The Reserve Bank has published the second consultation paper on the standards to be introduced under the Deposit Takers Act 2023 (DT Act). This follows the previous consultation on the core standards that closed on 16 August 2024 (see our previous insight here) and represents the next stage in a significant, multi-year work programme by the Reserve Bank to implement the DT Act.
Standards will apply to deposit takers via their conditions of licence. The standards will apply once the DT Act is fully implemented, which is expected to be from July 2028.
The Reserve Bank is proposing that a more limited range of prudential requirements will apply to overseas deposit takers that are licensed as branches compared to locally incorporated deposit takers. This reflects the different legal structures and nature of operations of branches, and the Reserve Bank's ability to rely on branches' compliance with regulation and supervision in their home jurisdictions.
Five of the non-core standards are proposed to apply to branches:
- the branch standard (currently set out in banks' conditions of registration (CoRs) and BS1);
- the governance standard (currently set out in banks' CoRs, BS10 and BS14);
- the risk management standard (a new standard);
- the operational resilience standard (a new standard); and
- the restricted activities standard (currently set out in banks' CoRs and BS1).
In this Insight, we summarise the Reserve Bank's policy proposals for branches to be set out in the non-core standards. We have published a separate Insight on the policy proposals for locally incorporated deposit takers.
The consultation closes on 22 November 2024.
If you have any questions on the consultation paper, please get in touch with one of our experts below.
Branch standard
The branch standard will implement the final decisions arising from the Reserve Bank's branch policy review that were published last year (see our previous insight here).
The Reserve Bank's final decisions arising from the branch policy review include to:
- restrict all branches' business in New Zealand to wholesale customers only (meaning branches will not be able to offer products or banking services to retail customers in New Zealand);
- require branches to locally incorporate once their total assets exceed NZ$15 billion; and
- continue to allow dual registration, but with additional requirements to:
- ensure that the governance and risk management controls of the locally incorporated subsidiary are sufficiently separate to those of the branch; and
- further restrict the dual registered branch business to "large wholesale customers" only.
In the consultation paper, the Reserve Bank is proposing two minor refinements to its final decisions related to the definitions of "wholesale customer" and "large wholesale customer".
The Reserve Bank is also proposing a change in terminology from "dual registered" to "dual operating" to refer to an overseas deposit taker that operates in New Zealand as a locally incorporated subsidiary and as a branch.
Definition of "wholesale customer"
The Reserve Bank previously consulted on defining wholesale customer by reference to the definition of "wholesale investor" in Schedule 1 to the Financial Markets Conduct Act 2013 (FMC Act). The Reserve Bank is now proposing to use the definition of "wholesale client" in section 459(3) of the DT Act, which refers to the definition used in the Financial Service Providers (Registration and Dispute Resolution) Act 2008 (FSP Act). The definition of wholesale client in the FSP Act is broader than the definition of wholesale investor in the FMC Act because it applies to a broader range of financial services.
Definition of "large wholesale customer"
In the third consultation paper on the branch policy review, the Reserve Bank proposed that the definition of "large wholesale customer" would include a customer whose:
- total consolidated turnover is greater than NZ$50 million; or
- net assets are greater than NZ$50 million.
Submissions on the third consultation paper noted that the proposed definition could exclude entities which are highly leveraged or do not own significant assets themselves (e.g. special purpose vehicles and funds management companies).
Based on this feedback, the Reserve Bank is proposing to refine the definition of "large wholesale customer" to a customer whose:
- total consolidated turnover is greater than NZ$50 million;
- total assets are greater than NZ$75 million; or
- total assets under management are greater than NZ$1 billion.
Governance standard
The governance standard will set out minimum governance requirements for deposit takers. The standard will replace the relatively limited requirements that are currently set out in banks' CoRs, BS10 and BS14. The policy proposals have been informed by the governance thematic review that was jointly undertaken by the Reserve Bank and the Financial Markets Authority.
The governance standard will impose governance requirements on branches that relate to:
- the responsibilities of the New Zealand branch CEO; and
- the fitness and propriety of directors and senior managers of the branch.
Responsibilities of the New Zealand branch CEO
The Reserve Bank proposes to set out clearer and more extensive minimum requirements for a New Zealand branch CEO. The proposed minimum requirements relate to:
- the oversight, prudent management and strategic direction of the branch; and
- the internal governance, risk culture and values of the branch.
The proposals that the Reserve Bank is consulting on for branches include that the New Zealand branch CEO will be required to ensure that:
- senior managers' responsibilities are clear, updated and support the prudent management of the deposit taker;
- the deposit taker's strategic direction and risk management framework are clear and support the prudent management of the branch, and any deficiencies are sufficiently addressed;
- financial and non-financial reporting, such as disclosures, assurances and attestations, among others, relating to the branch are accurate and delivered within the expected period;
- the branch's governance arrangements, including information about the business relationship with the head office and the banking group, are clear, updated and support the prudent management of the deposit taker, and that any deficiencies are sufficiently addressed;
- the arrangements relating to the segregation of duties within the branch are clear and communicated throughout the deposit taker; and
- any conflict of interest is identified, reported and managed.
Under the DT Act, the New Zealand branch CEO will have a duty to exercise due diligence to ensure that the overseas deposit taker complies with its prudential obligations in New Zealand. The Reserve Bank is required to publish guidance on the due diligence duty and the role and responsibilities of the New Zealand branch CEO. The Reserve Bank is not consulting on the guidance as part of this consultation paper.
