QuickTake
The European Central Bank (ECB) on 8 May 2024 published its Annual Report on Sanctioning Activities in the Single Supervisory Mechanism (SSM) for 2024 (the Report). Report provides a comprehensive account of enforcement actions undertaken by the ECB-SSM and National Competent Authorities (NCAs) across participating EU Member States. The Report details formal sanctioning proceedings, the nature and scale of penalties imposed, and the principal areas of prudential breaches, offering insight into supervisory priorities and trends within the SSM. The Report presents aggregate statistics for the whole of the SSM. Data have been collected and compiled using standardised categories to ensure that information is harmonised and comparable.
2024 saw a marked increase in enforcement activity within the SSM framework. The number of formal sanctioning proceedings rose by 19% compared to the previous year, with penalties imposed increasing by 8%. In total, 441 formal proceedings were handled during the year, of which 293 were newly opened. By year-end, 221 proceedings had been completed, resulting in 182 administrative penalties, while 220 proceedings remained ongoing.
SSM sanctioning activity in 2024 was dominated by breaches in internal governance, which accounted for 55% of all proceedings and 60% of administrative penalties imposed in 2024. As explored in this Client Alert, this focus aligns with the SSM's supervisory priorities for 2024–26 as well as for 2025-271, particularly the drive to accelerate remediation of governance shortcomings amongst Banking Union supervised institutions (BUSIs). Other significant areas of infringement included reporting (12% of proceedings; 21% of penalties) and large exposures (12% of proceedings; 11% of penalties). Additional proceedings addressed breaches related to capital requirements, qualifying holdings, own funds, and liquidity, though these represented a smaller proportion of cases.
Types of proceedings and penalties in 2024
Proceedings were initiated against a range of BUSIs and individuals within the SSM's remit. Notably, 54% of all proceedings concerned natural persons, predominantly officials at less significant institutions (LSIs), while 40% related to LSIs themselves. Significant institutions (SIs) and other legal persons accounted for the remaining 6%. Of the 201 proceedings concluded with an administrative penalty, 52% involved LSIs, 45% natural persons, 3% SIs, and 1% other legal persons.
Penalties imposed
Of the 182 administrative penalties imposed in 2024, 140 or 77% were pecuniary, amounting to approximately €27.9 million in total fines. The highest individual penalty was €10.4 million, levied against an SI, with other notable fines including €5.7 million for an LSI and €0.1 million for a natural person. 42 non-pecuniary penalties (23% of the total) included 38 written warnings, two public statements, one temporary ban on performing functions in credit institutions, and one cease-and-desist order. The majority of non-pecuniary penalties were linked to governance and reporting breaches.
Proceedings closed without penalty
A small proportion (4%) of proceedings were closed without the imposition of a penalty. In some cases, liability was confirmed but no penalty was imposed due to exceptional circumstances or cooperation by the parties involved. Other closures resulted from findings of no breach, insufficient materiality, or procedural reasons such as the statute of limitations.
Ongoing and suspended proceedings
At the end of 2024, 220 proceedings remained ongoing, primarily concerning suspected breaches in internal governance, large exposures, and capital requirements. Additionally, 216 proceedings suspended prior to 2024 – mainly due to parallel criminal proceedings – remained on hold.
Key considerations for BUSIs
The Report underscores the SSM's continued emphasis on robust internal governance and effective risk management as core supervisory priorities, with governance expected to remain a focal point for enforcement in the coming years. The overwhelming focus on the underlying issues in the governance breaches signals that firms must ensure robust governance structures, effective risk management, and well-functioning management bodies and committees. Failures in these areas are likely to attract not only financial penalties but also reputational damage and, in some cases, individual sanctions against senior management.
The increase in proceedings and penalties underscores the SSM's commitment to robust enforcement for BUSIs large (SI) and small (LSI) as well as individuals. The data also reflect the SSM's commitment to harmonised and transparent sanctioning practices across the euro area, with a clear trend towards increased scrutiny and accountability for both institutions and individuals. However, the high proportion of proceedings against natural persons, especially LSI officials, reflects a clear trend towards holding individuals accountable for SSM breaches. Senior managers and key function holders should be aware of their personal liability and ensure they are discharging their duties with due care and diligence. The large number of ongoing and suspended proceedings, often due to parallel criminal investigations, suggests that enforcement timelines can be lengthy and outcomes uncertain. Firms and individuals involved in such proceedings should prepare for protracted processes and potential parallel regulatory and criminal exposures.
Firms operating within the SSM should anticipate ongoing supervisory attention to governance, reporting, and exposure management, and ensure that their internal controls, compliance frameworks, and reporting mechanisms are robust and responsive to evolving regulatory expectations and prepare for effective remediation of shortcomings. The upward trend in enforcement activity highlights the importance of proactive remediation and engagement with supervisory authorities to mitigate the risk of sanctions and associated reputational impact.
Outlook
Given the trends highlighted in the Report, BUSIs operating within the SSM should prioritise the strengthening of their internal controls, compliance frameworks, and reporting mechanisms to meet evolving regulatory expectations. The data from 2024 highlight the importance of early engagement with supervisory authorities and the need for a culture of transparency and accountability at all organisational levels. Firms should also be prepared for increased scrutiny of individual conduct, as proceedings against natural persons constituted a significant proportion of enforcement actions. In this environment, a forward-looking approach to compliance, supported by robust documentation and effective risk mapping, will be essential to navigate the evolving regulatory landscape and minimise the risk of sanctions. This is especially the case as the Report's findings may inform future policy and legislative initiatives at both the EU and national levels, potentially leading to stricter requirements or expanded sanctioning powers for supervisors.
Footnote
1 See also standalone coverage on the ECB-SSM's supervisory priorities here and how these interact with plans of other EU authorities here.
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.
