In brief: ownership and acquisition of banks in Greece

Regulatory framework

What are the principal governmental and regulatory policies that govern the banking sector?

EU banking legislation and principles have been incorporated into the Greek core banking laws, aiming to:

• safeguard the stability of the financial system and, for that purpose, the banking laws set out rules with regard to:
• authorisation;
• conduct of business;
• withdrawal of authorisation of banks;
• micro- and macroprudential supervision of banks;
• recovery and resolution of banks; and
• state aid of banks for their recapitalisation and deposit guarantee provisions; and
• ensure adequate protection of banks’ customers and transparency of transactions.

The Bank of Greece (BoG), which is the central bank of Greece, exercises its prudential powers in the banking sector and, in particular, supervises Greek banks along with the European Central Bank (ECB) in accordance with Council Regulation (EU) No. 1024/2013 on the Single Supervisory Mechanism (SSM) and the corresponding Regulation (EU) No. 468/2014 on the SSM framework.

What are the defining characteristics of a bank to be caught by the banking laws and regulations? Is non-bank fintech regulated differently?

A bank is an undertaking, the business of which is to take deposits or other repayable funds from the public and to grant credits for its own account. Entities that are not licensed as banks are prohibited from carrying out the business of taking deposits or other repayable funds from the public. Greek banks are subject to licensing and other requirements under Law 4261/2014, as amended (Law 4261), which implemented the Capital Requirements Directive (CRD) IV (2013/36/EU), as amended, in Greece.

A non-bank fintech is not, in principle, subject to the same regulatory requirements as those applicable to banks. Depending on the nature of its activities, it might be subject to other licensing or registration requirements (eg, payment institutions, account information service providers, equity or lending crowdfunding platforms, providers of exchange services between virtual currencies and fiat currencies, and custodian wallet providers) that are less stringent than the requirements applicable to banks.

The notion of ‘fintech banks’ has already been reflected in the ECB guide published in 2018, referring to bank business models in which the production and delivery of banking products and services are based on technology-enabled innovation. In 2021, the BoG introduced its Regulatory Sandbox, which constitutes a regulatory regime that provides fintech companies with a controlled environment to test their innovative financial propositions for a specified period and while formally engaging with the BoG. The Regulatory Sandbox is open to:

• financial service providers that have been already authorised by the BoG and are looking to apply innovative, technology-enabled solutions in the provision of financial services that fall under the BoG’s remit; and
• non-authorised entities that either first obtain the appropriate authorisation – if they intend to carry out regulated activities themselves – or forge a partnership with an authorised institution and enter the Regulatory Sandbox together.

In parallel, the BoG publishes annually its fintech innovation hub report which includes a summary of the queries received by the BoG by interested parties, in order for the BoG to provide information and guidance on the regulatory and supervisory framework within the BoG’s competence (including new types of FinTech products that have emerged, in particular in the field of payments and credit, such as Buy-Now-Pay-Later).

Do the rules vary depending on the size or complexity of the banking institution?

The rules, principles and procedures apply to all Greek banks; however, banks may take into account the principle of proportionality (ie, the bank’s size, its internal organisation and nature, and the complexity of its activities) when applying the internal organisational and governance rules (eg, depending on the bank’s size and the complexity of its activities, the board of directors (BoD) of the bank should be assisted by certain committees such as the internal audit committee, the risk management committee and other committees, including the remuneration committee and IT steering committee).

Summarise the primary statutes and regulations that govern the banking industry.

The primary statutes governing the Greek banking industry are the following.

• Law 4261 and the Capital Requirements Regulation (EU) No. 575/2013 (CRR), as amended, among others, by Regulation (EU) No. 2019/876 (CRR 2). Law 4261 was amended, among others, by Law 4799/2021, which transposed Directive 2019/878/EU (CRD V) into Greek law, and Law 4920/2022, transposing into Greek law the Investment Firms Directive (Directive (EU) No. 2019/2034 (IFD)). Law 4261 sets out, among other things, provisions regarding:
  • the establishment, authorisation and operation of banks;
  • the passport procedure;
  • the prudential supervision rules;
  • the powers of supervisory authorities and administrative penalties they may impose on banks;
  • the corporate governance of banks and their remuneration policy; and
  • the introduction of capital buffers to be maintained by banks.
• Law 4335/2015 transposed the Bank Recovery and Resolution Directive (BRRD) 2014/59/EU in Greece for the recovery and resolution of banks and investment firms. Law 4335/2015 was amended by Law 4799/2021 that transposed, among others, Directive 2019/879/EU (BRRD II) into Greek law.
• Law 4557/2018 (as amended by, among others, Law 4734/2020, Law 4816/2021, Law 4941/2022 and Law 5000/2022) sets out the anti-money laundering and countering the financing of terrorism (AML/CFT) framework. This law incorporates Directives (EU) Nos. 2015/849, 2018/843 and 2018/1673 in Greece.
• Law 4370/2016, as amended, transposed into Greek law, among others, the Deposit Guarantee Schemes Directive 2014/49/EU.
• Law 2251/1994 on consumer protection, as amended and codified in the Consumer Protection Law.

Depending on the type of services offered to clients, banks should also comply with other laws of the financial sector, including:

• the Markets in Financial Instruments Regulation (EU) No. 600/2014 and Law 4514/2018, transposing the Markets in Financial Instruments Directive II (2014/65/EU) in Greece while providing investment services. Law 4514/2018 was amended by Law 4920/2022, which transposed into Greek law the IFD and the MiFID II ‘Quick Fix’ Directive (EU) No. 2021/338; and
• Law 4537/2018 transposing the Payment Services Directive 2 (2015/2366/EU) in Greece while providing payment services.

In addition to the laws of the banking sector, Greek banks should also comply with other laws, including Law 4548/2018 on sociétés anonymes and Law 4706/2020 on corporate governance of listed entities, as applicable.

Primary regulations that govern the Greek banking industry are issued by the BoG and include the following:

• BoG Governor’s Act 2501/2002 on the information that banks must provide to customers;
• BoG Governor’s Act 2577 of 9 March 2006 on the organisational requirements and internal control functions of credit and financial institutions;
• BoG Governor’s Act 2651/2012 and BoG Executive Committee Act 214 of 12 December 2022 on the information that supervised institutions have to report on a regular basis to the BoG (to the extent applicable);
• BoG Executive Committee Act 142 of 11 June 2018 (as amended by BoG Act 178/4 of 2 October 2020) on the procedures for:
  • the authorisation of banks in Greece;
  • the acquisition of, or increase in, a holding in banks; and
  • the taking up of a post as a member of the BoD and as a key function holder of banks;
• BoG Executive Committee Act 178 of 2 October 2020 as regards the outsourcing of activities; and
• other BoG acts (including BoG Governor’s Acts, BoG Executive Committee Acts, BoG Banking and Credit Matters Committee Decisions, and BoG Credit and Insurance Committee Decisions) and the European Banking Authority guidance, etc.

Which regulatory authorities are primarily responsible for overseeing banks?

The BoG is the national competent authority for supervising the banking sector and exercising prudential supervision over Greek banks; however, within the SSM, the ECB directly supervises the following significant credit institutions authorised in Greece:

• Alpha Bank SA;
• Eurobank SA;
• National Bank of Greece SA; and
• Piraeus Bank SA.

Less significant banks are supervised directly by the BoG, which is the competent authority for overseeing entities of the financial sector, including payment institutions, credit companies and credit servicing firms.

The BoG is also the national resolution authority and, along with the Single Resolution Board (SRB), is established within the Single Resolution Mechanism to exercise the resolution powers. The SRB is competent for the banks supervised directly by the ECB. The BoG is also responsible for supervising the compliance of banks with the AML/CFT framework.

The Hellenic Capital Market Commission (HCMC) is the competent authority for monitoring the implementation of Law 4514 with respect to investment services; however, the BoG remains responsible for supervising banks’ compliance with Law 4514 and cooperates closely with the HCMC in that respect.

The HCMC is also competent for ensuring the implementation of market abuse legislation and overseeing compliance by any obliged entity, including Greek banks, with the Market Abuse Regulation (EU) No. 596/2014 (MAR) and Law 4443/2016, which supplements MAR in Greece.

Describe the extent to which deposits are insured by the government. Describe the extent to which the government has taken an ownership interest in the banking sector and intends to maintain, increase or decrease that interest.

The Hellenic Deposit and Investment Guarantee Fund (TEKE) is the operator of the deposit guarantee and investment compensation schemes as well as the resolution fund of Greek banks. It is governed by Law 4370/2016, which transposed into Greek law the Deposit Guarantee Schemes Directive, which was amended by, among others, Laws 4783/2021, 4920/2022 and 4972/2022.

According to Law 4370/2016, all Greek banks (ie, CRR credit institutions) must become members of the deposit coverage scheme held with TEKE. Such participation automatically activates the participation of banks in the TEKE resolution scheme. Participation in the investor compensation scheme, which is another department of TEKE, is also mandatory for Greek banks.

The maximum level of coverage is set to €100,000 per depositor, per credit institution (irrespective of the number of deposit accounts held in the credit institutions, the currency of such deposits and the location of such deposit accounts), with certain limited exemptions where the compensation may be up to €300,000 (eg, for sale or expropriation of private residential property, payment of lump sum retirement benefit or periodical pension benefits and compensation owing to termination of employment).

