Employment in Financial Services

Financial services industry employers and their employees are subject to a multi-layered legal framework, which varies depending on the business activity of the respective institution. In each case, it comprises a patchwork of overarching EU law, local law, and ordinances issued by the regulatory watchdog, the Federal Financial Supervisory Authority (BaFin). Employees are particularly affected by specific remuneration principles targeted at avoiding excessive risk-taking.

Banks and financial services

These providers are subject to the German Banking Act (KWG), with a few exceptions (eg, certain provisions do not apply to some institutions due to the nature of their business (section 2 KWG)). The KWG provides, inter alia, a slightly reduced level of dismissal protection for certain banking employees and sets out rules for an appropriate ratio between variable and fixed annual remuneration for employees and managing directors. Bonuses may not exceed the fixed salary, unless the institution’s shareholders approve an increase of up to twice the fixed salary by qualified majority vote. Further details are set out in the Remuneration Ordinance for Financial Institutions (IVV) issued by BaFin. In addition, banks and financial service providers are under certain prerequisites subject to the EU Capital Requirements Regulation (Regulation (EU) No. 575/2013 (CRR) as modified by Regulation (EU) No. 2019/876 of 20 May 2019).

Insurance providers

These are subject to the Commission Delegated Regulation (EU) 2015/35 (Solvency II Regulation), which applies directly and takes precedence over national law. The Insurance Regulation Act governs regulatory supervision and forms the basis for a BaFin-issued insurance compensation ordinance. Compared to banking’s IVV, this is much broader in scope and only applies when not overridden by rules set out in the Solvency II Regulation.

Investment funds

These are subject to the German Capital Investment Code (KAGB), which provides specific rules on remuneration for employees, as well as Annex II of Directive 2011/61/EU for alternative investment funds and articles 14a, 14b of Directive 2009/65/EC for undertakings for collective investments in transferable securities. There is no BaFin ordinance (comparable to IVV for banks) for this sector yet, although BaFin could be authorised to issue one. Section 37 paragraph 1 KAGB provides that investment funds should establish a remuneration system for certain employees, such as managers, that is consistent with and conducive to a sound and effective risk management system, that does not create incentives to take inappropriate risks, and does not prevent the investment fund from acting dutifully in the best interests of the investment assets.  

Investment firms

Finally, these are subject to a different regulatory regime depending on their size and impact. Larger investment firms are subject to the risk and remuneration regime for banks, while medium-sized investment firms (since June 2021) are subject to the new German Securities Act (WpIG). The Act implements the Investment Firm Directive (Directive (EU) 2019/2034) and is complemented by the Investment Firm Regulation (Regulation (EU) 2019/2033). Commission Delegated Regulations specify the standards to identify risk-takers, and Guidance by the European Securities and Markets Authority further detail the requirements for sound remuneration policies. In January, 2024, a new remuneration regime – the Investment Firm Remuneration Ordinance (WpI-VergV) – was introduced by BaFin after a multi-year consultation phase. Quite similar to the regime for banks and financial services, but with a few subtle differences, these rules must now be applied to the remuneration of medium-sized investment firms and especially their risk takers. Small investment firms are only subject to a low level of regulation. Further regulatory rules are set out, inter alia, in the German Securities Trading Act (WpHG) and the Financial Investment Mediation Ordinance, setting out behavioural standards for employees interacting with customers.

The Central Bank of Ireland (CBI) is responsible for the authorisation and supervision of regulated financial service providers (RFSPs) in Ireland. RFSPs can include credit institutions, credit unions, brokers/retail intermediaries; and other RFSPs such as electronic money institutions, insurance and reinsurance undertakings, investment firms and payment institutions. The regulatory regime applies in a bespoke way to each sector and its employees and tailored legal advice should be taken for a specific situation. The general principles of the regulatory framework are set out below.

Fitness and Probity

The primary regulatory regime applicable to employees of RFSPs is the Fitness & Probity ("F&P") framework under the CBI Reform Act 2010 (2010 Act) as amended. Its function is to assess and monitor the suitability of individuals for certain key positions, known as Controlled Functions (CFs), including Pre-approved Controlled Functions (PCFs). The general rule is that an RFSP cannot permit a person to perform a controlled function unless the RFSP is satisfied on reasonable grounds that the person complies with the F&P Standards prescribed under the 2010 Act and further set out in the regulations and Guidance prescribed by the CBI. A link to resources governing the F&P Standards is here.

