The CJEU decision in the FBF case involves many crucial elements of EU law, all of which deserve careful consideration. Among the others, the decision touches upon the nature and the justiciability of soft law measures in the EU legal framework, the ESAs’ power to adopt them, and the relationship between corporate governance and product governance in the financial sector. In this blogpost, we concentrate only on some of these implications. In particular, we look at the general impact of the decision on the non-delegation doctrine, at the uncertainties surrounding the delegation of powers concerning broad matters such as corporate governance in the past and in the future regulatory framework and, finally, at how such uncertainties should guide the allocation of the power to review soft law measures. We suggest that the system of controls deserves our attention and reconsideration to adjust to the new realities of proliferation of soft, technical but also shared (enforcement) administration in the EU. This blog post is based upon the discussion speeches that the authors delivered in the online discussion organised by JMN EULEN (RENFORCE) in August 2021.
- The non-delegation doctrine and its constitutional role
The non-delegation doctrine is set up to ensure the democratic values of the governing system, the EU. We want to make sure that democracy is not ‘thrown away’ by not letting the legislator create other legislators who would then adopt rules under a lower standard than the democratic legislator would have to do. At the same time, we need to ensure a functioning system of governing where:
- the legislators are able to deal with all the tasks they have to deal with, especially given the growing number of issues to legislate upon and their (technical) complexity of such issues,
- the laws and rules make sense and respect the core values where the rule of law is of the most important ones; and
- rules are not just rules but are principles and standards that are being followed and enforced, and policy objectives are being met.
It is exactly the balancing of, on the one hand, the classic ideas underpinning a democratic law-making subject to the judicial check if necessary, and, on the other hand, the ‘functionality’ of the governing system that is at stake here, in arguments in the case. How can we make the system be legitimate yet not overburdened with all kinds of checks? It is fair to say that the non-delegation may very well live (it is not dead) if we consider either the controls embedded in the system of making and checking guidelines as a whole (Scholten and Brenninkmeijer 2020) and/or at least develop further the European administrative law system, which includes giving the prominent role to the Boards of Appeal of EU agencies for such cases as the one at stake in the FBF.
The next sections of this blogpost highlight that the boundaries of delegation may be blurred for crucial matters like corporate governance (sec. 2 to 4), as they also involve the traditionally uneasy relationship between interpretation and rulemaking (sec. 5). This is a situation that the most recent changes to the regulatory framework on soft law measures are unlikely to affect (sec. 6). However, the balance of administrative checks-and-balances seems to be quite robust already, and might just need some improvements (sec. 7 and 8). Therefore, we stress that involving the Boards of Appeal in the review of the ESAs decisions on soft law measures may be the best option to address such uncertainties (sec. 9).
- Product governance in a sectoral world
Product governance is a relatively advanced regulatory tool in the field of consumer and investor protection. Broadly speaking, it reflects the idea that traditional conduct-of-business rules may not deliver sufficient constraints against misselling. Product governance therefore requires financial service providers to take early measures to protect their clients, in particular by identifying and addressing the target market of their financial products when engineering and, respectively, distributing them. The very origin of the FBF dispute lies with the fact that rules on product governance and on the procedures this entails have not been adopted simultaneously for all financial services. Those rules were first introduced by MiFID II in the realm of investment services and financial instruments, as well as of selling or advisory activities concerning structured deposits (Articles 1(4), 16(3) and 24(2) Directive 2014/65/EU; Articles 9 and 10 Delegated Directive (EU) 2017/593; ESMA Guidelines on MiFID II product governance requirements). MiFID-like standards were later on introduced for the distribution of insurance products (with Directive (EU) 2016/97 – IDD), although EIOPA had already adopted some preparatory guidelines to facilitate a smooth transition to this new regime. It did so by taking as a basis the supervisory objective to protect policyholders and beneficiaries and the corporate governance requirements for insurance companies (Articles 27 and 41 Directive 2009/138/EC – Solvency II).
Other areas remain unaddressed, instead. This is the case not only with credit products, as the dispute in FBF shows, but also with asset managers. For instance, management companies are not subject to product governance requirements when they engineer or self-distribute units of collective investment schemes, unless they do so when performing an investment service (such as individual portfolio management). Remarkably, ESMA did not try to fill this gap, however. Rather, it addressed in its guidelines the rather uneasy task that MiFID II firms have to perform when distributing units of collective investment schemes, and has suggested amending the legal framework to level the regulatory playing field.