Following the global financial crisis of 2007–2009 and its consequences for the Greek financial system, one of the measures taken to enhance the capital adequacy of Greek banks was the establishment of the Hellenic Financial Stability Fund (HFSF). The HFSF was incorporated with the objective of contributing to the stability of the Greek banking system for the public interest and currently has the following participations in Greek banks:

• Alpha Bank SA: 9 per cent;
• Eurobank SA (through Eurobank Holdings): 1.4 per cent;
• National Bank of Greece SA: 40.39 per cent;
• Piraeus Bank SA (through Piraeus Financial Holdings SA): 27 per cent; and
• Attica Bank: 62.93 per cent.

In 2021, the HFSF reduced its participation in the share capital of Greek banks through share capital increases. In parallel, Law 3864/2010 was amended in 2021 with respect to the internal organisation of the HFSF and its participation in banks’ share capital increases, among other things. The law was further amended in 2022 by Law 4941/2022, particularly in relation to the HFSF’s divestment strategy.

On 11 January 2023, the HFSF announced the completion of the update process for the divestment strategy, which was drawn up pursuant to Law 3864/2010 and has been approved by the Ministry of Finance. The current HFSF legal framework elevates the divestment objective to a par with the fund’s other objective, namely its contribution to the maintenance of the financial stability of the Greek banking system for the sake of public interest, and sets year end 2025, the HFSF’s sunset date, as the deadline for completion.

Which legal and regulatory limitations apply to transactions between a bank and its affiliates? What constitutes an ‘affiliate’ for this purpose? Briefly describe the range of permissible and prohibited activities for financial institutions and whether there have been any changes to how those activities are classified.

Law 4548/2018 on sociétés anonymes prohibits the conclusion of transactions with related parties unless certain corporate approvals (ie, a specific permission by a resolution of the BoD or the shareholders’ general meeting of the company, as the case may be) and publicity requirements are met. Related parties are determined as follows:

• by reference to the parties qualifying as ‘related parties’ in accordance with the international accounting standard (IAS) 24 and the legal entities controlled by them in accordance with IAS 27 for listed companies (ie, all Greek systemic banks);
• the BoD members, the persons who exercise control over the bank, close family members of such persons as well as legal entities controlled by these individuals of non-listed companies; or
• other persons (eg, managing directors) to which the provisions of related parties have been extended by virtue of the companies’ articles of association.

Excluded from the scope of article 99 et seq of Law 4548/2018 (ie, provisions on related-party transactions) are agreements that are concluded by banks by virtue of measures adopted for ensuring their stability following the approval of the authority that is competent for their prudential supervision.

In addition, there are specific rules established by the BoG with respect to the conclusion of transactions by banks with persons who have a special relationship with them, which may apply in parallel with the provisions of Law 4548/2018 on related-party transactions. Such specific rules of the BoG will be considered as lex specialis and will therefore prevail over the aforementioned provisions of Law 4548/2018.

BoG Act 2651 of 20 January 2012 defines the persons that have a special relationship with banks by specifying, among other things, the following categories (which are similar to the aforementioned categories of Law 4548/2018):

• their shareholders, meaning:
• the shareholders holding, directly or indirectly, an interest equal to or higher than 5 per cent of the share capital;
• the 10 largest shareholders;
• the persons controlling directly or indirectly the banks through written or other arrangements or in concert; or
• the persons controlling the legal persons included in the aforementioned categories;
• the legal persons directly or indirectly controlled by the banks, or where the banks have a qualifying holding;
• the legal persons who are under joint control with the banks;
• the natural or legal persons who have close links with the banks; and
• the natural persons that exercise managerial powers on the banks (including the BoD members and the chief officers of the internal control functions, as well as their close family members).

BoG Governor’s Act 2577 of 9 March 2006 imposes certain conditions with regard to transactions with persons that have a special relationship that concerns the internal procedures and documentation that banks should implement to ensure that the relevant loan terms do not deviate from the terms applied to other credit facilities of the same type. In addition, each participation in or lending to persons that have a special relationship with a bank is subject to the bank’s BoD approval or general meeting’s resolution, where required by law. It is possible for the BoD to establish a reasonable credit limit up to which a simple post-transaction notification of the respective loan suffices and no prior approval by the BoD is required.

Besides the procedures and restrictions mentioned above, there are reporting requirements both for the persons that have a special relationship with the banks as well as for the banks themselves towards the BoG, including under the provisions of the BoG Executive Committee Act 214 of 12 December 2022. Banks are also subject to increased disclosure obligations in the context of external audits in accordance with the international audit standards on related parties.

In addition, listed banks are subject to additional disclosure obligations in accordance with Law 3556/2007, which transposed the Transparency Directive 2004/109/EC, and with MAR.

What are the principal regulatory challenges facing the banking industry?

Banks must comply with a series of newly introduced requirements in light of new legislation – including the CRD V, the CRR 2, the BRRD II, Securitisation Regulation (EU) No. 2017/2402 and other legislative texts – and are subject to extensive reporting requirements.

Despite the outbreak of the covid-19 pandemic, banks have remained resilient over the past year since they were able to withstand the adverse economic shock. In light of the geopolitical shock caused by Russia’s invasion of Ukraine and its immediate macro-financial consequences, which have increased the uncertainty regarding the evolution of the economy and the financial markets, the ECB has identified in its report the following areas as its priorities for 2023 to 2025.

• Banks should effectively remedy structural deficiencies in their credit risk management cycle, from loan origination to risk mitigation and monitoring, and address in a timely manner any deviations from regulatory requirements and supervisory expectations in order to remedy shortcomings in credit risk management, including exposures to vulnerable sectors.
• Banks reporting a high concentration of funding sources, in particular less stable ones, should diversify their funding structure by developing and executing sound and credible multi-year funding plans, taking into account challenges stemming from changing funding conditions to remedy the lack of diversification in funding sources and deficiencies in funding plans.
• In light of digitalisation and IT risks, banks should retain a strong focus on addressing structural challenges and risks stemming from the digitalisation of their banking services, with a view to ensuring the resilience and sustainability of their business models. Banks must also tackle vulnerabilities and risks stemming from a greater operational reliance on IT systems, third-party services and innovative technologies. They should also have robust outsourcing risk arrangements, and IT security and cyber resilience frameworks to proactively tackle any unmitigated risks that could lead to material disruption of critical activities or services, while ensuring adherence to the relevant regulatory requirements and supervisory expectations.

Regarding climate change, the need to address the challenges and grasp the opportunities arising from the climate transition and adaptation is becoming urgent for banks. Banks should adequately incorporate climate-related and environmental risks within their business strategy and their governance and risk management frameworks to mitigate and disclose such risks, aligning their practices with current regulatory requirements and supervisory expectations. The energy market disruption caused by the war in Ukraine has further underlined the need for the European Union to maintain momentum in the transition to renewable energy sources. 

In Greece, owing to the current global situation, the important institutional changes introduced in 2020–2021 – including the reform of bankruptcy law, and the activation of the Hellenic Asset Protection Scheme and the extension of its application in the context of securitisation transactions of Greek banks (by virtue of which the state guarantees the senior notes in a securitisation covering any interest and the principal due for a certain premium), and other initiatives and efforts made to reduce non-performing loans (NPLs) – the NPL ratio of Greek banks has decreased; however, the efforts of banks to reduce NPLs from their portfolio should be intensified especially because, after the removal of the support measures taken in light of the covid-19 pandemic, new NPLs may emerge.

At the end of September 2022, NPLs amounted to €14.6 billion, and the ratio of NPLs to the total number of loans was 9.7 per cent; however, additional efforts are required for banks to be able to deleverage their balance sheets and reduce their NPL portfolios, as the NPL ratio in Greece remains higher than the average NPL ratio in the European Union.

Are banks subject to consumer protection rules?

Banks are subject to consumer protection rules, which are mainly set out in the codified Consumer Protection Law. The main consumer protection rules that are included in the Consumer Protection Law and relevant to the banking sector are:

• provisions relating to the general terms of business, and the prohibition of abusive and unfair terms in contracts with consumers – in particular, terms are abusive if they result in an excessive imbalance of the rights and obligations of the parties to the detriment of the consumer, and such terms are considered void;
• provisions for the consumers’ pre-contractual and contractual information in respect of the distance provision of financial services; and
• provisions regarding advertising and unfair commercial practices.

Particular scrutiny has been drawn in relation to:

• the compliance of the banks with pre-contractual disclosure requirements (where applicable);
• the content of the agreements entered into with consumers, including the existence of any unfair or abusive terms; and
• advertising practices.

Ministerial Decision No. Ζ1-798 of 25 June 2008, as amended, provides for an indicative list of abusive and unfair terms that have been determined by the Consumer Protection Law and relevant jurisprudence to be unfair terms, which are therefore deemed null and void.

The BoG Governor’s Act No. 2501/2002 sets out the information obligations that the banks have towards their customers. The BoG has also adopted the BoG Executive Committee Act 157/1 of 2 April 2019, endorsing the guidelines of the Joint Committees on complaints management.

