2.3.1 Expertise

2:27 In the context of suitability assessments, the notion of expertise sensu stricto[1] encompasses several elements, i.e. knowledge, experience and skills. These three elements are complementary, and analysing each of them provides an overall picture of a particular person’s expertise. For instance, a person who has the knowledge required for a given position but who is unable to transfer and apply it within the institution does not have the required expertise.

2.3.1.1 Knowledge

2:28 “Knowledge” refers to everything that a person knows and any insight he/she has acquired. In principle, knowledge can be learned, e.g. through education, training or on the job.

2:29 Irrespective of the specific knowledge and experience required for a given position, all persons subject to suitability assessment must in principle possess basic theoretical knowledge in the following areas:

  1. banking and financial markets;
  2. regulatory framework and legal requirements applicable to the institution concerned;
  3. strategic planning and understanding of an institution’s business strategy;
  4. risk management (identifying, assessing, monitoring, controlling and mitigating the main types of risk of an institution);
  5. accounting and auditing;
  6. governance and internal control; and
  7. the interpretation of financial information and, on this basis, the identification of key issues and appropriate controls and measures.

2:30 Possession of appropriate knowledge and experience may be demonstrated by the successful completion of relevant training and the presence of relevant professional experience. “Relevant training” should be interpreted broadly. In addition to acquired (university and equivalent) degrees, in-company training courses should also be considered.

2:31 Special attention should be paid to the level and nature of education completed and its relevance to the financial sector. Generally speaking, education in the financial sector (banking, finance and insurance), economics, law, business management, general management, IT, marketing and quantitative methods can be considered relevant.

2:32 For the appointment of the senior manager who will be designated as the senior officer responsible for the prevention of money laundering and terrorist financing[2], this person is expected to demonstrate specific knowledge in anti-money laundering and countering the financing of terrorism (AML/CFT) and in AML/CFT policies, controls and procedures. He/she should have a good understanding of the money laundering and terrorist financing risk to which the institution is exposed as a result of its business model.

2.3.1.2 Experience

2:33 “Relevant professional experience” refers to experience gained in a work environment that is substantively similar or tangential to the type of institution and/or the type of position in which the person concerned is or wishes to be employed.

2:34 In order to determine the extent to which previously held positions constitute “relevant professional experience” or not, the following factors should be considered:

  • the nature and hierarchical level of the position(s) held;
  • whether the position(s) was/were held within the same institution or group;
  • the length of time over which experience was acquired (how long the position(s) was/were held);
  • the nature, complexity and organisational structure of the institution at which the position(s) was/were held;
  • the knowledge acquired in the position(s); and
  • the number of subordinates of the position(s).

2:35 The relevant professional experience of directors and senior managers is assessed by the supervisor based on the various thresholds set out in the SSM Guide, which vary according to the position concerned:

  • CEO (chair of the management committee): 10 years of recent[3] practical experience in areas related to banking or financial services. A significant part of this experience must consist of high-level management positions[4];
  • Senior manager: 5 years of recent practical experience in areas related to banking or financial services. This experience must have been acquired in high-level management positions;
  • Chair of the statutory governing body: 10 years of recent and relevant practical experience[5]. A significant part of this experience must consist of high-level management positions;
  • Non-executive director: 3 years of recent and relevant practical experience in management positions[6]. Practical experience gained in the public or academic sector may also be considered relevant.

2:36 If the above thresholds are met, the person concerned is deemed to have sufficient experience, unless there is evidence to the contrary. If the thresholds are not met, the person concerned may still be considered suitable, provided such suitability is sufficiently substantiated and justified by the institution. In this respect, please refer to the SSM Guide, which provides for an assessment of experience in two steps and which includes examples of acceptable reasons for deviating from the above thresholds.

2:37 In this regard, it should be noted that a member of the statutory governing body in its supervisory function who does not meet the required thresholds may still be considered suitable if (i) the member has experience or expertise that meets the specific needs of the institution (e.g. experience in IT or in climate or environmental risks); (ii) the member and the institution commit to the necessary training being undertaken to overcome the identified lack of experience; and (iii) the member fulfils all other suitability requirements.

2:38 Persons responsible for independent control functions should in principle have at least five years of recent and relevant practical experience, taking into account the nature and complexity of the activities and the size, risk profile and organisational structure of the institution. 

2:39 There is a specific arrangement for the person responsible for the compliance function[7].

2.3.1.3 Skills

2:40 “Skills” refer to the actions a person is competent in. They enable the person concerned to behave in a specific way in certain situations (for instance in negotiation processes or when making a decision). Like knowledge, skills can be learned.

2:41 It is primarily up to the institution to determine what skills are needed for a particular position. In doing so, it should take into account the variables set out in the point on proportionality in the introduction to this Manual.

2:42 Examples of these variables include:

  • when assessing the skills of an applicant for the position of person responsible for the risk management function (Chief Risk Officer - CRO), particular attention must be paid to his/her independent judgement and his/her ability to resist/oppose in the context of the decision-making process;
  • when assessing the skills of an applicant for the position of chair of the board of directors, the primary focus should be on the applicant’s ability to chair meetings and develop a strategy;
  • when assessing the skills of a non-executive director, particular attention should be paid to his/her ability to challenge executive directors.

2:43 Annex II to Guidelines EBA/GL/2021/06 contains a non-exhaustive list of relevant skills that institutions should take into account in the suitability assessment. The supervisor does not assess individual skills, but rather evaluates how the institution has taken the overall "skills" component into account in its internal assessment of the applicant (e.g. by organising assessments). This component can also be discussed during an interview.

[1] As mentioned in the introduction, from a legal point of view, the concept of expertise in a broad sense includes the concept of professional conduct, and thus the assessment criteria related to independence of mind, time commitment and collective suitability. However, for the sake of clarity, it was decided to address these assessment criteria separately.

[2] As a reminder, pursuant to Article 9, § 1 of the Law of 18 September 2017 on the prevention of money laundering and terrorist financing and on the restriction of the use of cash, the senior officer responsible for the prevention of money laundering and terrorist financing has the specific task of ensuring that organisational anti-money laundering measures are adopted and implemented. This designation is part of the division of tasks within the management committee and in no way diminishes the responsibility of this committee.

[3] According to the SSM Guide, the practical experience should not be older than two years. It should be noted that holding several short-term positions (e.g. temporarily replacing a person) is not automatically considered sufficiently long relevant professional experience.

[4] In principle, positions held at “N-1” level relative to the management committee.

[5] The concept of "relevant experience" is broader for a non-executive director than for a senior manager.

[6] “N-1” or “N-2” level.

[7] Without prejudice to the principles laid down in this Manual, persons responsible for the compliance function are subject to the specific requirements on appropriate knowledge and experience set out in the Regulation of the NBB of 6 February 2018 on the expertise of the persons responsible for the compliance function (Article 2). In particular, these persons must:

- have at least three years of relevant experience;

- hold a master's degree (unless they are exempted from this requirement on the basis of their practical experience and knowledge);

- have passed an examination conducted by a company whose examinations are recognised by the NBB and the FSMA and, upon passing the examination, participate every three years in a training programme with a minimum duration of 20 hours at a training company recognised by the FSMA, on the advice of the NBB.

In order to comply with the knowledge requirement on an ongoing basis, the persons responsible for the compliance function must, from their appointment, participate every three years in a training programme with a minimum duration of 40 hours. The requirements for permanent training are further explained in the explanatory note annexed to the aforementioned regulation and Communication FSMA_2018_05 of 8 May 2018 on permanent training for compliance officers.