requirements to include ICT risks, ESG factors and transmission channels, and the use of AI technologies. These areas are widely recognised as increasingly material to the effective functioning of management bodies. At the same time, respondents emphasise the need for greater clarity, proportionality, and flexibility to ensure that the requirements are meaningful and not duplicative or overly burdensome.

1. Overall support for the expanded training scope

Across responses, there is strong agreement that the proposed additions:

  • reflect current supervisory priorities and evolving risk landscapes,
  • strengthen the ability of management bodies to exercise effective oversight,
  • align with broader EU regulatory developments (e.g., DORA, ESG reporting frameworks, AI governance),
  • are already consistent with practices in larger institutions.

Respondents repeatedly note that ICT, ESG and AI are “increasingly important areas for effective performance of management body functions”.

2. Need for clearer expectations regarding scope, depth and frequency

A dominant theme is that the Guidelines do not sufficiently specify:

  • how detailed the training should be,
  • how often it should be delivered or refreshed,
  • how to calibrate training to the institution’s size, risk profile, and actual use of ICT/AI/ESG processes,
  • whether AI training is intended to be mandatory or merely illustrative.

Respondents request explicit clarification that training should be:

  • proportionate,
  • risk‑based,
  • role‑specific,
  • materiality‑driven.

Without such clarification, institutions fear that training may become formalistic rather than effective.

3. Avoiding duplication with existing regulatory frameworks

Respondents stress that many institutions already conduct extensive training under:

  • DORA and ICT risk management frameworks,
  • ESG reporting and sustainability governance,
  • internal AI governance processes,
  • existing internal control and risk management systems.

They caution that the Guidelines should not create parallel or duplicative training obligations, but instead allow institutions to rely on existing programmes where appropriate.

4. Proportionality concerns, especially for smaller institutions

Smaller institutions highlight that:

  • they already face heavy training burdens,
  • the incremental benefit of additional mandatory topics may be limited,
  • resource constraints (financial and human) make extensive training difficult,
  • the pool of individuals with expertise in ICT/ESG/AI is limited.

Respondents emphasise that training requirements must be scalable and practical, particularly for small banks, specialised institutions, and entities with simple business models.

5. Clarification of applicability, especially for ESG

Some respondents note that ESG‑related training should apply only to entities subject to sustainability reporting obligations, not universally. They propose adding language such as:

“These recommendations apply to entities required to report sustainability information under applicable law.”

This is particularly relevant for third‑country branches and entities outside the EU ESG reporting regime.

6. Role‑based differentiation

Respondents ask whether:

  • all members of the management body should receive identical training, or
  • training should be differentiated based on role (executive vs. non‑executive), area of oversight, or committee membership.

Many argue that a one‑size‑fits‑all approach is neither efficient nor aligned with the principle of proportionality.

7. Positive assessment of documentation and resource requirements

Respondents support:

  • the requirement to ensure adequate financial and human resources for training,
  • the obligation to document and regularly update training plans,
  • the emphasis on continuous learning, especially in fast‑evolving areas like AI and ESG.

Some propose introducing a minimum frequency for training updates, given the rapid pace of technological and regulatory change.

 

8. Broader reflections on the importance of continuous learning

Several respondents highlight that:

  • ESG awareness and AI adoption have transformed both private and professional environments,
  • continuous upskilling in these areas is a “must‑have”,
  • institutions should not only support but require directors to maintain and update their knowledge.

This reflects a broader cultural shift toward lifelong learning in governance roles.

Overall synthesis of respondents' answers to question 5

Respondents broadly support the inclusion of ICT, ESG and AI topics in induction and ongoing training requirements. However, they consistently call for:

  • clearer guidance on scope, depth, and frequency,
  • explicit proportionality, especially for smaller institutions,
  • avoidance of duplication with existing regulatory frameworks,
  • role‑based differentiation,
  • clarification of ESG applicability,
  • flexibility to tailor training to actual business models and risk profiles.

The overarching message is that the amendments are directionally correct, but their practical implementation requires refinement to ensure that training remains effective, proportionate and meaningful, rather than purely formal.

