Instruction on the Implementation of Banking Supervision

Back

Print Version

Creation Date: 2025-08-20

Appendix to the Resolution of the Board of the National Bank of the Kyrgyz Republic of June 20, 2018 No. 2018-P-12/24-2-(NPA)

INSTRUCTION on the Implementation of Banking Supervision

(As amended by Resolutions of the Board of the National Bank of the Kyrgyz Republic of August 14, 2019 No. 2019-P-12/42-1, November 25, 2020 No. 2020-P-12/67-2, July 14, 2021 No. 2021-P-12/38-3, December 28, 2022 No. 2022-P-12/83-7, January 17, 2024 No. 2024-P-12/1-3, May 15, 2024 No. 2024-P-12/22-1, July 5, 2024 No. 2024-P-12/28-2)

Chapter 1. General Provisions

1. In accordance with the Constitutional Law of the Kyrgyz Republic "On the National Bank of the Kyrgyz Republic" and the Law of the Kyrgyz Republic "On Banks and Banking Activity", the National Bank of the Kyrgyz Republic (hereinafter - the National Bank) conducts banking supervision and establishes regulatory standards to ensure the stability and reliability of the banking system of the Kyrgyz Republic, protect the interests of depositors, other consumers, and other creditors, and ensure compliance with the banking legislation of the Kyrgyz Republic.

(As amended by Resolution of the Board of the National Bank of the Kyrgyz Republic of December 28, 2022 No. 2022-P-12/83-7)

2. The National Bank's supervision system consists of two main types of supervisory activities that complement and support each other: the implementation of external supervision and inspectorate checks.

3. This Instruction on the Implementation of Banking Supervision (hereinafter - the Instruction) defines the basic principles of external supervision, the objectives and types of inspectorate checks of the activities of commercial banks, microfinance companies attracting deposits, and JSC "Financial Company of Credit Unions".

Furthermore, this Instruction establishes mandatory requirements imposed on banks in connection with the conduct of external supervision and inspectorate checks of their activities.

(As amended by Resolution of the Board of the National Bank of the Kyrgyz Republic of January 17, 2024 No. 2024-P-12/1-3)

4. For the purposes of this Instruction, the following definitions are used:

• banks - commercial banks, microfinance companies attracting deposits, JSC "Financial Company of Credit Unions";

• risk-oriented supervision of banks (hereinafter - ROS) - a supervisory approach designed to identify key risks in the activities and practices of banks to preserve their safety and stability, and consequently aimed at assessing how the bank manages these risks (Appendix 6);

• curator/institutional inspector (of a bank) - an authorized employee of the National Bank who, in accordance with assigned functional duties, conducts banking supervision over the activities of supervised organizations assigned to their responsibility;

• inherent risk - exposure to risk in the absence of any control measures;

• net risk - defined as inherent risk after risk reduction due to the quality of risk management;

• bank's risk profile - a summary of all types of risks and their levels acceptable for the bank (holding company/affiliated bank), reflecting all key issues in the activities of the bank (holding company/affiliated bank) and conclusions based on the current (last updated) assessment of available information on these risks;

• consolidated bank rating - a general assessment of the bank's risk profile after considering the results of the assessment of its management, profitability, and capital from the perspective of net risk;

• financial intelligence unit - an authorized state body of the Kyrgyz Republic in the field of combating the financing of terrorist activities and the legalization (money laundering) of criminal proceeds.

(As amended by Resolutions of the Board of the National Bank of the Kyrgyz Republic of August 14, 2019 No. 2019-P-12/42-1, December 28, 2022 No. 2022-P-12/83-7, January 17, 2024 No. 2024-P-12/1-3, May 15, 2024 No. 2024-P-12/22-1)

Chapter 2. Banking Supervision

5. Banking supervision is a set of measures by the National Bank regarding planning, inspection, monitoring, evaluation, and interaction, involving cooperation between the supervisory authority and the bank. The National Bank develops a supervision strategy for each bank, combining comprehensive and targeted inspectorate checks with external supervision.

The risk-oriented approach within the National Bank's supervision of bank activities includes risk assessment, quantitative and qualitative analysis, based in part on the professional judgment of inspectors, an individual approach to the bank taking into account its nature, risk profile, and significance, and ensures an effective distribution of supervisory resources for their most efficient use. At each stage of the supervisory cycle, the National Bank, through authorized subdivisions, assesses how effectively the bank's management identifies, measures, controls, and manages its risks.

6. Interaction and information exchange between the National Bank and banks are important components of banking supervision. The National Bank adheres to the principle of constant and effective cooperation with banks under its supervision. Interaction is carried out in the form of negotiations, meetings, correspondence when considering reports on the results of inspectorate checks and external supervision, as well as based on other written documents.