There are also specific rules regarding the provision of consumer credit, which are included in Ministerial Decision No. Z1-699 of 23 June 2010 transposing the Consumer Credit Directive 2008/48/EC in Greece. These rules apply to consumer credit agreements that involve a total amount of credit from €200 up to €75,000. In the case of consumer credits, banks have increased pre-contractual and contractual information obligations towards their customers. In June 2021, the European Commission issued a proposal for a revision of the Consumer Credit Directive that aims to adjust the current legal framework to cover new digital lenders and new online payment facilities, and to reduce the risks that consumers are facing (including consumers’ over-indebtedness).

The General Secretariat of Commerce and Consumer Protection under the Ministry of Development and Investments is the supervisory authority for the implementation of the Consumer Protection Law. In cases of breach of consumer legislation, administrative sanctions are imposed by virtue of a decision of the Ministry of Development and Investments. Where breaches of the Consumer Protection Law are committed by banks, administrative sanctions are imposed following the BoG’s decision. The General Secretariat of Commerce and Consumer Protection is also responsible for breaches of banks relating to the payment services legal framework (Law 4537/2018 implementing the Payment Services Directive 2 in Greece). The BoG is responsible for monitoring the banks’ compliance with the consumer protection rules included in BoG acts and with the BoG’s relevant instructions.

In what ways do you anticipate the legal and regulatory policy changing over the next few years?

In light of the priorities that the ECB has adopted for 2023 to 2025, we expect that banks’ and supervisors’ focus will continue to be towards banks’ alignment with the environmental, social and corporate governance framework (including compliance with the principles set out in the ECB guide on climate-related and environmental risks), prudential risks emanating from cyber and digitalisation risks, and banks’ full compliance with Basel III, as well as the risks meaning from the war in Ukraine and high inflation.

In addition, banks should be prepared to further adjust their business to new legal developments. At the end of 2021, the European Commission initiated the revision of EU banking rules (the CRR and the CRD) to ensure that EU banks become more resilient to potential future economic shocks, while contributing to Europe’s recovery from the covid-19 pandemic and the transition to climate neutrality. This package finalises the implementation of Basel III in the European Union.

In January 2023, the members of the European Parliament adopted the above changes to make EU banks more resilient to future economic shocks and implement the international Basel III agreement, taking into account specificities of the EU economy.

Supervision

How are banks supervised by their regulatory authorities? How often do these examinations occur and how extensive are they?

The Bank of Greece (BoG) and the European Central Bank (ECB) supervise banks on an ongoing basis to ensure compliance with banking legislation. More specifically, the supervision exercised by the BoG and the ECB is geared towards the stability and smooth functioning of the financial system, as well as transparency in transactions.

The main supervisory tasks of the BoG are the following:

• monitoring, on an ongoing basis, compliance with the regulatory framework on capital adequacy, liquidity and risk concentration, and cooperating with the ECB in the context of the Single Supervisory Mechanism (SSM);
• evaluating applications for licensing and other authorisations in cooperation with the ECB;
• examining banks’ compliance, on a solo and a consolidated basis, with the regulatory framework that governs their operation;
• assessing banks’ governance system (including management and internal control systems);
• monitoring compliance with legislation on pre-contractual customer information, and on transparency in the procedures and terms and conditions of transactions, excluding matters of any abusive practices, for which the BoG has no authority;
• conducting on-site inspections of banks with the aim of assessing the implementation of the supervisory and regulatory framework – such inspections are conducted on a periodic and ad hoc basis, and the BoG is competent for the on-site inspections of all supervised institutions that constitute an integral part of the overall supervisory procedure;
• monitoring banks’ compliance with the obligations arising from the anti-money laundering and countering the financing of terrorism (AML/CFT) legal framework;
• controlling and supervising the special liquidation of banks following the withdrawal of their authorisation and the appointment of a special liquidator; and
• imposing administrative sanctions and other administrative measures for breaches of the legislative and regulatory framework within its scope of supervision.

In the context of ongoing supervision, the BoG and the ECB assess (at least) annually the risks that banks face and ensure that banks are equipped to manage those risks properly in accordance with the Supervisory Review and Evaluation Process (SREP) set out in article 89 et seq of Law 4261/2014 (Law 4261), and the relevant guidelines issued at an EU level (which are currently under review). The key purpose of SREP is to ensure that institutions have adequate arrangements, strategies, processes and mechanisms as well as capital and liquidity to ensure sound management and coverage of the risks to which they are or might be exposed, including those revealed by stress testing and risks that the institution may pose to the financial system.

More specifically, SREP’s focus (subject to the new guidelines to be issued) is on the following areas:

• business model analysis;
• assessment of internal governance and institution-wide control arrangements;
• assessment of risks to capital and adequacy of capital to cover such risks; and
• assessment of risks to liquidity and adequacy of liquidity resources to cover such risks.

The BoG and the ECB use stress test tools (at least annually) to identify and address banks’ vulnerabilities to facilitate the SREP process. In certain cases, the prudential regulator adopts (at least annually) a supervisory examination programme for the banks that it supervises and takes the necessary measures provided in Law 4261.

Banks must submit information to the BoG and the ECB on a periodic basis so that the regulators are able to exercise their prudential powers. The BoG and the ECB may perform examinations or investigations either on the basis of such information or following a relevant complaint.

How do the regulatory authorities enforce banking laws and regulations?

The BoG may initially take measures that are preventative in nature, such as to request further information or for the submission of documents, to examine the books and records of the banks (including persons belonging to banks and third parties to whom banks have outsourced operational functions or activities), and to carry out on-site inspections. Depending on the nature of the breach and other conditions, the enforcement powers may vary (eg, penalties may be imposed in relation to the lack of authorisation or lack of regulator’s approval regarding a qualifying holding, as well as for breaching the corporate governance rules or other provisions). In this respect, the BoG is empowered to impose one of the following administrative penalties:

• issuance of a public statement;
• issuance of an order requiring the natural or legal person responsible to cease the conduct and to desist from a repetition of that conduct;
• imposition of administrative fines (for legal persons, up to 10 per cent of the total annual net turnover and, for natural persons, up to €5 million);
• administrative pecuniary penalties of up to twice the amount of the benefit derived from the breach where that benefit can be determined;
• where relevant, suspension of the voting rights of the shareholders held responsible for certain breaches;
• where relevant, a temporary ban against a member of the banks’ board of directors from exercising functions; and
• in extreme cases, withdrawal of a bank’s authorisation.

To determine the administrative penalty to be imposed, the BoG takes into account a series of factors (including the nature and duration of the breach, the damages of third parties, etc). The BoG may publish the penalties imposed on banks on its website according to Law 4261, provided that the deadline to appeal before the Supreme Administrative Court has lapsed.

The ECB also has administrative powers on the four systemic banks in accordance with Council Regulation (EU) No. 1024/2013 on the Single Supervisory Mechanism (SSM) and the corresponding Regulation (EU) No. 468/2014 on the SSM framework. In addition, sanctions may be imposed by the BoG to less significant banks in proceedings opened at the ECB’s request.

What are the most common enforcement issues and how have they been addressed by the regulators and the banks?

Sanctions are intended to punish misconduct by a supervised bank and serve as a deterrent to the bank concerned as well as to the whole banking sector. The most common administrative measures imposed by the BoG relate to non-compliance of banks with the AML/CFT framework and breaches with regard to the transparency of banks towards their customers. In addition, penalties have recently been imposed by the ECB on a systemic bank for non-compliance with own funds requirements.

Resolution

In what circumstances may banks be taken over by the government or regulatory authorities? How frequent is this in practice? How are the interests of the various stakeholders treated?

The Hellenic Financial Stability Fund (HFSF), which contributes to the maintenance of the financial stability in Greece, has provided capital support to all Greek systemic banks and therefore participates in their share capital.

Following the recent amendments in Law 3864/2010, the HFSF approved its divestment strategy, which defines the framework that the HFSF will use to implement the divestment of its holdings in the form of shares or other securities issued by Greek banks in a reasonable and timely manner. The HFSF will make all reasonable efforts to dispose of its participation in Greek systemic banks before 31 December 2025, subject to maintaining financial stability and ensuring that it receives fair value.

Besides the establishment of the HFSF, Law 4335/2015 incorporated the provisions of the Bank Recovery and Resolution Directive (BRRD) 2014/59/EU into Greek legislation, which sets out the legal framework for the recovery and resolution of banks. This law was amended in 2021 by Law 4799/2021 transposing Directive 2019/879/EU (BRRD II) into Greek law.

In 2021, a less significant Greek bank was heading towards transitional nationalisation as, following the activation of the legislation on deferred tax credit (DTC) and the conversion of the DTC warrants in favour of the Greek state to common shares in October 2021, the HFSF held 68.2 per cent of the bank’s common ordinary shares (which later became 62.93 per cent following a share capital increase).

Following consultations and negotiations with investors, the HFSF entered into an agreement with a preferred strategic investor at the end of 2021 with the aim of proceeding to the dilution of the HFSF’s participation following share capital increases in combination with the issuance of debt instruments. As at the time of writing, discussions continue.

What is the role of the bank’s management and directors in the case of a bank failure? Must banks have a resolution plan or similar document?

Banks are obliged to have contingency and business continuity plans in place to ensure their ability to operate on an ongoing basis and limit losses in the event of severe business disruption. Banks should also have liquidity recovery plans setting out adequate strategies and proper implementation measures to address possible liquidity shortfalls, which must be tested at least annually, updated on the basis of the outcome of the alternative scenarios and submitted (as a report) to the senior management to be approved. In the context of prudential requirements, banks – when failing to meet their combined buffer requirement or, where applicable, their leverage ratio buffer requirement – must also prepare a capital conservation plan in accordance with Law 4261/2014 (Law 4261).

