3.5.3 Differences in scope and definitions

Neither the requirements nor the scope of EU legislation and the definitions used are fully harmonized. Determining whether or not non-executive directors come within the scope of the provisions is therefore by no means easy. Consider, for example, the phrases ‘persons who effectively conduct the business/run the undertaking’ (UCITS, AIFMD, Solvency II and IORP II). They seem to refer only to the executive members of the management body (and those who de facto act as executive members of the management body), but it is impossible to be completely sure.1 Even the General Court of the EU Court of Justice was unable to determine with certainty the meaning of the phrase ‘two people who effectively direct the business of the institution’, using a textual and historical interpretation.2 The same uncertainty exists concerning the ‘directors and persons responsible for the management of the institution’ (PSD 2 and EMD).3

Several directives and regulations make use of the term ‘management body’ (CRD IV, MiFID II and CSD Regulation) but only CRD IV clearly defines fit and proper requirements for all members of the management body, whether acting in their managerial or their supervisory function and irrespective of the use of a one tier or a two tier-board structure. The revised UCITS directive also introduces the term ‘management body’, but the fit and proper requirements for management companies and investment companies still apply to ‘persons who effectively conduct the business’ (‘senior management’). For AIF managers, fit and proper requirements are set for both ‘persons who effectively conduct the business’ as well as ‘members of the ‘governing body’. Whereas the last term does not comprise supervisory board members in a separate supervisory board, it cannot be completely ruled out that these members should, indeed, be regarded as persons who effectively conduct the business.4 In a few cases, delegated legislation or ESA Guidelines such as those for insurance companies provide some clarity, but uncertainties remain, for example with regard to collective asset managers (UCITS and AIFMs), payment service providers, electronic money institutions, SPVs and IORPs.

Likewise, senior management and key function holders do not always come within the scope of the provisions. In the case of several types of financial institution, senior management and/or key function holders are subjected to fit and proper requirements (e.g. insurance companies, pension funds, credit institutions, investment firms and payment institutions).5 However, this is not true, or unclear, of certain other categories such as collective asset managers (UCITS and AIFM), central securities depositories and CCPs.

The use of definitions can be rather puzzling. EIOPA defines the term ‘senior management’ in the same way as is done in this chapter, meaning the echelon of high-level management just below the management body.6

CRD IV and CSDR, however, use the term ‘senior management’ to indicate those natural persons who exercise executive functions within an institution and who are responsible and accountable to the management body for the day-to-day management of the institution.7 This definition seems to include both the ‘senior management’ as defined in this chapter and the executive members of the management body.

The term ‘senior management’ is used in the CRA Regulation to mean the people who effectively direct the business of the credit rating agency and the member of members of its administrative ‘or’ supervisory board, while the same term in the EMIR Regulation is used to indicate the people who effectively direct the business and (only) the executive members of the management body.8

In UCITS, the term ‘senior management’ is used as a synonym for ‘persons who effectively conduct the business’, which term seems to include the members of the management body (or at least the executive members) but not necessarily the ‘second echelon’ of managers just below the management body.9 The same uncertainty exists regarding the ‘second echelon’ in AIF managers.10

Definitions of the term ‘key function holders’ also differ. The term is used by EIOPA to identify those persons who perform functions of specific importance for the insurance undertaking in view of its business and organization. At least risk management, compliance, internal audit and the actuarial function are considered to be key functions.11

IORP II recognises the same key functions, with the exception of the compliance function. The Delegated CRA Regulation states that those required to be fit and proper are not only members of the management body but also ‘officers’ responsible for the internal audit, internal control, compliance function, risk assessment and review function (without using the term key function holder), and ‘persons appointed to direct the business of the branches’.12

Neither CRD IV nor MiFID II uses the term ‘key function holders’. However, the EBA/ESMA Guidelines on suitability (2017) explicitly mention the term ‘key function holders’. In these Guidelines they are defined as persons who have significant influence over the direction of the institution, but who are neither the CEO nor members of the management body. They include at the very least the heads of internal control functions and the CFO (where they are not part of the management body). Other key function holders might include heads of significant business lines, European Economic Area/European Free Trade Association branches, third country subsidiaries and other internal functions.13

It is also clear from Table 3.1 that members or shareholders (with qualifying holdings) do not always come within the scope of the provisions. The suitability of those members and shareholders may or may not be one of the requirements needing to be fulfilled as part of the authorization or registration process or to obtain approval for a proposed acquisition (declaration of no objection).