Frequently asked questions (FAQ) on the banker’s oath and the disciplinary regime for banking service providers

The employees in the banking sector who are subject to the banker’s oath are the banking service providers, i.e. :

1. the so-called fit & proper persons, i.e. those subject to requirements in terms of appropriate expertise and professional integrity^[1] (Categorie 1);
2. 'managers responsible', i.e. natural persons who assume de facto responsibility for, or exercise supervision over, persons referred to in point 4 (Categorie 2);
3. banking and investment services agents registered as natural persons (Categorie 3); and
4. any other person who directly participates in the exercise of banking activities, or in the provision of banking services within Belgium (Categorie 4);

in each case, if they are active in Belgium with the following entities:

• Belgian or foreign credit institutions established in Belgium^[2]; or
• banking and investment services agents acting in the name and on behalf of such credit institutions.

(hereinafter referred to as an 'Entity' or 'Entities')

The concept of 'banking service providers' covers only those natural persons who work for an Entity, and who are therefore part of its internal organization. Professional status is not a determining factor. For example, banking service providers who work for an Entity under a student employment contract, or as temporary staff or trainees, are considered to be part of the internal organization. By contrast, if an Entity has outsourced certain tasks to a third party, natural persons working for the third party are banking service providers only if they belong to at least one of categories 1 to 4, and if the third party is itself a credit institution or a banking and investment services agent.

Furthermore, the concept of 'banking service providers' is limited to natural persons active in Belgium. The nationality or place of residence of the person concerned is irrelevant in this respect.

Fit & proper persons (category 1) acting within an Entity perform, by virtue of their role, functions that are necessarily located in Belgium. They are therefore active in Belgium. Similarly, banking and investment services agents who are natural persons (category 3) are also by definition active in Belgium, since they are registered with the FSMA in the register of intermediaries in banking and investment services.

Managers responsible (category 2) within an Entity are active in Belgium if they exercise supervision of or control over category 4 banking service providers who are themselves active within Belgium. For example, the senior managers of a Belgian branch of a credit institution governed by the law of another Member State fall within the scope of the banker’s oath, but not the managers of the head office of that credit institution, even if they exercise control over, for example, the managers of the branch (unless they are actually active in Belgium).

Finally, category 4 persons acting within an Entity are active in Belgium if they carry out banking activities or provide banking services within Belgium. The question whether banking activities or services are located within Belgium arises in particular for a category 4 person active within a credit institution governed by foreign law having a branch in Belgium. In this case, the person concerned will be considered to be active in Belgium if he or she carries out banking activities or provides banking services on behalf of the Belgian branch. The following factual elements are, among others, relevant indicators:

• the person is a member of the team dedicated to the branch's activities;
• the banking services provided by the person are, in one way or another, attributed to the branch, for example by recording the relevant banking products in the branch's books;
• the person is physically present in Belgium, either permanently or by holding face-to-face meetings (except if these are only occasional).

Persons active in Belgium at a Belgian branch of a credit institution governed by the law of another EEA Member State could be considered as banking service providers belonging to Category 2 (managers responsible) or to Category 4 (persons who directly participate in the exercise of banking activities, or in the provision of banking services, within Belgium). Categories 1 and 3 are excluded. The same applies to senior managers and those responsible for the independent control functions of such a branch.

It is up to the Entity in question to identify in concreto those among its staff members who enter into these categories. The fact that a person has or has not undergone a fit & proper assessment in the EEA Member State is, for example, not decisive in this respect.

• Carrying out banking activities or providing banking services

The concepts of 'banking activities' and 'banking services' are defined by reference to the banking laws and regulations. They cover all the activities that a credit institution is authorized to carry out in a harmonized manner under the European passport. These include, for example, offering all types of accounts, granting loans, providing payment services and providing investment services.

• Persons directly participating in the exercise of banking activities, or in the provision of banking services 

The definition covers in particular natural persons who are in direct contact with the public for the purpose of carrying out or providing such activities or services. Employees working in so-called front office departments should therefore be regarded as banking service providers. 