Fitness relates to an individual's competency, experience, qualifications and capacity to perform the role (including time commitments and being free from conflicts of interest).

Probity relates to an individual's honesty, diligence, independence, ethics and integrity in performing their role.

Employers are required to perform due diligence to confirm that individuals they propose placing in CF roles are fit and proper. Employers are also required to hold a certificate of compliance in respect of each in scope employee, certifying that the employee complies with the F&P Standards. Employees of RFSPs must agree in writing to comply with the F&P Standards.

A breach of an individual's F&P obligations can result in criminal and administrative sanctions for the RFSP and suspension and disqualification for the individual from holding a controlled function.

Minimum Competency Requirements

The CBI also operates a minimum competency regime under the Minimum Competency Code 2017 and the CBI (Supervision and Enforcement) Act 2013 (section 48(1)) Minimum Competency Regulations 2017, which set out professional standards and competencies, and continuing professional development (CPD) requirements, for persons providing certain financial services and products across certain sectors e.g., credit union and insurance services.  The aim is to protect consumers by ensuring a minimum acceptable level of competence from individuals acting for or on behalf of RFSPs providing advice and information and associated activities (such as dealing with insurance claims or complaints), in connection with in-scope financial products.

The Individual Accountability Framework

The CBI (Individual Accountability) Act 2023 (the "2023 Act") was signed into law on 9 March 2023. The 2023 Act introduced a new Individual Accountability Framework ("IAF"):

• An enhanced Fitness and Probity Framework;
• New Common Conduct Standards, including Additional Conduct Standards for PCFs, applicable to employees and officers of RFSPs as well as Business Conduct Standards;
• The Senior Executive Accountability Regime ("SEAR"); and
• Administrative Sanctions Procedures ("ASP") which empowers the CBI to investigate and sanction individuals for breaches of their obligations under the IAF including the Conduct Standards and their F&P obligations.

The IAF commenced in Ireland from 29 December 2023. The F&P Framework and the application of the new Conduct Standards became effective from this date. Other parts of the IAF will be effective later in 2024.

Conduct Standards

Under the 2010 Act, both CFs and PCFs must take any step that is reasonable in the circumstances in the performance of their role, to ensure that they meet the requirements of the Common Conduct Standards. The Common Conduct Standards are explained in Guidance published by the CBI here. The Conduct Standards include the requirement to act with honesty and integrity, due skill and care, co-operate in good faith with the CBI, act in the best interests of customers and comply with applicable rules governing market conduct and trading as applicable to the relevant RFSP's sector. The F&P Standards set a standard that CFs and PCFs must meet to ensure that they are sufficiently skilled and have the competence and capability to perform their roles. Whereas the Common Conduct Standards impose positive, enforceable legal obligations on individuals in those roles, governing their conduct and requiring them to act in accordance with a single set of standards of expected behaviour. Employers must train their employees on the applicable Conduct Standards. Employees are required to attend at that training and to fully understand and comply with the Conduct Standards. Additional Conduct Standards apply to PCFs.

Senior Executive Accountability Regime

SEAR which applies to senior managers/officers holding PCF and CF1 roles, will be applicable from 1 July 2024. SEAR will come into force in respect of Non Executive Directors (NEDs) and Independent Non Executive Directors (INEDs) with effect from 1 July 2025.

In terms of the scope of application, SEAR will be introduced on a phased basis and will initially apply from 1 July 2024 to credit institutions, insurance undertakings (excluding reinsurance undertakings, captive (re)insurance undertakings and insurance special purpose vehicles) and investment firms that underwrite on a firm commitment basis, deal on own account, or are authorised to hold client monies or assets; and third-country branches of the above.

However, the CBI has noted in its Consultation Paper 153 (CP153) that "there is much in the spirit of the SEAR that firms not initially failing within scope should consider as aligned with good quality governance". RFSPs which are not in Phase 1 of SEAR should therefore consider the presence of the new regime and whether it may be appropriate to comply with the spirit of SEAR by ensuring that individual responsibilities for senior managers are mapped and clearly allocated across the firm's senior management. This is to ensure that it is very clear who is individually accountable for what and in order to ensure that the business and its risks are being properly managed.

