Values and corporate management

Information unaudited Information ungeprüft Values and corporate management

The LLB Group is committed to value-oriented leadership and transparent corporate governance. We live up to our corporate responsibility through effective compliance management, effective risk and reputation management, and effective data protection measures. Compliance with laws and regulations is a matter of course for us.

Responsible corporate management

The values of ‘integrity’, ‘respect’, ‘excellence’ and ‘passion’ (see chapter Strategy and organisation) underpin the LLB Group’s management. We promote fairness, transparency and accountability as well as the ethically correct and legally compliant conduct of our employees. In this way, we protect the interests of our stakeholders and contribute to a more socially just society and economy.

As part of our corporate governance, we ensure responsible management, monitoring and transparency. As a listed company, the SIX Exchange Regulation directive on Corporate Governance (DCG) forms the fundamental basis for our corporate management. The Liechtenstein Law on the Control and Oversight of Public Enterprises (ÖUSG) and the Law on Liechtensteinische Landesbank (LLBG) provide a further framework.

We also keep an eye on potential negative impacts in everything we do in the areas of corporate governance and compliance. Such effects can become reality for our clients if employees do not comply with applicable law or the high ethical standards of the LLB Group, with fines and major reputational damage the possible consequences. Numerous internal rules as well as established processes and systems are aimed at avoiding adverse effects and damage for the LLB Group. These include our Compliance Policy and the Code of Conduct, which sets out binding rules for our employees, as well as the Internal Control System (ICS), which deals with audits and controls.

The LLB Group’s Code of Conduct

One key corporate governance instrument is the LLB Group’s Code of Conduct. This provides a reliable framework for value-based and responsible action that meets legal requirements as well as ethical and social standards. The Code is therefore a binding and collaborative requirement for all employees of the LLB Group.

In the reporting year, we began to fundamentally revise the Code of Conduct. In view of the comprehensive topics and their significance for the LLB Group, we are taking plenty of time for this process, which is why the publication of the updated version is not planned until the end of 2024.

In addition to the Code of Conduct for employees, we also issued a Supplier Code of Conduct in 2023. The purpose of this is to give our business partners an impetus to act even more sustainably. LLB’s suppliers undertake to comply with the principles set out above. These include the fight against corruption and money laundering, the protection of human rights, environmental and climate protection, and data protection.

Compliance

Responsible corporate governance includes an effective system for managing compliance and legal risks. By these risks, we mean violations of legal and regulatory provisions as well as standards, which can lead to sanctions and, as a result, financial losses, reputational damage or even the withdrawal of licences. Negative effects can become reality for clients if employees of the LLB Group do not comply with applicable law or the high ethical standards of the LLB Group.

Ensuring good compliance is a challenging management task. The LLB Group’s Board of Directors defines the guidelines and receives a written report once a year from Group Legal & Compliance on compliance risks and measures taken to remedy them. The Group Legal & Compliance Business Area informs, supports and advises the Group Executive Board on the assessing and monitoring of compliance risks. Key compliance issues such as following regulatory changes, implementing new requirements, training employees and monitoring are dealt with by the appropriate departments. These include Group Regulatory Compliance, Group Financial Crime Prevention and Group Client Tax Compliance & Reporting. There are internal rules and regulations for all key topics, such as various Group directives relating to compliance, conflicts of interest, market abuse, money laundering prevention, data protection, and so on.

Measures against corruption and bribery are also provided for in the regulations, in the training system and in the process and system landscape. The risk of potentially unlawful conduct affects every LLB Group location to the same extent. For this reason, our employees are also taught about the risks related to corruption and bribery as part of their regular compliance training.

Protection of whistleblowers

Anyone with information about improper conduct by any employee of the LLB Group which is not consistent with our compliance principles and could be detrimental to us can contact the bank’s internal whistleblowing office either in writing, verbally or electronically. A separate tool is also available for this purpose, which enables anonymous reporting and communication with the bank.

The whistleblowing office investigates reports made, determines whether there has been a possible violation of laws, rules and regulations, morality or the like, and classifies the information accordingly. The whistleblower is protected and must not suffer any disadvantage through making the report. If a compliance violation has occurred, it is then assessed in a regulated internal process and, if necessary, punished.