In the case of a bank failure, the provisions of Law 4335/2015 are applicable. More specifically, if the bank’s board of directors (BoD) considers the bank to be failing or likely to fail on the basis of certain objective criteria, it must notify, without undue delay, the Bank of Greece (BoG) in accordance with Law 4335/2015 and BoG Act No. 111/2017.

Greek banks (or an EU parent undertaking) must draw up and maintain a recovery plan, which provides measures to be taken by banks to restore their financial position in the event of a significant deterioration of their financial situation. Such recovery plans are part of the governance measures taken by banks. The competent authority ensures that banks update their recovery plans at least annually, after a change in their legal or organisational structure, or after a change in their business or financial situation that could have a material effect on, or necessitates a change to, the recovery plan. The banks’ BoD must assess and approve such recovery plans before their submission to the competent authority, which will thereafter evaluate the adequacy of such plans.

Besides the recovery plan, the resolution authority (either the Single Resolution Board for the banks supervised by the European Central Bank (ECB) or the BoG for the less significant banks), after consulting the relevant competent authorities (where relevant), must draw up a resolution plan for each bank that is not part of a group subject to consolidated supervision, which will provide for the resolution actions that the resolution authority may take where the bank in question meets the conditions for resolution. Equally, the resolution authority of the group must draw up the group resolution plan. The resolution plan must be updated at least annually, and the resolution authority may require banks to assist it in the drawing up or updating of the resolution plan.

Are managers or directors personally liable in the case of a bank failure?

Bank failure does not automatically result in, or link to, the liability of bank’s BoD; however, both Law 4261 and Law 4335/2015 provide certain measures that the competent authorities may take towards the BoD members.

According to Law 4261, the BoG is empowered to impose administrative penalties for breaches of Law 4261 and the Capital Requirements Regulation (EU) No. 575/2013 on the BoD members and other natural persons held responsible for the breach, action or omission, to the extent that this occurs during the exercise of the tasks that they have been delegated. In addition, Law 4261 sets out fines (between €100,000 and €300,000) that the BoG is entitled to impose on the members of a bank’s BoD if they do not take the necessary actions for the convocation of a general shareholders’ meeting if a share capital increase is required by the BoG.

In the case of a bank failure, the resolution authority – when implementing the resolution tools or exercising its resolution powers – is entitled to take all appropriate measures to ensure, among other things, that:

• the BoD (and the senior management) of the bank under resolution is replaced or removed (unless its retention is considered to be necessary for the achievement of the resolution objectives) and the resolution authority may appoint a special manager to replace the management body in this respect;
• the BoD (and the senior management) of the bank provides all necessary assistance for the achievement of the resolution objectives; and
• natural and legal persons are made liable under civil or criminal law for their responsibility for the failure of banks.

In addition, in the event of an infringement of Law 4335/2015, administrative penalties may be imposed on the BoD members or other natural persons who are responsible for the infringement. For example, sanctions may be imposed where the BoD does not notify the BoG in due time that the bank is considered to be failing or likely to fail. Administrative penalties include temporary bans against any BoD member or senior management of the bank (or other natural persons who are held responsible to exercise authority in such banks) as well as administrative fines of up to €5 million for natural persons.

From a corporate law perspective, the BoD members are liable towards banks for any damage caused as a result of an act or omission that constitutes a violation of their duties, unless they are able to demonstrate that they acted with due diligence of a prudent businessperson. Any individual who acts or represents a company within the context of authorisation may be also held liable.

In the past, criminal penalties have been imposed on BoD members of Greek banks for the offence of misappropriation, violation of duties and fraud. The Criminal Code includes a specific provision regarding the procedure of the prosecution of persons (eg, BoD members) that are held liable towards banks for misappropriation where treated as a serious criminal offence.

Describe any resolution planning or similar exercises that banks are required to conduct.

Law 4335/2015 transposed the BRRD into Greek law and contains detailed provisions regarding the recovery and resolution of banks. Banks must draw up and maintain a recovery plan, and the resolution authorities should prepare the banks’ resolution plan.

The recovery plan, which constitutes part of the governance arrangements of banks, must include:

• where applicable, an analysis of how and when the bank may apply – in the conditions addressed by the plan – for the use of any facilities provided by the ECB and identify those assets expected to qualify as collateral;
• the appropriate conditions and procedures to ensure the timely implementation of recovery actions and the range of recovery options, taking into account a range of scenarios of severe macroeconomic and financial stress relevant to the bank’s specific conditions; and
• a detailed list of information that is set in section A of the Annex to Law 4335/2015 (eg, a range of capital and liquidity actions required to maintain or restore the viability and financial bank’s position, preparatory arrangements and measures).

The BoG will intensively assess the appropriateness of the recovery plan, taking into consideration the appropriateness of the bank’s capital and funding structure to the level of complexity of the organisational structure and the risk profile of the bank. The BoG may require banks to submit a revised recovery plan within two months (unless this deadline is extended) or require banks to take any appropriate measures, including:

• to reduce their risk profile (including liquidity risk) to enable timely recapitalisation measures;
• to review their strategy and structure; or
• to make changes with respect to their funding strategy or their governance structure.

The resolution plans that are drawn up by the resolution authorities (with the assistance of the banks where so requested) must include detailed and quantified (where possible) information and determine the options for applying the resolution tools and resolution powers. A detailed list of the information that a resolution plan must contain is set out in Law 4335/2015, also taking into account the EU technical standards (Commission Delegated Regulation (EU) No. 2016/1075 and Commission Implementing Regulation (EU) No. 2018/1624). Greek banks are obliged to cooperate with the resolution authority (which draws up the resolution plans) and provide the resolution authority with all information required for the preparation and implementation of such resolution plans.

Capital requirements

Describe the legal and regulatory capital adequacy requirements for banks. Must banks make contingent capital arrangements?

The Capital Requirements Regulation (EU) No. 575/2013 (CRR) and Capital Requirements Directive (CRD) IV (2013/36/EU), which transposed into Law 4261/2014 (Law 4261), set out the capital adequacy requirements for banks; however, the capital and prudential regime for banks continues to evolve as the CRD IV and the CRR have been amended by CRD V (Directive 2019/878/EU) and Regulation (EU) 2019/876 (CRR 2) respectively. Law 4799/2021 transposed the CRD V and the Bank Recovery and Resolution Directive (BRRD) II (Directive 2019/879/EU) in Greece.

Banks are required to have a minimum paid-up initial capital of €18 million.

The capital resources that a bank is required to maintain can be constituted by a mixture of common equity Tier 1 capital, additional Tier 1 capital and Tier 2 capital. The CRR contains detailed legal and technical requirements for eligibility of capital instruments.

In particular, banks must at all times satisfy the following own funds requirements (which are expressed as a percentage of the banks’ total risk exposure):

• a common equity Tier 1 capital ratio of 4.5 per cent;
• a Tier 1 capital ratio of 6 per cent; and
• a total capital ratio of 8 per cent.

Regarding the liquidity requirements, the CRD IV and the CRR, as amended, provide for quantitative liquidity standards (including the liquidity coverage ratio and the net stable funding ratio). In addition, CRR 2 implements some additional own funds requirements for banks. In particular, it introduced a 3 per cent leverage ratio requirement that will constitute part of the above own funds requirements, which applies as of 28 June 2021. The European Central Bank (ECB) extended its relief by allowing eurozone banks under its direct supervision to exclude certain central bank exposures from the leverage ratio until the end of March 2022 owing to the covid-19 pandemic.

The CRR 2 also introduced a leverage ratio buffer requirement for institutions identified as global systemically important institutions (G-SIIs) to be applicable as of 1 January 2023. On 16 February 2021, the European Commission issued a report and concluded that it does not consider it appropriate to introduce a leverage ratio surcharge for other systemically important institutions (O-SIIs) for the time being.

The combined buffer requirement includes the capital conservation buffer, the countercyclical capital buffer, the G-SIIs buffer, the O-SIIs buffer and the systemic risk buffer. Law 4261 provides that a capital conservation buffer of 2.5 per cent of a bank’s total exposures should be maintained so that banks are able to avoid breaches of minimum capital requirements during periods of stress. In the context of its macroprudential supervision, the Bank of Greece (BoG) is responsible for setting the countercyclical capital buffer rate for Greece on a quarterly basis.

From 1 January 2016 to December 2022, the countercyclical capital buffer rate for Greece was set by the BoG at zero per cent (ie, at the lowest end of the permissible range), therefore not affecting the capital requirements for banks. The O-SII buffer consists of common equity Tier 1 capital; its rate is set by the BoG at a level up to 2 per cent of the total risk exposure amount and is reviewed at least once per year.

The BoG deems the four Greek systemic banks to qualify as O-SIIs (and they should comply at solo level, while their parent financial holdings should also comply at consolidated level) and set the applicable O-SII buffer rates (0.75 per cent for 2022 and 1 per cent for 2023). The combined buffer has been set at 2.5 per cent for less significant banks and at 3.25 per cent for the four systemic banks in 2022. The BoG has not decided to activate the systemic risk buffer and the global systemic institutions buffer. It may apply additional macroprudential tools towards banks.

