LogoRegulatory Alerts
2018-06-20 | 120666

Instruction on the Implementation of Banking Supervision

The National Bank of the Kyrgyz Republic issues this Instruction to establish the legal framework and operational procedures for banking supervision, including risk-oriented oversight and on-site inspections. It mandates that supervised entities, such as commercial banks and microfinance companies, provide unrestricted access to data, infrastructure, and personnel while maintaining strict record-keeping and reporting obligations. The document defines the scope, frequency, and methodologies for both comprehensive and targeted inspections to ensure financial stability, regulatory compliance, and effective risk management within the banking sector.

National Bank of the Kyrgyz Republic logo

Kyrgyzstan

National Bank of the Kyrgyz Republic

Click to view thumbnail

Back

Print Version

Creation Date: 2024-07-26

Appendix to the Resolution of the Board of the National Bank of the Kyrgyz Republic of June 20, 2018 No. 2018-P-12/24-2-(NPA)

INSTRUCTION

on the implementation of banking supervision

(In the edition of the Resolutions of the Board of the NB KR of August 14, 2019 No. 2019-P-12/42-1, November 25, 2020 No. 2020-P-12/67-2, July 14, 2021 No. 2021-P-12/38-3, December 28, 2022 No. 2022-P-12/83-7, January 17, 2024 No. 2024-P-12/1-3, May 15, 2024 No. 2024-P-12/22-1, July 5, 2024 No. 2024-P-12/28-2-(NPA))

Chapter 1. General Provisions

  1. In accordance with the Constitutional Law of the Kyrgyz Republic "On the National Bank of the Kyrgyz Republic" and the Law of the Kyrgyz Republic "On Banks and Banking Activity", the National Bank of the Kyrgyz Republic (hereinafter - the National Bank) conducts banking supervision and establishes regulatory standards to ensure the stability and reliability of the banking system of the Kyrgyz Republic, protect the interests of depositors, other consumers, and other creditors, and ensure compliance with the banking legislation of the Kyrgyz Republic.

(In the edition of the Resolution of the Board of the NB KR of December 28, 2022 No. 2022-P-12/83-7)

  1. The National Bank's supervision system consists of two main types of supervisory activities that complement and support each other: the implementation of external supervision and inspectorate inspections.

  2. This Instruction on the implementation of banking supervision (hereinafter - the Instruction) defines the basic principles of external supervision, the objectives and types of inspectorate inspections of the activities of commercial banks, microfinance companies attracting deposits, and JSC "Financial Company of Credit Unions".

Furthermore, this Instruction establishes mandatory requirements imposed on banks in connection with the conduct of external supervision and inspectorate inspections of their activities.

(In the edition of the Resolution of the Board of the NB KR of January 17, 2024 No. 2024-P-12/1-3)

  1. For the purposes of this Instruction, the following definitions are used:

  • banks - commercial banks, microfinance companies attracting deposits, JSC "Financial Company of Credit Unions";

  • risk-oriented supervision of banks (hereinafter - ROS) - a supervisory approach designed to identify key risks in the activities and practices of banks in order to preserve their safety and stability, and consequently aimed at assessing how the bank manages these risks (Appendix 6);

  • curator/institutional inspector (of a bank) - an authorized employee of the National Bank who, in accordance with assigned functional duties, conducts banking supervision over the activities of supervised organizations assigned to his/her responsibility;

  • inherent risk - is the exposure to risk in the absence of any control measures;

  • net risk - is defined as inherent risk after risk reduction due to the quality of risk management;

  • bank risk profile - is a summary of all types of risks and their levels acceptable for the bank (holding company/affiliated bank), which reflects all key issues in the activities of the bank (holding company/affiliated bank) and conclusions based on the current (last updated) assessment of available information on these risks;

  • aggregate bank rating - is the overall assessment of the bank's risk profile after considering the results of the assessment of its management, profitability, and capital from the perspective of net risk;

  • financial intelligence body - an authorized state body of the Kyrgyz Republic in the field of counteracting the financing of terrorist activities and the legalization (money laundering) of criminal proceeds.