Effectiveness of the measures

We expect all employees to observe the Code of Conduct, to act with integrity and to comply with professional standards as well as with the existing laws, regulations and directives. Despite all the measures put in place, internal criminal activities were detected and reported in 2022. The legal process has not yet been completed; findings from the incident have been incorporated into the further improvement of the internal organisation. In connection with this, a fine was also imposed on LLB. There were no further incidents of this kind in the 2023 reporting year.

Our corruption prevention efforts have once again had an impact over the past twelve months. There were no confirmed incidents of corruption in the 2023 reporting year. As at 31 December 2023, there are also no legal proceedings pending due to anti-competitive behaviour or the formation of cartels and monopolies.

Continuous adaptation of security infrastructures together with monitoring and analysis systems as well as employee training form the basis for the prevention of abusive conduct. Internal directives and measures are regularly adapted to changed framework conditions such as regulatory developments.

Risk and reputation management

A prudent approach to risks is an integral part of our corporate strategy. It ensures the LLB Group’s risk-bearing capacity and creates a strong culture of risk awareness at all levels. Our risk management is based on the risk policy and encompasses the systematic identification and assessment, reporting, management and monitoring of market risks, liquidity risks, refinancing risks, credit risks, operational and strategic risks and also asset liability management.

Responsible corporate governance also requires sustainable conduct within the framework of risk management. For this reason, we are continuing to push ahead with the collection of sustainability indicators and the improvement of data quality. In doing so, we ensure that climate risks are appropriately identified, assessed, managed and monitored in the future. More detailed information on the management of sustainability risks can be found in LLB’s TCFD report and under the Risk management chapter in the financial section.

Data protection and cyber security

Due to increasing digitalisation, the protection of client and employee data as well as information security play a fundamental role in banking practice. Sophisticated information processing systems, which guarantee confidentiality, availability and integrity, protect against dangers and threats and help to prevent damage as well as minimise risks. Cyber attacks, in particular, pose a threat to users of our online banking and other digital products. Our advanced security architecture provides the best possible protection from such attacks, for both us and our clients. By taking appropriate technical precautions on information and cyber security as well as data protection, we can ensure the seamless operation of digital systems, engender trust among our clients and employees and promote economic activity in Liechtenstein. We also contribute to the protection of the country’s critical infrastructure.

The Group Business Risk Management department bears primary responsibility for client data protection and information security. The laws and supervisory guidelines in Liechtenstein, Switzerland, Austria and Dubai (in particular, the Banking Act, the Data Protection Act, the GDPR as well as FINMA and FMA requirements) regulate, in a clear and binding manner, the responsibilities and measures for client data protection as well as information and cyber security. We process personal data in accordance with the General Data Protection Regulation.

Our principles and policies are set out in rules and regulations that are binding throughout the LLB Group. Central to this is the Group directive on data protection, which is binding for all LLB employees. Annual mandatory training courses on information security and data protection, in conjunction with internal monitoring systems, ensure the implementation of this directive and promote the responsible handling of client data and information.

Standards for information and cyber security are high at the LLB Group. Specialists from the responsible data centre continuously analyse new cyber threats and, depending on the risk, take appropriate countermeasures. In combination with penetration tests, these measures continuously guarantee a high level of security. In the reporting year, the LLB Group registered no complaints regarding privacy breaches or losses of client data.

Regulatory framework and developments

LLB considers it a top priority in a highly regulated business environment to closely monitor ongoing legislative developments and, where possible and expedient, to play an active part in shaping developments as well as to prepare for innovations in good time. The employees implement the regulatory requirements and thus make an essential contribution to the success of the business and to the good reputation of the LLB Group.

The most important regulatory requirements and developments in the reporting year are summarised below. The focus was primarily on regulations that were of particular importance due to their topicality. Other regulatory requirements that are of relevance to the LLB Group can be found in previous annual reports.

Financial centre strategy

In 2019, the Government published a comprehensive financial centre strategy designed to further enhance the competitiveness of the Liechtenstein financial centre. The Group Client Tax Compliance & Reporting department is responsible for ensuring implementation of the tax compliance strategy as well as compliance with the Automatic Exchange of Information (AEOI) and the FATCA agreement. The same applies to compliance with international rules and standards. The focus of the strategy is on unrestricted and equal access to markets and improving the framework conditions for innovative enterprises.

