Recently, the China Banking and Insurance Regulatory Commission ("CBIRC") issued the Measures for Regulatory Assessment of Corporate Governance of Banking and Insurance Institutions (the "2022 Measures")1, which replace the Measures for Regulatory Assessment on Corporate Governance of Banking and Insurance Institutions (for Trial Implementation) (the "2019 Measures") issued by CBIRC on 25 November 2019.

In recent years, CBIRC has on many occasions strengthened its regulation of corporate governance of financial institutions. Since the issuance of the 2019 Measures, CBIRC has successively issued a series of important regulatory rules on corporate governance, such as the Corporate Governance Rules of Banking and Insurance Institutions, the Measures on the Supervision of the Conduct of Major Shareholders of Banking and Insurance Institutions (for Trial Implementation), etc. As a mid- to long-term action plan for corporate governance, CBIRC also formulated the Three-Year Action Plan (2020-2022) for Corporate Governance in the Banking and Insurance Industries (the "Action Plan"). Meanwhile, we have also observed CBIRC increasingly targeting banking and insurance institutions (collectively, the "institutions") over improper corporate governance acts.

In this respect, there is an actual need for CBIRC to modify and supplement the 2019 Measures in order to improve corporate governance assessment mechanisms, enhance their quality and effectiveness and to echo the newly issued rules and the Action Plan.

New requirements / Major changes

We have conducted an overall comparison and analysis of the 2022 Measures against the 2019 Measures. In the following sections, we will highlight and comment on the New requirements / Major changes of the 2022 Measures versus the 2019 Measures.

I.New scope of application

The 2022 Measures expand the scope of application of the 2019 Measures.

In addition to commercial banks and insurance companies originally covered in the 2019 Measures, the 2022 Measures also include in their scope rural cooperative banks, financial asset management companies, financial leasing companies, finance companies of enterprise groups, auto finance companies, consumer finance companies and currency brokerage companies and specify the definition of insurance companies as property insurance companies, reinsurance companies, and life insurance companies (Art. 3 of the 2022 Measures).

II. Incremental requirements for the key contents of assessment

The 2022 Measures refine scenarios to be directly assessed as Grade E (Art. 8 of the 2022 Measures):

1. shareholders conduct illegal related-party transactions with their institutions, which seriously affects the authenticity of the capital adequacy ratio and solvency adequacy ratio of the institutions; and

2. the shareholder's (general) meeting or the board of director have been unable to hold regular meetings or make decisions for more than one year.

III. Incremental and modified requirements for the procedures

The 2022 Measures optimize the assessment mechanism and highlight the key areas of corporate governance. Noteworthy requirements / major changes mainly include:

1. specifying the frequency of regulatory assessment: the institutions should in principle conduct assessments on an annual basis; the frequency for institutions with results of Grade B or above could be appropriately reduced (to at least biennially) (Art. 10 of the 2022 Measures);

2. with respect to the processes of regulatory assessment, adding the two steps of "annual assessment plan formulation" and "regulatory review", and modifying the "results feedback" to "results analysis and feedback" (Art. 12 of the 2022 Measures);

3. instead of adopting the fixed indicators in the 2019 Measures, CBIRC will dynamically adjust the assessment plan and assessment indicators on an annual basis pursuant to changes in the macroeconomic and financial situation, risk characteristics of corporate governance within the industry, regulatory rules and the focuses of attention (Art. 13 of the 2022 Measures);

4. modifying the time requirements and overall steps of the assessment (see the table below for details) (Arts. 14 to 23 of the 2022 Measures); and

5. clarifying the coverage of on-site assessment, from "no less than 30% coverage of each type of institutions each year" to "full coverage of the institutions under a 3-year cycle" (Art. 16 of the 2022 Measures).