Banks are required to assess the capital adequacy themselves through the Internal Capital Adequacy Assessment Process, which is then subject to review by the regulator in the context of the Supervisory Review and Evaluation Process (SREP) where the results from the stress tests are also assessed. The BoG or the ECB may impose additional capital requirements in the context of the SREP assessment if such evaluation reveals major deficiencies or in other cases provided by law.

In particular, the Pillar 2 Requirement (P2R), which is determined through the SREP, is a bank-specific capital requirement that applies in addition to, and covers risks that are underestimated or not covered by, the minimum capital requirement. The capital that the ECB or the BoG asks banks to keep based on the SREP also includes the Pillar 2 Guidance (P2G), which indicates to banks the adequate level of capital to be maintained to provide a sufficient buffer to withstand stressed situations. Unlike the P2R, the P2G is not legally binding.

While the revised P2G approach was applied in 2022 to make full use of the 2021 stress test and related capital impact simulations, the ECB nevertheless committed to allowing banks to operate below the P2G and the combined buffer requirement until at least the end of 2022 due to the covid-19 pandemic. Following the transposition of the CRD V in Greece, the competent authority may impose additional own funds requirements in accordance with article 104a et seq thereof.

In addition, banks are obliged to set their internal capital at an adequate level of own funds that is sufficient to cover all the risks that a bank is exposed to and to ensure that the bank’s own funds can absorb potential losses resulting from stress scenarios, including those identified under the supervisory stress test. Guidance on additional own funds is provided to banks by competent authorities.

The quantitative capital requirements under the CRD IV and the CRR are supplemented by the obligation under Directive 2014/59/EU (BRRD), as amended by the BRRD II, for banks to satisfy, at all times, a minimum requirement for own funds and eligible liabilities (MREL), which is determined by the competent resolution authority on an annual basis (on a bank-specific basis). The target for the MREL requirement (as determined under the BRRD II by the resolution authority) is composed of:

• a loss absorption amount, which includes the sum of the Pillar 1 requirements and the Pillar 2 requirements as determined by the competent authority; and
• any requirement in relation to the leverage ratio and a recapitalisation amount.

Pursuant to the BoG financial stability report of November 2022, the capital adequacy of banking groups declined marginally in the first half of 2022, mainly owing to an increase in risk-weighted assets, as the negative impact from the phasing-in of International Financial Reporting Standard 9 on prudential own funds was offset by the positive impact of half-year profits. In particular, the Common Equity Tier 1 (CET1) ratio on a consolidated basis fell to 13.2 per cent in June 2022 from 13.6 per cent in December 2021, and the Total Capital Ratio (TCR) to 15.9 per cent from 16.2 per cent. These ratios are well below the average for banks supervised directly by the ECB in the Banking Union (CET1 ratio 15 per cent and TCR 18.9 per cent in June 2022).

How are the capital adequacy guidelines enforced?

The enforcement of the capital adequacy requirements falls within the supervisory mandate of the prudential regulators (ie, BoG for less significant banks and the ECB for significant banks). Accordingly, the prudential regulator could take measures to improve the bank’s own funds and liquidity, and in particular:

• to require banks to have additional own funds in excess of the requirements set out in Law 4261 and in the CRR;
• to require the reinforcement of the arrangements, processes, mechanisms and strategies implemented in relation to their internal capital, corporate governance, and recovery and resolution plans;
• to require banks to submit a plan to restore compliance with supervisory requirements and set a deadline for its implementation, including improvements;
• to require banks to apply a specific provisioning policy or treatment of assets in terms of own funds requirements;
• to restrict or limit the business, operations or network of banks, or to request the divestment of activities that pose excessive risks to the soundness of a bank;
• to require the reduction of the risk inherent in the activities, products and systems of banks, including outsourced activities;
• to require banks to limit variable remuneration as a percentage of net revenues where it is inconsistent with the maintenance of a sound capital base;
• to require banks to use net profits to strengthen own funds;
• to restrict or prohibit distributions or interest payments by a bank to shareholders, members or holders of additional Tier 1 instruments where the prohibition does not constitute an event of default of the bank;
• to impose additional or more frequent reporting requirements (including reporting on own funds, liquidity and leverage) to the extent that the additional reporting is proportionate;
• to impose specific liquidity requirements, including restrictions on maturity mismatches between assets and liabilities;
• to require additional disclosures;
• to require banks to obtain the BoG’s prior approval for carrying out transactions that, in the BoG’s opinion, could be detrimental to bank’s solvency; such measure may be adopted by the BoG for a period of up to three months; and
• to require the increase of the share capital of banks.

What happens in the event that a bank becomes undercapitalised?

If it is presumed that a bank will not be able to comply with the capital adequacy requirements, the prudential authorities may order the bank to take measures to improve its own funds and liquidity. In particular, the BoG (or the ECB) may, among other things:

• require banks to take the necessary measures at an early stage to address relevant problems where banks do not meet the requirements of Law 4261 and the CRR (or where there is evidence that banks are likely to breach such requirements within the following 12 months) – in this instance the prudential authorities may exercise their supervisory powers;
• exercise their supervisory powers and require, among others, banks to have additional own funds in excess of the requirements set out in CRR or Law 4261 (ie, P2R) – article 104a et seq of the CRD V, which has been transposed into Greek law, determines the conditions under which the prudential authorities may impose the additional own funds requirements, taking into account the risk profile of each individual bank and the risks to which the bank is exposed, and the competent authority will duly justify in writing to each institution the decision to impose additional own funds; and
• request banks (and their board of directors (BoD)) to increase their share capital within a set deadline (with a parallel nominal reduction of the capital, if necessary) to comply with capital adequacy requirements.

Under certain conditions (including where a bank does not maintain sufficient own funds), the BoG may also appoint a special commissioner for the latter to safeguard the smooth operation of the bank and its further recovery or to prepare the implementation of the resolution measures by replacing the BoD of the bank under resolution.      

What are the legal and regulatory processes in the event that a bank becomes insolvent?

A bank may not be declared bankrupt or be subject to pre-bankruptcy collective proceedings in accordance with the Bankruptcy Code or other Greek laws of similar effect.

The resolution authorities have a number of resolution tools, resolution powers and other powers at their disposal. At an earlier stage of deterioration of banks’ financial conditions, the resolution authorities may adopt one of the early intervention measures provided in Law 4335/2015 (eg, to require the BoD of the bank to implement one or more of the arrangements or measures set out in the recovery plan, or to require one or more members of the management body to be removed or replaced).

In addition, the resolution authorities may take a resolution action where all the following conditions are met and regardless of whether an early intervention measure has been adopted:

• the bank is failing or likely to fail;
• there is no reasonable prospect that any alternative private sector measures or supervisory action would prevent the failure of such a bank within a reasonable time frame; and
• a resolution action is necessary in the public interest.

In particular, the resolution authorities may use one or more of the following resolution tools:

• the power to transfer to a purchaser shares or other instruments of ownership issued by – or all of any assets, rights or liabilities of – the bank under resolution (the sale of business tool);
• the power to transfer to a bridge institution, which shall be a legal person that is wholly or partially owned by one or more public authorities and controlled by the resolution authority, shares or other instruments of ownership issued by – or all of any assets, rights or liabilities of – the bank under resolution (the bridge institution tool);
• the power to transfer assets, rights or liabilities of the bank under resolution or of a bridge institution to one or more asset management vehicles (the asset separation tool); or
• the write-down and conversion powers in relation to liabilities of a bank under resolution (the bail-in tool).

Other measures can be used to the extent that they conform to the principles and objectives of resolution set out under the BRRD as in force. In circumstances of extraordinary systemic crisis, the bank’s resolution may, as a last resort, involve government financial stabilisation tools consisting of public equity support and temporary public ownership tools. These measures would nonetheless only become available after certain conditions are met, including that the bank’s shareholders, and creditors bear losses equivalent to 8 per cent of the bank’s liabilities.

When applying resolution tools and exercising resolution powers, the following principles are taken into account by the resolution authorities:

• shareholders of the bank under resolution bear first losses;
• creditors of the bank under resolution bear losses after the shareholders in accordance with the order of priority of their claims under normal insolvency proceedings, except as expressly provided otherwise in Law 4335/2015;
• BoD members of the bank under resolution are replaced, except in cases where their retention is considered to be necessary for the achievement of the resolution objectives;
• BoD members of the bank under resolution shall provide all the necessary assistance for the achievement of the resolution’s objectives;
• natural and legal persons are made liable under civil or criminal law for their responsibility for the failure of the bank;
• creditors of the same class are treated in an equitable manner (unless otherwise provided);
• no creditor shall incur greater losses than would have been incurred had the bank been wound up under normal insolvency proceedings;
• covered deposits are fully protected; and
• resolution action is taken in accordance with the safeguards of Law 4335/2015.

A special commissioner may be appointed by the resolution authorities to replace the BoD of the bank under resolution.

In any case, the resolution authority should inform the Ministry of Finance of its decisions. If such decisions have a direct public impact or systemic consequences, then the consent of the Ministry of Finance is required.