7. To discuss current bank issues, curators/institutional inspectors may meet with the executive management of the bank, as well as with the board of directors/board member of the bank (as necessary), but no less than once a year. Meetings may be documented if necessary.

The subject of discussion may include:

• financial condition indicators and emerging trends;

• significant issues concerning the bank and the banking system as a whole, as deemed by the executive body or the board of directors of the bank;

• implementation of measures to prevent/correct deficiencies and negative consequences;

• adequacy of management information and effectiveness of bank management;

• possible changes in the risk profile of the bank (holding company/affiliated bank);

• future supervisory activities;

• measures taken by the bank to inform the public;

• other issues.

Furthermore, curators/institutional inspectors may meet with the bank's external auditors as necessary, but no less than once a year, and participate in general meetings of shareholders (annual/extraordinary).

When conducting a general meeting of shareholders, the bank must notify the National Bank 5 (five) working days prior to the meeting, sending the agenda and materials of the general meeting of shareholders in 2 (two) copies. During the general meeting of shareholders, copies of the attendance list and shareholder powers of attorney (if any) must be presented to the curators.

Within the framework of banking supervision, the head of the corresponding subdivision of the National Bank sends via corporate email to the chairman/deputy chairman of the board of the bank the data of the curator/institutional inspector of that bank (full name, email address, phone numbers, position), information on the necessity of providing data requested by the curator/institutional inspector in any available form, including via email.

To assess risks in the banking system, the curator/institutional inspector may send requests to the bank for the provision of necessary information (statistical data, tables, questionnaires for assessing banking risks, etc.). At the same time, the curator/institutional inspector sends requests to the bank only on issues related to the functions of supervision over the bank's activities.

Requests sent by the head of the corresponding subdivision of the National Bank via email from the National Bank domain (*@nbkr.kg or *@nbkr.banks.kg) within the framework of supervisory functions with notification of the curator/institutional inspector of the bank are equated to requests from the curator/institutional inspector of the bank.

If it is necessary for the curator/institutional inspector to visit the bank, the bank must ensure access to the bank's premises, necessary documentation, materials, and banking records. In the presence of an authorized employee of the bank, the bank must ensure access to the technical infrastructure (the bank's automated system, documentation on the system, including documentation on the results of test runs, databases of payment systems, including SWIFT), with the exception of information about access codes (passwords, PIN codes) of users and clients to automated systems and other similar information.

The bank, its shareholders, officials, and other employees, as well as persons associated with the bank, are obliged to timely submit reports, documents, and any information upon request by the National Bank.

The bank is obliged to ensure proper protection and storage of correspondence via corporate email and any other corporate electronic messaging means of the bank's management, employees of structural subdivisions responsible for managing assets and liabilities, credit and operational activities, the bank's compliance control service, the official for combating the financing of terrorist activities and the legalization (money laundering) of criminal proceeds (hereinafter - AML/CFT), as well as key employees of the bank for 3 (three) years by creating backups.

In the event of the dismissal of an employee included in the above list, their correspondence must be stored by the bank for 3 (three) years from the date of the employee's dismissal.

The bank regulates in its internal documents the definitions of "corporate email", "corporate electronic messaging means", "official correspondence", as well as the procedure for conducting correspondence via corporate email and any other corporate electronic messaging means.

(As amended by Resolutions of the Board of the National Bank of the Kyrgyz Republic of November 25, 2020 No. 2020-P-12/67-2, December 28, 2022 No. 2022-P-12/83-7)

8. External supervision of banks is carried out remotely, on a continuous basis, through the analysis of bank activities based on submitted reports and other information, as well as interaction with the bank's management bodies on key areas of the bank's activities.

External supervision of banks is a continuous activity of banking supervision, which includes at least the following:

• monitoring and assessment of changes in financial condition within periodic reporting;

• observation of changes in the risk profile taking into account previous results of internal and external audits, inspectorate checks, and current data;

• ensuring timely identification of changes in financial structure and performance indicators using early warning systems and stress testing based on available information;

• follow-up actions and analysis of financial changes in the bank and in the banking system as a whole;

• monitoring and assessment of changes in the business plan and business strategy.

9. In carrying out banking supervision, special attention is paid to the assessment of bank management processes, as the scale and degree of the bank's operations and transactions depend on the quality of management and management methods, as well as the significance of the activities and operations being checked. Checking the bank's operations and transactions is a reliable and necessary tool for assessing the overall state of the bank and determining the degree of compliance with internal policies, procedures, and internal control.

Note. Within the framework of this Instruction, checking operations and transactions implies not only reconciling internal accounting records with regulatory and financial reporting, comparing daily operations with the requirements of policies and procedures (to assess compliance with internal procedures), but also other verification procedures, such as, for example, checking and assessing the quality of individual loans and investments, etc.