IV. Incremental requirements / Material changes for the results and applications of the assessment

The 2022 Measures have made the following enhancements on top of the 2019 Measures:

1. Grade A: CBIRC will conduct regular regulatory activities to urge institutions to maintain good corporate governance, removing the statement of "not conducting any special regulatory measures" under the 2019 Measures (Art. 26 of the 2022 Measures);

2. Grade D or below: such institutions should be classified as regulatory targets. CBIRC will specify clear regulatory measures and rectification requirements based on their identified problems in corporate governance (Art. 27 of the 2022 Measures);

3. Grade E: in addition to the regulatory measures against Grade D institutions, such institutions may further be restricted from carrying out credit-granting, capital-use and capital-based related-party transactions in accordance with the Measures on the Management of the Related-Party Transactions of Banking and Insurance Institutions. CBIRC may also conduct on-site inspections of the relevant institutions (Art. 26 of the 2022 Measures);

4. in principle, the specific information of the regulatory assessment of corporate governance is only for the internal use of regulators; regulators may take appropriate measures to share the results with relevant government departments when necessary (Art. 28 of the 2022 Measures); and

5. leaving space for the potential regulatory targets, allowing CBIRC to conduct trial assessments of corporate governance on institutions that are not included in the 2022 Measures (Art. 29 of the 2022 Measures).

V. Procedures and steps of the corporate governance assessment process

Procedures and steps

Due date

Notes

1. CBIRC issues an annual assessment plan

  /

a. CBIRC formulates an annual assessment plan for corporate governance regulatory assessments and specifies the targets, assessment points, scoring criteria and specific arrangements according to changes in the macroeconomic and financial situation, risk characteristics of industry corporate governance, regulatory rules and focuses of attention; and

b. as of now, CBIRC has not issued an annual assessment plan for this year.

2. Institutions conduct self-assessments to formulate reports

By the end of February

Institutions shall submit corporate governance self-assessment reports and relevant supporting materials to regulators.

3. CBIRC implements the regulatory assessments

By the end of May

a. for the institutions directly supervised by CBIRC Headquarters: the regulator is the institutional supervisory department of CBIRC; and

b. for the institutions supervised by a local CBIRC: the regulator is the local bureau.

On-site assessments: on-site material reviews, systems checks, and communications with directors, supervisors and senior management personnel, combined with daily off-site supervision and prior on-site inspections.

Off-site assessments: review of self-assessment reports and the supporting materials submitted by institutions, combined with daily off-site supervision and prior on-site inspections.

4. Institutional supervisory department reviews the assessment results by the local CBIRC

By the end of June

a. reviewing the results based on daily supervisory information and the risk status of the institutions; and

b. institutional supervisory department should provide the review results to the local CBIRC.

5. CBIRC analyses assessment results

/

(before the next step due in July)

a. institutional supervisory department of CBIRC/local CBIRC analyzes the annual assessment status and assessment results, summarizes the risk issues, promotes relevant recommendations and reports them to the Office of Corporate Governance Regulatory Assessment; and

b. the Office of Corporate Governance Regulatory Assessment may, in conjunction with institutional supervisory department of CBIRC/local CBIRC, conduct random checks of regulatory assessments during/after the assessment process to align the assessment standards.

6. CBIRC provides feedback on assessment results

By the end of July

a. institutional supervisory department of CBIRC or local CBIRC conducts "one-on-one" feedback;

b. the feedback includes but is not limited to: the assessment results, the major problems of corporate governance and rectification requirements; and

c. institutional supervisory department of CBIRC/local CBIRC supervises institutions to complete rectification of the problems.

7. Institutions communicate the assessment results internally

/

a. communicating the assessment results to the board of directors, supervisory board and senior management of institutions;

b. the communication includes but is not limited to: the assessment results, feedback from regulators on major problems and rectification requirements; and

c. timely completing rectification of problems according to regulatory requirements.

8. CBIRC takes supervisory measures

/

a. institutional supervisory department of CBIRC/local CBIRC takes supervisory measures according to assessment results; and

b. timely initiating the investigation procedures if the institution's violation may result in administrative penalties.

9. Post-evaluation of effectiveness

  /

a. timely conducting post-evaluation of the effectiveness of regulatory assessment, continuously improving and perfecting the system of regulatory assessment of the institution's corporate governance; and

b. establishing information systems for regulatory assessment of corporate governance of institutions, strengthening the information management of the whole assessment process.