Question 6: Are the changes made in Title V appropriate and sufficiently clear?

EFC has not expressed a position in this area of the consultation 

Question 7: Are the changes made in Title VI appropriate and sufficiently clear?

EFC has not expressed a position in this area of the consultation 

Question 8: Are the changes made in Title VII appropriate and sufficiently clear?

EFC has not expressed a position in this area of the consultation 

Question 9: Are the changes made in Title VIII appropriate and sufficiently clear?

With regard to Question 9, EFC provided comments only on points VIII.24.217-226 (Enhanced dialogue between the competent authority and large entities) and VIII.26.233-237 (Reasonable ground to suspect ML/TF activities or risks)

According to point VIII.24.217-226 (Enhanced dialogue between the competent authority and large entities):

Respondents generally recognise the purpose and potential benefits of the enhanced dialogue mechanism, particularly its ability to clarify suitability concerns before a candidate takes office. At the same time, they emphasise that the mechanism, as drafted, requires significant clarification to ensure predictability, proportionality and legal certainty.

1. Overall perception of enhanced dialogue

Most respondents view the concept positively, noting that early supervisory interaction can:

  • improve transparency and mutual understanding,
  • reduce the risk of later disputes,
  • support smoother succession planning,
  • prevent binary “approve/reject” outcomes
  • limit the risk of later disputes regarding the suitability assessment

 

2. Need for clearer procedural rules

A dominant theme is the lack of procedural clarity. Respondents request detailed guidance on:

  • the sequence of steps,
  • timelines for supervisory feedback,
  • scope of information requests,
  • criteria for triggering enhanced dialogue,
  • the legal status of concerns raised,
  • the consequences of non‑response by the authority or institution.

Several warn that without clear rules, enhanced dialogue may function as a de facto suspension of appointments (risk theat the authority could block the appointment without conducting formal proceedings).

3. Distinction between dialogue and formal assessment

Respondents stress the need to clearly separate:

  • informal, preliminary supervisory exchanges, and
  • the formal ex ante or ex post suitability assessment.

 

They caution that unclear boundaries may lead to:

  • inconsistent supervisory practices,
  • uncertainty for candidates,
  • delays in appointment processes,
  • conflicts with national corporate law.

Some respondents propose that enhanced dialogue should be used only in exceptional cases where there are specific, substantiated concerns.

4. Impact on appointment processes and succession planning

Respondents emphasise that enhanced dialogue must not:

  • unduly delay appointments,
  • hinder urgent replacements (e.g., resignations, crisis situations),
  • complicate competitive recruitment processes.

Several note that if enhanced dialogue is meant to apply also in jurisdictions with ex post assessments, this must be explicitly clarified, as the current heading is ambiguous.

5. Clarification of responsibilities

Respondents request explicit guidance on:

  • whether obligations in the Guidelines apply to institutions, supervisory authorities, or both,
  • how concerns should be communicated (to the institution vs. to the candidate),
  • how institutions should document the process.

6. Legal effects and consequences

Respondents ask for clarification on:

  • what happens if an institution proceeds with an appointment while dialogue is ongoing,
  • whether concerns raised during dialogue have any binding effect,
  • how such concerns influence the final suitability decision,
  • how to document concerns in a way that respects data protection and proportionality.

 

7. Supportive views

 

Despite the concerns, several respondents explicitly support the introduction of enhanced dialogue, which seems to be operational and transparent, noting that it can:

  • address suitability concerns early,
  • promote transparency and predictability,
  • avoid unnecessary delays or binary outcomes.

Overall Synthesis of respondents' answers to question 9- point VIII.24.217-226 (Enhanced dialogue between the competent authority and large entities):

Respondents broadly support the concept of enhanced dialogue but emphasise that its practical value depends on substantial clarification. They call for:

  • clear procedural safeguards,
  • defined timelines and triggers,
  • explicit allocation of responsibilities,
  • clarity on legal effects,
  • proportionality and flexibility in urgent cases.

Without these clarifications, enhanced dialogue risks becoming an informal but restrictive supervisory tool, potentially delaying appointments and creating legal uncertainty.