Business Standards

The 2023 Act provides for the ability of the CBI of Ireland (CBI) to prescribe the "Business Standards" for the purposes of ensuring that in the conduct of its affairs a firm:

1. acts in the best interests of customers and of the integrity of the market;
2. acts honestly, fairly and professionally; and
3. acts with due skill, care and diligence.

The Business Standards are obligations which apply to the RFSP.

Protected Disclosures Legislation – Whistleblowing

The Protected Disclosures Act 2014 as amended provides that all employers (with 50 or more employees) and most RFSPs regardless of head count (including MiFID firms, UCITS management companies, AIFMs, externally managed UCITS and externally managed AIFs)  have and maintain secure, confidential and effective internal reporting channels and investigation procedures that comply with its requirements. Employees and other workers, including INEDS and NEDS as well as contractors have significant anti retaliation protection in connection with making a protected disclosure. Employers are required to appoint a designated person to acknowledge a report within 7 days, make diligent inquiries and to follow up with the reporter within three months in relation to the progress/outcome of the investigation. The Central Bank (Supervision and Enforcement) Act, 2013 as well as the European Union (Market Abuse) Regulations, 2016 set out whistleblowing requirements for in scope employees and anti retaliation protection.

Different notification procedures exist before employees may take up their roles.

Investment firms may only entrust employees to provide investment advice if they are knowledgeable and have demonstrated the required reliability – as evidenced, inter alia, by not having a relevant and unspent prior criminal record. Furthermore, such employees’ identities must be disclosed to BaFin before they commence their activities. The active registration of employees is intended to impart upon employers the significance of employee selection and responsibility for their decisions.

Representatives of regulated entities of the financial services sector (typically, members of management) must be approved by BaFin before they can take up their role (colloquially known as BaFin’s “driver’s licence”). To obtain approval, a request must be filed with BaFin, showing the experience and suitability of the candidate for the role. Depending on the financial services delivered by the company, information that must be filed include the following:

• a CV (including information on professional training, career, and references);
• information on reliability (a form or summary to be completed by the manager, including, for example, mandatory declarations on prior criminal or administrative offences);
• a "certificate of good conduct for submission to an authority", a "European certificate of good conduct for submission to an authority", or "corresponding documents" from abroad (depending on the countries of residence in the last 10 years);
• an extract from the central commercial register;
• an overview of other mandates as a managing director or in administrative and supervisory bodies; and
• information about the manager’s ability to dedicate sufficient time to the role.

Non-management employees responsible for specific key functions at an insurance provider are subject to a similar notification process. Further, financial services employers must perform a risk analysis under the Anti-Money Laundering Act and take internal security measures, which also includes assessing the reliability of employees.

RFSPs must satisfy themselves that all CF and PCF candidates or employees comply with the F&P Standards. Pre-employment due diligence must be performed, including asking the candidate to certify they will comply with the F&P Standards and notify the RFSP immediately of any change in circumstance that may mean they no longer comply. Employers must continue to ensure that in scope employees comply with the F&P Standards and must complete an annual declaration to this effect. This means that due diligence must continue throughout the employment relationship and not just at the recruitment stage.

Candidates for PCF roles must complete an online individual questionnaire, which is submitted to the CBI in advance of appointment to the role through the Central Bank portal. The CBI must grant its approval for the PCF appointment before a candidate can take up the role. Any PCF offer of employment must be conditional on that approval being obtained. The CBI may request applicants attend an interview as part of the approval process.

Employers should take all reasonable steps to secure references from previous employers in order to due diligence the candidate's compliance with the F&P Standards and their suitability for the role. However, an employer is not obliged to issue a reference in respect of a former employee which means that a prospective employer may not be able to secure a reference from a previous employer.  The CBI does not oblige employers to either issue or obtain a reference as part of screening checks, however employers must make good efforts to do so.

There are material obstacles from a data privacy and practical perspective to employers conducting criminal background checks in relation to prospective employees. Data relating to criminal convictions is special category data under the GDPR. Employers would need to satisfy both Article 6 and Article 9 requirements under the GDPR to justify the processing of this data. In terms of Article 9, this means employers would need to show reasons of substantial public interest or that they are carrying out their legal obligations in processing the data.  In terms of Article 6 the employer will need to show that the processing is necessary to comply with a legal obligation to which the employer is subject or the processing is necessary for the employer's legitimate interests for example to ensure the suitability and honesty of its employees and to protect its reputation. Employers are also prevented from asking candidates about "spent convictions" which are usually minor criminal offences dating back over seven years.