VI. Comparison of the 2022 measures with the 2019 measures

Score of regulatory assessment
(out of 100 points)

Regulatory measures in 2019 measures

Regulatory measures in 2022 measures

Changes in regulatory measures

Grade A -Excellent (Above 90):

All aspects of corporate governance are sound, no obvious compliance and effectiveness issues have been identified, and the corporate governance mechanism is operating effectively.

No special regulatory measures.

Conducting regular supervision to urge institutions to maintain good corporate governance.

Regular supervision of Grade A institutions.

Grade B – Good (Below 90 and Above 80):

Corporate governance is basically sound, while there are some weaknesses, and the relevant institutions can actively take measures to rectify and improve.

Paying attention to changes in corporate governance risks and guiding institutions to gradually improve corporate governance through window guidance and regulatory conversations.

Paying attention to changes in corporate governance risks and guiding institutions to gradually improve corporate governance through window guidance and regulatory conversations.

None.

Grade C –Qualified (Below 80 and Above 70):

There are certain deficiencies in corporate governance, and the compliance or effectiveness of corporate governance needs to be improved.

In addition to the supervisory measures on the Grade B institutions, Grade C institutions may also be subject to measures in accordance with the circumstances (such as issuance of supervisory letters, holding the responsible persons accountable, rectification within a prescribed period).

In addition to the supervisory measures on the Grade B institutions, Grade C institutions may also be subject to measures in accordance with the circumstances (such as issuance of supervisory letters, rectification within a prescribed period).

Removing the requirement to order institutions to hold the responsible persons accountable.

Grade D – Weak (Below 70 and Above 60):

There are more outstanding problems in corporate governance: relatively poor compliance, deficiencies in effectiveness and weak foundation of corporate governance.

In addition to the measures taken against Grade C institutions, Grade D institutions would be identified to be not up to good standards in market entry application.

At the same time, supervisory measures (such as suspension of business or branch set-up) may also be taken in accordance with laws and regulations.

In addition to the measures taken against Grade C institutions, Grade D institutions would be identified to be not up to good standards in market entry application.

At the same time, supervisory measures (such as suspension of business or branch set-up) may also be taken in accordance with laws and regulations.

CBIRC should classify institutions of Grade D or below as key regulatory targets and put forward clear regulatory measures and rectification requirements.

1. regulators should classify the institutions with Grade D or below as key regulatory targets and put forward clear regulatory measures and rectification requirements; and

2. for Grade E institutions, the 2022 Measures incrementally require regulators to restrict institutions from carrying out credit granting, capital-use and capital-based related-party transactions in accordance with the Measures on the Management of the Related-Party Transactions of Banking and Insurance Institutions and conduct on-site inspections.

Grade E – Poor (Below 60):

There are serious problems with corporate governance: poor compliance, serious deficiencies in effectiveness, and overall failure of corporate governance.

In addition to the measures taken against Grade D institutions, CBIRC may also impose penalties on Grade E institutions and responsible persons in accordance with the laws and regulations.

In addition to the measures taken against Grade D institutions, CBIRC may also restrict Grade E institutions from carrying out credit granting, capital-use and capital-based related-party transactions in accordance with the Measures on the Management of the Related-Party Transactions of Banking and Insurance Institution. Besides, CBIRC may conduct on-site inspections, and impose penalties on institutions and responsible persons in accordance with the laws and regulations.

CBIRC should classify institutions of Grade D or below as key regulatory targets and put forward clear regulatory measures and rectification requirements.


Other notable highlights of the 2022 measures

I. Scope of institutions not included in regulatory assessment of corporate governance

The 2022 Measures add Article 29, which empowers the institutional supervisory department of CBIRC and local CBIRC to conduct trial assessments on banking and insurance institutions that are not explicitly included in the 2022 Measures (collectively, the "other institutions") to promote the effectiveness of corporate governance.