In addition, the Government has set four strategic goals in order to meet international expectations in the area of combating money laundering and terrorist financing. Dialogue with key partner countries is to be intensified. Membership of international bodies such as the International Monetary Fund (IMF) will thus continue to be explored. The Government also attaches great importance to digitalisation and blockchain technology. With the Liechtenstein Blockchain Act (Token and TT Service Providers Act, TVTG), Liechtenstein is the first country in the world to develop a legal basis for the token economy.

International tax topics

Disclosure of cross-border tax planning arrangements

According to the OECD, the lack of comprehensive and relevant disclosure about potentially aggressive or abusive tax planning strategies is one of the major challenges facing tax authorities. In this context, the EU, with the amendment to the EU Mutual Assistance Directive (Directive 2011 / 16 / EU – “DAC 6”) which came into effect in 2018, has introduced a disclosure requirement for cross-border tax arrangements directed at EU intermediaries (especially fiduciaries, lawyers, tax advisers and banks).

International co-operation on tax topics

The Principality of Liechtenstein is intent on creating an attractive tax system that takes account of European law and international developments. Hence, the Principality has implemented the international automatic exchange of information with 114 partner or reporting countries since the beginning of 2016. The FATCA agreement with the USA was concluded in 2014. The Global Forum of the OECD confirmed in November 2021 that Liechtenstein is fully compliant with the OECD requirements and described the Liechtenstein legal framework as “In place”, which corresponds to the highest rating.

Plans for international group taxation

While the OECD’s plans for an internationally unified approach to digital taxation presented in autumn 2019 are still in progress, the Group of Twenty (G20) countries endorsed in autumn 2021 a global minimum tax for corporations, which has applied since 2023.

Access to the EU market

Thanks to its membership of the EEA, Liechtenstein has unrestricted access to the internal European market. The internationally oriented fund location benefits in particular from this. It has a legal basis that is focused on clients and investor protection. The investment fund law comprises three pillars: the Act on Certain Undertakings for Collective Investment in Transferable Securities (UCITS Act, 2011), the Law on Alternative Investment Fund Managers (AIFM Act, 2013) and the Investment Undertakings Act (IUA), which was revised in 2016.

Data protection requirements

EU General Data Protection Regulation (EU GDPR)

LLB has implemented the requirements of the European EU General Data Protection Regulation (EU GDPR) Group-wide. The regulation regulates and standardises the collection and processing of personal data by companies and public authorities. LLB has established corresponding rules which are applicable throughout the Group and made the necessary adjustments to implement the requirements appropriately.

Data protection laws in Switzerland and Dubai (DIFC)

The Swiss Data Protection Act, which was completely revised in 2020, was partially adapted to the EU GDPR, but retained its own basic concept. The Act came into force on 1 September 2023. It improves the processing of personal data and grants new rights to data subjects. This significant change in the law also comes with a list of obligations for companies.

In the Dubai International Financial Centre (DIFC), the Data Protection Law came into force on 1 July 2020. It sets an important standard for data protection in the Middle East and largely aligns the legal situation with the EU General Data Protection Regulation, which is becoming an international benchmark.

Protection against money laundering and terrorist financing

Liechtenstein has a zero-tolerance policy towards money laundering and terrorist financing. As a member of the EEA, Liechtenstein has meanwhile also implemented the 5^th EU Anti-Money Laundering Directive and in doing so has improved transparency with regard to beneficial owners as well as risks relating to virtual currencies. The directive also tightens and harmonises the criteria for assessing high-risk third countries. These international requirements have been implemented domestically through the Due Diligence Act and the Due Diligence Ordinance.

Compliance with international standards

The Financial Intelligence Unit (FIU) serves as the country’s central authority for obtaining and analysing information that is necessary to recognise money laundering, predicate offences for money laundering, organised crime and terrorist financing. It represents Liechtenstein in the Committee of Experts on anti- money laundering and terrorist financing in the EU. The current version of the FIU Law of 2019 and the adaptations made to the Due Diligence Act in 2021 ensure Liechtenstein is fully legally compliant with the international standard.