Fitness and propriety of directors and senior managers of the branch
Under the DT Act, overseas deposit takers are not required to seek the Reserve Bank's approval before appointing directors of the overseas deposit taker or senior managers of the branch (defined as the New Zealand branch CEO and CFO). However, the branch must notify the Reserve Bank of any changes to its directors or senior managers and provide a fit and proper certificate to the Reserve Bank within 20 working days of the appointment (currently the appointment of a New Zealand branch CEO requires a non-objection letter from the Reserve Bank).
In the consultation paper, the Reserve Bank is consulting on the requirements for branches to have a New Zealand branch CEO-approved fit and proper policy, the requirements for a fit and proper certificate, and the accompanying documentation to be provided to the Reserve Bank.
Risk management standard
The Reserve Bank is proposing to introduce a new risk management standard that will impose minimum requirements for risk management and apply to all deposit takers (including branches). Currently, there is only a limited requirement for the New Zealand branch CEO to attest in half-yearly disclosure statements to the adequacy of systems to manage material risks.
Broadly, the Reserve Bank is proposing to apply the same minimum requirements to branches and locally incorporated deposit takers, except for certain requirements due to the legal structure and nature of a branch's operations as part of an overseas deposit taker. For example:
- the Risk Management Framework (RMF) would only be required to relate to the branch's business in New Zealand. The branch may use the group RMF policies and procedures, so long as the New Zealand-specific prudential requirements are met and the New Zealand branch CEO is satisfied that the requirements are met in respect of the New Zealand operations. The branch will be required to consider risks from related parties within the group in its RMF;
- the proposed responsibilities that will apply to the board of a locally incorporated deposit taker will sit with the New Zealand branch CEO in the case of a branch (this also reflects the New Zealand branch CEO's due diligence duty under the DT Act);
- dual operating deposit takers will be required to have a conflicts of interest policy that specifically addresses the situation where the New Zealand branch CEO is also an employee of the locally incorporated subsidiary, as well as potential conflicts of interest between related parties;
- branches will need to comply with high-level risk management requirements to have appropriate internal processes for assessing their capital and liquidity adequacy;
- branches will not be required to undertake stress testing;
- branches will not be required to have a risk management function overseen by a CRO; and
- branches will be permitted to outsource compliance and internal assurance functions.
The Reserve Bank is seeking feedback on how risk management and compliance functions would work in the context of dual operating deposit takers where risk management and compliance functions are shared by the locally incorporated subsidiary and the branch. The Reserve Bank provides that it is open to risk management and compliance functions of the branch being resourced by the overseas deposit taker provided that sufficient resources are devoted to risks associated with the New Zealand business.
The risk management standard will apply generally to all of the deposit taker's material risks. Because the risk management standard will apply to all deposit takers, the proposed requirements will be principles-based. The Reserve Bank intends to publish guidance to accompany the risk management standard that will set out its expectations of how deposit takers can comply with the requirements, which is intended to support a proportional approach.
The Reserve Bank does not expect that the proposed requirements will carry high additional compliance costs as it expects that branches' home regulators will have equivalent requirements for the overseas deposit takers that they form part of.
Operational resilience standard
The Reserve Bank is consulting on the requirements for a new operational resilience standard that will impose minimum requirements for managing operational risk and apply to all deposit takers (including branches). Currently, there are few specific requirements for branches to adequately manage their operational risks.
The standard will set minimum requirements in four key areas:
- Operational risk management: including the requirements to have a New Zealand branch CEO-approved operational risk management framework, to be subject to annual review by internal or external auditors and reviewers, and to notify the Reserve Bank of any material operational incidents.
- Material service providers: including the requirements to have a New Zealand branch CEO-approved service provider management policy, to maintain a register of material service providers, to conduct due diligence and regular risk assessments of material service provider arrangements, and to notify the Reserve Bank of new (or material changes to) material service provider arrangements.
- Information and communication technology (ICT): including the requirements to have a New Zealand branch CEO-approved ICT strategy and framework, to set out the processes for information security control assurance, and to notify the Reserve Bank of any material ICT incidents.
- Business Continuity Planning (BCP): including the requirements to have a New Zealand branch CEO-approved BCP that complies with minimum requirements set out in the standard, to maintain the capabilities required to execute the BCP, to have a programme for testing the BCP, and to review and update the BCP (at least annually).
There will also be a new concept of "critical operations". Branches will need to identify the activities, functions and services undertaken by the branch or its service providers which, if disrupted or suddenly discontinued, could be reasonably expected to have a material adverse impact on the continued operation of the branch and its role in the financial system.
The operational resilience requirements will apply to all deposit takers and will be principles-based requirements. The Reserve Bank intends to publish guidance to accompany the standard that will set out its expectations of how deposit takers can comply with the requirements, which is intended to support a proportional approach.
The Reserve Bank does not expect that the proposed requirements will carry high additional compliance costs as it expects that branches' home regulators will have equivalent requirements for the overseas deposit takers that they form part of.
Restricted activities standard
The proposed restricted activities standard will set out the restrictions that will apply to branches' activities, which are currently set out in branches' CoRs and BS1. The proposed restrictions are very similar to the current restrictions and provide:
- the New Zealand banking group must not conduct insurance underwriting business that is greater than 1% of the total consolidated assets; and
- the New Zealand banking group must not conduct any material non-financial activities, using a materiality threshold based on Generally Accepted Accounting Principles (GAAP).