Pre-employment medical checks must also have a clear legal basis justifying the processing of an employee's medical and health information.

German law does not treat financial services employees differently from employees of other industries, in that an employment agreement does not necessarily have to be in writing to come into existence. It is, however, common (best) practice and highly recommended for risk mitigation and transparency reasons that parties enter into a written employment agreement. For some provisions to be valid, such as a post-contractual non-compete or a fixed-term agreement, a qualified electronic or wet-ink signature is mandatory.

Further, employers must also provide employees with a wet-ink signed certification document summarising the essential conditions of employment under the German Evidence Act. Failure to provide such a document does not render the employment contract invalid, but a breach of the documentation requirement constitutes an administrative offence that may trigger fines. The German government has proposed an Act to modify the wet-ink signature requirement and also allow for electronic signatures, but has not provided a clear timeline for it coming into force yet.

Remuneration is typically governed under the employment contract and references a firm’s remuneration policy, which must be put in place for regular staff as well as identified risk-takers, with a dedicated set of rules varying per industry sub-sector.

Finally, depending on the case, certain documentation may need to be filed with BaFin before an employee can take up their tasks (see question 2).

The following documents should be in place:

• written statement of terms of employment e.g., a written contract of employment that complies with the Terms of Employment (Information) Act 1994-2014 and the European Union (Transparent and Predictable Working Conditions) Regulations 2022;
• grievance and disciplinary policy;
• protected disclosures policy;
• dignity at work policy (anti-harassment and bullying prevention);
• safety statement; and
• where possible, an employee handbook that details all the statutory leave policies and other bespoke policies of the RFSP.

Taking on certain tasks requires prior proof of competence, which varies depending on the financial services sector and the role. As an example, investment services must notify BaFin of investment advisors, sales representatives, and compliance officers, who in each case must be knowledgeable and reliable, and whose expertise must be reviewed at least annually (section 87, WpHG and the corresponding Employee Notification Ordinance). Institutions must deliver proof of professional suitability (ie, sufficient theoretical and practical knowledge of the relevant business and management experience) and reliability for certain key employees, managing directors, and members of the supervisory or administrative board (sections 25c paragraph 1 and 25d paragraph 1 KWG, sections 20 and 21 WpIG).

Yes, under the Minimum Competency Regime (see question 1), employees who perform certain prescribed functions and roles in prescribed RFSPs such as insurance businesses and credit unions, must meet the required competencies and qualifications standards.

The 2023 Act also introduces a new requirement that persons can only be permitted to perform a CF role (including a PCF role) where a certificate of compliance with the F&P Standards given by the firm is in force (Certification Regime).

As part of the Certification Regime, a certificate of compliance may only be given if:

1. the firm is satisfied on reasonable grounds that the person complies with the F&P Standards; and
2. the person has agreed to abide by the F&P Standards and to notify the firm without delay if for any reason they no longer comply with the F&P Standards.

Employees who qualify as risk-takers have enhanced responsibilities due to their influence on an institution’s risk profile, including documentation requirements. Investment brokers advising private clients are also subject to strict rules and extensive documentation requirements, inter alia, on the investment advice provided and how the investment was tailored to the preferences, investment objectives, and other characteristics of the investor.

Yes. Common Conduct Standards and Additional Conduct Standards were introduced by the 2023 Act and employers need to update employees' contractual documents to reflect same.

The Common Conduct Standards set out standards of behaviour expected of individuals carrying out Controlled Functions (CFs) within firms. The Common Conduct Standards are basic standards such as acting with honesty and integrity with due skill, care and diligence and in the best interest of customers. An individual that is subject to the Common Conduct Standards will be expected to take reasonable steps to ensure that the Common Conduct Standards are met.

In addition, senior executives, which includes individuals performing PCF roles (e.g. the directors, designated persons) and other individuals who exercise significant influence on the conduct of a firm's affairs (CF1) will also have Additional Conduct Standards related to running the part of the business for which they are responsible. An individual who performs a PCF/CF1 role should take reasonable steps to ensure that the Additional Conduct Standards are met.

When SEAR comes into effect, those performing senior executive functions will be required to have detailed statements of responsibility setting out the scope of their role. The Duty of Responsibility which the PCF will have under SEAR is extensive. The duty extends to taking any step that is reasonable in the circumstances to avoid a breach by their firm of its obligations in relation to an aspect of the firm's affairs for which the PCF is responsible.