To understand the other institutions that may be covered under this provision, we refer to the definition of banking and insurance institutions in the Measures for Administration of Licensing of Banking and Insurance Institutions. In addition to the institutions listed in Article 3 of the 2022 Measures, other institutions may include: policy banks, trust companies, bank financing companies, financial asset investment companies and other non-banking financial institutions and their branches approved by CBIRC and its dispatching agencies, insurance intermediaries such as insurance agency group (holding) companies, insurance brokerage group (holding) companies, insurance professional agency companies, insurance brokerage companies and agencies engaging in insurance distribution.

We suggest that such institutions also follow the requirements in accordance with the 2022 Measures as far as possible in order to improve the corporate management and meet the possible regulatory requirements of the regulators.

II. Analysis of key points in the regulatory assessment on corporate governance

1.Management of shareholders

The issues of shareholders' capital contributions, abuse of shareholders' rights and status, and shareholders' related-party transactions have been the key concerns of the regulators.

Based on the requirements of the Measures for the Supervision of the Conduct of Major Shareholders of Banking and Insurance Institutions (for Trial Implementation), in order to strengthen shareholder governance, we suggest that shareholders take note of the following points:

  • fully understanding the industry characteristics, risk attributes and prudent operation rules of the industry, allocating investments rationally, using legal funds to acquire shares, ensuring that the investment conduct is in line with relevant regulatory requirements, and properly carrying out equity management and registration, while strengthening look-through supervision and examination;
  • supporting the institution to establish an independent and sound corporate governance structure with effective checks and balances, and being strictly prohibited from irregularities in improper interventions or restrictions on the institution, and acting in the principle of maximizing the interests of the institution;
  • strictly enforcing relevant regulations on related-party transactions, ensuring transparency and fairness of transactions, preventing improper concealment of related-party transactions, and reporting and disclosing in accordance with relevant laws and regulations; and
  • exercising shareholders' rights in good faith, practicing the principle of honesty, performing the duties of information reporting and notification in order to better protect stakeholders' information and inquiry rights.

2.Management overboard of directors

The key challenges encountered by institutions may include: unclear definitions and boundaries of the roles and responsibilities among the board of directors, the shareholders and the senior management, the lack of performance by the board of directors, and the imperfect system related to the establishment and operation of the board of directors.

According to the Corporate Governance Rules of Banking and Insurance Institutions and by reference to industry practice, we suggest that institutions consider the following points:

  • building a differentiated board structure with multi-dimensional complementary strengths, including personnel diversification in professional and industry knowledge, sources and experience;
  • implementing the duty of loyalty and duty of diligence, formulating scientific, reasonable and robust development strategies, clarifying market positioning and development goals, and reviewing and revising them in accordance with market and economic development;
  • clearly defining and performing the roles and responsibilities of the board of directors in accordance with laws, regulatory provisions and the institution's situation, establishing a scientific decision-making process and implementing supervisory duties of the board over senior management; and
  • improving the evaluation criteria for the performance of the board of directors and its members, implementing the application of the evaluation results, and improving the effectiveness of the board of directors.

3. Management of board of supervisors and senior management

The management of the board of supervisors and senior management is one of the elements explicitly listed in the 2022 Measures.

Industry practice and regulatory penalties evidence problems among boards of supervisors fulfilling their roles efficiently and compliantly. This is in addition to problems involving senior management and its members failing to exercise diligence, conducting business in violation of the law and abusing management power, etc.

Based on the Measures on the Performance Evaluation of Directors and Supervisors of Banking and Insurance Institutions (for Trial Implementation) and the Corporate Governance Rules of Banking and Insurance Institutions, we suggest institutions:

  • regulating the conduct of supervisors and senior management personnel in performing their duties and strengthening the supervisory assessment and inspection of the performance; and
  • deepening the candidate reviews for supervisors and senior management personnel, selecting the high-quality candidates, and conducting special training activities in follow-ups to improve their professionalism and basic quality.

In addition, due to the different positions of the board of supervisors and the senior management in the corporate governance framework, we recommend that institutions pay attention to the following roles and responsibilities of the board of supervisors and the senior management.