According to point VIII.26.233-237 (Reasonable ground to suspect ML/TF activities or risks)

Respondents generally support the direction of the proposed amendments, recognising the need for supervisory authorities to reassess suitability where there are reasonable grounds to suspect ML/TF activities or elevated ML/TF risk. However, they emphasise that the concept of “reasonable grounds” must be more precisely defined to ensure proportionality, fairness and legal certainty.

1. Overall support for the objective

Most respondents agree that enabling reassessment in ML/TF‑related situations is justified and aligned with:

  • sound corporate governance,
  • effective risk management,
  • the EU’s strengthened AML/CFT framework.

It is also reasonable for the Guidelines to specify how ML/TF concerns may be taken into account in suitability assessments.

2. Need for clearer definition of “reasonable grounds”

A dominant theme is the ambiguity of the threshold. Respondents request clarification on:

  • what constitutes high‑value, reliable evidence vs. weak or unverified signals,
  • how to treat adverse media, investigative journalism, and whistleblowing reports,
  • the evidentiary weight of different information sources,
  • how to distinguish systemic AML/CFT failures from individual accountability.

Several warn that the current wording risks turning suitability into a quasi‑sanctioning mechanism, with one respondent noting that the broad concept may “blur the line between system‑level failures and individual responsibility”.

3. Proportionality and the need for a clear link to individual responsibility

Respondents stress that reassessment should not be automatic whenever ML/TF issues arise at the institutional level. Instead, there must be:

  • a documented, proportionate connection between the ML/TF concern and the individual’s role, duties or conduct,
  • safeguards to avoid penalising individuals for structural or historical weaknesses unrelated to their actions,
  • recognition that institutions already have specialised AML/CFT roles (e.g., AMLRO) responsible for system‑level compliance.

4. Clarification of information sources and verification standards

Respondents request guidance on:

  • how to assess the credibility and reliability of public sources,
  • how to treat unverified allegations,
  • the role of AML/CFT supervisory authorities in providing information,
  • the extent to which institutions may legally obtain information about candidates with whom they have no contractual relationship,
  • legal basis to obtain certain AML/CFT‑related information about external candidates.

5. Avoiding duplication with AML/CFT supervisory processes

Respondents emphasise that suitability reassessment should not:

  • duplicate AML/CFT investigations,
  • substitute for formal enforcement mechanisms,
  • create parallel supervisory processes.

Reassessment should be triggered only when ML/TF concerns are genuinely relevant to the suitability of the individual.

6. Positive assessment of the expanded catalogue of “reasonable grounds”

Several respondents welcome the more operational and multi‑source model, noting that it appropriately includes:

  • reliable information from AML/CFT authorities,
  • material breaches of AML/CFT rules,
  • significant business model changes without adequate controls,
  • allegations of facilitating ML/TF offences,
  • information from criminal proceedings.

They also support the requirement to consult AML/CFT authorities, which aligns with the new EU AML/CFT architecture.

7. Additional clarifications requested

Respondents propose further refinements, including:

  • specifying how to treat time‑barred offences or the passage of time since a breach,
  • clarifying procedures when AML/CFT authorities inform institutions of elevated risk after an appointment,
  • defining the scope of actions authorities may take only where they have legal competence to do so.

 

Overall Synthesis of respondents' answers to question 9 - VIII.26.233-237 (Reasonable ground to suspect ML/TF activities or risks)

Respondents broadly support the strengthened link between ML/TF risk and suitability assessments. However, they unanimously call for greater precision in defining “reasonable grounds”, clearer evidentiary standards, and safeguards to ensure that reassessment is proportionate, evidence‑based, and focused on individual responsibility rather than institutional shortcomings.

Question 10: Are the changes made in Title IX appropriate and sufficiently clear?

EFC has not expressed a position in this area of the consultation

Question 11: Are the changes made to Annex 1 and Annex II appropriate and sufficiently clear?

EFC has not expressed a position in this area of the consultation

Question 12: Is the table on scope of application of the Joint Guidelines appropriate and sufficiently clear?

EFC has not expressed a position in this area of the consultation

Upload files

Name of the organization

Centrum Myśli Strategicznych/European Financial Congress (EFC)