(In the edition of the Resolutions of the Board of the NB KR of August 14, 2019 No. 2019-P-12/42-1, December 28, 2022 No. 2022-P-12/83-7, January 17, 2024 No. 2024-P-12/1-3, May 15, 2024 No. 2024-P-12/22-1)

Chapter 2. Banking Supervision

  1. Banking supervision is a set of measures by the National Bank regarding planning, inspecting, monitoring, evaluating, and interacting, providing for cooperation between the supervisory authority and the bank. The National Bank develops a supervision strategy for each bank, combining conducted comprehensive and targeted inspectorate inspections with external supervision.

The risk-oriented approach within the National Bank's supervision of bank activities includes risk assessment, quantitative and qualitative analysis, based in part on the professional judgment of inspectors, an individual approach to the bank taking into account its nature, risk profile, and significance, as well as ensuring an effective distribution of supervisory resources for their most effective use. At each stage of the supervisory cycle, the National Bank, through authorized subdivisions, assesses how effectively the bank's management identifies, measures, controls, and manages its risks.

  1. Interaction and information exchange between the National Bank and banks are important components of banking supervision. The National Bank adheres to the principle of constant and effective cooperation with banks under its supervision. Interaction is carried out in the form of negotiations, meetings, correspondence when reviewing the report on the results of an inspectorate inspection and the results of external supervision, as well as based on other written documents.

  2. To discuss current bank issues, curators/institutional inspectors may meet with the executive management of the bank, as well as with the board of directors/board member of the bank (as necessary), but no less than once a year. Meetings may be documented if necessary.

The subject of discussion may include:

  • financial condition indicators and emerging trends;

  • significant issues concerning the bank and the banking system as a whole, as deemed by the executive body or the board of directors of the bank;

  • implementation of measures to prevent/correct deficiencies and negative consequences;

  • adequacy of management information and effectiveness of bank management;

  • possible changes in the risk profile of the bank (holding company/affiliated bank);

  • future supervisory activities;

  • measures taken by the bank to inform the public;

  • other issues.

Furthermore, curators/institutional inspectors may meet with the bank's external auditors as necessary, but no less than once a year, and participate in general meetings of shareholders (annual/extraordinary).

When holding a general meeting of shareholders, the bank must notify the National Bank 5 (five) working days before the meeting by sending the agenda and materials of the general meeting of shareholders in 2 (two) copies. During the general meeting of shareholders, copies of the attendance sheet and proxies of shareholders (if any) must be presented to the curators.

Within the framework of banking supervision, the head of the corresponding subdivision of the National Bank sends via corporate email to the chairman/deputy chairman of the board of the bank the data of the curator/institutional inspector of that particular bank (Full Name, email address, phone numbers, position), information on the necessity of providing data requested by the curator/institutional inspector in any available form, including via email.

To assess risks in the banking system, the curator/institutional inspector may send requests to the bank for the provision of necessary information (statistical data, tables, questionnaires for assessing banking risks, etc.). At the same time, the curator/institutional inspector sends requests to the bank only on issues related to the functions of supervision over the bank's activities.

Requests sent by the head of the corresponding subdivision of the National Bank via email from the National Bank domain (*@nbkr.kg or *@nbkr.banks.kg) within the framework of carrying out supervisory functions with notification of the curator/institutional inspector of the bank are equated to requests from the curator/institutional inspector of the bank.

If it is necessary for the curator/institutional inspector to visit the bank, the bank must provide access to the bank's premises, necessary documentation, materials, and banking records. In the presence of an authorized employee of the bank, the bank must provide access to technical infrastructure (the bank's automated system, documentation on the system, including documentation on the results of test runs, databases of payment systems, including SWIFT), with the exception of information about access codes (passwords, PIN codes) of users and clients to automated systems and other similar information.

The bank, its shareholders, officials, and other employees, as well as persons associated with the bank, are obliged to timely submit reports, documents, and any information upon request by the National Bank.