Such uneven level of protection for consumers of different services is not entirely surprising, at least as long as EU financial law will not embrace a perfectly cross-sectoral approach. The FBF case originated from an attempt to even-out similar inconsistencies in the field of credit products. In this regard, EBA proved more ambitious than ESMA and even of EIOPA, although the underlying policy choice was shared by all the three ESAs already in 2013. That year, the Joint Committee set forth a common commitment to develop guidelines on product governance based on a set of shared principles. The substantive legal question underlying the FBF case is how far regulatory guidance can go when EU secondary legislation provides only a reference to competences on general matters – such as corporate governance – rather than an open and direct delegation to issue guidance on a specific issue.
- The ESAs remit under Article 1(2) and (3) ESAs Founding Regulations
The answer (if any) to these doubts depends on the wording of the statutes that define the scope of the ESAs action, in combination with the general provisions of Articles 1(2) and (3) of the ESA’s founding acts. To be sure, Article 1(2) ESAs founding acts can be considered as little more than a non-binding list of acts that confer powers upon the ESAs, as the reference to “any further legally binding Union act” demonstrates. However, it helps determine the ESAs’ respective powers on certain matters (such as money laundering).
More complex is the role of Article 1(3) ESAs founding acts, a rather unusual provision which may lend itself to different interpretations. A reasonable way to approach the rule is to look at its function. Sticking to the Game of Thrones metaphor that Advocate General Bobek used in the inception of his opinion on FBF, one can compare Article 1(3) to a castle moat. Indeed, the rule seems to perform a protective role with the aim to fend off possible challenges against the ESAs quasi-regulatory tasks. When performing these tasks in the areas allocated to them under Article 1(2), the ESAs are very likely to touch upon matters that are particularly sensitive from the point of view of policymaking. These matters include corporate governance in the first place, as this is an area that has notoriously raised Member State resistance in the past. But other matters are not less delicate. Suffice it to mention, among the others, financial reporting and, for ESMA in particular, takeover bids. Accounting standards are an area where the equilibrium between the IASB and the Commission, with the support of the EFRAG, is the result of careful calibration. Takeover bids have been a battlefield for many years before an agreement could be reached on a Directive, without mentioning that not all ESMA members have a competence on that matter.
In short, Article 1(3) of ESAs founding acts prevents challenges against the ESAs quasi-regulatory functions – even when these are firmly grounded on (the statutes mentioned in) Article 1(2) – based on the claim that these may encroach upon the remit of other EU bodies or the powers of Member States in those sensitive matters. A conformation that this is the function of Article 1(3) may be found in Article 8(1)(a) ESAs founding acts, which establishes the ESAs’ power to adopt guidelines. Such rule states that guidelines “shall be based on the legislative acts referred to in Article 1(2)”, without referring to Article 1(3).
The CJEU decision in FBF seems to be mindful of the respective roles of Article 1(2) and (3), as it carefully highlights that Article 1(2) and the acts it refers to are the main legal basis for the EBA guidelines. This can be inferred from the fact that, in line with Article 8(1)(a), the Court sometimes mentions Article 1(2) alone (as in § 78). Along the same line, when Article 1(3) is mentioned, the Court points out that this can provide legal basis only “provided that” the actions the EBA carries out are “necessary to ensure the effective and consistent application” of the acts referred to in Article 1(2) (§ 77 and 94), so that the reference to corporate governance under Article 1(3) alone would not seem to suffice.
- The uncertain boundaries of corporate governance
Among the substantive matters it addresses, the most notable feature of the FBF decision is perhaps the broad notion of corporate governance it embraces, whether under Article 1(3) ESAs founding acts or under the pertinent provisions recalled by Article 1(2) such as Article 74 Directive 2013/36/EU (Capital Requirements Directive – CRD).
The idea underlying the CJEU decision is that product governance is strictly intertwined with corporate governance arrangements, as it relies on internal procedures and controls that identify the relevant target market for financial products and then ensures that the distribution of those products complies with it (see § 94 and 106, concerning Article 1(3) and 1(2) respectively). To be sure, this understanding of corporate governance is not at odds with the traditional interpretation by prudential supervisors, because decision-making and control procedures plays a central role in ensuring a bank’s effective management.