In 2002, 2007 and 2013/2014, the International Monetary Fund (IMF) and Moneyval (the Council of Europe’s Committee of Experts) assessed to what extent the Liechtenstein provisions on anti-money laundering and combating the financing of terrorism meet the standards laid down by the Financial Action Task Force (FATF 40 + 9 Recommendations). The IMF and Moneyval attested positively to Liechtenstein’s standards in combating money laundering and financing of terrorism in their last report. After carrying out the National Risk Assessments (NRA I) in 2016/2017 and updating them (NRA II) in 2020, Liechtenstein completed the Moneyval country examination in autumn 2021 in order to assess the effectiveness of the measures in preventing money laundering and terrorist financing. In its last report published on 29 June 2022, Moneyval attested to Liechtenstein’s high level of effectiveness in identifying and combating money laundering and terrorist financing risks and commended the country for having a comprehensive and convergent understanding of its key risks in this area. Liechtenstein was awarded the rating “substantial” in five of eleven effectiveness ratings. In terms of technical compliance with the 40 FATF recommendations, Liechtenstein was also given very good marks.

The LLB Group has integrated the relevant requirements in connection with the fight against money laundering and terrorist financing into its processes and complies with these important obligations. In addition, the LLB Group was part of the international assessments and cooperates transparently with the national authorities.

Consumer protection

MiFID II / Liechtenstein

The Liechtenstein banking centre and thus also LLB implemented the Markets in Financial Instruments Directive II (MiFID II). It simplifies cross-border financial services and freedom of establishment and allows investment firms, banks and stock markets to offer their services in other EU / EEA member states. Furthermore, they are required to conduct precise client and product analyses as well as disclose information on compensations and commissions. The accompanying Regulation (MiFIR), which has been in force since January 2018, brought significant changes compared to the previously applicable laws. These include the strengthening of investor protection and improving the integrity and transparency of the financial markets. High-frequency trading is subject to regulation and supervisory oversight; position limits in commodities trading are strict. Throughout the EU, consultations at bank branches and consultations by telephone must record and document in a comprehensive manner why a financial product was recommended and how it matches the client’s risk profile.

FinSA / Switzerland

In November 2019, Switzerland decided to follow a balanced and modern overall approach to investor protection with the adoption of the Financial Services Act (FinSA) and the Financial Institutions Act (FinIA). The two acts, which have been in force since January 2020, aim to create a level playing field for financial intermediaries and to improve client protection. The FinSA contains rules of conduct towards clients that financial service providers must comply with. It also provides for prospectus requirements and requires a basic information sheet for financial instruments that is easy to understand. The FinIA essentially standardises the authorisation rules for financial service providers.

Rules of the game in the EU payment systems market

For LLB, the harmonisation and the digitalisation of the European payment systems market are important topics. As an EEA country, Liechtenstein adopted the second EU Payment Services Directive (PSD2) in 2019. The revised Payment Services Act came into force on 1 October 2019. The PSD2 introduced new information and liability rules for payment service providers that are aimed at improving customer protection. It also requires strong customer authentication and limits the scope of previous exemptions. In this connection, two new types of financial intermediary, namely the payment initiation service provider and the account information service provider, have been created. At LLB, the adjustments required to implement the PSD2 have been made.

EU Mortgage Credit Directive

The Directive 2014 / 17 / EU on credit agreements for consumers relating to residential immovable property has been in force in the EU member states since 2014. It has created a single legal framework for the granting of mortgage credit agreements to consumers in the internal European market. As a member of the EEA, Liechtenstein was obliged to transpose this directive into national law. This happened with the Mortgage and Real Estate Credit Act, which has been in effect since 1 April 2021. The directive serves to protect consumers taking out loans to buy residential property. Under the directive, the banks are subject to various obligations when granting a loan. These primarily include (pre-)contractual information requirements, creditworthiness assessment requirements and qualification requirements for bank employees involved in granting loans.

LLB has implemented the rules and incorporated them into the relevant processes, with the consultation process having been particularly affected.

Capital adequacy requirements

The new EU banking package, which was published by European legislators on 20 May 2019, has implemented further key elements of the Basel III framework, which was essentially completed at the end of 2017, at European level through amendments to the Capital Requirements Regulation II (CRR II) and Capital Requirements Directive V (CRD V). The CRR II has been applicable in the EU since June 2021, while the CRD V had to be implemented by the EU member states by 28 December 2020. In Liechtenstein, the CRR II and the CRD V came into force on 1 May 2022.