It also includes natural persons who, without being in contact with the public, carry out acts that are part of, or derive directly from, the exercise or provision of banking activities or services, whether these are provided via face-to-face, telephone or digital channels. Certain back-office staff members may thus also be concerned. Such will be the case, for example, for those who play a role in the procedure for offering or concluding credit agreements, or in making investment decisions as part of portfolio management. Conversely, employees working in the IT department of an Entity, in the legal department, in the HR department, in the Facilities department or in a department exclusively responsible for handling complaints or collecting debts, for example, do not fall under that description. 

Individuals designated as persons in contact with the public within the meaning of the Code of Economic Law at credit institutions authorized as lenders or at banking and investment services agents registered as credit intermediaries should be considered as Category 4 banking service providers, given the similarity between these two concepts.

It is the responsibility of credit institutions (Belgian institutions or foreign institutions established in Belgium) to provide the FSMA with the  list of natural persons working at their company or at their agents who meet this definition.

Managers responsible are natural persons who exercise de facto supervision of or control over other banking service providers, namely, persons who, within an Entity, directly participate in the exercise of banking activities, or in the provision of banking services, within Belgium (Category 4). This supervision must relate more specifically to the way in which these people carry out these activities or provide these services. This supervision may be indirect, particularly where there are several hierarchical levels. In this case, the persons in charge of each hierarchical level are considered to be managers responsible.

This concept does not correspond to a specific function or hierarchical position. It is essentially factual and based on an identification in concreto within each Entity. For example, managers responsible are not necessarily members of the Entity’s management team. Fit & proper persons within an Entity may in turn also be managers responsible. 

Individuals designated as persons responsible for distribution within the meaning of the Code of Economic Law at credit institutions authorized as lenders or at banking and investment services agents registered as credit intermediaries should be considered as managers responsible, given the similarity between these two concepts. 

It is the responsibility of credit institutions (Belgian institutions or foreign institutions established in Belgium) to provide the FSMA with the  list of natural persons working at their company or at their agents who meet this definition.

Banking service providers are subject to two main obligations and one corollary obligation:

1. They must take the banker’s oath.
2. They must comply with disciplinary rules, called 'individual rules of conduct'.
3. They must provide proof of not being subject to a professional ban when applying for a position at an Entity.

The banker’s oath is an individual declaration by which the banking service provider undertakes to comply with the individual rules of conduct. It is worded as follows:

The banker’s oath must be taken within six months after the date on which the new regime comes into force for the banking service provider or, if later, after the actual date of entry into the position. The actual date of entry into the position may, depending on the case, be fixed contractually or derive from factual circumstances. 

For fit & proper persons whose appointment is subject to the prior approval of the prudential supervisor, or of the FSMA, the six-month period can only start to run once this approval has been obtained.

For banking and investment services agents operating as natural persons, this period will not begin to run until they are registered in the register of intermediaries in banking and investment services.

Banking service providers who perform functions within an Entity for less than six months are therefore not required to take the oath. This could be the case for students, trainees or temporary staff. However, they are required to comply with the individual rules of conduct from the moment they take on their duties. 

The identity of the person before whom banking service providers must take the oath depends on:

• the type of Entity in which they are active (credit institution or banking and investment services agent); and
• the category of banking service providers they belong to (Categories 1 to 4).

From 15 January 2025, for banking service providers active in credit institutions other than Category 4 banking service providers:

• Banking service providers subject to fit & proper requirements under Belgian law^[1] or the law of another EEA Member State take the oath before the FSMA:
  1. fit & proper persons under Belgian law (Category 1), i.e. fit & proper persons working in Belgian credit institutions and in Belgian branches of third country credit institutions; and
  2. managers responsible (Category 2) subject to fit & proper requirements under the law of the home Member State of the EEA credit institution concerned, with a branch in Belgium.
• Managers responsible other than those referred to in point 2 above (managers responsible who are not subject to fit & proper requirements under the law of another EEA Member State) take the oath before a senior manager of the credit institution or of its Belgian branch. 

This breakdown is summarized in a table (available in Dutch and  French only) for use by the sector..