A very broad understanding of corporate governance combined with the general principles that EU financial legislation contains is however likely to remove any constraint to the ESAs quasi-regulatory powers, due to the open implications of such requirements. Those general principles include “robust governance arrangements” (see e.g. Article 74 CRD, but also Article 26 Directive (EU) 2019/2034 – Investment Firms Directive, IFD), “effective risk management” (see again Article 74 CRD, but also Article 15 Directive 2011/61/EC on Alternative Investment Fund Managers – AIFMD), the duty to act “in accordance with the best interests” clients, and may others. The open issue in this regard is where the boundary should be traced to avoid the risk that the ESAs interpret their remit so broadly as to enable them to issue guidelines on any possible matter, subject to proportionality.
Take the duty to act in the client best interest as an example. Most, if not all, MiFID II conduct-of-business rules may be regarded as a specification of that overarching principle. However, other relevant statutes also mention the need to take into account the interest of the client, although without such specifications. Incidentally, such is the case with some of the legal bases of the contested EBA guidelines (see, e.g., Article 7(1) Directive 2014/17/EU – Mortgage Credit Directive). Does this mean that the ESAs can issue guidelines that are reproducing MiFID II measures in other financial sectors, this time to support best practices on the case-by-case assessment of the clients’ needs, as opposed to the structural nature of product governance (see § 109-10 of the decision)?
Another case in point are reputational and operational risks (including legal risk), which can work as catch-all requirements to address all the sources of potential losses resulting from inadequate internal processes and control systems. By focussing on risk management, prudential supervisors may therefore have a say on conduct-of-business rules even when consumer or investor protection is out of their remit. Incidentally, the FBF decisions also rely on a similar argumentation, when stating that the business conduct of financial institutions plays a role not only from a consumer protection perspective, but also from a prudential perspective (see §§ 104-5).
And indeed, the risk looming in the background is that extensive interpretations of one ESA’s remit may encroach upon the competences of its fellow authorities. For instance, if product governance is an essential element of effective corporate governance, as the FBF decision states, what prevents EBA from addressing that matter for MiFID II investment firms (under Article 26 IFD)? In this regard, strengthened coordination among the ESAs, including through their Joint Committee, will be crucial to prevent that an extensive interpretation of the ESAs’ remit may result in turf wars. The CJEU focus on the 2013 Joint Committee Statement on Product Governance seems to address this concern (§§ 128-9 of the FBF decision).
- Soft law guidance: be careful what you wish for!
Whether the relatively broad interpretation of the ESAs’ competences on corporate governance is the correct approach partially boils down to a matter for value judgment. Personal views on the predictability of supervisory action and on the allocation of regulatory powers in the EU legal framework between the Commission and the ESAs can drive the opinions in opposite directions. After all, as we mentioned, even the EBA and the ESMA have adopted different approaches for credit products and collective investment products, respectively – a divergence that cannot be explained only on the basis of the different contents of the acts referred to by Article 1(2) ESAs founding acts.
There is, indeed, a trade-off in restricting regulators’ ability to flesh out positions and interpretations through guidelines or other similar soft law tools. More guidance is beneficial to market participants, because it sheds light on the supervisors’ expectations as to how firms should implement general duties such as those referring to a sound corporate governance and risk management system or to the protection of the client’s best interest. In this regard, market participants may want to check what they wish for, because a silent supervisor my easily turn into an unpredictable supervisor.
But at the same time, interpretation of general rules, even when they mean to meet the legitimate expectations of regulated entities, shall of course be subject to the principle of conferral. Too broad an understanding of the ESAs’ role in defining corporate governance and other similar overarching concepts may pay lip service to the principle of conferral, while reducing it to little more than a simulacrum. The opinion of the Advocate General shows how far this might go by highlighting that, in the automotive industry, an extensive notion of governance would lead to include procedures meant to verify whether cars meet the needs of their customers. While the distinction the Opinion makes between long-term and short-term is hardly convincing (product governance also has a long-term impact, just like corporate governance), the warning remains valid that corporate governance should not become a trojan horse that provides an all-encompassing way in for any quasi-regulatory intervention.
To be sure, a broad interpretation of corporate governance and of the other general principles referred to above would be less of a problem if the ESAs guidelines were actual soft law measures. However, this is hardly the case in practice. As the Advocate General convincingly demonstrated, guidelines are non-binding upon national competent authorities and market participants, but once NCAs have declared their intention to comply with the ESAs measures, there is little market participants can do not to follow suit. And if we consider that guidelines require approval by a qualified majority of the NCAs under the ESAs governance rules (Article 44 ESAs founding acts), the distance between guidelines and binding measures further fades away. It is quite surprising that the CJEU did not factor these elements in its reasoning, especially if one considers that, at the time of the facts, Article 16 ESAs founding acts even required the relevant ESA to state, in its annual report, how it intended “to ensure that the [non-complying] competent authority concerned [followed] its recommendations and guidelines in the future.”