If the bank’s authorisation is revoked, the bank will be mandatorily placed under special liquidation in accordance with Law 4261. The provisions of the Bankruptcy Code may apply additionally to the provisions of the special liquidation of a bank, to the extent that they do not contradict to article 145 et seq of Law 4261 or any delegated BoG acts. Article 145A of Law 4261 provides for the hierarchy of claims in the special liquidation of banks. Law 3458/2006, as amended, incorporates Directive 2001/24/EC into Greek legislation and provides for the special liquidation procedure applicable to banks.

Have capital adequacy guidelines changed, or are they expected to change in the near future?

The provisions of the CRD IV (as transposed into Law 4261) and of the CRR have already adopted macroprudential measures that are aligned with Basel III. In June 2019, the revised rules on capital and liquidity (CRR 2 and CRD V), which complete and improve the existing framework, and on resolution (BRRD II and Regulation (EU) No. 2019/877) were published in the Official Journal of the European Union. Most of these changes started to apply from mid-2021. Law 4799/2021 has fully transposed the CRD V and the BRRD II in Greece.

The limits between the microprudential and macroprudential measures are now clear (especially because own funds P2R requirements are not used for macroprudential and systemic risks). The main changes introduced in the context of macroprudential supervision and capital adequacy concern, notably, the following.

• The application of the additional own funds requirements of P2R should be set by the competent authorities in relation to the specific situation of a bank and cannot be imposed for addressing macroprudential or systemic risks. The additional own funds requirement imposed by competent authorities is an important driver of a bank’s overall level of own funds and is relevant for market participants as the level of additional own funds requirement imposed impacts the trigger point for restrictions on dividend payments, bonus payouts and the payments on additional Tier 1 instruments. The conditions under which the additional own funds requirement are to be imposed are provided in Law 4261.
• The manner according to which the P2R is placed in relation to the minimum own funds of article 92 of the CRR and the combined buffer requirement has been clarified. Banks must not, notably, use common equity Tier 1 capital that is maintained to meet one of the elements of its combined buffer requirement to meet other applicable elements of its combined buffer requirement.
• The notification procedure with regard to the countercyclical capital buffer is simpler at an EU level; the countercyclical capital buffer is determined or adjusted by competent authorities only if it is necessary through an assessment of its appropriateness on a trimestral basis.
• The systemic risk buffer may be used cumulatively with O-SII or G-SII buffers (provided that they cover different risks).
• The maximum level of O-SII buffer that the competent authorities may impose on O-SIIs has been increased from 2 per cent to 3 per cent of the total risk exposure amount.

The BRRD II (transposed by Law 4799/2021 in Greece), which introduces the notions of ‘resolution entity’ and ‘resolution group’, and harmonises the regime with respect to the total loss absorption capacity (TLAC), also includes certain changes in relation to the MREL, notably the following:

• a minimum MREL obligation has been determined for G-SIIs in the context of TLAC standards;
• the MREL is calculated as a percentage of the total risk exposure amount and as a percentage of the total exposure measure that both should be fulfilled;
• a more stringent framework has been introduced for the establishment of the MREL and, in particular, the minimum level of MREL requirement is to be covered by own funds and eligible instruments or subordinated liabilities for G-SIIs and credit institutions with assets exceeding €100 billion;
• amendments have been brought with respect to the MREL obligations at a group level and with respect to G-SSIs;
• internal MREL obligations for entities that are not themselves resolution entities have been provided; and
• the combined buffer requirement is not included in the MREL obligation and is now a separate obligation.

The CRR, the CRD and the BRRD are currently subject to review.

One of the most significant legislative initiatives at the EU level is the EU banking package (CRR3 and CRD 6) fully implementing the Basel III framework, which was adopted by the European Parliament in January 2023.

Ownership restrictions and implications

Describe the legal and regulatory limitations regarding the types of entities and individuals that may own a controlling interest in a bank (or non-bank). What constitutes ‘control’ for this purpose?

There are no legal or regulatory limitations regarding the types of entities and individuals that may own a controlling interest in a bank (or non-bank). For the purpose of this question, a controlling interest should be interpreted in light of the definition of ‘qualifying holding’, which means a direct or indirect holding in an undertaking that represents 10 per cent or more of the capital or of the voting rights, or that makes it possible to exercise a significant influence over the management of that undertaking. The acquisition of a qualifying holding in a Greek bank is subject to the assessment of the Bank of Greece (BoG) and the final approval of the European Central Bank (ECB).

In any case, if the influence exercised by the persons that have a qualifying holding is likely to operate to the detriment of the prudent and sound management of the bank, the BoG or the ECB may take appropriate measures to resolve this situation.

Are there any restrictions on foreign ownership of banks (or non-banks)?

There are no legal or regulatory restrictions on foreign ownership of banks or other financial institutions. The BoG and the ECB are entitled to oppose the proposed acquisition only if there are reasonable grounds for doing so on the basis of the criteria set out in Law 4261/2014 (Law 4261) and the respective regulatory guidance. In the case of acquirers that are established in third countries, additional information is requested by regulators for the latter to have an overview of the regulatory regime of the third country applicable to the acquirer to make sure that there are no obstacles to the effective supervision of the Greek entity. 

Additional considerations must be taken into account. For example, if the registered office of a parent undertaking (acting as the acquirer) is outside the European Union and the parent undertaking has two or more subsidiaries (institutions regulated by the Capital Requirements Regulation (EU) No. 575/2013) in the European Union, then the establishment of a single EU intermediate parent undertaking might be required following the transposition of the Capital Requirements Directive (CRD) V (2019/878/EU) in Greece if certain conditions are met (including if the total asset value within the European Union of the third-country group exceeds €40 billion).

What are the legal and regulatory implications for entities that control banks?

There are no restrictions on the business of an acquirer of a Greek bank; however, its business will be taken into account in the qualifying holding assessment process. 

Depending on the structure of the group and the entities involved, a consolidated supervision may be triggered for the group (where relevant). Consolidated supervision applies at the level of the highest EU group entity whose subsidiaries are banks or other regulated entities engaging in broadly financial activities.

Depending on the activities and the participation of the parent entity, additional regulatory implications may be triggered that the entities wishing to control a Greek bank should carefully take into account. In particular, the legal entity may fall within the definition of the financial holding company, which, under certain conditions, will be subject to the approval regime under article 21a of the CRD V (which has been transposed by article 22a of Law 4261 in Greece). Equally, the obligation to establish an EU intermediate parent undertaking may apply in certain cases.

What are the legal and regulatory duties and responsibilities of an entity or individual that controls a bank?

Natural or legal persons with a qualifying holding in a Greek bank must notify the BoG in writing of any intention to increase, sell or decrease such a holding, directly or indirectly, in a way that would cross, reach or fall below certain thresholds and submit specific information to the BoG.

Any change in the information submitted by the controlling shareholders to the BoG has to be promptly notified to the regulator. In particular, any entity controlling a bank must notify the BoG in writing of any change in, among other things:

• the members of the board of directors;
• the members of its senior management;
• the shareholders holding at least 5 per cent; and
• where appropriate, their ultimate beneficial owner identity.

This notification requirement lies equally with the aforementioned natural persons.

Banks’ shareholders may also be subject to other obligations that arise from the banking legislation (eg, they have to comply with the instructions of the BoG requiring an increase in the bank's share capital in accordance with article 136 of Law 4261). Banks are also subject to reporting requirements to the BoG (on becoming aware of any acquisitions or disposals of holdings that cause holdings to exceed or fall the relevant thresholds, or where a change occurs as well as on annual basis).

In Greece, the majority of the systemic banks are wholly owned by a Greek financial holding company. Such financial holding companies are listed on the Athens Stock Exchange; therefore, their controlling shareholders are also subject to additional disclosure requirements.

What are the implications for a controlling entity or individual in the event that a bank becomes insolvent?

A bank does not become insolvent, but it may be subject to bank resolution and reorganisation measures. In the case of bank failure, Law 4335/2015 ensures that the costs will first be borne by shareholders. This is the case when applying the bail-in tool, where the reduction of principal or outstanding amount due, conversion or cancellation takes effect and is immediately binding on the bank under resolution and affected shareholders.

Where a resolution authority decides to exclude or partially exclude an eligible liability or class of eligible liabilities in the context of the bail-in tool, the resolution scheme (under the Hellenic Deposit and Investment Guarantee Fund) may make a contribution only if, among other things, a contribution to loss absorption and recapitalisation equal to an amount not less than 8 per cent of the total liabilities – including own funds of the bank under resolution – has been made by the shareholders. Law 4335/2015 also provides that no procedural impediments to the conversion of liabilities to shares or other instruments of ownership exist by virtue of their instruments of incorporation or statutes, including pre-emption rights for shareholders or requirements for the consent of shareholders to an increase in capital. Similarly, the government financial stabilisation tools may be applied only if, among other things, a contribution to loss absorption and recapitalisation equal to an amount not less than 8 per cent of total liabilities – including own funds of the bank under resolution – has been made by the shareholders.

If the bank is placed under special liquidation, the provisions of the Bankruptcy Code will apply to the extent that they do not contradict Law 4261 and the special regime applicable to banks. Article 145A of Law 4261 determines the ranking of claims in case of special liquidation of a bank. Shareholders’ claims are satisfied after the satisfaction of all other creditors.

M&A and changes in control

Describe the regulatory approvals needed to acquire control of a bank (or non-bank). How is ‘control’ defined for this purpose? Do the requirements differ depending on the size or complexity of the institution?

