- SPEECH
Exchanging views for better bank governance and risk culture
Introductory statement by Frank Elderson, Member of the Executive Board of the ECB and Vice-Chair of the Supervisory Board of the ECB, at the stakeholder meeting on the ECB Guide on governance and risk culture
Frankfurt am Main, 26 September 2024
It is with great pleasure that I welcome you to the stakeholder meeting on the ECB Guide on governance and risk culture[1]. I am glad to see so many of you representing your banks and associations to have an open dialogue on a topic of paramount importance for all of us: governance and risk culture.
Well-run banks are the bedrock of a safe banking system.[2] That’s why we have invested so much in focusing on governance in the first decade of European banking supervision.[3] Thanks to the ongoing dialogue between supervisors and banks, as well as the hard work performed every day by myriad staff in the banks we supervise, notable expertise has been built up and progress achieved.
It is in precisely that spirit that we are here today: to listen to you, get your feedback on the Guide, but also to discuss the good practices we are seeing more and more of. And I would also like to thank those stakeholders who already provided some feedback on the Guide, which will inform our discussion today. To succeed in our common goal of making sure that banks have state-of-the art governance, it is vital that we maintain this dialogue in the future.
New ECB Guide on governance and risk culture
Why did we come up with this Guide?
In the first ten years of European banking supervision, the governance of banks under the Single Supervisory Mechanism (SSM) has improved in several areas, including management bodies’ knowledge, skills and experience and succession planning. That’s good news.
However, there is still room and need for improvement. There are persistent structural weaknesses, for instance, in the composition and effectiveness of management bodies and in the quality of oversight. For instance, one structural weakness in board composition is limited diversity, which includes gender[4] but also the geographical provenance, skills, education and experience of members.[5]
Persisting weaknesses have different root causes, some structural, some behavioural and others a combination of both, all of which need to be addressed.
To this end, we published for public consultation a Guide, which replaces the 2016 SSM supervisory statement on governance and risk appetite and reflects our experience of ten years of governance supervision across Europe. The Guide outlines our concrete supervisory expectations on governance and risk culture. And it takes into account the different governance structures and various national laws across Europe. The Guide also includes good practices based on real-life examples observed in banks covering different countries, governance structures and business models. After all, our unique vantage point as European supervisor means we can look closely at the inner workings of banks across Europe. Being able to benchmark in this way helps good supervision since we can compare banks all over Europe and have the necessary breath of insight to be able to share good practices.
The good practices observed in several banks show that some key ingredients for sound governance and risk culture are already being applied. In as far as they are not, banks are in the driving seat when it comes to putting them into practice. Of course, not all good practices are equally applicable to every single bank, in every single country and every single business model. And good practices do not constitute new supervisory requirements. Instead, they are intended as practical examples that can further inform the dialogue between our supervisory teams and banks and, importantly, drive concrete improvements in banks.
Behavioural and cultural aspects
In supervision we see that qualitative shortcomings in governance and risk culture are all too often the root cause of banks’ vulnerabilities that can later resurface also in quantitative areas such as banks’ liquidity positions.[6] Various banking crises have shown that it is often in a bank’s culture that the first whispers of trouble can be discerned.
In our governance supervision, we therefore don’t only look at the tangible elements of governance, such as the structure and composition of banks’ management bodies. We also look at the culture that drives the behaviour of people within formal governance structures.[7]
Our Guide therefore also explicitly includes risk culture encompassing dimensions such as the tone from the top and leadership, culture of effective communication, challenge and diversity, incentives, and accountability for risks. Clearly, it is for banks’ leadership, not supervisors, to set the culture. It is the role of supervisors, however, to assess whether banks’ culture is aligned with prudent risk-taking. To be clear, sound risk culture does not mean taking no risks at all. It means a culture where the risk perspective is well reflected in key strategic processes of the bank, such as strategy, decision-making and remuneration.
Our supervisory work has shown that banks must do better in terms of aligning their culture with prudent risk-taking.
Next steps
Going forward, our supervisory teams will continue to keep a close eye on the progress made by each bank. If we see that critical findings are not remediated in a timely manner, we will use all the measures in our supervisory toolkit to ensure compliance.
To conclude, strong governance and sound risk culture aren’t just an added perk. Effective management bodies and sound risk culture are more important than ever, especially in the current risk environment, in which banks are facing economic, competitive, and geopolitical headwinds.
I want to thank stakeholders for providing questions in advance of today’s meeting. These include, for example, how the Guide applies to the different governance structures across Europe and national specificities and whether it might create additional requirements. Of course, assessing risk culture requires supervisory judgement, so it is natural that there may be some question marks as to how exactly we exercise such judgement.
I trust that bringing together supervisors and banks at today’s meeting will provide further clarity on such questions.
I would like to thank you for participating in this dialogue and I wish you all a fruitful discussion.
On 24 July the ECB launched a public consultation on its new draft Guide on governance and risk culture. See, also, ECB (2024) “ECB consults on governance and risk culture”, press release, 24 July and ECB (2024), “Banks’ governance and risk culture a decade on: progress and shortcomings”, The Supervision Blog, 24 July.
“Well-run” means a management body that steers the bank, providing oversight and constructive challenge on the bank’s strategy, as well as internal control functions that challenge business lines and make sure that the bank operates within a safe control environment.
Governance has regularly been at the top of the list of SSM supervisory priorities, starting in 2015 with the thematic review on governance and risk appetite for all significant institutions, followed by a thematic review on governance for less significant institutions (2021) and a targeted analysis of management body effectiveness and diversity (2022-24).
Soberingly, although almost all banks now have a formal diversity policy in place, there has been insufficient progress on gender representation. This is not good enough, especially when we consider the Women on Boards Directive. See Elderson, F. and McCaul, E. (2023), ‘’Diversity at the top makes banks better’’, The Supervision Blog, ECB, 9 May. See also, Elderson, F (2024), “Banks’ governance and risk culture a decade on: progress and shortcomings”, The Supervision Blog, ECB, 24 July.
To ensure diversity of skills and collective suitability, for instance, we expect at least one non-executive member of the management body to have a minimum of five years of recent and specific knowledge and experience in the field of ICT and security risk management. See “New policy for more bank board expertise on ICT and security risks”, Supervision Newsletter, February 2024.
See Federal Reserve System (2023), Review of the Federal Reserve’s Supervision and Regulation of Silicon Valley Bank, April 28, and Basel Committee on Banking Supervision (2023), Report on the 2023 banking turmoil, October, pp.1 and 18-19.
We assess risk culture with a wide range of tools. This includes occasionally attending board and committee meetings, interviewing board members or conducting risk culture deep dives. Assessing behaviour and culture components has become an essential part of governance supervision in many jurisdictions around the world. See Elderson, F. (2023),’’Treading softly yet boldly: how culture drives risk in banks and what supervisors can do about it’’, speech at the 10th Conference on the Banking Union organised by Freshfields Bruckhaus Deringer, the Institute for Law and Finance at Goethe University and the Center for Financial Studies, Frankfurt am Main, 19 September.
European Central Bank
Directorate General Communications
- Sonnemannstrasse 20
- 60314 Frankfurt am Main, Germany
- +49 69 1344 7455
- media@ecb.europa.eu
Reproduction is permitted provided that the source is acknowledged.
Media contacts