The combination between the flexible boundaries of the ESAs remit and the power to adopt quasi-binding rules has convincingly led to point out that FBF may mark the end of the non-delegation doctrine originated in Meroni – see Nathan de Arriba-Sellier here.
- If Meroni is dead, can it resurrect?
Article 16 has undergone other changes, besides the removal of the implicit ESAs commitment to ensure NCAs followed their guidance. It is therefore worth comparing the legal framework that was applicable ratione temporis to FBF with the current one. This is an exercise in which the CJEU did not endeavour. For his part, the Advocate General only mentioned the new Article 60a ESAs founding acts, a provision that introduced a right to file a reasoned advice with the Commission when an guidelines or recommendations allegedly exceeded the ESA’s competence. The question to ask is in fact, once again sticking to the Game of Thrones saga: if Meroni is dead, can it resurrect (due to these new provisions)?
The answer to this question may depend on the overall impact of Regulation (EU) 2019/2175 – the same statute that has introduced Article 60a ESAs founding acts. The initial Commission proposal that subsequently led to the adoption of that Regulation already pointed out that “stakeholders [had] highlighted the need to remain within the remit of competence of the ESAs” among the reasons for the amendments to the ESAs founding acts.
These concerns are reflected in the new wording of Article 16(1) par. 2 ESAs founding acts, which establishes that “guidelines and recommendations shall be in accordance with the empowerments conferred by the legislative acts referred to in Article 1(2) or in this Article”. By the same token, Recital 5 of the same regulation stresses that guidelines “should always be based on and within the boundaries of the legislative acts referred to in Article 1(2) of the founding regulations or within the scope of their powers”.
These rules clearly show the intention to curb an actual or perceived tendency by the ESAs to expand their quasi-regulatory action beyond clear delegation of powers. In this regard, the need to stick to the “empowerments conferred” under the statutes referred to in Article 1(2) may simultaneously mean that: (i) Article 1(3) does not provide a sufficient basis for the adoption of quasi-regulatory acts; and (ii) an express delegation of powers is needed to issue guidelines on a certain matter.
Whether this will lead to re-establishing the non-delegation doctrine in its previous form will likely depend on the importance the ESAs and the CJEU will attach to the new provisions, and among them to the fact that, even in the absence of an open delegation, Article 16 still considers as a sufficient basis for guidelines the ESAs intention to establish “consistent, efficient and effective supervisory practices” and to ensure “the common, uniform and consistent application of Union law”. This is a legal basis that is independent from Article 1(2) and the legislative acts this lists, but it also requires that the intention of the guidelines be to ensure supervisory convergence on areas that are clearly in the remit of the ESAs.
- Is delegation delineated? Yes, it is
The current and the future regulatory framework are therefore unlikely to identify once and for all the boundaries of the ESAs powers on general matters such as corporate governance and product intervention
The non-delegation doctrine strikes a balance between democratic checks-and-balances and the functionality of the EU administrative system by allowing delegation only where discretion is limited (delineated) and where controls are provided to check how the discretion is exercised. The questions to address are then if the discretion is limited/restricted (content and procedure) and what type of controls is there to control that discretion.
Is discretion given to the European Banking Authority limited? The previous sections show that number of elements concur to confirm that it is. First, the scope is discussed in Article 1 (2) and (3) of its founding act and the procedure as to how the guideline should be set up is there. As the previous sections have demonstrated, opinions as to how close the connection is between corporate governance and product governance may diverge, as there is hardly a common position even among financial law experts on that matter. So, the most important question to answer may rather be who ought to decide here? The remaining section of the blogpost explore the benefits of a tailored system of controls for such decisions as soft law guidelines.
- Is there the system of controls for adopting soft law guidelines? Yes, there is, but they may be looking ‘in a wrong place’?