Any natural or legal person (or such persons acting in concert) who have decided either to acquire, directly or indirectly, a qualifying holding in a bank – or to further increase, directly or indirectly, such a qualifying holding in a bank as a result of which the proportion of the voting rights or of the capital held would reach or exceed 20, 30 or 50 per cent or so that the bank would become its subsidiary – must notify the Bank of Greece (BoG) in advance in accordance with the qualifying holding process set out in Law 4261/2014 (Law 4261). The requirements apply regardless of the size and complexity of the bank.

The BoG will assess whether the potential acquisition complies with all regulatory conditions and will prepare a draft decision for the European Central Bank (ECB) on whether to oppose the acquisition. The ECB will thereafter decide whether or not to oppose the acquisition on the basis of its assessment of the proposed acquisition and the BoG’s draft decision.

Under Law 4261, prior notification to the BoG is also required with respect to the acquisition or increase of a holding that would reach or exceed a percentage of 5 per cent in the capital or the attached voting rights of a Greek bank. The BoG will, thereafter, conduct an ad hoc assessment and decide, within five business days, whether such acquisition or increase will constitute a significant influence. If so, it will notify the proposed acquirer and carry out an assessment in light of the qualifying holding process. Banks are also subject to reporting requirements to the BoG (on becoming aware of any acquisitions or disposals of holdings that cause holdings to exceed or fall the relevant thresholds, or where a change occurs as well as on annual basis).

It is possible for a person to be considered as having acquired a qualifying holding even in circumstances when he or she has acquired less than 10 per cent of the shares and voting rights, as the definition of qualifying holding also includes cases where a proposed acquirer is deemed to exercise a significant influence over the management of a bank on the basis of a non-exhaustive list of factors issued by the BoG Act 178 of 2 October 2020.

Besides the aforementioned qualifying holding approval process, notification requirements under Law 3556/2007 implementing the Transparency Directive 2004/109/EC in Greece might be also triggered in respect of the acquisition of significant shareholding in entities whose shares are traded on a regulated market (noting that the majority of the significant Greek banks are wholly owned by financial holding companies that are listed on the Athens Stock Exchange). The shareholders should notify the issuer and the Hellenic Capital Market Commission of the percentage of voting rights held by them if they acquire or dispose of shares of the issuer carrying voting rights and if, as a result of that acquisition or disposal, the percentage of their voting rights reaches or exceeds or falls below the applicable thresholds (ie, 5, 10, 15, 20, 25, 33, 50 and 66 per cent) or reaches, exceeds or falls below the aforementioned applicable threshold as a result of corporate events changing the breakdown of voting rights and on the basis of information disclosed by an issuer.

A notification obligation also lies with any shareholder who holds voting rights exceeding 10 per cent if such a percentage changes by 3 per cent or more, following acquisition or disposal of voting rights or other corporate events altering the breakdown of voting rights. New changes exceeding 3 per cent create a new notification obligation.

Additional requirements may be also triggered under competition law.

Are the regulatory authorities receptive to foreign acquirers? How is the regulatory process different for a foreign acquirer?

The nationality or the place of establishment of the proposed acquirer is not relevant. The BoG and the ECB are entitled to oppose the proposed acquisition only if there are reasonable grounds for doing so on the basis of the criteria set out in Law 4261 (or because the file is incomplete). The ECB and the BoG cannot impose any prior conditions on the level of holding to be acquired or examine the proposed acquisition in terms of the economic needs of the market.

The regulatory process, however, contains the following provisions regarding the assessment of foreign acquirers.

• The assessment should not take longer than 60 working days from receipt of a complete file. If, however, additional information is required, the aforementioned assessment period may be extended by the BoG by another 30 working days (instead of an additional 20 working days) if the acquirer is situated or regulated in a third country, or is a natural or legal person not subject to supervision under the legislation applicable to banks, investment firms, insurance or reinsurance undertakings or undertakings for collective investment in transferable securities.
• The BoG should cooperate with the national competent authorities of other EU member states that supervise the proposed acquirer (if any).

Under what circumstances can a foreign bank (or non-bank) establish an office and engage in business? For example, can it establish a branch or must it form or acquire a locally chartered bank?

Foreign banks may establish a branch in Greece without the need to form or acquire a locally chartered bank. More specifically, banks established in other EU member states are entitled to use the EU ‘passport’ to offer services in Greece either by establishing a branch in Greece or alternatively through the freedom to provide services cross-border. The Greek branch may be established and commence its activities in Greece upon receipt of a communication from the BoG within the time frame set by law.

Third-country banks may operate and provide banking activities in Greece only by establishing a branch in Greece, which must be authorised by the BoG on conditions of reciprocity and provided, inter alia, that its activities are covered by its operation licence granted in a third country bank’s country of origin. 

Besides the above, a foreign institution may acquire a Greek chartered bank within the ambit of engaging in business in Greece to the extent that the relevant organisational and internal governance requirements are met, including that such a bank will not be an empty shell that lacks the substance to remain authorised.

What factors are considered by the relevant regulatory authorities in an acquisition of control of a bank (or non-bank)?

Law 4261 sets out a list of factors that are considered by the BoG and the ECB, which are notably the following:

• the reputation of the acquirer;
• the reputation, knowledge, skills and experience of any person who will direct the business of the bank;
• the financial soundness of the acquirer, in particular in relation to the type of business that the bank pursues;
• whether the bank will be able to comply with applicable prudential requirements on an ongoing basis (including whether the group of which the target will become a part has a structure that makes it possible to exercise effective supervision); and
• whether there are reasonable grounds to suspect money laundering or terrorist financing in connection with the proposed acquisition (or that the proposed acquisition could increase the risk thereof).

Describe the required filings for an acquisition of control of a bank. Do the requirements differ depending on the size or complexity of the institution?

The proposed acquirer should notify its intention to acquire a qualifying holding in a Greek bank to the BoG in accordance with the regulatory process set out in Law 4261 and the BoG Act 142 of 11 June 2018 (as amended by the BoG Act 178 of 2 October 2020), and submit the relevant questionnaires and documentations set out in the aforementioned act. Such information, which applies regardless of the size and complexity of the bank, includes:

• information on the proposed acquisition (eg, aim and expectations of the proposed acquirer);
• information on the natural or legal person (including general information as well as information to assess the financial position and creditworthiness of the proposed acquirer);
• in the case of a natural person, direct or indirect holdings in legal entities and management positions;
• suitability of the natural person or legal entity (eg, criminal records or administrative proceedings);
• financing of the proposed acquisition (including the source);
• in the case of a legal entity, the members of the board of directors and persons that effectively direct the business of the acquiring legal entity; and
• in the case of a legal entity, information on the shareholding structure of the legal entity and determination of beneficial owner.

What is the typical time frame for regulatory approval for both a domestic and a foreign acquirer?

The typical time frame for regulatory approval for a proposed acquirer is as follows:

• the proposed acquirer submits a notification (ie, complete file) to the BoG;
• the BoG will acknowledge receipt upon receiving the notification by the proposed acquirer within two working days;
• the BoG will assess the proposed acquisition within 60 working days of the date of written acknowledgment of the receipt (the assessment period); and
• the BoG may request further information necessary to complete its assessment during the assessment period and no later than the 50th working day of this period – in this case, the assessment period may be extended to either up to 80 days for domestic acquirers or up to 90 days for foreign acquirers.

The BoG and the ECB may set a maximum period for concluding the proposed acquisition and extend it where appropriate. The approval of a proposed acquirer will take less time if the proposed acquirer has already been assessed and approved by the regulators in a previous qualifying holding process and, depending on the circumstances, the proposed acquirer may provide only those pieces of information that have changed since the previous assessment or a declaration.

Are there any notable recent regulatory trends or developments affecting M&A and changes in control in the banking sector?

Greek banks are required to reduce their NPE ratios and enhance their capital adequacy, including their organic profitability. In order to achieve the enhancement of their capital adequacy, it is probable that less significant credit institutions in Greece will explore potential mergers, which would result in banks providing more diversified and competitive services to individuals and businesses, especially SMEs. Certain less significant credit institutions are already holding discussions around potential mergers and acquisitions.

On the other hand, Greek systemic banks continue the current trend of sale of their non-banking sectors (real estate servicing, off-site ATMs, etc) through spin-offs or asset sales to non-regulated entities.

Update and trends

Are there any emerging trends or hot topics in banking regulation in your jurisdiction?

Greek banks have already sold and transferred several non-performing loan (NPL) portfolios to special purpose companies, with the servicing of such portfolios being assigned to licensed credit servicing companies. The trend to reduce NPLs has been accelerated mainly through securitisation transactions and on the back of an intra-group transfer of NPLs from a systemic bank by way of a hive down.

After the first successful round of the Hellenic Asset Protection Scheme (HAPS) under the HAPS Law (in which a guarantee of the Greek state was provided on the senior notes of a series of securitisation transactions in the Greek market), the duration of the HAPS Law was extended until 9 October 2022 (with a new budget of an overall notional amount of guarantees of up to €12 billion) in accordance with a European Commission decision dated 9 April 2021. Further amendments were introduced in 2021 to improve the application of the HAPS Law.

In addition, Directive (EU) No. 2021/2167, which provides a harmonised framework for credit servicers and credit purchasers, has been adopted at the EU level. Member states are expected to adopt measures implementing this directive by 29 December 2023 and to apply those measures from 30 December 2023.