From 15 July 2026, for banking service providers:

• active in credit institutions and belonging to Categorie 4 ( other persons who directly participate in the exercise of banking activities, or in the provision of banking services within Belgium), the oath will in principle be taken before a senior manager of the credit institution or of its Belgian branch. Only Category 4 banking service providers who are subject to fit & proper requirements under the law of another EEA Member State will be required to take the oath before the FSMA.
• active as banking and investment services agent:
  • Banking service providers subject to fit & proper requirements (Categories 1 en 3), who will take up their position on or after 15 July 2026 must take the oath before the FSMA.
  • Banking service providers subject to fit & proper requirements (Categories 1 en 3), who have taken up their position before 15 July 2026 will take the oath before a senior manager of the credit institution on whose behalf they are acting or a manager of the Belgian branch of that credit institution.
  • Other banking service providers will take the oath before a senior manager of the banking and investment services agent for whom they act.

This breakdown is summarized in a table (available in Dutch and French only) for use by the sector. 

^[1] The Law of 25 April 2014 on the legal status and supervision of credit institutions and the Law of 22 March 2006 on intermediation in banking and investment services and on the distribution of financial instruments.

The banker’s oath is taken before the Chairman of the FSMA (or in his absence, before the Deputy Chairman of the FSMA or two members of its Management Committee). The banker’s oath is taken in one of the three Belgian national languages^[1], at the choice of the banking service provider concerned.

At least 3 oath-taking sessions will be organized per semester, i.e. a minimum of six sessions per year. The dates and registration procedures for the oath-taking sessions are available on the website of the FSMA. 

The taking of the oath will be confirmed in writing by a FSMA representative. This certificate will be kept by the FSMA, which will provide a copy to the banking service provider concerned.

^[1]The Dutch and French versions of the banker’s oath declaration are to be found in Article 4, §2, of the Law of 22 April 2019 introducing a banker's oath and a disciplinary regime for the banking sector. Its German translation reads as follows: ‘Ich verpflichte mich, bei der Ausübung meiner Berufstätigkeiten unter allen Umständen ehrlich und rechtschaffen sowie sachverständig und professionell zu handeln und dabei die Interessen der Kunden zu berücksichtigen und sie fair zu behandeln. Ich habe die diesbezüglichen vom König erlassenen besonderen Regeln zur Kenntnis genommen.‘

In the case of a credit institution governed by Belgian law, the banker’s oath is taken before a senior manager of the institution. If the credit institution is governed by foreign law, the oath is taken before a manager of the institution’s Belgian branch. 

In the case of banking and investment services agents, the oath is taken before a senior manager of the agent. 

Each Entity defines the organizational arrangements of the oath-taking. Several people may simultaneously take the oath before the manager concerned. However, particular attention must be paid to the solemn character of the oath-taking, and to complying with the 6-month time limit granted to banking service providers to take the oath.

The taking of the oath must be confirmed in writing by the (senior) manager before whom the oath was taken. The Entity keeps this certificate, gives a copy to the banking service provider and makes it available to the FSMA on request. 

An oath-taking model (available in French - Dutch only) certificate is available to credit institutions for oaths to be taken from 15 January 2025. During the first half of 2026, the FSMA will also provide the sector with model certificates for oaths to be taken from 15 July 2026.

1. The requirement to take the oath differs depending on whether the banking service provider performs the said functions within different Entities or within the same Entity.
   
   A new oath-taking is required in the event of a change of Entity or for multiple positions with different Entities.
2. In the event of a combination or change of function(s) in a single Entity, the oath-taking requirement differs depending on whether the combination or change of function(s) involves a new oath other than the one taken before the Entity. 
   
   In the event of a combination or change of function(s) within the same Entity, a banking service provider may in fact belong to more than one category of banking service provider. In such cases, an additional oath is only required if the new or second function involves taking an oath other than the one taken before the Entity.. This rule is illustrated by the following practical examples:
   • A person who directly participates in the exercise or provision of banking activities or banking services (Category 4) at a credit institution will initially have taken the oath before a senior manager of that institution. 
     If the person later becomes a manager responsible (Category 2) in that same institution, he or she will not be required to take the oath again. 
     If he or she becomes a fit & proper person, he or she will be required to take the oath before the FSMA. This is explained by the specific behavioural requirements imposed on fit & proper persons, and the difference in punitive competences with respect to them.
   • Similarly, a person working for a banking and investment services agent who directly participates in the exercise or provision of banking activities or services (Category 4) will initially have taken the oath before a senior manager of that agent. 
     If the person subsequently becomes a manager responsible (Category 2) in that same Entity, he or she will not be required to take the oath again. 
     If he or she becomes a fit & proper person (on or after 15 July 2026), he or she will be required to take the oath before the FSMA. This is explained by the specific behavioural requirements imposed on fit & proper persons and the FSMA's powers to supervise compliance with the requirements in terms of appropriate expertise and professional integrity for banking and investment services agents.
   • A senior manager of a Belgian credit institution will probably hold both a fit & proper person (Category 1) and a manager responsible (Category 2) status. In this case, he or she will only have to take the oath before the FSMA and not before the credit institution.
   • A key function holder in a Belgian credit institution (Category 1) will initially have taken the oath before the FSMA. If the person subsequently becomes a manager responsible (Category 2) within the same institution, he or she will not be required to take the banking oath again, whether he or she retains his/her fit & proper status or not.
      