There are a number of General Prescribed Responsibilities that will need to be assigned to PCFs:

(a)   Performance by the Firm of its obligations under SEAR

(b)   Performance by the Firm of its obligations under the F&P framework

(c)   Performance by the Firm of its obligations under the new Conduct Standards

(d)   Responsibility for overseeing the adoption of the firm’s policy on diversity and inclusion.

Yes. Investment firms must disclose the identities of employees providing investment advice, as well as sales representatives and compliance officers, to BaFin, which maintains a non-public database of registered employees (section 87 WpHG).

As a first step of the registration process, companies need to register on the MVP notification and publication platform. After successful registration, they can apply for admission to the employee and complaints register. Different notification procedures are available, depending on whether employees are notified for the first time or amendments are being made.

No.

Yes, there are specific sets of rules on remuneration in the financial services sector, varying in detail per sub-sector. Rules are particularly strict for material risk-takers of significant institutions in light of the increased risk profile of their activities for the entire organisation.

Variable and fixed remuneration must have an appropriate ratio to each other. For financial institutions, the ratio is appropriate if the variable remuneration both complies with an upper limit of 100% of the fixed remuneration (up to 200% maximum based on a shareholders’ resolution) and provides an effective behavioural incentive. Further, variable remuneration may need to be spread over deferral periods. Depending on the sector, remuneration may have to be made subject to malus, holdback or clawback provisions in case specific risks materialise or the employee is found guilty of misconduct. Further, certain remuneration elements must be granted in instruments instead of cash payments, with restrictions around this element again varying by sub-sector.

There are prescriptive, sector-specific requirements, which apply to the remuneration of specified categories of employees or directors, and which apply in the asset management, investment services, banking, and insurance sectors.

Employers in these sectors are tasked with ensuring that the remuneration paid to material risk takers (individuals whose professional activities have a material impact on an RFSP's risk profile) or identified staff align with the RFSP risk profile.

There are detailed rules with technical guidance (emanating from EU law) specific to each sector, but at a high level they (to differing degrees) set out rules on; variable remuneration composition, ratios or other metrics to compare variable to fixed remuneration to ensure it is appropriate; malus requirements, which would allow the RFSP to cancel or reduce the employee's variable remuneration before it is paid out; and clawback provisions which allow RFSPs to recover variable remuneration after it has been awarded. It is important to ensure that employees' contracts of employment acknowledge that any variable remuneration will be subject to all regulatory restrictions and rules and may be clawed back in certain circumstances.

The CBI's 2014 Guidelines on Variable Remuneration Arrangements for Sales Staff also emphasise the importance of remuneration structures to have sufficient deterrents built into them (such as malus and clawback mechanisms) to avoid incentivising undesirable/risky behaviours from sales staff in the banking, insurance and investment services sectors.

Qualification requirements exist for specific roles (eg, traders), and employers must ensure they comply with them by only contracting employees with the required skills, certifications and experience. The expertise of employees providing investment advice, sales representation, and compliance advice must also be continuously maintained and regularly updated.

Yes. A CF employee, subject to the Minimum Competency regime, will be required to complete CPD training. Evidence of meeting that CPD requirement is also a factor in determining a person's F&P. RFSPs must maintain records of CPD training provided to CFs to demonstrate compliance with the minimum competency regime.

The 2023 Act also introduces new training obligations for those subject to the Common and Additional Conduct Standards, with firms being required to train those persons on how these obligations apply to them and their new duties of responsibility. Attendance at, or completion of, training in respect of the Conduct Standards should be mandatory and such attendance should be carefully documented with refresher training rolled out periodically.

Employers within the scope of the Criminal Justice (Money Laundering and Terrorist Financing) Acts 2010 - 2021 (including RFSPs) are required to provide annual training to relevant staff and directors on its requirements and the RFSP must have procedures in place to comply with that legislation and associated guidance.

Depending on the RFSP's business, additional mandatory training may be needed annually, for example, on topics such as market abuse.

The designated person for responding to protected disclosures should be trained and competent in the identification and handling of protected disclosures.

Employees must conduct themselves in line with their respective roles and responsibilities, which in client-facing roles indirectly leads to them being subject to specific behavioural obligations (such as having to adhere to certain procedures and documentation obligations before selling a service or product to a client). In addition, company policies required by the regulator (eg, on sustainability or equal treatment) often include behavioural standards.