Supervisors/Board of supervisors:

  • implementing the supervision of board of supervisors to the board of directors and its members, senior management and its members, development strategies and business philosophy, financial position, internal control compliance, comprehensive risk management structure, incentive and restraint mechanisms, regulatory reporting data, and implementation of regulatory opinions, and giving full play to the role of the board of supervisors in the development of the institution; and
  • establishing the rules of procedure of the board of supervisors in accordance with the laws and regulations and the institution's articles of association, convening meetings of the board of supervisors timely, actively safeguarding the legal compliance of the procedures and implementing the duties of the board of supervisors.

Senior management:

  • being responsible to the board of directors in accordance with the laws and articles of association, while being supervised by the board of supervisors, actively carrying out business management activities, implementing the resolutions of the general meetings of shareholders and the board of directors, reporting on the business management of institutions in a timely, accurate and complete manner, and providing relevant information; and
  • complying with laws and regulations to have good professional conduct, abiding by a high standard of professional ethics code, performing the duty of loyalty and duty of diligence to the institution, performing their duties in good faith, diligence and prudence, and ensuring that they have sufficient time and energy to perform their duties and do not neglect to perform their duties or exceed their duties.

4.Internal risk control

The internal risk control points of institutions focus on the weak awareness of risk management, the need to strengthen the risk assessment mechanism, and the failure to effectively implement the internal control system. Based on the above, we propose the following suggestions.

Based on the Guidelines on the Internal Control of Commercial Bank, the Guidelines on the Management of Comprehensive Risk of Financial Institutions in Banking Industry and the Action Plan, we suggest the institutions take note of the following requirements:

  • establishing and improving the internal control system, firmly realizing the awareness of compliance, and building a compliance culture so that internal control and compliance covers the entire process and all aspects of the institution's businesses;
  • strengthening the education and training of personnel in compliance positions to enhance sensitivity and responsiveness to various risk events in order to realize the effective implementation of the internal control system;
  • continuously developing and deepening the construction of internal control and compliance management, guaranteeing the implementation of the rules, conducting self-assessment on the internal risk management system, and improving the self-restraint mechanism;
  • establishing a sound risk management information system for risk identification, measurement, assessment, detection and reporting, etc.; and
  • setting up a special department or chief risk officer to handle internal control matters as far as circumstances permit, maintaining such employees independent from other positions, and fully grasping and handling the institution's internal risk circumstances.

5.Management of related-party transactions

The problems of related-party transactions of institutions generally concentrate on imperfect management rules and systems of related-party transactions and the failure to identify, audit, disclose and recuse oneself from related-party transactions in accordance with the regulatory requirements, which easily result in unfair related-party transactions.

According to the Measures on the Management of the Related-Party Transactions of Banking and Insurance Institutions, we suggest that the institutions define related-party transactions in accordance with the principles of "look-through and substance over form", refine the rules and system for managing related-party transactions, establish a cross-departmental office for the management of related-party transactions, establish archive and scope of related information, report and record information to the regulator in a timely manner, and improve the digitalization of the management of related-party transactions.

6. Market discipline

External market discipline is an important element of modern corporate governance, and as one of the three pillars of the Basel Accord, it is placed on the same level of importance as "Supervision and Inspection by Regulators". We suggest that, in order to effectively play the role of market discipline, according to the requirements of the Action Plan, it is necessary to further strengthen the regulation of the external audit work of institutions, improve the regulatory requirements for information disclosure of the banking and insurance industry, strengthen the daily supervision of the quality of information disclosure, and create a good atmosphere of joint supervision by the whole society, so that institutions can identify and resolve their potential issues as soon as possible.

7.Management of stakeholders

According to the general principles of the Action Plan, the competitiveness and ultimate success of an institution is the result of the joint contribution of investors, employees, creditors, customers, suppliers and other stakeholders. The protection of stakeholders is the basic work to play its governance role. We suggest that institutions establish sound rules and systems for the protection of stakeholders, integrate the protection of stakeholders into all aspects and the whole process of corporate governance, support and protect stakeholders to supervise the institution, govern the institution in an orderly manner and promote the institution's long-term development.

Footnote

1. Note:  The 2022 Measures are accessible at: http://www.cbirc.gov.cn/cn/view/pages/ItemDetail.html?docId=1083754&itemId=928.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.