The procedures for taking the banker’s oath are set out in an FSMA regulation (available in French and Dutch only). Its provisions are explained in the comments on that FSMA regulation.

The individual rules of conduct are based on three founding principles, under which banking service providers are required to act at all times:

1. with honesty and integrity;
2. with competence and professionalism; and
3. taking into account the interests of clients and treating them fairly.

These individual rules of conduct are set out in a Royal Decree (available in French and Dutch only).

They focus on the concepts of honesty, integrity, competence and professionalism, as well as on clients’ interests and their fair treatment.

They focus on the concepts of honesty, integrity, competence and professionalism, as well as on clients’ interests and their fair treatment.

On the other hand, fit & proper persons (Category 1) and managers responsible (Category 2) will have to comply with requirements specific to their supervisory role. For example, they will have to refrain from encouraging any behaviour likely to infringe the requirements applicable to banking service providers, and must act in an appropriate manner if they observe such behaviour.

The FSMA will record disciplinary sanctions in a central register, together with professional bans imposed by the FSMA, the National Bank of Belgium (NBB) or the European Central Bank (ECB) under sector-specific prudential regulations. 

Candidates to a position of banking service provider can ask the FSMA for a certificate confirming that he or she is not subject to any of the aforementioned professional bans.

In order to guarantee the protection of their personal data, only candidates will be allowed to request this certificate from the FSMA. However, an Entity may use the services of a banking service provider only if it has first obtained such a certificate of absence of professional ban. 

The FSMA-website lists the channels through which candidates may request a certificate of absence of professional ban.

The following disciplinary sanctions may be imposed if a banking service provider infringes an individual rule of conduct of fials to take the banker's oath:

1. a warning
2. a reprimand
3. a professional ban of up to 3 years.

A warning and a reprimand may be accompanied by an obligation to follow training courses.

A professional ban may apply to all the activities of a banking service provider, or only to some of them. It may, for example, be limited to activities as manager responsible. The banking service provider must inform the entity for which he or she works of any professional ban imposed on him/her. Failing this, the FSMA will itself inform the Entity concerned.

The FSMA publishes anonymously on its website the disciplinary sanctions it imposes. Furthermore, they are recorded in the central register of disciplinary sanctions and professional bans.

The FSMA imposes disciplinary sanctions in compliance with the rights of defence. In doing so, the FSMA must take into account certain circumstances, such as the seriousness of the infringement, its impact on the interests and reputation of the banking sector, or the financial loss suffered by third parties. 

An appeal against the sanction decision may be lodged with the Council of State.

To safeguard the exclusive prudential jurisdiction of the prudential supervisory authority over fit & proper persons working for credit institutions, the FSMA has no enforcement powers over these persons. If the (Deputy) Investigations Officer concludes that there has been an infringement of the banker’s oath rules by a fit & proper person working for a credit institution, the FSMA will transfer the disciplinary file to the NBB or, where appropriate, to the foreign prudential supervisory authority, so that the prudential authorities can exercise their prerogatives in this respect^[1].

The FSMA may impose an administrative sanction on a banking service provider who fails to comply with a professional ban or training obligation imposed by the FSMA.

The FSMA initiates disciplinary proceedings where there are serious indications of an infringement of the individual rules of conduct or of the obligation to take the banker’s oath.

These indications may come to light following investigation of a complaint or in the course of the FSMA's other legal duties. However, there will be no checks specially designed to detect infringements. 