Although the Payment Services Directive 2 (PSD2) has been a paradigmatic shift for the regulation of payment services, the European Banking Authority (EBA) has identified a number of shortcomings. The European Union launched a consultation to assess whether the PSD2 is still appropriate, or whether any amendments should be adopted.

An upcoming proposal for the revision of PSD2 will aim, among other things, at contributing to further harmonisation and consistent application of the legal requirements, avoiding regulatory arbitrage and ensuring a level playing field between the different types of payment service providers. The revision of PSD2 (PSD3) will focus on consumer protection and rules in relation to strong customer authentication to tackle different types of fraud, while the E-Money Directive is anticipated to be merged with PSD2.

Apart from the revision of PSD2, at the end of October 2022 the EU Commission unveiled a proposal for a regulation amending Regulations (EU) Nos. 260/2012 and 2021/1230 regarding instant credit transfers in euros to force credit institutions to offer instant payments in euros at no extra cost and enable the transfer of money at any time and very speedily.

The shift towards a greener and more sustain­able economy has become a key priority at a global and EU level. Following the publication of the 2030 Agenda for Sustainable Develop­ment by the UN General Assembly in 2015, setting out the core sustainable development goals (SDGs), the EU Commission took into account these SDGs for the next steps towards a sustainable EU future, and presented the Euro­pean Green Deal in 2019 – the European green investment plan aiming to establish a framework to facilitate public and pri­vate investments needed for the transition to a climate-neutral, green, competitive and inclusive economy.

Various pieces of legislation and other initia­tives in relation to sustainable finance and environmental, social and corporate governance (ESG) factors have also been published at the EU level. ESG has evolved and moved from the sidelines to the forefront of decision-making for an increasing number of credit institutions and investors when making investment decisions in the financial sector. This leads to increased longer-term investments into sustainable eco­nomic activities and projects.

In the banking sector the main regulatory and legislative initiatives are the following.

The most important initiatives for the bank­ing system include, among other things, the United Nations Environment Programme Finance Initiative and, in particular, the Principles of Responsible Banking and the Network for Greening the Financial System. In addition, the Basel Committee adopts initiatives to more actively involve the finan­cial system in the sustain­able transition.

The Principles of Responsible Banking have been adopted by the Greek systemic credit institutions (Piraeus Bank, Alpha Bank, Eurobank and National Bank of Greece), which are founding members. The Principles determine the role and responsibilities of the banking sector in the collective effort to shape a sustainable future, and the Greek credit institutions that have adopted such principles have committed to play a significant role in promoting actions to this end and to harmonise their activities with the global SDGs and the Paris Agreement on climate change.

In addition, the Basel Committee on Banking Supervision has advanced work on addressing climate-related financial risks and, during the summer of 2022, published the principles for the effective management and supervision of climate-related financial risks. In addition, the Financial Stability Board created the Task Force on Climate-Related Financial Disclosures (TCFD) to improve and increase the reporting of climate-related financial information.

After setting sustainable development as a key pillar of its strategy, the European Union is aiming to become the first climate-neutral continent. It is already developing a strategy to achieve this goal while aligning its funding framework with the global SDGs.

The European Union has developed a targeted framework of action to finance sustainable growth (the EU Action Plan on Financing Sustainable Growth) structured around three main pillars (with 10 sub-actions): reorienting capital flows towards a more sustainable economy; mainstreaming sustaina­bility into risk management; and fostering trans­parency and long-termism.

In the framework of the European Green Deal, the European Union urges businesses and public authorities to orient themselves towards economic activi­ties that have a lasting positive impact on the environment and that are either environmentally sustainable or contribute to the transformation of activities to become environmentally sustain­able. In this respect, companies (including credit institutions) are already subject to extensive non-financial disclosure requirements and need (or will need) to comply with additional disclosure and organisational requirements in light of the Taxonomy Regulation (EU) No. 2020/852 and include in their non-financial disclosures infor­mation on how and to what extent their activi­ties are associated with economic activities that qualify as environmentally sustainable.

The Tax­onomy Regulation has been supplemented by delegated acts, noting that the EU Commission had to come up with the actual list of environ­mentally sustainable activities by defining tech­nical screening criteria for each environmental objective through delegated acts. In addition, Regulation (EU) No. 2019/2088, as amended by the Taxonomy Regulation and Regulation (EU) No. 2019/2089 on sustainability benchmarks should be taken into account in the ESG framework. As of 2022, and in accordance with the aforemen­tioned legislation (including the EBA technical standards), EU credit institutions must disclose information on ESG issues.

The European Union has launched numerous initiatives for financ­ing the green and sustainable economy and for the support of the EU goal to be carbon neutral by 2050 (eg, the EIB Group Climate Bank Roadmap 2021-2025 and the European Bank for Reconstruction and Development’s Green Econ­omy Transition approach).

Credit institutions, like other financial sector par­ticipants, must adjust their business models and develop plans to align their balance sheets with this transition to the sustainable economy, as well as to monitor and comply with the ESG legislative developments.

In November 2020, the European Central Bank (ECB) published a guide on climate-related and environmental risks (supervisory expectations relating to risk management and disclosure); however, following a supervisory assessment of credit institutions’ climate-related and environmental risk disclosures, it concluded (according to its report of March 2022) that banks do not fully meet its expectations on climate and environmental risks disclosure. Supervisors informed credit institutions of shortcomings and published examples of good practice. The focus of the ECB in the ESG field, and in particular climate-related and environmental risks, is included in the list of its three priorities for the years 2023 to 2025. In January 2023, the ECB published new climate-related statistical indicators to narrow the climate data gap.

The EBA also published a report on management and supervision of ESG risks for credit institutions and investment firms (EBA/ REP/2021/18), which provides credit institutions with common definitions of ESG risks and their transmission channels and identifies evaluation methods that are needed for effective risk management. In early 2022, the EBA also published binding standards on Pillar Three disclosures on ESG risks to ensure that stakeholders are well informed on credit institutions’ ESG exposures, risks and strategies and can make informed decisions and exercise market discipline.

One of the most significant legislative initiatives is the EU banking package (the Capital Requirements Directive 6 and the Capital Requirements Regulation (EU) No. 575/2013) implementing the Basel III framework, which will, among other things, ensure the European Union’s transition to climate neutrality. The European Union has also published a proposal for a regulation on European green bonds.

Article 151 of Law 4548/2018 (transposing article 19a of Directive 2013/34/EU, as amended by Directive 2014/95/EU (NFRD)) provides that large undertakings that are public interest entities (including banks) with more than 500 employees must disclose in their management report (which must be published along with the annual financial statements on the General Commercial Register) a non-financial statement containing information to the extent necessary for an understanding of the undertaking’s development, performance, position and impact of their activities in relation to, at least, environmental, social and labour issues, human rights and anti-corruption and bribery matters, including:

• a brief description of the undertaking’s business model;

• a description of the policies pursued by the undertaking in relation to those matters, including its due diligence processes;
• the outcome of those policies;
• the principal risks related to those matters linked to the undertaking’s operations, including, where relevant and proportionate, its business relationships, products or services that are likely to cause adverse impacts in those areas, and how the undertaking manages those risks; and
• non-financial key performance indicators relevant to the particular business.

Where the undertaking does not pursue policies in relation to one or more of those matters, the non-financial statement should provide a clear and reasoned explanation for not doing so.

On 14 December 2022, Directive (EU) No. 2022/2464 was published, amending, among other things, the NFRD in respect of corporate sustainability reporting (CSRD) and the existing reporting requirements of the NFRD. CSRD extends the scope of reporting to all large undertakings and all undertakings except micro undertakings, whose securities are admitted to trading on a regulated market in the European Union.

This new directive modernises and strengthens the rules about the social and environmental information that companies must report. CSRD will ensure that investors and other stakeholders have access to the information they need to assess investment risks arising from climate change and other sustainability issues. Companies subject to the CSRD will have to report in accordance with the European Sustainability Reporting Standards.

In general, Greece follows the path adopted by the European Union, since the majority of the provisions are adopted in the form of regulations that are directly applicable throughout the European Union. In addition, in 2021, the Bank of Greece (BoG) established the Climate Change and Sustainability Centre to continue the work being done in previous years, when the Climate Change Impacts Study Committee was set up. The focus of the BoG is turning towards the compliance of credit institutions with ESG principles and requirements, taking into account the reports and guidelines of EU regulators.

In addition, the first Greek climate law (Law 4936/2022) was enacted in May 2022, aiming at establishing a coherent framework for improving the climate resilience of Greece. This is the first attempt of the Greek legislator to set forth binding measures concerning a wide array of industries and sectors, both public and private, in an effort to reduce carbon emissions and reach carbon neutrality by 2050. Under the new law, a wide list of undertakings, including credit institutions, are bound by carbon reporting obligations. The reports will be uploaded on a publicly accessible electronic database operated by the Organisation of Natural Environment and Climate Change (with 2022 as a reference year).

Coronavirus

35What emergency legislation, relief programmes and other initiatives specific to your practice area has been implemented to address the pandemic? Have any existing government programmes, laws or regulations been amended to address these concerns? What best practices are advisable for clients?

Law stated date

Give the date on which the information above is accurate.

Unprocessed questions

Updates and trends