The bank is obliged to ensure proper protection and storage of correspondence via corporate email and any other corporate electronic messaging means of the bank's management, employees of structural subdivisions responsible for managing assets and liabilities, credit and operational activities, the bank's compliance control service, the official for counteracting the financing of terrorist activities and the legalization (money laundering) of criminal proceeds (hereinafter - AML/CFT), as well as key employees of the bank for 3 (three) years by creating backups.

In the event of the dismissal of an employee included in the above list, his/her correspondence must be stored by the bank for 3 (three) years from the date of the employee's dismissal.

The bank regulates in its internal documents the definitions of "corporate email", "corporate electronic messaging means", "official correspondence", as well as the procedure for carrying out correspondence via corporate email and any other corporate electronic messaging means.

(In the edition of the Resolutions of the Board of the NB KR of November 25, 2020 No. 2020-P-12/67-2, December 28, 2022 No. 2022-P-12/83-7)

  1. External supervision of banks is carried out remotely, on a continuous basis, through the analysis of bank activities based on submitted reports and other information, as well as interaction with the bank's management bodies on the main areas of the bank's activity.

External supervision of banks is a continuous activity of banking supervision, which includes at least the following:

  • monitoring and assessment of changes in financial condition within periodic reporting;

  • observation of changes in the risk profile taking into account previous results of internal and external audits, inspectorate inspections, and current data;

  • ensuring timely identification of changes in the financial structure and performance indicators using early warning systems and stress testing based on available information;

  • follow-up actions and analysis of financial changes in the bank and in the banking system as a whole;

  • monitoring and assessment of changes in the business plan and business strategy.

  1. In carrying out banking supervision, special attention is paid to the assessment of bank management processes, as the scale and degree of the bank's operations and transactions depend on the quality of management and management methods, as well as the significance of the activities and operations being checked. Checking the bank's operations and transactions is a reliable and necessary tool for assessing the overall state of the bank and determining the degree of compliance with internal policies, procedures, and internal control.

Note. Within the framework of this Instruction, checking operations and transactions implies not only reconciling internal accounting records with regulatory and financial reporting, comparing daily operations with the requirements of policies and procedures (to assess compliance with internal procedures), but also other verification procedures, such as, for example, checking and assessing the quality of individual loans and investments, etc.

  1. The National Bank conducts banking supervision of bank activities on the organization of internal control, including for AML/CFT purposes, and sends information about its results to the financial intelligence body.

(In the edition of the Resolution of the Board of the NB KR of November 25, 2020 No. 2020-P-12/67-2)

Chapter 3. Objectives of Conducting Inspectorate Inspections

  1. The main objectives of conducting inspections of the bank's activities are:

  • study and assessment of the level, nature, and features of inherent risks in the bank's activities that may hinder stable and safe operations, taking into account the risk profile;

  • study, assessment of effectiveness and quality of the bank's corporate governance structure and internal control taking into account the nature of its business and risks;

  • assessment of risk management systems and processes, paying special attention to identifying weak/vulnerable areas that may affect the adequacy of the bank's capital and liquidity;

  • determination of the reliability of the bank's financial and regulatory reporting, as well as study of the bank's financial condition;

  • assessment of the bank's compliance with directives, requirements, and recommendations of the National Bank;

  • assessment of the bank's compliance with banking legislation norms and AML/CFT legislation norms;

  • development of recommendations to prevent identified negative trends in the bank's activities, to eliminate identified violations, deficiencies, improve the bank's condition, reduce the bank's net risk, and, if necessary, develop preventive measures and enforcement measures;

  • conducting a review of key risks, as well as studying the risk control and management function;

  • fulfillment by the bank of other duties and requirements established by banking legislation and AML/CFT legislation.