The serious indications of an infringement are examined by the Investigations Officer or, in his or her absence, the Deputy Investigations Officer. This examination is conducted in compliance with the rights of defence. The (Deputy) Investigations Officer may seek an opinion from the Entity, obtain information from any person or conduct hearings.

Upon completion of the examination, the (Deputy) Investigations Officer prepares a draft investigation report on which the banking service provider is invited to comment. The banking service provider may ask for further investigative acts to be undertaken. The (Deputy) Investigations Officer then prepares a final investigation report. 

Only after this examination by the (Deputy) Investigations Officer will the FSMA be in a position to impose a disciplinary sanction on the banking service provider.

Should the final report of the (Deputy) Investigations Officer concern a fit & proper person active within a credit institution, the FSMA will transfer the disciplinary file to the NBB or, where appropriate, to the foreign prudential supervisory authority.

Disciplinary sanctions  imposed by the FSMA under this disciplinary regime will be recorded in a central register. This register will include the identity of the banking service provider sanctioned, the type of sanction imposed and the day on which it was pronounced. 

The central register will also mention any professional ban imposed by the FSMA, the NBB or the ECB under the laws and regulations applicable to credit institutions, brokerage firms and portfolio management and investment advice companies. 

The FSMA will then act as a single point of contact. 

Each candidate for a position of banking service provider may ask the FSMA for a a certificate confirming that he or she is not subject to any of the aforementioned professional bans. The candidate must provide this certificate to any Entity before he or she can carry out the activities of a banking service provider.

Any person may lodge a complaint if he or she finds that a banking service provider has allegedly failed to take the banker’s oath or breached individual rules of conduct.

The FSMA provides specific communication channels for the reception and handling of complaints. In particular, it has published on its website the email and postal addresses to be used, as well as the applicable procedure for lodging complaints.

The (Deputy) Investigations Officer will examine those complaints which meet the following criteria:

1. The complaint must be documented, i.e. it must contain the following pieces of information:
   1. the surname, first name and, where applicable, position of the banking service provider;
   2. where applicable, the name of the Entity where the banking service provider is active;
   3. a description of the facts of the case;
   4. the period concerned;
   5. the nature of the alleged disciplinary infringement;
   6. evidence of the alleged disciplinary infringement;
   7. any other relevant element.
2. The complaint must be well founded, i.e. the pieces of information provided must constitute sufficiently serious indications of a disciplinary infringement.
3. The complaint must be serious, i.e. it must not concern indications of an obviously minor infringement.  
    

Because of the professional secrecy to which the FSMA and its staff are bound, the complainant will not be informed of the outcome of his or her complaint. However, the (Deputy) Investigations Officer may ask him or her for clarification or additional information.

The rules and procedures for the receipt, admissibility and processing of complaints are set out in an FSMA regulation (available in Dutch and French only). Its provisions are explained in the comments on that FSMA regulation.

The answer below concerns only the processing of personal data of the complainant or other persons mentioned in the complaint, with the exception of the banking service provider (information on the processing of personal data of the banking service provider is available in the FSMA Privacy Policy for banking service providers). 

If, as the complainant, you are lodging a complaint on behalf of another person (see below for further explanations), please provide him or her with the following information.

• WHAT ARE THE PURPOSES OF AND LEGAL BASIS FOR THE PROCESSING OF PERSONAL DATA BY THE FSMA? – As data controller, the FSMA processes the personal data provided in the complaint form for the purpose of receiving, investigating and handling the complaint, including its use in any disciplinary proceedings that the FSMA may initiate against a banking service provider following the complaint.
  
  This processing of personal data is necessary for the exercise of the public interest tasks assigned to the FSMA by the banker’s oath legislation. More specifically, the FSMA has been entrusted with the task of setting up a complaints channel that allows anyone to lodge complaints regarding compliance by banking service providers (i) with the obligation to take the oath and (ii) with the individual rules of conduct.