10. The National Bank conducts banking supervision over bank activities regarding the organization of internal control, including for AML/CFT purposes, and sends information about its results to the financial intelligence unit.

(As amended by Resolution of the Board of the National Bank of the Kyrgyz Republic of November 25, 2020 No. 2020-P-12/67-2)

Chapter 3. Objectives of Inspectorate Checks

11. The main objectives of conducting checks of the bank's activities are:

• studying and assessing the level, nature, and features of inherent risks in the bank's activities that may hinder stable and safe operations, taking into account the risk profile;

• studying and assessing the effectiveness and quality of the bank's corporate governance and internal control structure, taking into account the nature of its business and risks;

• assessing risk management systems and processes, paying special attention to identifying weak/vulnerable areas that may affect the adequacy of the bank's capital and liquidity;

• determining the reliability of the bank's financial and regulatory reporting, as well as studying the bank's financial condition;

• assessing the bank's compliance with directives, requirements, and recommendations of the National Bank;

• assessing the bank's compliance with banking legislation standards and AML/CFT legislation standards;

• developing recommendations to prevent identified negative trends in the bank's activities, to eliminate identified violations, deficiencies, improve the bank's condition, reduce the bank's net risk, and, if necessary, develop preventive measures and enforcement measures;

• conducting a review of key risks, as well as studying the risk control and management function;

• the bank's fulfillment of other duties and requirements established by banking legislation and AML/CFT legislation.

(As amended by Resolution of the Board of the National Bank of the Kyrgyz Republic of August 14, 2019 No. 2019-P-12/42-1)

Chapter 4. Types of Inspectorate Checks

12. Inspectorate checks, depending on the set goals and tasks, can be comprehensive and targeted. Upon identification of violations, deficiencies, and risky practices, appropriate enforcement measures and/or recommendations (constructive and justified comments and proposals of the supervisory authority, prepared to inform the bank's management about identified problems and issues requiring attention) on risk reduction, assessment of the bank's risk profile, its individual components, may be applied to the bank, and if necessary, the bank's supervision strategy may be revised.

Comprehensive checks cover a wide range of risks and activities of the respective bank to ensure a holistic view of the bank's risk profile.

Targeted checks focus on specific areas of the bank's work, for example, on a specific product (for example, a credit card), function (for example, internal audit), or risk (for example, credit risk, AML/CFT risk), etc.

(As amended by Resolution of the Board of the National Bank of the Kyrgyz Republic of August 14, 2019 No. 2019-P-12/42-1)

13. The scope and frequency of inspectorate checks are determined taking into account the overall supervision strategy and the characteristics of the bank (size, nature of activities, risk profile, identified deficiencies, etc.). In addition to the checks defined above, targeted checks may be conducted in response to an event or incident arising in the bank that requires immediate supervisory action. If necessary, follow-up checks may be conducted to assess the bank's progress in implementing corrective actions or measures defined in the previous planned or targeted check.

The term of the inspectorate check is specified in the directive for the check of the bank's activities (Appendix 2) and is established depending on:

• type of check;

• significance and risk profile of the bank;

• scope and specifics of operations conducted by the bank.

At the same time, the total term of the inspectorate check cannot exceed 60 working days.

14. In accordance with the National Bank's policy on implementing ROS, a comprehensive check is conducted to assess all elements of the bank's risk profile (credit risk, market risk, liquidity risk, operational risk, AML/CFT risk, compliance risk, quality of risk management, net risk, capital, profitability, and management) according to the planned scope of work, and includes the study of all types of the bank's activities. A comprehensive check covers at least the following elements:

• study of the bank's ownership structure and group structure, study of its corporate governance;

• analysis of the bank's financial position, capital adequacy, profitability level, liquidity structure;

• study of the bank's strategic documents, business model, corporate culture/behavior;

• study of main categories of inherent risk (credit, market, interest rate, liquidity, operational, AML/CFT, and compliance risk) and quality of risk management (strategies and policies, processes and procedures, control tools, and personnel);

• verification of the reliability of information submitted by the bank as part of periodic regulatory banking reporting (hereinafter - PRBR), published in financial reports, as well as other printed information. This procedure may also include checking the completeness and accuracy of data/reports sent by banks to the credit (credit) bureau.