(In the edition of the Resolution of the Board of the NB KR of August 14, 2019 No. 2019-P-12/42-1)

Chapter 4. Types of Inspectorate Inspections

  1. Inspectorate inspections, depending on the set goals and tasks, can be comprehensive and targeted. Upon identification of violations, deficiencies, and risky practices, appropriate enforcement measures and/or recommendations (constructive and justified comments and proposals of the supervisory authority, drawn up to inform the bank's management about identified problems and issues requiring attention) on risk reduction, assessment of the bank's risk profile, its individual components, may be applied to the bank, and in case of necessity, the bank's supervision strategy may be revised.

Comprehensive inspections cover a wide range of risks and activities of the relevant bank to ensure a holistic view of the bank's risk profile.

Targeted inspections focus on specific areas of the bank's work, for example, on a specific product (for example, a credit card), function (for example, internal audit), or risk (for example, credit risk, AML/CFT risk), etc.

(In the edition of the Resolution of the Board of the NB KR of August 14, 2019 No. 2019-P-12/42-1)

  1. The scope and frequency of inspectorate inspections are determined taking into account the overall supervision strategy and the characteristics of the bank (size, nature of activities, risk profile, identified deficiencies, etc.). In addition to the inspections defined above, targeted inspections may be conducted in response to an event or incident arising in the bank that requires immediate supervisory action. If necessary, follow-up inspections may be conducted to assess the bank's progress in implementing corrective actions or measures defined in the previous planned or targeted inspection.

The term of the inspectorate inspection is specified in the directive on the inspection of the bank's activities (Appendix 2) and is established depending on:

  • type of inspection;

  • significance and risk profile of the bank;

  • scope and specifics of operations conducted by the bank.

At the same time, the total term of conducting an inspectorate inspection cannot exceed 60 working days.

  1. In accordance with the National Bank's policy on the implementation of ROS, a comprehensive inspection is conducted to assess all elements of the bank's risk profile (credit risk, market risk, liquidity risk, operational risk, AML/CFT risk, compliance risk, quality of risk management, net risk, capital, profitability, and management) according to the planned volume of work and includes the study of all types of the bank's activities. A comprehensive inspection covers at least the following elements:

  • study of the bank's ownership structure and group structure, study of its corporate governance;

  • analysis of the bank's financial position, capital adequacy, profitability level, liquidity structure;

  • study of the bank's strategic documents, business model, corporate culture/behavior;

  • study of main categories of inherent risk (credit, market, interest rate, liquidity, operational, AML/CFT, and compliance risk) and quality of risk management (strategies and policies, processes and procedures, control means, and personnel);

  • verification of the reliability of information submitted by the bank within the framework of periodic regulatory banking reporting (hereinafter - PRBR), published in financial reports, as well as other printed information. This procedure may also include checking the completeness and accuracy of data/reports sent by banks to the credit (credit) bureau.

The report based on the results of a comprehensive inspection within the framework of ROS includes (but is not limited to) the following issues:

  • credit risk;

  • market risk;

  • liquidity risk;

  • operational risk;

  • compliance risk;

  • AML/CFT risk;

  • management;

  • profitability;

  • capital adequacy;

  • internal control, risk management, and external audit;

  • verification of information provided in banking regulatory and financial reports and information published for the general public;

  • verification of transactions for the acquisition/disposal of shares of the bank, as well as the process of increasing/decreasing the amount of share capital for compliance with legislation;

  • review of foreign currency operations to determine the level of risks associated with operations conducted in foreign currency and to assess exchange rate risk management;

  • consideration of the bank's off-balance sheet activities to determine the level of risks associated with off-balance sheet operations and to assess risk management.

(In the edition of the Resolution of the Board of the NB KR of August 14, 2019 No. 2019-P-12/42-1)

  1. Conducting a targeted inspection may be caused by the need for a more thorough consideration of a particular aspect of the bank's activities.

Targeted inspections can be planned or unplanned (special).

  1. Inspections can be both with prior notification of the bank and sudden (without prior notification of the upcoming inspection). In the event of a sudden inspection, the directive on the inspection is presented to the bank directly at the moment the inspection group arrives at the bank.