In addition, there are voluntary standards adopted by various professional associations, such as the Code of Conduct of the Federal Association of Financial Services, which apply to their respective members.

Yes there are. They are:

• the F&P Standards;
• the minimum competency regime; and
• the IAF and SEAR (see question 1).

There are also sector-specific conduct of business requirements in legislation and codes, including the Consumer Protection Code 2012, the MiFID II regime, and other regulatory requirements applicable to RFSPs based on their industry sector that apply and deal with matters such as:

• error handling,
• disclosures to customers,
• acting in the best interests of customers; and
• complaints handling.

Yes. Under section 87 WpHG, investment firms must notify BaFin of any changes regarding employees providing investment advice, sales representation, and compliance advice. This includes, for example, personal data or a change of the responsible sales representative, but also the termination of the activity. Changes must be communicated to BaFin within one month.

Further, investment firms must notify BaFin as soon as a substantial customer complaint is made against one or more employees based on his or her activities in connection with investment advice. This applies, for example, to allegations of incorrect investment advice. The notification to BaFin must be submitted within six weeks of receipt of the complaint. Details on the content of the notification are governed by section 8 paragraph 4 of the Securities Trading Act Employee Notification Ordinance.

There are further notification obligations if there are doubts about an employee‘s reliability under the relevant statutory rules. For example, in their initial declaration of reliability under section 24 paragraph 1 No. 1 KWG and section 5b Ordinance on Notifications and Submission of Documents under the KWG, future managing directors and persons acting as sole representatives of credit institutions and financial services institutions must immediately report to BaFin in writing any subsequent changes that may be relevant to their reliability. This applies to all facts that were also relevant for the initial reliability assessment (eg, because an employee was convicted of certain financial crimes). In addition, BaFin must also receive notifications of preliminary proceedings, indictments and convictions of certain financial sector employees according to the Order on Notifications in Criminal Matters.

The CBI expects RFSPs to be open and transparent in their engagement, including concerning compliance with the F&P Standards and the Common Conduct Standards. While early versions of the IAF regulations and related guidance contained an obligation on a RFSP to report to the CBI if disciplinary action had been taken against an individual, the obligation was removed from the latest version of the draft legislation. The Guidance indicated that the CBI would expect that they would have already received relevant details as it provides that firms and persons performing PCF roles are required to report to the CBI where they suspect that a "prescribed contravention" may have occurred for the purposes of the CBI legislative framework and the CBI states that a breach of the Common Conduct Standards and/or Additional Conduct Standards is a "prescribed contravention" for these purposes.

Employers are generally required under German law, regardless of their industry, to exercise a duty of protection regarding their employees. If they become aware of allegations of employee harassment, the employer must investigate and take appropriate steps to either dispel the suspicion (and protect the employee incorrectly accused of harassment) or sanction the perpetrator. As such, many employers have a process or policy in place governing this.

From July 2023, employers must observe the mandatory regulations of the Whistleblower Protection Act, implementing the EU Whistleblower Directive. This regulation applies automatically to many institutions in the financial sector, and beyond that to others based on their number of employees (starting with a headcount of over 50) or by virtue of belonging to the public sector. In corporate groups, multiple employers can set up a joint office to receive reports and conduct further investigations. Public sector employers must, in principle, establish an internal reporting office regardless of the number of employees. In addition, employees will also have the option to report breaches externally. The purpose of the new legislation is to strengthen the protection of whistleblowers and ensure that they do not face any disadvantages within the framework of the legal requirements – including, inter alia, where the whistleblowing concerns matters such as breaches of European law concerning financial services, financial products and financial markets, as well as the prevention of money laundering and terrorist financing.

An office at the Federal Ministry of Justice will be established as the governing body for the new law. In addition, the Federal Antitrust Office and BaFin will be responsible for sanctioning certain breaches under their respective remit (antitrust and financial services, respectively).

Yes. Concerning the prevention of wrongdoing, RFSPs should implement a written protected disclosures/whistleblowing policy that explains the secure and confidential internal and external reporting channels available to workers who wish to report relevant wrongdoings. The anti-retaliation protection should be explained and workers should understand from the policy how a report of relevant wrongdoing will be dealt with by the RFSP.

RFSPs should ensure that they have clear, up-to-date and fully compliant policies governing:

• dignity at work (including anti-harassment and anti-bullying measures); and
• grievance and disciplinary policies.