• Whose personal data does the FSMA process? – On the basis of the complaint form, the FSMA processes the personal data of various categories of stakeholders:
  • The complainant – The FSMA processes the personal data of the person (individual) who lodges a complaint using the complaint form and voluntarily provides his or her contact details.
    • Anonymous complaint – The complainant may, however, choose to submit the complaint anonymously. Needless to say, the FSMA will not process the complainant's personal data, but will unfortunately be unable to contact the complainant to ask questions or seek clarification on the complaint. The FSMA may therefore find itself unable to examine further the complaint lodged, due to a lack of information.
    • Complaint lodged by a legal person – It is also possible that the complaint to the FSMA is not lodged by a natural person but by a legal person. The data of the latter do not constitute personal data. In this case, the FSMA processes the personal data of the contact person within the legal entity if these data have been voluntarily provided in the complaint form.
  • The banking service provider – On the basis of the complaint form, the FSMA processes the personal data of the banking service provider that is the subject of the complaint. As mentioned above, the processing of these personal data is detailed in the FSMA Privacy Policy for banking service providers.
  • Other persons mentioned in the complaint – Finally, the FSMA processes the personal data of any other persons (individuals) mentioned in the description of the facts, in the additional relevant information provided or in the evidence attached to the complaint. These may be witnesses, for example, or people with useful information about the facts to which the complaint relates. This will also often be the case when the complainant lodges a complaint on behalf of another person.
    • Complaint on behalf of another person – A complainant generally lodges a complaint on his or her own behalf. However, it is also possible for a complainant to lodge a complaint on behalf of another person, whose identity is mentioned in the description of the facts, in the additional relevant information provided or in the evidence attached to the complaint. In this case, the FSMA assumes that the complainant has filed the complaint in consultation with this other person and has informed him/her of the content of these FAQs. 

• What personal data does the FSMA process?
  • Personal data of the complainant (unless the complaint is lodged anonymously) – In principle, the FSMA processes the following personal data of the complainant (or its contact person if it is a legal person):
    • identification data (surname and first name);
    • contact details (telephone number(s) and/or email address) so that the FSMA can contact the complainant if it has any questions;
    • where applicable, other personal data of the complainant appearing in the description of the facts, in the additional relevant information provided or in the evidence attached to the complaint.
  • Personal data of other persons mentioned in the complaint – The FSMA processes the personal data concerning these persons (including, where applicable, the persons on behalf of whom the complaint is lodged) which appear in the description of the facts, in the additional relevant information provided or in the evidence attached to the complaint. 
    
    At the outset, the FSMA always receives the aforementioned personal data via the person lodging the complaint. However, if the FSMA launches a disciplinary investigation, it may also receive additional personal data via other persons, such as the banking service provider concerned, witnesses or the Entity in which the banking service provider is/was active.
• With whom may the FSMA share personal data? – The FSMA shares with third parties the personal data it has collected only where necessary for the fulfilment of its legal mission. This is particularly the case in the following situations:
  • where a complaint leads to a disciplinary investigation, it may be necessary to share certain personal data with the banking service provider (so that he or she can exercise his/her rights of defence) or with other third parties, such as the Entity in which the banking service provider is/was active or witnesses heard for the purpose of the investigation;
  • where a complaint leads to a disciplinary investigation and the (Deputy) Investigations Officer concludes that a banking service provider who is subject to legal requirements in terms of expertise and professional integrity within a credit institution has failed in his or her duty to take the banker’s oath or has infringed certain individual rules of conduct, the FSMA is required to notify the NBB or, where applicable, the competent prudential supervisory authority of another Member State. The FSMA is then legally obliged to append a copy of the file documents to its notification, and may therefore share personal data with these supervisory authorities;
  • where a complaint leads the FSMA to take a disciplinary decision that gives rise to court proceedings (such as an appeal against the disciplinary decision lodged with the Council of State), personal data may be shared with the relevant judicial authorities.
    More general information about the cases where the FSMA shares personal data with third parties is available in the general Privacy Policy of the FSMA (under the question “With whom do we share your data?”).

• How long does the FSMA store personal data? – In principle, complaints are kept in the complaint file for 5 years from the date they are lodged. However, a complaint may be kept in the disciplinary file for longer if the FSMA decides to initiate disciplinary proceedings in response to the complaint. The FSMA is also subject to legislation on archiving, which requires it to keep information even longer for archiving purposes (albeit with the appropriate guarantees).