  2. Conducting sudden inspections may also be carried out in cases where:

  • based on the submitted reporting and other information, negative trends have been identified that may lead to a deterioration of the bank's financial condition;

  • circumstances in the bank's activities do not comply with the legislation of the Kyrgyz Republic;

  • prior notification of the bank about the upcoming inspection does not contribute to the effective achievement of the goals of sudden inspections (for example, checking cash discipline, etc.).

The National Bank has the right to initiate sudden inspections in the presence of other grounds.

  1. In the event that the inspection is not sudden, the head of the inspection sends a notification letter to the bank with an attached List of Necessary Documents (Appendix 1) no later than 10 working days before the start of the inspection, at the same time, the directive on the inspection (Appendix 2) is presented upon arrival at the bank. The List of Necessary Documents specified in Appendix 1 is not final and may be supplemented/changed depending on the significance and risk profile of the bank.

  2. Branches/savings offices of the bank may be subject to separate inspections.

Chapter 5. Conducting an Inspectorate Inspection

  1. The head of the inspection holds a meeting with the Chairman of the Board of the bank (or the person performing his/her duties)/head of the branch, savings office, in order to:

  • hand over the directive on the inspection, as well as inform about the scale and tasks of the inspection;

  • discuss the process of conducting the inspection;

  • introduce the inspectors with indication of the areas of their work;

  • determine the procedure for contacting the bank's management and employees;

  • answer the bank's management's questions regarding the upcoming inspection.

  1. Upon receipt of the notification letter from the National Bank about the upcoming inspection, the bank is obliged to present on the first day of the inspection all documents that were listed in the List attached to the notification letter.

The bank provides originals of documents in exceptional cases. If it is impossible to provide originals for objective reasons, the bank provides copies of documents certified by an official and the bank's seal. Upon request by the inspection group, the bank provides electronic versions of the documents requested by the inspectors.

  1. During the inspectorate inspection, the bank's management and personnel must provide the inspection group (inspectors) with comprehensive assistance and ensure the fulfillment of the following conditions:

  • free access to the bank's premises, to any bank employee, documentation in the format requested by the inspectors within the established deadlines, including banking records, in the presence of an authorized employee of the inspected bank - to technical infrastructure (the bank's automated systems, documentation on the system, including documentation on the results of test runs, databases of payment systems, including SWIFT), necessary for conducting the inspectorate inspection, with the exception of information about access codes (passwords, PIN codes) of users and clients to automated systems;

  • provision of an electronic copy (backup files in a widely used format when working with bank databases) of complete and reliable information from the bank's automated banking system on any type of the bank's activities, including deposit, credit, payment, treasury activities, as well as work with corporate securities for any specified period, with the exception of information about access codes (passwords, PIN codes) of users and clients to automated systems;

  • provision of an electronic copy of complete and reliable information about all financial operations of the bank conducted through the SWIFT system, including statements on correspondent accounts of banks-correspondents for the date requested by the inspectors, as well as for other payment systems used by the bank and affecting correspondent accounts;

  • provision upon request of the head of the inspection group access to viewing corporate email and any other corporate electronic messaging means of bank employees specified in paragraph 7 of this Instruction, including dismissed ones. At the request of the head of the inspection group, information and documents contained in corporate email and any other corporate electronic messaging means must be printed and certified by an official and the bank's seal;

  • timely receipt by inspectors of all necessary oral and written information;

  • provision to the inspection group of a separate room in the bank, in which there are no audio and video devices providing video and audio recording, and to prevent any attempts by third parties to install audio and video equipment in the room provided to the inspection group, and to immediately report this to the head of the inspection. In case of violation of these requirements, bank employees, including bank management, will bear responsibility in accordance with the legislation of the Kyrgyz Republic;

  • ensuring by the bank the safe storage of documents of the bank and the National Bank, as well as ensuring equipment and technology necessary for conducting the inspection;

  • provision to the inspection group of access rights to automated banking systems with the ability to

Share