Deposit guarantee schemes and investor compensation

The Deposit Guarantee Schemes Directive (DGSD), implemented in Liechtenstein with the Deposit Guarantee and Investor Compensation Act (DGICA) which came into force in 2019, obliges EEA member states to recognise at least one national guarantee scheme to govern the implementation of deposit guarantee schemes at banks. Every bank must be a member of a deposit guarantee scheme that is to be supervised by a national authority – in Liechtenstein this is the Liechtenstein Financial Market Authority (FMA). LLB AG has joined the Deposit Guarantee and Investor Compensation Foundation (EAS).

In the event of a compensation case, the EAS would ensure that the financial consequences for depositors and investors are at least mitigated by covering depositor claims from eligible deposits up to CHF 100ʼ000 and investor claims up to a maximum of CHF 30ʼ000. Eligible deposits are all kinds of account balances as well as call money and time deposits.

Recovery and resolution planning

With the Bank Recovery and Resolution Directive (BRRD), European legislators have introduced minimum requirements for the recovery and resolution of credit institutions. The BRRD was transposed in Liechtenstein through the Recovery and Resolution Act (RRA). It provides a statutory mechanism to counteract the “too big to fail” risk of large, systemically important banks in a crisis.

Systemically important banks in Liechtenstein, of which LLB AG is one, are required to draw up a recovery plan. The recovery plan contains an outline of the measures and escalation processes available to the institution in the event of a financial crisis. Model analyses show that these measures are suitable for restoring the financial soundness of the institution in crisis scenarios.

On 1 January 2017, the FMA created an operationally independent organisational unit acting as a resolution authority. Its primary objectives are to avoid significant adverse effects on the stability of the Liechtenstein financial market and to protect client funds and client assets in the event of the failure of an institution. The regulator imposes Minimum Requirements for Own Funds and Eligible Liabilities (MREL) in order to strengthen the capital available for write-down or conversion (bail-in capital) in the event of resolution. This should increase the resolution capacity and reduce the risk of having to resort to public funds for resolving banks. Within the framework of the BRRD II, which is part of the current EU banking package, the regulations on resolution and MREL are being updated and expanded. The BRRD II was implemented and the MREL set out in Liechtenstein in May 2023 (RRA II).

Regulatory development in the context of sustainability

The EU promotes sustainable development of the economic system and is committed to the goals of the Paris climate agreement and the UN’s Agenda 2030. With its Action Plan for Financing Sustainable Growth, the EU aims to redirect capital flows towards a more sustainable economy. Integrating sustainability aspects into risk management and fostering transparency are key areas of the action plan. Achieving the EU’s goal of climate neutrality by 2050 will require a significant reduction in CO₂ emissions, supported by “green” financing and investments.

Various legislative initiatives following this action plan have been started in the EU. Particularly worthy of mention are:

• Regulation (EU) 2019 / 2088 on sustainability-related disclosures in the financial services sector (SFDR);
• Regulation (EU) 2020 / 852 on the establishment of a framework to facilitate sustainable investment, and amending Regulation (EU) 2019 / 2088 (Taxonomy Regulation);
• Directive (EU) 2022 / 2464 amending Regulation (EU) 537 / 2014 and Directives 2004 / 109 / EC, 2006 / 43 / EC and 2013 / 34 / EU governing corporate sustainability reporting (CSRD);
• Delegated Regulation (EU) 2021 / 1253 amending Delegated Regulation (EU) 2017 / 565 (MiFID II);
• Delegated Regulation (EU) 2021 / 1269 amending Delegated Regulation (EU) 2017 / 593 (product monitoring);
• Delegated Regulation (EU) 2021 / 1255 amending Delegated Regulation (EU) 231 / 2013 (AIFM);
• Delegated Regulation (EU) 2021 / 1270 amending Delegated Regulation (EU) 2010 / 43 /  EU (UCITS).

The subsidiaries of LLB in Austria (bank and investment companies) are directly affected by the EU regulations. They are also relevant to LLB in Liechtenstein through the European Economic Area (EEA), although the date of application may vary depending on the law.

Regulatory monitoring was consistently pursued in the reporting year. In addition, we pushed ahead with the implementation of the various legal provisions, so that the regulatory requirements could be gradually implemented. In order to meet the requirements of regulatory tracking and implementation, the Group Corporate Compliance department has been expanded to include a Senior Compliance Officer who will focus on the ESG compliance function.

The LLB Group strives to increasingly integrate the topic of sustainability into its products, into its risk management and especially into its client advisory services. We therefore support the efforts of legislators to create relevant standards and transparency requirements for sustainable finance.