The system of controls is embedded in a number of elements, not only ex post and should not only be tailored to the judicial review. The AGs’ opinion and courts’ reasonings could in fact consider looking at the overarching system of controls to enhance their judgements. Here are the elements:
- Ex ante entrustment of powers by the EU legislator via secondary legislation (EBA’s founding regulation and other relevant acts). This gives legitimacy and recognition of EBA’s expertise to make certain calls;
- This legitimacy and recognition come from the fact that the EBA is an expert body with relevant knowledge to make those calls; safeguards of expertise can be secured by various appointment, removal and organizational and institutions provisions and as many EU agencies, the EBA comprises national experts and stakeholders in various setups;
- The procedure of adopting guidelines sees a number of (ex ante) safeguards and controls: 1. holding consultations where the potential addresses are likely to be the ones who can be consulted; 2. The national supervisors and the stakeholder group can be embedded in the guidance making; otherwise, there are reasons giving obligations upon the expert body, EBA; and 3. last but by far not least, the political oversight is prescribed in Article 16 – reporting to the EP and the Council on guidelines. So actually, for one, those who are there to enforce guidelines either by translating them in national systems or complying with them on the content, can be there to help making them at the start. For two, if this is so, this could help creating a balanced or a ‘mini & tailored democratic system’ with relevant parties and allow for divergencies/peculiarities of the ex post controls – e.g. different types of control (political oversight) and/or marginal review ex post or other review. Yet, those different types of control need to be aligned to avoid the lack of control as one of us wrote with her co-authors Martino Maggetti and Yannis Papadopolous in a joint contribution on ‘Controlling EU agencies’: “if the courts choose to pass the buck and defer to possible political oversight, which does not occur if politicians rely upon courts, the problem of many eyes may become the problem of no eyes at all.”
- What would be the ‘right’ place?
As discussed in the ‘Controlling EU agencies’ project, complex problems lead us creating complex governance structures, actors and decision-making processes. In fact, AG Bobek says, roughly speaking, the same in his opinion in this case. He says, “If the problem lies in hybrid forms of governance, then the remedy may also be a hybrid one, logically tailored to the exact type of effects produced and seen as problematic” (para. 53). We may instead want to set up a clearer system of mechanisms, with balances between ex ante and ex post, de jure and de facto and internal and external and different types of controls (political, administrative, professional, etc) means. So, for instance, the political oversight could be considered as a necessary addition to the marginal test by the Court at least, in the current system. At the same time, we need to consider also the ongoing developments in EU administrative law. The ESAs Board of Appeal (BoA) can, even if in time, take the place of the appropriate controlling mechanism in the case at stake, especially on the content questions, such as if corporate governance and product governance are interrelated and how far you can stretch the boundaries of such general clauses as ‘such actions are necessary to ensure the effective and consistent application of those acts’ and ensuring effective and consistent supervision of financial institutions’. The CJEU can look at the goals generally but this Court is not an expert in all the policy fields it has to deal with, whereas the BoA should be. While the access to the BoA is at this moment phrased in those terms as how it is phrased for the one to the Court of Justice, and hence may be quite restrictive, should we not better focus on arguing for that avenue as the first obligatory step to check the legal basis content-wise in the future (system of BoAs, e.g. by adjusting Article 60 of ESAs founding acts)? After all, Article 60a of the ESAs founding acts now refers to circumstances where the adoption of guidelines and recommendations is of direct and individual concern to the claimant – a statement that seems to require a broad interpretation if it has to make sense for general soft law measures such as guidance. As a side remark, you could go and challenge the decision of the BoA via Article 263 TFEU afterwards, what AG Bobek sees as another point of concern if the Court were to review soft laws via 267 and not via 263.
So, all in all, in line with the Game of Thrones theme in this case, as Lord Baelish mentioned in this TV series, “The past is the past. The future is all that’s worth discussing”. We should therefore focus on the future and on the construction of a comprehensive system of controls which fits the complex governance systems that we have developed. And what is the biggest worry for the future in light of the non-delegation doctrine? Again, as Lord Baelish said in the Game of Thrones, “It does not matter what we want. Once we get it, we want something else.” The open clauses and broad formulations in legislation lead to concerns about ‘wanting more and something else’ in terms of competences and thus functional spill-overs in areas to decide upon and kinds of tasks (rulemaking, supervision and enforcement) and hence enhancement of powers of (EU) agencies, EU institutions and hence the EU vis-à-vis the member states. If we agree on the fact that we need a properly functioning system of governance, yet the concern is how to ensure the boundaries of delegation are not overstretched, it is the question if the system of controls is good enough to control and possibly prevent undesirable abuse or misuse of delegated powers that is worth discussing.