• How can stakeholders exercise their rights? – Stakeholders have a set of rights as regards their personal data. Further information on these rights and how to exercise them can be found in the general Privacy Policy of the FSMA (under the question “What are your privacy rights and how can you exercise them?”). It also contains information on how to contact the Data Protection Officer for any questions or complaints about the processing of personal data (under the question “How can you contact us?”). Anyone who considers that his or her rights have been infringed may at any time lodge a complaint with the Data Protection Authority, Rue de la Presse/Drukpersstraat 35, 1000 Brussels, email: contact@apd-gba.be (see also https://www.dataprotectionauthority.be). 

• Other information? – Please see also the general Privacy Policy of the FSMA for any other information on the processing of personal data under the current complaints handling policy, and in particular on how the FSMA protects personal data and whether personal data are processed outside the European Economic Area.

The Entities are subject to two distinct obligations:

1. Credit institutions (Belgian institutions or foreign institutions established in Belgium) must draw up a list of the banking service providers working at their company or on their behalf at agencies, and provide it to the FSMA.
2. All Entities must require candidates for a position of banking service provider to provide a copy of their certificate of absence of professional ban.This certificate must be requested by the Entity no later than:
   • for an external candidate: before the signature of the candidate's service or employment contract. However, it is permitted to have such a contract signed before obtaining this copy of the certificate, if its coming into effect is subject to obtaining the certificate of absence of professional ban; or
   • for an internal candidate (a staff member who was not initially a banking service provider and who is moving into a new role as a banking service provider): before the candidate takes up his/her new position as banking service provider.

The certificate may not have been issued more than one month before its reception by the Entity.

Credit institutions (Belgian institutions or foreign institutions established in Belgium) draw up a list of the banking service providers working at their company or on their behalf at agencies. This list must specify the category or categories to which the banking service provider concerned belongs and the date on which he or she took the oath. Although they are not required to take the oath, banking service providers who perform functions within an Entity for less than six months must be included in the list of banking service providers.

Credit institutions must provide this list of banking service provider and its updates to the FSMA. These updates must be made half-yearly, i.e. at six-month intervals:

1. The first list will provide an overview of banking service providers as at 15 January 2025. This list must be communicated to the FSMA within one month of this date, i.e. by 14 February 2025 at the latest.
2. The second list will contain an overview of banking service providers as at 15 July 2025 and will be provided no later than 14 August 2025.
3. The following lists will provide an overview of banking service providers as at 15 January and 15 July of each year, and must be communicated to the FSMA at the latest by 14 February and 14 August respectively of the year in question.

Initially, the list of banking service providers will only include fit & proper persons (Category 1) and managers responsible (Category 2) active in credit institutions. From 15 July 2026, the list will also include all other banking service providers (see the question ‘When will this new disciplinary regime enter into force?.

The procedures for drawing up and notifying this list are available on the website of the FSMA.

The FSMA may impose an administrative sanction on an Entity that fails to comply with one of the two obligations referred to in the question 'What are the obligations of the Entities?'.

This new regime will apply from 15 January 2025 to fit & proper persons (Categorie 1) and managers responsible (Categorie 2) carrying out activities in credit institutions. This means that, from that date:

• These banking service providers will be required to comply with the individual rules of conduct when carrying out their professional activities;
• These banking service providers will have six months to take the oath, i.e. until 15 July 2025, or will have to take it within six months after their actual entry into their position if this is after 15 January 2025;
• Credit institutions will be required to draw up the list of these banking service providers (see the deadlines under the question ‘What does the list of banking service providers contain?‘);
• Credit institutions will have to require all candidates for fit & proper or for managers responsible positions to provide a certificate of absence of professional ban .

The regime will apply to the other banking service providers from 15 July 2026. 

This means that, from that date:

• These banking service providers will be required to comply with the individual rules of conduct when carrying out their professional activities;
• These banking service providers will have six months to take the oath, i.e. until 15 January 2027, or will have to take it within six months of their actual entry into their position if this is after 15 July 2026;
• Credit institutions will be required to draw up the list of these banking service providers working at their company or on their behalf at agencies (see the deadlines under the question ‘What does the list of banking service providers contain?‘); and
• credit institutions and banking and investment services agents will have to require all candidates seeking to carry out the activities of a banking service provider to provide a certificate of absence of professional ban.