The report based on the results of the comprehensive check within ROS includes (but is not limited to) the following issues:

• credit risk;

• market risk;

• liquidity risk;

• operational risk;

• compliance risk;

• AML/CFT risk;

• management;

• profitability;

• capital adequacy;

• internal control, risk management, and external audit;

• verification of information provided in banking regulatory and financial reports and information published for the general public;

• verification of transactions for the acquisition/disposal of shares of the bank, as well as the process of increasing/decreasing the share capital amount for compliance with legislation;

• review of foreign currency operations to determine the level of risks associated with operations conducted in foreign currency and to assess exchange rate risk management;

• consideration of off-balance sheet activities of the bank to determine the level of risks associated with off-balance sheet operations and to assess risk management.

(As amended by Resolution of the Board of the National Bank of the Kyrgyz Republic of August 14, 2019 No. 2019-P-12/42-1)

15. Conducting a targeted check may be caused by the need for a more thorough consideration of a particular aspect of the bank's activities.

Targeted checks may be planned or unplanned (special).

16. Checks may be conducted with prior notification of the bank, or suddenly (without prior notification of the upcoming check). In the event of a sudden check, the directive for the check is presented to the bank directly at the moment the inspection group arrives at the bank.

17. Conducting sudden checks may also be carried out in cases if:

• based on the submitted reporting and other information, negative trends have been identified that may lead to a deterioration of the bank's financial condition;

• circumstances in the bank's activities do not comply with the legislation of the Kyrgyz Republic;

• prior notification of the bank about the upcoming check does not contribute to the effective achievement of the goals of sudden checks (for example, checking cash discipline, etc.).

The National Bank has the right to initiate sudden checks on other grounds.

18. In the event that the check is not sudden, the head of the check sends a notification letter to the bank with an attachment of the List of Necessary Documents (Appendix 1) no later than 10 working days before the start of the check, at the same time, the directive for the check (Appendix 2) is presented upon arrival at the bank. The List of Necessary Documents specified in Appendix 1 is not final and may be supplemented/changed depending on the significance and risk profile of the bank.

19. Branches/savings offices of the bank may be subject to separate checks.

Chapter 5. Conducting the Inspectorate Check

20. The head of the check holds a meeting with the chairman of the Board of the bank (or the person acting in his capacity)/head of the branch, savings office, in order to:

• hand over the directive for the check, and also inform about the scale and tasks of the check;

• discuss the process of conducting the check;

• introduce the inspectors, indicating the areas of their work;

• determine the procedure for contacting the bank's management and employees;

• answer the bank's management's questions regarding the upcoming check.

21. Upon receipt of the notification letter from the National Bank about the upcoming check, the bank is obliged to present on the first day of the check all documents that were listed in the List attached to the notification letter.

The bank provides originals of documents in exceptional cases. If it is impossible to provide originals for objective reasons, the bank provides copies of documents certified by an official and the bank's seal. Upon request by the inspection group, the bank provides electronic versions of the documents requested by the inspectors.

22. During the inspectorate check, the bank's management and personnel must provide the inspection group (inspectors) with comprehensive assistance and ensure the fulfillment of the following conditions:

• free access to the bank's premises, to any bank employee, documentation in the format requested by the inspectors within the established deadlines, including banking records, in the presence of an authorized employee of the inspected bank - to the technical infrastructure (the bank's automated systems, documentation on the system, including documentation on the results of test runs, databases of payment systems, including SWIFT), necessary for conducting the inspectorate check, with the exception of information about access codes (passwords, PIN codes) of users and clients to automated systems;

• provision of an electronic copy (backup files in a widely used format when working with bank databases) of complete and reliable information from the bank's automated banking system on any type of the bank's activities, including deposit, credit, payment, treasury activities, as well as work with corporate securities for any specified period, with the exception of information about access codes (passwords, PIN codes) of users and clients to automated systems;

• provision of an electronic copy of complete and reliable information about all financial operations of the bank conducted through the SWIFT system, including statements on correspondent accounts of correspondent banks for the date requested by the inspectors, as well as for other payment systems used by the bank and affecting correspondent accounts;

• provision upon request of the head of the inspection group of access to view corporate email and any other corporate electronic messaging means of bank employees specified in paragraph 7 of this Instruction, including those who have been dismissed. Upon the request of the head of the inspection group, information and documents contained in corporate email and any other corporate electronic messaging means must be printed and certified by an official and the bank's seal;

• timely receipt by inspectors of all necessary oral and written information;

• provision to the inspection group of a separate room in the bank, in which there are no audio and video devices ensuring video and audio recording, and to prevent any attempts by third parties to install audio and video equipment in the room provided to the inspection group, and to immediately report this to the head of the check. In case of violation of these requirements, bank employees, including bank management, will bear responsibility in accordance with the legislation of the Kyrgyz Republic;

• ensuring by the bank the safe storage of documents of the bank and the National Bank, as well as ensuring equipment and technology necessary for conducting the check;

• provision to the inspection group of access rights to automated banking systems