RFSPs should ensure that employees are trained on the RFSP's dignity at work (anti-bullying and harassment) policies to ensure that the RFSP's values, culture and commitment to preventing harassment and bullying are clear regarding their rights and obligations.

Employment relationships with risk-takers of significant institutions whose annual fixed remuneration exceeds three times the contribution assessment ceiling for general pension insurance can be terminated more easily, in return for a severance payment, even if a unilateral dismissal is not socially justified. For this purpose, the institution needs to file a motion to the labour court to terminate the employment relationship during an ongoing dismissal protection dispute. The court will then terminate the employment relationship and award a severance payment of up to 12 months‘ salary.

Where employers wish to amicably terminate an employment relationship, they will usually offer a termination agreement that provides for a severance payment as consideration for the job loss. Severance payments offered by institutions under the German Banking Act are, in principle, treated as variable remuneration from a regulatory perspective. Unless certain exceptions and privileges apply, this means that severance payments are subject to the regulatory remuneration rules that apply to variable remuneration, meaning that, for example, the bonus cap and ex-post risk adjustment mechanisms of IVV apply (section 5 paragraph 6 sentence 1 IVV). Exceptions are permissible, inter alia, if severance payments are granted in line with the company’s general policy on severance payments, payments to which there is a legal entitlement, and severance payments to be made based on a final judgment or court settlement.

Where possible it is important to try to resolve any outstanding issues that a PCF has or may have before the PCF's contract is terminated. An RFSP is required to give details of the circumstances of a PCF's termination of employment and to confirm whether or not there are outstanding issues regarding the PCF.

It is important to ensure that there are adequate provisions to govern the following in any settlement agreement or termination arrangements:

• adequate handover of operational responsibility;
• continued co-operation on operational matters within the employee's knowledge or in relation to matters that may subsequently be investigated by the CBI;
• secure return of all company property including any personal data; and
• post-termination confidentiality obligations and any other necessary post-termination restrictions.

Post-contractual non-compete obligations will typically only be binding when a severance payment is agreed upon that amounts to at least 50% of the pro-rated annual remuneration that the employee received before the obligation comes into force). It is advisable to regularly review for which roles such arrangements are agreed upon as they can be costly, and a unilateral waiver does not automatically eliminate the obligation to pay compensation, only if sufficient advance notice is given.

In the financial services sector, the severance payment for non-competition covenants is considered variable remuneration and subject to the same regulatory compensation rules (for example, section 5 paragraph 6 sentence 1 IVV, section 6 paragraph 4 No. 2 Investment Firm Remuneration Ordinance). However, severance payments do not have to be factored into the ratio of variable to fixed remuneration according to section 25a paragraph 5 sentences 2 to 5 KWG if, subject to section 74 paragraph 2 of the German Commercial Code, the payments do not exceed the total fixed remuneration originally owed.

No there are no bespoke rules that apply. Post termination restrictions in Ireland are void as being in restraint of trade unless it can be shown that the restrictions are necessary to protect an employer's legitimate proprietary interest and they are proportionate and reasonable in their scope and duration to achieve that protection[i].

[i] Law as of 15 April 2024

Under German law, it is permissible to enter into non-disclosure and confidentiality agreements. In practice, NDAs are usually agreed upon in written or text form, although this is not legally required. If drafted for use in multiple cases, NDAs are subject to a particularly strict test to be effective: they must be transparent and may not unduly burden the employee under General Terms and Conditions legislation. NDAs should, therefore, only relate to very limited and specific information.

In practice, NDAs are difficult to enforce as it is the employer who must prove a culpable breach of contract, as well as damages resulting from such a breach. Employers should, therefore, also use other means to ensure data protection and confidentiality, such as properly defining and protecting business secrets under the Business Secrets Act; and implementing technical and organisational measures to limit access to certain information, which may include sharing information only on a need-to-know basis.

Yes. It is possible to use NDAs in Ireland and it is quite common for them to be used, but there are some limitations on their use and enforceability.

Certain mandatory reporting obligations will override a contractual non-disclosure agreement, such as the requirement for PCFs under section 38(2) of the CBI (Supervision and Enforcement) Act 2013 to disclose certain matters to the CBI.

Further, an NDA cannot extinguish an employee's right to anti-retaliation protection where the employee makes a protected disclosure either internally or externally under the Protected Disclosures Act 2014 - 2022.