Stability is a critical factor for any financial market participant, and the Bank of Lithuania plays a key role in ensuring the credibility of market participants. The role of the Bank of Lithuania as a supervisor is not only to promote economic growth, but also to ensure that financial sector participants adhere to high standards of risk management, customer protection and the legislation that governs their activities, while ensuring transparency, stability and fairness in the sector. Its powers allow to take measures, including fines and warnings, in the event of non-compliance by financial market participants with their obligations or breaches of applicable requirements.
Over the past year, the Bank of Lithuania has been active in providing guidance to financial market participants, as well as in applying impact measures to ensure transparency and safety in the sector. So the question is, what does 2023 look like? What fines did the Bank of Lithuania impose, what key themes did the regulator focus on and, ultimately, what lessons should we have learned?
Bank of Lithuania's impact measures on financial market participants
The Bank of Lithuania's impact measures are essentially designed to encourage financial institutions to comply with high standards and ensure the stability and soundness of the financial sector. However, in the event of irregularities or misconduct, the Bank of Lithuania, as the sector regulator, may impose fines, which may include:
Monetary fines: the Bank of Lithuania can impose monetary fines on financial institutions for breaches or non-compliance with regulatory requirements.
Alerts and inspections: the Bank of Lithuania, as a supervisory authority, may also use alerts and periodic inspections to identify potential deficiencies in a financial institution's activities. These can be preventive measures that enable the institution to correct irregularities and avoid being subject to more serious sanctions.
Withdrawal or suspension of a license: the supervisor can also take more drastic measures, such as withdrawing a financial institution's license or suspending its activities. These measures are aimed at more serious or repeated infringements that could threaten the stability of the financial sector.
Transparency and accountability requirements: in addition to direct fines, the Bank of Lithuania may impose additional requirements on financial market participants in order to increase their transparency and accountability and to set common standards of performance.
These types of fines act as levers to encourage financial market participants to adhere to high ethical and operational standards and to ensure that the financial sector operates safely and soundly.
Offences for which supervisory sanctions against financial market participants in 2023
In 2023, the Bank of Lithuania imposed impact measures on 32 financial market participants. The largest number of sanctions was imposed on electronic money institutions, with 28 of them being sanctioned. The most frequent offences for which impact measures were imposed:
Violations of the law on the prevention of money laundering and terrorist financing. The largest number of sanctions were imposed for breaches of the Law on the Prevention of Money Laundering and the Financing of Terrorism, mostly related to the identification of the client's representative and beneficiary, the application of money laundering and terrorist financing risk management measures to high-risk clients, the monitoring of business relationships and transactions and the implementation of international sanctions, the identification, the implementation of international financial sanctions, and the implementation of restrictive measures. Most of the sanctioned market participants did not comply with the legal requirements for the identification and verification of the identity of customers, their representatives and beneficiaries, the deficiencies in the customer identification procedures did not allow for a proper understanding of the purpose and nature of the customer's business relationship, the simplified customer identification requirements were inadequately implemented, and even led to cases where electronic money institutions opened anonymous accounts or accounts under apparently fictitious names without proper identification of some of the customers.
Failure to comply with the requirements of the IFSR. The majority of financial market participants subject to impact measures did not have internal controls and procedures in place to comply with the requirements of the IFSR, did not ensure that clients of high AML/CFT risk groups were subject to enhanced client identification procedures, and some did not ensure that the internal control function responsible for the organization of the AML/CFT prevention function was independent of business interests. Similarly, some financial market participants did not ensure that the purpose and nature of the customer business relationship and the nature of the customer's activities were properly identified.
Equity capital requirement. Another major violation, the most frequent among electronic money institutions, recorded by the Bank of Lithuania was non-compliance with the equity capital requirements, i.e., it was less than the minimum amount of equity capital, which must be more than EUR 350 thousand.
False or undisclosed information. Among the most common misconduct by financial market participants is the provision of incorrect information in reports to the supervisor. One e-money institution experienced a cyber-attack which prevented its customers from using payment services for a certain period of time. The Bank of Lithuania found that the institution had disclosed only part of the material information about the incident that was known to it.
Lack of internal documentation or inadequate implementation of internal procedures. Most of the financial sector participants subject to the impact measures did not comply with the legal requirements for internal documentation and procedures, such as inadequate performance impact analyses, business continuity plans and their testing processes, and did not comply with the requirements for internal audit procedures, or did not designate staff to perform certain audit functions.
What were the most severe impact measures imposed by the Bank of Lithuania and to whom were they imposed? We invite you to read about this in Part 2.